Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
2i3Lj7a8Gk.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\2i3Lj7a8Gk.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp760C.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\lyNyKapwZJLKnn.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\lyNyKapwZJLKnn.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\lyNyKapwZJLKnn.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dzpb1503.zrg.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_h142no2g.mzf.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mx0phzgr.my4.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_w00ibzth.cxi.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp8686.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\2i3Lj7a8Gk.exe
|
"C:\Users\user\Desktop\2i3Lj7a8Gk.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\lyNyKapwZJLKnn.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\lyNyKapwZJLKnn" /XML "C:\Users\user\AppData\Local\Temp\tmp760C.tmp"
|
|
|
|
C:\Users\user\Desktop\2i3Lj7a8Gk.exe
|
"C:\Users\user\Desktop\2i3Lj7a8Gk.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\lyNyKapwZJLKnn.exe
|
C:\Users\user\AppData\Roaming\lyNyKapwZJLKnn.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\lyNyKapwZJLKnn" /XML "C:\Users\user\AppData\Local\Temp\tmp8686.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\lyNyKapwZJLKnn.exe
|
"C:\Users\user\AppData\Roaming\lyNyKapwZJLKnn.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\lyNyKapwZJLKnn.exe
|
"C:\Users\user\AppData\Roaming\lyNyKapwZJLKnn.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\lyNyKapwZJLKnn.exe
|
"C:\Users\user\AppData\Roaming\lyNyKapwZJLKnn.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://aborters.duckdns.org:8081
|
unknown
|
|
|
|
http://anotherarmy.dns.army:8081
|
unknown
|
|
|
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:445817%0D%0ADate%20a
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
https://api.telegram.org
|
unknown
|
||
|
https://api.telegram.org/bot
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:445817%0D%0ADate%20and%20Time:%2007/10/2024%20/%2014:46:36%0D%0ACountry%20Name:%20United%20States%0D%0A%5B%20445817%20Clicked%20on%20the%20File%20If%20you%20see%20nothing%20this's%20mean%20the%20system%20storage's%20empty.%20%5D
|
149.154.167.220
|
||
|
https://www.office.com/lB
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=en
|
unknown
|
||
|
http://varders.kozow.com:8081
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://checkip.dyndns.org/
|
132.226.247.73
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=enlB
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://mail.precioustouchfoundation.org
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
||
|
http://precioustouchfoundation.org
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
||
|
https://www.office.com/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33
|
188.114.96.3
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://51.38.247.67:8081/_send_.php?L
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33$
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:445817%0D%0ADate%20and%20Time:%2007/10/2024%20/%2015:26:03%0D%0ACountry%20Name:%20United%20States%0D%0A%5B%20445817%20Clicked%20on%20the%20File%20If%20you%20see%20nothing%20this's%20mean%20the%20system%20storage's%20empty.%20%5D
|
149.154.167.220
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples
|
unknown
|
||
|
http://51.38.247.67:8081/_send_.php?LCapplication/x-www-form-urlencoded
|
unknown
|
There are 44 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
precioustouchfoundation.org
|
68.66.224.41
|
|
|
|
reallyfreegeoip.org
|
188.114.96.3
|
|
|
|
api.telegram.org
|
149.154.167.220
|
|
|
|
241.42.69.40.in-addr.arpa
|
unknown
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
mail.precioustouchfoundation.org
|
unknown
|
|
|
|
checkip.dyndns.com
|
132.226.247.73
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
|
|
|
68.66.224.41
|
precioustouchfoundation.org
|
United States
|
|
|
|
188.114.96.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
132.226.247.73
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\2i3Lj7a8Gk_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\2i3Lj7a8Gk_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\2i3Lj7a8Gk_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\2i3Lj7a8Gk_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\2i3Lj7a8Gk_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\2i3Lj7a8Gk_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\2i3Lj7a8Gk_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\2i3Lj7a8Gk_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\2i3Lj7a8Gk_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\2i3Lj7a8Gk_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\2i3Lj7a8Gk_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\2i3Lj7a8Gk_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\2i3Lj7a8Gk_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\2i3Lj7a8Gk_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lyNyKapwZJLKnn_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lyNyKapwZJLKnn_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lyNyKapwZJLKnn_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lyNyKapwZJLKnn_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lyNyKapwZJLKnn_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lyNyKapwZJLKnn_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lyNyKapwZJLKnn_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lyNyKapwZJLKnn_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lyNyKapwZJLKnn_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lyNyKapwZJLKnn_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lyNyKapwZJLKnn_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lyNyKapwZJLKnn_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lyNyKapwZJLKnn_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\lyNyKapwZJLKnn_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
432A000
|
trusted library allocation
|
page read and write
|
|
|
|
4B97000
|
trusted library allocation
|
page read and write
|
|
|
|
