Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
kwlYObMOSn.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\kwlYObMOSn.exe.log
|
CSV text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\BootstrapperV1.23.exe
|
PE32+ executable (console) x86-64 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Teams.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\XClient.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
\Device\ConDrv
|
ISO-8859 text, with CRLF, LF line terminators
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_BootstrapperV1.2_b3bef142175e2c9feedfe8f06a73673fcbfff2_9c4008b6_55181495-87bb-4c66-9a44-3854d34aea5d\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9337.tmp.dmp
|
Mini DuMP crash report, 16 streams, Sat Nov 23 20:00:15 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9701.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9731.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Teams.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Teams.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Sat Nov 23 19:00:05
2024, mtime=Sat Nov 23 19:00:05 2024, atime=Sat Nov 23 19:00:05 2024, length=68096, window=hide
|
dropped
|
||
|
C:\Users\user\Desktop\DISCORD
|
JSON data
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\kwlYObMOSn.exe
|
"C:\Users\user\Desktop\kwlYObMOSn.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\BootstrapperV1.23.exe
|
"C:\Users\user\AppData\Roaming\BootstrapperV1.23.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\XClient.exe
|
"C:\Users\user\AppData\Roaming\XClient.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"cmd" /c ipconfig /all
|
|
|
|
C:\Windows\System32\ipconfig.exe
|
ipconfig /all
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /create /f /RL HIGHEST /sc minute /mo 1 /tn "Teams" /tr "C:\Users\user\AppData\Roaming\Teams.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\Teams.exe
|
C:\Users\user\AppData\Roaming\Teams.exe
|
|
|
|
C:\Users\user\AppData\Roaming\Teams.exe
|
"C:\Users\user\AppData\Roaming\Teams.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\Teams.exe
|
"C:\Users\user\AppData\Roaming\Teams.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\Teams.exe
|
C:\Users\user\AppData\Roaming\Teams.exe
|
|
|
|
C:\Users\user\AppData\Roaming\Teams.exe
|
C:\Users\user\AppData\Roaming\Teams.exe
|
|
|
|
C:\Users\user\AppData\Roaming\Teams.exe
|
C:\Users\user\AppData\Roaming\Teams.exe
|
|
|
|
C:\Users\user\AppData\Roaming\Teams.exe
|
C:\Users\user\AppData\Roaming\Teams.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 2860 -s 2196
|
There are 7 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
Cactus-33152.portmap.host
|
|
||
|
http://127.0.0.1:6463
|
unknown
|
||
|
http://www.nodejs.org
|
unknown
|
||
|
https://nodejs.org
|
unknown
|
||
|
https://discord.com
|
unknown
|
||
|
https://ncs.roblox.com/upload
|
unknown
|
||
|
https://www.nodejs.org
|
unknown
|
||
|
https://getsolara.dev/asset/discord.json
|
172.67.203.125
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://james.newtonking.com/projects/json
|
unknown
|
||
|
http://getsolara.dev
|
unknown
|
||
|
https://discord.com;http://127.0.0.1:6463/rpc?v=11
|
unknown
|
||
|
https://clientsettings.roblox.com/v2/client-version/WindowsPlayer/channel/live
|
128.116.119.3
|
||
|
https://aka.ms/vs/17/release/vc_redist.x64.exe
|
unknown
|
||
|
https://fdf3b68c.solaraweb-alj.pages.dev/download/static/files/Solara.Dir.zip
|
unknown
|
||
|
https://gitlab.com/cmd-softworks1/a/-/snippets/4768754/raw/main/endpoint.json
|
unknown
|
||
|
http://edge-term4-lhr2.roblox.com
|
unknown
|
||
|
https://getsolara.dev
|
unknown
|
||
|
https://getsolara.dev/api/endpoint.json
|
172.67.203.125
|
||
|
https://gitlab.com/cmd-softworks1/a/-/snippets/4768756/raw/main/discord.json
|
unknown
|
||
|
http://127.0.0.1:64632
|
unknown
|
||
|
https://www.newtonsoft.com/jsonschema
|
unknown
|
||
|
https://www.nodejs.org/dist/v18.16.0/node-v18.16.0-x64.msi
|
104.20.22.46
|
||
|
https://www.nuget.org/packages/Newtonsoft.Json.Bson
|
unknown
|
||
|
http://nodejs.org
|
unknown
|
||
|
http://127.0.0.1:6463/rpc?v=1
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://clientsettings.roblox.com
|
unknown
|
||
|
https://nodejs.org/dist/v18.16.0/node-v18.16.0-x64.msi
|
unknown
|
||
|
https://pastebin.com/raw/pjseRvyK
|
unknown
|
||
|
https://clientsettings.roblox.com
|
unknown
|
||
|
https://fdf3b68c.solaraweb-alj.pages.dev/download/static/files/Bootstrapper.exe
