Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
yhYrGCKq9s.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\FitTech Pulse Solutions\B
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\FitTech Pulse Solutions\PulsePlay.js
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\FitTech Pulse Solutions\PulsePlay.scr
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\182431\Vertical.pif
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\182431\d
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Bytes
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Cindy
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Consequences
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Crude
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Dairy
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Gel
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Including
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Instrument
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Midlands
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Passion
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Personally
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Pi
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Pt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Variations
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PulsePlay.url
|
MS Windows 95 Internet shortcut text (URL=<"C:\Users\user\AppData\Local\FitTech Pulse Solutions\PulsePlay.js" >), ASCII text,
with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\FitTech Pulse Solutions\RegAsm.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegAsm.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\182431\RegAsm.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Intervention
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Marina
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Updated
|
ASCII text, with very long lines (1242), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Updated.bat
|
ASCII text, with very long lines (1242), with CRLF line terminators
|
dropped
|
There are 18 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\yhYrGCKq9s.exe
|
"C:\Users\user\Desktop\yhYrGCKq9s.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c copy Updated Updated.bat & Updated.bat
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /I "wrsa opssvc"
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr -I "avastui avgui bdservicehost nswscsvc sophoshealth"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c md 182431
|
|
|
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /V "TranslateTileAuthorsPerhaps" Intervention
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c copy /b ..\Crude + ..\Cindy + ..\Dairy + ..\Gel + ..\Midlands + ..\Personally + ..\Pi + ..\Bytes + ..\Consequences
+ ..\Passion + ..\Pt + ..\Instrument + ..\Including + ..\Variations d
|
|
|
|
C:\Users\user\AppData\Local\Temp\182431\Vertical.pif
|
Vertical.pif d
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /k echo [InternetShortcut] > "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PulsePlay.url"
& echo URL="C:\Users\user\AppData\Local\FitTech Pulse Solutions\PulsePlay.js" >> "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Startup\PulsePlay.url" & exit
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Local\FitTech Pulse Solutions\PulsePlay.js"
|
|
|
|
C:\Users\user\AppData\Local\FitTech Pulse Solutions\PulsePlay.scr
|
"C:\Users\user\AppData\Local\FitTech Pulse Solutions\PulsePlay.scr" "C:\Users\user\AppData\Local\FitTech Pulse Solutions\B"
|
|
|
|
C:\Users\user\AppData\Local\Temp\182431\RegAsm.exe
|
C:\Users\user\AppData\Local\Temp\182431\RegAsm.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\182431\RegAsm.exe
|
C:\Users\user\AppData\Local\Temp\182431\RegAsm.exe
|
|
|
|
C:\Users\user\AppData\Local\FitTech Pulse Solutions\RegAsm.exe
|
"C:\Users\user\AppData\Local\FitTech Pulse Solutions\RegAsm.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\tasklist.exe
|
tasklist
|
||
|
C:\Windows\SysWOW64\tasklist.exe
|
tasklist
|
||
|
C:\Windows\SysWOW64\choice.exe
|
choice /d y /t 5
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 9 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.autoitscript.com/autoit3/X
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://www.autoitscript.com/autoit3/
|
unknown
|
||
|
https://pastebin.com/raw/wikwTRQcPO
|
unknown
|
||
|
https://pastebin.com/raw/wikwTRQc
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
NHjARYrTsivtAmbTasWzHG.NHjARYrTsivtAmbTasWzHG
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
91.202.233.18
|
unknown
|
Russian Federation
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
|
JScriptSetScriptStateStarted
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1302000
|
remote allocation
|
page execute and read and write
|
|
|
|
1DDAB360000
|
heap
|
page read and write
|
||
|
2AFC000
|
heap
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
3FAD000
|
trusted library allocation
|
page read and write
|
||
|
304F000
|
heap
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
4138000
|
trusted library allocation
|
page read and write
|
||
|
9A5000
|
unkown
|
page readonly
|
||
|
3FA1000
|
trusted library allocation
|
page read and write
|
||
|
2AFC000
|
heap
|
page read and write
|
||
|
454E000
|
stack
|
page read and write
|
||
|
3D4000
|
heap
|
page read and write
|
||
|
1720000
|
heap
|
page read and write
|
||
|
645E000
|
stack
|
page read and write
|
||
|
5625000
|
trusted library allocation
|
page read and write
|
||
|
408C000
|
trusted library allocation
|
page read and write
|
||
|
137E000
|
stack
|
page read and write
|
||
|
3FA4000
|
trusted library allocation
|
page read and write
|
||
|
4058000
|
trusted library allocation
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
4040000
|
trusted library allocation
|
page read and write
|
||
|
424E000
|
trusted library allocation
|
page read and write
|
||
|
40FD000
|
trusted library allocation
|
page read and write
|
||
|
3FA1000
|
trusted library allocation
|
page read and write
|
||
|
418C000
|
trusted library allocation
|
page read and write
|
||
|
419D000
|
trusted library allocation
|
page read and write
|
||
|
2AFC000
|
heap
|
page read and write
|
||
|
414C000
|
trusted library allocation
|
page read and write
|
||
|
1DDA958C000
|
heap
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
22000
|
unkown
|
page readonly
|
||
|
550E000
|
trusted library allocation
|
page read and write
|
||
|
3FA8000
|
trusted library allocation
|
page read and write
|
||
|
