Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
EQORY0083009.vbs
|
ASCII text, with very long lines (22832)
|
initial sample
|
 |
|
|
C:\ProgramData\restored.vbe
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\MjRtEXpmLwgnbtg.vbs
|
ISO-8859 text
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Critical_powershell.exe_b4b21b9272f0623778607a435112f88140f556cc_00000000_be34bbc1-a28e-4efb-be7f-1346ca1845ad\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7911.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7941.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4rspalvv.mmw.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sefrabvg.nqg.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\PowerShell\PSReadLine\ConsoleHost_history.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ZF2N1UEXM9761RLSNIQT.temp
|
data
|
dropped
|
||
|
\Device\ConDrv
|
Non-ISO extended-ASCII text, with very long lines (875), with CRLF line terminators, with escape sequences
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\EQORY0083009.vbs"
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\ProgramData\restored.vbe"
|
|
|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\AppData\Roaming\MjRtEXpmLwgnbtg.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wermgr.exe
|
"C:\Windows\system32\wermgr.exe" "-outproc" "0" "5856" "2836" "2792" "2840" "0" "0" "2844" "0" "0" "0" "0" "0"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
104.26.13.205
|
|
|
|
http://144.91.79.54/210/r
|
unknown
|
||
|
http://144.91.79.54:80/1210/v
|
unknown
|
||
|
https://api.ipify.org
|
unknown
|
||
|
http://144.91.79.54/~
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://144.91.79.54/1210/22a2h1XGeeTM0V50LuCY.txtP
|
unknown
|
||
|
http://144.91.79.54/1210/file
|
unknown
|
||
|
http://144.91.79.54/1210/s
|
unknown
|
||
|
http://144.91.79.54/1210/r
|
unknown
|
||
|
http://144.91.79.54/llZ
|
unknown
|
||
|
http://144.91.79.54/1210/22a2h1XGeeTM0V50LuCY.txt
|
unknown
|
||
|
http://144.91.79.54/
|
unknown
|
||
|
http://144.91.79.54/1
|
unknown
|
||
|
http://144.91.79.54/1210/v
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
http://144.91.79.54/1210/A
|
unknown
|
||
|
http://144.91.79.54/1210/v?
|
unknown
|
||
|
http://144.91.79.54:80/1210/fileQADSEwBEQiEBgiEVYQYSEAKSUhBIIRAoIRFGwgEBgiEVYgDO4gDBQAIHEUEBEAIF4gDB
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://144.91.79.54/1210/vZ
|
unknown
|
There are 11 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
api.ipify.org
|
104.26.13.205
|
|
|
|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
|
s-part-0017.t-0009.fb-t-msedge.net
|
13.107.253.45
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
144.91.79.54
|
unknown
|
Germany
|
|
|
|
104.26.13.205
|
api.ipify.org
|
United States
|
|
|
|
162.254.34.31
|
unknown
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment2
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment3
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment4
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment5
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment6
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment7
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment9
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment10
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment11
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment13
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment14
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment15
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment16
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment17
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment18
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment19
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment20
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment21
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment22
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment23
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment24
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment25
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg\donn
