Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
rDEKONT-1_16_2025__75kb__pdf.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\rDEKONT-1_16_2025__75kb__pdf.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmpB0EF.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\teXfNv.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\teXfNv.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\teXfNv.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bqbi5kyb.0pr.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_exfbnh2e.npc.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fp5zlfjc.5xo.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hjku2vpj.lau.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpC16A.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\rDEKONT-1_16_2025__75kb__pdf.exe
|
"C:\Users\user\Desktop\rDEKONT-1_16_2025__75kb__pdf.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\teXfNv.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\teXfNv" /XML "C:\Users\user\AppData\Local\Temp\tmpB0EF.tmp"
|
|
|
|
C:\Users\user\Desktop\rDEKONT-1_16_2025__75kb__pdf.exe
|
"C:\Users\user\Desktop\rDEKONT-1_16_2025__75kb__pdf.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\teXfNv.exe
|
C:\Users\user\AppData\Roaming\teXfNv.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\teXfNv" /XML "C:\Users\user\AppData\Local\Temp\tmpC16A.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\teXfNv.exe
|
"C:\Users\user\AppData\Roaming\teXfNv.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.189
|
104.21.64.1
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
https://api.telegram.org
|
unknown
|
||
|
https://api.telegram.org/bot
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=en
|
unknown
|
||
|
http://varders.kozow.com:8081
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://checkip.dyndns.org/
|
132.226.247.73
|
||
|
https://chrome.google.com/webstore?hl=enh
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:116938%0D%0ADate%20a
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
https://www.office.com/h
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:116938%0D%0ADate%20and%20Time:%2016/01/2025%20/%2012:17:29%0D%0ACountry%20Name:%20United%20States%0D%0A%5B%20116938%20Clicked%20on%20the%20File%20If%20you%20see%20nothing%20this's%20mean%20the%20system%20storage's%20empty.%20%5D
|
149.154.167.220
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
||
|
https://www.office.com/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=enlBkq
|
unknown
|
||
|
http://aborters.duckdns.org:8081
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:116938%0D%0ADate%20and%20Time:%2016/01/2025%20/%2013:16:46%0D%0ACountry%20Name:%20United%20States%0D%0A%5B%20116938%20Clicked%20on%20the%20File%20If%20you%20see%20nothing%20this's%20mean%20the%20system%20storage's%20empty.%20%5D
|
149.154.167.220
|
||
|
http://anotherarmy.dns.army:8081
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.189$
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
https://www.office.com/lBkq
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples
|
unknown
|
||
|
http://51.38.247.67:8081/_send_.php?LCapplication/x-www-form-urlencoded
|
unknown
|
There are 43 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
104.21.64.1
|
||
|
api.telegram.org
|
149.154.167.220
|
||
|
checkip.dyndns.com
|
132.226.247.73
|
||
|
checkip.dyndns.org
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
||
|
104.21.64.1
|
reallyfreegeoip.org
|
United States
|
||
|
132.226.247.73
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rDEKONT-1_16_2025__75kb__pdf_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rDEKONT-1_16_2025__75kb__pdf_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rDEKONT-1_16_2025__75kb__pdf_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rDEKONT-1_16_2025__75kb__pdf_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rDEKONT-1_16_2025__75kb__pdf_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rDEKONT-1_16_2025__75kb__pdf_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rDEKONT-1_16_2025__75kb__pdf_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rDEKONT-1_16_2025__75kb__pdf_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rDEKONT-1_16_2025__75kb__pdf_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rDEKONT-1_16_2025__75kb__pdf_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rDEKONT-1_16_2025__75kb__pdf_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rDEKONT-1_16_2025__75kb__pdf_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rDEKONT-1_16_2025__75kb__pdf_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\rDEKONT-1_16_2025__75kb__pdf_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\teXfNv_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\teXfNv_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\teXfNv_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\teXfNv_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\teXfNv_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\teXfNv_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\teXfNv_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\teXfNv_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\teXfNv_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\teXfNv_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\teXfNv_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\teXfNv_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\teXfNv_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\teXfNv_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4241000
|
trusted library allocation
|
page read and write
|
|
|
|
432000
|
remote allocation
|
page execute and read and write
|
|
|
|
2B41000
|
trusted library allocation
|
page read and write
|
|
|
|
2A71000
|
trusted library allocation
|
page read and write
|
|
|
|
4969000
|
trusted library allocation
|
page read and write
|
|
|
|
3ADD000
|
trusted library allocation
|
page read and write
|
||
|
5010000
|
heap
|
page read and write
|
||
|
3DCA000
|
trusted library allocation
|
page read and write
|
||
|
2D2A000
|
trusted library allocation
|
page read and write
|
||
|
4B6E000
|
stack
|
page read and write
|
||
|
67C6000
|
trusted library allocation
|
page read and write
|
||
|
F54000
|
heap
|
page read and write
|
||
|
5640000
|
trusted library allocation
