Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
New order.bat.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\tmp6538.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\ydjgrBUVZiNXwd.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\New order.bat.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\ydjgrBUVZiNXwd.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0fl35ose.2ln.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3wu0c25i.nhe.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dwlx05wb.phq.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ffqznhss.s3q.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jt4cpbef.0xy.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_l1uzm32d.ivv.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ruqwh3r0.krv.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xgphgiuu.ray.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp714E.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\ydjgrBUVZiNXwd.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\New order.bat.exe
|
C:\Users\user\Desktop\New order.bat.exe
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\New order.bat.exe
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\ydjgrBUVZiNXwd.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
C:\Windows\System32\schtasks.exe" /Create /TN "Updates\ydjgrBUVZiNXwd" /XML "C:\Users\user\AppData\Local\Temp\tmp6538.tmp
|
|
|
|
C:\Users\user\Desktop\New order.bat.exe
|
C:\Users\user\Desktop\New order.bat.exe
|
|
|
|
C:\Users\user\AppData\Roaming\ydjgrBUVZiNXwd.exe
|
C:\Users\user\AppData\Roaming\ydjgrBUVZiNXwd.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
C:\Windows\System32\schtasks.exe" /Create /TN "Updates\ydjgrBUVZiNXwd" /XML "C:\Users\user\AppData\Local\Temp\tmp714E.tmp
|
|
|
|
C:\Users\user\AppData\Roaming\ydjgrBUVZiNXwd.exe
|
C:\Users\user\AppData\Roaming\ydjgrBUVZiNXwd.exe
|
|
|
|
C:\Users\user\AppData\Roaming\ydjgrBUVZiNXwd.exe
|
C:\Users\user\AppData\Roaming\ydjgrBUVZiNXwd.exe
|
|
|
|
C:\Users\user\AppData\Roaming\ydjgrBUVZiNXwd.exe
|
C:\Users\user\AppData\Roaming\ydjgrBUVZiNXwd.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 5 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
104.26.12.205
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
https://api.ipify.org
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://mail.elec-qatar.com
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 22 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.elec-qatar.com
|
50.87.139.143
|
|
|
|
api.ipify.org
|
104.26.12.205
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
50.87.139.143
|
mail.elec-qatar.com
|
United States
|
|
|
|
104.26.12.205
|
api.ipify.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\New order_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\New order_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\New order_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\New order_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\New order_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\New order_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\New order_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\New order_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\New order_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\New order_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\New order_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\New order_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\New order_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\New order_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ydjgrBUVZiNXwd_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ydjgrBUVZiNXwd_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ydjgrBUVZiNXwd_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ydjgrBUVZiNXwd_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ydjgrBUVZiNXwd_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ydjgrBUVZiNXwd_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ydjgrBUVZiNXwd_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ydjgrBUVZiNXwd_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ydjgrBUVZiNXwd_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ydjgrBUVZiNXwd_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ydjgrBUVZiNXwd_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ydjgrBUVZiNXwd_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ydjgrBUVZiNXwd_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\ydjgrBUVZiNXwd_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2DB1000
