Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Request for Quotation MK FMHS.RFQ.24.11.21.bat.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Request for Quotation MK FMHS.RFQ.24.11.21.bat.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp8B51.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\NuDUTBObHpKADz.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\NuDUTBObHpKADz.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\NuDUTBObHpKADz.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0b2vosgo.bzw.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5oe0ovcw.jm2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bnvrsnpm.5ur.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_comoq3s5.21l.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_o2n0pgpb.g35.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_toifkqrq.u0w.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uuxqlhhe.pme.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_w5cygng0.es0.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpA2A1.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Windows\INF\WmiApRpl\WmiApRpl.h
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\INF\WmiApRpl\WmiApRpl.ini
|
Unicode text, UTF-16, little-endian text, with very long lines (405), with CRLF line terminators
|
dropped
|
||
|
C:\Windows\System32\PerfStringBackup.INI
|
data
|
dropped
|
||
|
C:\Windows\System32\PerfStringBackup.TMP
|
data
|
dropped
|
||
|
C:\Windows\System32\perfc009.dat
|
data
|
dropped
|
||
|
C:\Windows\System32\perfh009.dat
|
data
|
dropped
|
||
|
C:\Windows\System32\wbem\Performance\WmiApRpl_new.h
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\System32\wbem\Performance\WmiApRpl_new.ini
|
Unicode text, UTF-16, little-endian text, with very long lines (405), with CRLF line terminators
|
dropped
|
||
|
C:\Windows\system32\wbem\Performance\WmiApRpl.h (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\system32\wbem\Performance\WmiApRpl.ini (copy)
|
Unicode text, UTF-16, little-endian text, with very long lines (405), with CRLF line terminators
|
dropped
|
There are 16 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Request for Quotation MK FMHS.RFQ.24.11.21.bat.exe
|
"C:\Users\user\Desktop\Request for Quotation MK FMHS.RFQ.24.11.21.bat.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\Request
for Quotation MK FMHS.RFQ.24.11.21.bat.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\NuDUTBObHpKADz.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\NuDUTBObHpKADz" /XML "C:\Users\user\AppData\Local\Temp\tmp8B51.tmp"
|
|
|
|
C:\Users\user\Desktop\Request for Quotation MK FMHS.RFQ.24.11.21.bat.exe
|
"C:\Users\user\Desktop\Request for Quotation MK FMHS.RFQ.24.11.21.bat.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\NuDUTBObHpKADz.exe
|
C:\Users\user\AppData\Roaming\NuDUTBObHpKADz.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\NuDUTBObHpKADz" /XML "C:\Users\user\AppData\Local\Temp\tmpA2A1.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\NuDUTBObHpKADz.exe
|
"C:\Users\user\AppData\Roaming\NuDUTBObHpKADz.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WMIADAP.exe
|
wmiadap.exe /F /T /R
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.office.com/
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://api.telegram.org
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://api.telegram.org/bot
|
unknown
|
||
|
http://checkip.dyndns.org/C5
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:971342%0D%0ADate%20a
|
unknown
|
||
|
http://tempuri.org/ianiDataSet2.xsdM
|
unknown
|
||
|
https://www.office.com/lB
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=en
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.75
|
188.114.97.3
|
||
|
http://varders.kozow.com:8081
|
unknown
|
||
|
http://tempuri.org/ianiDataSet.xsd
|
unknown
|
||
|
http://aborters.duckdns.org:8081
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
http://tempuri.org/ianiDataSet1.xsd
|
unknown
|
||
|
http://checkip.dyndns.org/
|
193.122.6.168
|
||
|
https://www.office.com/0
|
unknown
|
||
|
http://anotherarmy.dns.army:8081
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.75$
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=enlB
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:971342%0D%0ADate%20and%20Time:%2022/11/2024%20/%2014:24:56%0D%0ACountry%20Name:%20United%20States%0D%0A%5B%20971342%20Clicked%20on%20the%20File%20If%20you%20see%20nothing%20this's%20mean%20the%20system%20storage's%20empty.%20%5D
|
149.154.167.220
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:971342%0D%0ADate%20and%20Time:%2022/11/2024%20/%2011:49:50%0D%0ACountry%20Name:%20United%20States%0D%0A%5B%20971342%20Clicked%20on%20the%20File%20If%20you%20see%20nothing%20this's%20mean%20the%20system%20storage's%20empty.%20%5D
|
149.154.167.220
|
||
|
http://51.38.247.67:8081/_send_.php?LCapplication/x-www-form-urlencoded
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 26 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
s-part-0017.t-0009.t-msedge.net
|
13.107.246.45
|
||
|
reallyfreegeoip.org
|
188.114.97.3
|
||
|
api.telegram.org
|
149.154.167.220
|
||
|
checkip.dyndns.com
|
193.122.6.168
|
||
|
checkip.dyndns.org
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
||
|
188.114.97.3
|
reallyfreegeoip.org
|
European Union
|
||
|
193.122.6.168