|
page read and write
|
||
|
3CF6000
|
trusted library allocation
|
page read and write
|
||
|
A09B000
|
heap
|
page read and write
|
||
|
2D5C000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
trusted library allocation
|
page read and write
|
||
|
68A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
D05000
|
heap
|
page read and write
|
||
|
606E000
|
stack
|
page read and write
|
||
|
323A000
|
stack
|
page read and write
|
||
|
3DBD000
|
trusted library allocation
|
page read and write
|
||
|
2CD2000
|
trusted library allocation
|
page read and write
|
||
|
6770000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B69000
|
trusted library allocation
|
page read and write
|
||
|
602E000
|
stack
|
page read and write
|
||
|
652E000
|
stack
|
page read and write
|
||
|
3E9C000
|
trusted library allocation
|
page read and write
|
||
|
26BF000
|
stack
|
page read and write
|
||
|
1650000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E8C000
|
trusted library allocation
|
page read and write
|
||
|
7C30000
|
heap
|
page read and write
|
||
|
112A000
|
trusted library allocation
|
page read and write
|
||
|
3E74000
|
trusted library allocation
|
page read and write
|
||
|
313D000
|
trusted library allocation
|
page read and write
|
||
|
1630000
|
heap
|
page read and write
|
||
|
193E000
|
stack
|
page read and write
|
||
|
2DF6000
|
trusted library allocation
|
page read and write
|
||
|
2F80000
|
trusted library allocation
|
page read and write
|
||
|
3B43000
|
trusted library allocation
|
page read and write
|
||
|
3C36000
|
trusted library allocation
|
page read and write
|
||
|
3E37000
|
trusted library allocation
|
page read and write
|
||
|
C3F0000
|
trusted library allocation
|
page read and write
|
||
|
E0E000
|
stack
|
page read and write
|
||
|
3B90000
|
trusted library allocation
|
page read and write
|
||
|
55E0000
|
trusted library allocation
|
page read and write
|
||
|
3C07000
|
trusted library allocation
|
page read and write
|
||
|
7FDE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CF1000
|
trusted library allocation
|
page read and write
|
||
|
14B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
13AC000
|
heap
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
2C35000
|
trusted library allocation
|
page read and write
|
||
|
5821000
|
trusted library allocation
|
page read and write
|
||
|
14C0000
|
trusted library allocation
|
page read and write
|
||
|
B6E000
|
stack
|
page read and write
|
||
|
2F24000
|
trusted library allocation
|
page read and write
|
||
|
10CC000
|
stack
|
page read and write
|
||
|
2BA8000
|
trusted library allocation
|
page read and write
|
||
|
67CD000
|
trusted library allocation
|
page read and write
|
||
|
E14000
|
trusted library allocation
|
page read and write
|
||
|
A0ED000
|
heap
|
page read and write
|
||
|
1074000
|
trusted library allocation
|
page read and write
|
||
|
3DB1000
|
trusted library allocation
|
page read and write
|
||
|
3C76000
|
trusted library allocation
|
page read and write
|
||
|
50F0000
|
heap
|
page read and write
|
||
|
323F000
|
stack
|
page read and write
|
||
|
1150000
|
trusted library allocation
|
page read and write
|
||
|
7AF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AAE000
|
stack
|
page read and write
|
||
|
2C26000
|
trusted library allocation
|
page read and write
|
||
|
2AEC000
|
trusted library allocation
|
page read and write
|
||
|
3110000
|
trusted library allocation
|
page read and write
|
||
|
3E14000
|
trusted library allocation
|
page read and write
|
||
|
2B7C000
|
trusted library allocation
|
page read and write
|
||
|
1223E000
|
stack
|
page read and write
|
||
|
2AE2000
|
trusted library allocation
|
page read and write
|
||
|
5830000
|
trusted library allocation
|
page read and write
|
||
|
550F000
|
stack
|
page read and write
|
||
|
889A000
|
heap
|
page read and write
|
||
|
8170000
|
trusted library allocation
|
page execute and read and write
|
||
|
642E000
|
stack
|
page read and write
|
||
|
6310000
|
heap
|
page read and write
|
||
|
3EBD000
|
trusted library allocation
|
page read and write
|
||
|
8100000
|
trusted library allocation
|
page read and write
|
||
|
67A6000
|
trusted library allocation
|
page read and write
|
||
|
124BC000
|
stack
|
page read and write
|
||
|
F9E000
|
stack
|
page read and write
|
||
|
5880000
|
heap
|
page read and write
|
||
|
6744000
|
trusted library allocation
|
page read and write
|
||
|
442000
|
remote allocation
|
page execute and read and write
|
||
|
7B20000
|
trusted library allocation
|
page read and write
|
||
|
5860000
|
trusted library allocation
|
page execute and read and write
|
||
|
880F000
|
stack
|
page read and write
|
||
|
3DEE000
|
trusted library allocation
|
page read and write
|
||
|
7F70000
|
heap
|
page read and write
|
||
|
7C20000
|
heap
|
page read and write
|
||
|
5044000
|
heap
|
page read and write
|
||
|
1650000
|
trusted library allocation
|
page read and write
|
||
|
1010000
|
trusted library allocation
|
page read and write
|
||
|
67B0000
|
trusted library allocation
|
page read and write
|
||
|
E13000
|
trusted library allocation
|
page execute and read and write
|
||
|
3263000
|
trusted library allocation
|
page read and write
|
||
|
3E16000
|
trusted library allocation
|
page read and write
|
||
|
2E55000
|
trusted library allocation
|
page read and write
|
||
|
1960000
|
trusted library allocation
|
page read and write
|
||
|
14CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
8920000
|
trusted library allocation
|
page execute and read and write
|
||
|
3DD2000
|
trusted library allocation
|
page read and write
|
||
|
3CF8000
|
trusted library allocation
|
page read and write
|
||
|
8080000
|
trusted library section
|
page readonly
|
||
|
196A000
|
heap
|
page read and write
|
||
|
7F2B000
|
stack
|
page read and write
|
||
|
7AE0000
|
trusted library allocation
|
page read and write
|
||
|
652E000
|
stack
|
page read and write
|
||
|
8180000
|
trusted library allocation
|
page read and write
|
||
|
1960000
|
heap
|
page read and write
|
||
|
F83000
|
heap
|
page read and write
|
||
|
7F60000
|
heap
|
page read and write
|
||
|
D67000
|
heap
|
page read and write
|
||
|
D1A000
|
trusted library allocation
|
page read and write
|
||
|
2CF9000
|
trusted library allocation
|
page read and write
|
||
|
194E000