|
trusted library allocation
|
page read and write
|
|
|
|
2821000
|
trusted library allocation
|
page read and write
|
|
|
|
3247000
|
trusted library allocation
|
page read and write
|
|
|
|
3221000
|
trusted library allocation
|
page read and write
|
|
|
|
7770000
|
trusted library section
|
page read and write
|
|
|
|
3DF3000
|
trusted library allocation
|
page read and write
|
|
|
|
2862000
|
trusted library allocation
|
page read and write
|
|
|
|
4A5B000
|
trusted library allocation
|
page read and write
|
|
|
|
40CE000
|
trusted library allocation
|
page read and write
|
|
|
|
3DB9000
|
trusted library allocation
|
page read and write
|
|
|
|
2DF2000
|
trusted library allocation
|
page read and write
|
|
|
|
3497000
|
trusted library allocation
|
page read and write
|
|
|
|
3471000
|
trusted library allocation
|
page read and write
|
|
|
|
429000
|
remote allocation
|
page execute and read and write
|
|
|
|
7730000
|
trusted library section
|
page read and write
|
|
|
|
CA4000
|
heap
|
page read and write
|
||
|
4DE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
CE2000
|
heap
|
page read and write
|
||
|
EFE000
|
stack
|
page read and write
|
||
|
403000
|
remote allocation
|
page execute and read and write
|
||
|
4DC0000
|
heap
|
page read and write
|
||
|
5302000
|
trusted library allocation
|
page read and write
|
||
|
1484000
|
heap
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
4D40000
|
trusted library allocation
|
page read and write
|
||
|
3AD9000
|
trusted library allocation
|
page read and write
|
||
|
76ED000
|
stack
|
page read and write
|
||
|
1445000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D38000
|
trusted library allocation
|
page read and write
|
||
|
3400000
|
trusted library allocation
|
page read and write
|
||
|
52D0000
|
trusted library allocation
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
7750000
|
trusted library allocation
|
page read and write
|
||
|
684F000
|
stack
|
page read and write
|
||
|
9E7E000
|
stack
|
page read and write
|
||
|
6E98000
|
trusted library allocation
|
page read and write
|
||
|
6F90000
|
trusted library allocation
|
page read and write
|
||
|
5260000
|
heap
|
page read and write
|
||
|
27B0000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
heap
|
page read and write
|
||
|
52F6000
|
trusted library allocation
|
page read and write
|
||
|
A9A000
|
stack
|
page read and write
|
||
|
6F07000
|
trusted library allocation
|
page read and write
|
||
|
40B000
|
remote allocation
|
page execute and read and write
|
||
|
6D0E000
|
stack
|
page read and write
|
||
|
1387000
|
heap
|
page read and write
|
||
|
E5A000
|
heap
|
page read and write
|
||
|
596E000
|
trusted library allocation
|
page read and write
|
||
|
4E43000
|
heap
|
page read and write
|
||
|
4DB8000
|
trusted library allocation
|
page read and write
|
||
|
A20E000
|
stack
|
page read and write
|
||
|
3821000
|
trusted library allocation
|
page read and write
|
||
|
56E1000
|
trusted library allocation
|
page read and write
|
||
|
6AB0000
|
heap
|
page read and write
|
||
|
1970000
|
trusted library allocation
|
page read and write
|
||
|
5710000
|
trusted library allocation
|
page read and write
|
||
|
709E000
|
stack
|
page read and write
|
||
|
952000
|
unkown
|
page readonly
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
4D4B000
|
trusted library allocation
|
page read and write
|
||
|
1470000
|
heap
|
page execute and read and write
|
||
|
AEAC000
|
stack
|
page read and write
|
||
|
6EB7000
|
trusted library allocation
|
page read and write
|
||
|
27E0000
|
trusted library allocation
|
page read and write
|
||
|
6B22000
|
heap
|
page read and write
|
||
|
A180000
|
trusted library allocation
|
page execute and read and write
|
||
|
C56000
|
trusted library allocation
|
page execute and read and write
|
||
|
40C000
|
remote allocation
|
page execute and read and write
|
||
|
31CF000
|
unkown
|
page read and write
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
11E7000
|
heap
|
page read and write