1710000
|
heap
|
page execute and read and write
|
||
|
53EE000
|
stack
|
page read and write
|
||
|
404C000
|
trusted library allocation
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
304C000
|
heap
|
page read and write
|
||
|
20000
|
unkown
|
page readonly
|
||
|
54F6000
|
trusted library allocation
|
page read and write
|
||
|
3C40000
|
trusted library allocation
|
page read and write
|
||
|
3FA7000
|
trusted library allocation
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
4033000
|
trusted library allocation
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
404D000
|
trusted library allocation
|
page read and write
|
||
|
4043000
|
trusted library allocation
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
3FA8000
|
trusted library allocation
|
page read and write
|
||
|
1DDA958D000
|
heap
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
5550000
|
trusted library allocation
|
page read and write
|
||
|
30CF000
|
stack
|
page read and write
|
||
|
406D000
|
trusted library allocation
|
page read and write
|
||
|
404D000
|
trusted library allocation
|
page read and write
|
||
|
4EDF000
|
stack
|
page read and write
|
||
|
4215000
|
trusted library allocation
|
page read and write
|
||
|
4043000
|
trusted library allocation
|
page read and write
|
||
|
2AF5000
|
heap
|
page read and write
|
||
|
63E000
|
stack
|
page read and write
|
||
|
12F7000
|
trusted library allocation
|
page execute and read and write
|
||
|
389C000
|
stack
|
page read and write
|
||
|
5539000
|
trusted library allocation
|
page read and write
|
||
|
3FAD000
|
trusted library allocation
|
page read and write
|
||
|
8CE000
|
heap
|
page read and write
|
||
|
417C000
|
trusted library allocation
|
page read and write
|
||
|
689E000
|
stack
|
page read and write
|
||
|
4058000
|
trusted library allocation
|
page read and write
|
||
|
408F000
|
trusted library allocation
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
3055000
|
heap
|
page read and write
|
||
|
4098000
|
trusted library allocation
|
page read and write
|
||
|
3FA5000
|
trusted library allocation
|
page read and write
|
||
|
C74000
|
heap
|
page read and write
|
||
|
562C000
|
trusted library allocation
|
page read and write
|
||
|
3FA1000
|
trusted library allocation
|
page read and write
|
||
|
41A8000
|
trusted library allocation
|
page read and write
|
||
|
40A5000
|
trusted library allocation
|
page read and write
|
||
|
FD5000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
4046000
|
trusted library allocation
|
page read and write
|
||
|
5000000
|
trusted library allocation
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
4044000
|
trusted library allocation
|
page read and write
|
||
|
4042000
|
trusted library allocation
|
page read and write
|
||
|
49C000
|
stack
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
5760000
|
trusted library allocation
|
page read and write
|
||
|
4081000
|
trusted library allocation
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
3FAF000
|
trusted library allocation
|
page read and write
|
||
|
404C000
|
trusted library allocation
|
page read and write
|
||
|
37B4000
|
heap
|
page read and write
|
||
|
4048000
|
trusted library allocation
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
F03000
|
heap
|
page read and write
|
||
|
458F000
|
stack
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
159E000
|
stack
|
page read and write
|
||
|
3D01000
|
trusted library allocation
|
page read and write
|
||
|
3FA6000
|
trusted library allocation
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
3010000
|
heap
|
page read and write
|
||
|
554000
|
heap
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
4048000
|
trusted library allocation
|
page read and write
|
||
|
5500000
|
trusted library allocation
|
page read and write
|
||
|
659E000
|
stack
|
page read and write
|
||
|
3C41000
|
trusted library allocation
|
page read and write
|
||
|
4104000
|
trusted library allocation
|
page read and write
|
||
|
2ECF000
|
stack
|
page read and write
|
||
|
2E7C000
|
stack
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
417B000
|
trusted library allocation
|
page read and write
|
||
|
2AFD000
|
heap
|
page read and write
|
||
|
4042000
|
trusted library allocation
|
page read and write
|
||
|
5788000
|
trusted library allocation
|
page read and write
|
||
|
343F000
|
stack
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
3C40000
|
trusted library allocation
|
page read and write
|
||
|
57C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
16B4000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
54B000
|
heap
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
40E7000
|
trusted library allocation
|
page read and write
|
||
|
1471000
|
heap
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
3D8E000
|
trusted library allocation
|
page read and write
|
||
|
7E6CDFE000
|
stack
|
page read and write
|
||
|
699E000
|
stack
|
page read and write
|
||
|
3C93000
|
trusted library allocation
|
page read and write
|
||
|
5635000
|
trusted library allocation
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
320F000
|
stack
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
3D4000
|
heap
|
page read and write
|
||
|
57C4000
|
trusted library allocation
|
page read and write
|
||
|
3FA5000
|
trusted library allocation
|
page read and write
|
||
|
36A5000
|
heap
|
page read and write
|
||
|
407C000
|
trusted library allocation
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
C74000
|
heap
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
410D000
|
trusted library allocation
|
page read and write
|
||
|
36A5000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
9A1000
|
unkown
|
page write copy
|
||
|
3E05000
|
trusted library allocation
|
page read and write
|
||
|
303D000
|
heap
|
page read and write
|
||
|
2EFD000
|
stack
|
page read and write
|
||
|
574B000
|
trusted library allocation
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
3C40000
|
trusted library allocation
|
page read and write
|
||
|
12FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
C74000
|
heap
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
556000
|
heap
|
page read and write
|
||
|
4118000
|
trusted library allocation
|
page read and write
|
||
|
1DDA9582000
|
heap
|
page read and write
|
||
|
410D000
|
trusted library allocation
|
page read and write
|
||
|
4085000
|
trusted library allocation
|
page read and write
|
||
|
76D000
|
unkown
|
page readonly
|
||
|
2ED0000
|
trusted library allocation
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
