Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
rrequestforquotation.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\rrequestforquotation.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmpC98D.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\oGnCNPiCwiAocn.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\oGnCNPiCwiAocn.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\oGnCNPiCwiAocn.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4zx4jgfc.ryv.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ewgtqzvh.5xd.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kuzz3bkh.m3f.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_llvbzpdn.aqz.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tha1q2k3.b4x.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wvobn35q.obr.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xeflaksy.riu.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zaohc415.w4a.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpEF35.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\rrequestforquotation.exe
|
"C:\Users\user\Desktop\rrequestforquotation.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\rrequestforquotation.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\oGnCNPiCwiAocn.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\oGnCNPiCwiAocn" /XML "C:\Users\user\AppData\Local\Temp\tmpC98D.tmp"
|
|
|
|
C:\Users\user\Desktop\rrequestforquotation.exe
|
"C:\Users\user\Desktop\rrequestforquotation.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\oGnCNPiCwiAocn.exe
|
C:\Users\user\AppData\Roaming\oGnCNPiCwiAocn.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\oGnCNPiCwiAocn" /XML "C:\Users\user\AppData\Local\Temp\tmpEF35.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\oGnCNPiCwiAocn.exe
|
"C:\Users\user\AppData\Roaming\oGnCNPiCwiAocn.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\oGnCNPiCwiAocn.exe
|
"C:\Users\user\AppData\Roaming\oGnCNPiCwiAocn.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.75
|
172.67.177.134
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://checkip.dyndns.org/
|
193.122.6.168
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.75$
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://reallyfreegeoip.org
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
||
|
https://github.com/ppx17/Onkyo-Remote-Control
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 26 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
172.67.177.134
|
||
|
checkip.dyndns.com
|
193.122.6.168
|
||
|
checkip.dyndns.org
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
193.122.6.168
|
checkip.dyndns.com
|
United States
|
||
|
172.67.177.134
|
reallyfreegeoip.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rrequestforquotation_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rrequestforquotation_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rrequestforquotation_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rrequestforquotation_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rrequestforquotation_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rrequestforquotation_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rrequestforquotation_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rrequestforquotation_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rrequestforquotation_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rrequestforquotation_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rrequestforquotation_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rrequestforquotation_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rrequestforquotation_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rrequestforquotation_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\oGnCNPiCwiAocn_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\oGnCNPiCwiAocn_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\oGnCNPiCwiAocn_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\oGnCNPiCwiAocn_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\oGnCNPiCwiAocn_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\oGnCNPiCwiAocn_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\oGnCNPiCwiAocn_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\oGnCNPiCwiAocn_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\oGnCNPiCwiAocn_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\oGnCNPiCwiAocn_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\oGnCNPiCwiAocn_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\oGnCNPiCwiAocn_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\oGnCNPiCwiAocn_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\oGnCNPiCwiAocn_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2EB1000
