Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
ProcoreExtractsSetup.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\Procore ExtractsService.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
 |
|
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\Procore ExtractsUninstaller.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\Procore ExtractsUpdater.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Bobcat.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Bobcat\Procore Technologies\Procore Extracts\{358817B7-2092-449A-B283-F61AA1499B65}\Installer.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Bobcat\Procore Technologies\Procore Extracts\{358817B7-2092-449A-B283-F61AA1499B65}\Service.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Bobcat\Procore Technologies\Procore Extracts\{358817B7-2092-449A-B283-F61AA1499B65}\Uninstaller.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Bobcat\Procore Technologies\Procore Extracts\{358817B7-2092-449A-B283-F61AA1499B65}\Updater.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\CONFIG
|
JSON data
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\AWSSDK.Core.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\AWSSDK.Core.pdb
|
Microsoft Roslyn C# debugging symbols version 1.0
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\AWSSDK.S3.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\AWSSDK.S3.pdb
|
Microsoft Roslyn C# debugging symbols version 1.0
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Bugsnag.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\CommandLine.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Humanizer.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Images\empty_state_company_project.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\LaunchDarkly.ClientSdk.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\LaunchDarkly.CommonSdk.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\LaunchDarkly.EventSource.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\LaunchDarkly.InternalSdk.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\LaunchDarkly.Logging.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.Bcl.AsyncInterfaces.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.Bcl.TimeProvider.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.Data.Sqlite.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.DotNet.PlatformAbstractions.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.EntityFrameworkCore.Abstractions.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.EntityFrameworkCore.Design.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.EntityFrameworkCore.Relational.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.EntityFrameworkCore.Sqlite.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.EntityFrameworkCore.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.Expression.Interactions.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.Extensions.Caching.Abstractions.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.Extensions.Caching.Memory.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.Extensions.Configuration.Abstractions.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.Extensions.Configuration.Binder.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.Extensions.Configuration.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.Extensions.DependencyInjection.Abstractions.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.Extensions.DependencyInjection.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.Extensions.DependencyModel.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.Extensions.Logging.Abstractions.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.Extensions.Logging.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.Extensions.Options.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.Extensions.Primitives.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.Web.WebView2.Core.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.Web.WebView2.WinForms.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Microsoft.Web.WebView2.Wpf.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Newtonsoft.Json.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Nito.AsyncEx.Context.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Nito.AsyncEx.Coordination.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Nito.AsyncEx.Interop.WaitHandles.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Nito.AsyncEx.Oop.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Nito.AsyncEx.Tasks.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Nito.Cancellation.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Nito.Collections.Deque.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Nito.Disposables.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Nito.Mvvm.Async.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Nito.Mvvm.Core.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Polly.Core.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Polly.Core.pdb
|
Microsoft Roslyn C# debugging symbols version 1.0
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Polly.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Polly.pdb
|
Microsoft Roslyn C# debugging symbols version 1.0
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Procore.Api.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Procore.Api.pdb
|
Microsoft Roslyn C# debugging symbols version 1.0
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Procore.DB.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Procore.DB.dll.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Procore.DB.pdb
|
Microsoft Roslyn C# debugging symbols version 1.0
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Procore.Ditto.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Procore.Ditto.exe.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Procore.Ditto.pdb
|
MSVC program database ver 7.00, 512*1427 bytes
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Remotion.Linq.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\SQLitePCLRaw.batteries_green.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\SQLitePCLRaw.batteries_v2.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\SQLitePCLRaw.core.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\SQLitePCLRaw.provider.e_sqlite3.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Serilog.Sinks.File.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Serilog.Sinks.File.pdb
|
Microsoft Roslyn C# debugging symbols version 1.0
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Serilog.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\SharpVectors.Converters.Wpf.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\SharpVectors.Core.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\SharpVectors.Css.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\SharpVectors.Dom.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\SharpVectors.Model.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\SharpVectors.Rendering.Gdi.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\SharpVectors.Rendering.Wpf.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\SharpVectors.Runtime.Wpf.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\SimpleInjector.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Buffers.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Collections.Immutable.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.ComponentModel.Annotations.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Data.Common.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Diagnostics.DiagnosticSource.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Diagnostics.StackTrace.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Diagnostics.Tracing.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Globalization.Extensions.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.IO.Compression.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Interactive.Async.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Memory.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Net.Http.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Net.Sockets.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Numerics.Vectors.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Reactive.Linq.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Reactive.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Runtime.CompilerServices.Unsafe.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Runtime.Serialization.Primitives.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Security.Cryptography.Algorithms.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Security.SecureString.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Text.Encodings.Web.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Text.Json.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Threading.Overlapped.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Threading.Tasks.Extensions.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.ValueTuple.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Windows.Interactivity.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\System.Xml.XPath.XDocument.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\af\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\ar\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\az\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\bg\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\bn-BD\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\cs\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\da\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\de-DE\Procore.Ditto.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\de\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\el\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\en-AU\Procore.Ditto.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\en-CA\Procore.Ditto.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\en-GB\Procore.Ditto.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\en-US\Procore.Ditto.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\es-ES\Procore.Ditto.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\es-MX\Procore.Ditto.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\es\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\fa\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\fi-FI\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\fr-BE\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\fr-CA\Procore.Ditto.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\fr-FR\Procore.Ditto.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\fr\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\he\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\hr\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\hu\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\hy\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\icon.ico
|
MS Windows icon resource - 8 icons, -128x-128, 32 bits/pixel, 16x16, 32 bits/pixel
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\id\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\is-IS\Procore.Ditto.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\is\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\it-IT\Procore.Ditto.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\it\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\ja-JP\Procore.Ditto.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\ja\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\ko-KR\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\ko-KR\Procore.Ditto.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\ku\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\lv\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\ms-MY\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\mt\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\nb-NO\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\nb\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\nl\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\pl\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\pt-BR\Procore.Ditto.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\pt\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\release-notes.json
|
JSON data
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\ro\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\ru\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\runtimes\win-arm64\native\WebView2Loader.dll
|
PE32+ executable (DLL) (console) Aarch64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\runtimes\win-x64\native\WebView2Loader.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\runtimes\win-x86\native\WebView2Loader.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\sk\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\sl\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\sr-Latn\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\sr\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\sv\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\th-TH\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\th-TH\Procore.Ditto.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\tr\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\uk\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\uz-Cyrl-UZ\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\uz-Latn-UZ\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\vi\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\x64\e_sqlite3.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\x86\e_sqlite3.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\zh-CN\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\zh-Hans\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\zh-Hant\Humanizer.resources.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\logs\bobcat.log.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\packages\Procore.Ditto.1.3.1.full.nupkg
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x7bf328c8, page size 16384, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
COM executable for DOS
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Procore.Ditto.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Procore ExtractsService.exe.log
|
CSV text
|
modified
|
||
|
C:\Users\user\AppData\Local\Procore Technologies\Procore Extracts\logs\ProcoreExtracts-20241008.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Bobcat\Procore Technologies\Procore Extracts\bobcat.log.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Bobcat\Procore Technologies\Procore Extracts\{358817B7-2092-449A-B283-F61AA1499B65}\CONFIG
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Bobcat\Procore Technologies\Procore Extracts\{358817B7-2092-449A-B283-F61AA1499B65}\Procore.Ditto.1.3.1.full.nupkg
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Bobcat\Procore Technologies\Procore Extracts\{358817B7-2092-449A-B283-F61AA1499B65}\procore_ditto_installation.gif
|
GIF image data, version 89a, 500 x 500
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
||
|
C:\Windows\Temp\bobcat\Procore Technologies\Procore Extracts\bobcat.log.txt
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF, LF line terminators
|
dropped
|
There are 191 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\AppData\Local\Temp\Bobcat\Procore Technologies\Procore Extracts\{358817B7-2092-449A-B283-F61AA1499B65}\Installer.exe
|
"C:\Users\user\AppData\Local\Temp\Bobcat\Procore Technologies\Procore Extracts\{358817B7-2092-449A-B283-F61AA1499B65}\Installer.exe"
|
|
|
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\Procore ExtractsService.exe
|
"C:\Program Files (x86)\Procore Technologies\Procore Extracts\Procore ExtractsService.exe" install
|
|
|
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\Procore ExtractsService.exe
|
"C:\Program Files (x86)\Procore Technologies\Procore Extracts\Procore ExtractsService.exe" start
|
|
|
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\Procore ExtractsService.exe
|
"C:\Program Files (x86)\Procore Technologies\Procore Extracts\Procore ExtractsService.exe" -displayname "Procore Extracts
Updater Service" -servicename "ProcoreExtractsUpdaterSvc"
|
|
|
|
C:\Users\user\Desktop\ProcoreExtractsSetup.exe
|
"C:\Users\user\Desktop\ProcoreExtractsSetup.exe"
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Procore.Ditto.exe
|
"C:\Program Files (x86)\Procore Technologies\Procore Extracts\app-1.3.1\Procore.Ditto.exe" install
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://github.com/launchdarkly/dotnet-eventsource
|
unknown
|
||
|
https://simpleinjector.org/asmld
|
unknown
|
||
|
https://github.com/serilog/serilog-sinks-file
|
unknown
|
||
|
https://simpleinjector.org/diasc3
|
unknown
|
||
|
https://raw.githubusercontent.com/App-vNext/Polly/a2559b1ab7bf9c1e12c71183ce2dfa937bc9c7a6/
|
unknown
|
||
|
http://s3.amazonaws.com/doc/2006-03-01/
|
unknown
|
||
|
https://github.com/StephenCleary/AsyncEx
|
unknown
|
||
|
https://github.com/dotnet/core-setup/tree/caa7b7e2bad98e56a687fb5cbaf60825500800f7
|
unknown
|
||
|
https://github.com/aspnet/EntityFrameworkCore/tree/01da710cdeff0431fc60379580aa63f335fbc165
|
unknown
|
||
|
http://169.254.170.2aUnable
|
unknown
|
||
|
https://github.com/App-vNext/Polly0
|
unknown
|
||
|
http://www.ietf.org/rfc/rfc2045.txt
|
unknown
|
||
|
https://github.com/bugsnag/bugsnag-net
|
unknown
|
||
|
http://sqlite.org/rescode.html
|
unknown
|
||
|
https://github.com/dotnet/reactive0
|
unknown
|
||
|
https://procore-ditto.s3.amazonaws.com/RELEASES
|
unknown
|
||
|
https://clientstream.launchdarkly.comEhttps://clientsdk.launchdarkly.com?https://mobile.launchdarkly
|
unknown
|
||
|
https://raw.githubusercontent.com/aws/aws-sdk-net/4166a61afde54a8bbe723fbb936afa39716f97a0/
|
unknown
|
||
|
https://s3.dualstack.
|
unknown
|
||
|
http://sharpvectors.codeplex.com/svgc/
|
unknown
|
||
|
http://sharpvectors.codeplex.com/runtime/
|
unknown
|
||
|
https://github.com/launchdarkly/dotnet-sdk-internal
|
unknown
|
||
|
https://ip-ranges.amazonaws.com/ip-ranges.json
|
unknown
|
||
|
https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json
|
unknown
|
||
|
https://github.com/serilog/serilog-sinks-fileC
|
unknown
|
||
|
http://docs.aws.amazon.com/sdk-for-net/v3/developer-guide/net-dg-config-creds.html
|
unknown
|
||
|
https://raw.githubusercontent.com/procore/Procore.NET/3394502880c4bcecca16039ac5fa16a9992342c7/
|
unknown
|
||
|
https://s3-fips.dualstack.