435000
|
remote allocation
|
page execute and read and write
|
|
|
|
3071000
|
trusted library allocation
|
page read and write
|
|
|
|
49FA000
|
trusted library allocation
|
page read and write
|
|
|
|
2B81000
|
trusted library allocation
|
page read and write
|
|
|
|
10F0000
|
trusted library allocation
|
page read and write
|
||
|
6CC0000
|
trusted library allocation
|
page read and write
|
||
|
75BD000
|
stack
|
page read and write
|
||
|
5790000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FA0000
|
trusted library allocation
|
page read and write
|
||
|
419D000
|
trusted library allocation
|
page read and write
|
||
|
12DD000
|
stack
|
page read and write
|
||
|
41A0000
|
trusted library allocation
|
page read and write
|
||
|
E6C000
|
heap
|
page read and write
|
||
|
7025000
|
trusted library allocation
|
page read and write
|
||
|
3530000
|
heap
|
page read and write
|
||
|
54B0000
|
heap
|
page read and write
|
||
|
43F000
|
remote allocation
|
page execute and read and write
|
||
|
4111000
|
trusted library allocation
|
page read and write
|
||
|
6E67000
|
trusted library allocation
|
page read and write
|
||
|
3EFB000
|
trusted library allocation
|
page read and write
|
||
|
30EB000
|
trusted library allocation
|
page read and write
|
||
|
DE8000
|
heap
|
page read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
24E0000
|
heap
|
page read and write
|
||
|
3AD1000
|
trusted library allocation
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
6CDA000
|
trusted library allocation
|
page read and write
|
||
|
1827000
|
heap
|
page read and write
|
||
|
248E000
|
unkown
|
page read and write
|
||
|
5780000
|
heap
|
page read and write
|
||
|
3F27000
|
trusted library allocation
|
page read and write
|
||
|
57B0000
|
trusted library allocation
|
page read and write
|
||
|
5A10000
|
heap
|
page read and write
|
||
|
5161000
|
trusted library allocation
|
page read and write
|
||
|
5501000
|
trusted library allocation
|
page read and write
|
||
|
6DDB000
|
trusted library allocation
|
page read and write
|
||
|
3537000
|
trusted library allocation
|
page read and write
|
||
|
43C4000
|
trusted library allocation
|
page read and write
|
||
|
66FE000
|
stack
|
page read and write
|
||
|
DA0C000
|
stack
|
page read and write
|
||
|
76BF000
|
stack
|
page read and write
|
||
|
573E000
|
stack
|
page read and write
|
||
|
639E000
|
stack
|
page read and write
|
||
|
3EDA000
|
trusted library allocation
|
page read and write
|
||
|
1115000
|
trusted library allocation
|
page execute and read and write
|
||
|
5720000
|
heap
|
page read and write
|
||
|
C68000
|
heap
|
page read and write
|
||
|
2D3D000
|
trusted library allocation
|
page read and write
|
||
|
57A5000
|
heap
|
page read and write
|
||
|
11D4000
|
trusted library allocation
|
page read and write
|
||
|
2440000
|
heap
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
673E000
|
stack
|
page read and write
|
||
|
4119000
|
trusted library allocation
|
page read and write
|
||
|
1326000
|
heap
|
page read and write
|
||
|
1331000
|
heap
|
page read and write
|
||
|
5A20000
|
heap
|
page read and write
|
||
|
1039000
|
stack
|
page read and write
|
||
|
34AC000
|
trusted library allocation
|
page read and write
|
||
|
6B2000
|
unkown
|
page readonly
|
||
|
DC9000
|
stack
|
page read and write
|
||
|
BF9E000
|
stack
|
page read and write
|
||
|
4C0C000
|
stack
|
page read and write
|
||
|
2B78000
|
trusted library allocation
|
page read and write
|
||
|
516E000
|
stack
|
page read and write
|
||
|
3EBF000
|
trusted library allocation
|
page read and write
|
||
|
CEC8000
|
heap
|
page read and write
|
||
|
325F000
|
trusted library allocation
|
page read and write
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
2D9A000
|
trusted library allocation
|
page read and write
|
||
|
3D15000
|
trusted library allocation
|
page read and write
|
||
|
7650000
|
trusted library allocation
|
page read and write
|
||
|
7081000
|
trusted library allocation
|
page read and write
|
||
|
305C000
|
stack
|
page read and write
|
||
|
1422000
|
trusted library allocation
|
page read and write
|
||
|
1420000
|
trusted library allocation
|
page read and write
|
||
|
6D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
1060000
|
trusted library allocation
|
page read and write
|
||
|
685E000
|
stack
|
page read and write
|
||
|
10ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
52F0000
|
heap
|
page read and write
|
||
|
158D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4304000
|
trusted library allocation
|
page read and write
|
||
|
3F18000
|
trusted library allocation
|
page read and write
|
||
|
6A10000
|
trusted library allocation
|
page read and write
|
||
|
2C40000
|
trusted library allocation
|
page read and write
|
||
|
6E40000
|
trusted library allocation
|
page read and write
|
||
|
4306000
|
trusted library allocation
|
page read and write
|
||
|
2D60000
|
trusted library allocation
|
page read and write
|
||
|
3CB6000
|
trusted library allocation
|
page read and write
|
||
|
5000000
|
trusted library allocation
|
page read and write
|
||
|
6960000
|
trusted library allocation
|
page execute and read and write
|
||
|
14EE000
|
stack
|
page read and write
|
||
|
59BE000
|
stack
|
page read and write
|
||
|
6AF0000
|
heap
|
page read and write
|
||
|
4C1C000
|
trusted library allocation
|
page read and write
|
||
|
4F5B000
|
trusted library allocation
|
page read and write
|
||
|
3C72000
|
trusted library allocation
|
page read and write
|
||
|
3205000
|
trusted library allocation
|
page read and write
|
||
|
11AE000
|
stack
|
page read and write
|
||
|
5063000
|
heap
|
page read and write
|
||
|
13BF000
|
stack
|
page read and write
|
||
|
2E5E000
|
stack
|
page read and write
|
||
|
1440000
|
trusted library allocation
|
page read and write
|
||
|
4CBE000
|
stack
|
page read and write
|
||
|
3DF5000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
heap
|
page execute and read and write
|
||
|
1804000
|
trusted library allocation
|
page read and write
|
||
|
733E000
|
stack
|
page read and write
|
||
|
5512000
|
trusted library allocation
|
page read and write
|
||
|
3E52000
|
trusted library allocation
|
page read and write
