Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
T6l6gPxwQU.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\Public\Details.au3
|
Unicode text, UTF-8 (with BOM) text, with very long lines (1266)
|
dropped
|
|
|
|
C:\Users\Public\InformationCheck.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\ProfileDetails.ps1
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\WordGenius Technologies\SwiftWrite.js
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\WordGenius Technologies\SwiftWrite.pif
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SwiftWrite.url
|
MS Windows 95 Internet shortcut text (URL=<"C:\Users\user\AppData\Local\WordGenius Technologies\SwiftWrite.js" >), ASCII
text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mibvk1qm.s2r.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_y1b04zgn.l2d.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\WordGenius Technologies\G
|
ASCII text, with very long lines (1266)
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\T6l6gPxwQU.exe
|
"C:\Users\user\Desktop\T6l6gPxwQU.exe"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -ExecutionPolicy Bypass -File "C:\Users\Public\ProfileDetails.ps1"
|
|
|
|
C:\Users\Public\InformationCheck.exe
|
"C:\Users\Public\InformationCheck.exe" C:\Users\Public\Details.au3
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /k echo [InternetShortcut] > "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SwiftWrite.url"
& echo URL="C:\Users\user\AppData\Local\WordGenius Technologies\SwiftWrite.js" >> "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Startup\SwiftWrite.url" & exit
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Local\WordGenius Technologies\SwiftWrite.js"
|
|
|
|
C:\Users\user\AppData\Local\WordGenius Technologies\SwiftWrite.pif
|
"C:\Users\user\AppData\Local\WordGenius Technologies\SwiftWrite.pif" "C:\Users\user\AppData\Local\WordGenius Technologies\G"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.autoitscript.com/autoit3/J
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://oneget.orgX
|
unknown
|
||
|
https://my.cloHJ
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://my.cloudme.com
|
unknown
|
||
|
https://my.cloudme.com/v1/ws2/:stream2/:small/small.txt
|
83.140.241.4
|
||
|
https://www.autoitscript.com/autoit3/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://my.cloudme.com
|
unknown
|
||
|
https://oneget.org
|
unknown
|
There are 10 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
my.cloudme.com
|
83.140.241.4
|
||
|
nbhkmKSQnaDrIkubbvvLMhHdgigs.nbhkmKSQnaDrIkubbvvLMhHdgigs
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
83.140.241.4
|
my.cloudme.com
|
Sweden
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
|
JScriptSetScriptStateStarted
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
There are 6 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
45DC000
|
heap
|
page read and write
|
||
|
7FFD9B776000
|
trusted library allocation
|
page read and write
|
||
|
45D2000
|
heap
|
page read and write
|
||
|
400C000
|
heap
|
page read and write
|
||
|
2BB10BAE000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
4C57000
|
heap
|
page read and write
|
||
|
202FE646000
|
heap
|
page read and write
|
||
|
4B36000
|
heap
|
page read and write
|
||
|
202FE663000
|
heap
|
page read and write
|
||
|
4862000
|
heap
|
page read and write
|
||
|
4994000
|
heap
|
page read and write
|
||
|
2BB73AE0000
|
heap
|
page read and write
|
||
|
AF4000
|
heap
|
page read and write
|
||
|
202FEDA0000
|
heap
|
page read and write
|
||
|
7FF6BB20A000
|
unkown
|
page write copy
|
||
|
202FEEA0000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
2BB738EA000
|
heap
|
page read and write
|
||
|
202FE769000
|
heap
|
page read and write
|
||
|
7FF6BB1D5000
|
unkown
|
page readonly
|
||
|
7FFD9B77C000
|
trusted library allocation
|
page execute and read and write
|
||
|
202FF5DA000
|
heap
|
page read and write
|
||
|
2B3896B2000
|
heap
|
page read and write
|
||
|
413C000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
2BB73AB8000
|
heap
|
page read and write
|
||
|
3834000
|
heap
|
page read and write
|
||
|
2BB730B0000
|
heap
|
page read and write
|
||
|
202FE7D4000
|
heap
|
page read and write
|
||
|
2BB73AE3000
|
heap
|
page read and write
|
||
|
202FF3F4000
|
heap
|
page read and write
|
||
|
3A79000
|
heap
|
page read and write
|
||
|
3C40000
|
heap
|
page read and write
|
||
|
3FA6000
|
heap
|
page read and write
|
||
|
446C000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
5941000
|
heap
|
page read and write
|
||
|
AF4000
|
heap
|
page read and write
|
||
|
393C000
|
heap
|
page read and write
|
||
|
4D9D000
|
heap
|
page read and write
|
||
|
1FC0000
|
trusted library allocation
|
page read and write
|
||
|
202FE600000
|
heap
|
page read and write
|
||
|
202FF475000
|
heap
|
page read and write
|
||
|
46C4000
|
heap
|
page read and write
|
||
|
11C5000
|
heap
|
page read and write
|
||
|
DB8C50E000
|
stack
|
page read and write
|
||
|
DAC51FE000
|
stack
|
page read and write
|
||
|
2BB73990000
|
heap
|
page read and write
