Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmpC1CB.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\QeSBxb.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\QeSBxb.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\QeSBxb.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cpy1nvyv.adq.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jm1pc1mb.ejw.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_u3ucg1e3.5ka.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zan2lbe3.044.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpD080.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF.exe
|
"C:\Users\user\Desktop\Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\QeSBxb.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\QeSBxb" /XML "C:\Users\user\AppData\Local\Temp\tmpC1CB.tmp"
|
|
|
|
C:\Users\user\Desktop\Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF.exe
|
"C:\Users\user\Desktop\Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF.exe"
|
|
|
|
C:\Users\user\Desktop\Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF.exe
|
"C:\Users\user\Desktop\Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\QeSBxb.exe
|
C:\Users\user\AppData\Roaming\QeSBxb.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\QeSBxb" /XML "C:\Users\user\AppData\Local\Temp\tmpD080.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\QeSBxb.exe
|
"C:\Users\user\AppData\Roaming\QeSBxb.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.office.com/
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://api.telegram.org
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://api.telegram.org/bot
|
unknown
|
||
|
https://www.office.com/lB
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:377142%0D%0ADate%20and%20Time:%2025/10/2024%20/%2018:18:44%0D%0ACountry%20Name:%20United%20States%0D%0A%5B%20377142%20Clicked%20on%20the%20File%20If%20you%20see%20nothing%20this's%20mean%20the%20system%20storage's%20empty.%20%5D
|
149.154.167.220
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=en
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
||
|
http://varders.kozow.com:8081
|
unknown
|
||
|
http://aborters.duckdns.org:8081
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
http://checkip.dyndns.org/
|
132.226.247.73
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:377142%0D%0ADate%20a
|
unknown
|
||
|
http://anotherarmy.dns.army:8081
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/173.254.250.81$
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=enlB
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:377142%0D%0ADate%20and%20Time:%2025/10/2024%20/%2019:57:31%0D%0ACountry%20Name:%20United%20States%0D%0A%5B%20377142%20Clicked%20on%20the%20File%20If%20you%20see%20nothing%20this's%20mean%20the%20system%20storage's%20empty.%20%5D
|
149.154.167.220
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/173.254.250.81
|
188.114.97.3
|
||
|
http://51.38.247.67:8081/_send_.php?LCapplication/x-www-form-urlencoded
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 22 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
188.114.97.3
|
|
|
|
api.telegram.org
|
149.154.167.220
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
checkip.dyndns.com
|
132.226.247.73
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
|
|
|
188.114.97.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
132.226.247.73
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Scan_Rev 20220731_PO&OC#88SU7782743882874_PDF_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QeSBxb_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QeSBxb_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QeSBxb_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QeSBxb_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QeSBxb_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QeSBxb_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QeSBxb_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QeSBxb_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QeSBxb_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QeSBxb_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QeSBxb_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QeSBxb_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QeSBxb_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\QeSBxb_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2E51000
|
trusted library allocation
|
page read and write
|
|
|
|
3191000
|
trusted library allocation
|
page read and write
|
|
|
|
4755000
|
trusted library allocation
|
page read and write
|
|
|
|
4AF4000
|
trusted library allocation
|
page read and write
|
|
|
|
435000
|
remote allocation
|
page execute and read and write
|
|
|
|
3EF7000
|
trusted library allocation
|
page read and write
|
||
|
4386000
|
trusted library allocation
|
page read and write
|
||
|
5380000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
trusted library allocation
|
page read and write
|
||
|
6C9E000
|
stack
|
page read and write
|
||
|
3200000
|
trusted library allocation
|
page read and write
|
||
|
3104000
|
trusted library allocation
|
page read and write
|
||
|
645E000
|
stack
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
2FCE000
|
trusted library allocation
|
page read and write
|
||
|
2E3D000
|
stack
|
page read and write
|
||
|
FF2000
|
trusted library allocation
|
page read and write
|
||
|
3347000
|
trusted library allocation
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
6B00000
|
trusted library allocation
|
page read and write
|
||
|
B5CE000
|
stack
|
page read and write
|
||
|
413000
|
remote allocation
|
page execute and read and write
|
||
|
4579000
|
trusted library allocation
|
page read and write
|
||
|
31EA000
|
trusted library allocation
|
page read and write
|
||
|
17F0000
|
trusted library allocation
|
page read and write
|
||
|
55DB000
|
trusted library allocation
|
page read and write
|
||
|
42A000
|
remote allocation