|
unknown
|
There are 22 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
Cactus-33152.portmap.host
|
193.161.193.99
|
|
|
|
nodejs.org
|
104.20.23.46
|
||
|
getsolara.dev
|
172.67.203.125
|
||
|
www.nodejs.org
|
104.20.22.46
|
||
|
edge-term4-lhr2.roblox.com
|
128.116.119.3
|
||
|
clientsettings.roblox.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
193.161.193.99
|
Cactus-33152.portmap.host
|
Russian Federation
|
|
|
|
172.67.203.125
|
getsolara.dev
|
United States
|
||
|
128.116.119.3
|
edge-term4-lhr2.roblox.com
|
United States
|
||
|
104.20.22.46
|
www.nodejs.org
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\BootstrapperV1_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\BootstrapperV1_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\BootstrapperV1_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\BootstrapperV1_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\BootstrapperV1_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\BootstrapperV1_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\BootstrapperV1_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\BootstrapperV1_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\BootstrapperV1_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\BootstrapperV1_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\BootstrapperV1_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\BootstrapperV1_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\BootstrapperV1_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\BootstrapperV1_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Teams
|
||
|
\REGISTRY\A\{ade97b79-7fde-bce5-b7a8-d9558c7786a0}\Root\InventoryApplicationFile\bootstrapperv1.2|c2c277e2ecf5f3d3
|
ProgramId
|
||
|
\REGISTRY\A\{ade97b79-7fde-bce5-b7a8-d9558c7786a0}\Root\InventoryApplicationFile\bootstrapperv1.2|c2c277e2ecf5f3d3
|
FileId
|
||
|
\REGISTRY\A\{ade97b79-7fde-bce5-b7a8-d9558c7786a0}\Root\InventoryApplicationFile\bootstrapperv1.2|c2c277e2ecf5f3d3
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{ade97b79-7fde-bce5-b7a8-d9558c7786a0}\Root\InventoryApplicationFile\bootstrapperv1.2|c2c277e2ecf5f3d3
|
LongPathHash
|
||
|
\REGISTRY\A\{ade97b79-7fde-bce5-b7a8-d9558c7786a0}\Root\InventoryApplicationFile\bootstrapperv1.2|c2c277e2ecf5f3d3
|
Name
|
||
|
\REGISTRY\A\{ade97b79-7fde-bce5-b7a8-d9558c7786a0}\Root\InventoryApplicationFile\bootstrapperv1.2|c2c277e2ecf5f3d3
|
OriginalFileName
|
||
|
\REGISTRY\A\{ade97b79-7fde-bce5-b7a8-d9558c7786a0}\Root\InventoryApplicationFile\bootstrapperv1.2|c2c277e2ecf5f3d3
|
Publisher
|
||
|
\REGISTRY\A\{ade97b79-7fde-bce5-b7a8-d9558c7786a0}\Root\InventoryApplicationFile\bootstrapperv1.2|c2c277e2ecf5f3d3
|
Version
|
||
|
\REGISTRY\A\{ade97b79-7fde-bce5-b7a8-d9558c7786a0}\Root\InventoryApplicationFile\bootstrapperv1.2|c2c277e2ecf5f3d3
|
BinFileVersion
|
||
|
\REGISTRY\A\{ade97b79-7fde-bce5-b7a8-d9558c7786a0}\Root\InventoryApplicationFile\bootstrapperv1.2|c2c277e2ecf5f3d3
|
BinaryType
|
||
|
\REGISTRY\A\{ade97b79-7fde-bce5-b7a8-d9558c7786a0}\Root\InventoryApplicationFile\bootstrapperv1.2|c2c277e2ecf5f3d3
|
ProductName
|
||
|
\REGISTRY\A\{ade97b79-7fde-bce5-b7a8-d9558c7786a0}\Root\InventoryApplicationFile\bootstrapperv1.2|c2c277e2ecf5f3d3
|
ProductVersion
|
||
|
\REGISTRY\A\{ade97b79-7fde-bce5-b7a8-d9558c7786a0}\Root\InventoryApplicationFile\bootstrapperv1.2|c2c277e2ecf5f3d3
|
LinkDate
|
||
|
\REGISTRY\A\{ade97b79-7fde-bce5-b7a8-d9558c7786a0}\Root\InventoryApplicationFile\bootstrapperv1.2|c2c277e2ecf5f3d3
|
BinProductVersion
|
||
|
\REGISTRY\A\{ade97b79-7fde-bce5-b7a8-d9558c7786a0}\Root\InventoryApplicationFile\bootstrapperv1.2|c2c277e2ecf5f3d3
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{ade97b79-7fde-bce5-b7a8-d9558c7786a0}\Root\InventoryApplicationFile\bootstrapperv1.2|c2c277e2ecf5f3d3
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{ade97b79-7fde-bce5-b7a8-d9558c7786a0}\Root\InventoryApplicationFile\bootstrapperv1.2|c2c277e2ecf5f3d3
|
Size
|
||
|
\REGISTRY\A\{ade97b79-7fde-bce5-b7a8-d9558c7786a0}\Root\InventoryApplicationFile\bootstrapperv1.2|c2c277e2ecf5f3d3
|
Language
|
||
|
\REGISTRY\A\{ade97b79-7fde-bce5-b7a8-d9558c7786a0}\Root\InventoryApplicationFile\bootstrapperv1.2|c2c277e2ecf5f3d3
|
Usn
|
There are 24 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
F22000
|
unkown
|
page readonly
|
|
|
|
2FA1000
|
trusted library allocation
|
page read and write
|
|
|
|
