Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
EUYIlr7uUX.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\EUYIlr7uUX.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp16F6.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\qggKEJlcsFa.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\qggKEJlcsFa.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\qggKEJlcsFa.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hhpaxbo5.e4a.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mbibglpb.523.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_o4w1kc0h.slr.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_x03er4si.pg3.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp2369.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\EUYIlr7uUX.exe
|
"C:\Users\user\Desktop\EUYIlr7uUX.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\qggKEJlcsFa.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\qggKEJlcsFa" /XML "C:\Users\user\AppData\Local\Temp\tmp16F6.tmp"
|
|
|
|
C:\Users\user\Desktop\EUYIlr7uUX.exe
|
"C:\Users\user\Desktop\EUYIlr7uUX.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\qggKEJlcsFa.exe
|
C:\Users\user\AppData\Roaming\qggKEJlcsFa.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\qggKEJlcsFa" /XML "C:\Users\user\AppData\Local\Temp\tmp2369.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\qggKEJlcsFa.exe
|
"C:\Users\user\AppData\Roaming\qggKEJlcsFa.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.telegram.org
|
unknown
|
|
|
|
https://api.telegram.org/bot
|
unknown
|
|
|
|
http://aborters.duckdns.org:8081
|
unknown
|
|
|
|
http://anotherarmy.dns.army:8081
|
unknown
|
|
|
|
https://www.office.com/
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
http://smtp.hostinger.com
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://api.telegram.org/bot7207203688:AAH7zD-WPsi2BXK6KyZWdSEeTTm6Kjd9c5o/sendDocument?chat_id=1193226784&caption=%20Pc%20Name:%20user%20%7C%20/%20VIP%20Recovery%20%5C%0D%0A%0D%0AInstalled%20Softwares%20%7C%20user%20%7C%20VIP%20Recovery
|
149.154.167.220
|
||
|
https://api.telegram.org/bot7207203688:AAH7zD-WPsi2BXK6KyZWdSEeTTm6Kjd9c5o/sendDocument?chat_id=1193226784&caption=%20Pc%20Name:%20user%20%7C%20/%20VIP%20Recovery%20%5C%0D%0A%0D%0ACookies%20%7C%20user%20%7C%20VIP%20Recovery
|
149.154.167.220
|
||
|
https://www.office.com/lB
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://api.telegram.org/bot7207203688:AAH7zD-WPsi2BXK6KyZWdSEeTTm6Kjd9c5o/sendDocument?chat_id=1193
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33
|
188.114.97.3
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=en
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://varders.kozow.com:8081
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:258555%0D%0ADate%20a
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://api.telegram.org/bot7207203688:AAH7zD-WPsi2BXK6KyZWdSEeTTm6Kjd9c5o/sendDocument?chat_id=1193226784&caption=%20Pc%20Name:%20user%20%7C%20/%20VIP%20Recovery%20%5C%0D%0A%0D%0ATopSites%20%7C%20user%20%7C%20VIP%20Recovery
|
149.154.167.220
|
||
|
http://checkip.dyndns.org/
|
132.226.8.169
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:258555%0D%0ADate%20and%20Time:%2008/10/2024%20/%2008:51:43%0D%0ACountry%20Name:%20United%20States%0D%0A%5B%20258555%20Clicked%20on%20the%20File%20If%20you%20see%20nothing%20this's%20mean%20the%20system%20storage's%20empty.%20%5D
|
149.154.167.220
|
||
|
http://51.38.247.67:8081/_send_.php?L
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33$
|
unknown
|
||
|
https://api.telegram.org/bot7207203688:AAH7zD-WPsi2BXK6KyZWdSEeTTm6Kjd9c5o/sendDocument?chat_id=1193226784&caption=%20Pc%20Name:%20user%20%7C%20/%20VIP%20Recovery%20%5C%0D%0A%0D%0AInstalled%20Browsers%20%7C%20user%20%7C%20VIP%20Recovery
|
149.154.167.220
|
||
|
https://www.office.com/p
|
unknown
|
||
|
https://api.telegram.org/bot7207203688:AAH7zD-WPsi2BXK6KyZWdSEeTTm6Kjd9c5o/sendDocument?chat_id=1193226784&caption=%20Pc%20Name:%20user%20%7C%20/%20VIP%20Recovery%20%5C%0D%0A%0D%0APW%20%7C%20user%20%7C%20VIP%20Recovery
|
149.154.167.220
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:258555%0D%0ADate%20and%20Time:%2008/10/2024%20/%2010:10:37%0D%0ACountry%20Name:%20United%20States%0D%0A%5B%20258555%20Clicked%20on%20the%20File%20If%20you%20see%20nothing%20this's%20mean%20the%20system%20storage's%20empty.%20%5D
|
149.154.167.220
|
||
|
http://api.telegram.org
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
http://51.38.247.67:8081/_send_.php?LCapplication/x-www-form-urlencoded
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 30 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
188.114.97.3
|
|
|
|
api.telegram.org
|
149.154.167.220
|
|
|
|
15.164.165.52.in-addr.arpa
|
unknown
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
checkip.dyndns.com
|
132.226.8.169
|
||
|
smtp.hostinger.com
|
172.65.255.143
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
|
|
|
188.114.97.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
132.226.8.169
|
checkip.dyndns.com
|
United States
|
||
|
172.65.255.143
|