|
trusted library allocation
|
page read and write
|
|
|
|
415000
|
remote allocation
|
page execute and read and write
|
|
|
|
2B60000
|
trusted library allocation
|
page read and write
|
|
|
|
3CB1000
|
trusted library allocation
|
page read and write
|
|
|
|
2991000
|
trusted library allocation
|
page read and write
|
|
|
|
307F000
|
trusted library allocation
|
page read and write
|
|
|
|
8CE000
|
unkown
|
page read and write
|
||
|
1440000
|
trusted library allocation
|
page execute and read and write
|
||
|
5390000
|
heap
|
page read and write
|
||
|
6BE0000
|
trusted library allocation
|
page read and write
|
||
|
5CE3000
|
heap
|
page read and write
|
||
|
5150000
|
heap
|
page read and write
|
||
|
6830000
|
heap
|
page read and write
|
||
|
5160000
|
trusted library allocation
|
page read and write
|
||
|
2F65000
|
trusted library allocation
|
page read and write
|
||
|
5340000
|
heap
|
page read and write
|
||
|
4C50000
|
trusted library allocation
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
11F2000
|
trusted library allocation
|
page read and write
|
||
|
E94000
|
heap
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
111E000
|
stack
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
2CA0000
|
heap
|
page execute and read and write
|
||
|
7470000
|
trusted library allocation
|
page read and write
|
||
|
13DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
59D0000
|
trusted library allocation
|
page read and write
|
||
|
5580000
|
trusted library allocation
|
page read and write
|
||
|
59E8000
|
trusted library allocation
|
page read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
3ED000
|
stack
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
A21E000
|
stack
|
page read and write
|
||
|
3A21000
|
trusted library allocation
|
page read and write
|
||
|
2444000
|
trusted library allocation
|
page read and write
|
||
|
300D000
|
trusted library allocation
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
2453000
|
trusted library allocation
|
page read and write
|
||
|
7B0F000
|
stack
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page read and write
|
||
|
3959000
|
trusted library allocation
|
page read and write
|
||
|
9C4E000
|
stack
|
page read and write
|
||
|
2EA000
|
stack
|
page read and write
|
||
|
7780000
|
trusted library allocation
|
page execute and read and write
|
||
|
12C0000
|
trusted library allocation
|
page read and write
|
||
|
2462000
|
trusted library allocation
|
page read and write
|
||
|
13CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C9E000
|
stack
|
page read and write
|
||
|
2C76000
|
trusted library allocation
|
page read and write
|
||
|
6BAE000
|
stack
|
page read and write
|
||
|
13C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F7A000
|
trusted library allocation
|
page read and write
|
||
|
2A96000
|
trusted library allocation
|
page read and write
|
||
|
6794000
|
heap
|
page read and write
|
||
|
14D4000
|
trusted library allocation
|
page read and write
|
||
|
5CDB000
|
heap
|
page read and write
|
||
|
143E000
|
stack
|
page read and write
|
||
|
38F4000
|
trusted library allocation
|
page read and write
|
||
|
3001000
|
trusted library allocation
|
page read and write
|
||
|
6B2A000
|
heap
|
page read and write
|
||
|
39E000
|
unkown
|
page read and write
|
||
|
11FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
5130000
|
heap
|
page read and write
|
||
|
E1E000
|
stack
|
page read and write
|
||
|
674E000
|
stack
|
page read and write
|
||
|
5360000
|
trusted library section
|
page readonly
|
||
|
2BF4000
|
trusted library allocation
|
page read and write
|
||
|
5430000
|
heap
|
page execute and read and write
|
||
|
9B0E000
|
stack
|
page read and write
|
||
|
9A0E000
|
stack
|
page read and write
|
||
|
4BB0000
|
trusted library allocation
|
page read and write
|
||
|
2590000
|
trusted library allocation
|
page read and write
|
||
|
3043000
|
trusted library allocation
|
page read and write
|
||
|
4E76000
|
trusted library allocation
|
page read and write
|
||
|
548D000
|
stack
|
page read and write
|
||
|
53E0000
|
trusted library allocation
|