1C1F8000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
7FF848FA2000
|
trusted library allocation
|
page read and write
|
||
|
F21000
|
heap
|
page read and write
|
||
|
DD9000
|
heap
|
page read and write
|
||
|
2F21000
|
trusted library allocation
|
page read and write
|
||
|
128C000
|
heap
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
C8E000
|
heap
|
page read and write
|
||
|
7FF848DE3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1420000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C1FE000
|
stack
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
1E6EBDEF000
|
heap
|
page read and write
|
||
|
1BFEE000
|
stack
|
page read and write
|
||
|
121E3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
2910000
|
heap
|
page read and write
|
||
|
2F0E000
|
stack
|
page read and write
|
||
|
12E71000
|
trusted library allocation
|
page read and write
|
||
|
3150000
|
heap
|
page execute and read and write
|
||
|
1625000
|
heap
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
735000
|
heap
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
2990000
|
heap
|
page execute and read and write
|
||
|
14ED000
|
heap
|
page read and write
|
||
|
119C000
|
heap
|
page read and write
|
||
|
12F4000
|
stack
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E6EE21E000
|
heap
|
page read and write
|
||
|
440BF7F000
|
stack
|
page read and write
|
||
|
7FF848EBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
13F6000
|
heap
|
page read and write
|
||
|
2EDE000
|
stack
|
page read and write
|
||
|
9A4000
|
stack
|
page read and write
|
||
|
11C6000
|
heap
|
page read and write
|
||
|
7FF849044000
|
trusted library allocation
|
page read and write
|
||
|
440BAFD000
|
stack
|
page read and write
|
||
|
1E6EBD90000
|
trusted library allocation
|
page read and write
|
||
|
FCD000
|
heap
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
1B52D000
|
stack
|
page read and write
|
||
|
BD8000
|
heap
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B9400C7000
|
heap
|
page read and write
|
||
|
1E6800AA000
|
trusted library allocation
|
page read and write
|
||
|
FF8000
|
heap
|
page read and write
|
||
|
744000
|
stack
|
page read and write
|
||
|
141F000
|
stack
|
page read and write
|
||
|
12A28000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E6EBDA3000
|
trusted library allocation
|
page read and write
|
||
|
1805000
|
heap
|
page read and write
|
||
|
FB8000
|
heap
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
290C000
|
trusted library allocation
|
page read and write
|
||
|
1125000
|
heap
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
14C3000
|
heap
|
page read and write
|
||
|
12903000
|
trusted library allocation
|
page read and write
|
||
|
680000
|
trusted library allocation
|
page read and write
|
||
|
1C6C0000
|
heap
|
page read and write
|
||
|
1C02E000
|
stack
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
1630000
|
heap
|
page read and write
|
||
|
121E8000
|
trusted library allocation
|
page read and write
|
||
|
1032000
|
heap
|
page read and write
|
||
|
7FF848EF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
1B880000
|
heap
|
page execute and read and write
|
||
|
C8C000
|
heap
|
page read and write
|
||
|
1E680010000
|
trusted library allocation
|
page read and write
|
||
|
11CC000
|
heap
|
page read and write
|
||
|
2E7F000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
1BEEE000
|
stack
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page execute and read and write
|
||
|
440B6FE000
|
stack
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
12EE1000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
unkown
|
page readonly
|
||
|
1600000
|
heap
|
page read and write
|
||
|
1635000
|
heap
|
page read and write
|
||
|
2911000
|
trusted library allocation
|
page read and write
|
||
|
158E000
|
stack
|
page read and write
|
||
|
1E6EBDA0000
|
trusted library allocation
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
1E68018F000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
22A1E2C0000
|
heap
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
2EE1000
|
trusted library allocation
|
page read and write
|
||
|
1B9400A0000
|
heap
|
page read and write
|
||
|
12F13000
|
trusted library allocation
|
page read and write
|
||
|
83E000
|
stack
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
314E000
|
stack
|
page read and write
|
||
|
FCB000
|
heap
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