|
unknown
|
||
|
https://github.com/dotnet/corefx/tree/7601f4f6225089ffb291dc7d58293c7bbf5c5d4f
|
unknown
|
||
|
https://github.com/dotnet/reactivey
|
unknown
|
||
|
https://github.com/launchdarkly/dotnet-sdk-common
|
unknown
|
||
|
https://github.com/StephenCleary/Deque2
|
unknown
|
||
|
http://www.rfc-editor.org/rfc/bcp/bcp47.txt
|
unknown
|
||
|
https://simpleinjector.org/depr3.%
|
unknown
|
||
|
https://simpleinjector.org/depr3.-
|
unknown
|
||
|
https://www.newtonsoft.com/jsonschema
|
unknown
|
||
|
https://simpleinjector.org/ovrrd.;Container.Collection.Register#Container.Options9AllowOverridingReg
|
unknown
|
||
|
http://www.xmlspy.com)
|
unknown
|
||
|
https://raw.githubusercontent.com/procore/ditto/d46178350f469016b7d8342b9e0a0683eeca7004/
|
unknown
|
||
|
https://ecrion-test.procoretech.com/pdf/create
|
unknown
|
||
|
https://github.com/dotnet/core-setup/tree/caa7b7e2bad98e56a687fb5cbaf60825500800f78
|
unknown
|
||
|
http://html4/loose.dtd
|
unknown
|
||
|
https://simpleinjector.org/diagnostics
|
unknown
|
||
|
https://github.com/aspnet/Extensions/tree/9bc79b2f25a3724376d7af19617c33749a30ea3a
|
unknown
|
||
|
https://www.procore.com/legal/terms-of-service
|
unknown
|
||
|
https://github.com/aspnet/EntityFrameworkCore
|
unknown
|
||
|
https://github.com/dotnet/corefx/tree/7601f4f6225089ffb291dc7d58293c7bbf5c5d4f8
|
unknown
|
||
|
https://s3-fips.dualstack.us-east-1.
|
unknown
|
||
|
https://github.com/dotnet/runtime8
|
unknown
|
||
|
https://simpleinjector.org/diasc
|
unknown
|
||
|
http://169.254.170.2
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
https://github.com/Humanizr/Humanizer
|
unknown
|
||
|
https://simpleinjector.org/coll1.
|
unknown
|
||
|
https://www.nuget.org/packages/Amazon.Extensions.S3.Encryption
|
unknown
|
||
|
https://ecrion.procoretech.com/pdf/create
|
unknown
|
||
|
https://simpleinjector.org/ovrrd.
|
unknown
|
||
|
https://github.com/Humanizr/Humanizer2
|
unknown
|
||
|
https://www.newtonsoft.com/json
|
unknown
|
||
|
https://github.com/launchdarkly/dotnet-sdk-internalR
|
unknown
|
||
|
http://.css
|
unknown
|
||
|
https://github.com/dotnet/corefx/tree/30ab651fcb4354552bd4891619a0bdd81e0ebdbf
|
unknown
|
||
|
https://simpleinjector.org/diasr
|
unknown
|
||
|
https://www.procore.com/legal/privacy
|
unknown
|
||
|
https://github.com/dotnet/runtime
|
unknown
|
||
|
https://sketchapp.com
|
unknown
|
||
|
https://simpleinjector.org/diaut8
|
unknown
|
||
|
https://aka.ms/dotnet-warnings/
|
unknown
|
||
|
https://simpleinjector.org/diaal
|
unknown
|
||
|
https://aka.ms/binaryformatter
|
unknown
|
||
|
https://github.com/StephenCleary/Deque
|
unknown
|
||
|
https://github.com/App-vNext/Polly
|
unknown
|
||
|
https://github.com/dotnet/runtimeH
|
unknown
|
||
|
https://www.launchdarkly.com/0
|
unknown
|
||
|
https://notify.bugsnag.com9https://sessions.bugsnag.com
|
unknown
|
||
|
http://.jpg
|
unknown
|
||
|
https://github.com/serilog/serilog/pull/819.
|
unknown
|
||
|
https://github.com/StephenCleary/AsyncEx5
|
unknown
|
||
|
https://github.com/dotnet/reactive
|
unknown
|
||
|
https://github.com/JamesNK/Newtonsoft.Json
|
unknown
|
||
|
https://s3-fips.us-east-1.
|
unknown
|
||
|
http://www.ietf.org/rfc/rfc3066.txt
|
unknown
|
||
|
https://s3.dualstack.us-east-1.
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
http://www.iana.org/assignments/language-subtag-registry
|
unknown
|
||
|
https://simpleinjector.org/diadt
|
unknown
|
||
|
https://github.com/aspnet/EntityFrameworkCore.
|
unknown
|
||
|
https://github.com/StephenCleary/Mvvm
|
unknown
|
||
|
https://docs.aws.amazon.com/general/latest/gr/aws_sdk_cryptography.html
|
unknown
|
||
|
https://github.com/mono/linker/issues/1416.
|
unknown
|
||
|
https://simpleinjector.org/depr3.
|
unknown
|
||
|
https://github.com/StephenCleary/AsyncExG
|
unknown
|
||
|
https://github.com/StephenCleary/Disposables
|
unknown
|
||
|
https://simpleinjector.org/diadt:
|
unknown
|
||
|
https://simpleinjector.org/locked
|
unknown
|
||
|
https://simpleinjector.org/one-constructor
|
unknown
|
||
|
https://sessions.bugsnag.com/
|
35.190.88.7
|
||
|
https://github.com/dotnet/corefx/tree/30ab651fcb4354552bd4891619a0bdd81e0ebdbf8
|
unknown
|
||
|
https://simpleinjector.org/collections
|
unknown
|
||
|
https://simpleinjector.org/diaut
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
sessions.bugsnag.com
|
35.190.88.7
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
35.190.88.7
|
sessions.bugsnag.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Installer_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Installer_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Installer_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Installer_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Installer_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Installer_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Installer_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Installer_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Installer_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Installer_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Installer_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Installer_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Installer_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Installer_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Procore Technologies.Procore Extracts
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Procore Technologies.Procore Extracts
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Procore Technologies.Procore Extracts
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Procore Technologies.Procore Extracts
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Procore Technologies.Procore Extracts
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Procore Technologies.Procore Extracts
|
DisplayIcon
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Procore Technologies.Procore Extracts
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Procore Technologies.Procore Extracts
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Procore Technologies.Procore Extracts
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Procore Technologies.Procore Extracts
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Procore ExtractsService_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Procore ExtractsService_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Procore ExtractsService_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Procore ExtractsService_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Procore ExtractsService_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Procore ExtractsService_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Procore ExtractsService_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Procore ExtractsService_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Procore ExtractsService_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Procore ExtractsService_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Procore ExtractsService_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Procore ExtractsService_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Procore ExtractsService_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Procore ExtractsService_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ProcoreExtractsUpdaterSvc
|
ImagePath
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application
|
AutoBackupLogFiles
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\ProcoreExtractsUpdaterSvc
|
EventMessageFile
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Procore_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Procore_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Procore_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Procore_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Procore_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Procore_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Procore_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Procore_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Procore_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Procore_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Procore_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Procore_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Procore_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Procore_RASMANCS
|
FileDirectory
|
There are 47 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
84A0000
|
trusted library allocation
|
page read and write
|
||
|
1530000
|
trusted library allocation
|
page execute and read and write
|
||
|
E0F000
|
heap
|
page read and write
|
||
|
22CEA8A7000
|
heap
|
page read and write
|
||
|
DD0000
|
trusted library allocation
|
page read and write
|
||
|
1767000
|
trusted library allocation
|
page execute and read and write
|
||
|
29E4000
|
trusted library allocation
|
page read and write
|
||
|
FE5A000
|
trusted library allocation
|
page readonly
|
||
|
7FFD9B57C000
|
trusted library allocation
|
page execute and read and write
|
||
|
124E7000
|
trusted library allocation
|
page read and write
|
||
|
5E60000
|
trusted library allocation
|
page read and write
|
||
|
2DF0000
|
heap
|
page execute and read and write
|
||
|
22CEFEC5000
|
heap
|
page read and write
|
||
|
AAC000
|
trusted library allocation
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
1D05C2B0000
|
heap
|
page read and write
|
||
|
125DC000
|
trusted library allocation
|
page read and write
|
||
|
22CF00B0000
|
remote allocation
|
page read and write
|
||
|
1D05DCE0000
|
unkown
|
page readonly
|
||
|
106AC000
|
trusted library allocation
|
page readonly
|
||
|
24A8000
|
trusted library allocation
|
page read and write
|
||
|
1D05DCE6000
|
unkown
|
page readonly
|
||
|
22B99000
|
trusted library allocation
|
page read and write
|
||
|
1BD31000
|
trusted library allocation
|
page read and write
|
||
|
62FE000
|
stack
|
page read and write
|
||
|
8E0D4FE000
|
stack
|
page read and write
|
||
|
2988000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B76B000
|
trusted library allocation
|
page read and write
|
||
|
EA19000
|
heap
|
page read and write
|
||
|
64E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
510000
|
unkown
|
page readonly
|
||
|
C10000
|
trusted library allocation
|
page execute and read and write
|
||
|
22657000
|
trusted library allocation
|
page read and write
|
||
|
1720000
|
heap
|
page read and write
|
||
|
E8AA000
|
heap
|
page read and write
|
||
|
8608000
|
heap
|
page read and write
|
||
|
7FFD9B7D0000
|
trusted library allocation
|
page read and write
|
||
|
18F0000
|
heap
|
page read and write
|
||
|
556000
|
unkown
|
page readonly
|
||
|
53F0000
|
trusted library allocation
|
page read and write
|
||
|
EAAB000
|
heap
|
page read and write
|
||
|
6090000
|
trusted library allocation
|
page read and write
|
||
|
8E0DEFE000
|
stack
|
page read and write
|
||
|
85B1000
|
heap
|
page read and write
|
||
|
1D05C505000
|
heap
|
page read and write
|
||
|
1D076743000
|
heap
|
page read and write
|
||
|
954000
|
trusted library allocation
|
page read and write
|
||
|
2253D000
|
trusted library allocation
|
page read and write
|
||
|
609E000