smtp.hostinger.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EUYIlr7uUX_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EUYIlr7uUX_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EUYIlr7uUX_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EUYIlr7uUX_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EUYIlr7uUX_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EUYIlr7uUX_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EUYIlr7uUX_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EUYIlr7uUX_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EUYIlr7uUX_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EUYIlr7uUX_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EUYIlr7uUX_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EUYIlr7uUX_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EUYIlr7uUX_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EUYIlr7uUX_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qggKEJlcsFa_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qggKEJlcsFa_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qggKEJlcsFa_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qggKEJlcsFa_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qggKEJlcsFa_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qggKEJlcsFa_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qggKEJlcsFa_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qggKEJlcsFa_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qggKEJlcsFa_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qggKEJlcsFa_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qggKEJlcsFa_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qggKEJlcsFa_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qggKEJlcsFa_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qggKEJlcsFa_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3CD9000
|
trusted library allocation
|
page read and write
|
|
|
|
2D31000
|
trusted library allocation
|
page read and write
|
|
|
|
432000
|
remote allocation
|
page execute and read and write
|
|
|
|
2A41000
|
trusted library allocation
|
page read and write
|
|
|
|
2B13000
|
trusted library allocation
|
page read and write
|
|
|
|
2AEF000
|
trusted library allocation
|
page read and write
|
||
|
2840000
|
heap
|
page read and write
|
||
|
2DDF000
|
trusted library allocation
|
page read and write
|
||
|
85B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
513D000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
E22000
|
trusted library allocation
|
page read and write
|
||
|
BC9000
|
heap
|
page read and write
|
||
|
3A41000
|
trusted library allocation
|
page read and write
|
||
|
E50000
|
trusted library allocation
|
page read and write
|
||
|
B4BE000
|
stack
|
page read and write
|
||
|
4205000
|
trusted library allocation
|
page read and write
|
||
|
51D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
616E000
|
heap
|
page read and write
|
||
|
2B0F000
|
trusted library allocation
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
3F73000
|
trusted library allocation
|
page read and write
|
||
|
5725000
|
heap
|
page read and write
|
||
|
2A0E000
|
stack
|
page read and write
|
||
|
4DCC000
|
stack
|
page read and write
|
||
|
3DBE000
|
trusted library allocation
|
page read and write
|
||
|
85A0000
|
trusted library allocation
|
page read and write
|
||
|
2990000
|
heap
|
page execute and read and write
|
||
|
647D000
|
stack
|
page read and write
|
||
|
6136000
|
heap
|
page read and write
|
||
|
40B4000
|
trusted library allocation
|
page read and write
|
||
|
65C0000
|
trusted library allocation
|
page read and write
|
||
|
2AA8000
|
trusted library allocation
|
page read and write
|
||
|
2CB0000
|
trusted library allocation
|
page read and write
|
||
|
5220000
|
trusted library allocation
|
page read and write
|
||
|
5240000
|
trusted library section
|
page readonly
|
||
|
2FDC000
|
trusted library allocation
|
page read and write
|
||
|
2FD7000
|
trusted library allocation
|
page read and write
|
||
|
2AAF000
|
stack
|
page read and write
|
||
|
E67000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AAC000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
5500000
|
heap
|
page read and write
|
||
|
3C10000
|
trusted library allocation
|
page read and write
|
||
|
7282000
|
heap
|
page read and write
|
||
|
2B5E000
|
stack
|
page read and write
|
||
|
4D8B000
|
trusted library allocation
|
page read and write
|
||
|
2CC0000
|
heap
|
page execute and read and write
|
||
|
F24000
|
heap
|
page read and write
|
||
|
3F29000
|
trusted library allocation
|
page read and write
|
||
|
E7A000
|
heap
|
page read and write
|
||
|
6940000
|
trusted library allocation
|
page read and write
|
||
|
3DA0000
|
trusted library allocation
|
page read and write
|
||
|
5142000
|
trusted library allocation
|
page read and write
|
||
|
EDA000
|
stack
|
page read and write
|
||
|
3F16000
|
trusted library allocation
|
page read and write
|
||
|
3D3E000
|
trusted library allocation
|
page read and write
|
||
|
6600000
|
trusted library allocation
|
page execute and read and write
|
||
|
51B0000
|
heap
|
page read and write
|
||
|
2CD1000
|
trusted library allocation
|
page read and write
|
||
|
2D8E000
|
unkown
|
page read and write
|
||
|
40D2000
|
trusted library allocation
|
page read and write
|
||
|
1232000
|
trusted library allocation
|
page read and write
|
||
|
65D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FEF000
|
trusted library allocation
|
page read and write
|
||
|
41AF000
|
trusted library allocation
|
page read and write
|
||
|
313B000
|
trusted library allocation
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
4EF0000
|
trusted library allocation
|
page read and write
|
||
|
444000
|
remote allocation
|
page execute and read and write
|
||
|
3DFC000
|
trusted library allocation
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
3C82000
|
trusted library allocation
|
page read and write
|
||
|
E50000
|
trusted library allocation
|
page read and write
|
||
|
3F57000
|
trusted library allocation
|
page read and write
|
||
|