26C0000
|
heap
|
page execute and read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
7FF848E5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B7CE000
|
stack
|
page read and write
|
||
|
12901000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F06000
|
trusted library allocation
|
page execute and read and write
|
||
|
F05000
|
heap
|
page read and write
|
||
|
1E68013D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E13000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B6AE000
|
stack
|
page read and write
|
||
|
1B4D0000
|
heap
|
page execute and read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FB2000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E6EBD55000
|
heap
|
page read and write
|
||
|
7FF848DED000
|
trusted library allocation
|
page execute and read and write
|
||
|
155F000
|
stack
|
page read and write
|
||
|
11AF000
|
stack
|
page read and write
|
||
|
7FF848EC6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BF2C000
|
stack
|
page read and write
|
||
|
1E68019F000
|
trusted library allocation
|
page read and write
|
||
|
1B7DF000
|
stack
|
page read and write
|
||
|
15A0000
|
heap
|
page execute and read and write
|
||
|
B20000
|
trusted library allocation
|
page read and write
|
||
|
CB1000
|
heap
|
page read and write
|
||
|
1C130000
|
heap
|
page read and write
|
||
|
1202000
|
heap
|
page read and write
|
||
|
1108000
|
heap
|
page read and write
|
||
|
EB0000
|
trusted library allocation
|
page read and write
|
||
|
26F0000
|
heap
|
page read and write
|
||
|
2E81000
|
trusted library allocation
|
page read and write
|
||
|
1134000
|
stack
|
page read and write
|
||
|
2F20000
|
heap
|
page execute and read and write
|
||
|
1E6EBFC0000
|
heap
|
page read and write
|
||
|
2E7C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB2000
|
trusted library allocation
|
page read and write
|
||
|
1BA8F000
|
stack
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C12C000
|
stack
|
page read and write
|
||
|
DAD000
|
heap
|
page read and write
|
||
|
1BD2E000
|
stack
|
page read and write
|
||
|
1C1B9000
|
heap
|
page read and write
|
||
|
29F1000
|
trusted library allocation
|
page read and write
|
||
|
1C46A000
|
stack
|
page read and write
|
||
|
11B5000
|
heap
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
498000
|
heap
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
2E60000
|
heap
|
page execute and read and write
|
||
|
1B82E000
|
stack
|
page read and write
|
||
|
CF7000
|
heap
|
page read and write
|
||
|
660000
|
trusted library allocation
|
page read and write
|
||
|
1E6EE231000
|
heap
|
page read and write
|
||
|
7FF848E22000
|
trusted library allocation
|
page read and write
|
||
|
1E6800DA000
|
trusted library allocation
|
page read and write
|
||
|
1E6EBE1B000
|
heap
|
page read and write
|
||
|
22A1E030000
|
heap
|
page read and write
|
||
|
1C8CE000
|
stack
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
12FA1000
|
trusted library allocation
|
page read and write
|
||
|
1215000
|
heap
|
page read and write
|
||
|
C26000
|
heap
|
page read and write
|
||
|
440B3FE000
|
stack
|
page read and write
|
||
|
F35000
|
heap
|
page read and write
|
||
|
1C90F000
|
stack
|
page read and write
|
||
|
7FF848E13000
|
trusted library allocation
|
page execute and read and write
|
||
|
D6F000
|
stack
|
page read and write
|
||
|
7FF848FC4000
|
trusted library allocation
|
page read and write
|
||
|
BAC000
|
heap
|
page read and write
|
||
|
1BC00000
|
heap
|
page read and write
|
||
|
1C206000
|
heap
|
page read and write
|
||
|
1BE2E000
|
stack
|
page read and write
|
||
|
2F1F000
|
trusted library allocation
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
FB5000
|
heap
|
page read and write
|
||
|
1431000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
B78000
|
heap
|
page read and write
|
||
|
1200000
|
trusted library allocation
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
1BB6E000
|
stack
|
page read and write
|
||
|
12FA8000
|
trusted library allocation
|
page read and write
|
||
|
6F0000
|
heap
|
page execute and read and write
|
||
|
2E71000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
unkown
|
page readonly
|
||
|
705000
|
heap
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E44000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BA6E000
|
stack
|
page read and write
|
||
|
1B9400C4000
|
heap
|
page read and write
|
||
|
