Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
c62q1qZ8kX.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\Java\jre-1.8\lib\applet\WmiPrvSE.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Microsoft OneDrive\setup\logs\Idle.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\7-Zip\Lang\TextInputHost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fontdrvhost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Windows Defender\en-US\mmeUVmNHPOdst.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Windows NT\Accessories\en-GB\conhost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\mmeUVmNHPOdst.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\AppData\Local\Microsoft\Windows\History\mmeUVmNHPOdst.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\mmeUVmNHPOdst.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Pictures\mmeUVmNHPOdst.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\nfAOklRSeu.bat
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\blockrefSessionBrokerDll\5sVJrvWE.vbe
|
data
|
dropped
|
|
|
|
C:\blockrefSessionBrokerDll\chainMonitor.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Java\jre-1.8\lib\applet\24dbde2999530e
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Microsoft OneDrive\setup\logs\6ccacd8608530f
|
data
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\22eafd247d37c3
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\5b884080fd4f94
|
ASCII text, with very long lines (565), with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows Defender\en-US\1824f7f43360d2
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows NT\Accessories\en-GB\088424020bedd6
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Recovery\1824f7f43360d2
|
ASCII text, with very long lines (952), with no line terminators
|
dropped
|
||
|
C:\Users\Default\1824f7f43360d2
|
ASCII text, with very long lines (914), with no line terminators
|
dropped
|
||
|
C:\Users\Default\AppData\Local\Microsoft\Windows\History\1824f7f43360d2
|
ASCII text, with very long lines (566), with no line terminators
|
dropped
|
||
|
C:\Users\Public\Pictures\1824f7f43360d2
|
ASCII text, with very long lines (818), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\chainMonitor.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\fontdrvhost.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\mmeUVmNHPOdst.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\QiyHNrWFuo
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\blockrefSessionBrokerDll\jNiINMcACfpGfudqTH4IxZpVWTbF.bat
|
ASCII text, with no line terminators
|
dropped
|
There are 19 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\c62q1qZ8kX.exe
|
"C:\Users\user\Desktop\c62q1qZ8kX.exe"
|
|
|
|
C:\Windows\SysWOW64\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\blockrefSessionBrokerDll\5sVJrvWE.vbe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\blockrefSessionBrokerDll\chainMonitor.exe
|
"C:\blockrefSessionBrokerDll\chainMonitor.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mmeUVmNHPOdstm" /sc MINUTE /mo 9 /tr "'C:\Users\Default\mmeUVmNHPOdst.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mmeUVmNHPOdst" /sc ONLOGON /tr "'C:\Users\Default\mmeUVmNHPOdst.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mmeUVmNHPOdstm" /sc MINUTE /mo 9 /tr "'C:\Users\Default\mmeUVmNHPOdst.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mmeUVmNHPOdstm" /sc MINUTE /mo 5 /tr "'C:\Recovery\mmeUVmNHPOdst.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mmeUVmNHPOdst" /sc ONLOGON /tr "'C:\Recovery\mmeUVmNHPOdst.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mmeUVmNHPOdstm" /sc MINUTE /mo 11 /tr "'C:\Recovery\mmeUVmNHPOdst.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "fontdrvhostf" /sc MINUTE /mo 13 /tr "'C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fontdrvhost.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "fontdrvhost" /sc ONLOGON /tr "'C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fontdrvhost.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "fontdrvhostf" /sc MINUTE /mo 5 /tr "'C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fontdrvhost.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mmeUVmNHPOdstm" /sc MINUTE /mo 9 /tr "'C:\Program Files\Windows Defender\en-US\mmeUVmNHPOdst.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mmeUVmNHPOdst" /sc ONLOGON /tr "'C:\Program Files\Windows Defender\en-US\mmeUVmNHPOdst.exe'" /rl
HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mmeUVmNHPOdstm" /sc MINUTE /mo 11 /tr "'C:\Program Files\Windows Defender\en-US\mmeUVmNHPOdst.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "conhostc" /sc MINUTE /mo 9 /tr "'C:\Program Files\Windows NT\Accessories\en-GB\conhost.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "conhost" /sc ONLOGON /tr "'C:\Program Files\Windows NT\Accessories\en-GB\conhost.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "conhostc" /sc MINUTE /mo 13 /tr "'C:\Program Files\Windows NT\Accessories\en-GB\conhost.exe'" /rl
HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "TextInputHostT" /sc MINUTE /mo 6 /tr "'C:\Program Files\7-Zip\Lang\TextInputHost.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "TextInputHost" /sc ONLOGON /tr "'C:\Program Files\7-Zip\Lang\TextInputHost.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "TextInputHostT" /sc MINUTE /mo 11 /tr "'C:\Program Files\7-Zip\Lang\TextInputHost.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "WmiPrvSEW" /sc MINUTE /mo 11 /tr "'C:\Program Files (x86)\java\jre-1.8\lib\applet\WmiPrvSE.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "WmiPrvSE" /sc ONLOGON /tr "'C:\Program Files (x86)\java\jre-1.8\lib\applet\WmiPrvSE.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "WmiPrvSEW" /sc MINUTE /mo 14 /tr "'C:\Program Files (x86)\java\jre-1.8\lib\applet\WmiPrvSE.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fontdrvhost.exe
|
"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fontdrvhost.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mmeUVmNHPOdstm" /sc MINUTE /mo 6 /tr "'C:\Users\Default User\AppData\Local\Application Data\History\mmeUVmNHPOdst.exe'"
/f
|
|
|
|
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fontdrvhost.exe
|
"C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fontdrvhost.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mmeUVmNHPOdst" /sc ONLOGON /tr "'C:\Users\Default User\AppData\Local\Application Data\History\mmeUVmNHPOdst.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mmeUVmNHPOdstm" /sc MINUTE /mo 9 /tr "'C:\Users\Default User\AppData\Local\Application Data\History\mmeUVmNHPOdst.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Users\Default\AppData\Local\Microsoft\Windows\History\mmeUVmNHPOdst.exe
|
"C:\Users\Default User\AppData\Local\Application Data\History\mmeUVmNHPOdst.exe"
|
|
|
|
C:\Users\Default\AppData\Local\Microsoft\Windows\History\mmeUVmNHPOdst.exe
|
"C:\Users\Default User\AppData\Local\Application Data\History\mmeUVmNHPOdst.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "IdleI" /sc MINUTE /mo 5 /tr "'C:\Program Files (x86)\microsoft onedrive\setup\logs\Idle.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "Idle" /sc ONLOGON /tr "'C:\Program Files (x86)\microsoft onedrive\setup\logs\Idle.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "IdleI" /sc MINUTE /mo 11 /tr "'C:\Program Files (x86)\microsoft onedrive\setup\logs\Idle.exe'" /rl
HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mmeUVmNHPOdstm" /sc MINUTE /mo 13 /tr "'C:\Users\Public\Pictures\mmeUVmNHPOdst.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "mmeUVmNHPOdst" /sc ONLOGON /tr "'C:\Users\Public\Pictures\mmeUVmNHPOdst.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\blockrefSessionBrokerDll\jNiINMcACfpGfudqTH4IxZpVWTbF.bat" "
|
There are 28 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\SOFTWARE\ceff8bae5fe852f6764d5a8bf8a01242fad5fa72
|
e86fe4d2662b86cd24fb43908629616f882b59bf
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.ApplicationCompany
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
32F2000
|
trusted library allocation
|
page read and write
|
|
|
|
32B5000
|
trusted library allocation
|
page read and write
|
|
|
|
2FC1000
|
trusted library allocation
|
page read and write
|
|
|
|
2E31000
|
trusted library allocation
|
page read and write
|
|
|
|
32F8000
|
trusted library allocation
|
page read and write
|
|
|
|
32E9000
|
trusted library allocation
|
page read and write
|
|
|
|
3371000
|
trusted library allocation
|
page read and write
|
|
|
|
32B1000
|
trusted library allocation
|
page read and write
|
|
|
|
3231000
|
trusted library allocation
|
page read and write
|
|
|
|
2D20000
|
heap
|
page read and write
|
||
|
8F1000
|
heap
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
17BF000
|
stack
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
328C000
|
trusted library allocation
|
page read and write
|
||
|
2658000
|
heap
|
page read and write
|
||
|
7FFD9BABA000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F8C000
|
stack
|
page read and write
|
||
|
137D000
|
heap
|
page read and write
|
||
|
91B000
|
heap
|
page read and write
|
||
|
7FFD9B9AC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA76000
|
trusted library allocation
|
page execute and read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
2EF3000
|
trusted library allocation
|
page read and write
|
||
|
3154000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BEE0000
|
heap
|
page read and write
|
||
|
7FFD9BB41000
|
trusted library allocation
|
page read and write
|
||
|
1BE23000
|
stack
|
page read and write
|
||
|
1C338000
|
heap
|
page read and write
|
||
|
164E000
|
stack
|
page read and write
|
||
|
1BF51000
|
heap
|
page read and write
|
||
|
7FFD9BB43000
|
trusted library allocation
|
page read and write
|
||
|
1C86E000
|
stack
|
page read and write
|
||
|
1384000
|
heap
|
page read and write
|
||
|
7FFD9B9BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