6890000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FE7000
|
trusted library allocation
|
page read and write
|
||
|
303E000
|
stack
|
page read and write
|
||
|
2A30000
|
heap
|
page execute and read and write
|
||
|
2C80000
|
trusted library allocation
|
page read and write
|
||
|
685A000
|
trusted library allocation
|
page read and write
|
||
|
B41C000
|
stack
|
page read and write
|
||
|
40D7000
|
trusted library allocation
|
page read and write
|
||
|
3D98000
|
trusted library allocation
|
page read and write
|
||
|
70BE000
|
stack
|
page read and write
|
||
|
6720000
|
trusted library allocation
|
page read and write
|
||
|
6E0D000
|
stack
|
page read and write
|
||
|
7960000
|
heap
|
page read and write
|
||
|
4D9E000
|
trusted library allocation
|
page read and write
|
||
|
4E5E000
|
stack
|
page read and write
|
||
|
BB41000
|
trusted library allocation
|
page read and write
|
||
|
DBA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D97000
|
trusted library allocation
|
page read and write
|
||
|
536E000
|
stack
|
page read and write
|
||
|
2F11000
|
trusted library allocation
|
page read and write
|
||
|
2C6E000
|
stack
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
314F000
|
trusted library allocation
|
page read and write
|
||
|
4E10000
|
heap
|
page read and write
|
||
|
40CD000
|
trusted library allocation
|
page read and write
|
||
|
2E62000
|
trusted library allocation
|
page read and write
|
||
|
B0D000
|
stack
|
page read and write
|
||
|
2FE9000
|
trusted library allocation
|
page read and write
|
||
|
2AD7000
|
trusted library allocation
|
page read and write
|
||
|
3D31000
|
trusted library allocation
|
page read and write
|
||
|
431000
|
remote allocation
|
page execute and read and write
|
||
|
DB6000
|
trusted library allocation
|
page execute and read and write
|
||
|
AF5E000
|
stack
|
page read and write
|
||
|
4F46000
|
trusted library allocation
|
page read and write
|
||
|
4F65000
|
trusted library allocation
|
page read and write
|
||
|
B17000
|
trusted library allocation
|
page read and write
|
||
|
2A24000
|
trusted library allocation
|
page read and write
|
||
|
3BB3000
|
trusted library allocation
|
page read and write
|
||
|
1117000
|
heap
|
page read and write
|
||
|
4152000
|
trusted library allocation
|
page read and write
|
||
|
E30000
|
trusted library allocation
|
page read and write
|
||
|
3B45000
|
trusted library allocation
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
2D8C000
|
trusted library allocation
|
page read and write
|
||
|
2AE7000
|
trusted library allocation
|
page read and write
|
||
|
2DA6000
|
trusted library allocation
|
page read and write
|
||
|
3DB6000
|
trusted library allocation
|
page read and write
|
||
|
791A000
|
heap
|
page read and write
|
||
|
3ACB000
|
trusted library allocation
|
page read and write
|
||
|
512E000
|
trusted library allocation
|
page read and write
|
||
|
2DEF000
|
trusted library allocation
|
page read and write
|
||
|
B55E000
|
stack
|
page read and write
|
||
|
E56000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F88000
|
trusted library allocation
|
page read and write
|
||
|
40F0000
|
trusted library allocation
|
page read and write
|
||
|
314B000
|
trusted library allocation
|
page read and write
|
||
|
72D8000
|
heap
|
page read and write
|
||
|
2EE6000
|
trusted library allocation
|
page read and write
|
||
|
3DB0000
|
trusted library allocation
|
page read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
E7E000
|
heap
|
page read and write
|
||
|
4F90000
|
trusted library allocation
|
page read and write
|
||
|
303B000
|
trusted library allocation
|
page read and write
|
||
|
68B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
302C000
|
trusted library allocation
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
63B7000
|
heap
|
page read and write
|
||
|
1037000
|
heap
|
page read and write
|
||
|
65B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5114000
|
trusted library allocation
|
page read and write
|
||
|
121D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C98000
|
trusted library allocation
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
69B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
672A000
|
trusted library allocation
|
page read and write
|
||
|
2C70000
|
trusted library allocation
|
page execute and read and write
|
||
|
F1C000
|
stack
|
page read and write
|
||
|
4F00000
|
trusted library allocation
|
page read and write
|
||
|
C3A000
|
heap
|
page read and write
|
||
|
E80000
|
trusted library allocation
|
page execute and read and write
|
||
|
314E000
|
unkown
|
page read and write
|
||
|
EF5000
|
heap
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
5550000
|
heap
|
page read and write
|
||
|
6F20000
|
trusted library allocation
|
page read and write
|
||
|
7F960000
|
trusted library allocation
|
page execute and read and write
|
||
|
1260000
|
trusted library allocation
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
3AA8000
|
trusted library allocation
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
65F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
B09E000
|
stack
|
page read and write
|
||
|
B90000
|
trusted library allocation
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
51C0000
|
trusted library allocation
|
page read and write
|
||
|
8A0000
|
unkown
|
page readonly
|
||
|
DB2000
|
trusted library allocation
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
69A4000
|
trusted library allocation
|
page read and write
|
||
|
4DA6000
|
trusted library allocation
|
page read and write
|
||
|