|
||
|
202FE3E8000
|
heap
|
page read and write
|
||
|
5C0000
|
unkown
|
page readonly
|
||
|
202FE430000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
3C3C000
|
heap
|
page read and write
|
||
|
202FF640000
|
heap
|
page read and write
|
||
|
2B389647000
|
heap
|
page read and write
|
||
|
202FF280000
|
heap
|
page read and write
|
||
|
33E4000
|
heap
|
page read and write
|
||
|
2BB73AD0000
|
heap
|
page read and write
|
||
|
202FF48E000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
280E000
|
stack
|
page read and write
|
||
|
4244000
|
heap
|
page read and write
|
||
|
2B389668000
|
heap
|
page read and write
|
||
|
202FE5B9000
|
heap
|
page read and write
|
||
|
5EDD9EF000
|
stack
|
page read and write
|
||
|
2BB73160000
|
trusted library allocation
|
page read and write
|
||
|
4496000
|
heap
|
page read and write
|
||
|
2BB003B4000
|
trusted library allocation
|
page read and write
|
||
|
7FF6BB1D5000
|
unkown
|
page readonly
|
||
|
2BB733B0000
|
heap
|
page read and write
|
||
|
4692000
|
heap
|
page read and write
|
||
|
7FF6BB121000
|
unkown
|
page execute read
|
||
|
454E000
|
heap
|
page read and write
|
||
|
2BB00001000
|
trusted library allocation
|
page read and write
|
||
|
4C40000
|
heap
|
page read and write
|
||
|
11C5000
|
heap
|
page read and write
|
||
|
4A12000
|
heap
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
2BB73830000
|
heap
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
DB8B37E000
|
stack
|
page read and write
|
||
|
4CA9000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
7FF6BB1F8000
|
unkown
|
page readonly
|
||
|
4374000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
DAC52F7000
|
stack
|
page read and write
|
||
|
4942000
|
heap
|
page read and write
|
||
|
2BB003A0000
|
trusted library allocation
|
page read and write
|
||
|
202FF3C0000
|
heap
|
page read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
||
|
202FF5EC000
|
heap
|
page read and write
|
||
|
4080000
|
heap
|
page read and write
|
||
|
202FF306000
|
heap
|
page read and write
|
||
|
3972000
|
heap
|
page read and write
|
||
|
969000
|
unkown
|
page readonly
|
||
|
2BB0077B000
|
trusted library allocation
|
page read and write
|
||
|
1FC0000
|
trusted library allocation
|
page read and write
|
||
|
4820000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
202FF453000
|
heap
|
page read and write
|
||
|
8A0000
|
unkown
|
page readonly
|
||
|
11FC000
|
stack
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
1FC0000
|
trusted library allocation
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
3C2F000
|
heap
|
page read and write
|
||
|
202FF226000
|
heap
|
page read and write
|
||
|
DB8B737000
|
stack
|
page read and write
|
||
|
202FF280000
|
heap
|
page read and write
|
||
|
DB8BA3B000
|
stack
|
page read and write
|
||
|
7FFD9B8D0000
|
trusted library allocation
|
page read and write
|
||
|
1FC0000
|
trusted library allocation
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
3F62000
|
heap
|
page read and write
|
||
|
48E6000
|
heap
|
page read and write
|
||
|
DB8B57D000
|
stack
|
page read and write
|
||
|
45B0000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
2BB01627000
|
trusted library allocation
|
page read and write
|
||
|
202FE6D7000
|
heap
|
page read and write
|
||
|
40EA000
|
heap
|
page read and write
|
||
|
5941000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
202FE6A6000
|
heap
|
page read and write
|
||
|
3524000
|
heap
|
page read and write
|
||
|
202FF5DA000
|
heap
|
page read and write
|
||
|
3426000
|
heap
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
202FF604000
|
heap
|
page read and write
|
||
|
202FE41F000
|
heap
|
page read and write
|
||
|
1FFE000
|
stack
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
3460000
|
trusted library allocation
|
page read and write
|
||
|
4440000
|
heap
|
page read and write
|
||
|
202FF1D2000
|
heap
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
2B3896CF000
|
heap
|
page read and write
|
||
|
202FE4E6000
|
heap
|
page read and write
|
||
|
531000
|
unkown
|
page execute read
|
||
|
3AB8000
|
heap
|
page read and write
|
||
|
202FFBDD000
|
heap
|
page read and write
|
||
|
202FE420000
|
heap
|
page read and write
|
||
|
2BB73A90000
|
heap
|
page read and write
|
||
|
7FFD9B7A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A40000
|
heap
|
page read and write
|
||
|
5E6000
|
unkown
|
page readonly
|
||
|
15FD000
|
heap
|
page read and write
|
||
|
202FF290000
|
heap
|
page read and write
|
||
|
DB8C6CD000
|
stack
|
page read and write
|
||
|
2BB73820000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
11C5000
|
heap
|
page read and write
|
||
|
964000
|
unkown
|
page write copy
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
202FE410000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
5A4E000
|
heap
|
page read and write
|
||
|
202FE7BF000
|
heap
|
page read and write
|
||
|
2BB129AE000
|
trusted library allocation
|
page read and write
|
||
|
202FE5C6000
|
heap
|
page read and write
|
||
|
4908000
|
heap
|
page read and write
|
||
|
7FFD9B6DB000