54F4000
|
trusted library allocation
|
page read and write
|
||
|
41DB000
|
trusted library allocation
|
page read and write
|
||
|
7E6CFFF000
|
stack
|
page read and write
|
||
|
4048000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4178000
|
trusted library allocation
|
page read and write
|
||
|
12D4000
|
trusted library allocation
|
page read and write
|
||
|
52E000
|
heap
|
page read and write
|
||
|
3FA4000
|
trusted library allocation
|
page read and write
|
||
|
4095000
|
trusted library allocation
|
page read and write
|
||
|
3FA9000
|
trusted library allocation
|
page read and write
|
||
|
1DDA9593000
|
heap
|
page read and write
|
||
|
86E000
|
heap
|
page read and write
|
||
|
C74000
|
heap
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
F03000
|
heap
|
page read and write
|
||
|
305B000
|
heap
|
page read and write
|
||
|
411F000
|
trusted library allocation
|
page read and write
|
||
|
4F5F000
|
stack
|
page read and write
|
||
|
379C000
|
stack
|
page read and write
|
||
|
36A2000
|
heap
|
page read and write
|
||
|
3FA0000
|
trusted library allocation
|
page read and write
|
||
|
127E000
|
stack
|
page read and write
|
||
|
404B000
|
trusted library allocation
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
13A8000
|
heap
|
page read and write
|
||
|
144E000
|
heap
|
page read and write
|
||
|
3A90000
|
trusted library allocation
|
page read and write
|
||
|
318F000
|
stack
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
C74000
|
heap
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
89A000
|
heap
|
page read and write
|
||
|
3FA2000
|
trusted library allocation
|
page read and write
|
||
|
3D26000
|
trusted library allocation
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
288E000
|
stack
|
page read and write
|
||
|
40DA000
|
trusted library allocation
|
page read and write
|
||
|
3552000
|
heap
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
13EB000
|
heap
|
page read and write
|
||
|
4044000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
4047000
|
trusted library allocation
|
page read and write
|
||
|
3FA2000
|
trusted library allocation
|
page read and write
|
||
|
4121000
|
trusted library allocation
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
40EB000
|
trusted library allocation
|
page read and write
|
||
|
85E000
|
stack
|
page read and write
|
||
|
4093000
|
trusted library allocation
|
page read and write
|
||
|
96D000
|
unkown
|
page readonly
|
||
|
3D4000
|
heap
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
3D1D000
|
trusted library allocation
|
page read and write
|
||
|
1DDA9582000
|
heap
|
page read and write
|
||
|
2FD6000
|
heap
|
page read and write
|
||
|
3FA7000
|
trusted library allocation
|
page read and write
|
||
|
40DE000
|
trusted library allocation
|
page read and write
|
||
|
3D4000
|
heap
|
page read and write
|
||
|
4071000
|
trusted library allocation
|
page read and write
|
||
|
40AB000
|
trusted library allocation
|
page read and write
|
||
|
4115000
|
trusted library allocation
|
page read and write
|
||
|
4043000
|
trusted library allocation
|
page read and write
|
||
|
5530000
|
trusted library allocation
|
page read and write
|
||
|
4048000
|
trusted library allocation
|
page read and write
|
||
|
4047000
|
trusted library allocation
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
25A0000
|
heap
|
page read and write
|
||
|
2435000
|
heap
|
page read and write
|
||
|
4069000
|
trusted library allocation
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
28CF000
|
stack
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
8D2000
|
heap
|
page read and write
|
||
|
5780000
|
trusted library allocation
|
page read and write
|
||
|
A5F000
|
stack
|
page read and write
|
||
|
40E2000
|
trusted library allocation
|
page read and write
|
||
|
7E6C6FA000
|
stack
|
page read and write
|
||
|
3FA0000
|
trusted library allocation
|
page read and write
|
||
|
27FE000
|
stack
|
page read and write
|
||
|
4120000
|
trusted library allocation
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
2AF3000
|
heap
|
page read and write
|
||
|
12D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
404C000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
3FA7000
|
trusted library allocation
|
page read and write
|
||
|
4045000
|
trusted library allocation
|
page read and write
|
||
|
4F9E000
|
stack
|
page read and write
|
||
|
519E000
|
stack
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
12E0000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
trusted library allocation
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
41BF000
|
trusted library allocation
|
page read and write
|
||
|
4007000
|
trusted library allocation
|
page read and write
|
||
|
4122000
|
trusted library allocation
|
page read and write
|
||
|
3C94000
|
trusted library allocation
|
page read and write
|
||
|
4031000
|
trusted library allocation
|
page read and write
|
||
|
4218000
|
trusted library allocation
|
page read and write
|
||
|
4040000
|
trusted library allocation
|
page read and write
|
||
|
EF2000
|
heap
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
405C000
|
trusted library allocation
|
page read and write
|
||
|
3033000
|
heap
|
page read and write
|
||
|
404B000
|
trusted library allocation
|
page read and write
|
||
|
55D000
|
heap
|
page read and write
|
||
|
5C6F000
|
stack
|
page read and write
|
||
|
40A4000
|
trusted library allocation
|
page read and write
|
||
|
1300000
|
remote allocation
|
page execute and read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
trusted library allocation
|
page read and write
|
||
|
1DDA954C000
|
heap
|
page read and write
|
||
|
1DDA9597000
|
heap
|
page read and write
|
||
|
3C40000
|
trusted library allocation
|
page read and write
|
||
|
F6B000
|
stack
|
page read and write
|
||
|
329F000
|
stack
|
page read and write
|
||
|
7A1000
|
unkown
|
page write copy
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
15DE000
|
stack
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
3018000
|
heap
|
page read and write
|
||
|
404A000
|
trusted library allocation
|
page read and write
|
||
|
54B000
|
heap
|
page read and write
|
||
|
41A7000
|
trusted library allocation
|
page read and write
|
||
|
147B000
|
heap
|
page read and write
|
||
|
3C40000
|
trusted library allocation
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
2E3C000
|
stack
|
page read and write
|
||
|
4044000
|
trusted library allocation
|
page read and write
|
||
|
314E000
|
stack
|
page read and write
|
||
|
414C000
|
trusted library allocation