66D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ADF000
|
trusted library allocation
|
page read and write
|
||
|
7258000
|
heap
|
page read and write
|
||
|
443000
|
remote allocation
|
page execute and read and write
|
||
|
318F000
|
unkown
|
page read and write
|
||
|
2DAA000
|
trusted library allocation
|
page read and write
|
||
|
315F000
|
trusted library allocation
|
page read and write
|
||
|
E3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DC0000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
trusted library allocation
|
page read and write
|
||
|
4DAD000
|
trusted library allocation
|
page read and write
|
||
|
E04000
|
trusted library allocation
|
page read and write
|
||
|
B94000
|
trusted library allocation
|
page read and write
|
||
|
4F2D000
|
trusted library allocation
|
page read and write
|
||
|
627E000
|
stack
|
page read and write
|
||
|
B9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5EBD000
|
stack
|
page read and write
|
||
|
40BB000
|
trusted library allocation
|
page read and write
|
||
|
69F2000
|
trusted library allocation
|
page read and write
|
||
|
120E000
|
stack
|
page read and write
|
||
|
4E9E000
|
stack
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
3D0D000
|
trusted library allocation
|
page read and write
|
||
|
4FF0000
|
trusted library allocation
|
page read and write
|
||
|
725C000
|
heap
|
page read and write
|
||
|
B66E000
|
stack
|
page read and write
|
||
|
2ED2000
|
trusted library allocation
|
page read and write
|
||
|
316E000
|
trusted library allocation
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
54A0000
|
heap
|
page read and write
|
||
|
3163000
|
trusted library allocation
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
2F13000
|
trusted library allocation
|
page read and write
|
||
|
3EA4000
|
trusted library allocation
|
page read and write
|
||
|
2E28000
|
trusted library allocation
|
page read and write
|
||
|
2ED0000
|
trusted library allocation
|
page read and write
|
||
|
E3E000
|
stack
|
page read and write
|
||
|
C8E000
|
stack
|
page read and write
|
||
|
66CE000
|
stack
|
page read and write
|
||
|
3C9A000
|
trusted library allocation
|
page read and write
|
||
|
6100000
|
heap
|
page read and write
|
||
|
413C000
|
trusted library allocation
|
page read and write
|
||
|
6DAE000
|
stack
|
page read and write
|
||
|
3ACE000
|
trusted library allocation
|
page read and write
|
||
|
3DA6000
|
trusted library allocation
|
page read and write
|
||
|
2D9A000
|
trusted library allocation
|
page read and write
|
||
|
3B28000
|
trusted library allocation
|
page read and write
|
||
|
69F5000
|
trusted library allocation
|
page read and write
|
||
|
E62000
|
trusted library allocation
|
page read and write
|
||
|
3AAF000
|
trusted library allocation
|
page read and write
|
||
|
E03000
|
trusted library allocation
|
page execute and read and write
|
||
|
322F000
|
stack
|
page read and write
|
||
|
1230000
|
trusted library allocation
|
page read and write
|
||
|
3C28000
|
trusted library allocation
|
page read and write
|
||
|
F0A000
|
heap
|
page read and write
|
||
|
EC9000
|
heap
|
page read and write
|
||
|
2AD3000
|
trusted library allocation
|
page read and write
|
||
|
2F1B000
|
trusted library allocation
|
page read and write
|
||
|
6FBE000
|
stack
|
page read and write
|
||
|
2980000
|
trusted library allocation
|
page execute and read and write
|
||
|
5680000
|
trusted library allocation
|
page read and write
|
||
|
6854000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
trusted library allocation
|
page read and write
|
||
|
6D50000
|
trusted library allocation
|
page read and write
|
||
|
BA8000
|
heap
|
page read and write
|
||
|
63A0000
|
heap
|
page read and write
|
||
|
408E000
|
trusted library allocation
|
page read and write
|
||
|
DC2000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
trusted library allocation
|
page read and write
|
||
|
B31C000
|
stack
|
page read and write
|
||
|
C8A000
|
stack
|
page read and write
|
||
|
E32000
|
trusted library allocation
|
page read and write
|
||
|
E7C000
|
stack
|
page read and write
|
||
|
3F01000
|
trusted library allocation
|
page read and write
|
||
|
3FFD000
|
trusted library allocation
|
page read and write
|
||
|
53AE000
|
stack
|
page read and write
|
||
|
7240000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
71BE000
|
stack
|
page read and write
|
||
|
1052000
|
heap
|
page read and write
|
||
|
E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
3035000
|
trusted library allocation
|
page read and write
|
||
|
4F21000
|
trusted library allocation
|
page read and write
|
||
|
ED5000
|
heap
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
E5A000
|
trusted library allocation
|
page execute and read and write
|
||
|
70BE000
|
stack
|
page read and write
|
||
|
3C63000
|
trusted library allocation
|
page read and write
|
||
|
8D90000
|
trusted library allocation
|
page read and write
|
||
|
448000
|
remote allocation
|
page execute and read and write
|
||
|
9E7000
|
stack
|
page read and write
|
||
|
123B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5560000
|
heap
|
page read and write
|
||
|
DDE000
|
stack
|
page read and write
|
||
|
2DCA000
|
stack
|
page read and write
|
||
|
B40000
|
trusted library allocation
|
page execute and read and write
|
||
|
B8AE000
|
stack
|
page read and write
|
||
|
2B03000
|
trusted library allocation
|
page read and write
|
||
|
5720000
|
heap
|
page read and write
|
||
|
69F0000
|
trusted library allocation
|
page read and write
|
||
|
3147000
|
trusted library allocation
|
page read and write
|