page read and write
|
||
|
4BA0000
|
trusted library allocation
|
page read and write
|
||
|
9D8C000
|
stack
|
page read and write
|
||
|
4EE3000
|
heap
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
4E71000
|
trusted library allocation
|
page read and write
|
||
|
2FFD000
|
trusted library allocation
|
page read and write
|
||
|
13C2000
|
trusted library allocation
|
page read and write
|
||
|
59EB000
|
trusted library allocation
|
page read and write
|
||
|
A46E000
|
stack
|
page read and write
|
||
|
13BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CDB000
|
stack
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
9D90000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
11D3000
|
trusted library allocation
|
page read and write
|
||
|
3009000
|
trusted library allocation
|
page read and write
|
||
|
25A4000
|
trusted library allocation
|
page read and write
|
||
|
30FF000
|
trusted library allocation
|
page read and write
|
||
|
69A0000
|
heap
|
page read and write
|
||
|
648E000
|
stack
|
page read and write
|
||
|
5C92000
|
heap
|
page read and write
|
||
|
2BEB000
|
trusted library allocation
|
page read and write
|
||
|
51DE000
|
stack
|
page read and write
|
||
|
E6A000
|
stack
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
965E000
|
stack
|
page read and write
|
||
|
539E000
|
trusted library allocation
|
page read and write
|
||
|
4C40000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F6B000
|
trusted library allocation
|
page read and write
|
||
|
9FCE000
|
stack
|
page read and write
|
||
|
2AD6000
|
trusted library allocation
|
page read and write
|
||
|
481C000
|
stack
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
2AD000
|
stack
|
page read and write
|
||
|
244D000
|
trusted library allocation
|
page execute and read and write
|
||
|
F78000
|
heap
|
page read and write
|
||
|
6790000
|
trusted library allocation
|
page read and write
|
||
|
3028000
|
trusted library allocation
|
page read and write
|
||
|
4B60000
|
trusted library allocation
|
page read and write
|
||
|
50F0000
|
trusted library allocation
|
page read and write
|
||
|
5070000
|
trusted library allocation
|
page execute and read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
D2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
CF7000
|
stack
|
page read and write
|
||
|
676F000
|
trusted library allocation
|
page read and write
|
||
|
6BB0000
|
trusted library allocation
|
page read and write
|
||
|
2FA9000
|
trusted library allocation
|
page read and write
|
||
|
2B52000
|
trusted library allocation
|
page read and write
|
||
|
5380000
|
heap
|
page read and write
|
||
|
4ED0000
|
heap
|
page read and write
|
||
|
2A3F000
|
trusted library allocation
|
page read and write
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
6800000
|
trusted library allocation
|
page read and write
|
||
|
2477000
|
trusted library allocation
|
page execute and read and write
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
38D1000
|
trusted library allocation
|
page read and write
|
||
|
3071000
|
trusted library allocation
|
page read and write
|
||
|
6BD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C6E000
|
stack
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
5EA0000
|
heap
|
page read and write
|
||
|
90F000
|
unkown
|
page read and write
|
||
|
2490000
|
trusted library allocation
|
page read and write
|
||
|
9FE0000
|
trusted library allocation
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
2FA7000
|
trusted library allocation
|
page read and write
|
||
|
2AEA000
|
trusted library allocation
|
page read and write
|
||
|
11DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
5130000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
A92C000
|
stack
|
page read and write
|
||
|
11E2000
|
trusted library allocation
|
page read and write
|
||
|
A31E000
|
stack
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
6BC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
55A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FF5000
|
trusted library allocation
|
page read and write
|
||
|
246A000
|
trusted library allocation
|
page execute and read and write
|
||
|
99CF000
|
stack
|
page read and write
|
||
|
E67000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C50000
|
trusted library allocation
|
page read and write
|
||
|
6BBF000
|
trusted library allocation
|
page read and write
|
||
|
2440000
|
trusted library allocation