|
page execute and read and write
|
||
|
4219000
|
trusted library allocation
|
page read and write
|
||
|
4530000
|
trusted library allocation
|
page read and write
|
||
|
1020000
|
trusted library allocation
|
page read and write
|
||
|
5630000
|
trusted library allocation
|
page read and write
|
||
|
14C4000
|
trusted library allocation
|
page read and write
|
||
|
4535000
|
trusted library allocation
|
page read and write
|
||
|
55EE000
|
trusted library allocation
|
page read and write
|
||
|
F58D000
|
stack
|
page read and write
|
||
|
6F30000
|
heap
|
page read and write
|
||
|
3ED3000
|
trusted library allocation
|
page read and write
|
||
|
14F2000
|
trusted library allocation
|
page read and write
|
||
|
AEE7000
|
trusted library allocation
|
page read and write
|
||
|
6920000
|
heap
|
page read and write
|
||
|
4EFC000
|
stack
|
page read and write
|
||
|
57B0000
|
heap
|
page read and write
|
||
|
DDAB000
|
stack
|
page read and write
|
||
|
995D000
|
stack
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
1356000
|
stack
|
page read and write
|
||
|
57A0000
|
trusted library allocation
|
page read and write
|
||
|
6A9F000
|
stack
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
1259000
|
stack
|
page read and write
|
||
|
14C0000
|
trusted library allocation
|
page read and write
|
||
|
1350000
|
trusted library allocation
|
page read and write
|
||
|
5386000
|
trusted library allocation
|
page read and write
|
||
|
30FE000
|
trusted library allocation
|
page read and write
|
||
|
5400000
|
trusted library allocation
|
page read and write
|
||
|
3345000
|
trusted library allocation
|
page read and write
|
||
|
420A000
|
trusted library allocation
|
page read and write
|
||
|
F80E000
|
stack
|
page read and write
|
||
|
5372000
|
trusted library allocation
|
page read and write
|
||
|
30F9000
|
trusted library allocation
|
page read and write
|
||
|
57C0000
|
heap
|
page read and write
|
||
|
98FE000
|
stack
|
page read and write
|
||
|
42C000
|
remote allocation
|
page execute and read and write
|
||
|
2F0E000
|
trusted library allocation
|
page read and write
|
||
|
69A9000
|
heap
|
page read and write
|
||
|
343A000
|
trusted library allocation
|
page read and write
|
||
|
A2F000
|
unkown
|
page read and write
|
||
|
314B000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
30A2000
|
trusted library allocation
|
page read and write
|
||
|
8CC0000
|
trusted library allocation
|
page read and write
|
||
|
323A000
|
trusted library allocation
|
page read and write
|
||
|
105B000
|
heap
|
page read and write
|
||
|
69B2000
|
heap
|
page read and write
|
||
|
59B5000
|
heap
|
page read and write
|
||
|
5970000
|
trusted library allocation
|
page read and write
|
||
|
15A0000
|
trusted library allocation
|
page read and write
|
||
|
4217000
|
trusted library allocation
|
page read and write
|
||
|
2E9E000
|
trusted library allocation
|
page read and write
|
||
|
174E000
|
stack
|
page read and write
|
||
|
434000
|
remote allocation
|
page execute and read and write
|
||
|
2EBE000
|
stack
|
page read and write
|
||
|
100B000
|
trusted library allocation
|
page execute and read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
42E000
|
remote allocation
|
page execute and read and write
|
||
|
114A000
|
heap
|
page read and write
|
||
|
53C0000
|
heap
|
page read and write
|
||
|
5761000
|
trusted library allocation
|
page read and write
|
||
|
41C4000
|
trusted library allocation
|
page read and write
|
||
|
15FD000
|
heap
|
page read and write
|
||
|
F54D000
|
stack
|
page read and write
|
||
|
FD4000
|
trusted library allocation
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
BA7000
|
stack
|
page read and write
|
||
|
15D7000
|
heap
|
page read and write
|
||
|
42F000
|
remote allocation
|
page execute and read and write
|
||
|
72A0000
|
heap
|
page read and write
|
||
|
848E000
|
stack
|
page read and write
|
||
|
401E000
|
trusted library allocation
|
page read and write
|
||
|
1187000
|
stack
|
page read and write
|
||
|
3042000
|
trusted library allocation
|
page read and write
|
||
|
15A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EC0000
|
trusted library allocation
|
page read and write
|
||
|
333F000
|
trusted library allocation
|
page read and write
|
||
|
5AC0000
|
heap
|
page execute and read and write
|
||
|
454D000
|
trusted library allocation
|
page read and write
|
||
|
3376000
|
trusted library allocation
|
page read and write
|
||
|
69BA000
|
trusted library allocation
|
page read and write
|
||
|
59B0000
|
heap
|
page read and write
|
||
|
14A0000
|
trusted library allocation
|
page read and write
|
||
|
14BB000
|
trusted library allocation
|
page read and write
|
||
|
3002000
|
trusted library allocation
|
page read and write
|
||
|
435E000
|
trusted library allocation
|
page read and write
|
||
|
3378000
|
trusted library allocation
|
page read and write
|
||
|
428000
|
remote allocation
|
page execute and read and write
|
||
|
31F6000
|
trusted library allocation
|
page read and write
|
||
|
5BB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DA0000
|
trusted library allocation
|
page read and write
|
||
|
2EF2000
|
trusted library allocation
|
page read and write
|
||
|
923A000
|
heap
|
page read and write
|
||
|
465F000
|
trusted library allocation
|
page read and write
|
||
|
3246000
|
trusted library allocation
|
page read and write
|
||
|
112E000
|
stack
|
page read and write
|
||
|
1633000
|
heap
|
page read and write
|
||
|
310A000
|
trusted library allocation
|
page read and write
|
||
|
3033000
|
trusted library allocation
|
page read and write
|
||
|
8DFE000
|
stack
|
page read and write
|
||
|
2F59000
|
trusted library allocation
|
page read and write
|
||
|
6A00000
|
trusted library allocation
|
page read and write
|
||
|
426000
|
remote allocation
|
page execute and read and write
|
||
|
41F5000
|
trusted library allocation
|
page read and write
|
||
|
1370000
|
trusted library allocation