7FF848E3A000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848EDC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E680090000
|
trusted library allocation
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
7FF848E3C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page execute and read and write
|
||
|
10F4000
|
stack
|
page read and write
|
||
|
12E78000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
1E680117000
|
trusted library allocation
|
page read and write
|
||
|
1E6EE1D3000
|
heap
|
page read and write
|
||
|
7FF848E5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
142F000
|
heap
|
page read and write
|
||
|
1B96E000
|
stack
|
page read and write
|
||
|
22A1DFB0000
|
heap
|
page read and write
|
||
|
1BC20000
|
heap
|
page execute and read and write
|
||
|
1E6EBCD0000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
1E6EE1A0000
|
heap
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page read and write
|
||
|
5F2167E000
|
unkown
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
BD6000
|
heap
|
page read and write
|
||
|
1B2ED000
|
stack
|
page read and write
|
||
|
1665000
|
heap
|
page read and write
|
||
|
1E6EBD10000
|
heap
|
page read and write
|
||
|
1196000
|
heap
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
1AC50000
|
heap
|
page execute and read and write
|
||
|
7FF848E4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
149E000
|
stack
|
page read and write
|
||
|
131F000
|
stack
|
page read and write
|
||
|
7FF848DF4000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E04000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E04000
|
trusted library allocation
|
page read and write
|
||
|
12F18000
|
trusted library allocation
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
7FF848E40000
|
trusted library allocation
|
page read and write
|
||
|
2C70000
|
heap
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC7000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
1240000
|
heap
|
page execute and read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
29FF000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
1B72E000
|
stack
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
C2C000
|
heap
|
page read and write
|
||
|
1E680175000
|
trusted library allocation
|
page read and write
|
||
|
1E6EBBF0000
|
heap
|
page read and write
|
||
|
12EE3000
|
trusted library allocation
|
page read and write
|
||
|
11D2000
|
heap
|
page read and write
|
||
|
7FF848E4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
C38000
|
heap
|
page read and write
|
||
|
440B4FF000
|
stack
|
page read and write
|
||
|
1BC6E000
|
stack
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
1E6EE1D1000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
1760000
|
trusted library allocation
|
page read and write
|
||
|
1800000
|
heap
|
page read and write
|
||
|
1E6EBD50000
|
heap
|
page read and write
|
||
|
1E680001000
|
trusted library allocation
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
2F1C000
|
trusted library allocation
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
C4C000
|
heap
|
page read and write
|
||
|
1E6EBFC5000
|
heap
|
page read and write
|
||
|
7FF848EBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
C62000
|
heap
|
page read and write
|
||
|
DD7000
|
heap
|
page read and write
|
||
|
1B92E000
|
stack
|
page read and write
|
||
|
1B3A0000
|
heap
|
page read and write
|
||
|
1B190000
|
trusted library allocation
|
page read and write
|
||
|
1773000
|
trusted library allocation
|
page read and write
|
||
|
1B46D000
|
stack
|
page read and write
|
||
|
4D6000
|
heap
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
trusted library allocation
|
page read and write
|
||
|
1BAE3000
|
heap
|
page read and write
|
||
|
1E6800D2000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B940050000
|
heap
|
page read and write
|
||
|
1E6ED8D0000
|
heap
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
113C000
|
heap
|
page read and write
|
||
|
7FF848F82000
|
trusted library allocation
|
page read and write
|
||
|
22A1DEB0000
|
heap
|
page read and write
|
||
|
1E680013000
|
trusted library allocation
|
page read and write
|
||
|
440B5FD000
|
stack
|
page read and write
|
||
|
C92000
|
heap
|
page read and write
|
||
|
1BDEF000
|
stack
|
page read and write
|
||
|
2EEC000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
1BBF0000
|
heap
|
page read and write
|
||
|
F1D000
|
heap
|
page read and write
|