|
page read and write
|
||
|
4E82000
|
trusted library allocation
|
page read and write
|
||
|
3F43000
|
trusted library allocation
|
page read and write
|
||
|
790D000
|
stack
|
page read and write
|
||
|
2FB1000
|
trusted library allocation
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
2FBD000
|
trusted library allocation
|
page read and write
|
||
|
2FF9000
|
trusted library allocation
|
page read and write
|
||
|
6ACF000
|
heap
|
page read and write
|
||
|
98A000
|
stack
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
4C90000
|
trusted library allocation
|
page read and write
|
||
|
67A0000
|
trusted library allocation
|
page read and write
|
||
|
6325000
|
heap
|
page read and write
|
||
|
2C18000
|
trusted library allocation
|
page read and write
|
||
|
3142000
|
trusted library allocation
|
page read and write
|
||
|
11E6000
|
trusted library allocation
|
page execute and read and write
|
||
|
68AF000
|
stack
|
page read and write
|
||
|
3A24000
|
trusted library allocation
|
page read and write
|
||
|
76AD000
|
stack
|
page read and write
|
||
|
471B000
|
stack
|
page read and write
|
||
|
6770000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F1C000
|
trusted library allocation
|
page read and write
|
||
|
4E56000
|
trusted library allocation
|
page read and write
|
||
|
26DF000
|
stack
|
page read and write
|
||
|
94C000
|
heap
|
page read and write
|
||
|
12F0000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
trusted library allocation
|
page read and write
|
||
|
676A000
|
trusted library allocation
|
page read and write
|
||
|
5596000
|
trusted library allocation
|
page read and write
|
||
|
6AAE000
|
stack
|
page read and write
|
||
|
2450000
|
trusted library allocation
|
page read and write
|
||
|
6AC5000
|
heap
|
page read and write
|
||
|
6760000
|
trusted library allocation
|
page read and write
|
||
|
6CA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B90000
|
trusted library allocation
|
page read and write
|
||
|
67A4000
|
heap
|
page read and write
|
||
|
25B0000
|
heap
|
page execute and read and write
|
||
|
546F000
|
stack
|
page read and write
|
||
|
301A000
|
trusted library allocation
|
page read and write
|
||
|
84D000
|
stack
|
page read and write
|
||
|
2B40000
|
trusted library allocation
|
page read and write
|
||
|
5598000
|
trusted library allocation
|
page read and write
|
||
|
4C30000
|
heap
|
page read and write
|
||
|
6763000
|
trusted library allocation
|
page read and write
|
||
|
2EA0000
|
heap
|
page execute and read and write
|
||
|
2E9E000
|
stack
|
page read and write
|
||
|
13A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
660E000
|
stack
|
page read and write
|
||
|
14F0000
|
heap
|
page read and write
|
||
|
3063000
|
trusted library allocation
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
3ED9000
|
trusted library allocation
|
page read and write
|
||
|
9FD0000
|
trusted library allocation
|
page read and write
|
||
|
2B24000
|
trusted library allocation
|
page read and write
|
||
|
794D000
|
stack
|
page read and write
|
||
|
B2F000
|
stack
|
page read and write
|
||
|
6730000
|
heap
|
page read and write
|
||
|
12D0000
|
trusted library allocation
|
page read and write
|
||
|
2A5C000
|
trusted library allocation
|
page read and write
|
||
|
3005000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
trusted library allocation
|
page read and write
|
||
|
4E5B000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
4C97000
|
trusted library allocation
|
page read and write
|
||
|
2ADE000
|
trusted library allocation
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
38B0000
|
trusted library allocation
|
page read and write
|
||
|
2C82000
|
trusted library allocation
|
page read and write
|
||
|
2A9A000
|
trusted library allocation
|
page read and write
|
||
|
A3A000
|
stack
|
page read and write
|
||
|
38F1000
|
trusted library allocation
|
page read and write
|
||
|
D24000
|
trusted library allocation
|
page read and write
|
||
|
13D5000
|
trusted library allocation
|
page execute and read and write
|
||
|
F07000
|
heap
|
page read and write
|
||
|
2443000
|
trusted library allocation
|
page execute and read and write
|
||
|
658E000
|
stack
|
page read and write
|
||
|
68EE000
|
stack
|
page read and write
|
||
|
546E000
|
stack
|
page read and write
|
||
|
59D4000
|
trusted library allocation
|
page read and write
|
||
|
30F6000
|
trusted library allocation
|
page read and write