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Request for Quotation MK FMHS_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Request for Quotation MK FMHS_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Request for Quotation MK FMHS_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Request for Quotation MK FMHS_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Request for Quotation MK FMHS_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Request for Quotation MK FMHS_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Request for Quotation MK FMHS_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Request for Quotation MK FMHS_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Request for Quotation MK FMHS_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Request for Quotation MK FMHS_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Request for Quotation MK FMHS_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Request for Quotation MK FMHS_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Request for Quotation MK FMHS_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Request for Quotation MK FMHS_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\NuDUTBObHpKADz_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\NuDUTBObHpKADz_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\NuDUTBObHpKADz_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\NuDUTBObHpKADz_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\NuDUTBObHpKADz_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\NuDUTBObHpKADz_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\NuDUTBObHpKADz_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\NuDUTBObHpKADz_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\NuDUTBObHpKADz_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\NuDUTBObHpKADz_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\NuDUTBObHpKADz_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\NuDUTBObHpKADz_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\NuDUTBObHpKADz_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\NuDUTBObHpKADz_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib
|
Updating
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib
|
Updating
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WmiApRpl\Performance
|
Last Counter
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WmiApRpl\Performance
|
Last Help
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WmiApRpl\Performance
|
First Counter
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WmiApRpl\Performance
|
First Help
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WmiApRpl\Performance
|
Object List
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\system32\kernelbase.dll[MofResourceName]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\system32\en-US\kernelbase.dll.mui[MofResourceName]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\System32\drivers\ACPI.sys[ACPIMOFResource]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\System32\drivers\en-US\ACPI.sys.mui[ACPIMOFResource]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\System32\drivers\lsi_sas.sys[MofResource]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\System32\drivers\processr.sys[PROCESSORWMI]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\System32\drivers\en-US\processr.sys.mui[PROCESSORWMI]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\System32\drivers\mssmbios.sys[MofResource]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\System32\drivers\en-US\mssmbios.sys.mui[MofResource]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\system32\drivers\ndis.sys[MofResourceName]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\system32\drivers\en-US\ndis.sys.mui[MofResourceName]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\System32\drivers\HDAudBus.sys[HDAudioMofName]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\WDM\DREDGE
|
C:\Windows\System32\Drivers\portcls.SYS[PortclsMof]
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib
|
Last Counter
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib
|
Last Help
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib
|
Last Counter
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib
|
Last Help
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\PROVIDERS\Performance
|
Performance Data
|
There are 44 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
30D1000
|
trusted library allocation
|
page read and write
|
|
|
|
40B9000
|
trusted library allocation
|
page read and write
|
|
|
|
2821000
|
trusted library allocation
|
page read and write
|
|
|
|
432000
|
remote allocation
|
page execute and read and write
|
|
|
|
685E000
|
stack
|
page read and write
|
||
|
38B0000
|
trusted library allocation
|
page read and write
|
||
|
4329000
|
trusted library allocation
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
4423000
|
trusted library allocation
|
page read and write
|
||
|
4828000
|
trusted library allocation
|
page read and write
|
||
|
4416000
|
trusted library allocation
|
page read and write
|
||
|
12E0000
|
trusted library allocation
|
page read and write
|
||
|
14B0000
|
trusted library allocation
|
page read and write
|
||
|
65A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B4E000
|
stack
|
page read and write
|
||
|
2D70000
|
trusted library allocation
|
page read and write
|
||
|
3247000
|
trusted library allocation
|
page read and write
|
||
|
3B0F000
|
trusted library allocation
|
page read and write
|
||
|
15EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B8D000
|
trusted library allocation
|
page read and write
|
||
|
6960000
|
heap
|
page read and write
|
||
|
29D9000
|
trusted library allocation
|
page read and write
|
||
|
5380000
|
trusted library section
|
page readonly
|
||
|
9DE000
|
stack
|
page read and write
|
||
|
4D40000
|
trusted library allocation
|
page read and write
|
||
|
E1F000
|
stack
|
page read and write
|
||
|
4382000
|
trusted library allocation
|
page read and write
|
||
|
A0FD000
|
stack
|
page read and write
|
||
|
7194000
|
heap
|
page read and write
|
||
|
5C60000
|
trusted library allocation
|
page read and write
|
||
|
40F9000
|
trusted library allocation
|
page read and write
|
||
|
3146000
|
trusted library allocation
|
page read and write
|
||
|
4D61000
|
trusted library allocation
|
page read and write
|
||
|
B0EE000
|
stack
|
page read and write
|
||
|
581D000
|
stack
|
page read and write
|
||
|
383B000
|
trusted library allocation
|
page read and write
|
||
|
389C000
|
trusted library allocation
|
page read and write
|
||
|
5322000
|
trusted library allocation
|
page read and write
|
||
|
1370000
|
trusted library allocation
|
page read and write
|
||
|
ABEE000
|
stack
|
page read and write
|
||
|
3B37000
|
trusted library allocation
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
B4A000
|
stack
|
page read and write
|
||
|
13A0000
|
trusted library allocation
|
page read and write
|
||
|
5760000
|
heap
|
page read and write
|
||
|
7130000
|
heap
|
page read and write
|
||
|
69DF000
|
heap
|
page read and write