|
stack
|
page read and write
|
||
|
14BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
120B000
|
heap
|
page read and write
|
||
|
1713000
|
heap
|
page read and write
|
||
|
810D000
|
stack
|
page read and write
|
||
|
5710000
|
trusted library allocation
|
page read and write
|
||
|
3B4A000
|
trusted library allocation
|
page read and write
|
||
|
12F7000
|
stack
|
page read and write
|
||
|
E36000
|
trusted library allocation
|
page execute and read and write
|
||
|
DE9000
|
heap
|
page read and write
|
||
|
111B000
|
trusted library allocation
|
page read and write
|
||
|
3CD7000
|
trusted library allocation
|
page read and write
|
||
|
15F4000
|
trusted library allocation
|
page read and write
|
||
|
65FE000
|
stack
|
page read and write
|
||
|
3E9A000
|
trusted library allocation
|
page read and write
|
||
|
111E000
|
trusted library allocation
|
page read and write
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
42B000
|
remote allocation
|
page execute and read and write
|
||
|
9E7F000
|
heap
|
page read and write
|
||
|
1612000
|
trusted library allocation
|
page read and write
|
||
|
3B58000
|
trusted library allocation
|
page read and write
|
||
|
3381000
|
trusted library allocation
|
page read and write
|
||
|
42A000
|
remote allocation
|
page execute and read and write
|
||
|
519E000
|
stack
|
page read and write
|
||
|
A39000
|
stack
|
page read and write
|
||
|
67D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
882F000
|
heap
|
page read and write
|
||
|
E47000
|
trusted library allocation
|
page execute and read and write
|
||
|
427000
|
remote allocation
|
page execute and read and write
|
||
|
312E000
|
trusted library allocation
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
6780000
|
heap
|
page read and write
|
||
|
A092000
|
heap
|
page read and write
|
||
|
A53E000
|
stack
|
page read and write
|
||
|
D0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BBA000
|
trusted library allocation
|
page read and write
|
||
|
2D35000
|
trusted library allocation
|
page read and write
|
||
|
3D06000
|
trusted library allocation
|
page read and write
|
||
|
15E0000
|
trusted library allocation
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
9A92000
|
trusted library allocation
|
page read and write
|
||
|
440000
|
remote allocation
|
page execute and read and write
|
||
|
6760000
|
trusted library allocation
|
page read and write
|
||
|
6950000
|
trusted library allocation
|
page read and write
|
||
|
3C34000
|
trusted library allocation
|
page read and write
|
||
|
8940000
|
heap
|
page read and write
|
||
|
C8E000
|
stack
|
page read and write
|
||
|
EC8000
|
heap
|
page read and write
|
||
|
2B9E000
|
trusted library allocation
|
page read and write
|
||
|
56F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C01000
|
trusted library allocation
|
page read and write
|
||
|
3DD8000
|
trusted library allocation
|
page read and write
|
||
|
67C0000
|
trusted library allocation
|
page read and write
|
||
|
3BA2000
|
trusted library allocation
|
page read and write
|
||
|
E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
56B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
13B4000
|
heap
|
page read and write
|
||
|
886E000
|
heap
|
page read and write
|
||
|
16DA000
|
heap
|
page read and write
|
||
|
887B000
|
heap
|
page read and write
|
||
|
8920000
|
heap
|
page read and write
|
||
|
3CFC000
|
trusted library allocation
|
page read and write
|
||
|
3C52000
|
trusted library allocation
|
page read and write
|
||
|
62C0000
|
heap
|
page read and write
|
||
|
5160000
|
heap
|
page read and write
|
||
|
6890000
|
trusted library allocation
|
page execute and read and write
|
||
|
12BE000
|
stack
|
page read and write
|
||
|
3C03000
|
trusted library allocation
|
page read and write
|
||
|
61BE000
|
stack
|
page read and write
|
||
|
56FE000
|
stack
|
page read and write
|
||
|
6A00000
|
heap
|
page read and write
|
||
|
9E70000
|
heap
|
page read and write
|
||
|
3E2E000
|
trusted library allocation
|
page read and write
|
||
|
2AB6000
|
trusted library allocation
|
page read and write
|
||
|
12DF000
|
heap
|
page read and write
|
||
|
67C8000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
3E7B000
|
trusted library allocation
|
page read and write
|
||
|
1600000
|
trusted library allocation
|
page execute and read and write
|
||
|
34A9000
|
trusted library allocation
|
page read and write
|
||
|
2FBC000
|
stack
|
page read and write
|
||
|
12F6000
|
heap
|
page read and write
|
||
|
D03000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C1F000
|
trusted library allocation
|
page read and write
|
||
|
B840000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C85000
|
trusted library allocation
|
page read and write
|
||
|
E30000
|
trusted library allocation
|
page read and write
|
||
|
2F3C000
|
trusted library allocation
|
page read and write
|
||
|
3BA6000
|
trusted library allocation
|
page read and write
|
||
|
2BF4000
|
trusted library allocation
|
page read and write
|
||
|
3DF6000
|
trusted library allocation
|
page read and write
|
||
|
D5A000
|
heap
|
page read and write
|
||
|
1660000
|
trusted library allocation
|
page read and write
|
||
|
CDE000
|
stack
|
page read and write
|
||
|
311B000
|
trusted library allocation
|
page read and write
|
||
|
5720000
|
heap
|
page read and write
|
||
|
3CFA000
|
trusted library allocation
|
page read and write
|
||
|
1622000
|
trusted library allocation
|
page read and write
|
||
|
426000
|
remote allocation
|
page execute and read and write
|
||
|
2C59000
|
trusted library allocation
|
page read and write
|
||
|
1138000
|
trusted library allocation
|
page read and write
|
||
|
1950000
|
trusted library allocation
|
page read and write
|
||
|
7C30000
|
trusted library allocation
|
page execute and read and write
|
||
|
67AA000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
3136000
|
trusted library allocation
|
page read and write
|
||
|
3E0B000
|
trusted library allocation
|
page read and write
|
||
|
9A50000
|
trusted library allocation
|
page read and write
|
||
|
D30000
|
unkown
|
page readonly
|
||
|
3D34000
|
trusted library allocation
|
page read and write
|
||
|
110F000
|
stack
|
page read and write
|
||
|
4965000
|
trusted library allocation
|
page read and write
|
||
|
7AD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