|
||
|
3F40000
|
trusted library allocation
|
page read and write
|
||
|
D10000
|
trusted library allocation
|
page read and write
|
||
|
559B000
|
trusted library allocation
|
page read and write
|
||
|
5590000
|
trusted library section
|
page read and write
|
||
|
58A0000
|
heap
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
4ED0000
|
heap
|
page execute and read and write
|
||
|
D23000
|
trusted library allocation
|
page execute and read and write
|
||
|
149D000
|
stack
|
page read and write
|
||
|
15FE000
|
stack
|
page read and write
|
||
|
2ADA000
|
trusted library allocation
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
95C000
|
heap
|
page read and write
|
||
|
10B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
E98000
|
heap
|
page read and write
|
||
|
540B000
|
stack
|
page read and write
|
||
|
39FD000
|
trusted library allocation
|
page read and write
|
||
|
5E8E000
|
heap
|
page read and write
|
||
|
735E000
|
heap
|
page read and write
|
||
|
12BE000
|
stack
|
page read and write
|
||
|
504E000
|
stack
|
page read and write
|
||
|
53C0000
|
heap
|
page execute and read and write
|
||
|
1231000
|
heap
|
page read and write
|
||
|
2AD2000
|
trusted library allocation
|
page read and write
|
||
|
2C93000
|
heap
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
98F000
|
stack
|
page read and write
|
||
|
63A000
|
stack
|
page read and write
|
||
|
3DF000
|
unkown
|
page read and write
|
||
|
2AE6000
|
trusted library allocation
|
page read and write
|
||
|
2AE2000
|
trusted library allocation
|
page read and write
|
||
|
1307000
|
heap
|
page read and write
|
||
|
98CE000
|
stack
|
page read and write
|
||
|
11B8000
|
heap
|
page read and write
|
||
|
860000
|
unkown
|
page readonly
|
||
|
7750000
|
trusted library allocation
|
page read and write
|
||
|
24DE000
|
stack
|
page read and write
|
||
|
4E50000
|
trusted library allocation
|
page read and write
|
||
|
FB0000
|
trusted library allocation
|
page read and write
|
||
|
3112000
|
trusted library allocation
|
page read and write
|
||
|
F67000
|
stack
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
E5A000
|
trusted library allocation
|
page execute and read and write
|
||
|
F19000
|
heap
|
page read and write
|
||
|
3A2D000
|
trusted library allocation
|
page read and write
|
||
|
6AA0000
|
heap
|
page read and write
|
||
|
2F78000
|
trusted library allocation
|
page read and write
|
||
|
53EF000
|
trusted library allocation
|
page read and write
|
||
|
9ECE000
|
stack
|
page read and write
|
||
|
9C8C000
|
stack
|
page read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
6780000
|
trusted library allocation
|
page execute and read and write
|
||
|
65CE000
|
stack
|
page read and write
|
||
|
11F0000
|
trusted library allocation
|
page read and write
|
||
|
2FB9000
|
trusted library allocation
|
page read and write
|
||
|
5440000
|
heap
|
page read and write
|
||
|
A5AE000
|
stack
|
page read and write
|
||
|
7450000
|
trusted library allocation
|
page execute and read and write
|
||
|
77CE000
|
stack
|
page read and write
|
||
|
7120000
|
heap
|
page read and write
|
||
|
2B44000
|
trusted library allocation
|
page read and write
|
||
|
25A0000
|
trusted library allocation
|
page read and write
|
||
|
53BD000
|
trusted library allocation
|
page read and write
|
||
|
88A000
|
heap
|
page read and write
|
||
|
25A6000
|
trusted library allocation
|
page read and write
|
||
|
7F0D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
FB4000
|
trusted library allocation
|
page read and write
|
||
|
4DAC000
|
stack
|
page read and write
|
||
|
4B7E000
|
trusted library allocation
|
page read and write
|
||
|
11F7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BB8000
|
trusted library allocation
|
page read and write
|
||
|
86E000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
49CE000
|
stack
|
page read and write
|
||
|
E4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5443000
|
heap
|
page read and write
|
||
|
2BCD000
|
trusted library allocation
|
page read and write
|
||
|
50CE000
|
stack
|
page read and write
|
||
|
640D000
|
stack
|
page read and write
|
||
|
13B0000
|
trusted library allocation
|
page read and write
|
||
|
305F000
|
trusted library allocation
|
page read and write
|
||
|
EC6000
|
heap
|
page read and write
|
||
|
3F36000
|
trusted library allocation
|
page read and write
|
||
|
704E000
|
stack
|
page read and write
|
||
|
A941000
|