|
page read and write
|
||
|
9237000
|
heap
|
page read and write
|
||
|
12BE000
|
stack
|
page read and write
|
||
|
14B6000
|
trusted library allocation
|
page read and write
|
||
|
1520000
|
trusted library allocation
|
page execute and read and write
|
||
|
3150000
|
trusted library allocation
|
page read and write
|
||
|
41F0000
|
trusted library allocation
|
page read and write
|
||
|
536D000
|
trusted library allocation
|
page read and write
|
||
|
5960000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EF0000
|
trusted library allocation
|
page read and write
|
||
|
4624000
|
trusted library allocation
|
page read and write
|
||
|
4268000
|
trusted library allocation
|
page read and write
|
||
|
6A5D000
|
stack
|
page read and write
|
||
|
6F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
322E000
|
trusted library allocation
|
page read and write
|
||
|
15EF000
|
heap
|
page read and write
|
||
|
F90F000
|
stack
|
page read and write
|
||
|
6597000
|
heap
|
page read and write
|
||
|
5696000
|
trusted library allocation
|
page read and write
|
||
|
5AA0000
|
heap
|
page read and write
|
||
|
130E000
|
stack
|
page read and write
|
||
|
57C0000
|
trusted library allocation
|
page read and write
|
||
|
1380000
|
trusted library allocation
|
page read and write
|
||
|
14D6000
|
trusted library allocation
|
page read and write
|
||
|
437000
|
remote allocation
|
page execute and read and write
|
||
|
576D000
|
trusted library allocation
|
page read and write
|
||
|
8F3F000
|
stack
|
page read and write
|
||
|
8CD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C1E000
|
stack
|
page read and write
|
||
|
59A0000
|
trusted library allocation
|
page read and write
|
||
|
3E79000
|
trusted library allocation
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
5780000
|
trusted library allocation
|
page read and write
|
||
|
41B8000
|
trusted library allocation
|
page read and write
|
||
|
F37000
|
stack
|
page read and write
|
||
|
137D000
|
trusted library allocation
|
page execute and read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
5CC0000
|
heap
|
page read and write
|
||
|
5860000
|
trusted library allocation
|
page read and write
|
||
|
30C8000
|
trusted library allocation
|
page read and write
|
||
|
15E4000
|
heap
|
page read and write
|
||
|
8800000
|
trusted library allocation
|
page read and write
|
||
|
1089000
|
stack
|
page read and write
|
||
|
3EB6000
|
trusted library allocation
|
page read and write
|
||
|
6968000
|
heap
|
page read and write
|
||
|
B4CD000
|
stack
|
page read and write
|
||
|
55DE000
|
trusted library allocation
|
page read and write
|
||
|
57F3000
|
heap
|
page read and write
|
||
|
8E3F000
|
stack
|
page read and write
|
||
|
1181000
|
heap
|
page read and write
|
||
|
428C000
|
trusted library allocation
|
page read and write
|
||
|
323E000
|
trusted library allocation
|
page read and write
|
||
|
141D000
|
stack
|
page read and write
|
||
|
18BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
DCCF000
|
stack
|
page read and write
|
||
|
16DF000
|
stack
|
page read and write
|
||
|
C380000
|
trusted library section
|
page read and write
|
||
|
14CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
91D4000
|
heap
|
page read and write
|
||
|
3004000
|
trusted library allocation
|
page read and write
|
||
|
6FB0000
|
heap
|
page read and write
|
||
|
4104000
|
trusted library allocation
|
page read and write
|
||
|
6B07000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
575E000
|
trusted library allocation
|
page read and write
|
||
|
1584000
|
trusted library allocation
|
page read and write
|
||
|
14F0000
|
heap
|
page read and write
|
||
|
FED000
|
trusted library allocation
|
page execute and read and write
|
||
|
97BE000
|
stack
|
page read and write
|
||
|
349A000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
439000
|
remote allocation
|
page execute and read and write
|
||
|
91C0000
|
heap
|
page read and write
|
||
|
14E2000
|
trusted library allocation
|
page read and write
|
||
|
E3A000
|
stack
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
2EB6000
|
trusted library allocation
|
page read and write
|
||
|
43E000
|
remote allocation
|
page execute and read and write
|
||
|
568E000
|
stack
|
page read and write
|
||
|
2D3D000
|
stack
|
page read and write
|
||
|
658F000
|
heap
|
page read and write
|
||
|
2F10000
|
trusted library allocation
|
page read and write
|
||
|
300C000
|
trusted library allocation
|
page read and write
|
||
|
11C3000
|
heap
|
page read and write
|
||
|
3EDC000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
trusted library allocation
|
page read and write
|
||
|
159D000
|
trusted library allocation
|
page execute and read and write
|
||
|
9ED000
|
stack
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
5CE000
|
unkown
|
page read and write
|
||
|
2D9E000
|
stack
|
page read and write
|
||
|
5BC5000
|
heap
|
page read and write
|
||
|
666D000
|
stack
|
page read and write
|
||
|
5366000
|
trusted library allocation
|
page read and write
|
||
|
178E000
|
stack
|
page read and write
|
||
|
56AD000
|
trusted library allocation
|
page read and write
|
||
|
5766000
|
trusted library allocation
|
page read and write
|
||
|
946E000
|
stack
|
page read and write
|
||
|
6B60000
|
trusted library allocation
|
page execute and read and write
|
||
|
43A000
|
remote allocation
|
page execute and read and write
|
||
|
6D9E000
|
stack
|
page read and write
|
||
|
14E0000
|
trusted library allocation
|
page read and write
|
||
|
15A2000
|
trusted library allocation
|
page read and write
|
||
|
18B0000
|
trusted library allocation
|
page read and write
|
||
|
1380000
|
trusted library allocation
|
page read and write
|
||
|
5744000
|
trusted library allocation
|
page read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
436000
|
remote allocation
|
page execute and read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
