Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
4KjLUaW30K.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\Microsoft\Temp\EUC7A5.tmp\mnUYCZffXdEgQlZPiczLektp.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Microsoft\Temp\EUC7A5.tmp\mnUYCZffXdEgQlZPiczLektp.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files (x86)\Mozilla Maintenance Service\logs\audiodg.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Mozilla Maintenance Service\logs\audiodg.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files (x86)\Windows Defender\dllhost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Windows Defender\dllhost.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\ProgramData\USOShared\Logs\mnUYCZffXdEgQlZPiczLektp.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\USOShared\Logs\mnUYCZffXdEgQlZPiczLektp.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Recovery\System.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\System.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\Default\OneDrive\mnUYCZffXdEgQlZPiczLektp.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Downloads\ShellExperienceHost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Downloads\ShellExperienceHost.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\4KjLUaW30K.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\28bf72c6-5a6e-449b-a0d6-76cd4ab5c11d.vbs
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\70189604-2a9a-4ba1-809b-491977885217.vbs
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\ae22e728c3f23233571eb704564b4445f7960812.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\ae22e728c3f23233571eb704564b4445f7960812.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files (x86)\Microsoft\Temp\EUC7A5.tmp\f8edc2df584126
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Mozilla Maintenance Service\logs\42af1c969fbb7b
|
ASCII text, with very long lines (551), with no line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Windows Defender\5940a34987c991
|
ASCII text, with very long lines (762), with no line terminators
|
dropped
|
||
|
C:\ProgramData\USOShared\Logs\f8edc2df584126
|
ASCII text, with very long lines (436), with no line terminators
|
dropped
|
||
|
C:\Recovery\27d1bcfc3c54e0
|
ASCII text, with very long lines (571), with no line terminators
|
dropped
|
||
|
C:\Users\Default\OneDrive\f8edc2df584126
|
ASCII text, with very long lines (446), with no line terminators
|
dropped
|
||
|
C:\Users\Default\OneDrive\mnUYCZffXdEgQlZPiczLektp.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Public\Downloads\f8c8f1285d826b
|
ASCII text, with very long lines (744), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\ShellExperienceHost.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\System.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\audiodg.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\dllhost.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\mnUYCZffXdEgQlZPiczLektp.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 22 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\4KjLUaW30K.exe
|
"C:\Users\user\Desktop\4KjLUaW30K.exe"
|
|
|
|
C:\Windows\System32\dllhost.exe
|
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "SystemS" /sc MINUTE /mo 13 /tr "'C:\Recovery\System.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "System" /sc ONLOGON /tr "'C:\Recovery\System.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "SystemS" /sc MINUTE /mo 14 /tr "'C:\Recovery\System.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "audiodga" /sc MINUTE /mo 10 /tr "'C:\Program Files (x86)\mozilla maintenance service\logs\audiodg.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "audiodg" /sc ONLOGON /tr "'C:\Program Files (x86)\mozilla maintenance service\logs\audiodg.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "audiodga" /sc MINUTE /mo 7 /tr "'C:\Program Files (x86)\mozilla maintenance service\logs\audiodg.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mnUYCZffXdEgQlZPiczLektpm" /sc MINUTE /mo 8 /tr "'C:\Users\All Users\USOShared\Logs\mnUYCZffXdEgQlZPiczLektp.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mnUYCZffXdEgQlZPiczLektp" /sc ONLOGON /tr "'C:\Users\All Users\USOShared\Logs\mnUYCZffXdEgQlZPiczLektp.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mnUYCZffXdEgQlZPiczLektpm" /sc MINUTE /mo 7 /tr "'C:\Users\All Users\USOShared\Logs\mnUYCZffXdEgQlZPiczLektp.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "ShellExperienceHostS" /sc MINUTE /mo 5 /tr "'C:\Users\Public\Downloads\ShellExperienceHost.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "ShellExperienceHost" /sc ONLOGON /tr "'C:\Users\Public\Downloads\ShellExperienceHost.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "ShellExperienceHostS" /sc MINUTE /mo 12 /tr "'C:\Users\Public\Downloads\ShellExperienceHost.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dllhostd" /sc MINUTE /mo 12 /tr "'C:\Program Files (x86)\windows defender\dllhost.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dllhost" /sc ONLOGON /tr "'C:\Program Files (x86)\windows defender\dllhost.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dllhostd" /sc MINUTE /mo 13 /tr "'C:\Program Files (x86)\windows defender\dllhost.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mnUYCZffXdEgQlZPiczLektpm" /sc MINUTE /mo 11 /tr "'C:\Program Files (x86)\microsoft\Temp\EUC7A5.tmp\mnUYCZffXdEgQlZPiczLektp.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mnUYCZffXdEgQlZPiczLektp" /sc ONLOGON /tr "'C:\Program Files (x86)\microsoft\Temp\EUC7A5.tmp\mnUYCZffXdEgQlZPiczLektp.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Program Files (x86)\Mozilla Maintenance Service\logs\audiodg.exe
|
"C:\Program Files (x86)\mozilla maintenance service\logs\audiodg.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mnUYCZffXdEgQlZPiczLektpm" /sc MINUTE /mo 7 /tr "'C:\Program Files (x86)\microsoft\Temp\EUC7A5.tmp\mnUYCZffXdEgQlZPiczLektp.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Program Files (x86)\Mozilla Maintenance Service\logs\audiodg.exe
|
"C:\Program Files (x86)\mozilla maintenance service\logs\audiodg.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mnUYCZffXdEgQlZPiczLektpm" /sc MINUTE /mo 12 /tr "'C:\Users\Default\OneDrive\mnUYCZffXdEgQlZPiczLektp.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mnUYCZffXdEgQlZPiczLektp" /sc ONLOGON /tr "'C:\Users\Default\OneDrive\mnUYCZffXdEgQlZPiczLektp.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Program Files (x86)\Windows Defender\dllhost.exe
|
"C:\Program Files (x86)\windows defender\dllhost.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mnUYCZffXdEgQlZPiczLektpm" /sc MINUTE /mo 6 /tr "'C:\Users\Default\OneDrive\mnUYCZffXdEgQlZPiczLektp.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Program Files (x86)\Windows Defender\dllhost.exe
|
"C:\Program Files (x86)\windows defender\dllhost.exe"
|
|
|
|
C:\ProgramData\USOShared\Logs\mnUYCZffXdEgQlZPiczLektp.exe
|
"C:\Users\All Users\USOShared\Logs\mnUYCZffXdEgQlZPiczLektp.exe"
|
|
|
|
C:\Users\Default\OneDrive\mnUYCZffXdEgQlZPiczLektp.exe
|
C:\Users\Default\OneDrive\mnUYCZffXdEgQlZPiczLektp.exe
|
|
|
|
C:\Users\Default\OneDrive\mnUYCZffXdEgQlZPiczLektp.exe
|
C:\Users\Default\OneDrive\mnUYCZffXdEgQlZPiczLektp.exe
|
|
|
|
C:\Users\Public\Downloads\ShellExperienceHost.exe
|
C:\Users\Public\Downloads\ShellExperienceHost.exe
|
|
|
|
C:\Users\Public\Downloads\ShellExperienceHost.exe
|
C:\Users\Public\Downloads\ShellExperienceHost.exe
|
|
|
|
C:\Recovery\System.exe
|
C:\Recovery\System.exe
|
|
|
|
C:\Recovery\System.exe
|
C:\Recovery\System.exe
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Local\Temp\70189604-2a9a-4ba1-809b-491977885217.vbs"
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Local\Temp\28bf72c6-5a6e-449b-a0d6-76cd4ab5c11d.vbs"
|
|
|
|
C:\ProgramData\USOShared\Logs\mnUYCZffXdEgQlZPiczLektp.exe
|
"C:\Users\All Users\USOShared\Logs\mnUYCZffXdEgQlZPiczLektp.exe"
|
|
|
|
C:\Recovery\System.exe
|
"C:\Recovery\System.exe"
|
|
There are 28 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://a1043195.xsph.ru/e561840a.php?cl=MU3vrX2xf8nUihMHACnKj36jO&RpUrFFQZYG69rKpAFv3A0wkZY8y=NTXUg0GMdy3iEJI&060931c2fd73bb7eab1002c5e7ff62ae=c39cf4658ac2210f688ec15b4a8e711c&715f56a8f995d061ee256bc7f2c70953=wM3IjNhhzNxcTO4kjNlZzNkJDOhVmN5kjYjljYxgDOhRWMjVDZ1cDM&cl=MU3vrX2xf8nUihMHACnKj36jO&RpUrFFQZYG69rKpAFv3A0wkZY8y=NTXUg0GMdy3iEJI
|
141.8.192.93
|
|
|
|
http://a1043195.xsph.ru/e561840a.php?5KSwfM1XMNin8a1tisW=mdlGy9qsXR&060931c2fd73bb7eab1002c5e7ff62ae=c39cf4658ac2210f688ec15b4a8e711c&715f56a8f995d061ee256bc7f2c70953=wM3IjNhhzNxcTO4kjNlZzNkJDOhVmN5kjYjljYxgDOhRWMjVDZ1cDM&5KSwfM1XMNin8a1tisW=mdlGy9qsXR
|
141.8.192.93
|
|
|
|
http://a1043195.xsph.ru/e561840a.php?6AlqDLuQGYbBId=gCYL9zkUdBuC08JQaV7uaRdflujR&PwmCbXGZ2=jWpIoTJ3R
|
unknown
|
|
|
|
http://a1043195.xsph.ru/e561840a.php?OA4wYep3at3BJWRE=LjRHrGY1NakWTvTw0sePnjeqs&060931c2fd73bb7eab1002c5e7ff62ae=c39cf4658ac2210f688ec15b4a8e711c&715f56a8f995d061ee256bc7f2c70953=wM3IjNhhzNxcTO4kjNlZzNkJDOhVmN5kjYjljYxgDOhRWMjVDZ1cDM&OA4wYep3at3BJWRE=LjRHrGY1NakWTvTw0sePnjeqs
|
141.8.192.93
|
|
|
|