trusted library allocation
|
page read and write
|
||
|
EC9000
|
heap
|
page read and write
|
||
|
2B09000
|
trusted library allocation
|
page read and write
|
||
|
E65000
|
trusted library allocation
|
page execute and read and write
|
||
|
69EE000
|
stack
|
page read and write
|
||
|
EA2000
|
heap
|
page read and write
|
||
|
2CB1000
|
trusted library allocation
|
page read and write
|
||
|
EBA000
|
heap
|
page read and write
|
||
|
2C71000
|
trusted library allocation
|
page read and write
|
||
|
5690000
|
trusted library allocation
|
page read and write
|
||
|
70E000
|
stack
|
page read and write
|
||
|
2BD8000
|
trusted library allocation
|
page read and write
|
||
|
2AEE000
|
trusted library allocation
|
page read and write
|
||
|
3136000
|
trusted library allocation
|
page read and write
|
||
|
E68000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
3109000
|
trusted library allocation
|
page read and write
|
||
|
4C33000
|
heap
|
page read and write
|
||
|
7A00000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B81000
|
trusted library allocation
|
page read and write
|
||
|
5140000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C2A000
|
trusted library allocation
|
page read and write
|
||
|
6F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
A56E000
|
stack
|
page read and write
|
||
|
E40000
|
trusted library allocation
|
page read and write
|
||
|
3148000
|
trusted library allocation
|
page read and write
|
||
|
2472000
|
trusted library allocation
|
page read and write
|
||
|
59E0000
|
trusted library allocation
|
page read and write
|
||
|
2BD2000
|
trusted library allocation
|
page read and write
|
||
|
4B64000
|
trusted library allocation
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
61CE000
|
stack
|
page read and write
|
||
|
5570000
|
trusted library allocation
|
page execute and read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
59F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F50000
|
trusted library allocation
|
page read and write
|
||
|
2466000
|
trusted library allocation
|
page execute and read and write
|
||
|
662E000
|
stack
|
page read and write
|
||
|
5135000
|
heap
|
page read and write
|
||
|
2430000
|
trusted library allocation
|
page read and write
|
||
|
F3A000
|
heap
|
page read and write
|
||
|
E6E000
|
heap
|
page read and write
|
||
|
14E0000
|
trusted library allocation
|
page read and write
|
||
|
6F4E000
|
stack
|
page read and write
|
||
|
2F92000
|
trusted library allocation
|
page read and write
|
||
|
3757000
|
trusted library allocation
|
page read and write
|
||
|
2F04000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
58CE000
|
stack
|
page read and write
|
||
|
2BE1000
|
trusted library allocation
|
page read and write
|
||
|
1390000
|
trusted library allocation
|
page read and write
|
||
|
350000
|
heap
|
page read and write
|
||
|
126F000
|
heap
|
page read and write
|
||
|
6BB3000
|
trusted library allocation
|
page read and write
|
||
|
2470000
|
trusted library allocation
|
page read and write
|
||
|
2C7D000
|
trusted library allocation
|
page read and write
|
||
|
414000
|
remote allocation
|
page execute and read and write
|
||
|
14D6000
|
trusted library allocation
|
page read and write
|
||
|
857000
|
heap
|
page read and write
|
||
|
961E000
|
stack
|
page read and write
|
||
|
558E000
|
trusted library allocation
|
page read and write
|
||
|
589E000
|
stack
|
page read and write
|
||
|
8F6000
|
unkown
|
page readonly
|
||
|
2980000
|
heap
|
page execute and read and write
|
||
|
6B1B000
|
heap
|
page read and write
|
||
|
E6B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BF0000
|
trusted library allocation
|
page read and write
|
||
|
39B9000
|
trusted library allocation
|
page read and write
|
||
|
6750000
|
trusted library allocation
|
page execute and read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
85A000
|
heap
|
page read and write
|
||
|
4B86000
|
trusted library allocation
|
page read and write
|
||
|
6332000
|
heap
|
page read and write
|
||
|
67B8000
|
heap
|
page read and write
|
||
|
3991000
|
trusted library allocation
|
page read and write
|
||
|
5CA6000
|
heap
|
page read and write
|
||
|
686D000
|
stack
|
page read and write
|
||
|
644F000
|
stack
|
page read and write
|
||
|
4E6E000
|
trusted library allocation
|
page read and write
|
||
|
2BAF000
|
stack
|
page read and write
|
||
|
3F4C000
|
trusted library allocation
|
page read and write
|