2AC2000
|
trusted library allocation
|
page read and write
|
||
|
5040000
|
heap
|
page read and write
|
||
|
4FBD000
|
stack
|
page read and write
|
||
|
3A99000
|
trusted library allocation
|
page read and write
|
||
|
8150000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D28000
|
trusted library allocation
|
page read and write
|
||
|
2AE8000
|
trusted library allocation
|
page read and write
|
||
|
E32000
|
trusted library allocation
|
page read and write
|
||
|
4A73000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
trusted library allocation
|
page read and write
|
||
|
3E19000
|
trusted library allocation
|
page read and write
|
||
|
3B2D000
|
trusted library allocation
|
page read and write
|
||
|
3D4C000
|
trusted library allocation
|
page read and write
|
||
|
2E5E000
|
trusted library allocation
|
page read and write
|
||
|
55CD000
|
stack
|
page read and write
|
||
|
2CF5000
|
trusted library allocation
|
page read and write
|
||
|
62B0000
|
heap
|
page read and write
|
||
|
7DD0000
|
heap
|
page execute and read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
2F0E000
|
trusted library allocation
|
page read and write
|
||
|
63EC000
|
stack
|
page read and write
|
||
|
2ACA000
|
trusted library allocation
|
page read and write
|
||
|
3DAC000
|
trusted library allocation
|
page read and write
|
||
|
5DAE000
|
stack
|
page read and write
|
||
|
55D0000
|
trusted library allocation
|
page read and write
|
||
|
2FFE000
|
stack
|
page read and write
|
||
|
EB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4396000
|
trusted library allocation
|
page read and write
|
||
|
A0DD000
|
heap
|
page read and write
|
||
|
DE1000
|
heap
|
page read and write
|
||
|
807E000
|
stack
|
page read and write
|
||
|
161A000
|
trusted library allocation
|
page execute and read and write
|
||
|
108B000
|
heap
|
page read and write
|
||
|
6750000
|
trusted library allocation
|
page read and write
|
||
|
3460000
|
heap
|
page read and write
|
||
|
A05C000
|
heap
|
page read and write
|
||
|
14C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E39000
|
trusted library allocation
|
page read and write
|
||
|
338E000
|
unkown
|
page read and write
|
||
|
1116000
|
trusted library allocation
|
page read and write
|
||
|
F7B000
|
heap
|
page read and write
|
||
|
5660000
|
trusted library allocation
|
page read and write
|
||
|
3C64000
|
trusted library allocation
|
page read and write
|
||
|
2ADC000
|
trusted library allocation
|
page read and write
|
||
|
D26000
|
trusted library allocation
|
page execute and read and write
|
||
|
3DCD000
|
trusted library allocation
|
page read and write
|
||
|
3C13000
|
trusted library allocation
|
page read and write
|
||
|
67A0000
|
trusted library allocation
|
page read and write
|
||
|
F32000
|
trusted library allocation
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
14E5000
|
heap
|
page read and write
|
||
|
1670000
|
heap
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
4A49000
|
trusted library allocation
|
page read and write
|
||
|
3D34000
|
trusted library allocation
|
page read and write
|
||
|
54FE000
|
stack
|
page read and write
|
||
|
571A000
|
trusted library allocation
|
page read and write
|
||
|
2FCD000
|
stack
|
page read and write
|
||
|
2F52000
|
trusted library allocation
|
page read and write
|
||
|
1620000
|
trusted library allocation
|
page read and write
|
||
|
2AD9000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
9A60000
|
trusted library allocation
|
page read and write
|
||
|
5800000
|
trusted library allocation
|
page read and write
|
||
|
65BE000
|
stack
|
page read and write
|
||
|
3039000
|
trusted library allocation
|
page read and write
|
||
|
663E000
|
stack
|
page read and write
|
||
|
8889000
|
heap
|
page read and write
|
||
|
15EE000
|
stack
|
page read and write
|
||
|
2B58000
|
trusted library allocation
|
page read and write
|
||
|
D2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
674A000
|
trusted library allocation
|
page read and write
|
||
|
2DEB000
|
trusted library allocation
|
page read and write
|
||
|
443000
|
remote allocation
|
page execute and read and write
|
||
|
7BA000
|
stack
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
3E88000
|
trusted library allocation
|
page read and write
|
||
|
1136000
|
trusted library allocation
|
page read and write
|
||
|
2DDF000
|
trusted library allocation
|
page read and write
|
||
|
3DE0000
|
trusted library allocation
|
page read and write
|
||
|
2DE7000
|
trusted library allocation
|
page read and write
|
||
|
120BE000
|
stack
|
page read and write
|
||
|
D04000
|
trusted library allocation
|
page read and write
|
||
|
1131000
|
trusted library allocation
|
page read and write
|
||
|
3DB8000
|
trusted library allocation
|
page read and write
|
||
|
F87000
|
heap
|
page read and write
|
||
|
5840000
|
trusted library allocation
|
page read and write
|
||
|
423000
|
remote allocation
|
page execute and read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
8150000
|
trusted library section
|
page readonly
|
||
|
2E2D000
|
trusted library allocation
|
page read and write
|
||
|
814E000
|
stack
|
page read and write
|
||
|
3D44000
|
trusted library allocation
|
page read and write
|
||
|
5B60000
|
trusted library allocation
|
page read and write
|
||
|
36F0000
|
heap
|
page read and write
|
||
|
2ACE000
|
trusted library allocation
|
page read and write
|
||
|
2C53000
|
trusted library allocation
|
page read and write
|
||
|
F35000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C70000
|
trusted library allocation
|
page read and write
|
||
|
3B82000
|
trusted library allocation
|
page read and write
|
||
|
29E000
|
unkown
|
page read and write
|
||
|
422000
|
remote allocation
|
page execute and read and write
|
||
|
3B64000
|
trusted library allocation
|
page read and write
|
||
|
A39E000
|
stack
|
page read and write
|
||
|
E10000
|
trusted library allocation
|
page read and write
|
||
|
4161000
|
trusted library allocation
|
page read and write
|
||
|
2BA8000
|
trusted library allocation
|
page read and write
|
||
|
6937000
|
trusted library allocation
|
page read and write
|
||
|
632E000
|
heap
|
page read and write
|
||
|
2B15000
|
trusted library allocation
|
page read and write
|
||
|
3C7C000
|
trusted library allocation
|
page read and write