1675000
|
heap
|
page read and write
|
||
|
13B2000
|
heap
|
page read and write
|
||
|
8FF000
|
heap
|
page read and write
|
||
|
26FF000
|
heap
|
page read and write
|
||
|
160E000
|
heap
|
page read and write
|
||
|
1C36E000
|
heap
|
page read and write
|
||
|
7FFD9B9AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C1FB000
|
heap
|
page read and write
|
||
|
1C30E000
|
heap
|
page read and write
|
||
|
7FFD9BB36000
|
trusted library allocation
|
page read and write
|
||
|
1C2B5000
|
heap
|
page read and write
|
||
|
4F0E000
|
stack
|
page read and write
|
||
|
1610000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB46000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA66000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BDAE000
|
stack
|
page read and write
|
||
|
214000
|
unkown
|
page read and write
|
||
|
236C000
|
stack
|
page read and write
|
||
|
15F0000
|
trusted library allocation
|
page read and write
|
||
|
2658000
|
heap
|
page read and write
|
||
|
11D2000
|
heap
|
page read and write
|
||
|
1C374000
|
heap
|
page read and write
|
||
|
1BC7E000
|
stack
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
13EA000
|
heap
|
page read and write
|
||
|
1C1C8000
|
heap
|
page read and write
|
||
|
17CE000
|
stack
|
page read and write
|
||
|
7FFD9BAB1000
|
trusted library allocation
|
page execute and read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
132A8000
|
trusted library allocation
|
page read and write
|
||
|
1BEEE000
|
stack
|
page read and write
|
||
|
90F000
|
heap
|
page read and write
|
||
|
1C368000
|
heap
|
page read and write
|
||
|
7FFD9B9B4000
|
trusted library allocation
|
page read and write
|
||
|
1C3B3000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
1C2AD000
|
heap
|
page read and write
|
||
|
2620000
|
heap
|
page read and write
|
||
|
268A000
|
heap
|
page read and write
|
||
|
32DC000
|
trusted library allocation
|
page read and write
|
||
|
1105000
|
heap
|
page read and write
|
||
|
7FFD9B974000
|
trusted library allocation
|
page read and write
|
||
|
2AEE000
|
stack
|
page read and write
|
||
|
3373000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
heap
|
page read and write
|
||
|
1BDEF000
|
stack
|
page read and write
|
||
|
15CE000
|
stack
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
302C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B99C000
|
trusted library allocation
|
page read and write
|
||
|
8FC000
|
heap
|
page read and write
|
||
|
2CB0000
|
heap
|
page execute and read and write
|
||
|
938000
|
heap
|
page read and write
|
||
|
7FFD9BA3C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B98D000
|
trusted library allocation
|
page execute and read and write
|
||
|
264B000
|
heap
|
page read and write
|
||
|
1BC6F000
|
stack
|
page read and write
|
||
|
30B000
|
stack
|
page read and write
|
||
|
16C0000
|
heap
|
page read and write
|
||
|
15AC000
|
heap
|
page read and write
|
||
|
15A0000
|
heap
|
page read and write
|
||
|
32A1000
|
trusted library allocation
|
page read and write
|
||
|
1C1DE000
|
heap
|
page read and write
|
||
|
132BD000
|
trusted library allocation
|
page read and write
|
||
|
4BD8000
|
heap
|
page read and write
|
||
|
1544000
|
heap
|
page read and write
|
||
|
911000
|
heap
|
page read and write
|
||
|
1BF25000
|
stack
|
page read and write
|
||
|
138F000
|
stack
|
page read and write
|
||
|
13238000
|
trusted library allocation
|
page read and write
|
||
|
1C370000
|
heap
|
page read and write
|
||
|
7FFD9B994000
|
trusted library allocation
|
page read and write
|
||
|
1BF8F000
|
stack
|
page read and write
|
||
|
4ACF000
|
stack
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
917000
|
heap
|
page read and write
|
||
|
1BDDE000
|
stack
|
page read and write
|
||
|
938000
|
heap
|
page read and write
|
||
|
1C1C0000
|
heap
|
page read and write
|
||
|
264F000
|
heap
|
page read and write
|
||
|
720F000
|
stack
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
3341000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA36000
|
trusted library allocation
|
page read and write
|
||
|
203000
|
unkown
|
page readonly
|
||
|
2655000
|
heap
|
page read and write
|
||
|
132B3000
|
trusted library allocation
|
page read and write
|
||
|
2644000
|
heap
|
page read and write
|
||
|
26E1000
|
heap
|
page read and write
|
||
|
13B8000
|
heap
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page execute and read and write
|
||
|
1670000
|
heap
|
page read and write
|
||
|
7FFD9B983000
|
trusted library allocation
|
page read and write
|
||
|
1C2A0000
|
heap
|
page read and write
|
||
|
1B7D0000
|
heap
|
page read and write
|
||
|
2376000
|
stack
|
page read and write
|
||
|
3382000
|
trusted library allocation
|
page read and write
|
||
|
938000
|
heap
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
||
|
1C0AE000
|
stack
|
page read and write
|
||
|
1660000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9A8000
|
trusted library allocation