||
|
479000
|
heap
|
page read and write
|
||
|
1AE5E000
|
stack
|
page read and write
|
||
|
340C8FF000
|
unkown
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1255000
|
heap
|
page read and write
|
||
|
21DE000
|
stack
|
page read and write
|
||
|
7FF848E04000
|
trusted library allocation
|
page read and write
|
||
|
136E000
|
stack
|
page read and write
|
||
|
D02000
|
unkown
|
page readonly
|
||
|
11BB000
|
heap
|
page read and write
|
||
|
1E6800D6000
|
trusted library allocation
|
page read and write
|
||
|
2EF1000
|
trusted library allocation
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
22A1E039000
|
heap
|
page read and write
|
||
|
109E000
|
stack
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
D00000
|
unkown
|
page readonly
|
||
|
7FF848E7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
290F000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EB6000
|
trusted library allocation
|
page read and write
|
||
|
11C0000
|
trusted library allocation
|
page read and write
|
||
|
13161000
|
trusted library allocation
|
page read and write
|
||
|
D98000
|
heap
|
page read and write
|
||
|
1A76D000
|
stack
|
page read and write
|
||
|
1770000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page execute and read and write
|
||
|
EEF000
|
stack
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
129F1000
|
trusted library allocation
|
page read and write
|
||
|
1B940260000
|
heap
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
D79000
|
heap
|
page read and write
|
||
|
1E6EBDDD000
|
heap
|
page read and write
|
||
|
2A21000
|
trusted library allocation
|
page read and write
|
||
|
D50000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
1E6EBAA0000
|
unkown
|
page readonly
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
1B860000
|
heap
|
page execute and read and write
|
||
|
7FF848E12000
|
trusted library allocation
|
page read and write
|
||
|
129F8000
|
trusted library allocation
|
page read and write
|
||
|
1E6800EF000
|
trusted library allocation
|
page read and write
|
||
|
2C1E000
|
stack
|
page read and write
|
||
|
7FF848DF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
21F1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
28C0000
|
heap
|
page execute and read and write
|
||
|
1B4DF000
|
stack
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
111B000
|
heap
|
page read and write
|
||
|
22A1E03E000
|
heap
|
page read and write
|
||
|
7FF848EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AD5F000
|
stack
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
29FC000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page read and write
|
||
|
850000
|
unkown
|
page readonly
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E6EBDBC000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
7FF848E6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
1610000
|
trusted library allocation
|
page read and write
|
||
|
1ABAE000
|
stack
|
page read and write
|
||
|
7FF848E90000
|
trusted library allocation
|
page read and write
|
||
|
1AE8D000
|
stack
|
page read and write
|
||
|
3161000
|
trusted library allocation
|
page read and write
|
||
|
26B0000
|
heap
|
page execute and read and write
|
||
|
1E6800B5000
|
trusted library allocation
|
page read and write
|
||
|
15F0000
|
heap
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
1256000
|
heap
|
page read and write
|
||
|
495000
|
heap
|
page read and write
|
||
|
7FF848E04000
|
trusted library allocation
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
7FF848DE4000
|
trusted library allocation
|
page read and write
|
||
|
CF4000
|
heap
|
page read and write
|
||
|
106F000
|
stack
|
page read and write
|
||
|
12908000
|
trusted library allocation
|
page read and write
|
||
|
11C9000
|
heap
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
1E6EBD70000
|
trusted library allocation
|
page read and write
|
||
|
1E6EBAA2000
|
unkown
|
page readonly
|
||
|
12F11000
|
trusted library allocation
|
page read and write
|
||
|
1B98E000
|
stack
|
page read and write
|
||
|
11BD000
|
heap
|
page read and write
|
||
|
340C9FF000
|
stack
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
28FF000
|
stack
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
DDE000
|
unkown
|
page readonly
|
||
|
1E6800C7000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
13168000
|
trusted library allocation
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
