Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
EKSTRE_1022.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\EKSTRE_1022.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp4FA4.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\JIlApjvRxj.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\JIlApjvRxj.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\JIlApjvRxj.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_aow4wjdq.4q5.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ayrkr3q3.4me.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_g2g1oijj.1zo.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gd2pdpaf.ovq.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gsogotwp.hol.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nfamaill.lhy.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ov4oewa1.kij.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qvgyba1q.qfq.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp5DFC.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\EKSTRE_1022.exe
|
"C:\Users\user\Desktop\EKSTRE_1022.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\EKSTRE_1022.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\JIlApjvRxj.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\JIlApjvRxj" /XML "C:\Users\user\AppData\Local\Temp\tmp4FA4.tmp"
|
|
|
|
C:\Users\user\Desktop\EKSTRE_1022.exe
|
"C:\Users\user\Desktop\EKSTRE_1022.exe"
|
|
|
|
C:\Users\user\Desktop\EKSTRE_1022.exe
|
"C:\Users\user\Desktop\EKSTRE_1022.exe"
|
|
|
|
C:\Users\user\Desktop\EKSTRE_1022.exe
|
"C:\Users\user\Desktop\EKSTRE_1022.exe"
|
|
|
|
C:\Users\user\Desktop\EKSTRE_1022.exe
|
"C:\Users\user\Desktop\EKSTRE_1022.exe"
|
|
|
|
C:\Users\user\Desktop\EKSTRE_1022.exe
|
"C:\Users\user\Desktop\EKSTRE_1022.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\JIlApjvRxj.exe
|
C:\Users\user\AppData\Roaming\JIlApjvRxj.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\JIlApjvRxj" /XML "C:\Users\user\AppData\Local\Temp\tmp5DFC.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\JIlApjvRxj.exe
|
"C:\Users\user\AppData\Roaming\JIlApjvRxj.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 7 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://checkip.dyndns.org/
|
193.122.6.168
|
||
|
http://checkip.dyndns.comd
|
unknown
|
||
|
http://microsoft.co
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/173.254.250.71d
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
http://reallyfreegeoip.orgd
|
unknown
|
||
|
http://tempuri.org/DataSet1.xsd
|
unknown
|
||
|
http://reallyfreegeoip.org
|
unknown
|
||
|
http://checkip.dyndns.orgd
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/173.254.250.71
|
188.114.96.3
|
||
|
https://reallyfreegeoip.org/xml/173.254.250.71l
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
http://checkip.dyndns.org/d
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
||
|
https://api.telegram.org/bot-/sendDocument?chat_id=
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 9 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
188.114.96.3
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
checkip.dyndns.com
|
193.122.6.168
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.96.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
193.122.6.168
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EKSTRE_1022_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EKSTRE_1022_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EKSTRE_1022_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EKSTRE_1022_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EKSTRE_1022_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EKSTRE_1022_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EKSTRE_1022_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EKSTRE_1022_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EKSTRE_1022_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EKSTRE_1022_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EKSTRE_1022_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EKSTRE_1022_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EKSTRE_1022_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EKSTRE_1022_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JIlApjvRxj_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JIlApjvRxj_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JIlApjvRxj_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JIlApjvRxj_