6DC0000
|
trusted library allocation
|
page read and write
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
158D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3220000
|
trusted library allocation
|
page read and write
|
||
|
15BE000
|
heap
|
page read and write
|
||
|
6AA0000
|
trusted library allocation
|
page read and write
|
||
|
426F000
|
trusted library allocation
|
page read and write
|
||
|
6530000
|
heap
|
page read and write
|
||
|
57E0000
|
trusted library allocation
|
page read and write
|
||
|
DACD000
|
stack
|
page read and write
|
||
|
598C000
|
trusted library allocation
|
page read and write
|
||
|
448B000
|
trusted library allocation
|
page read and write
|
||
|
1005000
|
trusted library allocation
|
page execute and read and write
|
||
|
5370000
|
trusted library allocation
|
page read and write
|
||
|
14F7000
|
trusted library allocation
|
page execute and read and write
|
||
|
344A000
|
trusted library allocation
|
page read and write
|
||
|
4469000
|
trusted library allocation
|
page read and write
|
||
|
44A1000
|
trusted library allocation
|
page read and write
|
||
|
4524000
|
trusted library allocation
|
page read and write
|
||
|
30CB000
|
trusted library allocation
|
page read and write
|
||
|
30D6000
|
trusted library allocation
|
page read and write
|
||
|
3ED9000
|
trusted library allocation
|
page read and write
|
||
|
F68E000
|
stack
|
page read and write
|
||
|
3496000
|
trusted library allocation
|
page read and write
|
||
|
14E2000
|
trusted library allocation
|
page read and write
|
||
|
337E000
|
trusted library allocation
|
page read and write
|
||
|
30C2000
|
trusted library allocation
|
page read and write
|
||
|
5C60000
|
trusted library allocation
|
page execute and read and write
|
||
|
3148000
|
trusted library allocation
|
page read and write
|
||
|
18E7000
|
heap
|
page read and write
|
||
|
6A20000
|
trusted library allocation
|
page execute and read and write
|
||
|
120B000
|
heap
|
page read and write
|
||
|
42CC000
|
trusted library allocation
|
page read and write
|
||
|
51A000
|
stack
|
page read and write
|
||
|
967F000
|
stack
|
page read and write
|
||
|
3383000
|
trusted library allocation
|
page read and write
|
||
|
5268000
|
trusted library allocation
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
1397000
|
trusted library allocation
|
page execute and read and write
|
||
|
3156000
|
trusted library allocation
|
page read and write
|
||
|
14E6000
|
trusted library allocation
|
page execute and read and write
|
||
|
83FE000
|
stack
|
page read and write
|
||
|
3494000
|
trusted library allocation
|
page read and write
|
||
|
6EC7000
|
trusted library allocation
|
page read and write
|
||
|
681E000
|
stack
|
page read and write
|
||
|
4203000
|
trusted library allocation
|
page read and write
|
||
|
32B0000
|
trusted library allocation
|
page read and write
|
||
|
6A30000
|
trusted library allocation
|
page execute and read and write
|
||
|
87F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
53B0000
|
trusted library allocation
|
page read and write
|
||
|
1068000
|
heap
|
page read and write
|
||
|
3EE1000
|
trusted library allocation
|
page read and write
|
||
|
340B000
|
trusted library allocation
|
page read and write
|
||
|
320B000
|
stack
|
page read and write
|
||
|
18D0000
|
trusted library allocation
|
page read and write
|
||
|
42F4000
|
trusted library allocation
|
page read and write
|
||
|
9900000
|
trusted library section
|
page read and write
|
||
|
2E3E000
|
unkown
|
page read and write
|
||
|
69E0000
|
trusted library allocation
|
page read and write
|
||
|
18B2000
|
trusted library allocation
|
page read and write
|
||
|
652F000
|
stack
|
page read and write
|
||
|
2F9B000
|
heap
|
page read and write
|
||
|
4129000
|
trusted library allocation
|
page read and write
|
||
|
166E000
|
heap
|
page read and write
|
||
|
2D90000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E60000
|
trusted library allocation
|
page read and write
|
||
|
6DA0000
|
trusted library allocation
|
page read and write
|
||
|
2EAA000
|
trusted library allocation
|
page read and write
|
||
|
6B70000
|
heap
|
page read and write
|
||
|
30CE000
|
stack
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
3488000
|
trusted library allocation
|
page read and write
|
||
|
15B8000
|
heap
|
page read and write
|
||
|
17CC000
|
stack
|
page read and write
|
||
|
57F0000
|
heap
|
page read and write
|
||
|
2EC1000
|
trusted library allocation
|
page read and write
|
||
|
1002000
|
trusted library allocation
|
page read and write
|
||
|
3416000
|
trusted library allocation
|
page read and write
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
35D2000
|
trusted library allocation
|
page read and write
|
||
|
3299000
|
trusted library allocation
|
page read and write
|
||
|
5BA0000
|
trusted library allocation
|
page read and write
|
||
|
DEAC000
|
stack
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
6E6B000
|
trusted library allocation
|
page read and write
|
||
|
14F5000
|
trusted library allocation
|
page execute and read and write
|
||
|
6B30000
|
trusted library allocation
|
page read and write
|
||
|
2DC0000
|
trusted library allocation
|
page read and write
|
||
|
6DB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5640000
|
heap
|
page execute and read and write
|
||
|
4301000
|
trusted library allocation
|
page read and write
|
||
|
56B0000
|
heap
|
page read and write
|
||
|
2F02000
|
trusted library allocation
|
page read and write
|
||
|
868E000
|
stack
|
page read and write
|
||
|
3490000
|
trusted library allocation
|
page read and write
|
||
|
2EF6000
|
trusted library allocation
|
page read and write
|
||
|
56B3000
|
heap
|
page read and write
|
||
|
2EFF000
|
stack
|
page read and write
|
||
|
5A9F000
|
stack
|
page read and write
|
||
|
2FB8000
|
trusted library allocation
|
page read and write
|
||
|
B2A0000
|
heap
|
page read and write
|
||
|
14D0000
|