|
page read and write
|
||
|
521E000
|
stack
|
page read and write
|
||
|
12F6000
|
stack
|
page read and write
|
||
|
31AE000
|
stack
|
page read and write
|
||
|
2EFC000
|
trusted library allocation
|
page read and write
|
||
|
1CA6D000
|
stack
|
page read and write
|
||
|
16C5000
|
heap
|
page read and write
|
||
|
4BD9000
|
heap
|
page read and write
|
||
|
1C2EE000
|
stack
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
20E000
|
unkown
|
page write copy
|
||
|
2399000
|
stack
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
2659000
|
heap
|
page read and write
|
||
|
7FFD9BB30000
|
trusted library allocation
|
page read and write
|
||
|
8F6000
|
heap
|
page read and write
|
||
|
1BF75000
|
heap
|
page read and write
|
||
|
1C320000
|
heap
|
page read and write
|
||
|
531F000
|
stack
|
page read and write
|
||
|
1C001000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
911000
|
heap
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
3A5000
|
heap
|
page read and write
|
||
|
4F4E000
|
stack
|
page read and write
|
||
|
1C1D4000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
3244000
|
trusted library allocation
|
page read and write
|
||
|
1349000
|
heap
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
1C3AC000
|
heap
|
page read and write
|
||
|
26FF000
|
heap
|
page read and write
|
||
|
23A2000
|
stack
|
page read and write
|
||
|
2BBA000
|
trusted library allocation
|
page read and write
|
||
|
938000
|
heap
|
page read and write
|
||
|
8EC000
|
heap
|
page read and write
|
||
|
7FFD9B98D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B3BD000
|
stack
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
1C211000
|
heap
|
page read and write
|
||
|
2C2F000
|
stack
|
page read and write
|
||
|
13233000
|
trusted library allocation
|
page read and write
|
||
|
1B260000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
908000
|
heap
|
page read and write
|
||
|
1196000
|
heap
|
page read and write
|
||
|
12FCD000
|
trusted library allocation
|
page read and write
|
||
|
1C23F000
|
heap
|
page read and write
|
||
|
2770000
|
heap
|
page read and write
|
||
|
13A9000
|
heap
|
page read and write
|
||
|
7FFD9BB47000
|
trusted library allocation
|
page read and write
|
||
|
1C018000
|
heap
|
page read and write
|
||
|
132AD000
|
trusted library allocation
|
page read and write
|
||
|
1BB80000
|
heap
|
page execute and read and write
|
||
|
7FFD9BB30000
|
trusted library allocation
|
page read and write
|
||
|
906000
|
heap
|
page read and write
|
||
|
1BEDE000
|
stack
|
page read and write
|
||
|
133C000
|
heap
|
page read and write
|
||
|
1C2AE000
|
stack
|
page read and write
|
||
|
1BE80000
|
heap
|
page execute and read and write
|
||
|
4BCF000
|
stack
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
1535000
|
heap
|
page read and write
|
||
|
1BF60000
|
heap
|
page read and write
|
||
|
4490000
|
heap
|
page read and write
|
||
|
3385000
|
trusted library allocation
|
page read and write
|
||
|
15D1000
|
heap
|
page read and write
|
||
|
7FFD9B984000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB71000
|
trusted library allocation
|
page read and write
|
||
|
2E8A000
|
trusted library allocation
|
page read and write
|
||
|
3309000
|
trusted library allocation
|
page read and write
|
||
|
2EFF000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B986000
|
trusted library allocation
|
page read and write
|
||
|
1B82C000
|
stack
|
page read and write
|
||
|
F46000
|
stack
|
page read and write
|
||
|
925000
|
heap
|
page read and write
|
||
|
11FA000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page execute and read and write
|
||
|
11B6000
|
stack
|
page read and write
|
||
|
7FFD9BB2C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9A4000
|
trusted library allocation
|
page read and write
|
||
|
8FD000
|
heap
|
page read and write
|
||
|
925000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
925000
|
heap
|
page read and write
|
||
|
1C170000
|
heap
|
page read and write
|
||
|
7FFD9B9AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B920000
|
heap
|
page execute and read and write
|
||
|
268A000
|
heap
|
page read and write
|
||
|
2393000
|
stack
|
page read and write
|
||
|
1BF30000
|
heap
|
page read and write
|
||
|
15C0000
|
heap
|
page read and write
|
||
|
1BEAF000
|
stack
|
page read and write
|
||
|
7FFD9BB2A000
|
trusted library allocation
|
page read and write
|
||
|
12E33000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B993000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB20000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB80000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
231000
|
unkown
|
page read and write
|
||
|
2EC8000
|
trusted library allocation
|
page read and write
|
||
|
1361000
|
heap
|
page read and write
|
||
|
32AE000
|
stack
|
page read and write
|
||
|
4AC0000
|
heap
|
page read and write
|
||
|
1C2E5000
|
heap
|
page read and write
|
||
|
1C2D9000
|
heap
|
page read and write