|
||
|
6DD7000
|
trusted library allocation
|
page read and write
|
||
|
54E0000
|
trusted library allocation
|
page read and write
|
||
|
6BF2000
|
trusted library allocation
|
page read and write
|
||
|
1426000
|
trusted library allocation
|
page execute and read and write
|
||
|
335A000
|
trusted library allocation
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
15A0000
|
heap
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
4395000
|
trusted library allocation
|
page read and write
|
||
|
421000
|
remote allocation
|
page execute and read and write
|
||
|
11F0000
|
trusted library allocation
|
page read and write
|
||
|
353B000
|
heap
|
page read and write
|
||
|
2ED7000
|
trusted library allocation
|
page read and write
|
||
|
54EB000
|
trusted library allocation
|
page read and write
|
||
|
3C51000
|
trusted library allocation
|
page read and write
|
||
|
2F32000
|
trusted library allocation
|
page read and write
|
||
|
144B000
|
trusted library allocation
|
page execute and read and write
|
||
|
425000
|
remote allocation
|
page execute and read and write
|
||
|
17AE000
|
stack
|
page read and write
|
||
|
17F0000
|
trusted library allocation
|
page read and write
|
||
|
6DC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
14AA000
|
heap
|
page read and write
|
||
|
C61E000
|
stack
|
page read and write
|
||
|
6A30000
|
trusted library allocation
|
page execute and read and write
|
||
|
3CB4000
|
trusted library allocation
|
page read and write
|
||
|
43F6000
|
trusted library allocation
|
page read and write
|
||
|
3E6C000
|
trusted library allocation
|
page read and write
|
||
|
6A80000
|
trusted library allocation
|
page read and write
|
||
|
6DF4000
|
trusted library allocation
|
page read and write
|
||
|
5526000
|
trusted library allocation
|
page read and write
|
||
|
629E000
|
stack
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
1740000
|
heap
|
page read and write
|
||
|
42F000
|
remote allocation
|
page execute and read and write
|
||
|
3233000
|
trusted library allocation
|
page read and write
|
||
|
6AFE000
|
stack
|
page read and write
|
||
|
435C000
|
trusted library allocation
|
page read and write
|
||
|
32BC000
|
trusted library allocation
|
page read and write
|
||
|
1092000
|
trusted library allocation
|
page read and write
|
||
|
2F60000
|
trusted library allocation
|
page read and write
|
||
|
3EEE000
|
trusted library allocation
|
page read and write
|
||
|
412B000
|
trusted library allocation
|
page read and write
|
||
|
2C66000
|
trusted library allocation
|
page read and write
|
||
|
57E0000
|
heap
|
page execute and read and write
|
||
|
338B000
|
trusted library allocation
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
42CF000
|
trusted library allocation
|
page read and write
|
||
|
3118000
|
trusted library allocation
|
page read and write
|
||
|
D74E000
|
stack
|
page read and write
|
||
|
54E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
545E000
|
heap
|
page read and write
|
||
|
514C000
|
stack
|
page read and write
|
||
|
5146000
|
trusted library allocation
|
page read and write
|
||
|
3C70000
|
trusted library allocation
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
5610000
|
heap
|
page read and write
|
||
|
3BA9000
|
trusted library allocation
|
page read and write
|
||
|
6D20000
|
trusted library allocation
|
page read and write
|
||
|
D50E000
|
stack
|
page read and write
|
||
|
7360000
|
trusted library section
|
page read and write
|
||
|
1820000
|
heap
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
496A000
|
trusted library allocation
|
page read and write
|
||
|
4341000
|
trusted library allocation
|
page read and write
|
||
|
6A75000
|
trusted library allocation
|
page read and write
|
||
|
3ECA000
|
trusted library allocation
|
page read and write
|
||
|
3C64000
|
trusted library allocation
|
page read and write
|
||
|
1106000
|
trusted library allocation
|
page execute and read and write
|
||
|
3251000
|
trusted library allocation
|
page read and write
|
||
|
6CBE000
|
stack
|
page read and write
|
||
|
5723000
|
heap
|
page read and write
|
||
|
3382000
|
trusted library allocation
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
322E000
|
trusted library allocation
|
page read and write
|
||
|
514B000
|
trusted library allocation
|
page read and write
|
||
|
51D0000
|
heap
|
page read and write
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
4332000
|
trusted library allocation
|
page read and write
|
||
|
2BFB000
|
trusted library allocation
|
page read and write
|
||
|
1137000
|
stack
|
page read and write
|
||
|
3D2D000
|
trusted library allocation
|
page read and write
|
||
|
2E98000
|
trusted library allocation
|
page read and write
|
||
|
2ACE000
|
stack
|
page read and write
|
||
|
6509000
|
heap
|
page read and write
|
||
|
2910000
|
heap
|
page read and write
|
||
|
142A000
|
trusted library allocation
|
page execute and read and write
|
||
|
53ED000
|
stack
|
page read and write
|
||
|
3E04000
|
trusted library allocation
|
page read and write
|
||
|
C8DB000
|
stack
|
page read and write
|
||
|
54CA000
|
trusted library allocation
|
page read and write
|
||
|
6D60000
|
trusted library allocation
|
page execute and read and write
|
||
|
1473000
|
heap
|
page read and write
|
||
|
77B0000
|
trusted library section
|
page read and write
|
||
|
77C000
|
unkown
|
page readonly
|
||
|
43C000
|
remote allocation
|
page execute and read and write
|
||
|
6D50000
|
trusted library allocation
|
page execute and read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
30E3000
|
trusted library allocation
|
page read and write
|
||
|
43EB000
|
trusted library allocation
|
page read and write
|
||
|
1160000
|
trusted library allocation
|
page read and write
|
||
|
109B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A97000
|
trusted library allocation
|
page read and write
|
||
|
1140000
|
trusted library allocation
|
page read and write
|
||
|
68D9000
|
heap
|
page read and write
|
||
|
55AE000
|
trusted library allocation
|
page read and write
|
||
|
D60F000
|
stack
|
page read and write
|
||
|
1447000
|
trusted library allocation
|
page execute and read and write
|
||
|
3EA5000