|
stack
|
page read and write
|
||
|
1137000
|
trusted library allocation
|
page read and write
|
||
|
2526000
|
trusted library allocation
|
page read and write
|
||
|
2D19000
|
trusted library allocation
|
page read and write
|
||
|
164D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3061000
|
trusted library allocation
|
page read and write
|
||
|
22CEFD20000
|
trusted library allocation
|
page read and write
|
||
|
D8D9000
|
trusted library allocation
|
page read and write
|
||
|
58DF000
|
stack
|
page read and write
|
||
|
13B7000
|
heap
|
page read and write
|
||
|
5C9E000
|
stack
|
page read and write
|
||
|
8E0DAFF000
|
stack
|
page read and write
|
||
|
22CF1000000
|
heap
|
page read and write
|
||
|
2C1E000
|
trusted library allocation
|
page read and write
|
||
|
1D076665000
|
heap
|
page read and write
|
||
|
6750000
|
trusted library allocation
|
page read and write
|
||
|
11A8000
|
heap
|
page read and write
|
||
|
5E1D000
|
stack
|
page read and write
|
||
|
30C4000
|
trusted library allocation
|
page read and write
|
||
|
22CF0000000
|
trusted library allocation
|
page read and write
|
||
|
69AF000
|
stack
|
page read and write
|
||
|
EA57000
|
heap
|
page read and write
|
||
|
1A20000
|
heap
|
page read and write
|
||
|
5F7E000
|
stack
|
page read and write
|
||
|
1D076B90000
|
unkown
|
page readonly
|
||
|
5AE0000
|
heap
|
page read and write
|
||
|
F15000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D05DCB2000
|
unkown
|
page readonly
|
||
|
1C16C000
|
trusted library allocation
|
page read and write
|
||
|
7FF4327D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
DB55000
|
trusted library allocation
|
page read and write
|
||
|
4EE0000
|
trusted library allocation
|
page read and write
|
||
|
260E000
|
stack
|
page read and write
|
||
|
1769000
|
stack
|
page read and write
|
||
|
55A0000
|
trusted library allocation
|
page read and write
|
||
|
BB75000
|
trusted library allocation
|
page readonly
|
||
|
599D000
|
heap
|
page read and write
|
||
|
1D07667B000
|
heap
|
page read and write
|
||
|
EAFF000
|
heap
|
page read and write
|
||
|
62E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
F10000
|
trusted library allocation
|
page read and write
|
||
|
1D05C3D5000
|
heap
|
page read and write
|
||
|
1780000
|
trusted library allocation
|
page read and write
|
||
|
5E70000
|
trusted library allocation
|
page read and write
|
||
|
124AA000
|
trusted library allocation
|
page read and write
|
||
|
8E0CB8E000
|
stack
|
page read and write
|
||
|
5400000
|
trusted library allocation
|
page read and write
|
||
|
1D05DFB2000
|
trusted library allocation
|
page read and write
|
||
|
1278E000
|
trusted library allocation
|
page read and write
|
||
|
BD1B000
|
trusted library allocation
|
page readonly
|
||
|
4F40000
|
heap
|
page execute and read and write
|
||
|
192C000
|
heap
|
page read and write
|
||
|
EAB1000
|
heap
|
page read and write
|
||
|
9F8000
|
stack
|
page read and write
|
||
|
99A9000
|
heap
|
page read and write
|
||
|
11AB1000
|
heap
|
page read and write
|
||
|
22CF0040000
|
trusted library allocation
|
page read and write
|
||
|
549D000
|
stack
|
page read and write
|
||
|
E17000
|
heap
|
page read and write
|
||
|
22CF006F000
|
trusted library allocation
|
page read and write
|
||
|
11C9000
|
heap
|
page read and write
|
||
|
1750000
|
trusted library allocation
|
page read and write
|
||
|
E92D000
|
heap
|
page read and write
|
||
|
5FD0000
|
trusted library allocation
|
page read and write
|
||
|
4A20000
|
trusted library allocation
|
page execute and read and write
|
||
|
11A6A000
|
heap
|
page read and write
|
||
|
8E0D5FF000
|
stack
|
page read and write
|
||
|
47F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
191F000
|
heap
|
page read and write
|
||
|
22CEA82B000
|
heap
|
page read and write
|
||
|
F2AA000
|
trusted library allocation
|
page read and write
|
||
|
8537000
|
heap
|
page read and write
|
||
|
AB2000
|
trusted library allocation
|
page read and write
|
||
|
9BEE000
|
trusted library allocation
|
page readonly
|
||
|
59B7000
|
heap
|
page read and write
|
||
|
7FFD9B6F0000
|
trusted library allocation
|
page read and write
|
||
|
2E47000
|
trusted library allocation
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
60A0000
|
trusted library allocation
|
page read and write
|
||
|
129CE000
|
trusted library allocation
|
page read and write
|
||
|
1047E000
|
trusted library allocation
|
page readonly
|
||
|
1762000
|
trusted library allocation
|
page read and write
|
||
|
12539000
|
trusted library allocation
|
page read and write
|
||
|
22CEA8BA000
|
heap
|
page read and write
|
||
|
12657000
|
trusted library allocation
|
page read and write
|
||
|
1258A000
|
trusted library allocation
|
page read and write
|
||
|
5BDE000
|
stack
|
page read and write
|
||
|
1249000
|
heap
|
page read and write
|
||
|
22CEA89F000
|
heap
|
page read and write
|
||
|
5E7E000
|
stack
|
page read and write
|
||
|
989C000
|
trusted library allocation
|
page readonly
|
||
|
5B9F000
|
stack
|
page read and write
|
||
|
C67000
|
heap
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
139F000
|
stack
|
page read and write
|
||
|
119CE000
|
trusted library allocation
|
page readonly
|
||
|
5B60000
|
trusted library allocation
|
page execute and read and write
|
||
|
99D8000
|
heap
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
2EDD000
|
stack
|
page read and write
|
||
|
2B63000
|
trusted library allocation
|
page read and write
|
||
|
9CD1000
|
heap
|
page read and write
|
||
|
D1AF000
|
trusted library allocation
|
page readonly
|
||
|
65F5000
|
heap
|
page read and write
|
||
|
EAF9000
|
heap
|
page read and write
|
||
|
2A94000
|
trusted library allocation
|
page read and write
|
||
|
D40000
|
trusted library allocation
|
page read and write
|
||
|
22CEA8AE000
|
heap
|
page read and write
|
||
|
120D000
|
heap
|
page read and write
|
||
|
17D7000
|
heap
|
page read and write
|
||
|
1D05C296000
|
heap
|
page read and write
|
||
|
6690000
|
heap
|
page read and write
|
||
|
22CEA844000
|
heap
|
page read and write
|
||
|
5A9E000
|
stack
|
page read and write
|
||
|
582E000
|
stack
|
page read and write
|
||
|
101E7000
|
trusted library allocation
|
page readonly
|
||
|
66A5000
|
heap
|
page read and write
|
||
|
F903000
|
trusted library allocation
|
page read and write
|
||
|
C60A000
|
trusted library allocation
|
page readonly
|
||
|
9998000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
125B3000
|
trusted library allocation
|
page read and write
|
||
|
22CF00FF000
|
trusted library allocation
|
page read and write
|
||
|
48D0000
|
heap
|
page read and write
|
||
|
6040000
|
trusted library allocation
|
page read and write
|
||
|
672E000
|
trusted library allocation
|
page read and write
|
||
|
1D05DE80000
|
trusted library allocation
|
page read and write
|
||
|
E7DB000
|
trusted library allocation
|
page readonly
|
||
|
68EC000
|
stack
|
page read and write
|
||
|
BA7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E70000
|
trusted library allocation
|
page read and write
|
||
|
1274B000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
4008000
|
trusted library allocation
|
page read and write
|
||
|
85CC000
|
heap
|
page read and write
|
||
|
1633000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D05DED5000
|
trusted library allocation
|
page read and write
|
||
|
540000
|
unkown
|
page readonly
|
||
|
29DE000
|
trusted library allocation
|
page read and write
|
||
|
3E16000
|
trusted library allocation
|
page read and write
|
||
|
1D05C472000
|
unkown
|
page readonly
|
||
|
1D076580000
|
heap
|
page read and write
|
||
|
6A30000
|
trusted library allocation
|
page read and write
|
||
|
26A0000
|
heap
|
page read and write
|
||
|
61EE000
|
stack
|
page read and write
|
||
|
1547000
|
trusted library allocation
|
page read and write
|
||
|
22CEA813000
|
heap
|
page read and write
|
||
|
1931000
|
heap
|
page read and write
|
||
|
53EE000
|
stack
|
page read and write
|
||
|
10CE000
|
stack
|
page read and write
|
||
|
6560000
|
trusted library allocation
|
page execute and read and write
|
||
|
22A48000
|
trusted library allocation
|
page read and write
|
||
|
5F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
126B1000
|
trusted library allocation
|
page read and write
|
||
|
54B000
|
stack
|
page read and write
|
||
|
1133000
|
trusted library allocation
|
page read and write
|
||
|
1D05C270000
|
heap
|
page read and write
|
||
|
8E0E13F000
|
stack
|
page read and write
|
||
|
30D1000
|
trusted library allocation
|
page read and write
|
||
|
2660000
|
trusted library allocation
|
page read and write
|
||
|
22CEFD10000
|
trusted library allocation
|
page read and write
|
||
|
22CEFCF0000
|
trusted library allocation
|
page read and write
|
||
|
520E000
|
stack
|
page read and write
|
||
|
1EB4000
|
trusted library allocation
|
page read and write
|
||
|
99AF000
|
heap
|
page read and write
|
||
|
8F51000
|
trusted library allocation
|
page read and write
|
||
|
6BA0000
|
trusted library section
|
page readonly
|
||
|
126DB000
|
trusted library allocation
|
page read and write
|
||
|
55C0000
|
heap
|
page execute and read and write
|
||
|
126D4000
|
trusted library allocation
|
page read and write
|
||
|
868A000
|
heap
|
page read and write
|
||
|
E1669FE000
|
stack
|
page read and write
|
||
|
2B7D000
|
trusted library allocation
|
page read and write
|
||
|
14C0000
|
trusted library allocation
|
page read and write
|
||
|
5EA0000
|
trusted library allocation
|
page read and write
|
||
|
62C8000
|
stack
|
page read and write
|
||
|
8E0E03F000
|
stack
|
page read and write
|
||
|
4EFC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B4E4000
|
trusted library allocation
|
page read and write
|
||
|
12705000
|
trusted library allocation
|
page read and write
|
||
|
55EB000
|
stack
|
page read and write
|
||
|
601F000
|
stack
|
page read and write
|
||
|
1D05C303000
|
heap
|
page read and write
|
||
|
1D0765A3000
|
heap
|
page read and write
|
||
|
1D05C410000
|
trusted library allocation
|
page read and write
|
||
|
C57E000
|
trusted library allocation
|
page readonly
|
||
|
6756000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B4DB000
|
trusted library allocation
|
page read and write
|
||
|
84C0000
|
trusted library allocation
|
page read and write
|
||
|
953000
|
trusted library allocation
|
page execute and read and write
|
||
|
22CEA902000
|
heap
|
page read and write
|
||
|
EB8000
|
heap
|
page read and write
|
||
|
605E000
|
stack
|
page read and write
|
||
|
4E6B000
|
stack
|
page read and write
|
||
|
670E000
|
stack
|
page read and write
|
||
|
22CF004D000
|
trusted library allocation
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
12576000
|
trusted library allocation
|
page read and write
|
||
|
D281000
|
trusted library allocation
|
page read and write
|
||
|
116D000
|
stack
|
page read and write
|
||
|
22CF0060000
|
trusted library allocation
|
page read and write
|
||
|
2359E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B720000
|
trusted library allocation
|
page read and write
|
||
|
A3D000
|
heap
|
page read and write
|
||
|
4A00000
|
trusted library allocation
|
page read and write
|
||
|
1D05C492000
|
unkown
|
page readonly
|
||