7FF848E23000
|
trusted library allocation
|
page execute and read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
7FF4031F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C4A000
|
heap
|
page read and write
|
||
|
BC4000
|
stack
|
page read and write
|
||
|
BAA000
|
heap
|
page read and write
|
||
|
DAA000
|
heap
|
page read and write
|
||
|
F0F000
|
heap
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
440B9FE000
|
stack
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
1B2D0000
|
heap
|
page read and write
|
||
|
1BBEE000
|
stack
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
7FF848FD6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
1E6ED880000
|
heap
|
page execute and read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
12A23000
|
trusted library allocation
|
page read and write
|
||
|
1166000
|
heap
|
page read and write
|
||
|
15F0000
|
trusted library allocation
|
page read and write
|
||
|
1E6800FF000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF4000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E13000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A01000
|
trusted library allocation
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
F98000
|
heap
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
1660000
|
heap
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
1E69000D000
|
trusted library allocation
|
page read and write
|
||
|
1CC4A000
|
stack
|
page read and write
|
||
|
440B2FE000
|
stack
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
13FC000
|
heap
|
page read and write
|
||
|
1B4AE000
|
stack
|
page read and write
|
||
|
1B6DE000
|
stack
|
page read and write
|
||
|
F95000
|
heap
|
page read and write
|
||
|
2A1E000
|
stack
|
page read and write
|
||
|
7FF848FA2000
|
trusted library allocation
|
page read and write
|
||
|
1168000
|
heap
|
page read and write
|
||
|
1E6802D0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F92000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
C5F000
|
heap
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
1E6EBDB0000
|
heap
|
page read and write
|
||
|
7FF848E4B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1440000
|
trusted library allocation
|
page read and write
|
||
|
1480000
|
heap
|
page execute and read and write
|
||
|
EFB000
|
heap
|
page read and write
|
||
|
12E73000
|
trusted library allocation
|
page read and write
|
||
|
1B5DE000
|
stack
|
page read and write
|
||
|
129F3000
|
trusted library allocation
|
page read and write
|
||
|
1E690021000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
22A1E2C5000
|
heap
|
page read and write
|
||
|
1455000
|
heap
|
page read and write
|
||
|
15BE000
|
stack
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
B97000
|
heap
|
page read and write
|
||
|
4D8000
|
heap
|
page read and write
|
||
|
11C5000
|
heap
|
page read and write
|
||
|
1E680179000
|
trusted library allocation
|
page read and write
|
||
|
1C94F000
|
stack
|
page read and write
|
||
|
11FC000
|
heap
|
page read and write
|
||
|
1128000
|
heap
|
page read and write
|
||
|
1E690001000
|
trusted library allocation
|
page read and write
|
||
|
1395000
|
heap
|
page read and write
|
||
|
2A2C000
|
trusted library allocation
|
page read and write
|
||
|
440BF3D000
|
stack
|
page read and write
|
||
|
1265000
|
heap
|
page read and write
|
||
|
1C564000
|
stack
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
440BCFE000
|
stack
|
page read and write
|
||
|
1B990000
|
heap
|
page execute and read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
400000
|
heap
|
page read and write
|
||
|
11FE000
|
heap
|
page read and write
|
||
|
1375000
|
heap
|
page read and write
|
||
|
440BDFE000
|
stack
|
page read and write
|
||
|
1AFAD000
|
stack
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
984000
|
stack
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
4AA000
|
heap
|
page read and write
|
||
|
F9D000
|
heap
|
page read and write
|
||
|
1CB4B000
|
stack
|
page read and write
|
||
|
1E68013A000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
1E6EE236000
|
heap
|
page read and write
|
||
|
296E000
|
stack
|
page read and write
|
||
|
1B9400AA000
|
heap
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page read and write
|
||
|
1B940030000
|
heap
|
page read and write
|
||
|
12FA3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
15EF000
|
stack
|
page read and write
|
||
|
1E6EDAD0000
|
heap
|