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JIlApjvRxj_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JIlApjvRxj_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JIlApjvRxj_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JIlApjvRxj_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JIlApjvRxj_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JIlApjvRxj_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JIlApjvRxj_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JIlApjvRxj_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JIlApjvRxj_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JIlApjvRxj_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4059000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
3FD7000
|
trusted library allocation
|
page read and write
|
|
|
|
403B000
|
trusted library allocation
|
page read and write
|
|
|
|
2E94000
|
trusted library allocation
|
page read and write
|
||
|
37E0000
|
trusted library allocation
|
page read and write
|
||
|
2CB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
DDA000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CA0000
|
trusted library allocation
|
page read and write
|
||
|
2BA0000
|
trusted library allocation
|
page read and write
|
||
|
5029000
|
trusted library allocation
|
page read and write
|
||
|
41A000
|
remote allocation
|
page execute and read and write
|
||
|
50A0000
|
heap
|
page read and write
|
||
|
2AB0000
|
heap
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
5260000
|
heap
|
page read and write
|
||
|
BA8000
|
heap
|
page read and write
|
||
|
4CC0000
|
trusted library allocation
|
page read and write
|
||
|
33DA000
|
heap
|
page read and write
|
||
|
2C87000
|
trusted library allocation
|
page execute and read and write
|
||
|
F67000
|
heap
|
page read and write
|
||
|
5A30000
|
trusted library allocation
|
page execute and read and write
|
||
|
416000
|
remote allocation
|
page execute and read and write
|
||
|
2C72000
|
trusted library allocation
|
page read and write
|
||
|
28AD000
|
trusted library allocation
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
6658000
|
heap
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
4C56000
|
trusted library allocation
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
4D80000
|
trusted library allocation
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
670A000
|
trusted library allocation
|
page read and write
|
||
|
9E5000
|
heap
|
page read and write
|
||
|
6D0E000
|
stack
|
page read and write
|
||
|
DC0000
|
trusted library allocation
|
page read and write
|
||
|
DBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
5490000
|
heap
|
page read and write
|
||
|
4D10000
|
trusted library allocation
|
page read and write
|
||
|
E02000
|
trusted library allocation
|
page read and write
|
||
|
37C1000
|
trusted library allocation
|
page read and write
|
||
|
7FC20000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A8E000
|
stack
|
page read and write
|
||
|
F10000
|
trusted library allocation
|
page read and write
|
||
|
6960000
|
heap
|
page read and write
|
||
|
6E80000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
B3BD000
|
stack
|
page read and write
|
||
|
5E8E000
|
stack
|
page read and write
|
||
|
B64000
|
trusted library allocation
|
page read and write
|
||
|
851E000
|
stack
|
page read and write
|
||
|
2F84000
|
trusted library allocation
|
page read and write
|
||
|
5A2E000
|
stack
|
page read and write
|
||
|
6C6D000
|
stack
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
DE0000
|
trusted library allocation
|
page read and write
|
||
|
2C29000
|
trusted library allocation
|
page read and write
|
||
|
47C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D0D000
|
stack
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
285D000
|
trusted library allocation
|
page read and write
|
||
|
27A0000
|
trusted library allocation
|
page read and write
|
||
|
4CC1000
|
trusted library allocation
|
page read and write
|
||
|
3FF7000
|
trusted library allocation
|
page read and write
|
||
|
53B6000
|
trusted library allocation
|
page read and write
|
||
|
537B000
|
trusted library allocation
|
page read and write
|
||
|
4CE5000
|
trusted library allocation
|
page read and write
|
||
|
A84000
|
heap
|
page read and write
|
||
|
5382000
|
trusted library allocation
|
page read and write
|
||
|
56D0000
|
trusted library allocation
|
page read and write
|
||
|
2E2F000
|
stack