|
||
|
8865000
|
heap
|
page read and write
|
||
|
17C3000
|
heap
|
page read and write
|
||
|
3D46000
|
trusted library allocation
|
page read and write
|
||
|
7AA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3BFD000
|
trusted library allocation
|
page read and write
|
||
|
D22000
|
trusted library allocation
|
page read and write
|
||
|
14A0000
|
trusted library allocation
|
page read and write
|
||
|
6359000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
2D30000
|
trusted library allocation
|
page read and write
|
||
|
17C1000
|
heap
|
page read and write
|
||
|
9A50000
|
heap
|
page read and write
|
||
|
3EC4000
|
trusted library allocation
|
page read and write
|
||
|
2DCD000
|
trusted library allocation
|
page read and write
|
||
|
3DC6000
|
trusted library allocation
|
page read and write
|
||
|
8154000
|
trusted library section
|
page readonly
|
||
|
1336000
|
heap
|
page read and write
|
||
|
FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1087000
|
heap
|
page read and write
|
||
|
A20E000
|
stack
|
page read and write
|
||
|
6780000
|
trusted library allocation
|
page execute and read and write
|
||
|
A06C000
|
heap
|
page read and write
|
||
|
1060000
|
trusted library allocation
|
page read and write
|
||
|
2BF4000
|
trusted library allocation
|
page read and write
|
||
|
5826000
|
trusted library allocation
|
page read and write
|
||
|
62BE000
|
stack
|
page read and write
|
||
|
52B0000
|
trusted library allocation
|
page read and write
|
||
|
3DC7000
|
trusted library allocation
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
50B7000
|
trusted library allocation
|
page read and write
|
||
|
113D000
|
trusted library allocation
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
2DFA000
|
trusted library allocation
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
3EE1000
|
trusted library allocation
|
page read and write
|
||
|
6940000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EB1000
|
trusted library allocation
|
page read and write
|
||
|
1235000
|
heap
|
page read and write
|
||
|
63EF000
|
stack
|
page read and write
|
||
|
7B10000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D97000
|
trusted library allocation
|
page read and write
|
||
|
8140000
|
heap
|
page read and write
|
||
|
1970000
|
trusted library allocation
|
page read and write
|
||
|
3C78000
|
trusted library allocation
|
page read and write
|
||
|
7DB0000
|
trusted library allocation
|
page read and write
|
||
|
3D67000
|
trusted library allocation
|
page read and write
|
||
|
3D26000
|
trusted library allocation
|
page read and write
|
||
|
3B56000
|
trusted library allocation
|
page read and write
|
||
|
6790000
|
heap
|
page read and write
|
||
|
2D53000
|
trusted library allocation
|
page read and write
|
||
|
1237E000
|
stack
|
page read and write
|
||
|
16D0000
|
heap
|
page read and write
|
||
|
1493000
|
trusted library allocation
|
page execute and read and write
|
||
|
263F000
|
unkown
|
page read and write
|
||
|
3C60000
|
trusted library allocation
|
page read and write
|
||
|
5723000
|
heap
|
page read and write
|
||
|
DD5000
|
heap
|
page read and write
|
||
|
88F0000
|
trusted library allocation
|
page read and write
|
||
|
6930000
|
trusted library allocation
|
page read and write
|
||
|
3DB7000
|
trusted library allocation
|
page read and write
|
||
|
68D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9A70000
|
trusted library allocation
|
page read and write
|
||
|
3B52000
|
trusted library allocation
|
page read and write
|
||
|
3C22000
|
trusted library allocation
|
page read and write
|
||
|
3CEE000
|
trusted library allocation
|
page read and write
|
||
|
17BF000
|
heap
|
page read and write
|
||
|
1247F000
|
stack
|
page read and write
|
||
|
E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6329000
|
heap
|
page read and write
|
||
|
3261000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
trusted library allocation
|
page read and write
|
||
|
2A2F000
|
stack
|
page read and write
|
||
|
CF0000
|
trusted library allocation
|
page read and write
|
||
|
3A7B000
|
trusted library allocation
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
1705000
|
heap
|
page read and write
|
||
|
5665000
|
trusted library allocation
|
page read and write
|
||
|
6970000
|
trusted library allocation
|
page read and write
|
||
|
17C5000
|
heap
|
page read and write
|
||
|
9E84000
|
heap
|
page read and write
|
||
|
5690000
|
trusted library allocation
|
page read and write
|
||
|
D10000
|
trusted library allocation
|
page read and write
|
||
|
5CAE000
|
stack
|
page read and write
|
||
|
2E9C000
|
trusted library allocation
|
page read and write
|
||
|
2ABB000
|
trusted library allocation
|
page read and write
|
||
|
14C2000
|
trusted library allocation
|
page read and write
|
||
|
558E000
|
stack
|
page read and write
|
||
|
14B0000
|
trusted library allocation
|
page read and write
|
||
|
16DE000
|
heap
|
page read and write
|
||
|
1490000
|
trusted library allocation
|
page read and write
|
||
|
E42000
|
trusted library allocation
|
page read and write
|
||
|
62C0000
|
heap
|
page read and write
|
||
|
43F000
|
remote allocation
|
page execute and read and write
|
||
|
359F000
|
stack
|
page read and write
|
||
|
15FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1646000
|
trusted library allocation
|
page read and write
|
||
|
8960000
|
heap
|
page read and write
|
||
|
3BA8000
|
trusted library allocation
|
page read and write
|
||
|
199A000
|
heap
|
page read and write
|
||
|
429000
|
remote allocation
|
page execute and read and write
|
||
|
3C72000
|
trusted library allocation
|
page read and write
|
||
|
1640000
|
trusted library allocation
|
page read and write
|
||
|
2D5F000
|
trusted library allocation
|
page read and write
|
||
|
AF7000
|
stack
|
page read and write
|
||
|
1640000
|
trusted library allocation
|
page read and write
|
||
|
12E8000
|
heap
|
page read and write
|
||
|
8836000
|
heap
|
page read and write
|
||
|
3DFB000
|
trusted library allocation
|
page read and write
|
||
|
2BB6000
|
trusted library allocation
|
page read and write
|
||
|
7E2C000
|
stack
|
page read and write
|
||
|
FA7000
|
stack
|
page read and write
|
||
|
2BF8000
|
trusted library allocation
|
page read and write
|
||
|
643E000
|
stack
|
page read and write
|
||
|
1160000
|