|
page read and write
|
||
|
414E000
|
trusted library allocation
|
page read and write
|
||
|
3FA4000
|
trusted library allocation
|
page read and write
|
||
|
1DDA9538000
|
heap
|
page read and write
|
||
|
1680000
|
trusted library allocation
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
7E6CBFF000
|
stack
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
4046000
|
trusted library allocation
|
page read and write
|
||
|
592E000
|
stack
|
page read and write
|
||
|
C74000
|
heap
|
page read and write
|
||
|
302F000
|
heap
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
1DDA9584000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
3C94000
|
trusted library allocation
|
page read and write
|
||
|
41C6000
|
trusted library allocation
|
page read and write
|
||
|
41FE000
|
trusted library allocation
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
86A000
|
heap
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
3D25000
|
trusted library allocation
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
1DDA9785000
|
heap
|
page read and write
|
||
|
404B000
|
trusted library allocation
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
4049000
|
trusted library allocation
|
page read and write
|
||
|
4073000
|
trusted library allocation
|
page read and write
|
||
|
3FA4000
|
trusted library allocation
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
553B000
|
trusted library allocation
|
page read and write
|
||
|
4041000
|
trusted library allocation
|
page read and write
|
||
|
12F0000
|
trusted library allocation
|
page read and write
|
||
|
6A9E000
|
stack
|
page read and write
|
||
|
3211000
|
trusted library allocation
|
page read and write
|
||
|
411B000
|
trusted library allocation
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
7E6CAFF000
|
stack
|
page read and write
|
||
|
16D0000
|
trusted library allocation
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
4042000
|
trusted library allocation
|
page read and write
|
||
|
30CC000
|
stack
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
1DDA96C0000
|
heap
|
page read and write
|
||
|
59EE000
|
stack
|
page read and write
|
||
|
4043000
|
trusted library allocation
|
page read and write
|
||
|
2BC9000
|
heap
|
page read and write
|
||
|
4045000
|
trusted library allocation
|
page read and write
|
||
|
5660000
|
heap
|
page read and write
|
||
|
145A000
|
heap
|
page read and write
|
||
|
37B4000
|
heap
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
3FA0000
|
trusted library allocation
|
page read and write
|
||
|
413A000
|
trusted library allocation
|
page read and write
|
||
|
4037000
|
trusted library allocation
|
page read and write
|
||
|
3BA1000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
3C40000
|
trusted library allocation
|
page read and write
|
||
|
40D8000
|
trusted library allocation
|
page read and write
|
||
|
3E14000
|
trusted library allocation
|
page read and write
|
||
|
1307000
|
heap
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
2AF7000
|
heap
|
page read and write
|
||
|
4115000
|
trusted library allocation
|
page read and write
|
||
|
4127000
|
trusted library allocation
|
page read and write
|
||
|
3C40000
|
trusted library allocation
|
page read and write
|
||
|
4211000
|
trusted library allocation
|
page read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
420E000
|
trusted library allocation
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
404E000
|
trusted library allocation
|
page read and write
|
||
|
4139000
|
trusted library allocation
|
page read and write
|
||
|
3FAF000
|
trusted library allocation
|
page read and write
|
||
|
68F000
|
stack
|
page read and write
|
||
|
28E7000
|
heap
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
5576000
|
trusted library allocation
|
page read and write
|
||
|
3F06000
|
trusted library allocation
|
page read and write
|
||
|
3C41000
|
trusted library allocation
|
page read and write
|
||
|
161E000
|
stack
|
page read and write
|
||
|
408C000
|
trusted library allocation
|
page read and write
|
||
|
5680000
|
heap
|
page read and write
|
||
|
45C000
|
stack
|
page read and write
|
||
|
557A000
|
trusted library allocation
|
page read and write
|
||
|
4043000
|
trusted library allocation
|
page read and write
|
||
|
7E6C7FF000
|
stack
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
4040000
|
trusted library allocation
|
page read and write
|
||
|
1DDA959F000
|
heap
|
page read and write
|
||
|
3BA1000
|
trusted library allocation
|
page read and write
|
||
|
4065000
|
trusted library allocation
|
page read and write
|
||
|
F05000
|
heap
|
page read and write
|
||
|
5008000
|
trusted library allocation
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
2AF2000
|
heap
|
page read and write
|
||
|
1428000
|
heap
|
page read and write
|
||
|
5740000
|
trusted library allocation
|
page read and write
|
||
|
5525000
|
trusted library allocation
|
page read and write
|
||
|
34A0000
|
heap
|
page read and write
|
||
|
3C40000
|
trusted library allocation
|
page read and write
|
||
|
40E1000
|
trusted library allocation
|
page read and write
|
||
|
23E0000
|
heap
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
41F000
|
unkown
|
page read and write
|
||
|
40B000
|
unkown
|
page read and write
|
||
|
37B4000
|
heap
|
page read and write
|
||
|
413F000
|
trusted library allocation
|
page read and write
|
||
|
405C000
|
trusted library allocation
|
page read and write
|
||
|
3FA6000
|
trusted library allocation
|
page read and write
|
||
|
3FA8000
|
trusted library allocation
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
34FE000
|
stack
|
page read and write
|
||
|
4F1E000
|
stack
|
page read and write
|
||
|
36A5000
|
heap
|
page read and write
|
||
|
5750000
|
trusted library allocation
|
page read and write
|
||
|
37B4000
|
heap
|
page read and write
|
||
|
3C40000
|
trusted library allocation
|
page read and write
|
||
|
40F6000
|
trusted library allocation
|
page read and write
|
||
|
5770000
|
trusted library allocation
|
page read and write
|
||
|
4052000
|
trusted library allocation
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
28E0000
|
heap
|
page read and write
|
||
|
631E000
|
stack
|
page read and write
|
||
|
4096000
|
trusted library allocation
|
page read and write
|
||
|
655E000
|
stack
|
page read and write
|
||
|
3FAE000
|
trusted library allocation
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
40A4000
|
trusted library allocation
|
page read and write
|
||
|
57E5000
|
trusted library allocation
|
page read and write