trusted library allocation
|
page read and write
|
||
|
53A0000
|
trusted library allocation
|
page read and write
|
||
|
2EC8000
|
trusted library allocation
|
page read and write
|
||
|
4634000
|
trusted library allocation
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
69CD000
|
trusted library allocation
|
page read and write
|
||
|
EF0000
|
unkown
|
page readonly
|
||
|
43B4000
|
trusted library allocation
|
page read and write
|
||
|
3080000
|
heap
|
page execute and read and write
|
||
|
41D9000
|
trusted library allocation
|
page read and write
|
||
|
3EBD000
|
trusted library allocation
|
page read and write
|
||
|
4276000
|
trusted library allocation
|
page read and write
|
||
|
E9E000
|
stack
|
page read and write
|
||
|
4191000
|
trusted library allocation
|
page read and write
|
||
|
3EC1000
|
trusted library allocation
|
page read and write
|
||
|
167E000
|
heap
|
page read and write
|
||
|
44EB000
|
trusted library allocation
|
page read and write
|
||
|
FBBD000
|
stack
|
page read and write
|
||
|
B63D000
|
stack
|
page read and write
|
||
|
642E000
|
stack
|
page read and write
|
||
|
2F0A000
|
trusted library allocation
|
page read and write
|
||
|
957E000
|
stack
|
page read and write
|
||
|
2DB0000
|
trusted library allocation
|
page read and write
|
||
|
438000
|
remote allocation
|
page execute and read and write
|
||
|
1580000
|
trusted library allocation
|
page read and write
|
||
|
6B20000
|
trusted library allocation
|
page read and write
|
||
|
1445000
|
heap
|
page read and write
|
||
|
2BB0000
|
heap
|
page read and write
|
||
|
1183000
|
heap
|
page read and write
|
||
|
8CFD000
|
stack
|
page read and write
|
||
|
18E0000
|
heap
|
page read and write
|
||
|
18B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
42D000
|
remote allocation
|
page execute and read and write
|
||
|
5AB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1388000
|
trusted library allocation
|
page read and write
|
||
|
9060000
|
heap
|
page read and write
|
||
|
5694000
|
trusted library allocation
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
3403000
|
trusted library allocation
|
page read and write
|
||
|
5950000
|
heap
|
page read and write
|
||
|
411A000
|
trusted library allocation
|
page read and write
|
||
|
2CEE000
|
stack
|
page read and write
|
||
|
354E000
|
trusted library allocation
|
page read and write
|
||
|
574B000
|
trusted library allocation
|
page read and write
|
||
|
3F4C000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
32B9000
|
trusted library allocation
|
page read and write
|
||
|
55F0000
|
heap
|
page read and write
|
||
|
41A4000
|
trusted library allocation
|
page read and write
|
||
|
6A40000
|
trusted library allocation
|
page execute and read and write
|
||
|
4540000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
5800000
|
trusted library allocation
|
page read and write
|
||
|
91A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
6C5E000
|
stack
|
page read and write
|
||
|
43D0000
|
trusted library allocation
|
page read and write
|
||
|
16A7000
|
heap
|
page read and write
|
||
|
936E000
|
stack
|
page read and write
|
||
|
30CD000
|
trusted library allocation
|
page read and write
|
||
|
2ACE000
|
stack
|
page read and write
|
||
|
3208000
|
trusted library allocation
|
page read and write
|
||
|
5A80000
|
trusted library section
|
page readonly
|
||
|
5772000
|
trusted library allocation
|
page read and write
|
||
|
452B000
|
trusted library allocation
|
page read and write
|
||
|
6E00000
|
trusted library allocation
|
page execute and read and write
|
||
|
3409000
|
trusted library allocation
|
page read and write
|
||
|
4239000
|
trusted library allocation
|
page read and write
|
||
|
1386000
|
trusted library allocation
|
page execute and read and write
|
||
|
4323000
|
trusted library allocation
|
page read and write
|
||
|
6ED0000
|
trusted library allocation
|
page execute and read and write
|
||
|
919D000
|
stack
|
page read and write
|
||
|
BF9E000
|
stack
|
page read and write
|
||
|
88A3000
|
heap
|
page read and write
|
||
|
302F000
|
trusted library allocation
|
page read and write
|
||
|
69B4000
|
trusted library allocation
|
page read and write
|
||
|
2F06000
|
trusted library allocation
|
page read and write
|
||
|
431F000
|
trusted library allocation
|
page read and write
|
||
|
6BDF000
|
stack
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
4622000
|
trusted library allocation
|
page read and write
|
||
|
4161000
|
trusted library allocation
|
page read and write
|
||
|
6490000
|
heap
|
page read and write
|
||
|
2F35000
|
trusted library allocation
|
page read and write
|
||
|
2B0F000
|
stack
|
page read and write
|
||
|
41B1000
|
trusted library allocation
|
page read and write
|
||
|
8880000
|
heap
|
page read and write
|
||
|
4071000
|
trusted library allocation
|
page read and write
|
||
|
3352000
|
trusted library allocation
|
page read and write
|
||
|
343F000
|
trusted library allocation
|
page read and write
|
||
|
1207000
|
heap
|
page read and write
|
||
|
87CE000
|
stack
|
page read and write
|
||
|
8CBE000
|
stack
|
page read and write
|
||
|
318E000
|
stack
|
page read and write
|
||
|
96BE000
|
stack
|
page read and write
|
||
|
2FFE000
|
trusted library allocation
|
page read and write
|
||
|
6AF0000
|
trusted library allocation
|
page read and write
|
||
|
45AF000
|
trusted library allocation
|
page read and write
|
||
|
1800000
|
heap
|
page read and write
|
||
|
1588000
|
heap
|
page read and write
|
||
|
4599000
|
trusted library allocation
|
page read and write
|
||
|
14DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
403000
|
remote allocation
|
page execute and read and write
|
||
|
6498000
|
heap
|
page read and write
|
||
|
53C3000
|
heap
|
page read and write
|
||
|
53F0000
|
trusted library allocation
|
page read and write
|
||
|
1038000
|
heap
|
page read and write
|
||
|
139B000
|
trusted library allocation
|