|
segment26
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg
|
cn
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg
|
i
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg
|
s
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg
|
r
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg
|
Path
|
||
|
HKEY_CURRENT_USER\SOFTWARE\MjRtEXpmLwgnbtg
|
v
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
FileDirectory
|
There are 40 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
243C000
|
trusted library allocation
|
page read and write
|
|
|
|
244A000
|
trusted library allocation
|
page read and write
|
|
|
|
152000
|
remote allocation
|
page execute and read and write
|
|
|
|
2442000
|
trusted library allocation
|
page read and write
|
|
|
|
2411000
|
trusted library allocation
|
page read and write
|
|
|
|
6DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C7121FE000
|
heap
|
page read and write
|
||
|
242CC270000
|
heap
|
page read and write
|
||
|
2B0DE54F000
|
heap
|
page read and write
|
||
|
48B2000
|
trusted library allocation
|
page read and write
|
||
|
1C71248A000
|
heap
|
page read and write
|
||
|
1C71459E000
|
heap
|
page read and write
|
||
|
242CC4BC000
|
heap
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
1C71223B000
|
heap
|
page read and write
|
||
|
1C712273000
|
heap
|
page read and write
|
||
|
7CD000
|
heap
|
page read and write
|
||
|
242CC20C000
|
heap
|
page read and write
|
||
|
242CC094000
|
heap
|
page read and write
|
||
|
242CA170000
|
heap
|
page read and write
|
||
|
5916000
|
heap
|
page read and write
|
||
|
242CA287000
|
heap
|
page read and write
|
||
|
1C712254000
|
heap
|
page read and write
|
||
|
1C712150000
|
heap
|
page read and write
|
||
|
242CC087000
|
heap
|
page read and write
|
||
|
6190000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C712272000
|
heap
|
page read and write
|
||
|
1C712211000
|
heap
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
1C71435B000
|
heap
|
page read and write
|
||
|
242CC246000
|
heap
|
page read and write
|
||
|
5DCD000
|
trusted library allocation
|
page read and write
|
||
|
1C713D50000
|
heap
|
page read and write
|
||
|
1C71222F000
|
heap
|
page read and write
|
||
|
242CC0C2000
|
heap
|
page read and write
|
||
|
1C712240000
|
heap
|
page read and write
|
||
|
67D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DDF000
|
stack
|
page read and write
|
||
|
F94B3FF000
|
stack
|
page read and write
|
||
|
1C71222F000
|
heap
|
page read and write
|
||
|
33C1000
|
trusted library allocation
|
page read and write
|
||
|
1C712277000
|
heap
|
page read and write
|
||
|
1C7143BD000
|
heap
|
page read and write
|
||
|
1C71248B000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
1C71221C000
|
heap
|
page read and write
|
||
|
242CA3F0000
|
heap
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
242CA287000
|
heap
|
page read and write
|
||
|
1C7121F5000
|
heap
|
page read and write
|
||
|
1C7122B7000
|
heap
|
page read and write
|
||
|
242CC123000
|
heap
|
page read and write
|
||
|
5C9E000
|
stack
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
6180000
|
heap
|
page read and write
|
||
|
2B0DE586000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
1C713CE0000
|
remote allocation
|
page read and write
|
||
|
242CC0D2000
|
heap
|
page read and write
|
||
|
1C712281000
|
heap
|
page read and write
|
||
|
6CED0FD000
|
stack
|
page read and write
|
||
|
242CC471000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
1C712240000
|
heap
|
page read and write
|
||
|
242CC182000
|
heap
|
page read and write
|
||
|
2B0DE598000
|
heap
|
page read and write
|
||
|
242CA26E000
|
heap
|
page read and write
|
||
|
1C712266000
|
heap
|
page read and write
|
||
|
242CA247000
|
heap
|
page read and write
|
||
|
48CD000
|
trusted library allocation
|
page read and write
|
||
|
1C7142A0000
|
heap
|
page read and write
|
||
|
2B0DE586000
|
heap
|
page read and write
|
||
|
1C712238000
|
heap
|
page read and write
|
||
|
1C7142B3000
|
heap
|
page read and write
|
||
|
1C714432000
|
heap
|
page read and write
|
||
|
1C71229C000
|
heap
|
page read and write
|
||
|
48A0000
|
trusted library allocation