|
page read and write
|
||
|
2F4D000
|
trusted library allocation
|
page read and write
|
||
|
4C20000
|
trusted library allocation
|
page read and write
|
||
|
8C4E000
|
stack
|
page read and write
|
||
|
2E31000
|
trusted library allocation
|
page read and write
|
||
|
4C95000
|
trusted library allocation
|
page read and write
|
||
|
A68000
|
heap
|
page read and write
|
||
|
2844000
|
trusted library allocation
|
page read and write
|
||
|
E66000
|
heap
|
page read and write
|
||
|
53A2000
|
trusted library allocation
|
page read and write
|
||
|
6B60000
|
trusted library section
|
page read and write
|
||
|
4017000
|
trusted library allocation
|
page read and write
|
||
|
4FBB000
|
stack
|
page read and write
|
||
|
95E000
|
unkown
|
page read and write
|
||
|
B1E000
|
stack
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
BC3000
|
heap
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
5000000
|
trusted library allocation
|
page read and write
|
||
|
5200000
|
heap
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
62AD000
|
heap
|
page read and write
|
||
|
2C99000
|
trusted library allocation
|
page read and write
|
||
|
3E5D000
|
trusted library allocation
|
page read and write
|
||
|
1116000
|
trusted library allocation
|
page read and write
|
||
|
861D000
|
stack
|
page read and write
|
||
|
600E000
|
stack
|
page read and write
|
||
|
6E70000
|
trusted library allocation
|
page read and write
|
||
|
2CA4000
|
trusted library allocation
|
page read and write
|
||
|
4C30000
|
trusted library allocation
|
page read and write
|
||
|
A23000
|
heap
|
page read and write
|
||
|
F25000
|
heap
|
page read and write
|
||
|
4CAB000
|
trusted library allocation
|
page read and write
|
||
|
2670000
|
trusted library allocation
|
page read and write
|
||
|
4FA0000
|
heap
|
page read and write
|
||
|
5370000
|
trusted library allocation
|
page read and write
|
||
|
2C8B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C3C000
|
trusted library allocation
|
page read and write
|
||
|
538A000
|
trusted library allocation
|
page read and write
|
||
|
6E0E000
|
stack
|
page read and write
|
||
|
5350000
|
heap
|
page read and write
|
||
|
37F7000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
2EE4000
|
trusted library allocation
|
page read and write
|
||
|
5060000
|
heap
|
page read and write
|
||
|
F40000
|
trusted library allocation
|
page read and write
|
||
|
6B8E000
|
stack
|
page read and write
|
||
|
4CBE000
|
stack
|
page read and write
|
||
|
D25000
|
heap
|
page read and write
|
||
|
B4BD000
|
stack
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
8ECE000
|
stack
|
page read and write
|
||
|
624E000
|
stack
|
page read and write
|
||
|
51D0000
|
heap
|
page read and write
|
||
|
B6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F27000
|
trusted library allocation
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
3BFB000
|
trusted library allocation
|
page read and write
|
||
|
6500000
|
trusted library allocation
|
page read and write
|
||
|
6BA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
DF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BEE000
|
stack
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
6730000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
trusted library allocation
|
page read and write
|
||
|
8A8E000
|
stack
|
page read and write
|
||
|
6BCE000
|
stack
|
page read and write
|
||
|
5208000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
E5A000
|
heap
|
page read and write
|
||
|
548E000
|
stack
|
page read and write
|
||
|
DD2000
|
trusted library allocation
|
page read and write
|
||
|
879D000
|
stack
|
page read and write
|
||
|
8AA000
|
stack
|
page read and write
|
||
|
2690000
|
heap
|
page execute and read and write
|
||
|
ADDA000
|
trusted library allocation
|
page read and write
|
||
|
5250000
|
heap
|
page read and write
|
||
|
2C76000
|
trusted library allocation
|
page execute and read and write
|
||
|
8F7000
|
stack
|
page read and write
|
||
|
4F80000
|
heap
|
page execute and read and write
|
||
|
6377000
|
trusted library allocation
|
page read and write
|
||
|
28AB000
|
trusted library allocation
|
page read and write
|
||
|
4C4E000
|
trusted library allocation
|
page read and write
|
||
|
68F0000
|
heap
|
page read and write
|
||
|
4CA0000
|
trusted library allocation
|
page read and write
|
||
|
4F0E000
|
stack
|
page read and write
|
||
|
6E4E000
|
stack
|
page read and write