page execute and read and write
|
||
|
F6CE000
|
stack
|
page read and write
|
||
|
3343000
|
trusted library allocation
|
page read and write
|
||
|
2EBE000
|
stack
|
page read and write
|
||
|
3374000
|
trusted library allocation
|
page read and write
|
||
|
66EE000
|
stack
|
page read and write
|
||
|
1007000
|
trusted library allocation
|
page execute and read and write
|
||
|
3232000
|
trusted library allocation
|
page read and write
|
||
|
528E000
|
stack
|
page read and write
|
||
|
1672000
|
heap
|
page read and write
|
||
|
6DF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
68AE000
|
stack
|
page read and write
|
||
|
30D1000
|
trusted library allocation
|
page read and write
|
||
|
5443000
|
heap
|
page read and write
|
||
|
F7CE000
|
stack
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
122E000
|
stack
|
page read and write
|
||
|
1460000
|
heap
|
page execute and read and write
|
||
|
843E000
|
stack
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
1390000
|
trusted library allocation
|
page read and write
|
||
|
41EB000
|
trusted library allocation
|
page read and write
|
||
|
1174000
|
heap
|
page read and write
|
||
|
4504000
|
trusted library allocation
|
page read and write
|
||
|
42B000
|
remote allocation
|
page execute and read and write
|
||
|
41B9000
|
trusted library allocation
|
page read and write
|
||
|
2EC4000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
4259000
|
trusted library allocation
|
page read and write
|
||
|
420D000
|
trusted library allocation
|
page read and write
|
||
|
5600000
|
trusted library allocation
|
page execute and read and write
|
||
|
8ACE000
|
stack
|
page read and write
|
||
|
4373000
|
trusted library allocation
|
page read and write
|
||
|
15AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
5740000
|
trusted library allocation
|
page read and write
|
||
|
17D0000
|
trusted library allocation
|
page read and write
|
||
|
69D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3EC8000
|
trusted library allocation
|
page read and write
|
||
|
8A7E000
|
stack
|
page read and write
|
||
|
8A8E000
|
trusted library allocation
|
page read and write
|
||
|
3154000
|
trusted library allocation
|
page read and write
|
||
|
445A000
|
trusted library allocation
|
page read and write
|
||
|
41E4000
|
trusted library allocation
|
page read and write
|
||
|
4090000
|
trusted library allocation
|
page read and write
|
||
|
18AF000
|
stack
|
page read and write
|
||
|
4511000
|
trusted library allocation
|
page read and write
|
||
|
5340000
|
trusted library allocation
|
page read and write
|
||
|
5630000
|
heap
|
page execute and read and write
|
||
|
2EFE000
|
trusted library allocation
|
page read and write
|
||
|
3292000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
trusted library allocation
|
page read and write
|
||
|
3242000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
3412000
|
trusted library allocation
|
page read and write
|
||
|
6594000
|
heap
|
page read and write
|
||
|
324E000
|
trusted library allocation
|
page read and write
|
||
|
55D0000
|
trusted library allocation
|
page read and write
|
||
|
3006000
|
trusted library allocation
|
page read and write
|
||
|
55E0000
|
heap
|
page execute and read and write
|
||
|
65A1000
|
heap
|
page read and write
|
||
|
3236000
|
trusted library allocation
|
page read and write
|
||
|
69A4000
|
heap
|
page read and write
|
||
|
4221000
|
trusted library allocation
|
page read and write
|
||
|
155E000
|
stack
|
page read and write
|
||
|
3ECA000
|
trusted library allocation
|
page read and write
|
||
|
69C8000
|
trusted library allocation
|
page read and write
|
||
|
4519000
|
trusted library allocation
|
page read and write
|
||
|
3240000
|
heap
|
page execute and read and write
|
||
|
2EEE000
|
trusted library allocation
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
415000
|
remote allocation
|
page execute and read and write
|
||
|
2E7F000
|
unkown
|
page read and write
|
||
|
41D2000
|
trusted library allocation
|
page read and write
|
||
|
1382000
|
trusted library allocation
|
page read and write
|
||
|
57A0000
|
trusted library section
|
page readonly
|
||
|
5BC0000
|
heap
|
page read and write
|
||
|
4074000
|
trusted library allocation
|
page read and write
|
||
|
147E000
|
stack
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
14D1000
|
trusted library allocation
|
page read and write
|
||
|
14CE000
|
trusted library allocation
|
page read and write
|
||
|
414B000
|
trusted library allocation
|
page read and write
|
||
|
119A000
|
heap
|
page read and write
|
||
|
4663000
|
trusted library allocation
|
page read and write
|
||
|
1470000
|
trusted library allocation
|
page execute and read and write
|
||
|
340D000
|
trusted library allocation
|
page read and write
|
||
|
133E000
|
stack
|
page read and write
|
||
|
E5E000
|
stack
|
page read and write
|
||
|
4033000
|
trusted library allocation
|
page read and write
|
||
|
97FE000
|
stack
|
page read and write
|
||
|
43E5000
|
trusted library allocation
|
page read and write
|
||
|
5760000
|
heap
|
page read and write
|
||
|
8810000
|
heap
|
page read and write
|
||
|
5602000
|
trusted library allocation
|
page read and write
|
||
|
5990000
|
trusted library allocation
|
page execute and read and write
|
||
|
3ED7000
|
trusted library allocation
|
page read and write
|
||
|
4F4E000
|
stack
|
page read and write
|
||
|
67EE000
|
stack
|
page read and write
|
||
|
6ADE000
|
stack
|
page read and write
|
||
|
10EE000
|
stack
|
page read and write
|
||
|
8CE0000
|
trusted library allocation
|
page read and write
|
||
|
460C000
|
trusted library allocation
|
page read and write
|
||
|
573E000
|
stack
|
page read and write
|
||
|
314E000
|
trusted library allocation
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
8B0D000
|
stack
|
page read and write
|
||
|
430000
|
remote allocation
|
page execute and read and write
|
||
|
AA9000
|
stack