|
trusted library allocation
|
page read and write
|
||
|
4B0B000
|
stack
|
page read and write
|
||
|
54FE000
|
trusted library allocation
|
page read and write
|
||
|
C79E000
|
stack
|
page read and write
|
||
|
3E54000
|
trusted library allocation
|
page read and write
|
||
|
D9CF000
|
stack
|
page read and write
|
||
|
5060000
|
heap
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
17ED000
|
stack
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
1117000
|
trusted library allocation
|
page execute and read and write
|
||
|
747E000
|
stack
|
page read and write
|
||
|
30E7000
|
trusted library allocation
|
page read and write
|
||
|
76D0000
|
trusted library allocation
|
page read and write
|
||
|
3179000
|
trusted library allocation
|
page read and write
|
||
|
C88000
|
heap
|
page read and write
|
||
|
C0EB000
|
heap
|
page read and write
|
||
|
5524000
|
trusted library allocation
|
page read and write
|
||
|
108A000
|
trusted library allocation
|
page execute and read and write
|
||
|
6545000
|
heap
|
page read and write
|
||
|
1112000
|
trusted library allocation
|
page read and write
|
||
|
16C2000
|
trusted library allocation
|
page read and write
|
||
|
55B6000
|
trusted library allocation
|
page read and write
|
||
|
3EB9000
|
trusted library allocation
|
page read and write
|
||
|
6E00000
|
trusted library allocation
|
page execute and read and write
|
||
|
57C5000
|
trusted library allocation
|
page read and write
|
||
|
347E000
|
trusted library allocation
|
page read and write
|
||
|
6AA0000
|
trusted library allocation
|
page read and write
|
||
|
D2BE000
|
stack
|
page read and write
|
||
|
172E000
|
stack
|
page read and write
|
||
|
3F02000
|
trusted library allocation
|
page read and write
|
||
|
5CC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3EC6000
|
trusted library allocation
|
page read and write
|
||
|
54E6000
|
trusted library allocation
|
page read and write
|
||
|
6CF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4162000
|
trusted library allocation
|
page read and write
|
||
|
1488000
|
heap
|
page read and write
|
||
|
42F8000
|
trusted library allocation
|
page read and write
|
||
|
3075000
|
trusted library allocation
|
page read and write
|
||
|
3E16000
|
trusted library allocation
|
page read and write
|
||
|
2FBC000
|
trusted library allocation
|
page read and write
|
||
|
4256000
|
trusted library allocation
|
page read and write
|
||
|
4205000
|
trusted library allocation
|
page read and write
|
||
|
2B70000
|
heap
|
page execute and read and write
|
||
|
11C5000
|
heap
|
page read and write
|
||
|
125E000
|
stack
|
page read and write
|
||
|
695E000
|
stack
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
2D68000
|
trusted library allocation
|
page read and write
|
||
|
D0BE000
|
stack
|
page read and write
|
||
|
524B000
|
stack
|
page read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
152E000
|
stack
|
page read and write
|
||
|
42FA000
|
trusted library allocation
|
page read and write
|
||
|
2BF3000
|
trusted library allocation
|
page read and write
|
||
|
3C9E000
|
trusted library allocation
|
page read and write
|
||
|
3AD9000
|
trusted library allocation
|
page read and write
|
||
|
55DE000
|
stack
|
page read and write
|
||
|
D1BE000
|
stack
|
page read and write
|
||
|
1064000
|
trusted library allocation
|
page read and write
|
||
|
4300000
|
trusted library allocation
|
page read and write
|
||
|
412F000
|
trusted library allocation
|
page read and write
|
||
|
2C38000
|
trusted library allocation
|
page read and write
|
||
|
4156000
|
trusted library allocation
|
page read and write
|
||
|
39A000
|
stack
|
page read and write
|
||
|
41A4000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
2BF7000
|
trusted library allocation
|
page read and write
|
||
|
1090000
|
trusted library allocation
|
page read and write
|
||
|
3128000
|
trusted library allocation
|
page read and write
|
||
|
C9DC000
|
stack
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
661E000
|
stack
|
page read and write
|
||
|
2F05000
|
trusted library allocation
|
page read and write
|
||
|
559B000
|
trusted library allocation
|
page read and write
|
||
|
4150000
|
trusted library allocation
|
page read and write
|
||
|
5470000
|
heap
|
page read and write
|
||
|
3046000
|
trusted library allocation
|
page read and write
|
||
|
780E000
|
stack
|
page read and write
|
||
|
3CD5000
|
trusted library allocation
|
page read and write
|
||
|
2C28000
|
trusted library allocation
|
page read and write
|
||
|
3C90000
|
trusted library allocation
|
page read and write
|
||
|
5880000
|
trusted library allocation
|
page read and write
|
||
|
422000
|
remote allocation
|
page execute and read and write
|
||
|
3C74000
|
trusted library allocation
|
page read and write
|
||
|
1130000
|
trusted library allocation
|
page read and write
|
||
|
1403000
|
trusted library allocation
|
page execute and read and write
|
||
|
58A0000
|
trusted library allocation
|
page read and write
|
||
|
41C5000
|
trusted library allocation
|
page read and write
|
||
|
3154000
|
trusted library allocation
|
page read and write
|
||
|
343F000
|
unkown
|
page read and write
|
||
|
3E18000
|
trusted library allocation
|
page read and write
|
||
|
57A0000
|
heap
|
page read and write
|
||
|
CEC0000
|
heap
|
page read and write
|
||
|
3E0A000
|
trusted library allocation
|
page read and write
|
||
|
1445000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E34000
|
trusted library allocation
|
page read and write
|
||
|
167E000
|
stack
|
page read and write
|
||
|
3440000
|
heap
|
page read and write
|
||
|
111B000
|
trusted library allocation
|
page execute and read and write
|
||
|
12F8000
|
heap
|
page read and write
|
||
|
9A35000
|
trusted library allocation
|
page read and write
|
||
|
3E77000
|
trusted library allocation
|
page read and write
|
||
|
3CAD000
|
trusted library allocation
|
page read and write
|
||
|
33C8000
|
trusted library allocation
|
page read and write
|
||
|
681E000
|
stack
|
page read and write
|
||
|
A3A000
|
stack
|
page read and write
|
||
|
3F1F000
|
trusted library allocation
|
page read and write
|
||
|
54F2000
|
trusted library allocation
|