|
||
|
1414000
|
trusted library allocation
|
page read and write
|
||
|
96FE000
|
stack
|
page read and write
|
||
|
55C0000
|
heap
|
page execute and read and write
|
||
|
33F0000
|
trusted library allocation
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
3967000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
trusted library allocation
|
page read and write
|
||
|
99BE000
|
stack
|
page read and write
|
||
|
A39E000
|
stack
|
page read and write
|
||
|
ED9000
|
heap
|
page read and write
|
||
|
C40000
|
trusted library allocation
|
page read and write
|
||
|
6B77000
|
heap
|
page read and write
|
||
|
10F0000
|
trusted library allocation
|
page read and write
|
||
|
3456000
|
trusted library allocation
|
page read and write
|
||
|
F03000
|
heap
|
page read and write
|
||
|
10CE000
|
stack
|
page read and write
|
||
|
7B5E000
|
stack
|
page read and write
|
||
|
143A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1400000
|
trusted library allocation
|
page read and write
|
||
|
18AF000
|
stack
|
page read and write
|
||
|
C97000
|
heap
|
page read and write
|
||
|
1458000
|
heap
|
page read and write
|
||
|
6AE0000
|
heap
|
page read and write
|
||
|
A86D000
|
stack
|
page read and write
|
||
|
DCE000
|
stack
|
page read and write
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
6EB0000
|
trusted library allocation
|
page read and write
|
||
|
11BE000
|
stack
|
page read and write
|
||
|
18EE000
|
stack
|
page read and write
|
||
|
6B83000
|
heap
|
page read and write
|
||
|
E4E000
|
stack
|
page read and write
|
||
|
56D2000
|
trusted library allocation
|
page read and write
|
||
|
3C4F000
|
trusted library allocation
|
page read and write
|
||
|
418000
|
remote allocation
|
page execute and read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
41D1000
|
trusted library allocation
|
page read and write
|
||
|
43A000
|
remote allocation
|
page execute and read and write
|
||
|
5714000
|
trusted library allocation
|
page read and write
|
||
|
4D6D000
|
trusted library allocation
|
page read and write
|
||
|
7120000
|
heap
|
page read and write
|
||
|
1440000
|
trusted library allocation
|
page read and write
|
||
|
5020000
|
heap
|
page read and write
|
||
|
4F8C000
|
stack
|
page read and write
|
||
|
1990000
|
trusted library allocation
|
page read and write
|
||
|
6FF0000
|
trusted library allocation
|
page read and write
|
||
|
2DFA000
|
stack
|
page read and write
|
||
|
73B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
43E000
|
remote allocation
|
page execute and read and write
|
||
|
4E10000
|
trusted library allocation
|
page execute and read and write
|
||
|
70AE000
|
stack
|
page read and write
|
||
|
14BE000
|
stack
|
page read and write
|
||
|
7678000
|
heap
|
page read and write
|
||
|
1790000
|
heap
|
page execute and read and write
|
||
|
4E8B000
|
stack
|
page read and write
|
||
|
4D61000
|
trusted library allocation
|
page read and write
|
||
|
D62000
|
trusted library allocation
|
page read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
15AA000
|
heap
|
page read and write
|
||
|
5730000
|
trusted library allocation
|
page read and write
|
||
|
58C0000
|
heap
|
page read and write
|
||
|
448E000
|
trusted library allocation
|
page read and write
|
||
|
7012000
|
trusted library allocation
|
page read and write
|
||
|
6C80000
|
trusted library allocation
|
page read and write
|
||
|
56F2000
|
trusted library allocation
|
page read and write
|
||
|
6F00000
|
trusted library allocation
|
page read and write
|
||
|
7760000
|
trusted library section
|
page read and write
|
||
|
1AC7000
|
heap
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
6A22000
|
heap
|
page read and write
|
||
|
69B2000
|
heap
|
page read and write
|
||
|
3843000
|
trusted library allocation
|
page read and write
|
||
|
5992000
|
trusted library allocation
|
page read and write
|
||
|
4DF0000
|
trusted library allocation
|
page read and write
|
||
|
4828000
|
trusted library allocation
|
page read and write
|
||
|
E85000
|
heap
|
page read and write
|
||
|
AB5000
|
heap
|
page read and write
|
||
|
5335000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
34B8000
|
trusted library allocation
|
page read and write
|
||
|
197D000
|
trusted library allocation
|
page execute and read and write
|
||
|
14CD000
|
heap
|