|
||
|
4044000
|
trusted library allocation
|
page read and write
|
||
|
C74000
|
heap
|
page read and write
|
||
|
404B000
|
trusted library allocation
|
page read and write
|
||
|
4F4000
|
unkown
|
page readonly
|
||
|
3421000
|
heap
|
page read and write
|
||
|
56B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1DDA955F000
|
heap
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
40B000
|
unkown
|
page write copy
|
||
|
3FA3000
|
trusted library allocation
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
4116000
|
trusted library allocation
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
3FA2000
|
trusted library allocation
|
page read and write
|
||
|
3FA8000
|
trusted library allocation
|
page read and write
|
||
|
4039000
|
trusted library allocation
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
8CE000
|
heap
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
3C40000
|
trusted library allocation
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
37B0000
|
heap
|
page read and write
|
||
|
4114000
|
trusted library allocation
|
page read and write
|
||
|
3FA7000
|
trusted library allocation
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
2E000
|
unkown
|
page readonly
|
||
|
1DDA9584000
|
heap
|
page read and write
|
||
|
131B000
|
trusted library allocation
|
page execute and read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
4042000
|
trusted library allocation
|
page read and write
|
||
|
57BE000
|
stack
|
page read and write
|
||
|
3FAB000
|
trusted library allocation
|
page read and write
|
||
|
3FAB000
|
trusted library allocation
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
140F000
|
heap
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
1DDA978D000
|
heap
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
37B4000
|
heap
|
page read and write
|
||
|
3D36000
|
trusted library allocation
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
1DDA957C000
|
heap
|
page read and write
|
||
|
7FE000
|
stack
|
page read and write
|
||
|
4059000
|
trusted library allocation
|
page read and write
|
||
|
305A000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
404E000
|
trusted library allocation
|
page read and write
|
||
|
4E9E000
|
stack
|
page read and write
|
||
|
420E000
|
trusted library allocation
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
5730000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FA4000
|
trusted library allocation
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
408E000
|
trusted library allocation
|
page read and write
|
||
|
1DDA9589000
|
heap
|
page read and write
|
||
|
3692000
|
heap
|
page read and write
|
||
|
4138000
|
trusted library allocation
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
793000
|
unkown
|
page readonly
|
||
|
320E000
|
stack
|
page read and write
|
||
|
54FC000
|
trusted library allocation
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
1DDA9559000
|
heap
|
page read and write
|
||
|
40F0000
|
trusted library allocation
|
page read and write
|
||
|
C74000
|
heap
|
page read and write
|
||
|
C74000
|
heap
|
page read and write
|
||
|
4128000
|
trusted library allocation
|
page read and write
|
||
|
40F7000
|
trusted library allocation
|
page read and write
|
||
|
4041000
|
trusted library allocation
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
365E000
|
stack
|
page read and write
|
||
|
3FAA000
|
trusted library allocation
|
page read and write
|
||
|
57C1000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
trusted library allocation
|
page read and write
|
||
|
4176000
|
trusted library allocation
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
4143000
|
trusted library allocation
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
1DDA956E000
|
heap
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
2AFA000
|
heap
|
page read and write
|
||
|
1DDA957B000
|
heap
|
page read and write
|
||
|
3CBA000
|
trusted library allocation
|
page read and write
|
||
|
3FAA000
|
trusted library allocation
|
page read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
5790000
|
trusted library allocation
|
page read and write
|
||
|
404E000
|
trusted library allocation
|
page read and write
|
||
|
C74000
|
heap
|
page read and write
|
||
|
532000
|
heap
|
page read and write
|
||
|
4042000
|
trusted library allocation
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
3C41000
|
trusted library allocation
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
40FF000
|
trusted library allocation
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
40DA000
|
trusted library allocation
|
page read and write
|
||
|
C74000
|
heap
|
page read and write
|
||
|
3C19000
|
trusted library allocation
|
page read and write
|
||
|
3E8D000
|
trusted library allocation
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
4040000
|
trusted library allocation
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
3FA0000
|
trusted library allocation
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
4042000
|
trusted library allocation
|
page read and write
|
||
|
6D1000
|
unkown
|
page execute read
|
||
|
283F000
|
stack
|
page read and write
|
||
|
2AF5000
|
heap
|
page read and write
|
||
|
53B000
|
heap
|
page read and write
|
||
|
40D7000
|
trusted library allocation
|
page read and write
|
||
|
5518000
|
trusted library allocation
|
page read and write
|
||
|
4119000
|
trusted library allocation
|
page read and write
|
||
|
52ED000
|
stack
|
page read and write
|
||
|
1DDA957C000
|
heap
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
4066000
|
trusted library allocation
|
page read and write
|
||
|
4137000
|
trusted library allocation
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
1DDA9558000
|
heap
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
4630000
|
heap
|
page read and write
|
||
|
7A5000
|
unkown
|
page readonly
|
||
|
596E000
|
stack
|
page read and write
|
||
|
163E000
|
stack
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
2FFE000
|
stack
|
page read and write
|
||
|
23A4000
|
heap
|
page read and write
|
||
|
12C0000
|
trusted library allocation
|
page read and write
|
||
|
4056000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
40AC000
|
trusted library allocation
|
page read and write
|
||
|
4001000
|
trusted library allocation
|
page read and write
|
||
|
404B000
|
trusted library allocation
|
page read and write
|
||
|
325C000
|
heap
|
page read and write
|
||
|
56FE000
|
stack
|
page read and write
|
||
|
3FA1000
|
trusted library allocation
|
page read and write
|
||
|
4111000