http://a1043195.xsph.ru/e561840a.php?xVG80hM=hn2&8PfMQbdasrWBeFMD7qf8K3A4XF9O9rr=CHDgx4&gqVdG=FeuUIF0I3yEOlyKbPbB9N8XBqQCi8Sy&060931c2fd73bb7eab1002c5e7ff62ae=c39cf4658ac2210f688ec15b4a8e711c&715f56a8f995d061ee256bc7f2c70953=wM3IjNhhzNxcTO4kjNlZzNkJDOhVmN5kjYjljYxgDOhRWMjVDZ1cDM&xVG80hM=hn2&8PfMQbdasrWBeFMD7qf8K3A4XF9O9rr=CHDgx4&gqVdG=FeuUIF0I3yEOlyKbPbB9N8XBqQCi8Sy
|
141.8.192.93
|
|
|
|
http://a1043195.xsph.ru/e561840a.php?6AlqDLuQGYbBId=gCYL9zkUdBuC08JQaV7uaRdflujR&PwmCbXGZ2=jWpIoTJ3R6IApKsc&060931c2fd73bb7eab1002c5e7ff62ae=c39cf4658ac2210f688ec15b4a8e711c&715f56a8f995d061ee256bc7f2c70953=wM3IjNhhzNxcTO4kjNlZzNkJDOhVmN5kjYjljYxgDOhRWMjVDZ1cDM&6AlqDLuQGYbBId=gCYL9zkUdBuC08JQaV7uaRdflujR&PwmCbXGZ2=jWpIoTJ3R6IApKsc
|
141.8.192.93
|
|
|
|
http://a1043195.xsph.ru/e561840a.php?TuL2hSCP9SfVYBiGie5CRyTCq=bSB9NQ&hPoKZhDXzG8XL4Xlk2=O6efaILX0uNAFOw1v45I61pbrV&fQEqbHZBmDuOCOKMmmG2I=Dlqot1XRCxEepH&060931c2fd73bb7eab1002c5e7ff62ae=c39cf4658ac2210f688ec15b4a8e711c&715f56a8f995d061ee256bc7f2c70953=wM3IjNhhzNxcTO4kjNlZzNkJDOhVmN5kjYjljYxgDOhRWMjVDZ1cDM&TuL2hSCP9SfVYBiGie5CRyTCq=bSB9NQ&hPoKZhDXzG8XL4Xlk2=O6efaILX0uNAFOw1v45I61pbrV&fQEqbHZBmDuOCOKMmmG2I=Dlqot1XRCxEepH
|
141.8.192.93
|
|
|
|
http://a1043195.xsph.ru/e561840a.php?pjrl5w7K39YkW8ohPsI7w0KcXus=bWRfDt01CulxteygFk08RJEfi7EyY&NLECtgr2h=IxeeHUNRCoWx3tnSRw7F&BcxgatrvRyMCOzeojXNtw=u2aRUYaP45b7HUr7rlgfuzJvp&060931c2fd73bb7eab1002c5e7ff62ae=c39cf4658ac2210f688ec15b4a8e711c&715f56a8f995d061ee256bc7f2c70953=wM3IjNhhzNxcTO4kjNlZzNkJDOhVmN5kjYjljYxgDOhRWMjVDZ1cDM&pjrl5w7K39YkW8ohPsI7w0KcXus=bWRfDt01CulxteygFk08RJEfi7EyY&NLECtgr2h=IxeeHUNRCoWx3tnSRw7F&BcxgatrvRyMCOzeojXNtw=u2aRUYaP45b7HUr7rlgfuzJvp
|
141.8.192.93
|
|
|
|
http://a1043195.xsph.ru/
|
unknown
|
|
|
|
http://a1043195.xsph.ru/e561840a.php?I2G4s=IMSEV2S071HqCvJ1J7jvi0Ev&glD0UhPCN5IkMoV0wZ=KC1L8RsJV7M&IhhyROAmT1=y0AR6SN4wavlfoaFjmY4F&060931c2fd73bb7eab1002c5e7ff62ae=c39cf4658ac2210f688ec15b4a8e711c&715f56a8f995d061ee256bc7f2c70953=wM3IjNhhzNxcTO4kjNlZzNkJDOhVmN5kjYjljYxgDOhRWMjVDZ1cDM&I2G4s=IMSEV2S071HqCvJ1J7jvi0Ev&glD0UhPCN5IkMoV0wZ=KC1L8RsJV7M&IhhyROAmT1=y0AR6SN4wavlfoaFjmY4F
|
141.8.192.93
|
|
|
|
http://a1043195.xsph.ru
|
unknown
|
|
|
|
https://cp.sprinthost.ru
|
unknown
|
||
|
https://index.from.sh/pages/game.html
|
unknown
|
||
|
https://cp.sprinthost.ru/auth/login
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://go.mic
|
unknown
|
There are 6 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
a1043195.xsph.ru
|
141.8.192.93
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
141.8.192.93
|
a1043195.xsph.ru
|
Russian Federation
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
System
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
System
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
audiodg
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
mnUYCZffXdEgQlZPiczLektp
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
mnUYCZffXdEgQlZPiczLektp
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ShellExperienceHost
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ShellExperienceHost
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
dllhost
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
|
EnableLUA
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
|
PromptOnSecureDesktop
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
mnUYCZffXdEgQlZPiczLektp
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
mnUYCZffXdEgQlZPiczLektp
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
mnUYCZffXdEgQlZPiczLektp
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Action Center\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0
|
CheckSetting
|
||
|
HKEY_CURRENT_USER\SOFTWARE\59bb06aabf3bdeee648e2d4dc8257cfa0286f412
|
297b825bb1c999985e845391dbefe96115d4d6ff
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\mnUYCZffXdEgQlZPiczLektp_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\mnUYCZffXdEgQlZPiczLektp_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\mnUYCZffXdEgQlZPiczLektp_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\mnUYCZffXdEgQlZPiczLektp_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\mnUYCZffXdEgQlZPiczLektp_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\mnUYCZffXdEgQlZPiczLektp_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\mnUYCZffXdEgQlZPiczLektp_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\mnUYCZffXdEgQlZPiczLektp_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\mnUYCZffXdEgQlZPiczLektp_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\mnUYCZffXdEgQlZPiczLektp_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\mnUYCZffXdEgQlZPiczLektp_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\mnUYCZffXdEgQlZPiczLektp_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\mnUYCZffXdEgQlZPiczLektp_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\mnUYCZffXdEgQlZPiczLektp_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.ApplicationCompany
|
There are 29 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2BAB000
|
trusted library allocation
|
page read and write
|
|
|
|
24C1000
|
trusted library allocation
|
page read and write
|
|
|
|
2EAB000
|
trusted library allocation
|
page read and write
|
|
|
|
2E38000
|
trusted library allocation
|
page read and write
|
|
|
|
3231000
|
trusted library allocation
|
page read and write
|
|
|
|
2E91000
|
trusted library allocation
|
page read and write
|
|
|
|
326D000
|
trusted library allocation
|
page read and write
|
|
|
|
27F1000
|
trusted library allocation
|
page read and write
|
|
|
|
2F91000
|
trusted library allocation
|
page read and write
|
|
|
|
2E31000
|
trusted library allocation
|
page read and write
|
|
|
|
12A2F000
|
trusted library allocation
|
page read and write
|
|
|
|
2A21000
|
trusted library allocation
|
page read and write
|
|
|
|
2FCD000
|
trusted library allocation
|
page read and write
|
|
|
|
2F81000
|
trusted library allocation
|
page read and write
|
|
|
|
2571000
|
trusted library allocation
|
page read and write
|
|
|
|
2F91000
|
trusted library allocation
|
page read and write
|
|
|
|
2B91000
|
trusted library allocation
|
page read and write
|
|
|
|
2E61000
|
trusted library allocation
|
page read and write
|
|
|
|
2C71000
|
trusted library allocation
|
page read and write
|
|
|
|
2781000
|
trusted library allocation
|
page read and write
|
|
|
|
7FF848FE1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
12613000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E90000
|
trusted library allocation
|
page read and write
|
||
|
1BE5E000
|
stack
|
page read and write
|
||
|
8CC000
|
heap
|
page read and write
|
||
|
E9D000
|
heap
|
page read and write
|
||
|
12B94000
|
trusted library allocation
|
page read and write
|
||
|
2A8FF008000
|
heap
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
7FF848F14000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FA3000
|
trusted library allocation
|
page read and write
|
||
|
2F80000
|
heap
|
page execute and read and write
|
||
|
F9A000
|
heap
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
27A0000
|
heap
|
page execute and read and write
|
||
|
1BC4D000
|
stack
|
page read and write
|
||
|
1AFC0000
|
trusted library allocation
|
page read and write
|
||
|
12E61000
|
trusted library allocation
|
page read and write
|
||
|
1BD05000
|
heap
|
page read and write
|
||
|
1B9C0000
|
heap
|
page read and write
|
||
|
DD5000
|
heap
|
page read and write
|
||
|
2FDA000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page read and write
|
||
|
2A8FF050000
|
heap
|
page read and write
|
||
|
12F98000
|
trusted library allocation
|
page read and write
|
||
|
6B7000
|
heap
|
page read and write
|
||
|
7FF848DF3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F37000
|
trusted library allocation
|
page execute and read and write
|
||
|
14DF000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
1B3BD000
|
stack
|
page read and write
|
||
|
7FF848E04000
|
trusted library allocation
|
page read and write
|
||
|
1BC23000
|
stack
|
page read and write
|
||
|
27C8000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F27000
|
trusted library allocation
|
page execute and read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
32EB000
|
trusted library allocation
|
page read and write
|
||
|
1B923000
|
stack
|
page read and write
|
||
|
B73000
|
heap
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
12F91000
|
trusted library allocation
|
page read and write
|
||
|
1232000
|
heap
|
page read and write
|
||
|
1B1BF000
|
stack
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
15E0000
|
trusted library allocation
|
page read and write
|
||
|
10CF000
|
heap
|
page read and write
|
||
|
7FF848DF7000
|
trusted library allocation
|
page read and write
|
||
|
11BD000
|
heap
|
page read and write
|
||
|
7FF848FE3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FDB000
|
trusted library allocation
|
page read and write
|
||
|
2560000
|
heap
|
page execute and read and write
|
||
|
1BA5F000
|
stack
|
page read and write
|
||
|
7FF848E02000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0C000
|
trusted library allocation
|
page read and write
|
||
|
10D7000
|
heap
|
page read and write
|
||
|
D46000
|
stack
|
page read and write
|
||
|
2D23000
|
trusted library allocation
|
page read and write
|
||
|
12F81000
|
trusted library allocation
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F51000
|