|
7FFD9B7B0000
|
trusted library allocation
|
page read and write
|
||
|
129BA000
|
trusted library allocation
|
page read and write
|
||
|
22CEFD50000
|
trusted library allocation
|
page read and write
|
||
|
84F0000
|
trusted library allocation
|
page read and write
|
||
|
E1670FE000
|
unkown
|
page readonly
|
||
|
CA7E000
|
trusted library allocation
|
page readonly
|
||
|
557E000
|
stack
|
page read and write
|
||
|
4BA000
|
unkown
|
page readonly
|
||
|
7FFD9B570000
|
trusted library allocation
|
page read and write
|
||
|
22CEA730000
|
heap
|
page read and write
|
||
|
6550000
|
trusted library allocation
|
page read and write
|
||
|
120F000
|
heap
|
page read and write
|
||
|
4F6E000
|
stack
|
page read and write
|
||
|
2D4E000
|
stack
|
page read and write
|
||
|
EB51000
|
heap
|
page read and write
|
||
|
14D0000
|
trusted library allocation
|
page read and write
|
||
|
17D0000
|
heap
|
page read and write
|
||
|
4BAD000
|
stack
|
page read and write
|
||
|
11AF3000
|
heap
|
page read and write
|
||
|
1D05C2FD000
|
heap
|
page read and write
|
||
|
11B2E000
|
heap
|
page read and write
|
||
|
1D05DFA4000
|
trusted library allocation
|
page read and write
|
||
|
9725000
|
trusted library allocation
|
page read and write
|
||
|
51CD000
|
stack
|
page read and write
|
||
|
9A2000
|
heap
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
4D60000
|
heap
|
page read and write
|
||
|
1D05DFCE000
|
trusted library allocation
|
page read and write
|
||
|
1D05DF92000
|
trusted library allocation
|
page read and write
|
||
|
64CF000
|
stack
|
page read and write
|
||
|
4E2E000
|
stack
|
page read and write
|
||
|
2A2000
|
unkown
|
page readonly
|
||
|
22CEFE47000
|
heap
|
page read and write
|
||
|
1BFE4000
|
trusted library allocation
|
page read and write
|
||
|
644C000
|
stack
|
page read and write
|
||
|
7FFD9B66D000
|
trusted library allocation
|
page read and write
|
||
|
14D4000
|
trusted library allocation
|
page read and write
|
||
|
1D05DFA8000
|
trusted library allocation
|
page read and write
|
||
|
22CEA760000
|
heap
|
page read and write
|
||
|
DB50000
|
trusted library allocation
|
page read and write
|
||
|
64D0000
|
trusted library allocation
|
page read and write
|
||
|
1EB0000
|
trusted library allocation
|
page read and write
|
||
|
E958000
|
heap
|
page read and write
|
||
|
5FB0000
|
trusted library allocation
|
page read and write
|
||
|
125C7000
|
trusted library allocation
|
page read and write
|
||
|
681C000
|
trusted library allocation
|
page read and write
|
||
|
4860000
|
trusted library allocation
|
page read and write
|
||
|
99A4000
|
heap
|
page read and write
|
||
|
11AF5000
|
heap
|
page read and write
|
||
|
7FFD9B5A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B50000
|
trusted library allocation
|
page read and write
|
||
|
5C1E000
|
stack
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
E166AFE000
|
unkown
|
page readonly
|
||
|
22CF00B0000
|
remote allocation
|
page read and write
|
||
|
191F000
|
heap
|
page read and write
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
128A5000
|
trusted library allocation
|
page read and write
|
||
|
5E3E000
|
stack
|
page read and write
|
||
|
1D05DD70000
|
heap
|
page read and write
|
||
|
1D06DDCA000
|
trusted library allocation
|
page read and write
|
||
|
6731000
|
trusted library allocation
|
page read and write
|
||
|
612000
|
unkown
|
page readonly
|
||
|
1756000
|
trusted library allocation
|
page execute and read and write
|
||
|
618C000
|
stack
|
page read and write
|
||
|
D231000
|
trusted library allocation
|
page read and write
|
||
|
85E1000
|
heap
|
page read and write
|
||
|
7FFD9B71E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B4C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
E167DFE000
|
unkown
|
page readonly
|
||
|
EEE000
|
heap
|
page read and write
|
||
|
7FFD9B4CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
E167AFB000
|
stack
|
page read and write
|
||
|
E167FFE000
|
unkown
|
page readonly
|
||
|
8490000
|
trusted library allocation
|
page read and write
|
||
|
1502000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B51C000
|
trusted library allocation
|
page execute and read and write
|
||
|
85DB000
|
heap
|
page read and write
|
||
|
1D0765D3000
|
heap
|
page read and write
|
||
|
6775000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B690000
|
trusted library allocation
|
page read and write
|
||
|
1D05DE84000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
trusted library allocation
|
page read and write
|
||
|
E166EFE000
|
unkown
|
page readonly
|
||
|
99E3000
|
heap
|
page read and write
|
||
|
7FFD9B739000
|
trusted library allocation
|
page read and write
|
||
|
22EB0000
|
trusted library allocation
|
page read and write
|
||
|
1D0765BF000
|
heap
|
page read and write
|
||
|
22CEA88D000
|
heap
|
page read and write
|
||
|
8470000
|
trusted library allocation
|
page read and write
|
||
|
E167EFB000
|
stack
|
page read and write
|
||
|
652E000
|
stack
|
page read and write
|
||
|
C8A1000
|
trusted library allocation
|
page readonly
|
||
|
22CF006C000
|
trusted library allocation
|
page read and write
|
||
|
2AA0000
|
heap
|
page execute and read and write
|
||
|
6A50000
|
trusted library allocation
|
page read and write
|
||
|
1D05DDA0000
|
heap
|
page execute and read and write
|
||
|
85EC000
|
heap
|
page read and write
|
||
|
22CF0072000
|
trusted library allocation
|
page read and write
|
||
|
6030000
|
heap
|
page read and write
|
||
|
8E0E53D000
|
stack
|
page read and write
|
||
|
22CEFE59000
|
heap
|
page read and write
|
||
|
7FFD9B712000
|
trusted library allocation
|
page read and write
|
||
|
6B5E000
|
stack
|
page read and write
|
||
|
605E000
|
stack
|
page read and write
|
||
|
D30E000
|
trusted library allocation
|
page read and write
|
||
|
5950000
|
trusted library allocation
|
page read and write
|
||
|
1620000
|
trusted library allocation
|
page read and write
|
||
|
1D05C452000
|
unkown
|
page readonly
|
||
|
5A9E000
|
stack
|
page read and write
|
||
|
1C2FD000
|
trusted library allocation
|
page read and write
|
||
|
619F000
|
stack
|
page read and write
|
||
|
22F09000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B680000
|
trusted library allocation
|
page read and write
|
||
|
20BD000
|
trusted library allocation
|
page read and write
|
||
|
8AB6000
|
trusted library allocation
|
page read and write
|
||
|
6724000
|
trusted library allocation
|
page read and write
|
||
|
8B56000
|
trusted library allocation
|
page read and write
|
||
|
EADE000
|
heap
|
page read and write
|
||
|
67CE000
|
stack
|
page read and write
|
||
|
693E000
|
stack
|
page read and write
|
||
|
55BE000
|
stack
|
page read and write
|
||
|
5B30000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E2E000
|
trusted library allocation
|
page read and write
|
||
|
99B7000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
14FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
B92B000
|
trusted library allocation
|
page readonly
|
||
|
8E0DBFE000
|
stack
|
page read and write
|
||
|
EFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
629D000
|
stack
|
page read and write
|
||
|
1634000
|
trusted library allocation
|
page read and write
|
||
|
D43000
|
trusted library allocation
|
page read and write
|
||
|
559C000
|
stack
|
page read and write
|
||
|
6770000
|
trusted library allocation
|
page read and write
|
||
|
9210000
|
trusted library allocation
|
page read and write
|
||
|
224F6000
|
trusted library allocation
|
page read and write
|
||
|
DED000
|
trusted library allocation
|
page execute and read and write
|
||
|
96E000
|
heap
|
page read and write
|
||
|
B60A000
|
trusted library allocation
|
page readonly
|
||
|
1D05C4B0000
|
heap
|
page execute and read and write
|
||
|
EC04000
|
heap
|
page read and write
|
||
|
465B000
|
stack
|
page read and write
|
||
|
508D000
|
stack
|
page read and write
|
||
|
6C3E000
|
stack
|
page read and write
|
||
|
191F000
|
heap
|
page read and write
|
||
|
3144000
|
trusted library allocation
|
page read and write
|
||
|
22CEFE54000
|
heap
|
page read and write
|
||
|
65C0000
|
heap
|
page read and write
|
||
|
22CEAFA1000
|
trusted library allocation
|
page read and write
|
||
|
CD43000
|
trusted library allocation
|
page readonly
|
||
|
115BE000
|
trusted library allocation
|
page readonly
|
||
|
22CF00E8000
|
trusted library allocation
|
page read and write
|
||
|
C30000
|
trusted library allocation
|
page read and write
|
||
|
F2D6000
|
trusted library allocation
|
page read and write
|
||
|
1217000
|
heap
|
page read and write
|
||
|
F12000
|
trusted library allocation
|
page read and write
|
||
|
22CEFD10000
|
trusted library allocation
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
3160000
|
trusted library allocation
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
1D076980000
|
heap
|
page read and write
|
||
|
7FFD9B682000
|
trusted library allocation
|
page read and write
|
||
|
308A000
|
trusted library allocation
|
page read and write
|
||
|
12953000
|
trusted library allocation
|
page read and write
|
||
|
22CEFD21000
|
trusted library allocation
|
page read and write
|
||
|
5F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
22CF02E0000
|
trusted library allocation
|
page read and write
|
||
|
16DB000
|
heap
|
page read and write
|
||
|
176B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1630000
|
trusted library allocation
|
page read and write
|
||
|
BC3D000
|
trusted library allocation
|
page readonly
|
||
|
1185000
|
heap
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
22CF00F1000
|
trusted library allocation
|
page read and write
|
||
|
D043000
|
trusted library allocation
|
page readonly
|
||
|
22CEA929000
|
heap
|
page read and write
|
||
|
D2E6000
|
trusted library allocation
|
page read and write
|
||
|
8673000
|
heap
|
page read and write
|
||
|
3450000
|
heap
|
page read and write
|
||
|
24E8000
|
trusted library allocation
|
page read and write
|
||
|
940000
|
trusted library allocation
|
page read and write
|
||
|
129A5000
|
trusted library allocation
|
page read and write
|
||
|
22E16000
|
trusted library allocation
|
page read and write
|
||
|
5BCF000
|
heap
|
page read and write
|
||
|
24DB000
|
trusted library allocation
|
page read and write
|
||
|
1658000
|
heap
|
page read and write
|
||
|
2B76000
|
trusted library allocation
|
page read and write
|
||
|
8E0CFFE000
|
stack
|
page read and write
|
||
|
22CEA88F000
|
heap
|
page read and write
|
||
|
5B7D000
|
heap
|
page read and write
|
||
|
D68000
|
trusted library allocation
|
page read and write
|
||
|
1D05C170000
|
heap
|
page read and write
|
||
|
22CEA894000
|
heap
|
page read and write
|
||
|
C53000
|
trusted library allocation
|
page read and write
|
||
|
4001000
|
trusted library allocation
|
page read and write
|
||
|
292F000
|
trusted library allocation
|
page read and write
|
||
|
1FDE000
|
stack
|
page read and write
|
||
|
3001000
|
trusted library allocation
|
page read and write
|
||
|
59FC000
|
stack
|
page read and write
|
||
|
1D0766F8000
|
unkown
|
page readonly
|
||
|
53EE000
|
stack
|
page read and write
|
||
|
555E000
|
stack
|
page read and write
|
||
|
7FFD9B4C2000
|
trusted library allocation
|
page read and write
|
||