|
||
|
136E000
|
heap
|
page read and write
|
||
|
13FA000
|
heap
|
page read and write
|
||
|
1CD9F000
|
stack
|
page read and write
|
||
|
8D8000
|
heap
|
page read and write
|
||
|
160F000
|
stack
|
page read and write
|
||
|
904000
|
heap
|
page read and write
|
||
|
1C1EF000
|
stack
|
page read and write
|
||
|
7FFD9BA3C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2386000
|
stack
|
page read and write
|
||
|
30EB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B99D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3379000
|
trusted library allocation
|
page read and write
|
||
|
1BADF000
|
stack
|
page read and write
|
||
|
237C000
|
stack
|
page read and write
|
||
|
1611000
|
heap
|
page read and write
|
||
|
26EB000
|
heap
|
page read and write
|
||
|
8FF000
|
heap
|
page read and write
|
||
|
1AE60000
|
trusted library allocation
|
page read and write
|
||
|
12FC8000
|
trusted library allocation
|
page read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
8FB000
|
heap
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
||
|
179F000
|
stack
|
page read and write
|
||
|
7FFD9B99D000
|
trusted library allocation
|
page execute and read and write
|
||
|
12E31000
|
trusted library allocation
|
page read and write
|
||
|
AAE000
|
stack
|
page read and write
|
||
|
1B8DE000
|
stack
|
page read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
2675000
|
heap
|
page read and write
|
||
|
4E4E000
|
stack
|
page read and write
|
||
|
1C028000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
1BA2E000
|
stack
|
page read and write
|
||
|
1615000
|
heap
|
page read and write
|
||
|
12F0000
|
trusted library allocation
|
page read and write
|
||
|
1C2BB000
|
heap
|
page read and write
|
||
|
16F0000
|
heap
|
page read and write
|
||
|
917000
|
heap
|
page read and write
|
||
|
26EB000
|
heap
|
page read and write
|
||
|
29AE000
|
stack
|
page read and write
|
||
|
925000
|
heap
|
page read and write
|
||
|
1C183000
|
stack
|
page read and write
|
||
|
2AAF000
|
stack
|
page read and write
|
||
|
7FFD9B9AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
14D0000
|
heap
|
page read and write
|
||
|
1C267000
|
heap
|
page read and write
|
||
|
1815000
|
heap
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page execute and read and write
|
||
|
700E000
|
stack
|
page read and write
|
||
|
7FFD9B993000
|
trusted library allocation
|
page read and write
|
||
|
1C196000
|
heap
|
page read and write
|
||
|
D32000
|
unkown
|
page readonly
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page execute and read and write
|
||
|
8F3000
|
heap
|
page read and write
|
||
|
132B8000
|
trusted library allocation
|
page read and write
|
||
|
380000
|
heap
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
1C201000
|
heap
|
page read and write
|
||
|
7FFD9BB20000
|
trusted library allocation
|
page read and write
|
||
|
1C36B000
|
heap
|
page read and write
|
||
|
1BCA0000
|
heap
|
page read and write
|
||
|
7FFD9BAA6000
|
trusted library allocation
|
page execute and read and write
|
||
|
535C000
|
stack
|
page read and write
|
||
|
3290000
|
heap
|
page execute and read and write
|
||
|
2610000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
1BFC6000
|
heap
|
page read and write
|
||
|
7FFD9BA96000
|
trusted library allocation
|
page execute and read and write
|
||
|
1630000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB30000
|
trusted library allocation
|
page read and write
|
||
|
912000
|
heap
|
page read and write
|
||
|
319A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB4B000
|
trusted library allocation
|
page read and write
|
||
|
26FF000
|
heap
|
page read and write
|
||
|
2658000
|
heap
|
page read and write
|
||
|
1D1000
|
unkown
|
page execute read
|
||
|
133E000
|
heap
|
page read and write
|
||
|
26E1000
|
heap
|
page read and write
|
||
|
7FFD9BB21000
|
trusted library allocation
|
page read and write
|
||
|
3375000
|
trusted library allocation
|
page read and write
|
||
|
E02000
|
unkown
|
page readonly
|
||
|
443E000
|
stack
|
page read and write
|
||
|
4F90000
|
heap
|
page read and write
|
||
|
8D8000
|
heap
|
page read and write
|
||
|
4450000
|
heap
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
266B000
|
heap
|
page read and write
|
||
|
7FFD9BB1E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B994000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
3288000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B98C000
|
trusted library allocation
|
page read and write
|
||
|
1C26D000
|
heap
|
page read and write
|
||
|
D30000
|
unkown
|
page readonly
|
||
|
1690000
|
heap
|
page execute and read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
1D1000
|
unkown
|
page execute read
|
||
|
7FFD9B9AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B983000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
||
|
90F000
|
heap
|
page read and write
|
||
|
7FFD9BA46000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B993000
|