||
|
5131000
|
trusted library allocation
|
page read and write
|
||
|
F62000
|
heap
|
page read and write
|
||
|
51C2000
|
trusted library allocation
|
page read and write
|
||
|
3350000
|
heap
|
page read and write
|
||
|
68E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5270000
|
heap
|
page read and write
|
||
|
12DE000
|
stack
|
page read and write
|
||
|
2960000
|
heap
|
page read and write
|
||
|
2ECC000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
trusted library allocation
|
page read and write
|
||
|
2C90000
|
trusted library allocation
|
page read and write
|
||
|
41C4000
|
trusted library allocation
|
page read and write
|
||
|
623E000
|
stack
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page read and write
|
||
|
3B7D000
|
trusted library allocation
|
page read and write
|
||
|
6840000
|
trusted library allocation
|
page read and write
|
||
|
524F000
|
trusted library section
|
page readonly
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
65E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
40C6000
|
trusted library allocation
|
page read and write
|
||
|
2D2E000
|
trusted library allocation
|
page read and write
|
||
|
51E0000
|
trusted library allocation
|
page read and write
|
||
|
6667000
|
trusted library allocation
|
page read and write
|
||
|
53CA000
|
trusted library allocation
|
page read and write
|
||
|
B05E000
|
stack
|
page read and write
|
||
|
3B51000
|
trusted library allocation
|
page read and write
|
||
|
67CE000
|
stack
|
page read and write
|
||
|
5250000
|
heap
|
page read and write
|
||
|
441000
|
remote allocation
|
page execute and read and write
|
||
|
3F53000
|
trusted library allocation
|
page read and write
|
||
|
5A7E000
|
stack
|
page read and write
|
||
|
3C26000
|
trusted library allocation
|
page read and write
|
||
|
3A51000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
87A000
|
stack
|
page read and write
|
||
|
2FAF000
|
trusted library allocation
|
page read and write
|
||
|
2CE7000
|
trusted library allocation
|
page read and write
|
||
|
F80000
|
trusted library allocation
|
page execute and read and write
|
||
|
101E000
|
heap
|
page read and write
|
||
|
5170000
|
trusted library allocation
|
page read and write
|
||
|
3E6E000
|
trusted library allocation
|
page read and write
|
||
|
41D7000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
2878000
|
trusted library allocation
|
page read and write
|
||
|
1003000
|
trusted library allocation
|
page execute and read and write
|
||
|
78DC000
|
heap
|
page read and write
|
||
|
68A0000
|
trusted library allocation
|
page read and write
|
||
|
721D000
|
stack
|
page read and write
|
||
|
2D20000
|
heap
|
page execute and read and write
|
||
|
2AE3000
|
trusted library allocation
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
28C8000
|
trusted library allocation
|
page read and write
|
||
|
EA8000
|
heap
|
page read and write
|
||
|
54AD000
|
stack
|
page read and write
|
||
|
6710000
|
trusted library allocation
|
page read and write
|
||
|
3E8E000
|
trusted library allocation
|
page read and write
|
||
|
2D80000
|
trusted library allocation
|
page read and write
|
||
|
BD6000
|
heap
|
page read and write
|
||
|
110B000
|
stack
|
page read and write
|
||
|
442000
|
remote allocation
|
page execute and read and write
|
||
|
51F4000
|
trusted library allocation
|
page read and write
|
||
|
2FA6000
|
trusted library allocation
|
page read and write
|
||
|
53C6000
|
trusted library allocation
|
page read and write
|
||
|
6E4E000
|
stack
|
page read and write
|
||
|
2CA0000
|
trusted library allocation
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
B93000
|
trusted library allocation
|
page execute and read and write
|
||
|
B37000
|
stack
|
page read and write
|
||
|
1226000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F0D000
|
trusted library allocation
|
page read and write
|
||
|
2C9E000
|
stack
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page read and write
|
||
|
307F000
|
stack
|
page read and write
|
||
|
E00000
|
trusted library allocation
|
page read and write
|
||
|
6880000
|
trusted library allocation
|
page read and write
|
||
|
50CD000
|
stack
|
page read and write
|
||
|
6870000
|
trusted library allocation
|
page execute and read and write
|
||
|
7902000
|
heap
|
page read and write
|
||
|
B5FE000
|
stack
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
8DB0000
|
trusted library allocation
|
page read and write
|
||
|
2CE4000
|
trusted library allocation
|
page read and write
|
||
|
532E000
|
stack
|
page read and write
|
||
|
5060000
|
heap
|
page read and write
|
||
|
EE0000
|
trusted library allocation
|
page read and write
|
||
|
6C40000
|
heap
|
page read and write
|
||
|
5555000
|
heap
|
page read and write
|
||
|
3DB9000
|
trusted library allocation
|
page read and write
|
||
|
7260000
|
trusted library section
|
page read and write
|
||
|
6350000
|
heap
|
page read and write
|
||
|
CF5000
|
heap
|
page read and write
|
||
|
69C6000
|
trusted library allocation
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
50D0000
|
heap
|
page read and write
|
||
|
3E19000
|
trusted library allocation
|
page read and write
|
||
|
5136000
|
trusted library allocation
|
page read and write
|
||
|
CD5000
|
heap
|
page read and write
|
||
|
2CA4000
|
trusted library allocation
|
page read and write
|
||
|
2AB0000
|
trusted library allocation
|
page read and write
|
||
|
4F60000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
2AB1000
|
trusted library allocation
|
page read and write
|
||
|
3138000
|
trusted library allocation