trusted library allocation
|
page execute and read and write
|
||
|
FDA000
|
heap
|
page read and write
|
||
|
2A8FF1B0000
|
heap
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
12C78000
|
trusted library allocation
|
page read and write
|
||
|
1BFAE000
|
stack
|
page read and write
|
||
|
7FF848F9E000
|
trusted library allocation
|
page read and write
|
||
|
20E18D10000
|
heap
|
page read and write
|
||
|
1BD92000
|
heap
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
2FD6000
|
trusted library allocation
|
page read and write
|
||
|
AE9000
|
heap
|
page read and write
|
||
|
1BA05000
|
heap
|
page read and write
|
||
|
109A000
|
heap
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
1BD4C000
|
heap
|
page read and write
|
||
|
1B140000
|
heap
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
7FF848FAE000
|
trusted library allocation
|
page read and write
|
||
|
1257F000
|
trusted library allocation
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FBA000
|
trusted library allocation
|
page read and write
|
||
|
D56000
|
stack
|
page read and write
|
||
|
10F0000
|
trusted library allocation
|
page read and write
|
||
|
12783000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E3C000
|
trusted library allocation
|
page execute and read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
674000
|
unkown
|
page readonly
|
||
|
7FF848DF4000
|
trusted library allocation
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
7FF848FBC000
|
trusted library allocation
|
page read and write
|
||
|
1BACF000
|
stack
|
page read and write
|
||
|
1BC50000
|
heap
|
page read and write
|
||
|
7FF848F2F000
|
trusted library allocation
|
page execute and read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
7FF848FA6000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
2637000
|
trusted library allocation
|
page read and write
|
||
|
2EA6000
|
trusted library allocation
|
page read and write
|
||
|
108E000
|
stack
|
page read and write
|
||
|
153F000
|
stack
|
page read and write
|
||
|
1BA2E000
|
stack
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
1B341000
|
stack
|
page read and write
|
||
|
1B82F000
|
stack
|
page read and write
|
||
|
1A5A0000
|
trusted library allocation
|
page read and write
|
||
|
12FA1000
|
trusted library allocation
|
page read and write
|
||
|
12E93000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F90000
|
trusted library allocation
|
page read and write
|
||
|
2A8FF06B000
|
heap
|
page read and write
|
||
|
FA9000
|
heap
|
page read and write
|
||
|
3045000
|
trusted library allocation
|
page read and write
|
||
|
20E18F80000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
127F8000
|
trusted library allocation
|
page read and write
|
||
|
2A8FF00A000
|
heap
|
page read and write
|
||
|
27C4000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FAC000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E33000
|
trusted library allocation
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
106C000
|
heap
|
page read and write
|
||
|
27F0000
|
trusted library allocation
|
page read and write
|
||
|
2A8FF01D000
|
heap
|
page read and write
|
||
|
7FF848E34000
|
trusted library allocation
|
page read and write
|
||
|
6AC000
|
heap
|
page read and write
|
||
|
7FF848E5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
12FE000
|
heap
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
2CE0000
|
heap
|
page execute and read and write
|
||
|
702000
|
heap
|
page read and write
|
||
|
FD5000
|
heap
|
page read and write
|
||
|
2970000
|
trusted library allocation
|
page read and write
|
||
|
1BF63000
|
stack
|
page read and write
|
||
|
12C81000
|
trusted library allocation
|
page read and write
|
||
|
1B8B0000
|
heap
|
page read and write
|
||
|
2A8FF02E000
|
heap
|
page read and write
|
||
|
88E000
|
stack
|
page read and write
|
||
|
20E190A5000
|
heap
|
page read and write
|
||
|
7FF848F3F000
|
trusted library allocation
|
page execute and read and write
|
||
|
EC6000
|
heap
|
page read and write
|
||
|
2A8FF02F000
|
heap
|
page read and write
|
||
|
1BDA3000
|
stack
|
page read and write
|
||
|
7FF848EC6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F21000
|
trusted library allocation
|
page execute and read and write
|
||
|
105B000
|
heap
|
page read and write
|
||
|
1C2DD000
|
stack
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
2F1C000
|
trusted library allocation
|
page read and write
|
||
|
12F83000
|
trusted library allocation
|
page read and write
|
||
|
1BA2B000
|
heap
|
page read and write
|
||
|
FCB000
|
heap
|
page read and write
|
||
|
7FF848FD3000
|
trusted library allocation
|
page read and write
|
||
|
3039000
|
trusted library allocation
|
page read and write
|
||
|
1AFB0000
|
trusted library allocation
|
page read and write
|
||
|
1B85E000
|
stack
|
page read and write
|
||
|
2EE3000
|
trusted library allocation
|
page read and write
|
||
|
2A50000
|
heap
|
page execute and read and write
|
||
|
1ACA0000
|
trusted library allocation
|
page read and write
|
||
|
2A8FF05F000
|
heap
|
page read and write
|
||
|
1BCB9000
|
heap
|
page read and write
|
||
|
7FF848E07000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
2A8FF01B000
|
heap
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
6B2000
|
heap
|
page read and write
|
||
|
E85000
|
heap
|
page read and write
|
||
|
2898000
|
trusted library allocation
|
page read and write
|
||
|
1B550000
|
heap
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
1B9B3000
|
heap
|
page read and write
|
||
|
1C2E4000
|
heap
|
page read and write
|
||
|
7FF848F41000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C47000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A8FF055000
|
heap
|
page read and write
|
||
|
12F93000
|
trusted library allocation
|
page read and write
|
||
|
303C000
|
trusted library allocation
|
page read and write
|
||
|
20E18D00000
|
heap
|
page read and write
|
||
|
2BD4000
|
trusted library allocation
|
page read and write
|
||
|
32E2000
|
trusted library allocation
|
page read and write
|
||
|
1192000
|
heap
|
page read and write
|
||
|
1B5C6000
|
heap
|
page read and write
|
||
|
1495000
|
heap
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E04000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F9E000
|
trusted library allocation
|
page read and write
|
||
|
1B720000
|
heap
|
page execute and read and write
|
||
|
1BBB3000
|
stack
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
2C13000
|
trusted library allocation
|
page read and write
|
||
|
6BA000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
1B45E000
|
stack
|
page read and write
|
||
|
1098000
|
heap
|
page read and write
|
||
|
901000
|
heap
|
page read and write
|
||
|
2BBB000
|
trusted library allocation
|
page read and write
|
||
|
1045000
|
heap
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
1195000
|
heap
|
page read and write
|
||
|
1BE7E000
|
stack
|
page read and write
|
||
|
1B84E000
|
stack
|
page read and write
|
||
|
28A4000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
7FF848F44000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E23000
|
trusted library allocation
|
page read and write
|
||
|
1B9A5000
|
heap
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
12C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F1F000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BF000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
14CA000
|
heap
|
page read and write
|
||
|
12F0E000
|
trusted library allocation
|
page read and write
|
||
|
1179000
|
heap
|
page read and write
|
||
|
1BCF9000
|
heap
|
page read and write
|
||
|
13B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0C000
|
trusted library allocation
|
page read and write
|
||
|
2A8FFAD0000
|
heap
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
2D2B000
|
trusted library allocation
|
page read and write
|
||
|
1C2E0000
|
heap
|
page read and write
|
||
|
1B82E000
|
stack
|
page read and write
|
||
|
1880000
|
heap
|
page read and write
|
||
|
12A2D000
|
trusted library allocation
|
page read and write
|
||
|
1BC52000
|
heap
|
page read and write
|
||
|
7FF848F11000
|
trusted library allocation
|
page execute and read and write
|
||
|
95C000
|
heap
|
page read and write
|
||
|
1289E000
|
trusted library allocation
|
page read and write
|
||
|
32EE000
|
trusted library allocation
|
page read and write
|
||
|
1BC90000
|
heap
|
page read and write
|
||
|
2F0D000
|
trusted library allocation
|
page read and write
|
||
|
C5E000
|
heap
|
page read and write
|
||
|
2EA9000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E1C000
|
trusted library allocation
|
page read and write
|
||
|
A10000
|
trusted library allocation
|
page read and write
|
||
|
281C000
|
trusted library allocation
|
page read and write
|
||
|
12D1E000
|
trusted library allocation
|
page read and write
|
||
|
123F000
|
stack
|
page read and write
|
||
|
7FF848F47000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D26000
|
trusted library allocation
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
7FF848E3C000
|
trusted library allocation
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
1B14E000
|
stack
|
page read and write
|
||
|
12B91000
|
trusted library allocation
|
page read and write
|
||
|