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
803000
|
heap
|
page read and write
|
||
|
82E000
|
heap
|
page read and write
|
||
|
2B0DE586000
|
heap
|
page read and write
|
||
|
242CC094000
|
heap
|
page read and write
|
||
|
2B0DE581000
|
heap
|
page read and write
|
||
|
1C712266000
|
heap
|
page read and write
|
||
|
1C7122B6000
|
heap
|
page read and write
|
||
|
1C7121E8000
|
heap
|
page read and write
|
||
|
710000
|
trusted library allocation
|
page read and write
|
||
|
2B0DE586000
|
heap
|
page read and write
|
||
|
5F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F2000
|
trusted library allocation
|
page read and write
|
||
|
1C712232000
|
heap
|
page read and write
|
||
|
1C7140A1000
|
heap
|
page read and write
|
||
|
23B0000
|
heap
|
page execute and read and write
|
||
|
6D0000
|
trusted library allocation
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
242CA2AD000
|
heap
|
page read and write
|
||
|
1C712288000
|
heap
|
page read and write
|
||
|
242CA3FC000
|
heap
|
page read and write
|
||
|
1C712277000
|
heap
|
page read and write
|
||
|
1C7143A1000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
2B0DE599000
|
heap
|
page read and write
|
||
|
2B0E0380000
|
heap
|
page read and write
|
||
|
11A000
|
stack
|
page read and write
|
||
|
1C71226C000
|
heap
|
page read and write
|
||
|
1C712282000
|
heap
|
page read and write
|
||
|
1C712254000
|
heap
|
page read and write
|
||
|
1C712220000
|
heap
|
page read and write
|
||
|
2B0DE586000
|
heap
|
page read and write
|
||
|
242CA22C000
|
heap
|
page read and write
|
||
|
242CA3F5000
|
heap
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
4E1D000
|
stack
|
page read and write
|
||
|
242CA290000
|
heap
|
page read and write
|
||
|
F94AB59000
|
stack
|
page read and write
|
||
|
242CA286000
|
heap
|
page read and write
|
||
|
242CC103000
|
heap
|
page read and write
|
||
|
1C712293000
|
heap
|
page read and write
|
||
|
2B0DE586000
|
heap
|
page read and write
|
||
|
1C712282000
|
heap
|
page read and write
|
||
|
6CEC9FE000
|
stack
|
page read and write
|
||
|
1C7143BB000
|
heap
|
page read and write
|
||
|
1C71227E000
|
heap
|
page read and write
|
||
|
3F522FD000
|
stack
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
1C712488000
|
heap
|
page read and write
|
||
|
58DE000
|
heap
|
page read and write
|
||
|
242CA1DF000
|
heap
|
page read and write
|
||
|
1C712254000
|
heap
|
page read and write
|
||
|
1C712277000
|
heap
|
page read and write
|
||
|
1C7140A5000
|
heap
|
page read and write
|
||
|
2B0DE58D000
|
heap
|
page read and write
|
||
|
225C000
|
stack
|
page read and write
|
||
|
748000
|
heap
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
242CC092000
|
heap
|
page read and write
|
||
|
242CC171000
|
heap
|
page read and write
|
||
|
1C712288000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
1C713CE0000
|
remote allocation
|
page read and write
|
||
|
1C7122A2000
|
heap
|
page read and write
|
||
|
242CA227000
|
heap
|
page read and write
|
||
|
242CC235000
|
heap
|
page read and write
|
||
|
2B0DE450000
|
heap
|
page read and write
|
||
|
58BE000
|
stack
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
2B0DE54B000
|
heap
|
page read and write
|
||
|
777000
|
heap
|
page read and write
|
||
|
2401000
|
trusted library allocation
|
page read and write
|
||
|
1C7122B0000
|
heap
|
page read and write
|
||
|
1C712291000
|
heap
|
page read and write
|
||
|
6FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
2B0DE581000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
4B5C000
|
stack
|
page read and write
|
||
|
6EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
625000
|
heap
|
page read and write
|
||
|
2B0DE548000
|
heap
|
page read and write
|
||
|
1C712219000
|
heap
|
page read and write
|
||
|
1C71221C000
|
heap
|
page read and write
|
||
|
1C71430A000
|
heap
|
page read and write
|
||
|
4910000
|
heap
|
page read and write
|
||
|
48D2000
|
trusted library allocation
|
page read and write
|
||
|
2B0DE58A000
|
heap
|
page read and write
|
||
|
1C712266000
|
heap
|
page read and write
|
||
|
1C712254000
|
heap
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
1C714328000
|
heap
|