||
|
5100000
|
trusted library allocation
|
page read and write
|
||
|
2A89000
|
trusted library allocation
|
page read and write
|
||
|
53B1000
|
trusted library allocation
|
page read and write
|
||
|
11AA000
|
heap
|
page read and write
|
||
|
78F000
|
stack
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
5E50000
|
heap
|
page read and write
|
||
|
2934000
|
trusted library allocation
|
page read and write
|
||
|
50E0000
|
trusted library allocation
|
page read and write
|
||
|
862000
|
unkown
|
page readonly
|
||
|
37C4000
|
trusted library allocation
|
page read and write
|
||
|
A6EE000
|
stack
|
page read and write
|
||
|
53B6000
|
trusted library allocation
|
page read and write
|
||
|
A11E000
|
stack
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
53AA000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
E25000
|
heap
|
page read and write
|
||
|
2C50000
|
trusted library allocation
|
page read and write
|
||
|
E62000
|
trusted library allocation
|
page read and write
|
||
|
E3F000
|
stack
|
page read and write
|
||
|
2B16000
|
trusted library allocation
|
page read and write
|
||
|
5590000
|
trusted library allocation
|
page read and write
|
||
|
4E90000
|
trusted library allocation
|
page read and write
|
||
|
62D0000
|
heap
|
page read and write
|
||
|
4E00000
|
heap
|
page read and write
|
||
|
11EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
2C5B000
|
trusted library allocation
|
page read and write
|
||
|
E87000
|
heap
|
page read and write
|
||
|
12F5000
|
trusted library allocation
|
page read and write
|
||
|
2C24000
|
trusted library allocation
|
page read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
24E8000
|
trusted library allocation
|
page read and write
|
||
|
2FB5000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
trusted library allocation
|
page read and write
|
||
|
5370000
|
heap
|
page read and write
|
||
|
2FF1000
|
trusted library allocation
|
page read and write
|
||
|
125E000
|
stack
|
page read and write
|
||
|
4C22000
|
trusted library allocation
|
page read and write
|
||
|
115E000
|
stack
|
page read and write
|
||
|
10A0000
|
trusted library allocation
|
page read and write
|
||
|
672F000
|
stack
|
page read and write
|
||
|
3035000
|
trusted library allocation
|
page read and write
|
||
|
5345000
|
heap
|
page read and write
|
||
|
388F000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
9B4E000
|
stack
|
page read and write
|
||
|
94E000
|
stack
|
page read and write
|
||
|
E50000
|
trusted library allocation
|
page read and write
|
||
|
FD5000
|
heap
|
page read and write
|
||
|
5E69000
|
heap
|
page read and write
|
||
|
313D000
|
trusted library allocation
|
page read and write
|
||
|
2A92000
|
trusted library allocation
|
page read and write
|
||
|
E56000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F72000
|
trusted library allocation
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
14C0000
|
trusted library allocation
|
page read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
6BBA000
|
trusted library allocation
|
page read and write
|
||
|
6C80000
|
heap
|
page read and write
|
||
|
10B4000
|
trusted library allocation
|
page read and write
|
||
|
78CE000
|
stack
|
page read and write
|
||
|
2C54000
|
trusted library allocation
|
page read and write
|
||
|
30F0000
|
trusted library allocation
|
page read and write
|
||
|
62CE000
|
stack
|
page read and write
|
||
|
247B000
|
trusted library allocation
|
page execute and read and write
|
||
|
25D0000
|
heap
|
page read and write
|
||
|
245D000
|
trusted library allocation
|
page execute and read and write
|
||
|
13A0000
|
trusted library allocation
|
page read and write
|
||
|
4BD0000
|
trusted library allocation
|
page read and write
|
||
|
A82B000
|
stack
|
page read and write
|
||
|
11CE000
|
stack
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
4C20000
|
trusted library allocation
|
page read and write
|
||
|
4FD0000
|
trusted library allocation
|
page read and write
|
||
|
4C10000
|
heap
|
page read and write
|
||
|
412000
|
remote allocation
|
page execute and read and write
|
||
|
109E000
|
stack
|
page read and write
|
||
|
100E000
|
stack
|
page read and write
|
||
|
7460000
|
trusted library allocation
|
page read and write
|
||
|
4B6B000
|
trusted library allocation
|
page read and write
|
||
|
5396000
|
trusted library allocation
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
5170000
|
trusted library allocation