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
5361000
|
trusted library allocation
|
page read and write
|
||
|
69C6000
|
trusted library allocation
|
page read and write
|
||
|
31DE000
|
trusted library allocation
|
page read and write
|
||
|
15F1000
|
heap
|
page read and write
|
||
|
3ECE000
|
trusted library allocation
|
page read and write
|
||
|
53A5000
|
trusted library allocation
|
page read and write
|
||
|
FDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
31CE000
|
stack
|
page read and write
|
||
|
69F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
43B0000
|
trusted library allocation
|
page read and write
|
||
|
5A90000
|
heap
|
page read and write
|
||
|
6A10000
|
trusted library allocation
|
page execute and read and write
|
||
|
A2A000
|
stack
|
page read and write
|
||
|
14B0000
|
trusted library allocation
|
page read and write
|
||
|
3276000
|
trusted library allocation
|
page read and write
|
||
|
534B000
|
trusted library allocation
|
page read and write
|
||
|
334D000
|
trusted library allocation
|
page read and write
|
||
|
FA7C000
|
stack
|
page read and write
|
||
|
1235000
|
heap
|
page read and write
|
||
|
FB7C000
|
stack
|
page read and write
|
||
|
3FAB000
|
trusted library allocation
|
page read and write
|
||
|
427000
|
remote allocation
|
page execute and read and write
|
||
|
1647000
|
heap
|
page read and write
|
||
|
4046000
|
trusted library allocation
|
page read and write
|
||
|
145C000
|
stack
|
page read and write
|
||
|
14DD000
|
trusted library allocation
|
page read and write
|
||
|
6EB0000
|
trusted library allocation
|
page read and write
|
||
|
315A000
|
trusted library allocation
|
page read and write
|
||
|
579D000
|
stack
|
page read and write
|
||
|
5B50000
|
trusted library allocation
|
page read and write
|
||
|
1203000
|
heap
|
page read and write
|
||
|
569B000
|
stack
|
page read and write
|
||
|
13B7000
|
heap
|
page read and write
|
||
|
14FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
57D0000
|
heap
|
page read and write
|
||
|
3204000
|
trusted library allocation
|
page read and write
|
||
|
EC5000
|
heap
|
page read and write
|
||
|
5850000
|
trusted library allocation
|
page execute and read and write
|
||
|
348B000
|
trusted library allocation
|
page read and write
|
||
|
5610000
|
trusted library allocation
|
page read and write
|
||
|
2EFA000
|
trusted library allocation
|
page read and write
|
||
|
41AB000
|
trusted library allocation
|
page read and write
|
||
|
11C6000
|
heap
|
page read and write
|
||
|
4FFC000
|
stack
|
page read and write
|
||
|
EF2000
|
unkown
|
page readonly
|
||
|
8D3E000
|
stack
|
page read and write
|
||
|
5384000
|
trusted library allocation
|
page read and write
|
||
|
2DA0000
|
trusted library allocation
|
page read and write
|
||
|
166A000
|
heap
|
page read and write
|
||
|
421C000
|
trusted library allocation
|
page read and write
|
||
|
8CF0000
|
trusted library allocation
|
page read and write
|
||
|
FD5000
|
heap
|
page read and write
|
||
|
420E000
|
trusted library allocation
|
page read and write
|
||
|
315A000
|
trusted library allocation
|
page read and write
|
||
|
136D000
|
trusted library allocation
|
page execute and read and write
|
||
|
419F000
|
trusted library allocation
|
page read and write
|
||
|
15B0000
|
heap
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page read and write
|
||
|
3FC1000
|
trusted library allocation
|
page read and write
|
||
|
6DD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F850000
|
trusted library allocation
|
page execute and read and write
|
||
|
33E3000
|
trusted library allocation
|
page read and write
|
||
|
FF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
4444000
|
trusted library allocation
|
page read and write
|
||
|
5880000
|
trusted library allocation
|
page execute and read and write
|
||
|
1392000
|
trusted library allocation
|
page read and write
|
||
|
5795000
|
trusted library allocation
|
page read and write
|
||
|
3E73000
|
trusted library allocation
|
page read and write
|
||
|
5CB1000
|
trusted library allocation
|
page read and write
|
||
|
2AD0000
|
heap
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page read and write
|
||
|
3230000
|
trusted library allocation
|
page read and write
|
||
|
B8EE000
|
stack
|
page read and write
|
||
|
6B10000
|
trusted library allocation
|
page execute and read and write
|
||
|
7560000
|
heap
|
page read and write
|
||
|
5344000
|
trusted library allocation
|
page read and write
|
||
|
1544000
|
trusted library allocation
|
page read and write
|
||
|
347A000
|
trusted library allocation
|
page read and write
|
||
|
6460000
|
heap
|
page read and write
|
||
|
44F7000
|
trusted library allocation
|
page read and write
|
||
|
14BE000
|
trusted library allocation
|
page read and write
|
||
|
691F000
|
stack
|
page read and write
|
||
|
1583000
|
trusted library allocation
|
page execute and read and write
|
||
|
C09D000
|
stack
|
page read and write
|
||
|
3F36000
|
trusted library allocation
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
FCBE000
|
stack
|
page read and write
|
||
|
2FA2000
|
trusted library allocation
|
page read and write
|
||
|
535E000
|
trusted library allocation
|
page read and write
|
||
|
57E0000
|
heap
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page execute and read and write
|
||
|
B290000
|
heap
|
page read and write
|
||
|
1364000
|
trusted library allocation
|
page read and write
|
||
|
17E0000
|
heap
|
page read and write
|
||
|
4DD000
|
stack
|
page read and write
|
||
|
14CA000
|
trusted library allocation
|
page read and write
|
||
|
59F1000
|
trusted library allocation
|
page read and write
|
||
|
56A0000
|
trusted library allocation
|
page read and write
|
||
|
8E3E000
|
stack
|
page read and write
|
||
|
324A000
|
trusted library allocation
|
page read and write
|
||
|
414000
|
remote allocation
|
page execute and read and write
|
||
|
111D000
|
heap
|
page read and write
|