trusted library allocation
|
page execute and read and write
|
||
|
2672000
|
heap
|
page read and write
|
||
|
D49000
|
heap
|
page read and write
|
||
|
135C000
|
heap
|
page read and write
|
||
|
4D4E000
|
stack
|
page read and write
|
||
|
1C294000
|
heap
|
page read and write
|
||
|
7FFD9B983000
|
trusted library allocation
|
page execute and read and write
|
||
|
BAF000
|
stack
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
1650000
|
trusted library allocation
|
page read and write
|
||
|
6FB000
|
stack
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
132A1000
|
trusted library allocation
|
page read and write
|
||
|
26EB000
|
heap
|
page read and write
|
||
|
3EE000
|
stack
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BDF000
|
heap
|
page read and write
|
||
|
16B5000
|
heap
|
page read and write
|
||
|
7FFD9BAC1000
|
trusted library allocation
|
page execute and read and write
|
||
|
137F000
|
heap
|
page read and write
|
||
|
7FFD9B9EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C290000
|
heap
|
page read and write
|
||
|
11CF000
|
heap
|
page read and write
|
||
|
2C07000
|
heap
|
page read and write
|
||
|
90D000
|
heap
|
page read and write
|
||
|
31BD000
|
trusted library allocation
|
page read and write
|
||
|
12FD1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B99D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1387000
|
heap
|
page read and write
|
||
|
915000
|
heap
|
page read and write
|
||
|
1C38B000
|
heap
|
page read and write
|
||
|
95C000
|
heap
|
page read and write
|
||
|
265C000
|
heap
|
page read and write
|
||
|
1BFA5000
|
heap
|
page read and write
|
||
|
7FFD9B982000
|
trusted library allocation
|
page read and write
|
||
|
710E000
|
stack
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
266B000
|
heap
|
page read and write
|
||
|
938000
|
heap
|
page read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page read and write
|
||
|
1B9DF000
|
stack
|
page read and write
|
||
|
7FFD9B9EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2795000
|
heap
|
page read and write
|
||
|
7FFD9BB43000
|
trusted library allocation
|
page read and write
|
||
|
2F05000
|
trusted library allocation
|
page read and write
|
||
|
1165000
|
heap
|
page read and write
|
||
|
31EC000
|
trusted library allocation
|
page read and write
|
||
|
4AC2000
|
heap
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
1620000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B98D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BFE5000
|
heap
|
page read and write
|
||
|
7FFD9BB51000
|
trusted library allocation
|
page read and write
|
||
|
264E000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
916000
|
heap
|
page read and write
|
||
|
276E000
|
stack
|
page read and write
|
||
|
915000
|
heap
|
page read and write
|
||
|
12E3D000
|
trusted library allocation
|
page read and write
|
||
|
2380000
|
stack
|
page read and write
|
||
|
18AE000
|
stack
|
page read and write
|
||
|
26DF000
|
heap
|
page read and write
|
||
|
26DF000
|
heap
|
page read and write
|
||
|
1BFD5000
|
heap
|
page read and write
|
||
|
32FA000
|
trusted library allocation
|
page read and write
|
||
|
13231000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAB6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C1AA000
|
heap
|
page read and write
|
||
|
15CB000
|
heap
|
page read and write
|
||
|
DB6000
|
stack
|
page read and write
|
||
|
1BFE3000
|
stack
|
page read and write
|
||
|
91C000
|
heap
|
page read and write
|
||
|
1366000
|
heap
|
page read and write
|
||
|
15E3000
|
heap
|
page read and write
|
||
|
26DF000
|
heap
|
page read and write
|
||
|
3363000
|
trusted library allocation
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
296E000
|
stack
|
page read and write
|
||
|
13A6000
|
heap
|
page read and write
|
||
|
7FFD9B9DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
13B2000
|
heap
|
page read and write
|
||
|
134D000
|
heap
|
page read and write
|
||
|
7FFD9B973000
|
trusted library allocation
|
page execute and read and write
|
||
|
15E0000
|
heap
|
page read and write
|
||
|
1C2F3000
|
heap
|
page read and write
|
||
|
1B7BD000
|
stack
|
page read and write
|
||
|
7FFD9BA56000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B993000
|
trusted library allocation
|
page read and write
|
||
|
1BC2E000
|
stack
|
page read and write
|
||
|
7FFD9BAA1000
|
trusted library allocation
|
page execute and read and write
|
||
|
1368000
|
heap
|
page read and write
|
||
|
1BCD3000
|
stack
|
page read and write
|
||
|
1B54C000
|
stack
|
page read and write
|
||
|
7FFD9BA9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB23000
|
trusted library allocation
|
page read and write
|
||
|
1BDAE000
|
stack
|
page read and write
|
||
|
4BD5000
|
heap
|
page read and write
|
||
|
3396000
|
trusted library allocation
|
page read and write
|
||
|
912000
|
heap
|
page read and write
|
||
|
333F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9A3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B998000