page read and write
|
||
|
42D3000
|
trusted library allocation
|
page read and write
|
||
|
C89E000
|
stack
|
page read and write
|
||
|
2AD8000
|
trusted library allocation
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
1580000
|
trusted library allocation
|
page read and write
|
||
|
6B10000
|
heap
|
page read and write
|
||
|
32E0000
|
heap
|
page read and write
|
||
|
665F000
|
stack
|
page read and write
|
||
|
7130000
|
heap
|
page read and write
|
||
|
16BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
446000
|
remote allocation
|
page execute and read and write
|
||
|
1097000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E45000
|
trusted library allocation
|
page read and write
|
||
|
3163000
|
trusted library allocation
|
page read and write
|
||
|
30C1000
|
trusted library allocation
|
page read and write
|
||
|
5050000
|
trusted library section
|
page readonly
|
||
|
34DF000
|
stack
|
page read and write
|
||
|
30DB000
|
trusted library allocation
|
page read and write
|
||
|
516D000
|
trusted library allocation
|
page read and write
|
||
|
3165000
|
trusted library allocation
|
page read and write
|
||
|
9FA000
|
stack
|
page read and write
|
||
|
156D000
|
heap
|
page read and write
|
||
|
3111000
|
trusted library allocation
|
page read and write
|
||
|
6CD6000
|
trusted library allocation
|
page read and write
|
||
|
743E000
|
stack
|
page read and write
|
||
|
436000
|
remote allocation
|
page execute and read and write
|
||
|
16CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
C3DE000
|
stack
|
page read and write
|
||
|
3DE3000
|
trusted library allocation
|
page read and write
|
||
|
1082000
|
trusted library allocation
|
page read and write
|
||
|
2D42000
|
trusted library allocation
|
page read and write
|
||
|
5520000
|
heap
|
page read and write
|
||
|
3257000
|
trusted library allocation
|
page read and write
|
||
|
3255000
|
trusted library allocation
|
page read and write
|
||
|
5520000
|
trusted library allocation
|
page read and write
|
||
|
3DE5000
|
trusted library allocation
|
page read and write
|
||
|
5714000
|
trusted library section
|
page readonly
|
||
|
141D000
|
trusted library allocation
|
page execute and read and write
|
||
|
DDB000
|
heap
|
page read and write
|
||
|
743E000
|
stack
|
page read and write
|
||
|
B37000
|
stack
|
page read and write
|
||
|
2E69000
|
trusted library allocation
|
page read and write
|
||
|
2C30000
|
trusted library allocation
|
page read and write
|
||
|
4B11000
|
trusted library allocation
|
page read and write
|
||
|
5770000
|
heap
|
page read and write
|
||
|
10FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D66000
|
trusted library allocation
|
page read and write
|
||
|
6BD0000
|
trusted library allocation
|
page read and write
|
||
|
1102000
|
trusted library allocation
|
page read and write
|
||
|
2D37000
|
trusted library allocation
|
page read and write
|
||
|
5415000
|
heap
|
page read and write
|
||
|
2F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
6990000
|
trusted library allocation
|
page execute and read and write
|
||
|
3490000
|
heap
|
page read and write
|
||
|
C2A0000
|
heap
|
page read and write
|
||
|
1318000
|
heap
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
679E000
|
stack
|
page read and write
|
||
|
3C66000
|
trusted library allocation
|
page read and write
|
||
|
3DDF000
|
trusted library allocation
|
page read and write
|
||
|
B75000
|
heap
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
6B7F000
|
stack
|
page read and write
|
||
|
4FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1177000
|
heap
|
page read and write
|
||
|
4344000
|
trusted library allocation
|
page read and write
|
||
|
5400000
|
trusted library allocation
|
page read and write
|
||
|
515E000
|
trusted library allocation
|
page read and write
|
||
|
5570000
|
heap
|
page execute and read and write
|
||
|
41BD000
|
trusted library allocation
|
page read and write
|
||
|
69FE000
|
stack
|
page read and write
|
||
|
76AE000
|
stack
|
page read and write
|
||
|
3E10000
|
trusted library allocation
|
page read and write
|
||
|
63DE000
|
stack
|
page read and write
|
||
|
3F06000
|
trusted library allocation
|
page read and write
|
||
|
55BD000
|
trusted library allocation
|
page read and write
|
||
|
3120000
|
trusted library allocation
|
page read and write
|
||
|
3BEB000
|
trusted library allocation
|
page read and write
|
||
|
3E42000
|
trusted library allocation
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
C0A1000
|
heap
|
page read and write
|
||
|
3E14000
|
trusted library allocation
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
1442000
|
trusted library allocation
|
page read and write
|
||
|
CF7000
|
stack
|
page read and write
|
||
|
4F76000
|
trusted library allocation
|
page read and write
|
||
|
4F7D000
|
trusted library allocation
|
page read and write
|
||
|
6DE0000
|
trusted library allocation
|
page read and write
|
||
|
3CCD000
|
trusted library allocation
|
page read and write
|
||
|
16E0000
|
trusted library allocation
|
page read and write
|
||
|
430000
|
remote allocation
|
page execute and read and write
|
||
|
3110000
|
trusted library allocation
|
page read and write
|
||
|
41B6000
|
trusted library allocation
|
page read and write
|
||
|
5430000
|
heap
|
page read and write
|
||
|
3C6C000
|
trusted library allocation
|
page read and write
|
||
|
EBE000
|
stack
|
page read and write
|
||
|
514C000
|
stack
|
page read and write
|
||
|
1120000
|
trusted library allocation
|
page read and write
|
||
|
5CD0000
|
trusted library allocation
|
page read and write
|
||
|
6DD0000
|
trusted library allocation
|
page read and write
|
||
|
6513000
|
heap
|
page read and write
|
||
|
51E0000
|
heap
|
page read and write
|
||
|
3565000
|
trusted library allocation
|
page read and write
|
||
|
514E000
|
trusted library allocation
|
page read and write
|
||
|
2FEA000
|
trusted library allocation
|
page read and write
|
||
|
4CA2000
|
trusted library allocation
|
page read and write
|
||
|
28D0000
|
heap
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
440F000
|
trusted library allocation
|
page read and write
|
||
|
5420000
|
heap
|
page read and write
|
||