|
trusted library allocation
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
121C000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
4AA8000
|
heap
|
page read and write
|
||
|
496C000
|
heap
|
page read and write
|
||
|
DB8B7B8000
|
stack
|
page read and write
|
||
|
48D4000
|
heap
|
page read and write
|
||
|
202FF252000
|
heap
|
page read and write
|
||
|
610B000
|
heap
|
page read and write
|
||
|
42A0000
|
heap
|
page read and write
|
||
|
DAC50FB000
|
stack
|
page read and write
|
||
|
4E37000
|
heap
|
page read and write
|
||
|
202FF546000
|
heap
|
page read and write
|
||
|
3460000
|
trusted library allocation
|
page read and write
|
||
|
202FF80E000
|
heap
|
page read and write
|
||
|
3FEC000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
2BB732B0000
|
heap
|
page execute and read and write
|
||
|
2BB73AEE000
|
heap
|
page read and write
|
||
|
5BE0000
|
heap
|
page read and write
|
||
|
4BC2000
|
heap
|
page read and write
|
||
|
5EDD9CE000
|
stack
|
page read and write
|
||
|
5A42000
|
heap
|
page read and write
|
||
|
3A34000
|
heap
|
page read and write
|
||
|
202FE380000
|
heap
|
page read and write
|
||
|
44F4000
|
heap
|
page read and write
|
||
|
7FF6BB120000
|
unkown
|
page readonly
|
||
|
2BB73AFD000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
202FF264000
|
heap
|
page read and write
|
||
|
202FF2D2000
|
heap
|
page read and write
|
||
|
349E000
|
stack
|
page read and write
|
||
|
202FE41F000
|
heap
|
page read and write
|
||
|
1233000
|
heap
|
page read and write
|
||
|
DB8B93E000
|
stack
|
page read and write
|
||
|
2390000
|
heap
|
page read and write
|
||
|
DB8B7BE000
|
stack
|
page read and write
|
||
|
202FF436000
|
heap
|
page read and write
|
||
|
202FF558000
|
heap
|
page read and write
|
||
|
202FF48E000
|
heap
|
page read and write
|
||
|
AAA000
|
stack
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
3D2A000
|
heap
|
page read and write
|
||
|
202FE625000
|
heap
|
page read and write
|
||
|
2B389680000
|
heap
|
page read and write
|
||
|
1FC0000
|
trusted library allocation
|
page read and write
|
||
|
2B3896BA000
|
heap
|
page read and write
|
||
|
3360000
|
heap
|
page read and write
|
||
|
DAC470A000
|
stack
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
49A6000
|
heap
|
page read and write
|
||
|
23DE000
|
unkown
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
202FF50A000
|
heap
|
page read and write
|
||
|
DB8B9BE000
|
stack
|
page read and write
|
||
|
43F6000
|
heap
|
page read and write
|
||
|
3460000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B87A000
|
trusted library allocation
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
5E7E000
|
stack
|
page read and write
|
||
|
3A80000
|
heap
|
page read and write
|
||
|
202FF291000
|
heap
|
page read and write
|
||
|
7FF6BB214000
|
unkown
|
page readonly
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
5BEE000
|
heap
|
page read and write
|
||
|
202FE549000
|
heap
|
page read and write
|
||
|
202FE611000
|
heap
|
page read and write
|
||
|
202FE6D9000
|
heap
|
page read and write
|
||
|
2BB00AA2000
|
trusted library allocation
|
page read and write
|
||
|
1421000
|
heap
|
page read and write
|
||
|
11C5000
|
heap
|
page read and write
|
||
|
202FE5DF000
|
heap
|
page read and write
|
||
|
202FE71F000
|
heap
|
page read and write
|
||
|
2B389580000
|
heap
|
page read and write
|
||
|
202FF283000
|
heap
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
26FD000
|
stack
|
page read and write
|
||
|
4304000
|
heap
|
page read and write
|
||
|
45A2000
|
heap
|
page read and write
|
||
|
DB8B4FF000
|
stack
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
2C20000
|
heap
|
page read and write
|
||
|
5EDD9D8000
|
stack
|
page read and write
|
||
|
415E000
|
heap
|
page read and write
|
||
|
DB8BABB000
|
stack
|
page read and write
|
||
|
39B0000
|
heap
|
page read and write
|
||
|
2BB01623000
|
trusted library allocation
|
page read and write
|
||
|
3D6A000
|
heap
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BB106CE000
|
trusted library allocation
|
page read and write
|
||
|
4454000
|
heap
|
page read and write
|
||
|
4E9D000
|
heap
|
page read and write
|
||
|
3930000
|
heap
|
page read and write
|
||
|
4B78000
|
heap
|
page read and write
|
||
|
2BB01667000
|
trusted library allocation
|
page read and write
|
||
|
202FE625000
|
heap
|
page read and write
|
||
|
4CF0000
|
heap
|
page read and write
|
||
|
5F0000
|
unkown
|
page write copy
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
202FE6EE000
|
heap
|
page read and write
|
||
|
202FE7D0000
|
heap
|
page read and write
|
||
|
1570000
|
heap
|
page read and write
|
||
|
202FF4E4000
|
heap
|
page read and write
|
||
|
530000
|
unkown
|
page readonly
|
||
|
4544000
|
heap
|
page read and write
|
||
|
14A2000
|
heap
|
page read and write
|
||
|
2BB11FAE000
|
trusted library allocation
|
page read and write
|
||
|
1304000
|
heap
|
page read and write
|
||
|
202FE7D4000
|
heap
|
page read and write
|
||
|
5BC3000
|
heap
|
page read and write
|
||
|
202FF35A000
|
heap
|
page read and write