trusted library allocation
|
page read and write
|
||
|
444000
|
remote allocation
|
page execute and read and write
|
||
|
F73000
|
heap
|
page read and write
|
||
|
177E000
|
stack
|
page read and write
|
||
|
2DE3000
|
trusted library allocation
|
page read and write
|
||
|
5B67000
|
trusted library allocation
|
page read and write
|
||
|
3DA5000
|
trusted library allocation
|
page read and write
|
||
|
3C26000
|
trusted library allocation
|
page read and write
|
||
|
50A0000
|
trusted library allocation
|
page read and write
|
||
|
81A0000
|
trusted library allocation
|
page read and write
|
||
|
63FD000
|
stack
|
page read and write
|
||
|
68B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
FC8000
|
trusted library allocation
|
page read and write
|
||
|
80A0000
|
trusted library section
|
page read and write
|
||
|
2EF7000
|
trusted library allocation
|
page read and write
|
||
|
55D7000
|
trusted library allocation
|
page read and write
|
||
|
3CE7000
|
trusted library allocation
|
page read and write
|
||
|
2B11000
|
trusted library allocation
|
page read and write
|
||
|
2DEF000
|
trusted library allocation
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
2B1D000
|
trusted library allocation
|
page read and write
|
||
|
3A71000
|
trusted library allocation
|
page read and write
|
||
|
E4B000
|
trusted library allocation
|
page execute and read and write
|
||
|
62AF000
|
stack
|
page read and write
|
||
|
2B29000
|
trusted library allocation
|
page read and write
|
||
|
2E83000
|
trusted library allocation
|
page read and write
|
||
|
3EC8000
|
trusted library allocation
|
page read and write
|
||
|
2C22000
|
trusted library allocation
|
page read and write
|
||
|
F37000
|
trusted library allocation
|
page execute and read and write
|
||
|
162B000
|
trusted library allocation
|
page execute and read and write
|
||
|
EF7000
|
heap
|
page read and write
|
||
|
3DA1000
|
trusted library allocation
|
page read and write
|
||
|
2AB0000
|
trusted library allocation
|
page read and write
|
||
|
3C8F000
|
trusted library allocation
|
page read and write
|
||
|
3000000
|
heap
|
page execute and read and write
|
||
|
616E000
|
stack
|
page read and write
|
||
|
2B91000
|
trusted library allocation
|
page read and write
|
||
|
424000
|
remote allocation
|
page execute and read and write
|
||
|
1620000
|
trusted library allocation
|
page read and write
|
||
|
300B000
|
trusted library allocation
|
page read and write
|
||
|
3E67000
|
trusted library allocation
|
page read and write
|
||
|
2FDD000
|
trusted library allocation
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
1670000
|
heap
|
page read and write
|
||
|
580B000
|
trusted library allocation
|
page read and write
|
||
|
642E000
|
stack
|
page read and write
|
||
|
2BEF000
|
trusted library allocation
|
page read and write
|
||
|
2BFC000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
886E000
|
stack
|
page read and write
|
||
|
7A90000
|
trusted library allocation
|
page execute and read and write
|
||
|
43E000
|
remote allocation
|
page execute and read and write
|
||
|
3D02000
|
trusted library allocation
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
120FE000
|
stack
|
page read and write
|
||
|
537C000
|
stack
|
page read and write
|
||
|
3BB8000
|
trusted library allocation
|
page read and write
|
||
|
5883000
|
heap
|
page read and write
|
||
|
2B7A000
|
trusted library allocation
|
page read and write
|
||
|
62EC000
|
stack
|
page read and write
|
||
|
E60000
|
trusted library allocation
|
page read and write
|
||
|
7DF0000
|
heap
|
page execute and read and write
|
||
|
6880000
|
trusted library allocation
|
page execute and read and write
|
||
|
6960000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C90000
|
trusted library allocation
|
page read and write
|
||
|
3DA5000
|
trusted library allocation
|
page read and write
|
||
|
3CD7000
|
trusted library allocation
|
page read and write
|
||
|
582D000
|
trusted library allocation
|
page read and write
|
||
|
7CA0000
|
heap
|
page read and write
|
||
|
3D0A000
|
trusted library allocation
|
page read and write
|
||
|
3E81000
|
trusted library allocation
|
page read and write
|
||
|
D32000
|
unkown
|
page readonly
|
||
|
230000
|
heap
|
page read and write
|
||
|
E13000
|
heap
|
page read and write
|
||
|
3DA7000
|
trusted library allocation
|
page read and write
|
||
|
3DD5000
|
trusted library allocation
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
3D08000
|
trusted library allocation
|
page read and write
|
||
|
35B4000
|
trusted library allocation
|
page read and write
|
||
|
3BBF000
|
trusted library allocation
|
page read and write
|
||
|
A052000
|
heap
|
page read and write
|
||
|
2BE7000
|
trusted library allocation
|
page read and write
|
||
|
DEE000
|
heap
|
page read and write
|
||
|
57FE000
|
stack
|
page read and write
|
||
|
3CD5000
|
trusted library allocation
|
page read and write
|
||
|
8950000
|
heap
|
page read and write
|
||
|
2FAE000
|
trusted library allocation
|
page read and write
|
||
|
2CBE000
|
trusted library allocation
|
page read and write
|
||
|
3CFA000
|
trusted library allocation
|
page read and write
|
||
|
2C2A000
|
trusted library allocation
|
page read and write
|
||
|
3EA4000
|
trusted library allocation
|
page read and write
|
||
|
2BDF000
|
trusted library allocation
|
page read and write
|
||
|
3C2A000
|
trusted library allocation
|
page read and write
|
||
|
E24000
|
heap
|
page read and write
|
||
|
3166000
|
trusted library allocation
|
page read and write
|
||
|
2C66000
|
trusted library allocation
|
page read and write
|
||
|
1627000
|
trusted library allocation
|
page execute and read and write
|
||
|
7E30000
|
trusted library allocation
|
page read and write
|
||
|
42C000
|
remote allocation
|
page execute and read and write
|
||
|
A0F2000
|
heap
|
page read and write
|
||
|
56E0000
|
heap
|
page read and write
|
||
|
7AC0000
|
trusted library allocation
|
page read and write
|
||
|
1303000
|
heap
|
page read and write
|
||
|
1622000
|
trusted library allocation
|
page read and write
|
||
|
137A000
|
heap
|
page read and write
|
||
|
EEA000
|
heap
|
page read and write
|
||
|
3E96000
|
trusted library allocation
|
page read and write
|
||
|
160D000
|
trusted library allocation
|
page execute and read and write
|
||
|
8931000
|
heap
|