|
page read and write
|
||
|
D9D000
|
stack
|
page read and write
|
||
|
3172000
|
trusted library allocation
|
page read and write
|
||
|
430000
|
remote allocation
|
page execute and read and write
|
||
|
3153000
|
trusted library allocation
|
page read and write
|
||
|
B19E000
|
stack
|
page read and write
|
||
|
100D000
|
trusted library allocation
|
page execute and read and write
|
||
|
51D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4201000
|
trusted library allocation
|
page read and write
|
||
|
5260000
|
heap
|
page read and write
|
||
|
309A000
|
heap
|
page read and write
|
||
|
B45E000
|
stack
|
page read and write
|
||
|
C3D000
|
heap
|
page read and write
|
||
|
2A99000
|
trusted library allocation
|
page read and write
|
||
|
E3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1098000
|
heap
|
page read and write
|
||
|
5150000
|
trusted library allocation
|
page read and write
|
||
|
1044000
|
heap
|
page read and write
|
||
|
B30000
|
trusted library allocation
|
page read and write
|
||
|
8D8F000
|
stack
|
page read and write
|
||
|
10B8000
|
heap
|
page read and write
|
||
|
62BD000
|
stack
|
page read and write
|
||
|
2A9E000
|
trusted library allocation
|
page read and write
|
||
|
DAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
634E000
|
stack
|
page read and write
|
||
|
2AEB000
|
trusted library allocation
|
page read and write
|
||
|
8DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
11DE000
|
stack
|
page read and write
|
||
|
50A0000
|
heap
|
page execute and read and write
|
||
|
3AB9000
|
trusted library allocation
|
page read and write
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
5FFE000
|
stack
|
page read and write
|
||
|
2DE7000
|
trusted library allocation
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
303F000
|
trusted library allocation
|
page read and write
|
||
|
54B0000
|
heap
|
page read and write
|
||
|
650C000
|
stack
|
page read and write
|
||
|
56BE000
|
stack
|
page read and write
|
||
|
6EE0000
|
trusted library allocation
|
page read and write
|
||
|
400C000
|
trusted library allocation
|
page read and write
|
||
|
122A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D59000
|
trusted library allocation
|
page read and write
|
||
|
56FE000
|
stack
|
page read and write
|
||
|
50A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AF3000
|
trusted library allocation
|
page read and write
|
||
|
55BE000
|
stack
|
page read and write
|
||
|
658D000
|
trusted library allocation
|
page read and write
|
||
|
3D35000
|
trusted library allocation
|
page read and write
|
||
|
31EE000
|
stack
|
page read and write
|
||
|
2FE2000
|
trusted library allocation
|
page read and write
|
||
|
E40000
|
trusted library allocation
|
page read and write
|
||
|
CCE000
|
stack
|
page read and write
|
||
|
2860000
|
heap
|
page read and write
|
||
|
52F0000
|
heap
|
page read and write
|
||
|
445000
|
remote allocation
|
page execute and read and write
|
||
|
40A7000
|
trusted library allocation
|
page read and write
|
||
|
1237000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C66000
|
trusted library allocation
|
page read and write
|
||
|
10AE000
|
heap
|
page read and write
|
||
|
B76E000
|
stack
|
page read and write
|
||
|
B4FE000
|
stack
|
page read and write
|
||
|
FFF000
|
stack
|
page read and write
|
||
|
446000
|
remote allocation
|
page execute and read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
1180000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D60000
|
trusted library allocation
|
page read and write
|
||
|
6586000
|
trusted library allocation
|
page read and write
|
||
|
3030000
|
trusted library allocation
|
page read and write
|
||
|
3DAD000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
2A10000
|
trusted library allocation
|
page read and write
|
||
|
E9E000
|
stack
|
page read and write
|
||
|
3AC9000
|
trusted library allocation
|
page read and write
|
||
|
68C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
E34000
|
trusted library allocation
|
page read and write
|
||
|
B1DE000
|
stack
|
page read and write
|
||
|
E37000
|
trusted library allocation
|
page execute and read and write
|
||
|
620E000
|
stack
|
page read and write
|
||
|
6175000
|
heap
|
page read and write
|
||
|
3370000
|
heap
|
page read and write
|
||
|
2F80000
|
trusted library allocation
|
page read and write
|
||
|
63BD000
|
stack
|
page read and write
|
||
|
3D51000
|
trusted library allocation
|
page read and write
|
||
|
EAE000
|
stack
|
page read and write
|
||
|
5740000
|
heap
|
page read and write
|
||
|
4D80000
|
trusted library allocation
|
page read and write
|
||
|
AD7F000
|
stack
|
page read and write
|
||
|
3C38000
|
trusted library allocation
|
page read and write
|
||
|
2D8D000
|
stack
|
page read and write
|
||
|
51B0000
|
heap
|
page read and write
|
||
|
3BDE000
|
trusted library allocation
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
8A2000
|
unkown
|
page readonly
|
||
|
50D3000
|
heap
|
page read and write
|
||
|
E2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5510000
|
heap
|
page execute and read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
977000
|
stack
|
page read and write
|
||
|
B2DE000
|
stack
|
page read and write
|
||
|
64CF000
|
stack
|
page read and write
|
||
|
648E000
|
stack
|
page read and write
|
||
|
B7AE000
|
stack
|
page read and write
|
||
|
1000000
|
trusted library allocation
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
4F60000
|
heap
|
page read and write
|
||
|
2A8F000
|
trusted library allocation
|
page read and write
|
||
|
6ADD000
|