|
||
|
202FE411000
|
heap
|
page read and write
|
||
|
3C42000
|
heap
|
page read and write
|
||
|
5E6000
|
unkown
|
page readonly
|
||
|
202FF490000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
4CA6000
|
heap
|
page read and write
|
||
|
7FFD9B8A2000
|
trusted library allocation
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
5F0000
|
unkown
|
page read and write
|
||
|
2BB733CF000
|
heap
|
page read and write
|
||
|
DB8C58D000
|
stack
|
page read and write
|
||
|
2BB015F7000
|
trusted library allocation
|
page read and write
|
||
|
8A1000
|
unkown
|
page execute read
|
||
|
4D7F000
|
heap
|
page read and write
|
||
|
2BB00228000
|
trusted library allocation
|
page read and write
|
||
|
2BB01614000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
DAC4AFF000
|
stack
|
page read and write
|
||
|
5F4000
|
unkown
|
page write copy
|
||
|
646D000
|
heap
|
page read and write
|
||
|
202FE565000
|
heap
|
page read and write
|
||
|
2BB73916000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
47AC000
|
heap
|
page read and write
|
||
|
2B389610000
|
heap
|
page read and write
|
||
|
464C000
|
heap
|
page read and write
|
||
|
5C0000
|
unkown
|
page readonly
|
||
|
202FF563000
|
heap
|
page read and write
|
||
|
202FE61A000
|
heap
|
page read and write
|
||
|
202FE560000
|
heap
|
page read and write
|
||
|
39F6000
|
heap
|
page read and write
|
||
|
2BB01C4A000
|
trusted library allocation
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
5EDD9BE000
|
stack
|
page read and write
|
||
|
7FF6BB20E000
|
unkown
|
page write copy
|
||
|
2BB731C5000
|
heap
|
page read and write
|
||
|
2BB10001000
|
trusted library allocation
|
page read and write
|
||
|
202FE560000
|
heap
|
page read and write
|
||
|
49C8000
|
heap
|
page read and write
|
||
|
3A38000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
202FF276000
|
heap
|
page read and write
|
||
|
202FE625000
|
heap
|
page read and write
|
||
|
202FF671000
|
heap
|
page read and write
|
||
|
1FC0000
|
trusted library allocation
|
page read and write
|
||
|
4A64000
|
heap
|
page read and write
|
||
|
2BB71820000
|
heap
|
page read and write
|
||
|
5940000
|
heap
|
page read and write
|
||
|
202FF276000
|
heap
|
page read and write
|
||
|
2BB73130000
|
trusted library allocation
|
page read and write
|
||
|
122C000
|
heap
|
page read and write
|
||
|
2BB73120000
|
heap
|
page readonly
|
||
|
4C0F000
|
heap
|
page read and write
|
||
|
202FF280000
|
heap
|
page read and write
|
||
|
2B389669000
|
heap
|
page read and write
|
||
|
4AF4000
|
heap
|
page read and write
|
||
|
4272000
|
heap
|
page read and write
|
||
|
4D6B000
|
heap
|
page read and write
|
||
|
4536000
|
heap
|
page read and write
|
||
|
DB8B47D000
|
stack
|
page read and write
|
||
|
202FF3F4000
|
heap
|
page read and write
|
||
|
DB8C64F000
|
stack
|
page read and write
|
||
|
627F000
|
stack
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
2BB0117A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8F0000
|
trusted library allocation
|
page read and write
|
||
|
4000000
|
heap
|
page read and write
|
||
|
4B9A000
|
heap
|
page read and write
|
||
|
202FF4D2000
|
heap
|
page read and write
|
||
|
4056000
|
heap
|
page read and write
|
||
|
202FE70D000
|
heap
|
page read and write
|
||
|
2BB018FF000
|
trusted library allocation
|
page read and write
|
||
|
2B389673000
|
heap
|
page read and write
|
||
|
45E6000
|
heap
|
page read and write
|
||
|
2B389550000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
11C5000
|
heap
|
page read and write
|
||
|
2BB01879000
|
trusted library allocation
|
page read and write
|
||
|
202FF671000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
3A7A000
|
heap
|
page read and write
|
||
|
2870000
|
heap
|
page read and write
|
||
|
202FF3F4000
|
heap
|
page read and write
|
||
|
2BB10010000
|
trusted library allocation
|
page read and write
|
||
|
7FF6BB214000
|
unkown
|
page readonly
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
4C2E000
|
heap
|
page read and write
|
||
|
4BE8000
|
heap
|
page read and write
|
||
|
232D000
|
stack
|
page read and write
|
||
|
2B38966B000
|
heap
|
page read and write
|
||
|
1334000
|
heap
|
page read and write
|
||
|
2BB73163000
|
trusted library allocation
|
page read and write
|
||
|
960000
|
unkown
|
page read and write
|
||
|
4DDD000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
DB8B6BE000
|
stack
|
page read and write
|
||
|
202FE6DD000
|
heap
|
page read and write
|
||
|
202FE5DE000
|
heap
|
page read and write
|
||
|
3460000
|
trusted library allocation
|
page read and write
|
||
|
1B70000
|
heap
|
page read and write
|
||
|
4CB9000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
202FE419000
|
heap
|
page read and write
|
||
|
2BB7386F000
|
heap
|
page read and write
|
||
|
34DE000
|
stack
|
page read and write
|
||
|
202FE625000
|
heap
|
page read and write
|
||
|
202FF3E2000
|
heap
|
page read and write
|
||
|
202FF5FE000
|
heap
|
page read and write
|
||
|
397E000
|
heap
|
page read and write
|
||
|
43A2000
|
heap
|
page read and write
|
||
|
202FE592000
|
heap
|