|
||
|
55F0000
|
trusted library allocation
|
page read and write
|
||
|
11E9000
|
heap
|
page read and write
|
||
|
3378000
|
trusted library allocation
|
page read and write
|
||
|
317F000
|
trusted library allocation
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
2D91000
|
trusted library allocation
|
page read and write
|
||
|
51AC000
|
stack
|
page read and write
|
||
|
3834000
|
trusted library allocation
|
page read and write
|
||
|
5616000
|
trusted library allocation
|
page read and write
|
||
|
131F000
|
stack
|
page read and write
|
||
|
12F4000
|
trusted library allocation
|
page read and write
|
||
|
7C8D000
|
stack
|
page read and write
|
||
|
2B26000
|
trusted library allocation
|
page read and write
|
||
|
772E000
|
stack
|
page read and write
|
||
|
6CDE000
|
stack
|
page read and write
|
||
|
BD0000
|
unkown
|
page readonly
|
||
|
470000
|
heap
|
page read and write
|
||
|
A480000
|
heap
|
page read and write
|
||
|
392E000
|
trusted library allocation
|
page read and write
|
||
|
5900000
|
heap
|
page execute and read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
2A02000
|
trusted library allocation
|
page read and write
|
||
|
3F89000
|
trusted library allocation
|
page read and write
|
||
|
560E000
|
trusted library allocation
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
A47E000
|
stack
|
page read and write
|
||
|
318B000
|
trusted library allocation
|
page read and write
|
||
|
405E000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
57BB000
|
stack
|
page read and write
|
||
|
A9D1000
|
trusted library allocation
|
page read and write
|
||
|
6F00000
|
trusted library allocation
|
page read and write
|
||
|
5540000
|
trusted library allocation
|
page read and write
|
||
|
2AA3000
|
trusted library allocation
|
page read and write
|
||
|
339E000
|
unkown
|
page read and write
|
||
|
6ADE000
|
stack
|
page read and write
|
||
|
A73C000
|
stack
|
page read and write
|
||
|
29D3000
|
trusted library allocation
|
page read and write
|
||
|
1128000
|
heap
|
page read and write
|
||
|
E84000
|
trusted library allocation
|
page read and write
|
||
|
29D1000
|
trusted library allocation
|
page read and write
|
||
|
3841000
|
trusted library allocation
|
page read and write
|
||
|
DF7000
|
heap
|
page read and write
|
||
|
419C000
|
trusted library allocation
|
page read and write
|
||
|
40E4000
|
trusted library allocation
|
page read and write
|
||
|
27F0000
|
trusted library allocation
|
page read and write
|
||
|
2927000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
trusted library allocation
|
page read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
3345000
|
trusted library allocation
|
page read and write
|
||
|
3B1E000
|
trusted library allocation
|
page read and write
|
||
|
2A9F000
|
trusted library allocation
|
page read and write
|
||
|
5FF000
|
unkown
|
page read and write
|
||
|
44EC000
|
trusted library allocation
|
page read and write
|
||
|
7832000
|
trusted library allocation
|
page read and write
|
||
|
EF7000
|
stack
|
page read and write
|
||
|
73CE000
|
stack
|
page read and write
|
||
|
15F0000
|
trusted library allocation
|
page read and write
|
||
|
61CE000
|
stack
|
page read and write
|
||
|
6548000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
6540000
|
trusted library allocation
|
page read and write
|
||
|
3050000
|
trusted library allocation
|
page read and write
|
||
|
FD7000
|
stack
|
page read and write
|
||
|
33DF000
|
unkown
|
page read and write
|
||
|
D1D000
|
heap
|
page read and write
|
||
|
4438000
|
trusted library allocation
|
page read and write
|
||
|
41AF000
|
trusted library allocation
|
page read and write
|
||
|
323C000
|
trusted library allocation
|
page read and write
|
||
|
4D72000
|
trusted library allocation
|
page read and write
|
||
|
7160000
|
heap
|
page read and write
|
||
|
524F000
|
stack
|
page read and write
|
||
|
2888000
|
trusted library allocation
|
page read and write
|
||
|
1317000
|
heap
|
page read and write
|
||
|
326E000
|
trusted library allocation
|
page read and write
|
||
|
28D9000
|
trusted library allocation
|
page read and write
|
||
|
57F0000
|
trusted library section
|
page read and write
|
||
|
FAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
388C000
|
trusted library allocation
|
page read and write
|
||
|
3183000
|
trusted library allocation
|
page read and write
|
||
|
4D4E000
|
trusted library allocation
|
page read and write
|
||
|
30CE000
|
stack
|
page read and write
|
||
|
77CE000
|
stack
|
page read and write
|
||
|
5510000
|
heap
|
page execute and read and write
|
||
|
29DE000
|
trusted library allocation
|
page read and write
|
||
|
33C3000
|
trusted library allocation
|
page read and write
|
||
|
28BD000
|
trusted library allocation
|
page read and write
|
||
|
3420000
|
heap
|
page read and write
|
||
|
2A95000
|
trusted library allocation
|
page read and write
|
||
|
7150000
|
heap
|
page read and write
|
||
|
5580000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
3137000
|
trusted library allocation
|
page read and write
|
||
|
FA3000
|
trusted library allocation
|
page read and write
|
||
|
6F40000
|
heap
|
page read and write
|
||
|
2A98000
|
trusted library allocation
|
page read and write
|
||
|
5C5A000
|
trusted library allocation
|
page read and write
|
||
|
3BAF000
|
trusted library allocation
|
page read and write
|
||
|
C5A000
|
heap
|
page read and write
|
||
|
4E1D000
|
stack
|
page read and write
|
||
|
15FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A0F000
|
trusted library allocation
|
page read and write
|
||
|
36F0000
|
heap
|
page read and write
|
||
|
39ED000
|
trusted library allocation
|
page read and write
|
||
|
28C1000
|
trusted library allocation
|
page read and write
|
||
|
4D5E000
|
trusted library allocation
|
page read and write
|
||
|
13A5000
|
trusted library allocation
|
page read and write
|
||
|
30B1000
|
trusted library allocation
|
page read and write
|
||
|
14C2000
|
trusted library allocation
|
page read and write
|
||
|
AFEE000
|
stack
|
page read and write
|
||
|
4E60000
|
heap
|
page read and write
|
||
|
1654000
|
trusted library allocation
|
page read and write
|
||
|
53D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