|
5AEE000
|
heap
|
page read and write
|
||
|
22CEB104000
|
heap
|
page read and write
|
||
|
7FFD9B725000
|
trusted library allocation
|
page read and write
|
||
|
545F000
|
stack
|
page read and write
|
||
|
49F0000
|
trusted library allocation
|
page read and write
|
||
|
1C368000
|
trusted library allocation
|
page read and write
|
||
|
192C000
|
heap
|
page read and write
|
||
|
5FAC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B667000
|
trusted library allocation
|
page read and write
|
||
|
1D07660C000
|
heap
|
page read and write
|
||
|
4EDB000
|
trusted library allocation
|
page read and write
|
||
|
536B000
|
stack
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
30A2000
|
trusted library allocation
|
page read and write
|
||
|
AB6000
|
trusted library allocation
|
page execute and read and write
|
||
|
9980000
|
heap
|
page read and write
|
||
|
105D5000
|
trusted library allocation
|
page readonly
|
||
|
22CEB015000
|
heap
|
page read and write
|
||
|
14DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3069000
|
trusted library allocation
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
1D076604000
|
heap
|
page read and write
|
||
|
281C000
|
trusted library allocation
|
page read and write
|
||
|
FDE6000
|
trusted library allocation
|
page readonly
|
||
|
1282C000
|
trusted library allocation
|
page read and write
|
||
|
511000
|
unkown
|
page execute read
|
||
|
553B000
|
stack
|
page read and write
|
||
|
5960000
|
heap
|
page read and write
|
||
|
1922000
|
heap
|
page read and write
|
||
|
547D000
|
stack
|
page read and write
|
||
|
1EC3000
|
trusted library allocation
|
page read and write
|
||
|
8500000
|
trusted library allocation
|
page read and write
|
||
|
ABF8000
|
trusted library allocation
|
page readonly
|
||
|
506E000
|
stack
|
page read and write
|
||
|
5910000
|
trusted library allocation
|
page read and write
|
||
|
E66E000
|
trusted library allocation
|
page readonly
|
||
|
62EE000
|
stack
|
page read and write
|
||
|
BA5000
|
trusted library allocation
|
page execute and read and write
|
||
|
30EB000
|
trusted library allocation
|
page read and write
|
||
|
866E000
|
heap
|
page read and write
|
||
|
99E7000
|
heap
|
page read and write
|
||
|
6769000
|
trusted library allocation
|
page read and write
|
||
|
5970000
|
trusted library allocation
|
page execute and read and write
|
||
|
12749000
|
trusted library allocation
|
page read and write
|
||
|
8BC6000
|
trusted library allocation
|
page read and write
|
||
|
1D07659C000
|
heap
|
page read and write
|
||
|
113BE000
|
trusted library allocation
|
page readonly
|
||
|
22887000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
4CAF000
|
stack
|
page read and write
|
||
|
4770000
|
trusted library allocation
|
page read and write
|
||
|
129E3000
|
trusted library allocation
|
page read and write
|
||
|
2AB1000
|
trusted library allocation
|
page read and write
|
||
|
469D000
|
stack
|
page read and write
|
||
|
12605000
|
trusted library allocation
|
page read and write
|
||
|
1D05DE88000
|
trusted library allocation
|
page read and write
|
||
|
A5A000
|
heap
|
page read and write
|
||
|
57DE000
|
stack
|
page read and write
|
||
|
1273E000
|
trusted library allocation
|
page read and write
|
||
|
1D05C290000
|
heap
|
page read and write
|
||
|
5F10000
|
trusted library allocation
|
page read and write
|
||
|
22CEA85C000
|
heap
|
page read and write
|
||
|
1273000
|
heap
|
page read and write
|
||
|
2E54000
|
trusted library allocation
|
page read and write
|
||
|
8704000
|
heap
|
page read and write
|
||
|
E1677FE000
|
unkown
|
page readonly
|
||
|
1D05C042000
|
unkown
|
page readonly
|
||
|
DE3000
|
trusted library allocation
|
page execute and read and write
|
||
|
9DE7000
|
trusted library allocation
|
page readonly
|
||
|
1560000
|
heap
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
1C901000
|
trusted library allocation
|
page read and write
|
||
|
DE2A000
|
trusted library allocation
|
page read and write
|
||
|
48F0000
|
heap
|
page read and write
|
||
|
1D076700000
|
trusted library allocation
|
page read and write
|
||
|
34C0000
|
heap
|
page read and write
|
||
|
22DD3000
|
trusted library allocation
|
page read and write
|
||
|
22C7D000
|
trusted library allocation
|
page read and write
|
||
|
5E80000
|
trusted library allocation
|
page read and write
|
||
|
191F000
|
heap
|
page read and write
|
||
|
6760000
|
trusted library allocation
|
page read and write
|
||
|
1D05C4C0000
|
heap
|
page read and write
|
||
|
5150000
|
trusted library allocation
|
page read and write
|
||
|
AB0000
|
trusted library allocation
|
page read and write
|
||
|
F06000
|
trusted library allocation
|
page execute and read and write
|
||
|
8F82000
|
trusted library allocation
|
page read and write
|
||
|
4BAF000
|
stack
|
page read and write
|
||
|
5BFE000
|
stack
|
page read and write
|
||
|
22CF0064000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
108D2000
|
trusted library allocation
|
page readonly
|
||
|
27D0000
|
heap
|
page execute and read and write
|
||
|
2524000
|
trusted library allocation
|
page read and write
|
||
|
1930000
|
heap
|
page read and write
|
||
|
E1668FE000
|
unkown
|
page readonly
|
||
|
14D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2070000
|
heap
|
page read and write
|
||
|
51E6000
|
heap
|
page read and write
|
||
|
497E000
|
stack
|
page read and write
|
||
|
F56000
|
unkown
|
page readonly
|
||
|
250E000
|
trusted library allocation
|
page read and write
|
||
|
F1B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F1F000
|
stack
|
page read and write
|
||
|
22CEFD40000
|
trusted library allocation
|
page read and write
|
||
|
1130000
|
trusted library allocation
|
page read and write
|
||
|
5F5E000
|
stack
|
page read and write
|
||
|
5B3A000
|
heap
|
page read and write
|
||
|
22CEA878000
|
heap
|
page read and write
|
||
|
1D05DCE2000
|
unkown
|
page readonly
|
||
|
E888000
|
heap
|
page read and write
|
||
|
2B83000
|
trusted library allocation
|
page read and write
|
||
|
66B0000
|
heap
|
page execute and read and write
|
||
|
6720000
|
trusted library allocation
|
page read and write
|
||
|
2650000
|
trusted library allocation
|
page read and write
|
||
|
437C000
|
trusted library allocation
|
page read and write
|
||
|
E94F000
|
heap
|
page read and write
|
||
|
E167CFE000
|
stack
|
page read and write
|
||
|
22CEFE5F000
|
heap
|
page read and write
|
||
|
112E000
|
stack
|
page read and write
|
||
|
B009000
|
trusted library allocation
|
page readonly
|
||
|
22CF0015000
|
trusted library allocation
|
page read and write
|
||
|
CC59000
|
trusted library allocation
|
page readonly
|
||
|
22CEA8BA000
|
heap
|
page read and write
|
||
|
504F000
|
stack
|
page read and write
|
||
|
12524000
|
trusted library allocation
|
page read and write
|
||
|
8E0D2F9000
|
stack
|
page read and write
|
||
|
5C5F000
|
stack
|
page read and write
|
||
|
55FE000
|
stack
|
page read and write
|
||
|
6000000
|
trusted library allocation
|
page read and write
|
||
|
C141000
|
trusted library allocation
|
page readonly
|
||
|
E8BF000
|
heap
|
page read and write
|
||
|
5FA0000
|
trusted library allocation
|
page read and write
|
||
|
5B82000
|
heap
|
page read and write
|
||
|
EBA8000
|
heap
|
page read and write
|
||
|
5D28000
|
heap
|
page read and write
|
||
|
1800000
|
heap
|
page read and write
|
||
|
6D3E000
|
stack
|
page read and write
|
||
|
8E0CB42000
|
stack
|
page read and write
|
||
|
8BF6000
|
trusted library allocation
|
page read and write
|
||
|
2E43000
|
trusted library allocation
|
page read and write
|
||
|
4D40000
|
trusted library allocation
|
page read and write
|
||
|
4FF0000
|
trusted library allocation
|
page read and write
|
||
|
22CEA873000
|
heap
|
page read and write
|
||
|
CB8C000
|
trusted library allocation
|
page readonly
|
||
|
22CEB640000
|
trusted library allocation
|
page read and write
|
||
|
54BF000
|
stack
|
page read and write
|
||
|
E2A5000
|
trusted library allocation
|
page readonly
|
||
|
5B20000
|
heap
|
page read and write
|
||
|
ED31000
|
trusted library allocation
|
page read and write
|
||
|
10BAA000
|
trusted library allocation
|
page readonly
|
||
|
22CEB000000
|
heap
|
page read and write
|
||
|
E1E9000
|
trusted library allocation
|
page read and write
|
||
|
868E000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
52EE000
|
stack
|
page read and write
|
||
|
14BE000
|
stack
|
page read and write
|
||
|
E166FFB000
|
stack
|
page read and write
|
||
|
9C7000
|
heap
|
page read and write
|
||
|
5D9E000
|
stack
|
page read and write
|
||
|
7FFD9B663000
|
trusted library allocation
|
page read and write
|
||
|
22CF0091000
|
trusted library allocation
|
page read and write
|
||
|
22CF00BA000
|
trusted library allocation
|
page read and write
|
||
|
1D0769CD000
|
heap
|
page read and write
|
||
|
8623000
|
heap
|
page read and write
|
||
|
108F000
|
stack
|
page read and write
|
||
|
1FE4000
|
trusted library allocation
|
page read and write
|
||
|
DE4000
|
trusted library allocation
|
page read and write
|
||
|
EA74000
|
heap
|
page read and write
|
||
|
2A0000
|
unkown
|
page readonly
|
||
|
315C000
|
trusted library allocation
|
page read and write
|
||
|
1D05C470000
|
unkown
|
page readonly
|
||
|
22CF0050000
|
trusted library allocation
|
page read and write
|
||
|
EACE000
|
heap
|
page read and write
|
||
|
1241000
|
heap
|
page read and write
|
||
|
54FE000
|
stack
|
page read and write
|
||
|
22CF00A0000
|
trusted library allocation
|
page read and write
|
||
|
1D05DCB0000
|
unkown
|
page readonly
|
||
|
95D000
|
trusted library allocation
|
page execute and read and write
|
||
|
85C4000
|
heap
|
page read and write
|
||
|
63FD000
|
stack
|
page read and write
|
||
|
2670000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6E0000
|
trusted library allocation
|
page read and write
|
||
|
5E91000
|
trusted library allocation
|
page read and write
|
||
|
5560000
|
trusted library allocation
|
page execute and read and write
|
||
|
22CEFD22000
|
trusted library allocation
|
page read and write
|
||
|
60FE000
|
stack
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page execute and read and write
|
||
|
22CEFE30000
|
heap
|
page read and write
|
||
|
50FD000
|
stack
|
page read and write
|
||
|
84B0000
|
trusted library allocation
|
page read and write
|
||
|
58E0000
|
trusted library allocation
|
page read and write
|
||
|
5CFE000
|
stack
|
page read and write
|
||
|
6A3E000
|
stack
|
page read and write
|
||
|
D98000
|
stack
|
page read and write
|
||
|
8E0DDFE000
|
stack
|
page read and write
|
||
|
5D59000
|
heap
|
page read and write
|
||
|
129F7000
|
trusted library allocation
|
page read and write
|
||
|
1D05C390000
|
heap
|
page read and write
|
||
|
671B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B700000
|
trusted library allocation
|
page read and write
|
||
|
2BFE000
|
trusted library allocation
|
page read and write
|
||
|
C50000
|
trusted library allocation
|
page read and write
|
||
|
2FFF000
|
stack
|
page read and write
|
||
|
4D63000
|
heap
|
page read and write
|
||
|
22CEB11A000
|
heap
|
page read and write
|
||
|
65A8000
|
stack
|
page read and write
|
||
|
2E60000
|
trusted library allocation
|
page read and write
|
||
|
22CEFF04000
|