page read and write
|
||
|
240000
|
heap
|
page read and write
|
||
|
8910000
|
heap
|
page read and write
|
||
|
883F000
|
heap
|
page read and write
|
||
|
2D8C000
|
trusted library allocation
|
page read and write
|
||
|
631C000
|
heap
|
page read and write
|
||
|
127E000
|
stack
|
page read and write
|
||
|
8867000
|
heap
|
page read and write
|
||
|
3ECA000
|
trusted library allocation
|
page read and write
|
||
|
3DCA000
|
trusted library allocation
|
page read and write
|
||
|
2CC2000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
heap
|
page execute and read and write
|
||
|
16C0000
|
heap
|
page execute and read and write
|
||
|
3C28000
|
trusted library allocation
|
page read and write
|
||
|
121FF000
|
stack
|
page read and write
|
||
|
2B31000
|
trusted library allocation
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
14E0000
|
heap
|
page read and write
|
||
|
7B00000
|
trusted library allocation
|
page read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
2EC9000
|
trusted library allocation
|
page read and write
|
||
|
3DD6000
|
trusted library allocation
|
page read and write
|
||
|
2C00000
|
trusted library allocation
|
page read and write
|
||
|
2B2D000
|
trusted library allocation
|
page read and write
|
||
|
3161000
|
trusted library allocation
|
page read and write
|
||
|
1014000
|
trusted library allocation
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
6334000
|
heap
|
page read and write
|
||
|
E45000
|
trusted library allocation
|
page execute and read and write
|
||
|
3CEF000
|
trusted library allocation
|
page read and write
|
||
|
7F6E000
|
stack
|
page read and write
|
||
|
62E2000
|
heap
|
page read and write
|
||
|
2D04000
|
trusted library allocation
|
page read and write
|
||
|
3B62000
|
trusted library allocation
|
page read and write
|
||
|
3EE9000
|
trusted library allocation
|
page read and write
|
||
|
125BC000
|
stack
|
page read and write
|
||
|
8820000
|
heap
|
page read and write
|
||
|
52C0000
|
heap
|
page execute and read and write
|
||
|
3DDA000
|
trusted library allocation
|
page read and write
|
||
|
2ABE000
|
trusted library allocation
|
page read and write
|
||
|
61AE000
|
stack
|
page read and write
|
||
|
7E70000
|
heap
|
page read and write
|
||
|
3B31000
|
trusted library allocation
|
page read and write
|
||
|
62AE000
|
stack
|
page read and write
|
||
|
1480000
|
trusted library allocation
|
page read and write
|
||
|
1494000
|
trusted library allocation
|
page read and write
|
||
|
3D5E000
|
trusted library allocation
|
page read and write
|
||
|
1610000
|
trusted library allocation
|
page read and write
|
||
|
1207000
|
heap
|
page read and write
|
||
|
88F5000
|
trusted library allocation
|
page read and write
|
||
|
A29D000
|
stack
|
page read and write
|
||
|
2BE3000
|
trusted library allocation
|
page read and write
|
||
|
52FB000
|
stack
|
page read and write
|
||
|
B37000
|
stack
|
page read and write
|
||
|
2C26000
|
trusted library allocation
|
page read and write
|
||
|
2ADD000
|
trusted library allocation
|
page read and write
|
||
|
346B000
|
heap
|
page read and write
|
||
|
3B41000
|
trusted library allocation
|
page read and write
|
||
|
1233F000
|
stack
|
page read and write
|
||
|
2C49000
|
trusted library allocation
|
page read and write
|
||
|
7AB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6740000
|
trusted library allocation
|
page read and write
|
||
|
5F2E000
|
stack
|
page read and write
|
||
|
4A45000
|
trusted library allocation
|
page read and write
|
||
|
1660000
|
trusted library allocation
|
page read and write
|
||
|
3DCC000
|
trusted library allocation
|
page read and write
|
||
|
EAE000
|
stack
|
page read and write
|
||
|
2D26000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
6313000
|
heap
|
page read and write
|
||
|
C890000
|
trusted library allocation
|
page read and write
|
||
|
582F000
|
stack
|
page read and write
|
||
|
428000
|
remote allocation
|
page execute and read and write
|
||
|
140E000
|
stack
|
page read and write
|
||
|
E14000
|
unkown
|
page readonly
|
||
|
F3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
BC5000
|
heap
|
page read and write
|
||
|
431000
|
remote allocation
|
page execute and read and write
|
||
|
F59000
|
stack
|
page read and write
|
||
|
344E000
|
stack
|
page read and write
|
||
|
2DBD000
|
trusted library allocation
|
page read and write
|
||
|
12CA000
|
heap
|
page read and write
|
||
|
5C6E000
|
stack
|
page read and write
|
||
|
14B2000
|
trusted library allocation
|
page read and write
|
||
|
6324000
|
heap
|
page read and write
|
||
|
1600000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
2C57000
|
trusted library allocation
|
page read and write
|
||
|
3C2E000
|
trusted library allocation
|
page read and write
|
||
|
267E000
|
stack
|
page read and write
|
||
|
15A0000
|
heap
|
page read and write
|
||
|
16BE000
|
stack
|
page read and write
|
||
|
430000
|
remote allocation
|
page execute and read and write
|
||
|
2BB2000
|
trusted library allocation
|
page read and write
|
||
|
FEC000
|
stack
|
page read and write
|
||
|
3C28000
|
trusted library allocation
|
page read and write
|
||
|
1CA000
|
stack
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
CF0000
|
trusted library allocation
|
page read and write
|
||
|
66EF000
|
stack
|
page read and write
|
||
|
14AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CEE000
|
trusted library allocation
|
page read and write
|
||
|
3A95000
|
trusted library allocation
|
page read and write
|
||
|
3B5E000
|
trusted library allocation
|
page read and write
|
||
|
7C5A000
|
trusted library allocation
|
page read and write
|
||
|
F77000
|
heap
|
page read and write
|
||
|
1644000
|
trusted library allocation
|
page read and write
|
||
|
3CD1000
|
trusted library allocation
|
page read and write
|
||
|
3390000
|
heap
|
page read and write
|
||
|
A050000
|
trusted library section
|
page read and write
|
||
|
2C0A000
|
trusted library allocation
|
page read and write
|
||
|
2E28000
|
trusted library allocation
|
page read and write
|
||
|
67A4000
|
trusted library allocation
|
page read and write
|
||
|
7FAB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3131000
|
trusted library allocation
|
page read and write
|
||
|
15F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C58000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