|
||
|
6EDE000
|
stack
|
page read and write
|
||
|
DD0000
|
trusted library allocation
|
page read and write
|
||
|
A08000
|
heap
|
page read and write
|
||
|
5D8E000
|
stack
|
page read and write
|
||
|
27A1000
|
trusted library allocation
|
page read and write
|
||
|
6B80000
|
trusted library allocation
|
page read and write
|
||
|
2CB7000
|
trusted library allocation
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
ACED000
|
stack
|
page read and write
|
||
|
D7E000
|
stack
|
page read and write
|
||
|
10BE000
|
stack
|
page read and write
|
||
|
56BE000
|
stack
|
page read and write
|
||
|
2EE8000
|
trusted library allocation
|
page read and write
|
||
|
5005000
|
heap
|
page read and write
|
||
|
1131000
|
trusted library allocation
|
page read and write
|
||
|
614E000
|
stack
|
page read and write
|
||
|
8218000
|
heap
|
page read and write
|
||
|
5A4A000
|
trusted library allocation
|
page read and write
|
||
|
6F2E000
|
stack
|
page read and write
|
||
|
B63000
|
trusted library allocation
|
page execute and read and write
|
||
|
B1D0000
|
heap
|
page read and write
|
||
|
F1A000
|
trusted library allocation
|
page execute and read and write
|
||
|
D9E000
|
stack
|
page read and write
|
||
|
C37000
|
heap
|
page read and write
|
||
|
6A70000
|
heap
|
page read and write
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
2F14000
|
trusted library allocation
|
page read and write
|
||
|
6C2D000
|
stack
|
page read and write
|
||
|
63BE000
|
stack
|
page read and write
|
||
|
3FF7000
|
trusted library allocation
|
page read and write
|
||
|
4FC0000
|
trusted library section
|
page readonly
|
||
|
2C6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CF0000
|
trusted library allocation
|
page read and write
|
||
|
57EE000
|
stack
|
page read and write
|
||
|
2CBC000
|
trusted library allocation
|
page read and write
|
||
|
2F53000
|
trusted library allocation
|
page read and write
|
||
|
6CDE000
|
stack
|
page read and write
|
||
|
DF0000
|
trusted library allocation
|
page read and write
|
||
|
111B000
|
trusted library allocation
|
page read and write
|
||
|
2C7A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A7F000
|
stack
|
page read and write
|
||
|
6250000
|
heap
|
page read and write
|
||
|
2E92000
|
trusted library allocation
|
page read and write
|
||
|
8A0B000
|
stack
|
page read and write
|
||
|
2CDD000
|
trusted library allocation
|
page read and write
|
||
|
2ED7000
|
trusted library allocation
|
page read and write
|
||
|
263C000
|
stack
|
page read and write
|
||
|
3C31000
|
trusted library allocation
|
page read and write
|
||
|
4CC6000
|
trusted library allocation
|
page read and write
|
||
|
4DC0000
|
heap
|
page read and write
|
||
|
48DC000
|
stack
|
page read and write
|
||
|
DED000
|
trusted library allocation
|
page execute and read and write
|
||
|
9A7000
|
stack
|
page read and write
|
||
|
529000
|
stack
|
page read and write
|
||
|
6B90000
|
trusted library allocation
|
page read and write
|
||
|
481D000
|
stack
|
page read and write
|
||
|
13A0000
|
trusted library allocation
|
page read and write
|
||
|
9D5000
|
heap
|
page read and write
|
||
|
AD2000
|
heap
|
page read and write
|
||
|
6ABD000
|
heap
|
page read and write
|
||
|
4F30000
|
heap
|
page read and write
|
||
|
99F000
|
unkown
|
page read and write
|
||
|
FE5000
|
heap
|
page read and write
|
||
|
5794000
|
trusted library allocation
|
page read and write
|
||
|
13A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
F12000
|
trusted library allocation
|
page read and write
|
||
|
2684000
|
trusted library allocation
|
page read and write
|
||
|
5050000
|
heap
|
page read and write
|
||
|
562F000
|
stack
|
page read and write
|
||
|
2F47000
|
trusted library allocation
|
page read and write
|
||
|
5026000
|
trusted library allocation
|
page read and write
|
||
|
2590000
|
trusted library allocation
|
page read and write
|
||
|
13AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
DA0000
|
trusted library allocation
|
page read and write
|
||
|
5D9000
|
stack
|
page read and write
|
||
|
8B4D000
|
stack
|
page read and write
|
||
|
4D70000
|
trusted library allocation
|
page execute and read and write
|
||
|
6600000
|
heap
|
page read and write
|
||
|
4F90000
|
heap
|
page read and write
|
||
|
8B0C000
|
stack
|
page read and write
|
||
|
5FCF000
|
stack
|
page read and write
|
||
|
2686000
|
trusted library allocation
|
page read and write
|
||
|
DB3000