2A8FEFE0000
|
heap
|
page read and write
|
||
|
1BF5E000
|
stack
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA1000
|
trusted library allocation
|
page read and write
|
||
|
32DF000
|
trusted library allocation
|
page read and write
|
||
|
17A0000
|
heap
|
page read and write
|
||
|
1B9A1000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
2D40000
|
heap
|
page execute and read and write
|
||
|
7FF848E13000
|
trusted library allocation
|
page execute and read and write
|
||
|
13B5000
|
heap
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
12E9D000
|
trusted library allocation
|
page read and write
|
||
|
8E0000
|
trusted library allocation
|
page read and write
|
||
|
AFF000
|
heap
|
page read and write
|
||
|
2A8FF6F0000
|
heap
|
page read and write
|
||
|
1B1FE000
|
stack
|
page read and write
|
||
|
1B94E000
|
stack
|
page read and write
|
||
|
2E80000
|
heap
|
page execute and read and write
|
||
|
7FF848EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848ECC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C5000
|
heap
|
page read and write
|
||
|
198F000
|
stack
|
page read and write
|
||
|
2A8FF02E000
|
heap
|
page read and write
|
||
|
7FF84903D000
|
trusted library allocation
|
page read and write
|
||
|
7FF849021000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F4F000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FD1000
|
trusted library allocation
|
page read and write
|
||
|
A90000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
2BA9000
|
trusted library allocation
|
page read and write
|
||
|
510000
|
unkown
|
page readonly
|
||
|
AEE000
|
stack
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
512000
|
unkown
|
page readonly
|
||
|
12F91000
|
trusted library allocation
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
12ED000
|
heap
|
page read and write
|
||
|
1BBA3000
|
stack
|
page read and write
|
||
|
29B0000
|
trusted library section
|
page read and write
|
||
|
14D0000
|
heap
|
page read and write
|
||
|
7FF848F31000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FB3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E23000
|
trusted library allocation
|
page execute and read and write
|
||
|
E92C9FF000
|
stack
|
page read and write
|
||
|
1B55E000
|
stack
|
page read and write
|
||
|
1BD2E000
|
stack
|
page read and write
|
||
|
7FF848E07000
|
trusted library allocation
|
page read and write
|
||
|
12F9D000
|
trusted library allocation
|
page read and write
|
||
|
1310000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
E92C8FD000
|
stack
|
page read and write
|
||
|
3033000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EC6000
|
trusted library allocation
|
page read and write
|
||
|
1BA01000
|
heap
|
page read and write
|
||
|
2D1D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
8C6000
|
heap
|
page read and write
|
||
|
8FC000
|
heap
|
page read and write
|
||
|
1BA2E000
|
stack
|
page read and write
|
||
|
13238000
|
trusted library allocation
|
page read and write
|
||
|
3049000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F1F000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E3C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
2DF6000
|
trusted library allocation
|
page read and write
|
||
|
27BF000
|
trusted library allocation
|
page read and write
|
||
|
12781000
|
trusted library allocation
|
page read and write
|
||
|
267E000
|
stack
|
page read and write
|
||
|
1B4DA000
|
stack
|
page read and write
|
||
|
12EF000
|
stack
|
page read and write
|
||
|
1256E000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A10000
|
heap
|
page execute and read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B3DE000
|
stack
|
page read and write
|
||
|
7FF848E3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1156000
|
heap
|
page read and write
|
||
|
7FF848FDB000
|
trusted library allocation
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
2C9E000
|
trusted library allocation
|
page read and write
|
||
|
12F88000
|
trusted library allocation
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
1AAFD000
|
stack
|
page read and write
|
||
|
AF300FE000
|
stack
|
page read and write
|
||
|
7FF848E0C000
|
trusted library allocation
|
page read and write
|
||
|
12F91000
|
trusted library allocation
|
page read and write
|
||
|
105D000
|
heap
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
3048000
|
trusted library allocation
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
12D2E000
|
trusted library allocation
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
2A8FF050000
|
heap
|
page read and write
|
||
|
7FF848EB6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA6000
|
trusted library allocation
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F9C000
|
trusted library allocation
|
page read and write
|
||
|
1B9E8000
|
heap
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
2D50000
|
heap
|
page read and write
|
||
|
1B75E000
|
stack
|
page read and write
|
||
|
1435000
|
heap
|
page read and write
|
||
|
303F000
|
trusted library allocation
|
page read and write
|
||
|
2B8A000
|
trusted library allocation
|
page read and write
|
||
|
2A8FF038000
|
heap
|
page read and write
|
||
|
12E68000
|
trusted library allocation
|
page read and write
|
||
|
1B44B000
|
stack
|
page read and write
|
||
|
7FF848FC3000
|
trusted library allocation
|
page read and write
|
||
|
AF1000
|
heap
|
page read and write
|
||
|
13E5000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
1C42B000
|
stack
|
page read and write
|
||
|
92B000
|
heap
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F96000
|
trusted library allocation
|
page read and write
|
||
|
2A8FF016000
|
heap
|
page read and write
|
||
|
22C0000
|
heap
|
page execute and read and write
|
||
|
20E190A0000
|
heap
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A8FF030000
|
heap
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
F60000
|
heap
|
page execute and read and write
|
||
|
1B82F000
|
stack
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E2B000
|
trusted library allocation
|
page execute and read and write
|
||
|
29D0000
|
trusted library section
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
10FB000
|
heap
|
page read and write
|
||
|
2ED8000
|
trusted library allocation
|
page read and write
|
||
|
A60000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
1BACE000
|
stack
|
page read and write
|
||
|
596000
|
stack
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
2A8FF038000
|
heap
|
page read and write
|
||
|
7FF848FA3000
|
trusted library allocation
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
FED000
|
heap
|
page read and write
|
||
|
124C3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD3000
|
trusted library allocation
|
page read and write
|
||
|
27E0000
|
heap
|
page read and write
|
||
|
3B0000
|
heap
|
page read and write
|
||
|
CEC000
|
heap
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
1B62F000
|
stack
|
page read and write
|
||
|
7FF848E6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
ACC000
|
heap
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
12801000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
536000
|
stack
|
page read and write
|
||
|
E85000
|
heap
|
page read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page execute and read and write
|
||
|
2509000
|
trusted library allocation
|
page read and write
|
||
|
1B653000
|
stack
|
page read and write
|
||
|
7FF848F8E000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page read and write
|
||
|
105D000
|
heap
|
page read and write
|
||
|
20E18D78000
|
heap
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
1B31E000
|
stack
|
page read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
302A000
|
trusted library allocation
|
page read and write
|
||
|
1072000
|
heap
|
page read and write
|
||
|
2F1E000
|
stack
|
page read and write
|
||
|
124CD000
|
trusted library allocation
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
7FF848E4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
1BCBE000
|
stack
|
page read and write
|
||
|
7FF848E2B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
12E71000
|
trusted library allocation
|
page read and write
|
||
|
12C22000
|
trusted library allocation
|
page read and write
|
||
|
24A0000
|
heap
|
page execute and read and write
|
||
|
7FF848FCE000
|
trusted library allocation
|
page read and write
|
||
|
12788000
|
trusted library allocation
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
1BD6E000
|
stack
|
page read and write
|
||
|
7FF848FCB000
|
trusted library allocation
|
page read and write
|
||
|
1B244000
|
stack
|
page read and write
|
||
|
670000
|
unkown
|
page readonly
|
||
|
7FF84900D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page execute and read and write
|
||
|
B2A000
|
heap
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
AF304FF000
|
stack
|
page read and write
|
||
|
779000
|
heap
|
page read and write
|
||
|
1330000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
F70000
|
trusted library section
|
page read and write
|
||
|
122F000
|
heap
|
page read and write
|
||
|
2A8FF038000
|
heap
|
page read and write
|
||
|
7FF848F8C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB3000
|