page read and write
|
||
|
8A1000
|
unkown
|
page execute read
|
||
|
202FF215000
|
heap
|
page read and write
|
||
|
3F94000
|
heap
|
page read and write
|
||
|
20281416000
|
heap
|
page read and write
|
||
|
7FFD9B6C2000
|
trusted library allocation
|
page read and write
|
||
|
2BB717D0000
|
heap
|
page read and write
|
||
|
2BB730F0000
|
trusted library allocation
|
page read and write
|
||
|
2BB01C46000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
202FF558000
|
heap
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
530000
|
unkown
|
page readonly
|
||
|
202FE5FB000
|
heap
|
page read and write
|
||
|
202FF48E000
|
heap
|
page read and write
|
||
|
2B38B040000
|
heap
|
page read and write
|
||
|
202FF48E000
|
heap
|
page read and write
|
||
|
202FE768000
|
heap
|
page read and write
|
||
|
202FEA90000
|
heap
|
page read and write
|
||
|
41E8000
|
heap
|
page read and write
|
||
|
5EDD9FD000
|
stack
|
page read and write
|
||
|
37B0000
|
heap
|
page read and write
|
||
|
2B389585000
|
heap
|
page read and write
|
||
|
FCF000
|
stack
|
page read and write
|
||
|
5D01000
|
heap
|
page read and write
|
||
|
202FE77E000
|
heap
|
page read and write
|
||
|
43D8000
|
heap
|
page read and write
|
||
|
4C8C000
|
heap
|
page read and write
|
||
|
7FFD9B8C0000
|
trusted library allocation
|
page read and write
|
||
|
202FF191000
|
heap
|
page read and write
|
||
|
956000
|
unkown
|
page readonly
|
||
|
202FF214000
|
heap
|
page read and write
|
||
|
4256000
|
heap
|
page read and write
|
||
|
4A6E000
|
heap
|
page read and write
|
||
|
AF4000
|
heap
|
page read and write
|
||
|
DB8C5CE000
|
stack
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
DAC4EFF000
|
stack
|
page read and write
|
||
|
202FF734000
|
heap
|
page read and write
|
||
|
202FE7D4000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
202FF575000
|
heap
|
page read and write
|
||
|
202FF253000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
46B0000
|
heap
|
page read and write
|
||
|
202FF5DA000
|
heap
|
page read and write
|
||
|
202FE6C8000
|
heap
|
page read and write
|
||
|
11C5000
|
heap
|
page read and write
|
||
|
202FE56F000
|
heap
|
page read and write
|
||
|
4D8B000
|
heap
|
page read and write
|
||
|
39B4000
|
heap
|
page read and write
|
||
|
2BB73E70000
|
heap
|
page read and write
|
||
|
20281A01000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
41FA000
|
heap
|
page read and write
|
||
|
956000
|
unkown
|
page readonly
|
||
|
2B38966A000
|
heap
|
page read and write
|
||
|
2BB73980000
|
heap
|
page execute and read and write
|
||
|
4816000
|
heap
|
page read and write
|
||
|
3520000
|
heap
|
page read and write
|
||
|
7FF6BB20A000
|
unkown
|
page read and write
|
||
|
DB8B273000
|
stack
|
page read and write
|
||
|
2BB73AC9000
|
heap
|
page read and write
|
||
|
202FF562000
|
heap
|
page read and write
|
||
|
4D17000
|
heap
|
page read and write
|
||
|
2B3896DD000
|
heap
|
page read and write
|
||
|
202FE4E6000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
202FF800000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
15C4000
|
heap
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
DB8B8BF000
|
stack
|
page read and write
|
||
|
202FEDBE000
|
heap
|
page read and write
|
||
|
202FF3E3000
|
heap
|
page read and write
|
||
|
4502000
|
heap
|
page read and write
|
||
|
2BB738CF000
|
heap
|
page read and write
|
||
|
3A76000
|
heap
|
page read and write
|
||
|
4B04000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
2B389680000
|
heap
|
page read and write
|
||
|
AF4000
|
heap
|
page read and write
|
||
|
960000
|
unkown
|
page write copy
|
||
|
4B66000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
202FE5A8000
|
heap
|
page read and write
|
||
|
DB8C74B000
|
stack
|
page read and write
|
||
|
AF4000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
DAC4DFF000
|
stack
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
3460000
|
trusted library allocation
|
page read and write
|
||
|
202FE5CC000
|
heap
|
page read and write
|
||
|
2BB01B80000
|
trusted library allocation
|
page read and write
|
||
|
202FE544000
|
heap
|
page read and write
|
||
|
2BB71866000
|
heap
|
page read and write
|
||
|
438E000
|
heap
|
page read and write
|
||
|
12AA000
|
heap
|
page read and write
|
||
|
2BB102FB000
|
trusted library allocation
|
page read and write
|
||
|
136C000
|
heap
|
page read and write
|
||
|
202FE420000
|
heap
|
page read and write
|
||
|
4560000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
11C5000
|
heap
|
page read and write
|
||
|
4C82000
|
heap
|
page read and write
|
||
|
2BB10072000
|
trusted library allocation
|
page read and write
|
||
|
202FE7BE000
|
heap
|
page read and write
|
||
|
202FE3A0000
|
heap
|
page read and write
|
||
|
202FE61E000
|
heap
|
page read and write
|
||
|
5F9000
|
unkown
|
page readonly
|
||
|
3B30000
|
heap
|
page read and write
|
||
|
5EDDDFE000
|
stack
|
page read and write
|
||
|
930000
|
unkown
|
page readonly
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
2BB018A5000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