page read and write
|
||
|
8F7000
|
stack
|
page read and write
|
||
|
1AC0000
|
heap
|
page read and write
|
||
|
4E30000
|
trusted library section
|
page readonly
|
||
|
4DD2000
|
trusted library allocation
|
page read and write
|
||
|
5C2C000
|
stack
|
page read and write
|
||
|
428000
|
remote allocation
|
page execute and read and write
|
||
|
AB0E000
|
stack
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
6F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
346D000
|
trusted library allocation
|
page read and write
|
||
|
3A52000
|
trusted library allocation
|
page read and write
|
||
|
5986000
|
trusted library allocation
|
page read and write
|
||
|
A9CE000
|
stack
|
page read and write
|
||
|
3AF9000
|
trusted library allocation
|
page read and write
|
||
|
1413000
|
trusted library allocation
|
page read and write
|
||
|
52EE000
|
trusted library allocation
|
page read and write
|
||
|
69B0000
|
heap
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
40E000
|
remote allocation
|
page execute and read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
6D9D000
|
stack
|
page read and write
|
||
|
73F0000
|
heap
|
page read and write
|
||
|
5310000
|
trusted library allocation
|
page read and write
|
||
|
5860000
|
heap
|
page read and write
|
||
|
6D50000
|
trusted library allocation
|
page read and write
|
||
|
142A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5247000
|
trusted library allocation
|
page read and write
|
||
|
3C48000
|
trusted library allocation
|
page read and write
|
||
|
9FBE000
|
stack
|
page read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
7100000
|
trusted library allocation
|
page read and write
|
||
|
423F000
|
trusted library allocation
|
page read and write
|
||
|
6D1F000
|
stack
|
page read and write
|
||
|
52FD000
|
trusted library allocation
|
page read and write
|
||
|
9C40000
|
heap
|
page read and write
|
||
|
A3AE000
|
stack
|
page read and write
|
||
|
111A000
|
stack
|
page read and write
|
||
|
5720000
|
heap
|
page read and write
|
||
|
2DBD000
|
stack
|
page read and write
|
||
|
51D8000
|
trusted library allocation
|
page read and write
|
||
|
D1B000
|
heap
|
page read and write
|
||
|
19C0000
|
heap
|
page execute and read and write
|
||
|
C5A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1450000
|
trusted library allocation
|
page read and write
|
||
|
56CE000
|
trusted library allocation
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
6AB4000
|
heap
|
page read and write
|
||
|
E93000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
D03000
|
heap
|
page read and write
|
||
|
7110000
|
trusted library allocation
|
page execute and read and write
|
||
|
14D0000
|
heap
|
page read and write
|
||
|
2EFE000
|
stack
|
page read and write
|
||
|
34B6000
|
trusted library allocation
|
page read and write
|
||
|
34B4000
|
trusted library allocation
|
page read and write
|
||
|
162C000
|
heap
|
page read and write
|
||
|
69E0000
|
heap
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
57A0000
|
heap
|
page read and write
|
||
|
28E8000
|
trusted library allocation
|
page read and write
|
||
|
171E000
|
stack
|
page read and write
|
||
|
9AFE000
|
stack
|
page read and write
|
||
|
58C5000
|
heap
|
page read and write
|
||
|
439000
|
remote allocation
|
page execute and read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
6D4D000
|
trusted library allocation
|
page read and write
|
||
|
3090000
|
trusted library allocation
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
1436000
|
trusted library allocation
|
page execute and read and write
|
||
|
320F000
|
trusted library allocation
|
page read and write
|
||
|
AACE000
|
stack
|
page read and write
|
||
|
33B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A30000
|
trusted library allocation
|
page read and write
|
||
|
E78000
|
heap
|
page read and write
|
||
|
AAE000
|
stack
|
page read and write
|
||
|
570D000
|
stack
|
page read and write
|
||
|
71AF000
|
stack
|
page read and write
|
||
|
325A000
|
trusted library allocation
|
page read and write
|
||
|
336F000
|
stack
|
page read and write
|
||
|
6EBB000
|
trusted library allocation
|
page read and write
|
||
|
9EBE000
|
stack
|
page read and write
|
||
|
27A6000
|
trusted library allocation
|
page read and write
|
||
|
2A7C000
|
trusted library allocation