trusted library allocation
|
page read and write
|
||
|
106E000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
1055000
|
heap
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
1058000
|
heap
|
page read and write
|
||
|
1BD69000
|
heap
|
page read and write
|
||
|
7FF848FB3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E13000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FCC000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F34000
|
trusted library allocation
|
page execute and read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
12C71000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E12000
|
trusted library allocation
|
page read and write
|
||
|
2780000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BEAE000
|
stack
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BA39000
|
heap
|
page read and write
|
||
|
7FF848FA1000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
10F6000
|
stack
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
1055000
|
heap
|
page read and write
|
||
|
7FF848FCC000
|
trusted library allocation
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F9C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B9A7000
|
heap
|
page read and write
|
||
|
7FF848F37000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BC95000
|
heap
|
page read and write
|
||
|
1BD29000
|
heap
|
page read and write
|
||
|
2EE9000
|
trusted library allocation
|
page read and write
|
||
|
820000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E16000
|
trusted library allocation
|
page read and write
|
||
|
AF2FD8A000
|
stack
|
page read and write
|
||
|
1016000
|
heap
|
page read and write
|
||
|
2570000
|
heap
|
page read and write
|
||
|
2A8FF067000
|
heap
|
page read and write
|
||
|
2A8FF016000
|
heap
|
page read and write
|
||
|
7FF848EC6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FB6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD1000
|
trusted library allocation
|
page read and write
|
||
|
1BA23000
|
heap
|
page read and write
|
||
|
7FF848E04000
|
trusted library allocation
|
page read and write
|
||
|
11F6000
|
heap
|
page read and write
|
||
|
12E31000
|
trusted library allocation
|
page read and write
|
||
|
1B44E000
|
stack
|
page read and write
|
||
|
1BCA2000
|
heap
|
page read and write
|
||
|
1235000
|
heap
|
page read and write
|
||
|
7FF848E13000
|
trusted library allocation
|
page read and write
|
||
|
2F16000
|
trusted library allocation
|
page read and write
|
||
|
1BF5F000
|
stack
|
page read and write
|
||
|
7FF848DE3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BDA1000
|
heap
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
1364000
|
heap
|
page read and write
|
||
|
1280000
|
trusted library allocation
|
page read and write
|
||
|
1C32E000
|
stack
|
page read and write
|
||
|
755000
|
heap
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848DE2000
|
trusted library allocation
|
page read and write
|
||
|
1BB5E000
|
stack
|
page read and write
|
||
|
2A8FF038000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
7FF848FA1000
|
trusted library allocation
|
page read and write
|
||
|
256F000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F91000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B9FB000
|
heap
|
page read and write
|
||
|
28AA000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF4000
|
trusted library allocation
|
page read and write
|
||
|
1038000
|
heap
|
page read and write
|
||
|
AEC000
|
heap
|
page read and write
|
||
|
1B30D000
|
stack
|
page read and write
|
||
|
127F3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E13000
|
trusted library allocation
|
page execute and read and write
|
||
|
17A5000
|
heap
|
page read and write
|
||
|
855000
|
heap
|
page read and write
|
||
|
7FF848FD1000
|
trusted library allocation
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
1B9DE000
|
heap
|
page read and write
|
||
|
12E3D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
1C05E000
|
stack
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1303E000
|
trusted library allocation
|
page read and write
|
||
|
24BE000
|
stack
|
page read and write
|
||
|
F50000
|
trusted library section
|
page read and write
|
||
|
1AFDE000
|
stack
|
page read and write
|
||
|
150B000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
1670000
|
heap
|
page read and write
|
||
|
12C73000
|
trusted library allocation
|
page read and write
|
||
|
124C1000
|
trusted library allocation
|
page read and write
|
||
|
14E1000
|
heap
|
page read and write
|
||
|
1028000
|
heap
|
page read and write
|
||
|
2D1A000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E44000
|
trusted library allocation
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
2A8FF007000
|
heap
|
page read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
14CE000
|
stack
|
page read and write
|
||
|
E92C3DA000
|
stack
|
page read and write
|
||
|
2A8FF06C000
|
heap
|
page read and write
|
||
|
2EE6000
|
trusted library allocation
|
page read and write
|
||
|
29C0000
|
trusted library allocation
|
page read and write
|
||
|
2BD2000
|
trusted library allocation
|
page read and write
|
||
|
12B98000
|
trusted library allocation
|
page read and write
|
||
|
1B4E0000
|
heap
|
page read and write
|
||
|
7FF848FD7000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
2D79000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FF8000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page execute and read and write
|
||
|
12E63000
|
trusted library allocation
|
page read and write
|
||
|
2A8FF02B000
|
heap
|
page read and write
|
||
|
1450000
|
trusted library allocation
|
page read and write
|
||
|
1372E000
|
trusted library allocation
|
page read and write
|
||
|
1B55E000
|
stack
|
page read and write
|
||
|
C64000
|
heap
|
page read and write
|
||
|
7FF848E4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
6FD000
|
heap
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1640000
|
heap
|
page execute and read and write
|
||
|
32D9000
|
trusted library allocation
|
page read and write
|
||
|
1BC23000
|
stack
|
page read and write
|
||
|
7FF848FBC000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F24000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B82E000
|
stack
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
6CE000
|
heap
|
page read and write
|
||
|
1BBA0000
|
heap
|
page execute and read and write
|
||
|
1BC2E000
|
stack
|
page read and write
|
||
|
F85000
|
heap
|
page read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
919000
|
heap
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
1B260000
|
trusted library allocation
|
page read and write
|
||
|
127F1000
|
trusted library allocation
|
page read and write
|
||
|
7FF849011000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
1327000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
1B8F0000
|
heap
|
page execute and read and write
|
||
|
1B24E000
|
stack
|
page read and write
|
||
|
1BEAE000
|
stack
|
page read and write
|
||
|
15DE000
|
stack
|
page read and write
|
||
|
2990000
|
trusted library section
|
page read and write
|
||
|
7FF848DF7000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FAA000
|
trusted library allocation
|
page read and write
|
||
|
E68000
|
heap
|
page read and write
|
||
|
1B753000
|
stack
|
page read and write
|
||
|
1B92E000
|
stack
|
page read and write
|
||
|
2EDB000
|
trusted library allocation
|
page read and write
|
||
|
B8F000
|
stack
|
page read and write
|
||
|
FAB000
|
heap
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
1085000
|
heap
|
page read and write
|
||
|
1B9AE000
|
stack
|
page read and write
|
||
|
E92CCFE000
|
stack
|
page read and write
|
||
|
7FF848F9B000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FFD000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FBB000
|
trusted library allocation
|
page read and write
|
||
|
1BAAE000
|
stack
|
page read and write
|
||
|
11CF000
|
stack
|
page read and write
|
||
|
E80000
|
trusted library allocation
|
page read and write
|
||
|
8B5000
|
heap
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
7FF848E17000
|
trusted library allocation
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
1B95E000
|
stack
|
page read and write
|
||
|
2D2F000
|
trusted library allocation
|
page read and write
|
||
|
1C060000
|
heap
|
page read and write
|
||
|
7FF848FAE000
|
trusted library allocation
|
page read and write
|
||
|
FDD000
|
heap
|
page read and write
|
||
|
1BBFE000
|
stack
|
page read and write
|
||
|
95A000
|
heap
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
1BDBE000
|
stack
|
page read and write
|
||
|
7FF848E37000
|
trusted library allocation
|
page read and write
|
||
|
1490000
|
heap
|
page execute and read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FB6000
|
trusted library allocation
|
page read and write
|
||
|
2FC9000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EB6000
|
trusted library allocation
|
page read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1780000
|
trusted library allocation
|
page read and write
|
||
|
1AF3F000
|
stack
|
page read and write
|
||
|
1BA44000
|
heap
|
page read and write
|
||
|
2A8FF001000
|
heap
|
page read and write
|
||
|
124C8000
|
trusted library allocation