|
trusted library allocation
|
page read and write
|
||
|
268A000
|
heap
|
page read and write
|
||
|
232000
|
unkown
|
page readonly
|
||
|
8FF000
|
heap
|
page read and write
|
||
|
330C000
|
trusted library allocation
|
page read and write
|
||
|
11FC000
|
heap
|
page read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
8F1000
|
heap
|
page read and write
|
||
|
1C390000
|
heap
|
page read and write
|
||
|
17A5000
|
heap
|
page read and write
|
||
|
2BA1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
938000
|
heap
|
page read and write
|
||
|
26DF000
|
heap
|
page read and write
|
||
|
1BCA0000
|
heap
|
page read and write
|
||
|
47EE000
|
stack
|
page read and write
|
||
|
902000
|
heap
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
7FFD9BA46000
|
trusted library allocation
|
page read and write
|
||
|
1366000
|
heap
|
page read and write
|
||
|
1650000
|
trusted library allocation
|
page read and write
|
||
|
26EB000
|
heap
|
page read and write
|
||
|
7FFD9BB2C000
|
trusted library allocation
|
page read and write
|
||
|
730C000
|
stack
|
page read and write
|
||
|
132B1000
|
trusted library allocation
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
8F9000
|
heap
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
1B83D000
|
stack
|
page read and write
|
||
|
8F5000
|
heap
|
page read and write
|
||
|
7FFD9B988000
|
trusted library allocation
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
1C23A000
|
heap
|
page read and write
|
||
|
26B1000
|
heap
|
page read and write
|
||
|
7FFD9BA76000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C0EE000
|
stack
|
page read and write
|
||
|
1BFA2000
|
heap
|
page read and write
|
||
|
2672000
|
heap
|
page read and write
|
||
|
233000
|
unkown
|
page readonly
|
||
|
265D000
|
heap
|
page read and write
|
||
|
23AA000
|
stack
|
page read and write
|
||
|
2688000
|
heap
|
page read and write
|
||
|
1C2AF000
|
heap
|
page read and write
|
||
|
1B2D0000
|
trusted library allocation
|
page read and write
|
||
|
2658000
|
heap
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B99C000
|
trusted library allocation
|
page read and write
|
||
|
925000
|
heap
|
page read and write
|
||
|
32FD000
|
trusted library allocation
|
page read and write
|
||
|
1B7A0000
|
heap
|
page execute and read and write
|
||
|
316E000
|
stack
|
page read and write
|
||
|
1BB2F000
|
stack
|
page read and write
|
||
|
11BA000
|
heap
|
page read and write
|
||
|
7FFD9B97D000
|
trusted library allocation
|
page execute and read and write
|
||
|
153E000
|
stack
|
page read and write
|
||
|
12FC1000
|
trusted library allocation
|
page read and write
|
||
|
4AA0000
|
heap
|
page read and write
|
||
|
7FFD9B9DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C70000
|
trusted library allocation
|
page read and write
|
||
|
2648000
|
heap
|
page read and write
|
||
|
8ED000
|
heap
|
page read and write
|
||
|
4ECD000
|
stack
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
1C17F000
|
heap
|
page read and write
|
||
|
15A6000
|
heap
|
page read and write
|
||
|
2672000
|
heap
|
page read and write
|
||
|
328E000
|
trusted library allocation
|
page read and write
|
||
|
1CE9B000
|
stack
|
page read and write
|
||
|
7FFD9B992000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
32FC000
|
trusted library allocation
|
page read and write
|
||
|
2F9F000
|
stack
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
12E38000
|
trusted library allocation
|
page read and write
|
||
|
2FB0000
|
heap
|
page execute and read and write
|
||
|
91B000
|
heap
|
page read and write
|
||
|
1C28E000
|
stack
|
page read and write
|
||
|
1BFBB000
|
heap
|
page read and write
|
||
|
1C22E000
|
heap
|
page read and write
|
||
|
160C000
|
heap
|
page read and write
|
||
|
7FFD9B9BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1810000
|
heap
|
page read and write
|
||
|
17A0000
|
heap
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
7FFD9B9A4000
|
trusted library allocation
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
3369000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9B4000
|
trusted library allocation
|
page read and write
|
||
|
26E1000
|
heap
|
page read and write
|
||
|
90A000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
1BCE0000
|
heap
|
page read and write
|
||
|
15E6000
|
heap
|
page read and write
|
||
|
232000
|
unkown
|
page write copy
|
||
|
7FFD9B9A3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page execute and read and write
|
||
|
26FF000
|
heap
|
page read and write
|
||
|
925000
|
heap
|
page read and write
|
||
|
132A3000
|
trusted library allocation
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
7FFD9B984000
|
trusted library allocation
|
page read and write
|
||
|
80D000
|
stack
|
page read and write
|
||
|
1D0000
|
unkown
|
page readonly
|
||
|
D30000
|
unkown
|
page readonly
|
||
|
16F4000
|
heap
|
page read and write
|
||
|
26E1000
|
heap
|
page read and write
|
||
|