page read and write
|
||
|
2436000
|
trusted library allocation
|
page read and write
|
||
|
1C712254000
|
heap
|
page read and write
|
||
|
242CC1C5000
|
heap
|
page read and write
|
||
|
6450000
|
heap
|
page read and write
|
||
|
242CA260000
|
heap
|
page read and write
|
||
|
33E9000
|
trusted library allocation
|
page read and write
|
||
|
242CC071000
|
heap
|
page read and write
|
||
|
1C71221D000
|
heap
|
page read and write
|
||
|
1C71228B000
|
heap
|
page read and write
|
||
|
242CA275000
|
heap
|
page read and write
|
||
|
2B0DE581000
|
heap
|
page read and write
|
||
|
1C71226C000
|
heap
|
page read and write
|
||
|
2B0DE845000
|
heap
|
page read and write
|
||
|
6CECFFE000
|
stack
|
page read and write
|
||
|
78D000
|
heap
|
page read and write
|
||
|
6140000
|
trusted library allocation
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
667000
|
heap
|
page read and write
|
||
|
48C6000
|
trusted library allocation
|
page read and write
|
||
|
1C712240000
|
heap
|
page read and write
|
||
|
242CC482000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
81A000
|
heap
|
page read and write
|
||
|
242CA296000
|
heap
|
page read and write
|
||
|
6F5000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C3E000
|
stack
|
page read and write
|
||
|
242CA3FB000
|
heap
|
page read and write
|
||
|
4A53000
|
heap
|
page read and write
|
||
|
1C7143C1000
|
heap
|
page read and write
|
||
|
2B0DE586000
|
heap
|
page read and write
|
||
|
1C7122A3000
|
heap
|
page read and write
|
||
|
FFD80000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C7121E7000
|
heap
|
page read and write
|
||
|
1C712277000
|
heap
|
page read and write
|
||
|
2438000
|
trusted library allocation
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
242CC0E3000
|
heap
|
page read and write
|
||
|
1C712277000
|
heap
|
page read and write
|
||
|
242CC21E000
|
heap
|
page read and write
|
||
|
242CC1FA000
|
heap
|
page read and write
|
||
|
1C712277000
|
heap
|
page read and write
|
||
|
2B0DE58D000
|
heap
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
6CECAFE000
|
stack
|
page read and write
|
||
|
242CC231000
|
heap
|
page read and write
|
||
|
242CA275000
|
heap
|
page read and write
|
||
|
2B0DE546000
|
heap
|
page read and write
|
||
|
2B0DE564000
|
heap
|
page read and write
|
||
|
670000
|
trusted library allocation
|
page read and write
|
||
|
2B0DE581000
|
heap
|
page read and write
|
||
|
1C712219000
|
heap
|
page read and write
|
||
|
3F520FD000
|
stack
|
page read and write
|
||
|
5EAE000
|
stack
|
page read and write
|
||
|
3F51791000
|
stack
|
page read and write
|
||
|
720000
|
trusted library allocation
|
page execute and read and write
|
||
|
242CA3F8000
|
heap
|
page read and write
|
||
|
1C71222F000
|
heap
|
page read and write
|
||
|
1C7144A7000
|
heap
|
page read and write
|
||
|
23F7000
|
trusted library allocation
|
page read and write
|
||
|
1C712294000
|
heap
|
page read and write
|
||
|
1C712299000
|
heap
|
page read and write
|
||
|
1C7143C2000
|
heap
|
page read and write
|
||
|
1C712266000
|
heap
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
2B0DE58D000
|
heap
|
page read and write
|
||
|
4FED000
|
stack
|
page read and write
|
||
|
242CC230000
|
heap
|
page read and write
|
||
|
1C714463000
|
heap
|
page read and write
|
||
|
1C71226C000
|
heap
|
page read and write
|
||
|
2B0DE598000
|
heap
|
page read and write
|
||
|
1C712140000
|
heap
|
page read and write
|
||
|
6137000
|
trusted library allocation
|
page read and write
|
||
|
1C7140A5000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
58C0000
|
heap
|
page read and write
|
||
|
242CC21F000
|
heap
|
page read and write
|
||
|
1C7142BC000
|
heap
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
3F51EFF000
|
stack
|
page read and write
|
||
|
779000
|
heap
|
page read and write
|
||
|
242CA275000
|
heap
|
page read and write
|
||
|
1C712219000
|
heap
|
page read and write
|
||
|
242CA287000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
2B0DE4D0000
|
heap
|
page read and write
|
||
|
1C71227F000
|
heap
|
page read and write
|
||
|
1C712238000
|
heap
|
page read and write
|
||
|
3F51DFF000
|
stack
|
page read and write
|
||
|