|
page read and write
|
||
|
1487000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
40A000
|
remote allocation
|
page execute and read and write
|
||
|
53C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
27D0000
|
heap
|
page execute and read and write
|
||
|
5960000
|
trusted library allocation
|
page read and write
|
||
|
4D66000
|
trusted library allocation
|
page read and write
|
||
|
4449000
|
trusted library allocation
|
page read and write
|
||
|
27A4000
|
trusted library allocation
|
page read and write
|
||
|
300C000
|
trusted library allocation
|
page read and write
|
||
|
9C3D000
|
stack
|
page read and write
|
||
|
6D7E000
|
stack
|
page read and write
|
||
|
3829000
|
trusted library allocation
|
page read and write
|
||
|
2F3E000
|
stack
|
page read and write
|
||
|
1695000
|
heap
|
page read and write
|
||
|
308C000
|
stack
|
page read and write
|
||
|
7780000
|
trusted library allocation
|
page execute and read and write
|
||
|
33F4000
|
trusted library allocation
|
page read and write
|
||
|
6FFF000
|
stack
|
page read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
660E000
|
stack
|
page read and write
|
||
|
27C0000
|
trusted library allocation
|
page read and write
|
||
|
1432000
|
trusted library allocation
|
page read and write
|
||
|
6FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
6B7A000
|
heap
|
page read and write
|
||
|
A740000
|
heap
|
page read and write
|
||
|
6AD0000
|
heap
|
page read and write
|
||
|
14E4000
|
heap
|
page read and write
|
||
|
5716000
|
trusted library allocation
|
page read and write
|
||
|
DF7000
|
heap
|
page read and write
|
||
|
147A000
|
heap
|
page read and write
|
||
|
4D44000
|
trusted library allocation
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page read and write
|
||
|
69CE000
|
stack
|
page read and write
|
||
|
7870000
|
trusted library allocation
|
page execute and read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
1442000
|
trusted library allocation
|
page read and write
|
||
|
7F610000
|
trusted library allocation
|
page execute and read and write
|
||
|
5750000
|
heap
|
page read and write
|
||
|
32EB000
|
heap
|
page read and write
|
||
|
CF3000
|
heap
|
page read and write
|
||
|
3DB1000
|
trusted library allocation
|
page read and write
|
||
|
326A000
|
trusted library allocation
|
page read and write
|
||
|
2800000
|
heap
|
page execute and read and write
|
||
|
6E90000
|
trusted library allocation
|
page read and write
|
||
|
5483000
|
heap
|
page read and write
|
||
|
33E0000
|
heap
|
page execute and read and write
|
||
|
5981000
|
trusted library allocation
|
page read and write
|
||
|
6DA7000
|
trusted library allocation
|
page read and write
|
||
|
17EE000
|
stack
|
page read and write
|
||
|
C6E000
|
heap
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
6990000
|
heap
|
page read and write
|
||
|
A1CE000
|
stack
|
page read and write
|
||
|
27C5000
|
trusted library allocation
|
page read and write
|
||
|
56ED000
|
trusted library allocation
|
page read and write
|
||
|
705D000
|
stack
|
page read and write
|
||
|
763B000
|
heap
|
page read and write
|
||
|
6D57000
|
trusted library allocation
|
page read and write
|
||
|
701B000
|
trusted library allocation
|
page read and write
|
||
|
4421000
|
trusted library allocation
|
page read and write
|
||
|
199B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7790000
|
trusted library allocation
|
page read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
523E000
|
stack
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
7010000
|
trusted library allocation
|
page read and write
|
||
|
6F10000
|
trusted library allocation
|
page read and write
|
||
|
186E000
|
stack
|
page read and write
|
||
|
A4EE000
|
stack
|
page read and write
|
||
|
1995000
|
trusted library allocation
|
page execute and read and write
|
||
|
D67000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C90000
|
trusted library allocation
|
page read and write
|
||
|
6A19000
|
heap
|
page read and write
|
||
|
5320000
|
trusted library allocation
|
page read and write
|
||
|
10F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
53A0000
|
heap
|
page read and write
|
||
|
1611000
|
heap
|
page read and write
|
||
|
1432000
|
trusted library allocation
|
page read and write
|
||
|
1426000
|