stack
|
page read and write
|
||
|
5760000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
63C2000
|
heap
|
page read and write
|
||
|
C62000
|
heap
|
page read and write
|
||
|
E6B000
|
trusted library allocation
|
page execute and read and write
|
||
|
B20000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
trusted library allocation
|
page read and write
|
||
|
402E000
|
trusted library allocation
|
page read and write
|
||
|
3CD1000
|
trusted library allocation
|
page read and write
|
||
|
4043000
|
trusted library allocation
|
page read and write
|
||
|
13BB000
|
stack
|
page read and write
|
||
|
78C8000
|
heap
|
page read and write
|
||
|
657D000
|
stack
|
page read and write
|
||
|
2DDB000
|
trusted library allocation
|
page read and write
|
||
|
511B000
|
trusted library allocation
|
page read and write
|
||
|
E97000
|
heap
|
page read and write
|
||
|
666B000
|
trusted library allocation
|
page read and write
|
||
|
10A0000
|
trusted library allocation
|
page read and write
|
||
|
E6D000
|
stack
|
page read and write
|
||
|
3D1C000
|
trusted library allocation
|
page read and write
|
||
|
6F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
3AC5000
|
trusted library allocation
|
page read and write
|
||
|
3AC0000
|
trusted library allocation
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
8EB000
|
stack
|
page read and write
|
||
|
3B3E000
|
trusted library allocation
|
page read and write
|
||
|
40E3000
|
trusted library allocation
|
page read and write
|
||
|
12E8000
|
trusted library allocation
|
page read and write
|
||
|
B10000
|
trusted library allocation
|
page read and write
|
||
|
3D75000
|
trusted library allocation
|
page read and write
|
||
|
E4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5FBD000
|
stack
|
page read and write
|
||
|
E8F000
|
heap
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
DCB000
|
trusted library allocation
|
page execute and read and write
|
||
|
729A000
|
heap
|
page read and write
|
||
|
3CF6000
|
trusted library allocation
|
page read and write
|
||
|
3AB6000
|
trusted library allocation
|
page read and write
|
||
|
3AD4000
|
trusted library allocation
|
page read and write
|
||
|
E52000
|
trusted library allocation
|
page read and write
|
||
|
4DA1000
|
trusted library allocation
|
page read and write
|
||
|
6588000
|
trusted library allocation
|
page read and write
|
||
|
6590000
|
trusted library allocation
|
page execute and read and write
|
||
|
6715000
|
trusted library allocation
|
page read and write
|
||
|
2FA9000
|
trusted library allocation
|
page read and write
|
||
|
283E000
|
stack
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
5730000
|
heap
|
page read and write
|
||
|
3440000
|
heap
|
page read and write
|
||
|
3143000
|
trusted library allocation
|
page read and write
|
||
|
AC7E000
|
stack
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
3B9D000
|
trusted library allocation
|
page read and write
|
||
|
A3A000
|
stack
|
page read and write
|
||
|
2DE3000
|
trusted library allocation
|
page read and write
|
||
|
2EB2000
|
trusted library allocation
|
page read and write
|
||
|
3A63000
|
trusted library allocation
|
page read and write
|
||
|
54C0000
|
trusted library allocation
|
page read and write
|
||
|
660D000
|
stack
|
page read and write
|
||
|
5B7F000
|
stack
|
page read and write
|
||
|
E10000
|
trusted library allocation
|
page read and write
|
||
|
10D4000
|
heap
|
page read and write
|
||
|
6F7E000
|
stack
|
page read and write
|
||
|
3ABC000
|
trusted library allocation
|
page read and write
|
||
|
440000
|
remote allocation
|
page execute and read and write
|
||
|
5370000
|
heap
|
page execute and read and write
|
||
|
3038000
|
trusted library allocation
|
page read and write
|
||
|
3157000
|
trusted library allocation
|
page read and write
|
||
|
BB2C000
|
stack
|
page read and write
|
||
|
DE0000
|
trusted library allocation
|
page read and write
|
||
|
1290000
|
heap
|
page read and write
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
E26000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CD5000
|
trusted library allocation
|
page read and write
|
||
|
3AFF000
|
trusted library allocation
|
page read and write
|
||
|
3176000
|
trusted library allocation
|
page read and write
|
||
|
2DEB000
|
trusted library allocation
|
page read and write
|
||
|
AE30000
|
heap
|
page read and write
|
||
|
1004000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
trusted library allocation
|
page read and write
|
||
|
4F04000
|
trusted library allocation
|
page read and write
|
||
|
3E2F000
|
trusted library allocation
|
page read and write
|
||
|
301F000
|
trusted library allocation
|
page read and write
|
||
|
610E000
|
stack
|
page read and write
|
||
|
3CED000
|
trusted library allocation
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
CDE000
|
stack
|
page read and write
|
||
|
10A8000
|
trusted library allocation
|
page read and write
|
||
|
409A000
|
trusted library allocation
|
page read and write
|
||
|
4F40000
|
trusted library allocation
|
page read and write
|
||
|
EDC000
|
heap
|
page read and write
|
||
|
6856000
|
trusted library allocation
|
page read and write
|
||
|
6D40000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A69000
|
trusted library allocation
|
page read and write
|
||
|
526B000
|
stack
|
page read and write
|
||
|
411C000
|
trusted library allocation
|
page read and write
|
||
|
66C4000
|
trusted library allocation
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
707E000
|
stack
|
page read and write
|
||
|
4D8E000
|
trusted library allocation