242CA226000
|
heap
|
page read and write
|
||
|
1C714351000
|
heap
|
page read and write
|
||
|
2B0E0030000
|
heap
|
page read and write
|
||
|
242CA253000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
3F51FFC000
|
stack
|
page read and write
|
||
|
242CA269000
|
heap
|
page read and write
|
||
|
242CC0F2000
|
heap
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
1C712238000
|
heap
|
page read and write
|
||
|
1C7140A0000
|
heap
|
page read and write
|
||
|
1C712272000
|
heap
|
page read and write
|
||
|
2B0DE593000
|
heap
|
page read and write
|
||
|
242CC083000
|
heap
|
page read and write
|
||
|
221E000
|
stack
|
page read and write
|
||
|
242CA211000
|
heap
|
page read and write
|
||
|
5DB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
242CA3FB000
|
heap
|
page read and write
|
||
|
1C7122B6000
|
heap
|
page read and write
|
||
|
F94B0FD000
|
stack
|
page read and write
|
||
|
5DC0000
|
trusted library allocation
|
page read and write
|
||
|
4F9000
|
stack
|
page read and write
|
||
|
5C50000
|
trusted library allocation
|
page read and write
|
||
|
3F51AFF000
|
stack
|
page read and write
|
||
|
1C71432B000
|
heap
|
page read and write
|
||
|
1C7143A1000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
5C59000
|
trusted library allocation
|
page read and write
|
||
|
1C712286000
|
heap
|
page read and write
|
||
|
242CA226000
|
heap
|
page read and write
|
||
|
242CA23D000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
1C712170000
|
heap
|
page read and write
|
||
|
1C712480000
|
heap
|
page read and write
|
||
|
242CA261000
|
heap
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
2B0DE58D000
|
heap
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
1C7143B3000
|
heap
|
page read and write
|
||
|
242CA226000
|
heap
|
page read and write
|
||
|
1C71226C000
|
heap
|
page read and write
|
||
|
7D9000
|
heap
|
page read and write
|
||
|
242CC0B2000
|
heap
|
page read and write
|
||
|
1C7142DA000
|
heap
|
page read and write
|
||
|
242CA150000
|
heap
|
page read and write
|
||
|
1C712232000
|
heap
|
page read and write
|
||
|
243A000
|
trusted library allocation
|
page read and write
|
||
|
1C712285000
|
heap
|
page read and write
|
||
|
242CA290000
|
heap
|
page read and write
|
||
|
242CC086000
|
heap
|
page read and write
|
||
|
242CA226000
|
heap
|
page read and write
|
||
|
1C7121F4000
|
heap
|
page read and write
|
||
|
1C712277000
|
heap
|
page read and write
|
||
|
2B0DE58D000
|
heap
|
page read and write
|
||
|
2B0DE581000
|
heap
|
page read and write
|
||
|
1C71229C000
|
heap
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
1C712232000
|
heap
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
1C712232000
|
heap
|
page read and write
|
||
|
242CC494000
|
heap
|
page read and write
|
||
|
242CC470000
|
heap
|
page read and write
|
||
|
1C712281000
|
heap
|
page read and write
|
||
|
1C714329000
|
heap
|
page read and write
|
||
|
2B0DE54E000
|
heap
|
page read and write
|
||
|
1C7142D0000
|
heap
|
page read and write
|
||
|
4B9E000
|
stack
|
page read and write
|
||
|
2B0DE583000
|
heap
|
page read and write
|
||
|
3F521FD000
|
stack
|
page read and write
|
||
|
242CA1B9000
|
heap
|
page read and write
|
||
|
3427000
|
trusted library allocation
|
page read and write
|
||
|
1C71229E000
|
heap
|
page read and write
|
||
|
1C7121E1000
|
heap
|
page read and write
|
||
|
F94B1FE000
|
stack
|
page read and write
|
||
|
2B0DE598000
|
heap
|
page read and write
|
||
|
242CA2A8000
|
heap
|
page read and write
|
||
|
1C7140A7000
|
heap
|
page read and write
|
||
|
1C712272000
|
heap
|
page read and write
|
||
|
2B0DE58B000
|
heap
|
page read and write
|
||
|
242CC183000
|
heap
|
page read and write
|
||
|
1C71435C000
|
heap
|
page read and write
|
||
|
2B0DE581000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
2B0DE586000
|
heap
|
page read and write
|
||
|
1C71226C000
|
heap
|
page read and write
|
||
|
242CC112000
|
heap
|
page read and write
|
||
|
242CC0B9000
|
heap
|
page read and write
|
||
|
1C714314000
|
heap
|
page read and write
|
||
|
6E6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
242CA290000
|
heap
|
page read and write
|
||
|
48A6000
|