7FFD9B994000
|
trusted library allocation
|
page read and write
|
||
|
545C000
|
stack
|
page read and write
|
||
|
4F8E000
|
stack
|
page read and write
|
||
|
1C38E000
|
stack
|
page read and write
|
||
|
1323D000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
8FA000
|
heap
|
page read and write
|
||
|
4A90000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
20E000
|
unkown
|
page read and write
|
||
|
7FFD9BB33000
|
trusted library allocation
|
page read and write
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
7FFD9BB4B000
|
trusted library allocation
|
page read and write
|
||
|
2790000
|
heap
|
page read and write
|
||
|
7FFD9BA36000
|
trusted library allocation
|
page read and write
|
||
|
1180000
|
trusted library allocation
|
page read and write
|
||
|
2EF9000
|
trusted library allocation
|
page read and write
|
||
|
1BF5A000
|
heap
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
7FFD9BA66000
|
trusted library allocation
|
page execute and read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
3070000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
43FE000
|
stack
|
page read and write
|
||
|
2C0B000
|
heap
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
2628000
|
heap
|
page read and write
|
||
|
7FFD9BB2E000
|
trusted library allocation
|
page read and write
|
||
|
26E1000
|
heap
|
page read and write
|
||
|
7FFD9BB68000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B99D000
|
trusted library allocation
|
page execute and read and write
|
||
|
203000
|
unkown
|
page readonly
|
||
|
26EB000
|
heap
|
page read and write
|
||
|
1BBD4000
|
stack
|
page read and write
|
||
|
26FF000
|
heap
|
page read and write
|
||
|
31E0000
|
heap
|
page execute and read and write
|
||
|
8B8000
|
heap
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
3343000
|
trusted library allocation
|
page read and write
|
||
|
1BF7C000
|
heap
|
page read and write
|
||
|
8D1000
|
heap
|
page read and write
|
||
|
1BFA4000
|
stack
|
page read and write
|
||
|
16E0000
|
heap
|
page read and write
|
||
|
164B000
|
heap
|
page read and write
|
||
|
90F000
|
heap
|
page read and write
|
||
|
18CF000
|
stack
|
page read and write
|
||
|
2689000
|
heap
|
page read and write
|
||
|
4E8D000
|
stack
|
page read and write
|
||
|
2720000
|
heap
|
page readonly
|
||
|
1308000
|
heap
|
page read and write
|
||
|
1590000
|
trusted library allocation
|
page read and write
|
||
|
1C1AF000
|
heap
|
page read and write
|
||
|
7FFD9B9AC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
1BD29000
|
stack
|
page read and write
|
||
|
7FFD9BB53000
|
trusted library allocation
|
page read and write
|
||
|
1B2E0000
|
trusted library allocation
|
page read and write
|
||
|
2E2F000
|
stack
|
page read and write
|
||
|
14F0000
|
heap
|
page read and write
|
||
|
12F6000
|
stack
|
page read and write
|
||
|
7FF426FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
2C40000
|
trusted library allocation
|
page read and write
|
||
|
2397000
|
stack
|
page read and write
|
||
|
370000
|
heap
|
page read and write
|
||
|
1BC8E000
|
stack
|
page read and write
|
||
|
7FFD9BB1C000
|
trusted library allocation
|
page read and write
|
||
|
3316000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB53000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB3C000
|
trusted library allocation
|
page read and write
|
||
|
1BF83000
|
heap
|
page read and write
|
||
|
1C024000
|
heap
|
page read and write
|
||
|
7FFD9BB26000
|
trusted library allocation
|
page read and write
|
||
|
119C000
|
heap
|
page read and write
|
||
|
4ACB000
|
heap
|
page read and write
|
||
|
1310000
|
trusted library allocation
|
page read and write
|
||
|
1C1A3000
|
stack
|
page read and write
|
||
|
7FFD9BB3E000
|
trusted library allocation
|
page read and write
|
||
|
30A0000
|
heap
|
page execute and read and write
|
||
|
7FFD9BA4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
3016000
|
trusted library allocation
|
page read and write
|
||
|
3219000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA26000
|
trusted library allocation
|
page read and write
|
||
|
3300000
|
trusted library allocation
|
page read and write
|
||
|
1C084000
|
stack
|
page read and write
|
||
|
1B8CF000
|
stack
|
page read and write
|
||
|
266B000
|
heap
|
page read and write
|
||
|
1D0000
|
unkown
|
page readonly
|
||
|
910000
|
heap
|
page read and write
|
||
|
4AD0000
|
heap
|
page read and write
|
||
|
1C3E4000
|
heap
|
page read and write
|
||
|
1CB6F000
|
stack
|
page read and write
|
||
|
3393000
|
trusted library allocation
|
page read and write
|
||
|
13AE000
|
heap
|
page read and write
|
||
|
22A6000
|
stack
|
page read and write
|
||
|
6710000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB3C000
|
trusted library allocation
|
page read and write
|
||
|
1AFF0000
|
trusted library allocation
|
page read and write
|
||
|
2BE4000
|
heap
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
There are 651 hidden memdumps, click here to show them.