|
page read and write
|
||
|
130CA000
|
trusted library allocation
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
1BCED000
|
heap
|
page read and write
|
||
|
20E18DA6000
|
heap
|
page read and write
|
||
|
2771000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EB6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E23000
|
trusted library allocation
|
page read and write
|
||
|
125B000
|
heap
|
page read and write
|
||
|
10C5000
|
heap
|
page read and write
|
||
|
1885000
|
heap
|
page read and write
|
||
|
2A8FF009000
|
heap
|
page read and write
|
||
|
7FF848F8C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E17000
|
trusted library allocation
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
256C000
|
trusted library allocation
|
page read and write
|
||
|
13231000
|
trusted library allocation
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
7FF848F41000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E13000
|
trusted library allocation
|
page read and write
|
||
|
E7B000
|
heap
|
page read and write
|
||
|
12C3E000
|
trusted library allocation
|
page read and write
|
||
|
1B210000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
1C16A000
|
stack
|
page read and write
|
||
|
12C9000
|
heap
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
289E000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F2F000
|
trusted library allocation
|
page execute and read and write
|
||
|
12A27000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
2581000
|
trusted library allocation
|
page read and write
|
||
|
2D20000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E1C000
|
trusted library allocation
|
page read and write
|
||
|
12FA1000
|
trusted library allocation
|
page read and write
|
||
|
F75000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
11FC000
|
heap
|
page read and write
|
||
|
7FF848F17000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E7E000
|
stack
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
1B995000
|
heap
|
page read and write
|
||
|
1BC77000
|
heap
|
page read and write
|
||
|
14AC000
|
heap
|
page read and write
|
||
|
1BB50000
|
heap
|
page execute and read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
2C5E000
|
stack
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
AF301FF000
|
stack
|
page read and write
|
||
|
7FF848E07000
|
trusted library allocation
|
page read and write
|
||
|
BEE000
|
stack
|
page read and write
|
||
|
2A8FF054000
|
heap
|
page read and write
|
||
|
7FF848E4B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F24000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848EDC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F8A000
|
trusted library allocation
|
page read and write
|
||
|
1B9BF000
|
stack
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BC30000
|
heap
|
page execute and read and write
|
||
|
AF305FF000
|
stack
|
page read and write
|
||
|
12F98000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FE3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
2819000
|
trusted library allocation
|
page read and write
|
||
|
C5C000
|
heap
|
page read and write
|
||
|
12E98000
|
trusted library allocation
|
page read and write
|
||
|
B01000
|
heap
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
2A8FF016000
|
heap
|
page read and write
|
||
|
12FF000
|
stack
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
1B7A0000
|
heap
|
page execute and read and write
|
||
|
12B9D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EA6000
|
trusted library allocation
|
page read and write
|
||
|
1BDAE000
|
stack
|
page read and write
|
||
|
7FF848EA6000
|
trusted library allocation
|
page read and write
|
||
|
BEF000
|
stack
|
page read and write
|
||
|
7FF848E3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
12A5000
|
heap
|
page read and write
|
||
|
FAD000
|
heap
|
page read and write
|
||
|
2F0A000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
FD8000
|
heap
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F17000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E9C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A8FF1E0000
|
heap
|
page read and write
|
||
|
1B04F000
|
stack
|
page read and write
|
||
|
F78000
|
heap
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
12F93000
|
trusted library allocation
|
page read and write
|
||
|
10F3000
|
heap
|
page read and write
|
||
|
2A8FF05D000
|
heap
|
page read and write
|
||
|
699000
|
heap
|
page read and write
|
||
|
13BF000
|
stack
|
page read and write
|
||
|
1B9C4000
|
heap
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
1C05E000
|
stack
|
page read and write
|
||
|
BA0000
|
heap
|
page execute and read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F27000
|
trusted library allocation
|
page execute and read and write
|
||
|
DA6000
|
stack
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
8A0000
|
trusted library allocation
|
page read and write
|
||
|
11A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E22000
|
trusted library allocation
|
page read and write
|
||
|
11C0000
|
trusted library allocation
|
page read and write
|
||
|
1278D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
B2E000
|
heap
|
page read and write
|
||
|
7FF848E2C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F06000
|
trusted library allocation
|
page execute and read and write
|
||
|
127FD000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EC6000
|
trusted library allocation
|
page read and write
|
||
|
2CB0000
|
heap
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
1BDB7000
|
heap
|
page read and write
|
||
|
7FF848E13000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
840000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F1F000
|
trusted library allocation
|
page execute and read and write
|
||
|
D16000
|
stack
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
1B74E000
|
stack
|
page read and write
|
||
|
2A8FF062000
|
heap
|
page read and write
|
||
|
1BE2E000
|
stack
|
page read and write
|
||
|
91C000
|
heap
|
page read and write
|
||
|
1BB2E000
|
stack
|
page read and write
|
||
|
1B95E000
|
stack
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E5E000
|
stack
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848ECC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A8FF016000
|
heap
|
page read and write
|
||
|
7FF848E27000
|
trusted library allocation
|
page read and write
|
||
|
296E000
|
stack
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
13EF000
|
stack
|
page read and write
|
||
|
1B50D000
|
stack
|
page read and write
|
||
|
7FF848E27000
|
trusted library allocation
|
page read and write
|
||
|
1B51C000
|
stack
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
2EDE000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E17000
|
trusted library allocation
|
page read and write
|
||
|
1C1CE000
|
stack
|
page read and write
|
||
|
12B93000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page read and write
|
||
|
1BC60000
|
heap
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A8FF02E000
|
heap
|
page read and write
|
||
|
1B520000
|
heap
|
page execute and read and write
|
||
|
7FF848FD6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
745000
|
heap
|
page read and write
|
||
|
1BE53000
|
stack
|
page read and write
|
||
|
1015000
|
heap
|
page read and write
|
||
|
7FF848F54000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F83000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F31000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BF7B000
|
stack
|
page read and write
|
||
|
756000
|
stack
|
page read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page execute and read and write
|
||
|
C15000
|
heap
|
page read and write
|
||
|
1B95E000
|
stack
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
7FF848EAC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B997000
|
heap
|
page read and write
|
||
|
1BB24000
|
stack
|
page read and write
|
||
|
1B855000
|
stack
|
page read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E37000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B63E000
|
stack
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BD7F000
|
heap
|
page read and write
|
||
|
FD6000
|
heap
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
7FF848E2C000
|
trusted library allocation
|
page read and write
|
||
|
27C2000
|
trusted library allocation
|
page read and write
|
||
|
EC8000
|
heap
|
page read and write
|
||
|
1BC5F000
|
stack
|
page read and write
|
||
|
7FF848E07000
|
trusted library allocation
|
page read and write
|
||
|
2DCD000
|
trusted library allocation
|
page read and write
|
||
|
1470000
|
trusted library allocation
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E96000
|
trusted library allocation
|
page read and write
|
||
|
12EDE000
|
trusted library allocation
|
page read and write
|
||
|
12E33000
|
trusted library allocation
|
page read and write
|
||
|
7FF84906B000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC6000
|
trusted library allocation
|
page read and write
|
||
|
14BF000
|
stack
|
page read and write
|
||
|
3030000
|
trusted library allocation
|
page read and write
|
||
|
F80000
|
trusted library allocation
|
page read and write
|
||
|
1B9A9000
|
heap
|