|
page read and write
|
||
|
BA2B000
|
stack
|
page read and write
|
||
|
3E42000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
316A000
|
trusted library allocation
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
101A000
|
heap
|
page read and write
|
||
|
3B89000
|
trusted library allocation
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
624E000
|
stack
|
page read and write
|
||
|
BBE000
|
heap
|
page read and write
|
||
|
4FF2000
|
trusted library allocation
|
page read and write
|
||
|
3DC4000
|
trusted library allocation
|
page read and write
|
||
|
2DD7000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
trusted library allocation
|
page read and write
|
||
|
72B3000
|
heap
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
5C79000
|
stack
|
page read and write
|
||
|
313F000
|
trusted library allocation
|
page read and write
|
||
|
2DD3000
|
trusted library allocation
|
page read and write
|
||
|
4F32000
|
trusted library allocation
|
page read and write
|
||
|
9EA000
|
stack
|
page read and write
|
||
|
2CB5000
|
trusted library allocation
|
page read and write
|
||
|
2FAB000
|
trusted library allocation
|
page read and write
|
||
|
13C7000
|
heap
|
page read and write
|
||
|
68D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E0C000
|
trusted library allocation
|
page read and write
|
||
|
2DA2000
|
trusted library allocation
|
page read and write
|
||
|
4E13000
|
heap
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
4FD0000
|
heap
|
page execute and read and write
|
||
|
6EBE000
|
stack
|
page read and write
|
||
|
5273000
|
heap
|
page read and write
|
||
|
3D53000
|
trusted library allocation
|
page read and write
|
||
|
5410000
|
trusted library section
|
page readonly
|
||
|
F06000
|
heap
|
page read and write
|
||
|
DC7000
|
trusted library allocation
|
page execute and read and write
|
||
|
6860000
|
trusted library allocation
|
page read and write
|
||
|
3C67000
|
trusted library allocation
|
page read and write
|
||
|
5700000
|
trusted library section
|
page read and write
|
||
|
60FE000
|
stack
|
page read and write
|
||
|
4BAC000
|
stack
|
page read and write
|
||
|
5570000
|
heap
|
page read and write
|
||
|
65A0000
|
trusted library allocation
|
page read and write
|
||
|
1222000
|
trusted library allocation
|
page read and write
|
||
|
523C000
|
stack
|
page read and write
|
||
|
E33000
|
trusted library allocation
|
page execute and read and write
|
||
|
EA4000
|
heap
|
page read and write
|
||
|
2F20000
|
trusted library allocation
|
page read and write
|
||
|
3D4B000
|
trusted library allocation
|
page read and write
|
||
|
7180000
|
trusted library allocation
|
page read and write
|
||
|
6580000
|
trusted library allocation
|
page read and write
|
||
|
686D000
|
trusted library allocation
|
page read and write
|
||
|
2E0E000
|
trusted library allocation
|
page read and write
|
||
|
AE20000
|
heap
|
page read and write
|
||
|
CF7000
|
stack
|
page read and write
|
||
|
6DEE000
|
heap
|
page read and write
|
||
|
B8EE000
|
stack
|
page read and write
|
||
|
E35000
|
trusted library allocation
|
page execute and read and write
|
||
|
6660000
|
trusted library allocation
|
page read and write
|
||
|
4F0B000
|
trusted library allocation
|
page read and write
|
||
|
7298000
|
heap
|
page read and write
|
||
|
EB2000
|
heap
|
page read and write
|
||
|
3AB1000
|
trusted library allocation
|
page read and write
|
||
|
6A00000
|
trusted library allocation
|
page read and write
|
||
|
315B000
|
trusted library allocation
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
7FDA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F26000
|
trusted library allocation
|
page read and write
|
||
|
2ADB000
|
trusted library allocation
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
C4D000
|
stack
|
page read and write
|
||
|
2DCF000
|
unkown
|
page read and write
|
||
|
DC5000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FE4000
|
trusted library allocation
|
page read and write
|
||
|
C8D000
|
stack
|
page read and write
|
||
|
4F1E000
|
trusted library allocation
|
page read and write
|
||
|
10CE000
|
stack
|
page read and write
|
||
|
4F70000
|
trusted library allocation
|
page read and write
|
||
|
B9EE000
|
stack
|
page read and write
|
||
|
4FE0000
|
heap
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
3D44000
|
trusted library allocation
|
page read and write
|
||
|
5200000
|
trusted library allocation
|
page execute and read and write
|
||
|
3DBC000
|
trusted library allocation
|
page read and write
|
||
|
2F15000
|
trusted library allocation
|
page read and write
|
||
|
106F000
|
stack
|
page read and write
|
||
|
2B0E000
|
trusted library allocation
|
page read and write
|
||
|
6C80000
|
heap
|
page read and write
|
||
|
78D8000
|
heap
|
page read and write
|
||
|
51F0000
|
trusted library allocation
|
page read and write
|
||
|
74E2000
|
trusted library allocation
|
page read and write
|
||
|
3167000
|
trusted library allocation
|
page read and write
|
||
|
2EE4000
|
trusted library allocation
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
6DE0000
|
heap
|
page read and write
|
||
|
109D000
|
stack
|
page read and write
|
||
|
4F44000
|
trusted library allocation
|
page read and write
|
||
|
337B000
|
heap
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
2FB4000
|
trusted library allocation
|
page read and write
|
||
|
2CE0000
|
trusted library allocation
|
page read and write
|
||
|
117C000
|
stack
|
page read and write
|
||
|
52EE000
|
stack
|
page read and write
|
There are 683 hidden memdumps, click here to show them.