69A3000
|
heap
|
page read and write
|
||
|
26A0000
|
heap
|
page read and write
|
||
|
3B21000
|
trusted library allocation
|
page read and write
|
||
|
6EF0000
|
trusted library allocation
|
page read and write
|
||
|
3177000
|
trusted library allocation
|
page read and write
|
||
|
67F000
|
stack
|
page read and write
|
||
|
55BC000
|
stack
|
page read and write
|
||
|
641E000
|
stack
|
page read and write
|
||
|
6F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
2662000
|
trusted library allocation
|
page read and write
|
||
|
3899000
|
trusted library allocation
|
page read and write
|
||
|
12B2000
|
heap
|
page read and write
|
||
|
11BA000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
43FE000
|
trusted library allocation
|
page read and write
|
||
|
10A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
146E000
|
stack
|
page read and write
|
||
|
F80000
|
trusted library allocation
|
page read and write
|
||
|
2F70000
|
heap
|
page execute and read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
3029000
|
trusted library allocation
|
page read and write
|
||
|
2F60000
|
trusted library allocation
|
page read and write
|
||
|
5530000
|
heap
|
page read and write
|
||
|
3A43000
|
trusted library allocation
|
page read and write
|
||
|
58FA000
|
trusted library allocation
|
page read and write
|
||
|
73A0000
|
trusted library allocation
|
page read and write
|
||
|
422F000
|
trusted library allocation
|
page read and write
|
||
|
14B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
15F7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2903000
|
trusted library allocation
|
page read and write
|
||
|
2D7B000
|
trusted library allocation
|
page read and write
|
||
|
41F9000
|
trusted library allocation
|
page read and write
|
||
|
3142000
|
trusted library allocation
|
page read and write
|
||
|
5775000
|
heap
|
page read and write
|
||
|
608E000
|
stack
|
page read and write
|
||
|
1290000
|
heap
|
page read and write
|
||
|
3270000
|
trusted library allocation
|
page read and write
|
||
|
33DF000
|
trusted library allocation
|
page read and write
|
||
|
E80000
|
trusted library allocation
|
page read and write
|
||
|
A77D000
|
stack
|
page read and write
|
||
|
1240000
|
trusted library allocation
|
page read and write
|
||
|
437D000
|
trusted library allocation
|
page read and write
|
||
|
2FFB000
|
stack
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
15F5000
|
trusted library allocation
|
page execute and read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
1386000
|
trusted library allocation
|
page read and write
|
||
|
A62F000
|
stack
|
page read and write
|
||
|
71A8000
|
heap
|
page read and write
|
||
|
1380000
|
trusted library allocation
|
page read and write
|
||
|
5F9A000
|
heap
|
page read and write
|
||
|
65B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C2F000
|
trusted library allocation
|
page read and write
|
||
|
5310000
|
heap
|
page read and write
|
||
|
E8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A0A000
|
trusted library allocation
|
page read and write
|
||
|
651F000
|
stack
|
page read and write
|
||
|
3060000
|
trusted library allocation
|
page read and write
|
||
|
E70000
|
trusted library allocation
|
page read and write
|
||
|
2B2C000
|
trusted library allocation
|
page read and write
|
||
|
7400000
|
trusted library allocation
|
page read and write
|
||
|
125D000
|
trusted library allocation
|
page execute and read and write
|
||
|
313A000
|
trusted library allocation
|
page read and write
|
||
|
A96F000
|
stack
|
page read and write
|
||
|
5F50000
|
heap
|
page read and write
|
||
|
1263000
|
trusted library allocation
|
page read and write
|
||
|
1253000
|
trusted library allocation
|
page execute and read and write
|
||
|
1260000
|
trusted library allocation
|
page read and write
|
||
|
B3F000
|
stack
|
page read and write
|
||
|
3A15000
|
trusted library allocation
|
page read and write
|
||
|
7C4E000
|
stack
|
page read and write
|
||
|
324C000
|
trusted library allocation
|
page read and write
|
||
|
338B000
|
trusted library allocation
|
page read and write
|
||
|
428E000
|
trusted library allocation
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
C99000
|
heap
|
page read and write
|
||
|
69B0000
|
heap
|
page read and write
|
||
|
2E7E000
|
stack
|
page read and write
|
||
|
11BC000
|
heap
|
page read and write
|
||
|
33D1000
|
trusted library allocation
|
page read and write
|
||
|
ACEE000
|
stack
|
page read and write
|
||
|
13B7000
|
heap
|
page read and write
|
||
|
A9BE000
|
stack
|
page read and write
|
||
|
420E000
|
trusted library allocation
|
page read and write
|
||
|
28C5000
|
trusted library allocation
|
page read and write
|
||
|
ACF0000
|
heap
|
page read and write
|
||
|
6C1E000
|
stack
|
page read and write
|
||
|
314A000
|
trusted library allocation
|
page read and write
|
||
|
1092000
|
trusted library allocation
|
page read and write
|
||
|
6550000
|
trusted library allocation
|
page execute and read and write
|
||
|
397A000
|
trusted library allocation
|
page read and write
|
||
|
5611000
|
trusted library allocation
|
page read and write
|
||
|
33E3000
|
trusted library allocation
|
page read and write
|
||
|
5800000
|
heap
|
page read and write
|
||
|
4219000
|
trusted library allocation
|
page read and write
|
||
|
2F8E000
|
stack
|
page read and write
|
||
|
6985000
|
heap
|
page read and write
|
||
|
14CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E30000
|
trusted library allocation
|
page execute and read and write
|
||
|
442000
|
remote allocation
|
page execute and read and write
|
||
|
6E40000
|
trusted library allocation
|
page execute and read and write
|
||
|
28DD000
|
trusted library allocation
|
page read and write
|
||
|
2D6E000
|
stack
|
page read and write
|
||
|
3281000
|
trusted library allocation
|
page read and write
|
||
|
6E50000
|
trusted library allocation
|
page execute and read and write
|
||
|
73C0000
|
trusted library allocation
|
page read and write
|
||
|
1650000
|
trusted library allocation
|
page read and write
|
||
|
654D000
|
trusted library allocation
|
page read and write
|
||
|
127E000
|
heap
|
page read and write
|
||
|
ABAE000
|
stack
|
page read and write