trusted library allocation
|
page execute and read and write
|
||
|
5974000
|
trusted library allocation
|
page read and write
|
||
|
6E7F000
|
stack
|
page read and write
|
||
|
950000
|
unkown
|
page readonly
|
||
|
6BC0000
|
trusted library allocation
|
page read and write
|
||
|
7400000
|
heap
|
page read and write
|
||
|
12F8000
|
stack
|
page read and write
|
||
|
C68000
|
heap
|
page read and write
|
||
|
7630000
|
heap
|
page read and write
|
||
|
4E34000
|
trusted library section
|
page readonly
|
||
|
1420000
|
trusted library allocation
|
page read and write
|
||
|
1422000
|
trusted library allocation
|
page read and write
|
||
|
52F1000
|
trusted library allocation
|
page read and write
|
||
|
6C99000
|
trusted library allocation
|
page read and write
|
||
|
4D72000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
A3DE000
|
stack
|
page read and write
|
||
|
1680000
|
trusted library allocation
|
page read and write
|
||
|
6AC9000
|
heap
|
page read and write
|
||
|
27A0000
|
trusted library allocation
|
page read and write
|
||
|
31CE000
|
stack
|
page read and write
|
||
|
143B000
|
trusted library allocation
|
page execute and read and write
|
||
|
C43000
|
trusted library allocation
|
page read and write
|
||
|
560C000
|
stack
|
page read and write
|
||
|
5750000
|
heap
|
page read and write
|
||
|
2885000
|
trusted library allocation
|
page read and write
|
||
|
19B0000
|
trusted library allocation
|
page read and write
|
||
|
1997000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CBB000
|
heap
|
page read and write
|
||
|
6B90000
|
heap
|
page read and write
|
||
|
7C5F000
|
stack
|
page read and write
|
||
|
44CB000
|
trusted library allocation
|
page read and write
|
||
|
C24000
|
trusted library allocation
|
page read and write
|
||
|
C23000
|
trusted library allocation
|
page execute and read and write
|
||
|
1437000
|
trusted library allocation
|
page execute and read and write
|
||
|
52DB000
|
trusted library allocation
|
page read and write
|
||
|
1588000
|
heap
|
page read and write
|
||
|
1460000
|
trusted library allocation
|
page execute and read and write
|
||
|
596B000
|
trusted library allocation
|
page read and write
|
||
|
1684000
|
trusted library allocation
|
page read and write
|
||
|
140E000
|
stack
|
page read and write
|
||
|
501B000
|
stack
|
page read and write
|
||
|
99FE000
|
stack
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
551D000
|
stack
|
page read and write
|
||
|
40D000
|
remote allocation
|
page execute and read and write
|
||
|
5590000
|
trusted library allocation
|
page execute and read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
53D0000
|
trusted library allocation
|
page read and write
|
||
|
324F000
|
stack
|
page read and write
|
||
|
A730000
|
heap
|
page read and write
|
||
|
7000000
|
trusted library allocation
|
page execute and read and write
|
||
|
F0B000
|
heap
|
page read and write
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
2EBF000
|
unkown
|
page read and write
|
||
|
34AA000
|
trusted library allocation
|
page read and write
|
||
|
2810000
|
heap
|
page read and write
|
||
|
5250000
|
heap
|
page read and write
|
||
|
14C6000
|
heap
|
page read and write
|
||
|
1730000
|
trusted library allocation
|
page read and write
|
||
|
3C0D000
|
trusted library allocation
|
page read and write
|
||
|
A15B000
|
stack
|
page read and write
|
||
|
6EB0000
|
trusted library allocation
|
page read and write
|
||
|
5769000
|
heap
|
page read and write
|
||
|
9D7E000
|
stack
|
page read and write
|
||
|
3264000
|
trusted library allocation
|
page read and write
|
||
|
6EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A62D000
|
stack
|
page read and write
|
||
|
ADAC000
|
stack
|
page read and write
|
||
|
177E000
|
stack
|
page read and write
|
||
|
CFF000
|
heap
|
page read and write
|
||
|
AEEE000
|
stack
|
page read and write
|
||
|
34BA000
|
trusted library allocation
|
page read and write
|
||
|
3500000
|
heap
|
page read and write
|
||
|
417000
|
remote allocation
|
page execute and read and write
|
||
|
FB9000
|
stack
|
page read and write
|
||
|
E5E000
|
heap
|
page read and write
|
||
|
A72D000
|
stack
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
5700000
|
heap
|
page execute and read and write
|
||
|
A25C000
|
stack
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