heap
|
page read and write
|
||
|
3097000
|
trusted library allocation
|
page read and write
|
||
|
22CF0370000
|
trusted library allocation
|
page read and write
|
||
|
5AEC000
|
heap
|
page read and write
|
||
|
2E40000
|
trusted library allocation
|
page read and write
|
||
|
22CEA8A9000
|
heap
|
page read and write
|
||
|
22CEFD20000
|
trusted library allocation
|
page read and write
|
||
|
5B04000
|
heap
|
page read and write
|
||
|
191F000
|
heap
|
page read and write
|
||
|
EA05000
|
heap
|
page read and write
|
||
|
3071000
|
trusted library allocation
|
page read and write
|
||
|
1507000
|
trusted library allocation
|
page execute and read and write
|
||
|
264C000
|
stack
|
page read and write
|
||
|
1D05DEB9000
|
trusted library allocation
|
page read and write
|
||
|
1C609000
|
trusted library allocation
|
page read and write
|
||
|
1EA7000
|
trusted library allocation
|
page read and write
|
||
|
9A4F000
|
heap
|
page read and write
|
||
|
99C4000
|
heap
|
page read and write
|
||
|
C42000
|
trusted library allocation
|
page read and write
|
||
|
234BF000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7E0000
|
trusted library allocation
|
page read and write
|
||
|
22CEFE66000
|
heap
|
page read and write
|
||
|
5E42000
|
trusted library allocation
|
page read and write
|
||
|
2A0B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B4C0000
|
trusted library allocation
|
page read and write
|
||
|
EAE5000
|
heap
|
page read and write
|
||
|
12481000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B36000
|
heap
|
page read and write
|
||
|
1D05DF15000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B800000
|
trusted library allocation
|
page read and write
|
||
|
E31000
|
heap
|
page read and write
|
||
|
4EB3000
|
trusted library allocation
|
page read and write
|
||
|
61C9000
|
stack
|
page read and write
|
||
|
85D1000
|
heap
|
page read and write
|
||
|
22D6D000
|
trusted library allocation
|
page read and write
|
||
|
22CF00FC000
|
trusted library allocation
|
page read and write
|
||
|
1D05DE7A000
|
trusted library allocation
|
page read and write
|
||
|
111AE000
|
trusted library allocation
|
page readonly
|
||
|
250A000
|
trusted library allocation
|
page read and write
|
||
|
8E0D0FE000
|
stack
|
page read and write
|
||
|
22CEFE96000
|
heap
|
page read and write
|
||
|
6C30000
|
trusted library allocation
|
page execute and read and write
|
||
|
5E4E000
|
trusted library allocation
|
page read and write
|
||
|
CE3B000
|
trusted library allocation
|
page readonly
|
||
|
1EB8000
|
trusted library allocation
|
page read and write
|
||
|
51B0000
|
heap
|
page read and write
|
||
|
37E8000
|
trusted library allocation
|
page read and write
|
||
|
E82000
|
heap
|
page read and write
|
||
|
1C2CB000
|
trusted library allocation
|
page read and write
|
||
|
22CEFDF0000
|
trusted library allocation
|
page read and write
|
||
|
53AE000
|
stack
|
page read and write
|
||
|
BA0000
|
trusted library allocation
|
page read and write
|
||
|
5BB0000
|
heap
|
page read and write
|
||
|
43E5000
|
trusted library allocation
|
page read and write
|
||
|
126FE000
|
trusted library allocation
|
page read and write
|
||
|
116B7000
|
trusted library allocation
|
page readonly
|
||
|
5AFA000
|
stack
|
page read and write
|
||
|
1C20D000
|
trusted library allocation
|
page read and write
|
||
|
22CEB102000
|
heap
|
page read and write
|
||
|
22CEFD54000
|
trusted library allocation
|
page read and write
|
||
|
553000
|
unkown
|
page read and write
|
||
|
14F2000
|
trusted library allocation
|
page read and write
|
||
|
85F9000
|
heap
|
page read and write
|
||
|
2C1A000
|
trusted library allocation
|
page read and write
|
||
|
E167BFE000
|
unkown
|
page readonly
|
||
|
990D000
|
trusted library allocation
|
page readonly
|
||
|
5B40000
|
trusted library allocation
|
page read and write
|
||
|
29EE000
|
stack
|
page read and write
|
||
|
513E000
|
trusted library section
|
page read and write
|
||
|
B40E000
|
trusted library allocation
|
page readonly
|
||
|
5CF1000
|
heap
|
page read and write
|
||
|
1765000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D3E000
|
stack
|
page read and write
|
||
|
634E000
|
stack
|
page read and write
|
||
|
4F20000
|
trusted library allocation
|
page read and write
|
||
|
97CD000
|
trusted library allocation
|
page readonly
|
||
|
2081000
|
trusted library allocation
|
page read and write
|
||
|
224CE000
|
trusted library allocation
|
page read and write
|
||
|
1BB81000
|
trusted library allocation
|
page read and write
|
||
|
1567000
|
heap
|
page read and write
|
||
|
5EB0000
|
trusted library allocation
|
page read and write
|
||
|
4CFE000
|
stack
|
page read and write
|
||
|
1D076674000
|
heap
|
page read and write
|
||
|
E90C000
|
heap
|
page read and write
|
||
|
243A1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
22CEFEFD000
|
heap
|
page read and write
|
||
|
23500000
|
trusted library allocation
|
page read and write
|
||
|
5E6A000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
unkown
|
page readonly
|
||
|
8718000
|
heap
|
page read and write
|
||
|
22CF00C2000
|
trusted library allocation
|
page read and write
|
||
|
E8D4000
|
heap
|
page read and write
|
||
|
1EA0000
|
trusted library allocation
|
page read and write
|
||
|
107C3000
|
trusted library allocation
|
page readonly
|
||
|
EAA3000
|
heap
|
page read and write
|
||
|
E8F4000
|
heap
|
page read and write
|
||
|
1149D000
|
trusted library allocation
|
page readonly
|
||
|
9266000
|
trusted library allocation
|
page read and write
|
||
|
E924000
|
heap
|
page read and write
|
||
|
5B44000
|
heap
|
page read and write
|
||
|
4800000
|
trusted library allocation
|
page execute and read and write
|
||
|
B86F000
|
trusted library allocation
|
page readonly
|
||
|
22CF00B0000
|
remote allocation
|
page read and write
|
||
|
4EB0000
|
trusted library allocation
|
page read and write
|
||
|
E9B4000
|
heap
|
page read and write
|
||
|
11AFD000
|
heap
|
page read and write
|
||
|
C91A000
|
trusted library allocation
|
page readonly
|
||
|
3088000
|
trusted library allocation
|
page read and write
|
||
|
AAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
22CEFF0D000
|
heap
|
page read and write
|
||
|
7FFD9B6A0000
|
trusted library allocation
|
page read and write
|
||
|
6400000
|
heap
|
page read and write
|
||
|
223E1000
|
trusted library allocation
|
page read and write
|
||
|
128AB000
|
trusted library allocation
|
page read and write
|
||
|
1D0765C1000
|
heap
|
page read and write
|
||
|
4780000
|
heap
|
page execute and read and write
|
||
|
22CEA8FF000
|
heap
|
page read and write
|
||
|
7FFD9B576000
|
trusted library allocation
|
page read and write
|
||
|
1D05DDB1000
|
trusted library allocation
|
page read and write
|
||
|
11D6000
|
heap
|
page read and write
|
||
|
EC8C000
|
trusted library allocation
|
page readonly
|
||
|
6850000
|
trusted library allocation
|
page read and write
|
||
|
24FC000
|
trusted library allocation
|
page read and write
|
||
|
2262F000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
5B73000
|
heap
|
page read and write
|
||
|
6A70000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B72000
|
trusted library allocation
|
page read and write
|
||
|
1D05C3D0000
|
heap
|
page read and write
|
||
|
E900000
|
heap
|
page read and write
|
||
|
A9E000
|
stack
|
page read and write
|
||
|
6580000
|
trusted library allocation
|
page read and write
|
||
|
4F2E000
|
stack
|
page read and write
|
||
|
661D000
|
heap
|
page read and write
|
||
|
67FE000
|
stack
|
page read and write
|
||
|
1D05DFBF000
|
trusted library allocation
|
page read and write
|
||
|
4F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
682C000
|
trusted library allocation
|
page read and write
|
||
|
1D05C040000
|
unkown
|
page readonly
|
||
|
421E000
|
stack
|
page read and write
|
||
|
61A0000
|
trusted library allocation
|
page read and write
|
||
|
191F000
|
heap
|
page read and write
|
||
|
C7A3000
|
trusted library allocation
|
page readonly
|
||
|
225D9000
|
trusted library allocation
|
page read and write
|
||
|
5E20000
|
trusted library allocation
|
page read and write
|
||
|
14E3000
|
trusted library allocation
|
page read and write
|
||
|
1E90000
|
trusted library allocation
|
page execute and read and write
|
||
|
167B000
|
heap
|
page read and write
|
||
|
51AF000
|
stack
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
4FF7000
|
trusted library allocation
|
page read and write
|
||
|
24EC000
|
trusted library allocation
|
page read and write
|
||
|
14F0000
|
trusted library allocation
|
page read and write
|
||
|
C27000
|
heap
|
page read and write
|
||
|
5FDE000
|
stack
|
page read and write
|
||
|
126E1000
|
trusted library allocation
|
page read and write
|
||
|
110A9000
|
trusted library allocation
|
page readonly
|
||
|
525E000
|
stack
|
page read and write
|
||
|
1715000
|
heap
|
page read and write
|
||
|
3C26000
|
trusted library allocation
|
page read and write
|
||
|
1C0E2000
|
trusted library allocation
|
page read and write
|
||
|
4850000
|
trusted library allocation
|
page read and write
|
||
|
669C000
|
heap
|
page read and write
|
||
|
E8E7000
|
heap
|
page read and write
|
||
|
56ED000
|
stack
|
page read and write
|
||
|
22CEAFF0000
|
trusted library allocation
|
page read and write
|
||
|
22CEA790000
|
trusted library allocation
|
page read and write
|
||
|
2512000
|
trusted library allocation
|
page read and write
|
||
|
12A34000
|
trusted library allocation
|
page read and write
|
||
|
10AFB000
|
trusted library allocation
|
page readonly
|
||
|
7FFD9B4D3000
|
trusted library allocation
|
page read and write
|
||
|
65B0000
|
heap
|
page read and write
|
||
|
2EF0000
|
heap
|
page read and write
|
||
|
10256000
|
trusted library allocation
|
page readonly
|
||
|
5BA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B70000
|
heap
|
page read and write
|
||
|
60B0000
|
trusted library allocation
|
page read and write
|
||
|
1007D000
|
trusted library allocation
|
page readonly
|
||
|
E847000
|
heap
|
page read and write
|
||
|
50AE000
|
stack
|
page read and write
|
||
|
57FE000
|
stack
|
page read and write
|
||
|
634F000
|
stack
|
page read and write
|
||
|
14F8000
|
stack
|
page read and write
|
||
|
69EC000
|
stack
|
page read and write
|
||
|
1D05DEF9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
1D05C250000
|
heap
|
page read and write
|
||
|
1931000
|
heap
|
page read and write
|
||
|
1643000
|
trusted library allocation
|
page read and write
|
||
|
1D05C4E0000
|
heap
|
page execute and read and write
|
||
|
22CEFE00000
|
heap
|
page read and write
|
||
|
1D05C2D2000
|
heap
|
page read and write
|
||
|
8E0DCFE000
|
stack
|
page read and write
|
||
|
5090000
|
trusted library allocation
|
page read and write
|
||
|
EBE6000
|
heap
|
page read and write
|
||
|
22CEFF0A000
|
heap
|
page read and write
|
||
|
615E000
|
stack
|
page read and write
|
||
|
1D0766C2000
|
unkown
|
page readonly
|
||
|
584E000
|
stack
|
page read and write
|
||
|
86BC000
|
heap
|
page read and write
|
||
|
5B00000
|
heap
|
page read and write
|
||
|
E1676F9000
|
stack
|
page read and write
|
||
|
1D06DDD1000
|
trusted library allocation
|
page read and write
|
||
|
5430000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D2A000