|
||
|
2B0C000
|
trusted library allocation
|
page read and write
|
||
|
A72D000
|
stack
|
page read and write
|
||
|
126D000
|
trusted library allocation
|
page execute and read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
3330000
|
heap
|
page read and write
|
||
|
42A4000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
1CD000
|
stack
|
page read and write
|
||
|
30A0000
|
heap
|
page execute and read and write
|
||
|
6EB0000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
heap
|
page read and write
|
||
|
110E000
|
stack
|
page read and write
|
||
|
2890000
|
trusted library allocation
|
page read and write
|
||
|
2690000
|
trusted library allocation
|
page execute and read and write
|
||
|
2804000
|
trusted library allocation
|
page read and write
|
||
|
6560000
|
trusted library allocation
|
page read and write
|
||
|
287A000
|
trusted library allocation
|
page read and write
|
||
|
6670000
|
trusted library allocation
|
page read and write
|
||
|
695E000
|
stack
|
page read and write
|
||
|
41BD000
|
trusted library allocation
|
page read and write
|
||
|
312C000
|
trusted library allocation
|
page read and write
|
||
|
5550000
|
trusted library allocation
|
page execute and read and write
|
||
|
44AD000
|
trusted library allocation
|
page read and write
|
||
|
2FAD000
|
stack
|
page read and write
|
||
|
69EC000
|
heap
|
page read and write
|
||
|
1820000
|
heap
|
page read and write
|
||
|
4357000
|
trusted library allocation
|
page read and write
|
||
|
66A0000
|
trusted library allocation
|
page read and write
|
||
|
11C7000
|
heap
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
12A5000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
327D000
|
trusted library allocation
|
page read and write
|
||
|
9FBF000
|
stack
|
page read and write
|
||
|
12F0000
|
trusted library allocation
|
page read and write
|
||
|
71A3000
|
heap
|
page read and write
|
||
|
301E000
|
trusted library allocation
|
page read and write
|
||
|
7050000
|
heap
|
page read and write
|
||
|
CEF000
|
heap
|
page read and write
|
||
|
739E000
|
stack
|
page read and write
|
||
|
2806000
|
trusted library allocation
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
5750000
|
trusted library allocation
|
page read and write
|
||
|
66F0000
|
heap
|
page read and write
|
||
|
53E3000
|
heap
|
page read and write
|
||
|
6C5E000
|
stack
|
page read and write
|
||
|
28D1000
|
trusted library allocation
|
page read and write
|
||
|
40D1000
|
trusted library allocation
|
page read and write
|
||
|
2D8E000
|
trusted library allocation
|
page read and write
|
||
|
2925000
|
trusted library allocation
|
page read and write
|
||
|
3358000
|
trusted library allocation
|
page read and write
|
||
|
6690000
|
trusted library allocation
|
page execute and read and write
|
||
|
EA2000
|
trusted library allocation
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
2A70000
|
trusted library allocation
|
page read and write
|
||
|
F9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
9EBE000
|
stack
|
page read and write
|
||
|
5FCF000
|
heap
|
page read and write
|
||
|
F7E000
|
stack
|
page read and write
|
||
|
3000000
|
trusted library allocation
|
page read and write
|
||
|
BD2000
|
unkown
|
page readonly
|
||
|
2894000
|
trusted library allocation
|
page read and write
|
||
|
73B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
4497000
|
trusted library allocation
|
page read and write
|
||
|
3885000
|
trusted library allocation
|
page read and write
|
||
|
3324000
|
trusted library allocation
|
page read and write
|
||
|
3380000
|
trusted library allocation
|
page read and write
|
||
|
599D000
|
stack
|
page read and write
|
||
|
A97D000
|
heap
|
page read and write
|
||
|
4DA0000
|
heap
|
page execute and read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
4389000
|
trusted library allocation
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
745E000
|
stack
|
page read and write
|
||
|
FA0000
|
trusted library allocation
|
page read and write
|
||
|
A37D000
|
stack
|
page read and write
|
||
|
2F5C000
|
stack
|
page read and write
|
||
|
2F81000
|
trusted library allocation
|
page read and write
|
||
|
3892000
|
trusted library allocation
|
page read and write
|
||
|
A9C0000
|
trusted library allocation
|
page read and write
|
||
|
351A000
|
trusted library allocation
|
page read and write
|
||
|
B7E000
|
stack
|
page read and write
|
||
|
4301000
|
trusted library allocation
|
page read and write
|
||
|
4138000
|
trusted library allocation
|
page read and write
|
||
|
6534000
|
trusted library allocation
|
page read and write
|
||
|
55FE000
|
trusted library allocation
|
page read and write
|
||
|
A42E000
|
stack
|
page read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
14CE000
|
stack
|
page read and write
|
||
|
123E000
|
stack
|
page read and write
|
||
|
5542000
|
trusted library allocation
|
page read and write
|
||
|
14C0000
|
trusted library allocation
|
page read and write
|
||
|
4E63000
|
heap
|
page read and write
|
||
|
2FE9000
|
stack
|
page read and write
|
||
|
3A5F000
|
trusted library allocation
|
page read and write
|
||
|
266B000
|
trusted library allocation
|
page execute and read and write
|
||
|
14AE000
|
stack
|
page read and write
|
||
|
28C9000
|
trusted library allocation
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
5360000
|
trusted library allocation
|
page read and write
|
||
|
3B81000
|
trusted library allocation
|
page read and write
|
||
|
3353000
|
trusted library allocation
|
page read and write
|
||
|
5340000
|
trusted library allocation
|
page read and write
|
||
|
307B000
|
trusted library allocation
|
page read and write
|
||
|
66E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5560000
|
trusted library allocation
|
page read and write
|
||
|
55A0000
|
heap
|
page read and write
|
||
|
560A000
|
trusted library allocation
|
page read and write
|
||
|
653A000
|
trusted library allocation
|
page read and write
|
||
|
3A02000
|
trusted library allocation
|
page read and write
|
||
|
A87F000
|
stack
|
page read and write
|
||
|
76EE000
|
stack
|
page read and write
|
||
|
3F81000
|
trusted library allocation
|
page read and write
|
||
|
4D4B000
|