page read and write
|
||
|
1675000
|
heap
|
page read and write
|
||
|
1A4F0000
|
trusted library allocation
|
page read and write
|
||
|
A30000
|
heap
|
page execute and read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
1329000
|
heap
|
page read and write
|
||
|
1323D000
|
trusted library allocation
|
page read and write
|
||
|
275B000
|
trusted library allocation
|
page read and write
|
||
|
2A8FF03A000
|
heap
|
page read and write
|
||
|
2D25000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A8FF001000
|
heap
|
page read and write
|
||
|
7FF848E5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1052000
|
heap
|
page read and write
|
||
|
1257D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
12EA1000
|
trusted library allocation
|
page read and write
|
||
|
2D28000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC1000
|
trusted library allocation
|
page read and write
|
||
|
7FF849001000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
1B581000
|
heap
|
page read and write
|
||
|
20E18D30000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
12F5000
|
heap
|
page read and write
|
||
|
2F13000
|
trusted library allocation
|
page read and write
|
||
|
28A7000
|
trusted library allocation
|
page read and write
|
||
|
13241000
|
trusted library allocation
|
page read and write
|
||
|
AF306FF000
|
stack
|
page read and write
|
||
|
1B11D000
|
stack
|
page read and write
|
||
|
1BB24000
|
stack
|
page read and write
|
||
|
1BD13000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
2F11000
|
trusted library allocation
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
1282E000
|
trusted library allocation
|
page read and write
|
||
|
1B350000
|
heap
|
page execute and read and write
|
||
|
968000
|
heap
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC6000
|
trusted library allocation
|
page read and write
|
||
|
1BCAB000
|
stack
|
page read and write
|
||
|
7FF848FAC000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC3000
|
trusted library allocation
|
page read and write
|
||
|
1BC5F000
|
stack
|
page read and write
|
||
|
32E8000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F9E000
|
trusted library allocation
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
7FF848F07000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
1AEC0000
|
trusted library allocation
|
page read and write
|
||
|
1AED0000
|
heap
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
1BE2E000
|
stack
|
page read and write
|
||
|
2F10000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DFC000
|
trusted library allocation
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
2A8FEFE8000
|
heap
|
page read and write
|
||
|
E9B000
|
heap
|
page read and write
|
||
|
12E41000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
7FF848E40000
|
trusted library allocation
|
page read and write
|
||
|
1AFC0000
|
trusted library allocation
|
page read and write
|
||
|
E95000
|
heap
|
page read and write
|
||
|
254F000
|
stack
|
page read and write
|
||
|
1219000
|
heap
|
page read and write
|
||
|
2A8FF038000
|
heap
|
page read and write
|
||
|
1302E000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
2A8FEFD0000
|
heap
|
page read and write
|
||
|
FB9000
|
heap
|
page read and write
|
||
|
127F000
|
stack
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
2A8FF067000
|
heap
|
page read and write
|
||
|
7FF84907B000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B3ED000
|
stack
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
EEA000
|
heap
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
1C0AE000
|
stack
|
page read and write
|
||
|
2A8FF066000
|
heap
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
1159000
|
heap
|
page read and write
|
||
|
1B9AD000
|
heap
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
7FF848FA6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B450000
|
heap
|
page read and write
|
||
|
124D1000
|
trusted library allocation
|
page read and write
|
||
|
A40000
|
trusted library allocation
|
page read and write
|
||
|
12B5000
|
heap
|
page read and write
|
||
|
1B0DE000
|
stack
|
page read and write
|
||
|
7FF848FF1000
|
trusted library allocation
|
page read and write
|
||
|
1A7B0000
|
trusted library allocation
|
page read and write
|
||
|
2550000
|
heap
|
page read and write
|
||
|
932000
|
heap
|
page read and write
|
||
|
7FF848EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B1D3000
|
stack
|
page read and write
|
||
|
7FF848F17000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FA3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F3F000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AD0D000
|
stack
|
page read and write
|
||
|
905000
|
heap
|
page read and write
|
||
|
2A8FF071000
|
heap
|
page read and write
|
||
|
1BD2E000
|
stack
|
page read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FB1000
|
trusted library allocation
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
8FF000
|
heap
|
page read and write
|
||
|
10E1000
|
heap
|
page read and write
|
||
|
277F000
|
stack
|
page read and write
|
||
|
12E91000
|
trusted library allocation
|
page read and write
|
||
|
126BA000
|
trusted library allocation
|
page read and write
|
||
|
1BD3C000
|
heap
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
1AA4D000
|
stack
|
page read and write
|
||
|
7B6000
|
stack
|
page read and write
|
||
|
7FF848E3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BA54000
|
heap
|
page read and write
|
||
|
2B5F000
|
stack
|
page read and write
|
||
|
B64000
|
heap
|
page read and write
|
||
|
2A8FF050000
|
heap
|
page read and write
|
||
|
C15000
|
heap
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
7FF848E1C000
|
trusted library allocation
|
page read and write
|
||
|
2E2E000
|
stack
|
page read and write
|
||
|
137F000
|
heap
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E33000
|
trusted library allocation
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DED000
|
trusted library allocation
|
page execute and read and write
|
||
|
1140000
|
trusted library allocation
|
page read and write
|
||
|
E0E000
|
stack
|
page read and write
|
||
|
105B000
|
heap
|
page read and write
|
||
|
28A1000
|
trusted library allocation
|
page read and write
|
||
|
1AFAD000
|
stack
|
page read and write
|
||
|
510000
|
unkown
|
page readonly
|
||
|
105F000
|
stack
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
1018000
|
heap
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
1AF40000
|
heap
|
page execute and read and write
|
||
|
2506000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC7000
|
trusted library allocation
|
page read and write
|
||
|
3036000
|
trusted library allocation
|
page read and write
|
||
|
12973000
|
trusted library allocation
|
page read and write
|
||
|
2C4F000
|
stack
|
page read and write
|
||
|
1BD8E000
|
heap
|
page read and write
|
||
|
7FF848FBE000
|
trusted library allocation
|
page read and write
|
||
|
A0F000
|
stack
|
page read and write
|
||
|
12E6D000
|
trusted library allocation
|
page read and write
|
||
|
1B9C0000
|
heap
|
page read and write
|
||
|
F0F000
|
heap
|
page read and write
|
||
|
13233000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DE3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F9C000
|
trusted library allocation
|
page read and write
|
||
|
136F000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
7FF848E04000
|
trusted library allocation
|
page read and write
|
||
|
7FF84904D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F06000
|
trusted library allocation
|
page execute and read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page read and write
|
||
|
2A8FF064000
|
heap
|
page read and write
|
||
|
12E38000
|
trusted library allocation
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
7FF848FAC000
|
trusted library allocation
|
page read and write
|
||
|
29C0000
|
trusted library section
|
page read and write
|
||
|
278D000
|
trusted library allocation
|
page read and write
|
||
|
1B720000
|
heap
|
page execute and read and write
|
||
|
1315000
|
heap
|
page read and write
|
||
|
DE6000
|
stack
|
page read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page read and write
|
||
|
2A8FF1F0000
|
heap
|
page read and write
|
||
|
1AA50000
|
trusted library allocation
|
page read and write
|
||
|
12C7D000
|
trusted library allocation
|
page read and write
|
||
|
BF6000
|
heap
|
page read and write
|
||
|
7FF848E06000
|
trusted library allocation
|
page read and write
|
||
|
1BA4B000
|
heap
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
1AE8F000
|
stack
|
page read and write
|
||
|
1B72E000
|
stack
|
page read and write
|
||
|
12571000
|
trusted library allocation
|
page read and write
|
||
|
24BE000
|
stack
|
page read and write
|
||
|
1B99F000
|
heap
|
page read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
7FF848DF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A8FF02C000
|
heap
|
page read and write
|
||
|
7FF848F80000
|
trusted library allocation
|
page read and write
|
||
|
23B0000
|
heap
|
page read and write
|
||
|
7FF848F24000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848DF2000
|
trusted library allocation
|
page read and write
|
||
|
1B7BC000
|
stack
|
page read and write
|
||
|