|
trusted library allocation
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
37AF000
|
stack
|
page read and write
|
||
|
151E000
|
stack
|
page read and write
|
||
|
40EE000
|
trusted library allocation
|
page read and write
|
||
|
4084000
|
trusted library allocation
|
page read and write
|
||
|
4078000
|
trusted library allocation
|
page read and write
|
||
|
407F000
|
trusted library allocation
|
page read and write
|
||
|
3E15000
|
trusted library allocation
|
page read and write
|
||
|
538000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2AF6000
|
heap
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
5548000
|
trusted library allocation
|
page read and write
|
||
|
55D000
|
heap
|
page read and write
|
||
|
679E000
|
stack
|
page read and write
|
||
|
12F8000
|
stack
|
page read and write
|
||
|
7BF000
|
stack
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
EE3000
|
heap
|
page read and write
|
||
|
1DDA9550000
|
heap
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
3BA1000
|
trusted library allocation
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
4073000
|
trusted library allocation
|
page read and write
|
||
|
40E8000
|
trusted library allocation
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
4108000
|
trusted library allocation
|
page read and write
|
||
|
1DDA955F000
|
heap
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
993000
|
unkown
|
page readonly
|
||
|
4044000
|
trusted library allocation
|
page read and write
|
||
|
7E6CCFF000
|
stack
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
10E1000
|
remote allocation
|
page execute and read and write
|
||
|
4134000
|
trusted library allocation
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
375F000
|
stack
|
page read and write
|
||
|
4031000
|
trusted library allocation
|
page read and write
|
||
|
1620000
|
heap
|
page read and write
|
||
|
2E67000
|
heap
|
page read and write
|
||
|
5030000
|
heap
|
page read and write
|
||
|
3FA3000
|
trusted library allocation
|
page read and write
|
||
|
13DF000
|
heap
|
page read and write
|
||
|
4055000
|
trusted library allocation
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
3D4000
|
heap
|
page read and write
|
||
|
23A0000
|
heap
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
1DDA9592000
|
heap
|
page read and write
|
||
|
29EF000
|
stack
|
page read and write
|
||
|
3FA5000
|
trusted library allocation
|
page read and write
|
||
|
15FE000
|
stack
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
4148000
|
trusted library allocation
|
page read and write
|
||
|
79D000
|
unkown
|
page write copy
|
||
|
408000
|
unkown
|
page readonly
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
4136000
|
trusted library allocation
|
page read and write
|
||
|
3C40000
|
trusted library allocation
|
page read and write
|
||
|
3FAD000
|
trusted library allocation
|
page read and write
|
||
|
CEB000
|
stack
|
page read and write
|
||
|
408A000
|
trusted library allocation
|
page read and write
|
||
|
40FF000
|
trusted library allocation
|
page read and write
|
||
|
12DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
8D0000
|
unkown
|
page readonly
|
||
|
40F2000
|
trusted library allocation
|
page read and write
|
||
|
2430000
|
heap
|
page read and write
|
||
|
404E000
|
trusted library allocation
|
page read and write
|
||
|
1330000
|
trusted library allocation
|
page read and write
|
||
|
4043000
|
trusted library allocation
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
7E6C8FF000
|
stack
|
page read and write
|
||
|
4091000
|
trusted library allocation
|
page read and write
|
||
|
1DDA9584000
|
heap
|
page read and write
|
||
|
4068000
|
trusted library allocation
|
page read and write
|
||
|
304C000
|
heap
|
page read and write
|
||
|
3FA9000
|
trusted library allocation
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
404B000
|
trusted library allocation
|
page read and write
|
||
|
3C40000
|
trusted library allocation
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
404C000
|
trusted library allocation
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
55B000
|
heap
|
page read and write
|
||
|
7E6CEFF000
|
stack
|
page read and write
|
||
|
54B000
|
heap
|
page read and write
|
||
|
3FA2000
|
trusted library allocation
|
page read and write
|
||
|
418A000
|
trusted library allocation
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
4045000
|
trusted library allocation
|
page read and write
|
||
|
C74000
|
heap
|
page read and write
|
||
|
3D26000
|
trusted library allocation
|
page read and write
|
||
|
67E000
|
stack
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
1DDA959A000
|
heap
|
page read and write
|
||
|
5779000
|
trusted library allocation
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
57CE000
|
trusted library allocation
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
5000000
|
heap
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
4046000
|
trusted library allocation
|
page read and write
|
||
|
4053000
|
trusted library allocation
|
page read and write
|
||
|
41CF000
|
trusted library allocation
|
page read and write
|
||
|
4097000
|
trusted library allocation
|
page read and write
|
||
|
16DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
12D0000
|
trusted library allocation
|
page read and write
|
||
|
57A0000
|
heap
|
page read and write
|
||
|
1DDA9584000
|
heap
|
page read and write
|
||
|
5540000
|
trusted library allocation
|
page read and write
|
||
|
3D0F000
|
trusted library allocation
|
page read and write
|
||
|
C74000
|
heap
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
1DDA9593000
|
heap
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
410D000
|
trusted library allocation
|
page read and write
|
||
|
1DDA9582000
|
heap
|
page read and write
|
||
|
418F000
|
trusted library allocation
|
page read and write
|
||
|
404A000
|
trusted library allocation
|
page read and write
|
||
|
40DB000
|
trusted library allocation
|
page read and write
|
||
|
4045000
|
trusted library allocation
|
page read and write
|
||
|
4043000
|
trusted library allocation
|
page read and write
|
||
|
253E000
|
stack
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
54F000
|
heap
|
page read and write
|
||
|
4108000
|
trusted library allocation
|
page read and write
|
||
|
582E000
|
stack
|
page read and write
|
||
|
404A000
|
trusted library allocation
|
page read and write
|
||
|
3C41000
|
trusted library allocation
|
page read and write
|
||
|
3001000
|
trusted library allocation
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page read and write