|
trusted library allocation
|
page execute and read and write
|
||
|
894E000
|
stack
|
page read and write
|
||
|
FF7000
|
heap
|
page read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
3BC1000
|
trusted library allocation
|
page read and write
|
||
|
2C7C000
|
trusted library allocation
|
page read and write
|
||
|
B70000
|
trusted library allocation
|
page read and write
|
||
|
4FC0000
|
trusted library allocation
|
page read and write
|
||
|
81B9000
|
heap
|
page read and write
|
||
|
539D000
|
trusted library allocation
|
page read and write
|
||
|
2F0E000
|
trusted library allocation
|
page read and write
|
||
|
2592000
|
trusted library allocation
|
page read and write
|
||
|
2C80000
|
trusted library allocation
|
page read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
||
|
865E000
|
stack
|
page read and write
|
||
|
5FE000
|
stack
|
page read and write
|
||
|
4DC3000
|
heap
|
page read and write
|
||
|
37A1000
|
trusted library allocation
|
page read and write
|
||
|
68B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8D8E000
|
stack
|
page read and write
|
||
|
4D60000
|
trusted library allocation
|
page read and write
|
||
|
841E000
|
stack
|
page read and write
|
||
|
8CCE000
|
stack
|
page read and write
|
||
|
6CCE000
|
stack
|
page read and write
|
||
|
B1C0000
|
heap
|
page read and write
|
||
|
2E9C000
|
trusted library allocation
|
page read and write
|
||
|
5780000
|
trusted library allocation
|
page read and write
|
||
|
2EAC000
|
trusted library allocation
|
page read and write
|
||
|
400F000
|
trusted library allocation
|
page read and write
|
||
|
53E0000
|
trusted library allocation
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
524D000
|
stack
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
5040000
|
heap
|
page execute and read and write
|
||
|
2CC0000
|
trusted library allocation
|
page read and write
|
||
|
100E000
|
heap
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
1142000
|
trusted library allocation
|
page read and write
|
||
|
502B000
|
trusted library allocation
|
page read and write
|
||
|
4D10000
|
trusted library allocation
|
page read and write
|
||
|
2F2C000
|
trusted library allocation
|
page read and write
|
||
|
B2E000
|
stack
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
552E000
|
stack
|
page read and write
|
||
|
F1D000
|
heap
|
page read and write
|
||
|
889E000
|
stack
|
page read and write
|
||
|
2C5B000
|
trusted library allocation
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
2ECB000
|
trusted library allocation
|
page read and write
|
||
|
6DB0000
|
heap
|
page read and write
|
||
|
5070000
|
heap
|
page read and write
|
||
|
8E8E000
|
stack
|
page read and write
|
||
|
2994000
|
trusted library allocation
|
page read and write
|
||
|
2BB0000
|
heap
|
page execute and read and write
|
||
|
4D73000
|
heap
|
page read and write
|
||
|
5010000
|
trusted library allocation
|
page read and write
|
||
|
2BA4000
|
trusted library allocation
|
page read and write
|
||
|
82A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AFE000
|
stack
|
page read and write
|
||
|
31D0000
|
heap
|
page read and write
|
||
|
A88000
|
heap
|
page read and write
|
||
|
51E0000
|
heap
|
page read and write
|
||
|
4F7C000
|
stack
|
page read and write
|
||
|
2D14000
|
trusted library allocation
|
page read and write
|
||
|
10D6000
|
heap
|
page read and write
|
||
|
279E000
|
stack
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
538E000
|
trusted library allocation
|
page read and write
|
||
|
C5E000
|
stack
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
500E000
|
stack
|
page read and write
|
||
|
2660000
|
trusted library allocation
|
page execute and read and write
|
||
|
DD4000
|
trusted library allocation
|
page read and write
|
||
|
51CD000
|
stack
|
page read and write
|
||
|
7F890000
|
trusted library allocation
|
page execute and read and write
|
||
|
963E000
|
stack
|
page read and write
|
||
|
51E3000
|
heap
|
page read and write
|
||
|
EE8000
|
heap
|
page read and write
|
||
|
AC2000
|
heap
|
page read and write
|
||
|
27DD000
|
trusted library allocation
|
page read and write
|
||
|
6EEE000
|
stack
|
page read and write
|
||
|
6F2D000
|
stack
|
page read and write
|
||
|
4D12000
|
trusted library allocation
|
page read and write
|
||
|
4FB0000
|
trusted library allocation
|
page read and write
|
||
|
25B0000
|
trusted library allocation
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C70000