trusted library allocation
|
page read and write
|
||
|
4414000
|
trusted library allocation
|
page read and write
|
||
|
A23D000
|
stack
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
1660000
|
heap
|
page read and write
|
||
|
2810000
|
heap
|
page execute and read and write
|
||
|
AEAC000
|
stack
|
page read and write
|
||
|
F3E000
|
stack
|
page read and write
|
||
|
3B9A000
|
trusted library allocation
|
page read and write
|
||
|
3120000
|
trusted library allocation
|
page read and write
|
||
|
5950000
|
trusted library allocation
|
page execute and read and write
|
||
|
49FE000
|
stack
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
937000
|
stack
|
page read and write
|
||
|
51AC000
|
stack
|
page read and write
|
||
|
2680000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
3C45000
|
trusted library allocation
|
page read and write
|
||
|
4D46000
|
trusted library allocation
|
page read and write
|
||
|
1630000
|
heap
|
page execute and read and write
|
||
|
15E6000
|
trusted library allocation
|
page execute and read and write
|
||
|
3040000
|
trusted library allocation
|
page read and write
|
||
|
152E000
|
stack
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
1530000
|
trusted library allocation
|
page execute and read and write
|
||
|
599E000
|
stack
|
page read and write
|
||
|
5770000
|
heap
|
page read and write
|
||
|
33D9000
|
trusted library allocation
|
page read and write
|
||
|
3905000
|
trusted library allocation
|
page read and write
|
||
|
3385000
|
trusted library allocation
|
page read and write
|
||
|
2660000
|
trusted library allocation
|
page read and write
|
||
|
A33E000
|
stack
|
page read and write
|
||
|
299B000
|
trusted library allocation
|
page read and write
|
||
|
50D0000
|
trusted library allocation
|
page read and write
|
||
|
3272000
|
trusted library allocation
|
page read and write
|
||
|
10A0000
|
trusted library allocation
|
page read and write
|
||
|
38A2000
|
trusted library allocation
|
page read and write
|
||
|
2D9D000
|
trusted library allocation
|
page read and write
|
||
|
2A2D000
|
trusted library allocation
|
page read and write
|
||
|
44C0000
|
trusted library allocation
|
page read and write
|
||
|
2A04000
|
trusted library allocation
|
page read and write
|
||
|
41DD000
|
trusted library allocation
|
page read and write
|
||
|
38A5000
|
trusted library allocation
|
page read and write
|
||
|
662B000
|
trusted library allocation
|
page read and write
|
||
|
3BC6000
|
trusted library allocation
|
page read and write
|
||
|
2665000
|
trusted library allocation
|
page execute and read and write
|
||
|
66B0000
|
trusted library allocation
|
page read and write
|
||
|
58F2000
|
trusted library allocation
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
56B0000
|
heap
|
page read and write
|
||
|
382F000
|
trusted library allocation
|
page read and write
|
||
|
59D0000
|
heap
|
page read and write
|
||
|
10F7000
|
stack
|
page read and write
|
||
|
A86D000
|
stack
|
page read and write
|
||
|
3021000
|
trusted library allocation
|
page read and write
|
||
|
341E000
|
stack
|
page read and write
|
||
|
403000
|
remote allocation
|
page execute and read and write
|
||
|
83A000
|
stack
|
page read and write
|
||
|
E9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
27EE000
|
stack
|
page read and write
|
||
|
33DD000
|
trusted library allocation
|
page read and write
|
||
|
EAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
F90000
|
trusted library allocation
|
page read and write
|
||
|
9E7E000
|
stack
|
page read and write
|
||
|
52AE000
|
stack
|
page read and write
|
||
|
55B0000
|
trusted library section
|
page readonly
|
||
|
128E000
|
stack
|
page read and write
|
||
|
6ED7000
|
trusted library allocation
|
page read and write
|
||
|
3849000
|
trusted library allocation
|
page read and write
|
||
|
3090000
|
trusted library allocation
|
page read and write
|
||
|
734F000
|
stack
|
page read and write
|
||
|
2B1D000
|
trusted library allocation
|
page read and write
|
||
|
316F000
|
trusted library allocation
|
page read and write
|
||
|
13FD000
|
heap
|
page read and write
|
||
|
43F1000
|
trusted library allocation
|
page read and write
|
||
|
3CD2000
|
trusted library allocation
|
page read and write
|
||
|
56B3000
|
heap
|
page read and write
|
||
|
1090000
|
trusted library allocation
|
page read and write
|
||
|
3BC0000
|
trusted library allocation
|
page read and write
|
||
|
5320000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
3821000
|
trusted library allocation
|
page read and write
|
||
|
438F000
|
trusted library allocation
|
page read and write
|
||
|
42CC000
|
trusted library allocation
|
page read and write
|
||
|
2B1A000
|
trusted library allocation
|
page read and write
|
||
|
38A8000
|
trusted library allocation
|
page read and write
|
||
|
58B0000
|
trusted library allocation
|
page read and write
|
||
|
31B6000
|
trusted library allocation
|
page read and write
|
||
|
A63C000
|
stack
|
page read and write
|
||
|
6680000
|
trusted library allocation
|
page read and write
|
||
|
EA6000
|
trusted library allocation
|
page execute and read and write
|
||
|
55C3000
|
heap
|
page read and write
|
||
|
E83000
|
trusted library allocation
|
page execute and read and write
|
||
|
635F000
|
stack
|
page read and write
|
||
|
594E000
|
stack
|
page read and write
|
||
|
43F8000
|
trusted library allocation
|
page read and write
|
||
|
2FBE000
|
stack
|
page read and write
|
||
|
4411000
|
trusted library allocation
|
page read and write
|
||
|
6C9E000
|
stack
|
page read and write
|
||
|
D5A000
|
stack
|
page read and write
|
||
|
3A3F000
|
trusted library allocation
|
page read and write
|
||
|
6E10000
|
trusted library allocation
|
page read and write
|
||
|
2B28000
|
trusted library allocation
|
page read and write
|
||
|
2E08000
|
trusted library allocation
|
page read and write
|
||
|
5622000
|
trusted library allocation
|
page read and write
|
||
|
38AB000
|
trusted library allocation
|
page read and write
|
||
|
434B000
|
trusted library allocation
|
page read and write
|
||
|
4F10000
|
heap
|
page read and write
|
||
|
C48000
|
heap
|
page read and write
|
||
|
5890000
|
trusted library allocation
|
page read and write
|
||
|
618E000