trusted library allocation
|
page read and write
|
||
|
730000
|
trusted library allocation
|
page read and write
|
||
|
1C7142B4000
|
heap
|
page read and write
|
||
|
1C7140BA000
|
heap
|
page read and write
|
||
|
1C71221F000
|
heap
|
page read and write
|
||
|
2B0DE58D000
|
heap
|
page read and write
|
||
|
242CC071000
|
heap
|
page read and write
|
||
|
4F1F000
|
stack
|
page read and write
|
||
|
1C712238000
|
heap
|
page read and write
|
||
|
48C1000
|
trusted library allocation
|
page read and write
|
||
|
2B0DE598000
|
heap
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
1C712238000
|
heap
|
page read and write
|
||
|
1C7142B4000
|
heap
|
page read and write
|
||
|
242CA26A000
|
heap
|
page read and write
|
||
|
1C712266000
|
heap
|
page read and write
|
||
|
1C712485000
|
heap
|
page read and write
|
||
|
2260000
|
heap
|
page read and write
|
||
|
1C712294000
|
heap
|
page read and write
|
||
|
242CA1E0000
|
heap
|
page read and write
|
||
|
1C7143EE000
|
heap
|
page read and write
|
||
|
1C712291000
|
heap
|
page read and write
|
||
|
5D9F000
|
stack
|
page read and write
|
||
|
2370000
|
trusted library allocation
|
page read and write
|
||
|
1C7143B4000
|
heap
|
page read and write
|
||
|
2B0DE586000
|
heap
|
page read and write
|
||
|
1C712219000
|
heap
|
page read and write
|
||
|
4CDE000
|
stack
|
page read and write
|
||
|
1C7121FB000
|
heap
|
page read and write
|
||
|
1C71223B000
|
heap
|
page read and write
|
||
|
1C712489000
|
heap
|
page read and write
|
||
|
2B0DE581000
|
heap
|
page read and write
|
||
|
242CC170000
|
heap
|
page read and write
|
||
|
5DD7000
|
trusted library allocation
|
page read and write
|
||
|
242CC20C000
|
heap
|
page read and write
|
||
|
5B3E000
|
stack
|
page read and write
|
||
|
75F000
|
heap
|
page read and write
|
||
|
1C712294000
|
heap
|
page read and write
|
||
|
242CA26A000
|
heap
|
page read and write
|
||
|
2B0DE4D8000
|
heap
|
page read and write
|
||
|
242CA265000
|
heap
|
page read and write
|
||
|
1C71226C000
|
heap
|
page read and write
|
||
|
6CECCFE000
|
stack
|
page read and write
|
||
|
5DD0000
|
trusted library allocation
|
page read and write
|
||
|
1C714494000
|
heap
|
page read and write
|
||
|
1C7142A1000
|
heap
|
page read and write
|
||
|
2B0DE586000
|
heap
|
page read and write
|
||
|
242CC483000
|
heap
|
page read and write
|
||
|
1C71435C000
|
heap
|
page read and write
|
||
|
1C7140AA000
|
heap
|
page read and write
|
||
|
2B0DE58E000
|
heap
|
page read and write
|
||
|
1C71223B000
|
heap
|
page read and write
|
||
|
1C71229B000
|
heap
|
page read and write
|
||
|
5C40000
|
heap
|
page read and write
|
||
|
48AB000
|
trusted library allocation
|
page read and write
|
||
|
242CA1EE000
|
heap
|
page read and write
|
||
|
1C712240000
|
heap
|
page read and write
|
||
|
6130000
|
trusted library allocation
|
page read and write
|
||
|
1C7143A1000
|
heap
|
page read and write
|
||
|
250C000
|
trusted library allocation
|
page read and write
|
||
|
1C712288000
|
heap
|
page read and write
|
||
|
2B0DE58B000
|
heap
|
page read and write
|
||
|
5E1D000
|
stack
|
page read and write
|
||
|
48BA000
|
trusted library allocation
|
page read and write
|
||
|
23C1000
|
trusted library allocation
|
page read and write
|
||
|
2B0DE597000
|
heap
|
page read and write
|
||
|
1C71221B000
|
heap
|
page read and write
|
||
|
2B0DE598000
|
heap
|
page read and write
|
||
|
23FF000
|
trusted library allocation
|
page read and write
|
||
|
242CC494000
|
heap
|
page read and write
|
||
|
150000
|
remote allocation
|
page execute and read and write
|
||
|
6CECDFF000
|
stack
|
page read and write
|
||
|
242CC494000
|
heap
|
page read and write
|
||
|
6150000
|
trusted library allocation
|
page read and write
|
||
|
2B0DE58D000
|
heap
|
page read and write
|
||
|
6CED2FB000
|
stack
|
page read and write
|
||
|
1C7122A8000
|
heap
|
page read and write
|
||
|
1C712254000
|
heap
|
page read and write
|
||
|
240D000
|
trusted library allocation
|
page read and write
|
||
|
242CC4B9000
|
heap
|
page read and write
|
||
|
2B0DE58B000
|
heap
|
page read and write
|
||
|
1C71226C000
|
heap
|
page read and write
|
||
|
1C712277000
|
heap
|
page read and write
|
||
|
1C712277000