|
trusted library allocation
|
page read and write
|
||
|
6930000
|
heap
|
page read and write
|
||
|
264D000
|
stack
|
page read and write
|
||
|
109D000
|
heap
|
page read and write
|
||
|
59D000
|
stack
|
page read and write
|
||
|
1390000
|
trusted library allocation
|
page read and write
|
||
|
2C82000
|
trusted library allocation
|
page read and write
|
||
|
623E000
|
stack
|
page read and write
|
||
|
2C78000
|
trusted library allocation
|
page read and write
|
||
|
4D62000
|
trusted library allocation
|
page read and write
|
||
|
2976000
|
trusted library allocation
|
page read and write
|
||
|
259B000
|
trusted library allocation
|
page execute and read and write
|
||
|
542F000
|
stack
|
page read and write
|
||
|
4C3B000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
8C8D000
|
stack
|
page read and write
|
||
|
5391000
|
trusted library allocation
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
E0B000
|
trusted library allocation
|
page execute and read and write
|
||
|
53B4000
|
trusted library allocation
|
page read and write
|
||
|
2D20000
|
heap
|
page execute and read and write
|
||
|
112E000
|
trusted library allocation
|
page read and write
|
||
|
69A6000
|
heap
|
page read and write
|
||
|
2F30000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
2650000
|
trusted library allocation
|
page execute and read and write
|
||
|
627E000
|
stack
|
page read and write
|
||
|
47DC000
|
stack
|
page read and write
|
||
|
27C1000
|
trusted library allocation
|
page read and write
|
||
|
5493000
|
heap
|
page read and write
|
||
|
53EB000
|
trusted library allocation
|
page read and write
|
||
|
613E000
|
stack
|
page read and write
|
||
|
27FD000
|
trusted library allocation
|
page read and write
|
||
|
F16000
|
trusted library allocation
|
page execute and read and write
|
||
|
610E000
|
stack
|
page read and write
|
||
|
5796000
|
trusted library allocation
|
page read and write
|
||
|
6706000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
trusted library allocation
|
page read and write
|
||
|
2C67000
|
trusted library allocation
|
page read and write
|
||
|
1136000
|
trusted library allocation
|
page read and write
|
||
|
25FE000
|
stack
|
page read and write
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
3E54000
|
trusted library allocation
|
page read and write
|
||
|
DF2000
|
trusted library allocation
|
page read and write
|
||
|
5090000
|
trusted library allocation
|
page read and write
|
||
|
2CA0000
|
trusted library allocation
|
page read and write
|
||
|
6740000
|
trusted library allocation
|
page read and write
|
||
|
63F0000
|
heap
|
page read and write
|
||
|
2AB8000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
880E000
|
stack
|
page read and write
|
||
|
F2B000
|
trusted library allocation
|
page execute and read and write
|
||
|
53C0000
|
trusted library allocation
|
page read and write
|
||
|
E05000
|
trusted library allocation
|
page execute and read and write
|
||
|
F50000
|
trusted library allocation
|
page execute and read and write
|
||
|
5000000
|
heap
|
page read and write
|
||
|
4C51000
|
trusted library allocation
|
page read and write
|
||
|
6737000
|
trusted library allocation
|
page read and write
|
||
|
6710000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FE0000
|
trusted library allocation
|
page read and write
|
||
|
5360000
|
trusted library allocation
|
page read and write
|
||
|
8FCF000
|
stack
|
page read and write
|
||
|
8A4F000
|
stack
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
6277000
|
heap
|
page read and write
|
||
|
AAF0000
|
heap
|
page read and write
|
||
|
2CC0000
|
trusted library allocation
|
page read and write
|
||
|
68C0000
|
trusted library allocation
|
page read and write
|
||
|
112A000
|
trusted library allocation
|
page read and write
|
||
|
A15000
|
heap
|
page read and write
|
||
|
AB6000
|
heap
|
page read and write
|
||
|
B73000
|
trusted library allocation
|
page read and write
|
||
|
412000
|
unkown
|
page readonly
|
||
|
B80000
|
heap
|
page read and write
|
||
|
111E000
|
trusted library allocation
|
page read and write
|
||
|
4FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
913B000
|
stack
|
page read and write
|
||
|
6F82000
|
trusted library allocation
|
page read and write
|
||
|
2C85000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
E07000
|
trusted library allocation
|