|
||
|
1DDA9460000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
1DDA9530000
|
heap
|
page read and write
|
||
|
40CE000
|
trusted library allocation
|
page read and write
|
||
|
1DDA9591000
|
heap
|
page read and write
|
||
|
325E000
|
stack
|
page read and write
|
||
|
57D1000
|
trusted library allocation
|
page read and write
|
||
|
3D37000
|
trusted library allocation
|
page read and write
|
||
|
3D4000
|
heap
|
page read and write
|
||
|
1DDA9550000
|
heap
|
page read and write
|
||
|
1700000
|
heap
|
page read and write
|
||
|
3C41000
|
trusted library allocation
|
page read and write
|
||
|
2AF4000
|
heap
|
page read and write
|
||
|
1317000
|
trusted library allocation
|
page execute and read and write
|
||
|
577B000
|
trusted library allocation
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
40E7000
|
trusted library allocation
|
page read and write
|
||
|
1DDA955E000
|
heap
|
page read and write
|
||
|
3CBE000
|
trusted library allocation
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
57B6000
|
trusted library allocation
|
page read and write
|
||
|
3BA1000
|
trusted library allocation
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
57D0000
|
heap
|
page execute and read and write
|
||
|
2AF7000
|
heap
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
4063000
|
trusted library allocation
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
C74000
|
heap
|
page read and write
|
||
|
55D000
|
heap
|
page read and write
|
||
|
3FA3000
|
trusted library allocation
|
page read and write
|
||
|
408E000
|
trusted library allocation
|
page read and write
|
||
|
3FA1000
|
trusted library allocation
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
3FAE000
|
trusted library allocation
|
page read and write
|
||
|
40EF000
|
trusted library allocation
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
404C000
|
trusted library allocation
|
page read and write
|
||
|
DE8000
|
stack
|
page read and write
|
||
|
4043000
|
trusted library allocation
|
page read and write
|
||
|
303C000
|
heap
|
page read and write
|
||
|
32A8000
|
heap
|
page read and write
|
||
|
641C000
|
stack
|
page read and write
|
||
|
40E2000
|
trusted library allocation
|
page read and write
|
||
|
61E0000
|
heap
|
page read and write
|
||
|
31CA000
|
trusted library allocation
|
page read and write
|
||
|
3FA6000
|
trusted library allocation
|
page read and write
|
||
|
4046000
|
trusted library allocation
|
page read and write
|
||
|
404E000
|
trusted library allocation
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
1627000
|
heap
|
page read and write
|
||
|
1020000
|
remote allocation
|
page execute and read and write
|
||
|
C74000
|
heap
|
page read and write
|
||
|
40FE000
|
trusted library allocation
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
54E000
|
heap
|
page read and write
|
||
|
6B5000
|
heap
|
page read and write
|
||
|
1DDA9564000
|
heap
|
page read and write
|
||
|
3D0F000
|
trusted library allocation
|
page read and write
|
||
|
1DDA9440000
|
heap
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
2BBB000
|
heap
|
page read and write
|
||
|
4207000
|
trusted library allocation
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
31CE000
|
stack
|
page read and write
|
||
|
1DDA9780000
|
heap
|
page read and write
|
||
|
1DDA959A000
|
heap
|
page read and write
|
||
|
3FAB000
|
trusted library allocation
|
page read and write
|
||
|
1DDA959A000
|
heap
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
3FA4000
|
trusted library allocation
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
3D4000
|
heap
|
page read and write
|
||
|
6D0000
|
unkown
|
page readonly
|
||
|
1DDA9565000
|
heap
|
page read and write
|
||
|
3510000
|
heap
|
page read and write
|
||
|
669E000
|
stack
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
3FA1000
|
trusted library allocation
|
page read and write
|
||
|
4076000
|
trusted library allocation
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
5620000
|
trusted library allocation
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
C74000
|
heap
|
page read and write
|
||
|
404F000
|
trusted library allocation
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
1DDA9360000
|
heap
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
1640000
|
heap
|
page read and write
|
||
|
5B2E000
|
stack
|
page read and write
|
||
|
3FAB000
|
trusted library allocation
|
page read and write
|
||
|
55D000
|
heap
|
page read and write
|
||
|
538000
|
heap
|
page read and write
|
||
|
233E000
|
stack
|
page read and write
|
||
|
4126000
|
trusted library allocation
|
page read and write
|
||
|
33FE000
|
stack
|
page read and write
|
||
|
4047000
|
trusted library allocation
|
page read and write
|
||
|
4036000
|
trusted library allocation
|
page read and write
|
||
|
414C000
|
trusted library allocation
|
page read and write
|
||
|
3D4000
|
heap
|
page read and write
|
||
|
40D2000
|
trusted library allocation
|
page read and write
|
||
|
4053000
|
trusted library allocation
|
page read and write
|
||
|
99D000
|
unkown
|
page write copy
|
||
|
3421000
|
heap
|
page read and write
|
||
|
40FA000
|
trusted library allocation
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
2EDB000
|
trusted library allocation
|
page read and write
|
||
|
41B5000
|
trusted library allocation
|
page read and write
|
||
|
1414000
|
heap
|
page read and write
|
||
|
5574000
|
trusted library allocation
|
page read and write
|
||
|
4103000
|
trusted library allocation
|
page read and write
|
||
|
4042000
|
trusted library allocation
|
page read and write
|
||
|
5670000
|
heap
|
page read and write
|
||
|
1693000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D26000
|
trusted library allocation
|
page read and write
|
||
|
5630000
|
trusted library allocation
|
page read and write
|
||
|
3FA7000
|
trusted library allocation
|
page read and write
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
5A2E000
|
stack
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
13D4000
|
heap
|
page read and write
|
||
|
1235000
|
heap
|
page read and write
|
||
|
1DDA9593000
|
heap
|
page read and write
|
||
|
3FA3000
|
trusted library allocation
|
page read and write
|
||
|
4088000
|
trusted library allocation
|
page read and write
|
||
|
1DDA956F000
|
heap
|
page read and write
|
||
|
3C41000
|
trusted library allocation
|
page read and write
|
||
|
59AE000
|
stack
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
5504000
|
trusted library allocation
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