|
heap
|
page read and write
|
||
|
1D05C2D0000
|
heap
|
page read and write
|
||
|
5010000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B684000
|
trusted library allocation
|
page read and write
|
||
|
A3EE000
|
trusted library allocation
|
page readonly
|
||
|
535D000
|
stack
|
page read and write
|
||
|
30BE000
|
trusted library allocation
|
page read and write
|
||
|
67AD000
|
stack
|
page read and write
|
||
|
8E0DFFE000
|
stack
|
page read and write
|
||
|
86A8000
|
heap
|
page read and write
|
||
|
18FE000
|
heap
|
page read and write
|
||
|
22CEA87D000
|
heap
|
page read and write
|
||
|
545E000
|
stack
|
page read and write
|
||
|
661A000
|
heap
|
page read and write
|
||
|
1262E000
|
trusted library allocation
|
page read and write
|
||
|
3081000
|
trusted library allocation
|
page read and write
|
||
|
987000
|
heap
|
page read and write
|
||
|
5FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
17CE000
|
stack
|
page read and write
|
||
|
116CB000
|
trusted library allocation
|
page readonly
|
||
|
22CEFED1000
|
heap
|
page read and write
|
||
|
4DEF000
|
stack
|
page read and write
|
||
|
3AB1000
|
trusted library allocation
|
page read and write
|
||
|
8480000
|
trusted library allocation
|
page read and write
|
||
|
D45000
|
trusted library allocation
|
page read and write
|
||
|
9A6B000
|
heap
|
page read and write
|
||
|
8E0E33D000
|
stack
|
page read and write
|
||
|
1D05DEEB000
|
trusted library allocation
|
page read and write
|
||
|
1D07667D000
|
heap
|
page read and write
|
||
|
5260000
|
heap
|
page execute and read and write
|
||
|
4EAF000
|
stack
|
page read and write
|
||
|
1D05DFB8000
|
trusted library allocation
|
page read and write
|
||
|
5E64000
|
trusted library allocation
|
page read and write
|
||
|
9A25000
|
heap
|
page read and write
|
||
|
3BE2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
560E000
|
stack
|
page read and write
|
||
|
206E000
|
stack
|
page read and write
|
||
|
12642000
|
trusted library allocation
|
page read and write
|
||
|
1D076740000
|
heap
|
page read and write
|
||
|
1D06DDBD000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B670000
|
trusted library allocation
|
page read and write
|
||
|
24A4000
|
trusted library allocation
|
page read and write
|
||
|
8E0D9F6000
|
stack
|
page read and write
|
||
|
2B5D000
|
trusted library allocation
|
page read and write
|
||
|
C330000
|
trusted library allocation
|
page readonly
|
||
|
6020000
|
heap
|
page read and write
|
||
|
22CEFEF8000
|
heap
|
page read and write
|
||
|
4F43000
|
heap
|
page execute and read and write
|
||
|
1A1D000
|
stack
|
page read and write
|
||
|
5800000
|
trusted library allocation
|
page read and write
|
||
|
1D06DDC5000
|
trusted library allocation
|
page read and write
|
||
|
EAE8000
|
heap
|
page read and write
|
||
|
7FFD9B4C4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B4E0000
|
trusted library allocation
|
page read and write
|
||
|
C20C000
|
trusted library allocation
|
page readonly
|
||
|
64AC000
|
stack
|
page read and write
|
||
|
1D05DF03000
|
trusted library allocation
|
page read and write
|
||
|
556000
|
unkown
|
page readonly
|
||
|
53F0000
|
trusted library allocation
|
page read and write
|
||
|
22CEFDE0000
|
trusted library allocation
|
page read and write
|
||
|
1D076B92000
|
unkown
|
page readonly
|
||
|
163D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6643000
|
heap
|
page read and write
|
||
|
30A9000
|
trusted library allocation
|
page read and write
|
||
|
EB5E000
|
heap
|
page read and write
|
||
|
14F6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
22CF0056000
|
trusted library allocation
|
page read and write
|
||
|
662D000
|
stack
|
page read and write
|
||
|
2C00000
|
trusted library allocation
|
page read and write
|
||
|
2923000
|
trusted library allocation
|
page read and write
|
||
|
8E0D1FE000
|
stack
|
page read and write
|
||
|
7FFD9B748000
|
trusted library allocation
|
page read and write
|
||
|
9C5000
|
heap
|
page read and write
|
||
|
E16647B000
|
stack
|
page read and write
|
||
|
2C16000
|
trusted library allocation
|
page read and write
|
||
|
D38000
|
trusted library allocation
|
page read and write
|
||
|
1EC7000
|
trusted library allocation
|
page read and write
|
||
|
607E000
|
stack
|
page read and write
|
||
|
22CEB113000
|
heap
|
page read and write
|
||
|
676E000
|
stack
|
page read and write
|
||
|
5B10000
|
heap
|
page read and write
|
||
|
5FAE000
|
trusted library allocation
|
page read and write
|
||
|
2E50000
|
trusted library allocation
|
page read and write
|
||
|
22CEFD40000
|
trusted library allocation
|
page read and write
|
||
|
8FC000
|
stack
|
page read and write
|
||
|
662F000
|
heap
|
page read and write
|
||
|
116C7000
|
trusted library allocation
|
page readonly
|
||
|
3ECF000
|
trusted library allocation
|
page read and write
|
||
|
86D2000
|
heap
|
page read and write
|
||
|
22CEFDE0000
|
trusted library allocation
|
page read and write
|
||
|
10D00000
|
trusted library allocation
|
page readonly
|
||
|
E1667F7000
|
stack
|
page read and write
|
||
|
D6A000
|
trusted library allocation
|
page read and write
|
||
|
6AEE000
|
stack
|
page read and write
|
||
|
D3A9000
|
trusted library allocation
|
page read and write
|
||
|
22CF000E000
|
trusted library allocation
|
page read and write
|
||
|
9A64000
|
heap
|
page read and write
|
||
|
2B66000
|
trusted library allocation
|
page read and write
|
||
|
6716000
|
trusted library allocation
|
page read and write
|
||
|
608C000
|
stack
|
page read and write
|
||
|
862F000
|
heap
|
page read and write
|
||
|
12619000
|
trusted library allocation
|
page read and write
|
||
|
EB4E000
|
heap
|
page read and write
|
||
|
22CEA913000
|
heap
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
12549000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
22CF0020000
|
trusted library allocation
|
page read and write
|
||
|
6800000
|
trusted library allocation
|
page read and write
|
||
|
8530000
|
heap
|
page read and write
|
||
|
E1685FE000
|
unkown
|
page readonly
|
||
|
E9D8000
|
heap
|
page read and write
|
||
|
DFB000
|
heap
|
page read and write
|
||
|
DE0000
|
trusted library allocation
|
page read and write
|
||
|
6020000
|
trusted library allocation
|
page execute and read and write
|
||
|
22CF00E5000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B4EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
50A0000
|
trusted library section
|
page read and write
|
||
|
511000
|
unkown
|
page execute read
|
||
|
7FFD9B6CB000
|
trusted library allocation
|
page read and write
|
||
|
12A20000
|
trusted library allocation
|
page read and write
|
||
|
96D1000
|
trusted library allocation
|
page read and write
|
||
|
17D0000
|
heap
|
page read and write
|
||
|
DBE000
|
stack
|
page read and write
|
||
|
1686000
|
heap
|
page read and write
|
||
|
5F20000
|
trusted library allocation
|
page read and write
|
||
|
10DC3000
|
trusted library allocation
|
page readonly
|
||
|
E9BD000
|
heap
|
page read and write
|
||
|
DB41000
|
trusted library allocation
|
page read and write
|
||
|
1D05DFD2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B730000
|
trusted library allocation
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
5790000
|
trusted library allocation
|
page read and write
|
||
|
5000000
|
trusted library allocation
|
page read and write
|
||
|
1760000
|
trusted library allocation
|
page read and write
|
||
|
126C5000
|
trusted library allocation
|
page read and write
|
||
|
22CEA87B000
|
heap
|
page read and write
|
||
|
85BE000
|
heap
|
page read and write
|
||
|
69F0000
|
heap
|
page read and write
|
||
|
BE2E000
|
trusted library allocation
|
page readonly
|
||
|
12812000
|
trusted library allocation
|
page read and write
|
||
|
22CF0360000
|
trusted library allocation
|
page read and write
|
||
|
84D0000
|
trusted library allocation
|
page read and write
|
||
|
1D05C3F0000
|
trusted library allocation
|
page read and write
|
||
|
4D50000
|
trusted library allocation
|
page read and write
|
||
|
22CEB100000
|
heap
|
page read and write
|
||
|
22CF0018000
|
trusted library allocation
|
page read and write
|
||
|
CF5E000
|
trusted library allocation
|
page readonly
|
||
|
5F80000
|
trusted library allocation
|
page read and write
|
||
|
E967000
|
heap
|
page read and write
|
||
|
17E0000
|
heap
|
page read and write
|
||
|
68AD000
|
stack
|
page read and write
|
||
|
594E000
|
stack
|
page read and write
|
||
|
5D01000
|
heap
|
page read and write
|
||
|
8E0D3FF000
|
stack
|
page read and write
|
||
|
99F6000
|
heap
|
page read and write
|
||
|
1ED0000
|
heap
|
page execute and read and write
|
||
|
6745000
|
trusted library allocation
|
page read and write
|
||
|
5420000
|
trusted library allocation
|
page read and write
|
||
|
1D05DCC4000
|
unkown
|
page readonly
|
||
|
7FFD9B6AD000
|
trusted library allocation
|
page read and write
|
||
|
1A27000
|
heap
|
page read and write
|
||
|
950000
|
trusted library allocation
|
page read and write
|
||
|
4088000
|
trusted library allocation
|
page read and write
|
||
|
22CEB880000
|
trusted library allocation
|
page read and write
|
||
|
6A60000
|
trusted library allocation
|
page read and write
|
||
|
22CEB11A000
|
heap
|
page read and write
|
||
|
1EC0000
|
trusted library allocation
|
page read and write
|
||
|
22CF0000000
|
trusted library allocation
|
page read and write
|
||
|
E915000
|
heap
|
page read and write
|
||
|
127D000
|
heap
|
page read and write
|
||
|
16CF000
|
heap
|
page read and write
|
||
|
5CE0000
|
heap
|
page read and write
|
||
|
E9F2000
|
heap
|
page read and write
|
||
|
66AA000
|
heap
|
page read and write
|
||
|
1BA41000
|
trusted library allocation
|
page read and write
|
||
|
37E1000
|
trusted library allocation
|
page read and write
|
||
|
1269C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7C0000
|
trusted library allocation
|
page read and write
|
||
|
6780000
|
trusted library allocation
|
page read and write
|
||
|
22CF0008000
|
trusted library allocation
|
page read and write
|
||
|
6810000
|
trusted library allocation
|
page read and write
|
||
|
22CF0107000
|
trusted library allocation
|
page read and write
|
||
|
22CEA800000
|
heap
|
page read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
6820000
|
trusted library allocation
|
page read and write
|
||
|
5D81000
|
heap
|
page read and write
|
||
|
150B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D05C450000
|
unkown
|
page readonly
|
||
|
1259E000
|
trusted library allocation
|
page read and write
|
||
|
D60000
|
trusted library allocation
|
page read and write
|
||
|
EF3000
|
trusted library allocation
|
page read and write
|
||
|
110C000
|
stack
|
page read and write
|
||
|
E870000
|
heap
|
page read and write
|
||
|
599A000
|
heap
|
page read and write
|
||
|
5D6D000
|
heap
|
page read and write
|
||
|
6B90000
|
trusted library allocation
|
page execute and read and write
|
||
|
510000
|
unkown
|
page readonly
|
||
|
11BE000
|
heap
|
page read and write
|
||
|
864A000
|
heap
|
page read and write
|
||
|
F7E000
|
stack
|
page read and write
|
||
|
553000
|
unkown
|
page write copy
|
||
|
112A7000
|
trusted library allocation
|
page readonly
|
||
|
22CEA906000
|
heap
|
page read and write