page execute and read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
518D000
|
stack
|
page read and write
|
||
|
B8E000
|
heap
|
page read and write
|
||
|
2C24000
|
trusted library allocation
|
page read and write
|
||
|
25C0000
|
heap
|
page read and write
|
||
|
DDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
670D000
|
trusted library allocation
|
page read and write
|
||
|
DCD000
|
trusted library allocation
|
page execute and read and write
|
||
|
E69000
|
stack
|
page read and write
|
||
|
56E0000
|
heap
|
page execute and read and write
|
||
|
4DA0000
|
trusted library allocation
|
page read and write
|
||
|
310F000
|
unkown
|
page read and write
|
||
|
F22000
|
trusted library allocation
|
page read and write
|
||
|
BB5000
|
heap
|
page read and write
|
||
|
2BC1000
|
trusted library allocation
|
page read and write
|
||
|
579000
|
stack
|
page read and write
|
||
|
37A9000
|
trusted library allocation
|
page read and write
|
||
|
5A40000
|
trusted library allocation
|
page read and write
|
||
|
4F70000
|
trusted library allocation
|
page execute and read and write
|
||
|
37C9000
|
trusted library allocation
|
page read and write
|
||
|
113D000
|
trusted library allocation
|
page read and write
|
||
|
2D1E000
|
stack
|
page read and write
|
||
|
495C000
|
stack
|
page read and write
|
||
|
4D20000
|
trusted library allocation
|
page execute and read and write
|
||
|
64F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
579A000
|
trusted library allocation
|
page read and write
|
||
|
5376000
|
trusted library allocation
|
page read and write
|
||
|
2690000
|
heap
|
page execute and read and write
|
||
|
319F000
|
stack
|
page read and write
|
||
|
890E000
|
stack
|
page read and write
|
||
|
2C74000
|
trusted library allocation
|
page read and write
|
||
|
2C21000
|
trusted library allocation
|
page read and write
|
||
|
8190000
|
heap
|
page read and write
|
||
|
4C5D000
|
trusted library allocation
|
page read and write
|
||
|
6380000
|
trusted library allocation
|
page read and write
|
||
|
4CD2000
|
trusted library allocation
|
page read and write
|
||
|
4CE0000
|
trusted library allocation
|
page read and write
|
||
|
4D00000
|
heap
|
page read and write
|
||
|
5020000
|
trusted library allocation
|
page execute and read and write
|
||
|
E38000
|
heap
|
page read and write
|
||
|
3E31000
|
trusted library allocation
|
page read and write
|
||
|
6370000
|
trusted library allocation
|
page read and write
|
||
|
5055000
|
heap
|
page read and write
|
||
|
2838000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
C1E000
|
stack
|
page read and write
|
||
|
5ECD000
|
stack
|
page read and write
|
||
|
B60000
|
trusted library allocation
|
page read and write
|
||
|
5A48000
|
trusted library allocation
|
page read and write
|
||
|
279E000
|
stack
|
page read and write
|
||
|
27B0000
|
heap
|
page read and write
|
||
|
4F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
5396000
|
trusted library allocation
|
page read and write
|
||
|
5020000
|
trusted library allocation
|
page read and write
|
||
|
106E000
|
stack
|
page read and write
|
||
|
4CCD000
|
trusted library allocation
|
page read and write
|
||
|
AEE000
|
stack
|
page read and write
|
||
|
A746000
|
trusted library allocation
|
page read and write
|
||
|
544D000
|
stack
|
page read and write
|
||
|
A21000
|
heap
|
page read and write
|
||
|
BC1000
|
heap
|
page read and write
|
||
|
6360000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C62000
|
trusted library allocation
|
page read and write
|
||
|
2640000
|
heap
|
page read and write
|
||
|
DC3000
|
trusted library allocation
|
page read and write
|
||
|
AC6000
|
heap
|
page read and write
|
||
|
DB4000
|
trusted library allocation
|
page read and write
|
||
|
DD6000
|
trusted library allocation
|
page execute and read and write
|
||
|
6DDF000
|
stack
|
page read and write
|
||
|
6A60000
|
heap
|
page read and write
|
||
|
2D4A000
|
stack
|
page read and write
|
||
|
2C2C000
|
trusted library allocation
|
page read and write
|
||
|
315E000
|
stack
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
F67000
|
stack
|
page read and write
|
||
|
8D0E000
|
stack
|
page read and write
|
||
|
2597000
|
trusted library allocation
|
page execute and read and write
|
||
|
AD2D000
|
stack
|
page read and write
|
||
|
6350000
|
trusted library allocation
|
page execute and read and write
|
||
|
9EE000
|
heap
|
page read and write
|
||
|
47D0000
|
trusted library allocation