152E000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
49AE000
|
heap
|
page read and write
|
||
|
5AF7000
|
heap
|
page read and write
|
||
|
7FF6BB1F8000
|
unkown
|
page readonly
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
202FE3E0000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
202FF491000
|
heap
|
page read and write
|
||
|
202FE695000
|
heap
|
page read and write
|
||
|
3E51000
|
heap
|
page read and write
|
||
|
202FE5DE000
|
heap
|
page read and write
|
||
|
202FF452000
|
heap
|
page read and write
|
||
|
7FFD9B7E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
4A2A000
|
heap
|
page read and write
|
||
|
2BB73987000
|
heap
|
page execute and read and write
|
||
|
442A000
|
heap
|
page read and write
|
||
|
2000000
|
heap
|
page read and write
|
||
|
202FE6D7000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
29C0000
|
heap
|
page read and write
|
||
|
3EAB000
|
heap
|
page read and write
|
||
|
2BB7390A000
|
heap
|
page read and write
|
||
|
345C000
|
heap
|
page read and write
|
||
|
202FF547000
|
heap
|
page read and write
|
||
|
4AC2000
|
heap
|
page read and write
|
||
|
3BD9000
|
heap
|
page read and write
|
||
|
202FE594000
|
heap
|
page read and write
|
||
|
4AB0000
|
heap
|
page read and write
|
||
|
8A0000
|
unkown
|
page readonly
|
||
|
5A4C000
|
heap
|
page read and write
|
||
|
202FF640000
|
heap
|
page read and write
|
||
|
1144000
|
heap
|
page read and write
|
||
|
202FF3C1000
|
heap
|
page read and write
|
||
|
4928000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
4602000
|
heap
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
202FF283000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
642F000
|
stack
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
15BA000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
4286000
|
heap
|
page read and write
|
||
|
5B05000
|
heap
|
page read and write
|
||
|
47A2000
|
heap
|
page read and write
|
||
|
602F000
|
stack
|
page read and write
|
||
|
3EE5000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
444A000
|
heap
|
page read and write
|
||
|
11CF000
|
stack
|
page read and write
|
||
|
4C24000
|
heap
|
page read and write
|
||
|
2B38B480000
|
heap
|
page read and write
|
||
|
DAC4FFF000
|
stack
|
page read and write
|
||
|
DB8B3FF000
|
stack
|
page read and write
|
||
|
DB8C48E000
|
stack
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
1FC0000
|
trusted library allocation
|
page read and write
|
||
|
2B3896E0000
|
heap
|
page read and write
|
||
|
202FE664000
|
heap
|
page read and write
|
||
|
4A3C000
|
heap
|
page read and write
|
||
|
5F9000
|
unkown
|
page readonly
|
||
|
202FF543000
|
heap
|
page read and write
|
||
|
2BB7386D000
|
heap
|
page read and write
|
||
|
46BA000
|
heap
|
page read and write
|
||
|
DAC53FB000
|
stack
|
page read and write
|
||
|
202FE663000
|
heap
|
page read and write
|
||
|
44D8000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
3DB0000
|
heap
|
page read and write
|
||
|
AF4000
|
heap
|
page read and write
|
||
|
202FE5EA000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
39F2000
|
heap
|
page read and write
|
||
|
202FF5DA000
|
heap
|
page read and write
|
||
|
202FF5C8000
|
heap
|
page read and write
|
||
|
202FE77E000
|
heap
|
page read and write
|
||
|
202FEA95000
|
heap
|
page read and write
|
||
|
202FE592000
|
heap
|
page read and write
|
||
|
3460000
|
trusted library allocation
|
page read and write
|
||
|
15BB000
|
heap
|
page read and write
|
||
|
611A000
|
heap
|
page read and write
|
||
|
3460000
|
trusted library allocation
|
page read and write
|
||
|
3DE1000
|
heap
|
page read and write
|
||
|
5B30000
|
heap
|
page read and write
|
||
|
38FA000
|
heap
|
page read and write
|
||
|
49E8000
|
heap
|
page read and write
|
||
|
3E01000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
44EA000
|
heap
|
page read and write
|
||
|
4912000
|
heap
|
page read and write
|
||
|
4D4A000
|
heap
|
page read and write
|
||
|
1689000
|
heap
|
page read and write
|
||
|
202FE58B000
|
heap
|
page read and write
|
||
|
7FFD9B8E0000
|
trusted library allocation
|
page read and write
|
||
|
2B389647000
|
heap
|
page read and write
|
||
|
202FF306000
|
heap
|
page read and write
|
||
|
3BB4000
|
heap
|
page read and write
|
||
|
2BB71824000
|
heap
|
page read and write
|
||
|
472E000
|
heap
|
page read and write
|
||
|
202FE625000
|
heap
|
page read and write
|
||
|
1268000
|
heap
|
page read and write
|
||
|
202FF74B000
|
heap
|
page read and write
|
||
|
46D4000
|
heap
|
page read and write
|
||
|
1FC0000
|
trusted library allocation
|
page read and write
|
||
|
2BB738E1000
|
heap
|
page read and write
|
||
|
11BF000
|
stack
|
page read and write
|
||
|
2BB00394000
|
trusted library allocation
|
page read and write
|
||
|
4B90000
|
heap
|
page read and write
|
||
|
48AC000
|
heap
|
page read and write
|
||
|
2BB7182A000
|
heap
|
page read and write
|
||
|
4346000
|
heap
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
7DF4C6690000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BB7183E000
|
heap
|
page read and write
|
||
|
23E0000
|