|
stack
|
page read and write
|
||
|
12FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
561D000
|
trusted library allocation
|
page read and write
|
||
|
33D4000
|
trusted library allocation
|
page read and write
|
||
|
5C54000
|
trusted library allocation
|
page read and write
|
||
|
391B000
|
trusted library allocation
|
page read and write
|
||
|
55FB000
|
trusted library allocation
|
page read and write
|
||
|
28D5000
|
trusted library allocation
|
page read and write
|
||
|
3BCB000
|
trusted library allocation
|
page read and write
|
||
|
342B000
|
heap
|
page read and write
|
||
|
3AE9000
|
trusted library allocation
|
page read and write
|
||
|
1640000
|
trusted library allocation
|
page read and write
|
||
|
6E00000
|
trusted library allocation
|
page execute and read and write
|
||
|
4242000
|
trusted library allocation
|
page read and write
|
||
|
EDA000
|
stack
|
page read and write
|
||
|
395A000
|
trusted library allocation
|
page read and write
|
||
|
29CF000
|
trusted library allocation
|
page read and write
|
||
|
2FDA000
|
trusted library allocation
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page execute and read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
2C64000
|
trusted library allocation
|
page read and write
|
||
|
2B22000
|
trusted library allocation
|
page read and write
|
||
|
A731000
|
heap
|
page read and write
|
||
|
6DE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1810000
|
trusted library allocation
|
page read and write
|
||
|
15DF000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
F94000
|
trusted library allocation
|
page read and write
|
||
|
31B7000
|
trusted library allocation
|
page read and write
|
||
|
1318000
|
heap
|
page read and write
|
||
|
4316000
|
trusted library allocation
|
page read and write
|
||
|
A52E000
|
stack
|
page read and write
|
||
|
10AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
315D000
|
trusted library allocation
|
page read and write
|
||
|
50D8000
|
trusted library allocation
|
page read and write
|
||
|
53B0000
|
heap
|
page read and write
|
||
|
AFAC000
|
stack
|
page read and write
|
||
|
2800000
|
trusted library allocation
|
page read and write
|
||
|
9FFE000
|
stack
|
page read and write
|
||
|
1096000
|
trusted library allocation
|
page execute and read and write
|
||
|
12F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
6590000
|
trusted library allocation
|
page execute and read and write
|
||
|
300B000
|
trusted library allocation
|
page read and write
|
||
|
113F000
|
heap
|
page read and write
|
||
|
6580000
|
trusted library allocation
|
page read and write
|
||
|
29CB000
|
trusted library allocation
|
page read and write
|
||
|
3241000
|
trusted library allocation
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
A970000
|
heap
|
page read and write
|
||
|
40B1000
|
trusted library allocation
|
page read and write
|
||
|
328D000
|
trusted library allocation
|
page read and write
|
||
|
4D5A000
|
trusted library allocation
|
page read and write
|
||
|
31D9000
|
trusted library allocation
|
page read and write
|
||
|
59B0000
|
heap
|
page read and write
|
||
|
3C0F000
|
trusted library allocation
|
page read and write
|
||
|
302D000
|
trusted library allocation
|
page read and write
|
||
|
4D80000
|
trusted library allocation
|
page read and write
|
||
|
738E000
|
stack
|
page read and write
|
||
|
31DB000
|
trusted library allocation
|
page read and write
|
||
|
15E0000
|
trusted library allocation
|
page read and write
|
||
|
7E2F000
|
stack
|
page read and write
|
||
|
6D00000
|
heap
|
page read and write
|
||
|
2A00000
|
trusted library allocation
|
page read and write
|
||
|
6A9D000
|
stack
|
page read and write
|
||
|
3350000
|
heap
|
page read and write
|
||
|
5FC1000
|
heap
|
page read and write
|
||
|
401B000
|
trusted library allocation
|
page read and write
|
||
|
3BE3000
|
trusted library allocation
|
page read and write
|
||
|
5F60000
|
heap
|
page read and write
|
||
|
1384000
|
trusted library allocation
|
page read and write
|
||
|
1800000
|
trusted library allocation
|
page read and write
|
||
|
4405000
|
trusted library allocation
|
page read and write
|
||
|
5B7E000
|
stack
|
page read and write
|
||
|
4408000
|
trusted library allocation
|
page read and write
|
||
|
318F000
|
trusted library allocation
|
page read and write
|
||
|
26EE000
|
stack
|
page read and write
|
||
|
430D000
|
trusted library allocation
|
page read and write
|
||
|
4135000
|
trusted library allocation
|
page read and write
|
||
|
A25000
|
heap
|
page read and write
|
||
|
625E000
|
stack
|
page read and write
|
||
|
1390000
|
trusted library allocation
|
page read and write
|
||
|
43A000
|
stack
|
page read and write
|
||
|
6EC0000
|
trusted library allocation
|
page read and write
|
||
|
6570000
|
trusted library allocation
|
page execute and read and write
|
||
|
109A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2885000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
2A9A000
|
trusted library allocation
|
page read and write
|
||
|
3BA7000
|
trusted library allocation
|
page read and write
|
||
|
F93000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
55F6000
|
trusted library allocation
|
page read and write
|
||
|
41DD000
|
trusted library allocation
|
page read and write
|
||
|
4820000
|
trusted library allocation
|
page read and write
|
||
|
7410000
|
trusted library allocation
|
page execute and read and write
|
||
|
6536000
|
trusted library allocation
|
page read and write
|
||
|
135C000
|
stack
|
page read and write
|
||
|
3CCF000
|
trusted library allocation
|
page read and write
|
||
|
1154000
|
heap
|
page read and write
|
||
|
534E000
|
stack
|
page read and write
|
||
|
431000
|
remote allocation
|
page execute and read and write
|
||
|
426E000
|
trusted library allocation
|
page read and write
|
||
|
3065000
|
trusted library allocation
|
page read and write
|
||
|
A101000
|
heap
|
page read and write
|
||
|
337E000
|
trusted library allocation
|
page read and write
|
||
|
3BD6000
|
trusted library allocation
|
page read and write
|
||
|
10A2000
|
trusted library allocation
|
page read and write
|
||
|
5FDA000
|
heap
|
page read and write
|
||
|
53A0000
|
heap
|