|
page read and write
|
||
|
13A4000
|
trusted library allocation
|
page read and write
|
||
|
637F000
|
stack
|
page read and write
|
||
|
4C90000
|
trusted library allocation
|
page read and write
|
||
|
51D0000
|
trusted library allocation
|
page read and write
|
||
|
2600000
|
trusted library allocation
|
page read and write
|
||
|
2CAE000
|
trusted library allocation
|
page read and write
|
||
|
537E000
|
trusted library allocation
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
50AD000
|
stack
|
page read and write
|
||
|
6A91000
|
heap
|
page read and write
|
||
|
C5D000
|
heap
|
page read and write
|
||
|
8C8D000
|
stack
|
page read and write
|
||
|
51E0000
|
heap
|
page read and write
|
||
|
696E000
|
heap
|
page read and write
|
||
|
5770000
|
trusted library allocation
|
page execute and read and write
|
||
|
AE2D000
|
stack
|
page read and write
|
||
|
2F1E000
|
trusted library allocation
|
page read and write
|
||
|
2680000
|
trusted library allocation
|
page read and write
|
||
|
F27000
|
trusted library allocation
|
page execute and read and write
|
||
|
58EF000
|
stack
|
page read and write
|
||
|
6390000
|
trusted library allocation
|
page read and write
|
||
|
4CBE000
|
trusted library allocation
|
page read and write
|
||
|
6510000
|
heap
|
page read and write
|
||
|
923C000
|
stack
|
page read and write
|
||
|
2E99000
|
trusted library allocation
|
page read and write
|
||
|
25E0000
|
heap
|
page read and write
|
||
|
2C9E000
|
trusted library allocation
|
page read and write
|
||
|
953F000
|
stack
|
page read and write
|
||
|
B660000
|
trusted library section
|
page read and write
|
||
|
3E69000
|
trusted library allocation
|
page read and write
|
||
|
875E000
|
stack
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
4F60000
|
heap
|
page execute and read and write
|
||
|
67A0000
|
heap
|
page read and write
|
||
|
DFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
64FE000
|
stack
|
page read and write
|
||
|
8B8E000
|
stack
|
page read and write
|
||
|
4C70000
|
trusted library allocation
|
page read and write
|
||
|
B50000
|
trusted library allocation
|
page read and write
|
||
|
2CD1000
|
trusted library allocation
|
page read and write
|
||
|
6540000
|
heap
|
page read and write
|
||
|
6704000
|
trusted library allocation
|
page read and write
|
||
|
65FF000
|
stack
|
page read and write
|
||
|
2EAE000
|
trusted library allocation
|
page read and write
|
||
|
25BE000
|
stack
|
page read and write
|
||
|
68A0000
|
trusted library allocation
|
page read and write
|
||
|
6B0B000
|
heap
|
page read and write
|
||
|
8F7000
|
stack
|
page read and write
|
||
|
2C3E000
|
trusted library allocation
|
page read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
DE7000
|
heap
|
page read and write
|
||
|
4D30000
|
trusted library allocation
|
page read and write
|
||
|
2F41000
|
trusted library allocation
|
page read and write
|
||
|
60FE000
|
stack
|
page read and write
|
||
|
64BE000
|
stack
|
page read and write
|
||
|
6AE7000
|
heap
|
page read and write
|
||
|
6607000
|
heap
|
page read and write
|
||
|
4D70000
|
heap
|
page read and write
|
||
|
6EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
59EF000
|
stack
|
page read and write
|
||
|
2CE3000
|
trusted library allocation
|
page read and write
|
||
|
1028000
|
heap
|
page read and write
|
||
|
8238000
|
heap
|
page read and write
|
||
|
B7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C60000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
3C10000
|
trusted library allocation
|
page read and write
|
||
|
3EA1000
|
trusted library allocation
|
page read and write
|
||
|
101B000
|
heap
|
page read and write
|
||
|
9240000
|
heap
|
page read and write
|
||
|
9EA000
|
heap
|
page read and write
|
||
|
2CD7000
|
trusted library allocation
|
page read and write
|
||
|
6720000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DFE000
|
unkown
|
page read and write
|
||
|
6E90000
|
trusted library allocation
|
page read and write
|
||
|
DD3000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D50000
|
trusted library allocation
|
page read and write
|
||
|
4F20000
|
trusted library section
|
page readonly
|
||
|
2F09000
|
trusted library allocation
|
page read and write
|
||
|
4C80000
|
trusted library allocation
|
page read and write
|
||
|
51CE000
|
stack
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
There are 562 hidden memdumps, click here to show them.