|
5300000
|
heap
|
page read and write
|
||
|
5680000
|
heap
|
page read and write
|
||
|
4160000
|
trusted library allocation
|
page read and write
|
||
|
16B2000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
trusted library allocation
|
page read and write
|
||
|
1523000
|
heap
|
page read and write
|
||
|
43C7000
|
trusted library allocation
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
683F000
|
stack
|
page read and write
|
||
|
30D8000
|
trusted library allocation
|
page read and write
|
||
|
5530000
|
trusted library allocation
|
page read and write
|
||
|
140D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5640000
|
trusted library allocation
|
page read and write
|
||
|
35D000
|
stack
|
page read and write
|
||
|
2D33000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
2C20000
|
trusted library allocation
|
page read and write
|
||
|
4F71000
|
trusted library allocation
|
page read and write
|
||
|
3226000
|
trusted library allocation
|
page read and write
|
||
|
4099000
|
trusted library allocation
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
5474000
|
heap
|
page read and write
|
||
|
6A46000
|
trusted library allocation
|
page read and write
|
||
|
3C58000
|
trusted library allocation
|
page read and write
|
||
|
EF5000
|
heap
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
323D000
|
stack
|
page read and write
|
||
|
76C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1086000
|
trusted library allocation
|
page execute and read and write
|
||
|
1333000
|
heap
|
page read and write
|
||
|
1806000
|
trusted library allocation
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
42E5000
|
trusted library allocation
|
page read and write
|
||
|
14B6000
|
heap
|
page read and write
|
||
|
CEDB000
|
heap
|
page read and write
|
||
|
54C6000
|
trusted library allocation
|
page read and write
|
||
|
D2D0000
|
heap
|
page read and write
|
||
|
42D5000
|
trusted library allocation
|
page read and write
|
||
|
33FE000
|
unkown
|
page read and write
|
||
|
2C3C000
|
trusted library allocation
|
page read and write
|
||
|
43E000
|
remote allocation
|
page execute and read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
3ED7000
|
trusted library allocation
|
page read and write
|
||
|
2C24000
|
trusted library allocation
|
page read and write
|
||
|
515A000
|
trusted library allocation
|
page read and write
|
||
|
51DD000
|
stack
|
page read and write
|
||
|
3C60000
|
trusted library allocation
|
page read and write
|
||
|
4180000
|
trusted library allocation
|
page read and write
|
||
|
3423000
|
trusted library allocation
|
page read and write
|
||
|
6E60000
|
trusted library allocation
|
page read and write
|
||
|
4131000
|
trusted library allocation
|
page read and write
|
||
|
30E0000
|
trusted library allocation
|
page read and write
|
||
|
3018000
|
trusted library allocation
|
page read and write
|
||
|
64E0000
|
heap
|
page read and write
|
||
|
52F3000
|
heap
|
page read and write
|
||
|
3509000
|
trusted library allocation
|
page read and write
|
||
|
6D40000
|
trusted library allocation
|
page execute and read and write
|
||
|
CFB000
|
heap
|
page read and write
|
||
|
33F5000
|
trusted library allocation
|
page read and write
|
||
|
69A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DCB000
|
trusted library allocation
|
page read and write
|
||
|
6CED000
|
trusted library allocation
|
page read and write
|
||
|
5A0E000
|
stack
|
page read and write
|
||
|
41A6000
|
trusted library allocation
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
2AD0000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
5B90000
|
heap
|
page read and write
|
||
|
5590000
|
trusted library allocation
|
page read and write
|
||
|
550D000
|
trusted library allocation
|
page read and write
|
||
|
3C41000
|
trusted library allocation
|
page read and write
|
||
|
6D30000
|
trusted library allocation
|
page execute and read and write
|
||
|
3373000
|
trusted library allocation
|
page read and write
|
||
|
D8CE000
|
stack
|
page read and write
|
||
|
C65E000
|
stack
|
page read and write
|
||
|
55D0000
|
trusted library allocation
|
page read and write
|
||
|
24CF000
|
unkown
|
page read and write
|
||
|
4148000
|
trusted library allocation
|
page read and write
|
||
|
4A8B000
|
trusted library allocation
|
page read and write
|
||
|
9A3F000
|
trusted library allocation
|
page read and write
|
||
|
1063000
|
trusted library allocation
|
page execute and read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
16AF000
|
stack
|
page read and write
|
||
|
9A30000
|
trusted library allocation
|
page read and write
|
||
|
EFE000
|
stack
|
page read and write
|
||
|
437000
|
remote allocation
|
page execute and read and write
|
||
|
6A24000
|
trusted library allocation
|
page read and write
|
||
|
55B1000
|
trusted library allocation
|
page read and write
|
||
|
426000
|
remote allocation
|
page execute and read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
65FE000
|
stack
|
page read and write
|
||
|
407B000
|
trusted library allocation
|
page read and write
|
||
|
16C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
6980000
|
trusted library allocation
|
page execute and read and write
|
||
|
16B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
6FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
106D000
|
trusted library allocation
|
page execute and read and write
|
||
|
152F000
|
heap
|
page read and write
|
||
|
6B0000
|
unkown
|
page readonly
|
||
|
67DE000
|
stack
|
page read and write
|
||
|
30D0000
|
trusted library allocation
|
page read and write
|
||
|
5166000
|
trusted library allocation
|
page read and write
|
||
|
3124000
|
trusted library allocation
|
page read and write
|
||
|
757F000
|
stack
|
page read and write
|
||
|
7090000
|
trusted library allocation
|
page execute and read and write
|
||
|
51F0000
|
heap
|
page read and write
|
||
|
77AE000
|
stack
|
page read and write
|
||
|
576B000
|
stack
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
327A000
|
stack
|
page read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
12B5000
|
heap
|
page read and write
|
||
|
D48000
|
heap
|
page read and write
|
||
|
34DA000
|