page execute and read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
1E6EBCF0000
|
heap
|
page read and write
|
||
|
1B4E6000
|
heap
|
page read and write
|
||
|
EE8000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
21EF000
|
trusted library allocation
|
page read and write
|
||
|
1595000
|
heap
|
page read and write
|
||
|
1620000
|
heap
|
page read and write
|
||
|
F6E000
|
stack
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
1B3DE000
|
stack
|
page read and write
|
||
|
F70000
|
trusted library allocation
|
page read and write
|
||
|
1B4A0000
|
heap
|
page read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page execute and read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
B9F000
|
heap
|
page read and write
|
||
|
113A000
|
heap
|
page read and write
|
||
|
ED0000
|
trusted library allocation
|
page read and write
|
||
|
1BBEE000
|
stack
|
page read and write
|
||
|
7FF848E33000
|
trusted library allocation
|
page read and write
|
||
|
C54000
|
heap
|
page read and write
|
||
|
7FF848FA2000
|
trusted library allocation
|
page read and write
|
||
|
1B940270000
|
heap
|
page read and write
|
||
|
21EC000
|
trusted library allocation
|
page read and write
|
||
|
1E68017D000
|
trusted library allocation
|
page read and write
|
||
|
5F216FE000
|
stack
|
page read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
15C0000
|
heap
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
440B8FE000
|
stack
|
page read and write
|
||
|
2901000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
440BBFC000
|
stack
|
page read and write
|
||
|
D35000
|
heap
|
page read and write
|
||
|
1B6ED000
|
stack
|
page read and write
|
||
|
340C54C000
|
stack
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
2F11000
|
trusted library allocation
|
page read and write
|
||
|
1590000
|
heap
|
page read and write
|
||
|
1B3BE000
|
stack
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
1AF7D000
|
stack
|
page read and write
|
||
|
121E1000
|
trusted library allocation
|
page read and write
|
||
|
21E1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB2000
|
trusted library allocation
|
page read and write
|
||
|
1B5AF000
|
stack
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page execute and read and write
|
||
|
F1B000
|
heap
|
page read and write
|
||
|
1C0EB000
|
stack
|
page read and write
|
||
|
145D000
|
heap
|
page read and write
|
||
|
1B93FF50000
|
heap
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
4AC000
|
heap
|
page read and write
|
||
|
440B7FF000
|
stack
|
page read and write
|
||
|
BDB000
|
heap
|
page read and write
|
||
|
22A1DF90000
|
heap
|
page read and write
|
||
|
12EE8000
|
trusted library allocation
|
page read and write
|
||
|
1419000
|
heap
|
page read and write
|
||
|
1C1BB000
|
heap
|
page read and write
|
||
|
440AFE2000
|
stack
|
page read and write
|
||
|
7FF848E6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BAEE000
|
stack
|
page read and write
|
||
|
1E68009A000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page execute and read and write
|
||
|
145B000
|
heap
|
page read and write
|
||
|
13CF000
|
stack
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
1B410000
|
heap
|
page execute and read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
F47000
|
heap
|
page read and write
|
||
|
1740000
|
trusted library allocation
|
page read and write
|
||
|
11A0000
|
trusted library allocation
|
page read and write
|
||
|
DE5000
|
heap
|
page read and write
|
||
|
7FF848E13000
|
trusted library allocation
|
page read and write
|
||
|
440BE3E000
|
stack
|
page read and write
|
||
|
1A4000
|
stack
|
page read and write
|
||
|
1B38D000
|
stack
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
5F213C9000
|
stack
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
27FE000
|
stack
|
page read and write
|
||
|
2EEF000
|
trusted library allocation
|
page read and write
|
||
|
C36000
|
heap
|
page read and write
|
||
|
1BAE0000
|
heap
|
page read and write
|
||
|
7FF848E5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
EF4000
|
stack
|
page read and write
|
||
|
7FF848E3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B2CF000
|
stack
|
page read and write
|
||
|
1B800000
|
heap
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
1C1A7000
|
heap
|
page read and write
|
||
|
12A21000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
There are 619 hidden memdumps, click here to show them.