|
||
|
5FA7000
|
trusted library allocation
|
page read and write
|
||
|
865D000
|
heap
|
page read and write
|
||
|
1147000
|
heap
|
page read and write
|
||
|
8781000
|
trusted library allocation
|
page read and write
|
||
|
5F90000
|
trusted library allocation
|
page read and write
|
||
|
86EB000
|
heap
|
page read and write
|
||
|
12788000
|
trusted library allocation
|
page read and write
|
||
|
12A0B000
|
trusted library allocation
|
page read and write
|
||
|
654C000
|
stack
|
page read and write
|
||
|
30E3000
|
trusted library allocation
|
page read and write
|
||
|
5B9E000
|
stack
|
page read and write
|
||
|
22CEFEEA000
|
heap
|
page read and write
|
||
|
E166DFC000
|
stack
|
page read and write
|
||
|
2A0D000
|
trusted library allocation
|
page read and write
|
||
|
D659000
|
trusted library allocation
|
page read and write
|
||
|
109A1000
|
trusted library allocation
|
page readonly
|
||
|
6A40000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B48000
|
trusted library allocation
|
page read and write
|
||
|
8E0D7FB000
|
stack
|
page read and write
|
||
|
8F8000
|
stack
|
page read and write
|
||
|
127F8000
|
trusted library allocation
|
page read and write
|
||
|
22CEFF00000
|
heap
|
page read and write
|
||
|
63CE000
|
stack
|
page read and write
|
||
|
56FE000
|
stack
|
page read and write
|
||
|
2000000
|
trusted library allocation
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
24F0000
|
trusted library allocation
|
page read and write
|
||
|
125F0000
|
trusted library allocation
|
page read and write
|
||
|
5FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
572E000
|
stack
|
page read and write
|
||
|
A9F7000
|
trusted library allocation
|
page readonly
|
||
|
1554000
|
trusted library allocation
|
page read and write
|
||
|
22CEFEE8000
|
heap
|
page read and write
|
||
|
9A40000
|
heap
|
page read and write
|
||
|
1D076601000
|
heap
|
page read and write
|
||
|
18FA000
|
heap
|
page read and write
|
||
|
5410000
|
trusted library allocation
|
page read and write
|
||
|
4EF9000
|
trusted library allocation
|
page read and write
|
||
|
84E0000
|
trusted library allocation
|
page read and write
|
||
|
22CF00A3000
|
trusted library allocation
|
page read and write
|
||
|
314D000
|
trusted library allocation
|
page read and write
|
||
|
AA3000
|
trusted library allocation
|
page read and write
|
||
|
126D6000
|
trusted library allocation
|
page read and write
|
||
|
22CEB002000
|
heap
|
page read and write
|
||
|
1D076D9C000
|
unkown
|
page readonly
|
||
|
540000
|
unkown
|
page readonly
|
||
|
E92000
|
heap
|
page read and write
|
||
|
E820000
|
heap
|
page read and write
|
||
|
3AB8000
|
trusted library allocation
|
page read and write
|
||
|
4CAD000
|
stack
|
page read and write
|
||
|
F0A000
|
trusted library allocation
|
page execute and read and write
|
||
|
E9C0000
|
heap
|
page read and write
|
||
|
1D05C500000
|
heap
|
page read and write
|
||
|
22CD1000
|
trusted library allocation
|
page read and write
|
||
|
F17000
|
trusted library allocation
|
page execute and read and write
|
||
|
E39E000
|
trusted library allocation
|
page readonly
|
||
|
8E0D6FB000
|
stack
|
page read and write
|
||
|
BF9B000
|
trusted library allocation
|
page readonly
|
||
|
5EC0000
|
trusted library allocation
|
page read and write
|
||
|
F02000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B740000
|
trusted library allocation
|
page read and write
|
||
|
638E000
|
stack
|
page read and write
|
||
|
1931000
|
heap
|
page read and write
|
||
|
12A73000
|
trusted library allocation
|
page read and write
|
||
|
E9B7000
|
heap
|
page read and write
|
||
|
22CEA8AE000
|
heap
|
page read and write
|
||
|
126DF000
|
trusted library allocation
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
4EF0000
|
trusted library allocation
|
page read and write
|
||
|
99F9000
|
heap
|
page read and write
|
||
|
8E0E239000
|
stack
|
page read and write
|
||
|
229B5000
|
trusted library allocation
|
page read and write
|
||
|
FFB6000
|
trusted library allocation
|
page readonly
|
||
|
22CEB15A000
|
heap
|
page read and write
|
||
|
22CEA902000
|
heap
|
page read and write
|
||
|
7FFD9B744000
|
trusted library allocation
|
page read and write
|
||
|
1D076671000
|
heap
|
page read and write
|
||
|
46DE000
|
stack
|
page read and write
|
||
|
DFE000
|
heap
|
page read and write
|
||
|
22CEA750000
|
heap
|
page read and write
|
||
|
7FFD9B6C0000
|
trusted library allocation
|
page read and write
|
||
|
BA2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B660000
|
trusted library allocation
|
page read and write
|
||
|
1500000
|
trusted library allocation
|
page read and write
|
||
|
8E0E63E000
|
stack
|
page read and write
|
||
|
63F0000
|
heap
|
page read and write
|
||
|
E94C000
|
heap
|
page read and write
|
||
|
995000
|
heap
|
page read and write
|
||
|
619E000
|
stack
|
page read and write
|
||
|
22CEAFD0000
|
trusted library allocation
|
page read and write
|
||
|
27AF000
|
stack
|
page read and write
|
||
|
5FC1000
|
trusted library allocation
|
page read and write
|
||
|
6590000
|
trusted library allocation
|
page execute and read and write
|
||
|
134A2000
|
trusted library allocation
|
page read and write
|
||
|
556000
|
unkown
|
page readonly
|
||
|
27E1000
|
trusted library allocation
|
page read and write
|
||
|
5008000
|
trusted library allocation
|
page read and write
|
||
|
8E0CEFE000
|
stack
|
page read and write
|
||
|
22435000
|
trusted library allocation
|
page read and write
|
||
|
1D0769A3000
|
heap
|
page read and write
|
||
|
4D3D000
|
stack
|
page read and write
|
||
|
22CEA8FF000
|
heap
|
page read and write
|
||
|
110C000
|
stack
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
5004000
|
trusted library allocation
|
page read and write
|
||
|
5ED0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C3B1000
|
trusted library allocation
|
page read and write
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
1D06DDB1000
|
trusted library allocation
|
page read and write
|
||
|
E24000
|
heap
|
page read and write
|
||
|
99D5000
|
heap
|
page read and write
|
||
|
666E000
|
stack
|
page read and write
|
||
|
1D05C2FF000
|
heap
|
page read and write
|
||
|
12A49000
|
trusted library allocation
|
page read and write
|
||
|
6030000
|
trusted library allocation
|
page read and write
|
||
|
5020000
|
trusted library allocation
|
page read and write
|
||
|
F87000
|
heap
|
page read and write
|
||
|
7FFD9B4DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
41B5000
|
trusted library allocation
|
page read and write
|
||
|
B9E3000
|
trusted library allocation
|
page readonly
|
||
|
5AE8000
|
heap
|
page read and write
|
||
|
8557000
|
heap
|
page read and write
|
||
|
10FB8000
|
trusted library allocation
|
page readonly
|
||
|
E166BFC000
|
stack
|
page read and write
|
||
|
24A2000
|
trusted library allocation
|
page read and write
|
||
|
EBD2000
|
heap
|
page read and write
|
||
|
6570000
|
trusted library allocation
|
page read and write
|
||
|
C37000
|
trusted library allocation
|
page read and write
|
||
|
A0E7000
|
trusted library allocation
|
page readonly
|
||
|
5B46000
|
heap
|
page read and write
|
||
|
6B3E000
|
unkown
|
page read and write
|
||
|
E89E000
|
heap
|
page read and write
|
||
|
5B20000
|
trusted library allocation
|
page read and write
|
||
|
EB90000
|
heap
|
page read and write
|
||
|
93F6000
|
trusted library allocation
|
page read and write
|
||
|
6A00000
|
heap
|
page read and write
|
||
|
518B000
|
stack
|
page read and write
|
||
|
7FFD9B719000
|
trusted library allocation
|
page read and write
|
||
|
252C000
|
trusted library allocation
|
page read and write
|
||
|
124FB000
|
trusted library allocation
|
page read and write
|
||
|
1280C000
|
trusted library allocation
|
page read and write
|
||
|
E964000
|
heap
|
page read and write
|
||
|
30AA000
|
trusted library allocation
|
page read and write
|
||
|
1D05DF9D000
|
trusted library allocation
|
page read and write
|
||
|
166B000
|
stack
|
page read and write
|
||
|
E935000
|
heap
|
page read and write
|
||
|
65CB000
|
heap
|
page read and write
|
||
|
22CEFEF4000
|
heap
|
page read and write
|
||
|
C01E000
|
trusted library allocation
|
page readonly
|
||
|
E945000
|
heap
|
page read and write
|
||
|
4ECA000
|
trusted library allocation
|
page read and write
|
||
|
570B000
|
stack
|
page read and write
|
||
|
1D05C040000
|
unkown
|
page readonly
|
||
|
22CEA916000
|
heap
|
page read and write
|
||
|
22CF011A000
|
trusted library allocation
|
page read and write
|
||
|
5CDE000
|
stack
|
page read and write
|
||
|
E16857E000
|
stack
|
page read and write
|
||
|
D50000
|
trusted library allocation
|
page read and write
|
||
|
30CB000
|
trusted library allocation
|
page read and write
|
||
|
22CEFEB6000
|
heap
|
page read and write
|
||
|
12862000
|
trusted library allocation
|
page read and write
|
||
|
BAB000
|
trusted library allocation
|
page execute and read and write
|
||
|
22CEFE23000
|
heap
|
page read and write
|
||
|
7FFD9B580000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E3C000
|
stack
|
page read and write
|
||
|
E85C000
|
heap
|
page read and write
|
||
|
EA09000
|
heap
|
page read and write
|
||
|
F56000
|
unkown
|
page readonly
|
||
|
5E45000
|
trusted library allocation
|
page read and write
|
||
|
5900000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C08000
|
trusted library allocation
|
page read and write
|
||
|
E166CFE000
|
unkown
|
page readonly
|
||
|
1558000
|
trusted library allocation
|
page read and write
|
||
|
22CF0000000
|
trusted library allocation
|
page read and write
|
||
|
1688000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1505000
|
trusted library allocation
|
page execute and read and write
|
||
|
96B000
|
heap
|
page read and write
|
||
|
22CEBCA0000
|
trusted library allocation
|
page read and write
|
||
|
6BEE000
|
stack
|
page read and write
|
||
|
E2A0000
|
trusted library allocation
|
page readonly
|
||
|
1D0766C0000
|
unkown
|
page readonly
|
||
|
660E000
|
stack
|
page read and write
|
||
|
8614000
|
heap
|
page read and write
|
||
|
22CF008E000
|
trusted library allocation
|
page read and write
|
||
|
6010000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CEE000
|
stack
|
page read and write
|
||
|
12510000
|
trusted library allocation
|
page read and write
|
||
|
1FE0000
|
trusted library allocation
|
page read and write
|
||
|
1D05DF27000
|
trusted library allocation
|
page read and write
|
||
|
1C25D000
|
trusted library allocation
|
page read and write
|
||
|
22CF00F4000
|
trusted library allocation
|
page read and write
|
||
|
59A8000
|
heap
|
page read and write
|
||
|
E9C5000
|
heap
|
page read and write
|
||
|
22CEFD00000
|
trusted library allocation
|
page read and write
|
||
|
1FF0000
|
trusted library allocation
|
page read and write
|
||
|
C40F000
|
trusted library allocation
|
page readonly
|
||
|
1D05C4B3000
|
heap
|
page execute and read and write
|
||
|
C9C000
|
stack
|
page read and write
|
||
|
8E0CBCF000
|
stack
|
page read and write
|
||
|
8E0D8F6000
|
stack
|
page read and write
|
||
|
8E0E439000
|
stack
|
page read and write
|
||
|
14ED000
|
trusted library allocation
|
page execute and read and write
|
There are 1274 hidden memdumps, click here to show them.