trusted library allocation
|
page read and write
|
||
|
C6E000
|
heap
|
page read and write
|
||
|
6CD4000
|
trusted library allocation
|
page read and write
|
||
|
5890000
|
trusted library allocation
|
page execute and read and write
|
||
|
43F8000
|
trusted library allocation
|
page read and write
|
||
|
4093000
|
trusted library allocation
|
page read and write
|
||
|
1526000
|
heap
|
page read and write
|
||
|
3450000
|
trusted library allocation
|
page read and write
|
||
|
4BBC000
|
stack
|
page read and write
|
||
|
24D0000
|
heap
|
page read and write
|
||
|
3CC6000
|
trusted library allocation
|
page read and write
|
||
|
68E8000
|
heap
|
page read and write
|
||
|
4164000
|
trusted library allocation
|
page read and write
|
||
|
3EE2000
|
trusted library allocation
|
page read and write
|
||
|
291B000
|
heap
|
page read and write
|
||
|
2D1E000
|
trusted library allocation
|
page read and write
|
||
|
3D72000
|
trusted library allocation
|
page read and write
|
||
|
69BE000
|
stack
|
page read and write
|
||
|
4151000
|
trusted library allocation
|
page read and write
|
||
|
2D64000
|
trusted library allocation
|
page read and write
|
||
|
E6F000
|
heap
|
page read and write
|
||
|
DB0C000
|
stack
|
page read and write
|
||
|
6B3E000
|
stack
|
page read and write
|
||
|
64DE000
|
stack
|
page read and write
|
||
|
4F54000
|
trusted library allocation
|
page read and write
|
||
|
6AB0000
|
trusted library allocation
|
page read and write
|
||
|
5506000
|
trusted library allocation
|
page read and write
|
||
|
43B000
|
remote allocation
|
page execute and read and write
|
||
|
3259000
|
trusted library allocation
|
page read and write
|
||
|
4367000
|
trusted library allocation
|
page read and write
|
||
|
2C34000
|
trusted library allocation
|
page read and write
|
||
|
3E75000
|
trusted library allocation
|
page read and write
|
||
|
972A000
|
trusted library allocation
|
page read and write
|
||
|
C09F000
|
stack
|
page read and write
|
||
|
1730000
|
trusted library allocation
|
page execute and read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
5020000
|
trusted library allocation
|
page read and write
|
||
|
4F80000
|
trusted library allocation
|
page read and write
|
||
|
54C4000
|
trusted library allocation
|
page read and write
|
||
|
D88F000
|
stack
|
page read and write
|
||
|
4154000
|
trusted library allocation
|
page read and write
|
||
|
2BEA000
|
trusted library allocation
|
page read and write
|
||
|
438000
|
remote allocation
|
page execute and read and write
|
||
|
348E000
|
stack
|
page read and write
|
||
|
1404000
|
trusted library allocation
|
page read and write
|
||
|
C75F000
|
stack
|
page read and write
|
||
|
CA3000
|
heap
|
page read and write
|
||
|
16C0000
|
trusted library allocation
|
page read and write
|
||
|
3CB0000
|
trusted library allocation
|
page read and write
|
||
|
10FE000
|
stack
|
page read and write
|
||
|
3264000
|
trusted library allocation
|
page read and write
|
||
|
107D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7010000
|
trusted library allocation
|
page read and write
|
||
|
4308000
|
trusted library allocation
|
page read and write
|
||
|
43CA000
|
trusted library allocation
|
page read and write
|
||
|
10F7000
|
stack
|
page read and write
|
||
|
3D36000
|
trusted library allocation
|
page read and write
|
||
|
4141000
|
trusted library allocation
|
page read and write
|
||
|
6A00000
|
trusted library allocation
|
page read and write
|
||
|
159D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3228000
|
trusted library allocation
|
page read and write
|
||
|
D78E000
|
stack
|
page read and write
|
||
|
3B81000
|
trusted library allocation
|
page read and write
|
||
|
68F0000
|
heap
|
page read and write
|
||
|
54DD000
|
trusted library allocation
|
page read and write
|
||
|
6840000
|
heap
|
page read and write
|
||
|
6E70000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page read and write
|
||
|
1584000
|
trusted library allocation
|
page read and write
|
||
|
1150000
|
trusted library allocation
|
page read and write
|
||
|
747D000
|
stack
|
page read and write
|
||
|
2D73000
|
trusted library allocation
|
page read and write
|
||
|
3157000
|
trusted library allocation
|
page read and write
|
||
|
5140000
|
trusted library allocation
|
page read and write
|
||
|
2BDD000
|
trusted library allocation
|
page read and write
|
||
|
12FE000
|
heap
|
page read and write
|
||
|
427A000
|
trusted library allocation
|
page read and write
|
||
|
2D44000
|
trusted library allocation
|
page read and write
|
||
|
5540000
|
trusted library allocation
|
page read and write
|
||
|
2C89000
|
trusted library allocation
|
page read and write
|
||
|
5630000
|
trusted library allocation
|
page read and write
|
||
|
434000
|
remote allocation
|
page execute and read and write
|
||
|
43D2000
|
trusted library allocation
|
page read and write
|
||
|
2DFB000
|
trusted library allocation
|
page read and write
|
||
|
110A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3114000
|
trusted library allocation
|
page read and write
|
||
|
54EE000
|
trusted library allocation
|
page read and write
|
||
|
43DE000
|
trusted library allocation
|
page read and write
|
||
|
4417000
|
trusted library allocation
|
page read and write
|
||
|
D64E000
|
stack
|
page read and write
|
||
|
301E000
|
stack
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
1583000
|
trusted library allocation
|
page execute and read and write
|
||
|
1150000
|
trusted library allocation
|
page read and write
|
||
|
5594000
|
trusted library allocation
|
page read and write
|
||
|
D2C0000
|
heap
|
page read and write
|
||
|
3E08000
|
trusted library allocation
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
54FA000
|
trusted library allocation
|
page read and write
|
||
|
6CE0000
|
trusted library allocation
|
page read and write
|
||
|
328B000
|
trusted library allocation
|
page read and write
|
||
|
6A90000
|
trusted library allocation
|
page read and write
|
||
|
6970000
|
trusted library allocation
|
page execute and read and write
|
||
|
1800000
|
trusted library allocation
|
page read and write
|
||
|
43B6000
|
trusted library allocation
|
page read and write