3FA6000
|
trusted library allocation
|
page read and write
|
||
|
3FA6000
|
trusted library allocation
|
page read and write
|
||
|
41BB000
|
trusted library allocation
|
page read and write
|
||
|
33B0000
|
heap
|
page read and write
|
||
|
4F4000
|
unkown
|
page readonly
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
308C000
|
stack
|
page read and write
|
||
|
404C000
|
trusted library allocation
|
page read and write
|
||
|
1DDA9582000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
406A000
|
trusted library allocation
|
page read and write
|
||
|
416B000
|
trusted library allocation
|
page read and write
|
||
|
4044000
|
trusted library allocation
|
page read and write
|
||
|
4097000
|
trusted library allocation
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
420B000
|
trusted library allocation
|
page read and write
|
||
|
3140000
|
heap
|
page read and write
|
||
|
3FAF000
|
trusted library allocation
|
page read and write
|
||
|
423E000
|
trusted library allocation
|
page read and write
|
||
|
351C000
|
heap
|
page read and write
|
||
|
5B6E000
|
stack
|
page read and write
|
||
|
4074000
|
trusted library allocation
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
4041000
|
trusted library allocation
|
page read and write
|
||
|
2AF4000
|
heap
|
page read and write
|
||
|
8D1000
|
unkown
|
page execute read
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
3FA3000
|
trusted library allocation
|
page read and write
|
||
|
8C5000
|
heap
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
4188000
|
trusted library allocation
|
page read and write
|
||
|
3C41000
|
trusted library allocation
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
14DF000
|
stack
|
page read and write
|
||
|
3FA7000
|
trusted library allocation
|
page read and write
|
||
|
3C41000
|
trusted library allocation
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
33C7000
|
heap
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
36A0000
|
heap
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
3FA0000
|
trusted library allocation
|
page read and write
|
||
|
416D000
|
trusted library allocation
|
page read and write
|
||
|
B5F000
|
stack
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
4072000
|
trusted library allocation
|
page read and write
|
||
|
16A0000
|
heap
|
page read and write
|
||
|
3D9C000
|
trusted library allocation
|
page read and write
|
||
|
2FFD000
|
stack
|
page read and write
|
||
|
4045000
|
trusted library allocation
|
page read and write
|
||
|
4049000
|
trusted library allocation
|
page read and write
|
||
|
1DDA959A000
|
heap
|
page read and write
|
||
|
3DF7000
|
trusted library allocation
|
page read and write
|
||
|
1DDA9565000
|
heap
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
337E000
|
unkown
|
page read and write
|
||
|
3FA3000
|
trusted library allocation
|
page read and write
|
||
|
460F000
|
stack
|
page read and write
|
||
|
412E000
|
trusted library allocation
|
page read and write
|
||
|
3C41000
|
trusted library allocation
|
page read and write
|
||
|
3FAD000
|
trusted library allocation
|
page read and write
|
||
|
23D0000
|
heap
|
page read and write
|
||
|
57D8000
|
trusted library allocation
|
page read and write
|
||
|
40F7000
|
trusted library allocation
|
page read and write
|
||
|
41FC000
|
trusted library allocation
|
page read and write
|
||
|
2AF4000
|
heap
|
page read and write
|
||
|
2EF0000
|
heap
|
page execute and read and write
|
||
|
423A000
|
trusted library allocation
|
page read and write
|
||
|
3BA1000
|
trusted library allocation
|
page read and write
|
||
|
405F000
|
trusted library allocation
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
2AF3000
|
heap
|
page read and write
|
||
|
406B000
|
trusted library allocation
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
F24000
|
heap
|
page read and write
|
||
|
405A000
|
trusted library allocation
|
page read and write
|
||
|
4056000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
trusted library allocation
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
40A1000
|
trusted library allocation
|
page read and write
|
||
|
2AFE000
|
heap
|
page read and write
|
||
|
3FAA000
|
trusted library allocation
|
page read and write
|
||
|
3C40000
|
trusted library allocation
|
page read and write
|
||
|
34BF000
|
unkown
|
page read and write
|
||
|
304C000
|
heap
|
page read and write
|
||
|
45CE000
|
stack
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
1694000
|
trusted library allocation
|
page read and write
|
||
|
5511000
|
trusted library allocation
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
54E0000
|
trusted library allocation
|
page read and write
|
||
|
409E000
|
trusted library allocation
|
page read and write
|
||
|
53C000
|
heap
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
3421000
|
heap
|
page read and write
|
||
|
1390000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C40000
|
trusted library allocation
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
3FAE000
|
trusted library allocation
|
page read and write
|
||
|
461000
|
unkown
|
page read and write
|
||
|
1DDA9596000
|
heap
|
page read and write
|
||
|
4133000
|
trusted library allocation
|
page read and write
|
||
|
155E000
|
stack
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
4FDF000
|
stack
|
page read and write
|
||
|
3FA1000
|
trusted library allocation
|
page read and write
|
||
|
2AFC000
|
heap
|
page read and write
|
||
|
C74000
|
heap
|
page read and write
|
||
|
518000
|
heap
|
page read and write
|
||
|
5516000
|
trusted library allocation
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
696000
|
heap
|
page read and write
|
||
|
32A0000
|
heap
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
40A4000
|
trusted library allocation
|
page read and write
|
||
|
40FF000
|
trusted library allocation
|
page read and write
|
||
|
2F51000
|
heap
|
page read and write
|
||
|
2FCF000
|
stack
|
page read and write
|
||
|
366A000
|
heap
|
page read and write
|
||
|
1310000
|
trusted library allocation
|
page read and write
|
||
|
3260000
|
heap
|
page read and write
|
||
|
4107000
|
trusted library allocation
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
40D8000
|
trusted library allocation
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
57BC000
|
trusted library allocation
|
page read and write
|
||
|
4116000
|
trusted library allocation
|
page read and write
|
||
|
8D2000
|
heap
|
page read and write
|
||
|
4660000
|
heap
|
page read and write
|
There are 992 hidden memdumps, click here to show them.