|
heap
|
page read and write
|
||
|
2B0DE58B000
|
heap
|
page read and write
|
||
|
242CA1C3000
|
heap
|
page read and write
|
||
|
242CC1D6000
|
heap
|
page read and write
|
||
|
1C71448A000
|
heap
|
page read and write
|
||
|
1C712210000
|
heap
|
page read and write
|
||
|
242CC1E8000
|
heap
|
page read and write
|
||
|
2B0DE598000
|
heap
|
page read and write
|
||
|
242CC071000
|
heap
|
page read and write
|
||
|
1C712297000
|
heap
|
page read and write
|
||
|
4900000
|
heap
|
page execute and read and write
|
||
|
1C7140AF000
|
heap
|
page read and write
|
||
|
242CC20C000
|
heap
|
page read and write
|
||
|
1C71226C000
|
heap
|
page read and write
|
||
|
2B0DE563000
|
heap
|
page read and write
|
||
|
1C7122A0000
|
heap
|
page read and write
|
||
|
242CC094000
|
heap
|
page read and write
|
||
|
242CC0AF000
|
heap
|
page read and write
|
||
|
1C7142B3000
|
heap
|
page read and write
|
||
|
43C8000
|
trusted library allocation
|
page read and write
|
||
|
1C712288000
|
heap
|
page read and write
|
||
|
76C000
|
heap
|
page read and write
|
||
|
1C712200000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
1C7140A6000
|
heap
|
page read and write
|
||
|
242CA1B0000
|
heap
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
6CECEFF000
|
stack
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
242CA1E0000
|
heap
|
page read and write
|
||
|
2B0DE440000
|
heap
|
page read and write
|
||
|
4A50000
|
heap
|
page read and write
|
||
|
242CA256000
|
heap
|
page read and write
|
||
|
2B0DE581000
|
heap
|
page read and write
|
||
|
242CC094000
|
heap
|
page read and write
|
||
|
2B0DE840000
|
heap
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
242CA26C000
|
heap
|
page read and write
|
||
|
242CBD20000
|
heap
|
page read and write
|
||
|
2380000
|
trusted library allocation
|
page read and write
|
||
|
1C7140AA000
|
heap
|
page read and write
|
||
|
3F51BFF000
|
stack
|
page read and write
|
||
|
1C71223B000
|
heap
|
page read and write
|
||
|
4C9E000
|
stack
|
page read and write
|
||
|
1C71459E000
|
heap
|
page read and write
|
||
|
2390000
|
trusted library allocation
|
page read and write
|
||
|
242CA268000
|
heap
|
page read and write
|
||
|
1C712285000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
242CA275000
|
heap
|
page read and write
|
||
|
1C712254000
|
heap
|
page read and write
|
||
|
48AE000
|
trusted library allocation
|
page read and write
|
||
|
242CA22D000
|
heap
|
page read and write
|
||
|
1C712232000
|
heap
|
page read and write
|
||
|
242CC07E000
|
heap
|
page read and write
|
||
|
1C712488000
|
heap
|
page read and write
|
||
|
2B0DE58D000
|
heap
|
page read and write
|
||
|
673000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
1C7143DE000
|
heap
|
page read and write
|
||
|
1C7143C1000
|
heap
|
page read and write
|
||
|
1C71223C000
|
heap
|
page read and write
|
||
|
1C71228A000
|
heap
|
page read and write
|
||
|
1C712240000
|
heap
|
page read and write
|
||
|
1C7142F7000
|
heap
|
page read and write
|
||
|
1C712266000
|
heap
|
page read and write
|
||
|
1C714575000
|
heap
|
page read and write
|
||
|
1C71220D000
|
heap
|
page read and write
|
||
|
1C713CE0000
|
remote allocation
|
page read and write
|
||
|
242CC0BB000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
242CC112000
|
heap
|
page read and write
|
||
|
242CC292000
|
heap
|
page read and write
|
||
|
1C71448A000
|
heap
|
page read and write
|
||
|
1C71459D000
|
heap
|
page read and write
|
||
|
1C7142A1000
|
heap
|
page read and write
|
||
|
242CC0CB000
|
heap
|
page read and write
|
||
|
242CA265000
|
heap
|
page read and write
|
||
|
242CA3FC000
|
heap
|
page read and write
|
||
|
1C712225000
|
heap
|
page read and write
|
||
|
1C712277000
|
heap
|
page read and write
|
||
|
7B6000
|
heap
|
page read and write
|
||
|
1C7121C8000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
4A4C000
|
stack
|
page read and write
|
||
|
1C7122A3000
|
heap
|
page read and write
|
||
|
2B0DE593000
|
heap
|
page read and write
|
||
|
2B0DE58B000
|
heap
|
page read and write
|
||
|
242CC4B8000
|
heap
|
page read and write
|
||
|
1C7140AA000
|
heap
|
page read and write
|
||
|
1C712240000
|
heap
|
page read and write