|
page execute and read and write
|
||
|
13D2000
|
trusted library allocation
|
page read and write
|
||
|
4B8D000
|
trusted library allocation
|
page read and write
|
||
|
53C2000
|
trusted library allocation
|
page read and write
|
||
|
A6AE000
|
stack
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C6E000
|
trusted library allocation
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
4B92000
|
trusted library allocation
|
page read and write
|
||
|
53AE000
|
trusted library allocation
|
page read and write
|
||
|
539B000
|
trusted library allocation
|
page read and write
|
||
|
5CF5000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
10BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
6AF8000
|
heap
|
page read and write
|
||
|
B37000
|
stack
|
page read and write
|
||
|
CDE000
|
stack
|
page read and write
|
||
|
2580000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E20000
|
heap
|
page execute and read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
2A74000
|
trusted library allocation
|
page read and write
|
||
|
7F270000
|
trusted library allocation
|
page execute and read and write
|
||
|
36E1000
|
trusted library allocation
|
page read and write
|
||
|
50F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
13D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
80D000
|
stack
|
page read and write
|
||
|
737000
|
stack
|
page read and write
|
||
|
4C84000
|
trusted library section
|
page readonly
|
||
|
898000
|
heap
|
page read and write
|
||
|
6CB000
|
heap
|
page read and write
|
||
|
4ACD000
|
stack
|
page read and write
|
||
|
13A4000
|
trusted library allocation
|
page read and write
|
||
|
4E5E000
|
trusted library allocation
|
page read and write
|
||
|
26E1000
|
trusted library allocation
|
page read and write
|
||
|
502D000
|
stack
|
page read and write
|
||
|
1188000
|
heap
|
page read and write
|
||
|
14D0000
|
trusted library allocation
|
page read and write
|
||
|
5E4E000
|
stack
|
page read and write
|
||
|
5E60000
|
heap
|
page read and write
|
||
|
639000
|
stack
|
page read and write
|
||
|
413000
|
remote allocation
|
page execute and read and write
|
||
|
975F000
|
stack
|
page read and write
|
||
|
59DA000
|
trusted library allocation
|
page read and write
|
||
|
A7EE000
|
stack
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
7350000
|
heap
|
page read and write
|
||
|
4BA5000
|
trusted library allocation
|
page read and write
|
||
|
59DE000
|
trusted library allocation
|
page read and write
|
||
|
E52000
|
trusted library allocation
|
page read and write
|
||
|
76E0000
|
trusted library section
|
page read and write
|
||
|
2C1F000
|
trusted library allocation
|
page read and write
|
||
|
3EB1000
|
trusted library allocation
|
page read and write
|
||
|
13AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
5162000
|
trusted library allocation
|
page read and write
|
||
|
4E10000
|
heap
|
page read and write
|
||
|
8A5000
|
heap
|
page read and write
|
||
|
A950000
|
trusted library allocation
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
25C0000
|
trusted library allocation
|
page read and write
|
||
|
30EB000
|
trusted library allocation
|
page read and write
|
||
|
310E000
|
trusted library allocation
|
page read and write
|
||
|
58B0000
|
heap
|
page read and write
|
||
|
4E6A000
|
trusted library allocation
|
page read and write
|
||
|
6860000
|
heap
|
page read and write
|
||
|
6850000
|
trusted library allocation
|
page execute and read and write
|
||
|
775000
|
heap
|
page read and write
|
||
|
382A000
|
trusted library allocation
|
page read and write
|
||
|
7760000
|
heap
|
page read and write
|
||
|
105F000
|
stack
|
page read and write
|
||
|
664E000
|
stack
|
page read and write
|
||
|
2F5D000
|
trusted library allocation
|
page read and write
|
||
|
3A17000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
54E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4EE0000
|
heap
|
page read and write
|
||
|
129B000
|
stack
|
page read and write
|
||
|
4E7D000
|
trusted library allocation
|
page read and write
|
||
|
4C80000
|
trusted library section
|
page readonly
|
||
|
868000
|
heap
|
page read and write
|
||
|
6786000
|
heap
|
page read and write
|
||
|
5C50000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
53A0000
|
trusted library allocation
|
page read and write
|
||
|
296F000
|
stack
|
page read and write
|
There are 570 hidden memdumps, click here to show them.