heap
|
page read and write
|
||
|
2BB73B2C000
|
heap
|
page read and write
|
||
|
4AB2000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
7FF6BB120000
|
unkown
|
page readonly
|
||
|
202FF726000
|
heap
|
page read and write
|
||
|
202FE587000
|
heap
|
page read and write
|
||
|
531000
|
unkown
|
page execute read
|
||
|
4208000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
DB8B5FE000
|
stack
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
3F17000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
2BB115AE000
|
trusted library allocation
|
page read and write
|
||
|
11DD000
|
stack
|
page read and write
|
||
|
DB8B679000
|
stack
|
page read and write
|
||
|
202819C8000
|
heap
|
page read and write
|
||
|
44B0000
|
heap
|
page read and write
|
||
|
12D8000
|
heap
|
page read and write
|
||
|
2B389540000
|
heap
|
page read and write
|
||
|
202FE4E6000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
5EDE1FE000
|
stack
|
page read and write
|
||
|
14E4000
|
heap
|
page read and write
|
||
|
202FF440000
|
heap
|
page read and write
|
||
|
4322000
|
heap
|
page read and write
|
||
|
202816F4000
|
heap
|
page read and write
|
||
|
FDD000
|
stack
|
page read and write
|
||
|
2BB731A0000
|
trusted library allocation
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
202FE726000
|
heap
|
page read and write
|
||
|
11DA000
|
heap
|
page read and write
|
||
|
3452000
|
heap
|
page read and write
|
||
|
40EC000
|
heap
|
page read and write
|
||
|
202FF437000
|
heap
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
202FF64A000
|
heap
|
page read and write
|
||
|
2BB0117C000
|
trusted library allocation
|
page read and write
|
||
|
4DC2000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
7FF6BB121000
|
unkown
|
page execute read
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
202FE5AD000
|
heap
|
page read and write
|
||
|
202FF574000
|
heap
|
page read and write
|
||
|
1208000
|
heap
|
page read and write
|
||
|
2BB716C0000
|
heap
|
page read and write
|
||
|
202FF3AE000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
3C7A000
|
heap
|
page read and write
|
||
|
3BAB000
|
heap
|
page read and write
|
||
|
202FE592000
|
heap
|
page read and write
|
||
|
202FE370000
|
heap
|
page read and write
|
||
|
202FE546000
|
heap
|
page read and write
|
||
|
202FE5A8000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
2B3896CD000
|
heap
|
page read and write
|
||
|
1571000
|
heap
|
page read and write
|
||
|
202FE41F000
|
heap
|
page read and write
|
||
|
4666000
|
heap
|
page read and write
|
||
|
2BB0162B000
|
trusted library allocation
|
page read and write
|
||
|
4A8E000
|
heap
|
page read and write
|
||
|
2B389672000
|
heap
|
page read and write
|
||
|
202FE560000
|
heap
|
page read and write
|
||
|
AF4000
|
heap
|
page read and write
|
||
|
202FF36C000
|
heap
|
page read and write
|
||
|
7FFD9B6C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BB717E0000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
202FE592000
|
heap
|
page read and write
|
||
|
202FE799000
|
heap
|
page read and write
|
||
|
2BB7181D000
|
heap
|
page read and write
|
||
|
202FF306000
|
heap
|
page read and write
|
||
|
202FF5B6000
|
heap
|
page read and write
|
||
|
202FF36D000
|
heap
|
page read and write
|
||
|
202FE7D0000
|
heap
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
3A7D000
|
heap
|
page read and write
|
||
|
7FFD9B6CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BBF000
|
stack
|
page read and write
|
||
|
202FF66C000
|
heap
|
page read and write
|
||
|
2BB73110000
|
trusted library allocation
|
page read and write
|
||
|
5E3F000
|
stack
|
page read and write
|
||
|
3460000
|
trusted library allocation
|
page read and write
|
||
|
202FF2F5000
|
heap
|
page read and write
|
||
|
48BE000
|
heap
|
page read and write
|
||
|
DB8B83A000
|
stack
|
page read and write
|
||
|
4BE4000
|
heap
|
page read and write
|
||
|
2BB73AEC000
|
heap
|
page read and write
|
||
|
3AFE000
|
heap
|
page read and write
|
||
|
202FF190000
|
heap
|
page read and write
|
||
|
969000
|
unkown
|
page readonly
|
||
|
3ABC000
|
heap
|
page read and write
|
||
|
449E000
|
heap
|
page read and write
|
||
|
2B389590000
|
heap
|
page read and write
|
||
|
2BB717F2000
|
heap
|
page read and write
|
||
|
2B3896B9000
|
heap
|
page read and write
|
||
|
202FF35B000
|
heap
|
page read and write
|
||
|
4628000
|
heap
|
page read and write
|
||
|
4706000
|
heap
|
page read and write
|
||
|
1BB0000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
1FC0000
|
trusted library allocation
|
page read and write
|
||
|
202FE76D000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
3460000
|
trusted library allocation
|
page read and write
|
||
|
3876000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
1FC0000
|
trusted library allocation
|
page read and write
|
||
|
2BB73300000
|
heap
|
page execute and read and write
|
||
|
2BB717D5000
|
heap
|
page read and write
|
||
|
7FFD9B6D0000
|
trusted library allocation
|
page read and write
|
||
|
129D000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
202FF3AE000