page execute and read and write
|
||
|
1300000
|
trusted library allocation
|
page read and write
|
||
|
29AB000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
53E0000
|
heap
|
page read and write
|
||
|
2ACE000
|
trusted library allocation
|
page read and write
|
||
|
6ED0000
|
trusted library allocation
|
page read and write
|
||
|
5328000
|
trusted library allocation
|
page read and write
|
||
|
286E000
|
trusted library allocation
|
page read and write
|
||
|
355F000
|
stack
|
page read and write
|
||
|
3026000
|
trusted library allocation
|
page read and write
|
||
|
55C0000
|
heap
|
page read and write
|
||
|
14B2000
|
trusted library allocation
|
page read and write
|
||
|
6620000
|
trusted library allocation
|
page read and write
|
||
|
310A000
|
trusted library allocation
|
page read and write
|
||
|
538F000
|
trusted library section
|
page readonly
|
||
|
2AD4000
|
trusted library allocation
|
page read and write
|
||
|
6EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
59A0000
|
heap
|
page read and write
|
||
|
B111000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
334F000
|
trusted library allocation
|
page read and write
|
||
|
2EA0000
|
trusted library allocation
|
page read and write
|
||
|
5C56000
|
trusted library allocation
|
page read and write
|
||
|
2898000
|
trusted library allocation
|
page read and write
|
||
|
57C0000
|
heap
|
page read and write
|
||
|
4D66000
|
trusted library allocation
|
page read and write
|
||
|
3A74000
|
trusted library allocation
|
page read and write
|
||
|
3BBA000
|
trusted library allocation
|
page read and write
|
||
|
AAAE000
|
stack
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page read and write
|
||
|
5900000
|
heap
|
page read and write
|
||
|
14C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
3070000
|
trusted library allocation
|
page read and write
|
||
|
1309000
|
heap
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
28CD000
|
trusted library allocation
|
page read and write
|
||
|
130D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3226000
|
trusted library allocation
|
page read and write
|
||
|
7CA0000
|
trusted library section
|
page read and write
|
||
|
3032000
|
trusted library allocation
|
page read and write
|
||
|
1297000
|
heap
|
page read and write
|
||
|
6DF0000
|
trusted library allocation
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
3278000
|
trusted library allocation
|
page read and write
|
||
|
3CA4000
|
trusted library allocation
|
page read and write
|
||
|
569D000
|
stack
|
page read and write
|
||
|
6F80000
|
heap
|
page read and write
|
||
|
58E000
|
unkown
|
page read and write
|
||
|
1610000
|
trusted library allocation
|
page read and write
|
||
|
3AD3000
|
trusted library allocation
|
page read and write
|
||
|
55D0000
|
heap
|
page read and write
|
||
|
2DC8000
|
trusted library allocation
|
page read and write
|
||
|
112E000
|
heap
|
page read and write
|
||
|
5330000
|
trusted library allocation
|
page execute and read and write
|
||
|
326A000
|
trusted library allocation
|
page read and write
|
||
|
3AFA000
|
trusted library allocation
|
page read and write
|
||
|
713E000
|
heap
|
page read and write
|
||
|
323F000
|
trusted library allocation
|
page read and write
|
||
|
1254000
|
trusted library allocation
|
page read and write
|
||
|
15F2000
|
trusted library allocation
|
page read and write
|
||
|
58F0000
|
trusted library allocation
|
page read and write
|
||
|
6DDE000
|
stack
|
page read and write
|
||
|
2667000
|
trusted library allocation
|
page execute and read and write
|
||
|
1620000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D90000
|
trusted library allocation
|
page read and write
|
||
|
2D96000
|
trusted library allocation
|
page read and write
|
||
|
5C6D000
|
trusted library allocation
|
page read and write
|
||
|
4353000
|
trusted library allocation
|
page read and write
|
||
|
1162000
|
heap
|
page read and write
|
||
|
63E000
|
stack
|
page read and write
|
||
|
4373000
|
trusted library allocation
|
page read and write
|
||
|
3173000
|
trusted library allocation
|
page read and write
|
||
|
2B20000
|
trusted library allocation
|
page read and write
|
||
|
41D9000
|
trusted library allocation
|
page read and write
|
||
|
9D7E000
|
stack
|
page read and write
|
||
|
4D6D000
|
trusted library allocation
|
page read and write
|
||
|
4244000
|
trusted library allocation
|
page read and write
|
||
|
52D0000
|
trusted library allocation
|
page read and write
|
||
|
1348000
|
heap
|
page read and write
|
||
|
620E000
|
stack
|
page read and write
|
||
|
58A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
15E2000
|
trusted library allocation
|
page read and write
|
||
|
165F000
|
stack
|
page read and write
|
||
|
317B000
|
trusted library allocation
|
page read and write
|
||
|
3187000
|
trusted library allocation
|
page read and write
|
||
|
5F96000
|
heap
|
page read and write
|
||
|
B100000
|
trusted library allocation
|
page read and write
|
||
|
333C000
|
trusted library allocation
|
page read and write
|
||
|
65C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F50000
|
heap
|
page read and write
|
||
|
A8BE000
|
stack
|
page read and write
|
||
|
440E000
|
trusted library allocation
|
page read and write
|
||
|
5905000
|
heap
|
page read and write
|
||
|
6B1E000
|
stack
|
page read and write
|
||
|
6687000
|
trusted library allocation
|
page read and write
|
||
|
4187000
|
trusted library allocation
|
page read and write
|
||
|
EA0000
|
trusted library allocation
|
page read and write
|
||
|
441C000
|
trusted library allocation
|
page read and write
|
||
|
40A2000
|
trusted library allocation
|
page read and write
|
||
|
29FC000
|
trusted library allocation
|
page read and write
|
||
|
57E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6546000
|
trusted library allocation
|
page read and write
|
||
|
6627000
|
trusted library allocation
|
page read and write
|
||
|
14E0000
|
trusted library allocation
|
page read and write
|
||
|
48FC000
|
stack
|
page read and write
|
||
|
6520000
|
trusted library allocation
|
page read and write
|
||
|
14BA000
|
trusted library allocation
|
page execute and read and write
|
There are 703 hidden memdumps, click here to show them.