||
|
8A80000
|
trusted library allocation
|
page read and write
|
||
|
134E000
|
stack
|
page read and write
|
||
|
429000
|
remote allocation
|
page execute and read and write
|
||
|
55FD000
|
trusted library allocation
|
page read and write
|
||
|
5290000
|
heap
|
page read and write
|
||
|
55F6000
|
trusted library allocation
|
page read and write
|
||
|
FD3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DA4000
|
trusted library allocation
|
page read and write
|
||
|
114E000
|
heap
|
page read and write
|
||
|
429F000
|
trusted library allocation
|
page read and write
|
||
|
303D000
|
trusted library allocation
|
page read and write
|
||
|
5770000
|
trusted library allocation
|
page read and write
|
||
|
3F8B000
|
trusted library allocation
|
page read and write
|
||
|
91D0000
|
heap
|
page read and write
|
||
|
4717000
|
trusted library allocation
|
page read and write
|
||
|
4261000
|
trusted library allocation
|
page read and write
|
||
|
3035000
|
trusted library allocation
|
page read and write
|
||
|
416000
|
remote allocation
|
page execute and read and write
|
||
|
314B000
|
trusted library allocation
|
page read and write
|
||
|
17AE000
|
stack
|
page read and write
|
||
|
3EC3000
|
trusted library allocation
|
page read and write
|
||
|
5840000
|
heap
|
page read and write
|
||
|
1363000
|
trusted library allocation
|
page execute and read and write
|
||
|
14F0000
|
trusted library allocation
|
page read and write
|
||
|
B48D000
|
stack
|
page read and write
|
||
|
1621000
|
heap
|
page read and write
|
||
|
5890000
|
trusted library allocation
|
page read and write
|
||
|
DBCE000
|
stack
|
page read and write
|
||
|
69C0000
|
trusted library allocation
|
page read and write
|
||
|
3E51000
|
trusted library allocation
|
page read and write
|
||
|
70F0000
|
heap
|
page read and write
|
||
|
9265000
|
heap
|
page read and write
|
||
|
42CB000
|
trusted library allocation
|
page read and write
|
||
|
5630000
|
trusted library allocation
|
page execute and read and write
|
||
|
4213000
|
trusted library allocation
|
page read and write
|
||
|
5640000
|
trusted library allocation
|
page read and write
|
||
|
3F5F000
|
trusted library allocation
|
page read and write
|
||
|
41BA000
|
trusted library allocation
|
page read and write
|
||
|
66AE000
|
stack
|
page read and write
|
||
|
6EE0000
|
trusted library allocation
|
page read and write
|
||
|
8B10000
|
trusted library allocation
|
page execute and read and write
|
||
|
69B6000
|
trusted library allocation
|
page read and write
|
||
|
40A5000
|
trusted library allocation
|
page read and write
|
||
|
69AE000
|
stack
|
page read and write
|
||
|
9470000
|
trusted library section
|
page read and write
|
||
|
53D0000
|
trusted library allocation
|
page read and write
|
||
|
14C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
138A000
|
trusted library allocation
|
page execute and read and write
|
||
|
44FA000
|
trusted library allocation
|
page read and write
|
||
|
6470000
|
heap
|
page read and write
|
||
|
1590000
|
trusted library allocation
|
page read and write
|
||
|
41AB000
|
trusted library allocation
|
page read and write
|
||
|
5790000
|
trusted library allocation
|
page read and write
|
||
|
55EA000
|
trusted library allocation
|
page read and write
|
||
|
42E2000
|
trusted library allocation
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
14B0000
|
trusted library allocation
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
1510000
|
trusted library allocation
|
page read and write
|
||
|
82B000
|
heap
|
page read and write
|
||
|
5C90000
|
trusted library allocation
|
page read and write
|
||
|
3037000
|
trusted library allocation
|
page read and write
|
||
|
878E000
|
stack
|
page read and write
|
||
|
6E67000
|
trusted library allocation
|
page read and write
|
||
|
55F1000
|
trusted library allocation
|
page read and write
|
||
|
41FD000
|
trusted library allocation
|
page read and write
|
||
|
157B000
|
heap
|
page read and write
|
||
|
3261000
|
trusted library allocation
|
page read and write
|
||
|
858E000
|
stack
|
page read and write
|
||
|
4AB7000
|
trusted library allocation
|
page read and write
|
||
|
3011000
|
trusted library allocation
|
page read and write
|
||
|
1530000
|
trusted library allocation
|
page read and write
|
||
|
348E000
|
trusted library allocation
|
page read and write
|
||
|
3444000
|
trusted library allocation
|
page read and write
|
||
|
42E4000
|
trusted library allocation
|
page read and write
|
||
|
55D6000
|
trusted library allocation
|
page read and write
|
||
|
11FF000
|
heap
|
page read and write
|
||
|
6DE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
6EC0000
|
trusted library allocation
|
page read and write
|
||
|
569A000
|
trusted library allocation
|
page read and write
|
||
|
5A7B000
|
stack
|
page read and write
|
||
|
41F6000
|
trusted library allocation
|
page read and write
|
||
|
34F1000
|
trusted library allocation
|
page read and write
|
||
|
2DB0000
|
heap
|
page execute and read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
7682000
|
trusted library allocation
|
page read and write
|
||
|
2DA6000
|
trusted library allocation
|
page read and write
|
||
|
FFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
4200000
|
trusted library allocation
|
page read and write
|
||
|
126E000
|
stack
|
page read and write
|
||
|
5440000
|
heap
|
page read and write
|
||
|
5980000
|
trusted library allocation
|
page read and write
|
||
|
3EE0000
|
trusted library allocation
|
page read and write
|
||
|
53FC000
|
stack
|
page read and write
|
||
|
14EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
42EB000
|
trusted library allocation
|
page read and write
|
||
|
313B000
|
trusted library allocation
|
page read and write
|
||
|
F44E000
|
stack
|
page read and write
|
||
|
7F4E0000
|
trusted library allocation
|
page execute and read and write
|
There are 754 hidden memdumps, click here to show them.