|
||
|
6A70000
|
trusted library allocation
|
page read and write
|
||
|
3D8A000
|
trusted library allocation
|
page read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
6EC0000
|
heap
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
4226000
|
trusted library allocation
|
page read and write
|
||
|
4262000
|
trusted library allocation
|
page read and write
|
||
|
2C2C000
|
trusted library allocation
|
page read and write
|
||
|
706D000
|
stack
|
page read and write
|
||
|
2D58000
|
trusted library allocation
|
page read and write
|
||
|
1369000
|
heap
|
page read and write
|
||
|
5710000
|
trusted library section
|
page readonly
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
415C000
|
trusted library allocation
|
page read and write
|
||
|
697D000
|
stack
|
page read and write
|
||
|
43F2000
|
trusted library allocation
|
page read and write
|
||
|
C51E000
|
stack
|
page read and write
|
||
|
4139000
|
trusted library allocation
|
page read and write
|
||
|
3ED4000
|
trusted library allocation
|
page read and write
|
||
|
42EC000
|
trusted library allocation
|
page read and write
|
||
|
5646000
|
trusted library allocation
|
page read and write
|
||
|
3100000
|
heap
|
page execute and read and write
|
||
|
4408000
|
trusted library allocation
|
page read and write
|
||
|
2BE8000
|
trusted library allocation
|
page read and write
|
||
|
3C3B000
|
trusted library allocation
|
page read and write
|
||
|
43BA000
|
trusted library allocation
|
page read and write
|
||
|
4365000
|
trusted library allocation
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
5620000
|
trusted library allocation
|
page execute and read and write
|
||
|
2928000
|
trusted library allocation
|
page read and write
|
||
|
4228000
|
trusted library allocation
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
6E80000
|
trusted library allocation
|
page read and write
|
||
|
6D00000
|
trusted library allocation
|
page read and write
|
||
|
6CE6000
|
trusted library allocation
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
6E50000
|
trusted library allocation
|
page read and write
|
||
|
4F6E000
|
trusted library allocation
|
page read and write
|
||
|
311C000
|
trusted library allocation
|
page read and write
|
||
|
6CE8000
|
trusted library allocation
|
page read and write
|
||
|
5010000
|
heap
|
page execute and read and write
|
||
|
54F0000
|
heap
|
page execute and read and write
|
||
|
4FE0000
|
heap
|
page read and write
|
||
|
43A9000
|
trusted library allocation
|
page read and write
|
||
|
1050000
|
trusted library allocation
|
page read and write
|
||
|
6BBE000
|
stack
|
page read and write
|
||
|
5410000
|
heap
|
page read and write
|
||
|
10E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
320F000
|
trusted library allocation
|
page read and write
|
||
|
12AE000
|
stack
|
page read and write
|
||
|
3C3F000
|
trusted library allocation
|
page read and write
|
||
|
2F8E000
|
trusted library allocation
|
page read and write
|
||
|
2D35000
|
trusted library allocation
|
page read and write
|
||
|
2BD1000
|
trusted library allocation
|
page read and write
|
||
|
3F08000
|
trusted library allocation
|
page read and write
|
||
|
790E000
|
stack
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
4324000
|
trusted library allocation
|
page read and write
|
||
|
5172000
|
trusted library allocation
|
page read and write
|
||
|
30CE000
|
stack
|
page read and write
|
||
|
3D38000
|
trusted library allocation
|
page read and write
|
||
|
D39000
|
heap
|
page read and write
|
||
|
669E000
|
stack
|
page read and write
|
||
|
431000
|
remote allocation
|
page execute and read and write
|
||
|
7020000
|
trusted library allocation
|
page read and write
|
||
|
2D6E000
|
trusted library allocation
|
page read and write
|
||
|
2D66000
|
trusted library allocation
|
page read and write
|
||
|
5026000
|
trusted library allocation
|
page read and write
|
||
|
2D14000
|
trusted library allocation
|
page read and write
|
||
|
6AD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5900000
|
heap
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page execute and read and write
|
||
|
1590000
|
trusted library allocation
|
page read and write
|
||
|
3DFC000
|
trusted library allocation
|
page read and write
|
||
|
6A72000
|
trusted library allocation
|
page read and write
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
418E000
|
trusted library allocation
|
page read and write
|
||
|
68B3000
|
heap
|
page read and write
|
||
|
13A7000
|
heap
|
page read and write
|
||
|
2ACE000
|
stack
|
page read and write
|
||
|
1400000
|
trusted library allocation
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
53F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
439000
|
remote allocation
|
page execute and read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
57C0000
|
trusted library allocation
|
page read and write
|
||
|
40DA000
|
trusted library allocation
|
page read and write
|
||
|
30CD000
|
trusted library allocation
|
page read and write
|
||
|
1810000
|
trusted library allocation
|
page read and write
|
||
|
651E000
|
heap
|
page read and write
|
||
|
2AD1000
|
trusted library allocation
|
page read and write
|
||
|
2E68000
|
trusted library allocation
|
page read and write
|
||
|
1460000
|
trusted library allocation
|
page read and write
|
||
|
42F4000
|
trusted library allocation
|
page read and write
|
||
|
43AF000
|
trusted library allocation
|
page read and write
|
||
|
312C000
|
trusted library allocation
|
page read and write
|
||
|
427000
|
remote allocation
|
page execute and read and write
|
||
|
421D000
|
trusted library allocation
|
page read and write
|
||
|
C4DE000
|
stack
|
page read and write
|
||
|
4071000
|
trusted library allocation
|
page read and write
|
||
|
1140000
|
trusted library allocation
|
page execute and read and write
|
||
|
10E4000
|
trusted library allocation
|
page read and write
|
||
|
29C0000
|
heap
|
page execute and read and write
|
||
|
DBE000
|
stack
|
page read and write
|
||
|
6EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
32EC000
|
trusted library allocation
|
page read and write
|
There are 756 hidden memdumps, click here to show them.