|
heap
|
page read and write
|
||
|
47F6000
|
heap
|
page read and write
|
||
|
1B90000
|
heap
|
page read and write
|
||
|
4730000
|
heap
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
92A000
|
stack
|
page read and write
|
||
|
7FFD9B871000
|
trusted library allocation
|
page read and write
|
||
|
FBF000
|
stack
|
page read and write
|
||
|
202FF348000
|
heap
|
page read and write
|
||
|
202FE6A7000
|
heap
|
page read and write
|
||
|
5D01000
|
heap
|
page read and write
|
||
|
297F000
|
unkown
|
page read and write
|
||
|
202FF474000
|
heap
|
page read and write
|
||
|
4838000
|
heap
|
page read and write
|
||
|
930000
|
unkown
|
page readonly
|
||
|
4EAF000
|
heap
|
page read and write
|
||
|
3BF0000
|
heap
|
page read and write
|
||
|
2B3896B4000
|
heap
|
page read and write
|
||
|
2BB00088000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E06000
|
heap
|
page read and write
|
||
|
202FE581000
|
heap
|
page read and write
|
||
|
4196000
|
heap
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
3BF6000
|
heap
|
page read and write
|
||
|
202FF35A000
|
heap
|
page read and write
|
||
|
2C22000
|
heap
|
page read and write
|
||
|
DB8B2FE000
|
stack
|
page read and write
|
||
|
202FEECE000
|
heap
|
page read and write
|
||
|
202FEDA4000
|
heap
|
page read and write
|
||
|
202FE40A000
|
heap
|
page read and write
|
||
|
2BB718E0000
|
heap
|
page read and write
|
||
|
202FE6D7000
|
heap
|
page read and write
|
||
|
3440000
|
heap
|
page read and write
|
||
|
2B389662000
|
heap
|
page read and write
|
||
|
7FFD9B6C4000
|
trusted library allocation
|
page read and write
|
||
|
4580000
|
heap
|
page read and write
|
||
|
5B2B000
|
heap
|
page read and write
|
||
|
DB8C7CC000
|
stack
|
page read and write
|
||
|
3B72000
|
heap
|
page read and write
|
||
|
488A000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
42C8000
|
heap
|
page read and write
|
||
|
42E2000
|
heap
|
page read and write
|
||
|
3D94000
|
heap
|
page read and write
|
||
|
202FF440000
|
heap
|
page read and write
|
||
|
202FE561000
|
heap
|
page read and write
|
||
|
FFC000
|
stack
|
page read and write
|
||
|
202FE654000
|
heap
|
page read and write
|
||
|
202FF543000
|
heap
|
page read and write
|
||
|
4D2B000
|
heap
|
page read and write
|
||
|
2BB015FA000
|
trusted library allocation
|
page read and write
|
||
|
202FE5A3000
|
heap
|
page read and write
|
||
|
202FF4E4000
|
heap
|
page read and write
|
||
|
202FF349000
|
heap
|
page read and write
|
||
|
202FE595000
|
heap
|
page read and write
|
||
|
202FE790000
|
heap
|
page read and write
|
||
|
202FF35A000
|
heap
|
page read and write
|
||
|
2B389680000
|
heap
|
page read and write
|
||
|
29CA000
|
heap
|
page read and write
|
||
|
7FFD9B860000
|
trusted library allocation
|
page read and write
|
||
|
3F58000
|
heap
|
page read and write
|
||
|
1647000
|
heap
|
page read and write
|
||
|
4772000
|
heap
|
page read and write
|
||
|
3C38000
|
heap
|
page read and write
|
||
|
33A2000
|
heap
|
page read and write
|
||
|
125E000
|
heap
|
page read and write
|
||
|
2BB731C0000
|
heap
|
page read and write
|
||
|
202FE726000
|
heap
|
page read and write
|
||
|
2BB003AD000
|
trusted library allocation
|
page read and write
|
||
|
AF4000
|
heap
|
page read and write
|
||
|
202FF48E000
|
heap
|
page read and write
|
||
|
16CB000
|
heap
|
page read and write
|
||
|
202FF1D2000
|
heap
|
page read and write
|
||
|
2BB0164D000
|
trusted library allocation
|
page read and write
|
||
|
5941000
|
heap
|
page read and write
|
||
|
2BB71828000
|
heap
|
page read and write
|
||
|
2BB7186C000
|
heap
|
page read and write
|
||
|
5A40000
|
heap
|
page read and write
|
||
|
2BB739B0000
|
heap
|
page read and write
|
||
|
202FF5DA000
|
heap
|
page read and write
|
||
|
427C000
|
heap
|
page read and write
|
||
|
202FE540000
|
heap
|
page read and write
|
||
|
202FE40F000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
403E000
|
heap
|
page read and write
|
||
|
2BB01365000
|
trusted library allocation
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
5AEB000
|
heap
|
page read and write
|
||
|
43EC000
|
heap
|
page read and write
|
||
|
4360000
|
heap
|
page read and write
|
||
|
2B38958C000
|
heap
|
page read and write
|
||
|
2B389662000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
202FF50A000
|
heap
|
page read and write
|
||
|
47B4000
|
heap
|
page read and write
|
||
|
67DD000
|
heap
|
page read and write
|
||
|
DAC4BFF000
|
stack
|
page read and write
|
||
|
3F30000
|
heap
|
page read and write
|
||
|
202FE572000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
2BB718DB000
|
heap
|
page read and write
|
||
|
2BB717A0000
|
heap
|
page read and write
|
||
|
37F2000
|
heap
|
page read and write
|
||
|
4758000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
11C4000
|
heap
|
page read and write
|
||
|
202FE544000
|
heap
|
page read and write
|
||
|
202FF238000
|
heap
|
page read and write
|
||
|
2BB01629000
|
trusted library allocation
|
page read and write
|
||
|
202FF2E4000
|
heap
|
page read and write
|
There are 846 hidden memdumps, click here to show them.