AC6000
|
heap
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
1B8AE000
|
stack
|
page read and write
|
||
|
275D000
|
trusted library allocation
|
page read and write
|
||
|
118D000
|
heap
|
page read and write
|
||
|
13C5000
|
heap
|
page read and write
|
||
|
AF307FF000
|
stack
|
page read and write
|
||
|
1BABE000
|
stack
|
page read and write
|
||
|
C32000
|
heap
|
page read and write
|
||
|
12F9D000
|
trusted library allocation
|
page read and write
|
||
|
27B4000
|
trusted library allocation
|
page read and write
|
||
|
12F3E000
|
trusted library allocation
|
page read and write
|
||
|
1B34E000
|
stack
|
page read and write
|
||
|
32E5000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ED4000
|
trusted library allocation
|
page read and write
|
||
|
1B2DE000
|
stack
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F21000
|
trusted library allocation
|
page execute and read and write
|
||
|
302D000
|
trusted library allocation
|
page read and write
|
||
|
2A8FF055000
|
heap
|
page read and write
|
||
|
2A8FF030000
|
heap
|
page read and write
|
||
|
176F000
|
stack
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
1176000
|
stack
|
page read and write
|
||
|
7FF848FD3000
|
trusted library allocation
|
page read and write
|
||
|
2A8FF03B000
|
heap
|
page read and write
|
||
|
7FF848E6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
11C1000
|
heap
|
page read and write
|
||
|
1BEBE000
|
stack
|
page read and write
|
||
|
7FF848F0F000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
1303E000
|
trusted library allocation
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FE8000
|
trusted library allocation
|
page read and write
|
||
|
2970000
|
trusted library section
|
page read and write
|
||
|
1261E000
|
trusted library allocation
|
page read and write
|
||
|
2A8FEFFC000
|
heap
|
page read and write
|
||
|
2AC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EA6000
|
trusted library allocation
|
page read and write
|
||
|
2A8FF030000
|
heap
|
page read and write
|
||
|
2EED000
|
trusted library allocation
|
page read and write
|
||
|
D8F000
|
stack
|
page read and write
|
||
|
2A8FF071000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E34000
|
trusted library allocation
|
page read and write
|
||
|
E60000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DFC000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E23000
|
trusted library allocation
|
page read and write
|
||
|
1B65E000
|
stack
|
page read and write
|
||
|
7FF848FB3000
|
trusted library allocation
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EC6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
1BD54000
|
heap
|
page read and write
|
||
|
274D000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
7FF848F21000
|
trusted library allocation
|
page execute and read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
7FF848E0C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FAB000
|
trusted library allocation
|
page read and write
|
||
|
C1B000
|
heap
|
page read and write
|
||
|
20E190AB000
|
heap
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
1C22D000
|
stack
|
page read and write
|
||
|
7FF848EA6000
|
trusted library allocation
|
page read and write
|
||
|
2F1F000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
6F6000
|
stack
|
page read and write
|
||
|
774000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
1B543000
|
stack
|
page read and write
|
||
|
2E90000
|
heap
|
page execute and read and write
|
||
|
1B54E000
|
stack
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
A95000
|
heap
|
page read and write
|
||
|
12A21000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC1000
|
trusted library allocation
|
page read and write
|
||
|
1A820000
|
trusted library allocation
|
page read and write
|
||
|
2707000
|
trusted library allocation
|
page read and write
|
||
|
2BA0000
|
trusted library allocation
|
page read and write
|
||
|
1B3EF000
|
stack
|
page read and write
|
||
|
104D000
|
heap
|
page read and write
|
||
|
7FF848E96000
|
trusted library allocation
|
page read and write
|
||
|
1AD7D000
|
stack
|
page read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page read and write
|
||
|
2A8FF055000
|
heap
|
page read and write
|
||
|
E92CBFF000
|
stack
|
page read and write
|
||
|
2A8FF058000
|
heap
|
page read and write
|
||
|
12D1E000
|
trusted library allocation
|
page read and write
|
||
|
1C064000
|
stack
|
page read and write
|
||
|
1B92F000
|
stack
|
page read and write
|
||
|
7FF848E3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E23000
|
trusted library allocation
|
page execute and read and write
|
||
|
132DE000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
14A6000
|
heap
|
page read and write
|
||
|
2990000
|
trusted library allocation
|
page read and write
|
||
|
1B64E000
|
stack
|
page read and write
|
||
|
1BD84000
|
heap
|
page read and write
|
||
|
7FF45C9D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
289B000
|
trusted library allocation
|
page read and write
|
||
|
2C0B000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E2C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F9C000
|
trusted library allocation
|
page read and write
|
||
|
961000
|
heap
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
1BD6B000
|
heap
|
page read and write
|
||
|
AF303FF000
|
stack
|
page read and write
|
||
|
7FF848E4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BD7D000
|
stack
|
page read and write
|
||
|
1BD54000
|
stack
|
page read and write
|
||
|
7FF848E1B000
|
trusted library allocation
|
page execute and read and write
|
||
|
12791000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
trusted library allocation
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
2A8FF061000
|
heap
|
page read and write
|
||
|
1AE90000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page execute and read and write
|
||
|
108B000
|
heap
|
page read and write
|
||
|
134F000
|
stack
|
page read and write
|
||
|
7FF848DE4000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
20E18D70000
|
heap
|
page read and write
|
||
|
1BA13000
|
heap
|
page read and write
|
||
|
1B93D000
|
stack
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
1204000
|
heap
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
14BE000
|
stack
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
7FF848F90000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E34000
|
trusted library allocation
|
page read and write
|
||
|
272E000
|
stack
|
page read and write
|
||
|
2652000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BA2E000
|
stack
|
page read and write
|
||
|
2CEA000
|
trusted library allocation
|
page read and write
|
||
|
1B51D000
|
stack
|
page read and write
|
||
|
1087000
|
heap
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B40000
|
heap
|
page execute and read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
322F000
|
stack
|
page read and write
|
||
|
12FB000
|
heap
|
page read and write
|
||
|
1BD53000
|
stack
|
page read and write
|
||
|
1B860000
|
heap
|
page execute and read and write
|
||
|
7FF848FBE000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
1BCAE000
|
stack
|
page read and write
|
||
|
7FF848E27000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC3000
|
trusted library allocation
|
page read and write
|
||
|
1800000
|
heap
|
page read and write
|
||
|
7FF848E7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848DF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848DED000
|
trusted library allocation
|
page execute and read and write
|
||
|
1380000
|
trusted library allocation
|
page read and write
|
||
|
1B73E000
|
unkown
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E44000
|
trusted library allocation
|
page read and write
|
||
|
1AE60000
|
trusted library allocation
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
1BCD2000
|
heap
|
page read and write
|
||
|
1B950000
|
heap
|
page read and write
|
||
|
28AD000
|
trusted library allocation
|
page read and write
|
||
|
12F8D000
|
trusted library allocation
|
page read and write
|
||
|
1C26E000
|
stack
|
page read and write
|
||
|
2E8E000
|
stack
|
page read and write
|
||
|
278F000
|
trusted library allocation
|
page read and write
|
||
|
1B960000
|
heap
|
page read and write
|
||
|
2837000
|
trusted library allocation
|
page read and write
|
||
|
15BE000
|
stack
|
page read and write
|
||
|
7FF848FD1000
|
trusted library allocation
|
page read and write
|
||
|
2EE1000
|
trusted library allocation
|
page read and write
|
||
|
12BA1000
|
trusted library allocation
|
page read and write
|
||
|
FEB000
|
heap
|
page read and write
|
||
|
7FF848FBC000
|
trusted library allocation
|
page read and write
|
||
|
12A28000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E3C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
14D5000
|
heap
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
2A8FF1E5000
|
heap
|
page read and write
|
||
|
1BE6E000
|
stack
|
page read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
32DC000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
292E000
|
stack
|
page read and write
|
||
|
7FF848DE0000
|
trusted library allocation
|
page read and write
|
There are 1290 hidden memdumps, click here to show them.