527B000
|
stack
|
page read and write
|
||
|
2CD6000
|
trusted library allocation
|
page read and write
|
||
|
3BA0000
|
trusted library allocation
|
page read and write
|
||
|
1616000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C28000
|
trusted library allocation
|
page read and write
|
||
|
3A93000
|
trusted library allocation
|
page read and write
|
||
|
3C88000
|
trusted library allocation
|
page read and write
|
||
|
3C1A000
|
trusted library allocation
|
page read and write
|
||
|
8972000
|
heap
|
page read and write
|
||
|
2AD6000
|
trusted library allocation
|
page read and write
|
||
|
65EE000
|
stack
|
page read and write
|
||
|
2AD1000
|
trusted library allocation
|
page read and write
|
||
|
895D000
|
heap
|
page read and write
|
||
|
3B64000
|
trusted library allocation
|
page read and write
|
||
|
3DBE000
|
trusted library allocation
|
page read and write
|
||
|
18CF000
|
stack
|
page read and write
|
||
|
8945000
|
heap
|
page read and write
|
||
|
3EDA000
|
trusted library allocation
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
6369000
|
heap
|
page read and write
|
||
|
276A000
|
heap
|
page read and write
|
||
|
3E12000
|
trusted library allocation
|
page read and write
|
||
|
2EDF000
|
trusted library allocation
|
page read and write
|
||
|
18D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C3D000
|
stack
|
page read and write
|
||
|
3C32000
|
trusted library allocation
|
page read and write
|
||
|
15F0000
|
trusted library allocation
|
page read and write
|
||
|
EA9000
|
stack
|
page read and write
|
||
|
2F6A000
|
trusted library allocation
|
page read and write
|
||
|
8090000
|
heap
|
page read and write
|
||
|
12CE000
|
heap
|
page read and write
|
||
|
A0F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
1990000
|
heap
|
page read and write
|
||
|
2DDB000
|
trusted library allocation
|
page read and write
|
||
|
673E000
|
stack
|
page read and write
|
||
|
676D000
|
trusted library allocation
|
page read and write
|
||
|
144E000
|
stack
|
page read and write
|
||
|
6720000
|
heap
|
page read and write
|
||
|
52B0000
|
heap
|
page execute and read and write
|
||
|
693B000
|
trusted library allocation
|
page read and write
|
||
|
FAD000
|
heap
|
page read and write
|
||
|
18D000
|
stack
|
page read and write
|
||
|
3BC7000
|
trusted library allocation
|
page read and write
|
||
|
2DF3000
|
trusted library allocation
|
page read and write
|
||
|
E3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D21000
|
trusted library allocation
|
page read and write
|
||
|
112E000
|
trusted library allocation
|
page read and write
|
||
|
2AE4000
|
trusted library allocation
|
page read and write
|
||
|
4FED000
|
stack
|
page read and write
|
||
|
581E000
|
trusted library allocation
|
page read and write
|
||
|
15F0000
|
trusted library allocation
|
page read and write
|
||
|
3169000
|
trusted library allocation
|
page read and write
|
||
|
A100000
|
trusted library allocation
|
page read and write
|
||
|
421000
|
remote allocation
|
page execute and read and write
|
||
|
2D8F000
|
trusted library allocation
|
page read and write
|
||
|
2B21000
|
trusted library allocation
|
page read and write
|
||
|
2B19000
|
trusted library allocation
|
page read and write
|
||
|
647E000
|
stack
|
page read and write
|
||
|
8095000
|
heap
|
page read and write
|
||
|
5014000
|
heap
|
page read and write
|
||
|
2BEB000
|
trusted library allocation
|
page read and write
|
||
|
2C30000
|
trusted library allocation
|
page read and write
|
||
|
3B66000
|
trusted library allocation
|
page read and write
|
||
|
1000000
|
trusted library allocation
|
page read and write
|
||
|
8810000
|
heap
|
page read and write
|
||
|
4FAF000
|
stack
|
page read and write
|
||
|
7DC0000
|
trusted library allocation
|
page read and write
|
||
|
2A60000
|
heap
|
page execute and read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
52A0000
|
trusted library allocation
|
page read and write
|
||
|
D1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3EB0000
|
trusted library allocation
|
page read and write
|
||
|
9A10000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
3C70000
|
trusted library allocation
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
5650000
|
trusted library allocation
|
page read and write
|
||
|
3241000
|
trusted library allocation
|
page read and write
|
||
|
3BAD000
|
trusted library allocation
|
page read and write
|
||
|
2ACE000
|
trusted library allocation
|
page read and write
|
||
|
7C60000
|
trusted library allocation
|
page read and write
|
||
|
2C04000
|
trusted library allocation
|
page read and write
|
||
|
8160000
|
heap
|
page read and write
|
||
|
250000
|
heap
|
page read and write
|
||
|
340F000
|
unkown
|
page read and write
|
||
|
149D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6746000
|
trusted library allocation
|
page read and write
|
||
|
55F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1665000
|
trusted library allocation
|
page read and write
|
||
|
425000
|
remote allocation
|
page execute and read and write
|
||
|
6730000
|
heap
|
page read and write
|
||
|
1610000
|
trusted library allocation
|
page read and write
|
||
|
3B33000
|
trusted library allocation
|
page read and write
|
||
|
42D000
|
remote allocation
|
page execute and read and write
|
||
|
2C8E000
|
trusted library allocation
|
page read and write
|
||
|
3249000
|
trusted library allocation
|
page read and write
|
||
|
5670000
|
trusted library allocation
|
page read and write
|
||
|
7C50000
|
trusted library allocation
|
page read and write
|
||
|
68C0000
|
trusted library allocation
|
page read and write
|
||
|
3DF5000
|
trusted library allocation
|
page read and write
|
||
|
3D69000
|
trusted library allocation
|
page read and write
|
||
|
657E000
|
stack
|
page read and write
|
||
|
3C97000
|
trusted library allocation
|
page read and write
|
||
|
2C5B000
|
trusted library allocation
|
page read and write
|
||
|
158F000
|
stack
|
page read and write
|
||
|
2CFF000
|
trusted library allocation
|
page read and write
|
||
|
2C61000
|
trusted library allocation
|
page read and write
|
||
|
3E04000
|
trusted library allocation
|
page read and write
|
||
|
2B25000
|
trusted library allocation
|
page read and write
|
There are 789 hidden memdumps, click here to show them.