|
||
|
1C712266000
|
heap
|
page read and write
|
||
|
1C71220F000
|
heap
|
page read and write
|
||
|
2B0DE581000
|
heap
|
page read and write
|
||
|
1C712266000
|
heap
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
242CA3F9000
|
heap
|
page read and write
|
||
|
242CC0D2000
|
heap
|
page read and write
|
||
|
242CA3F8000
|
heap
|
page read and write
|
||
|
1C71228B000
|
heap
|
page read and write
|
||
|
2B0DE57A000
|
heap
|
page read and write
|
||
|
242CA1DA000
|
heap
|
page read and write
|
||
|
242CA290000
|
heap
|
page read and write
|
||
|
242CC0F2000
|
heap
|
page read and write
|
||
|
2B0DE58B000
|
heap
|
page read and write
|
||
|
1C71222F000
|
heap
|
page read and write
|
||
|
F94B5FE000
|
stack
|
page read and write
|
||
|
242CA26F000
|
heap
|
page read and write
|
||
|
1C712266000
|
heap
|
page read and write
|
||
|
48BE000
|
trusted library allocation
|
page read and write
|
||
|
1C712288000
|
heap
|
page read and write
|
||
|
1C712254000
|
heap
|
page read and write
|
||
|
242CA256000
|
heap
|
page read and write
|
||
|
1C714575000
|
heap
|
page read and write
|
||
|
1C7121DC000
|
heap
|
page read and write
|
||
|
F94B4FE000
|
stack
|
page read and write
|
||
|
2B0DE593000
|
heap
|
page read and write
|
||
|
1C7121FA000
|
heap
|
page read and write
|
||
|
2B0DE470000
|
heap
|
page read and write
|
||
|
2B0DE58E000
|
heap
|
page read and write
|
||
|
2B0DE58B000
|
heap
|
page read and write
|
||
|
1C712240000
|
heap
|
page read and write
|
||
|
242CA3F9000
|
heap
|
page read and write
|
||
|
1C712294000
|
heap
|
page read and write
|
||
|
455D000
|
stack
|
page read and write
|
||
|
1C71448B000
|
heap
|
page read and write
|
||
|
1C712240000
|
heap
|
page read and write
|
||
|
2B0DE593000
|
heap
|
page read and write
|
||
|
242CC143000
|
heap
|
page read and write
|
||
|
242CA140000
|
heap
|
page read and write
|
||
|
242CC4A6000
|
heap
|
page read and write
|
||
|
242CC20C000
|
heap
|
page read and write
|
||
|
1C71226C000
|
heap
|
page read and write
|
||
|
1C7140B1000
|
heap
|
page read and write
|
||
|
242CC1E8000
|
heap
|
page read and write
|
||
|
1C71222F000
|
heap
|
page read and write
|
||
|
2B0DE57F000
|
heap
|
page read and write
|
||
|
1C712277000
|
heap
|
page read and write
|
||
|
242CA265000
|
heap
|
page read and write
|
||
|
6CEC8FA000
|
stack
|
page read and write
|
||
|
242CC070000
|
heap
|
page read and write
|
||
|
1C712254000
|
heap
|
page read and write
|
||
|
6E2000
|
trusted library allocation
|
page read and write
|
||
|
1C7140AA000
|
heap
|
page read and write
|
||
|
1C7121E1000
|
heap
|
page read and write
|
||
|
2B0DE598000
|
heap
|
page read and write
|
||
|
1C712219000
|
heap
|
page read and write
|
||
|
242CA1F9000
|
heap
|
page read and write
|
||
|
2B0DE596000
|
heap
|
page read and write
|
||
|
2B0DE58D000
|
heap
|
page read and write
|
||
|
1C71248E000
|
heap
|
page read and write
|
||
|
236F000
|
stack
|
page read and write
|
||
|
1C7143F7000
|
heap
|
page read and write
|
||
|
2B0DE586000
|
heap
|
page read and write
|
||
|
650000
|
trusted library allocation
|
page read and write
|
||
|
242CA277000
|
heap
|
page read and write
|
||
|
242CA2A8000
|
heap
|
page read and write
|
||
|
242CA206000
|
heap
|
page read and write
|
||
|
5EF0000
|
trusted library allocation
|
page read and write
|
||
|
2B0DE542000
|
heap
|
page read and write
|
||
|
6F7000
|
trusted library allocation
|
page execute and read and write
|
||
|
242CC4A7000
|
heap
|
page read and write
|
||
|
242CA287000
|
heap
|
page read and write
|
||
|
2B0DE593000
|
heap
|
page read and write
|
||
|
1C712212000
|
heap
|
page read and write
|
||
|
674000
|
trusted library allocation
|
page read and write
|
||
|
2B0DE593000
|
heap
|
page read and write
|
||
|
6E0000
|
trusted library allocation
|
page read and write
|
||
|
1C71227F000
|
heap
|
page read and write
|
||
|
2B0DE58D000
|
heap
|
page read and write
|
||
|
1C7143A0000
|
heap
|
page read and write
|
||
|
1C7121C0000
|
heap
|
page read and write
|
||
|
2B0DE598000
|
heap
|
page read and write
|
||
|
1C712240000
|
heap
|
page read and write
|
||
|
1C71229C000
|
heap
|
page read and write
|
There are 605 hidden memdumps, click here to show them.