597E000
|
trusted library allocation
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
6BB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6FBD000
|
stack
|
page read and write
|
||
|
6B67000
|
heap
|
page read and write
|
||
|
1AB0000
|
heap
|
page read and write
|
||
|
198A000
|
trusted library allocation
|
page execute and read and write
|
||
|
33AC000
|
stack
|
page read and write
|
||
|
D80000
|
trusted library allocation
|
page read and write
|
||
|
1507000
|
heap
|
page read and write
|
||
|
6CA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5480000
|
heap
|
page read and write
|
||
|
5740000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
C20000
|
trusted library allocation
|
page read and write
|
||
|
49FC000
|
stack
|
page read and write
|
||
|
31D1000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
1992000
|
trusted library allocation
|
page read and write
|
||
|
33D0000
|
trusted library allocation
|
page read and write
|
||
|
2CB0000
|
heap
|
page read and write
|
||
|
71FE000
|
unkown
|
page read and write
|
||
|
D6B000
|
trusted library allocation
|
page execute and read and write
|
||
|
33C0000
|
trusted library allocation
|
page read and write
|
||
|
A6E000
|
stack
|
page read and write
|
||
|
C10000
|
trusted library allocation
|
page read and write
|
||
|
6D30000
|
heap
|
page read and write
|
||
|
72FE000
|
stack
|
page read and write
|
||
|
3CCB000
|
trusted library allocation
|
page read and write
|
||
|
5B2C000
|
stack
|
page read and write
|
||
|
56C0000
|
trusted library allocation
|
page read and write
|
||
|
120E000
|
stack
|
page read and write
|
||
|
141D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E5B000
|
trusted library allocation
|
page read and write
|
||
|
4E40000
|
heap
|
page read and write
|
||
|
41F9000
|
trusted library allocation
|
page read and write
|
||
|
2C7E000
|
unkown
|
page read and write
|
||
|
70DE000
|
stack
|
page read and write
|
||
|
4D5E000
|
trusted library allocation
|
page read and write
|
||
|
6EA0000
|
trusted library allocation
|
page read and write
|
||
|
B97000
|
stack
|
page read and write
|
||
|
2DAE000
|
stack
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
6C1E000
|
stack
|
page read and write
|
||
|
6AF4000
|
heap
|
page read and write
|
||
|
32E0000
|
heap
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
7400000
|
heap
|
page read and write
|
||
|
5BEF000
|
unkown
|
page read and write
|
||
|
5710000
|
heap
|
page read and write
|
||
|
135E000
|
stack
|
page read and write
|
||
|
6E5E000
|
stack
|
page read and write
|
||
|
536E000
|
stack
|
page read and write
|
||
|
6D30000
|
trusted library allocation
|
page read and write
|
||
|
75EE000
|
stack
|
page read and write
|
||
|
5D4F000
|
unkown
|
page read and write
|
||
|
5470000
|
trusted library allocation
|
page read and write
|
||
|
7860000
|
trusted library allocation
|
page read and write
|
||
|
F21000
|
heap
|
page read and write
|
||
|
5240000
|
trusted library allocation
|
page read and write
|
||
|
1982000
|
trusted library allocation
|
page read and write
|
||
|
15BC000
|
heap
|
page read and write
|
||
|
15B9000
|
heap
|
page read and write
|
||
|
130E000
|
stack
|
page read and write
|
||
|
F75000
|
heap
|
page read and write
|
||
|
48FC000
|
stack
|
page read and write
|
||
|
153E000
|
stack
|
page read and write
|
||
|
141D000
|
trusted library allocation
|
page execute and read and write
|
||
|
762E000
|
stack
|
page read and write
|
||
|
A170000
|
trusted library allocation
|
page read and write
|
||
|
56E6000
|
trusted library allocation
|
page read and write
|
||
|
168D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3EF7000
|
trusted library allocation
|
page read and write
|
||
|
5340000
|
trusted library allocation
|
page read and write
|
||
|
73C0000
|
heap
|
page read and write
|
||
|
108E000
|
stack
|
page read and write
|
||
|
1447000
|
trusted library allocation
|
page execute and read and write
|
||
|
321D000
|
trusted library allocation
|
page read and write
|
||
|
320E000
|
stack
|
page read and write
|
||
|
A4AE000
|
stack
|
page read and write
|
||
|
AFEE000
|
stack
|
page read and write
|
||
|
750E000
|
stack
|
page read and write
|
||
|
73A0000
|
trusted library allocation
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
296D000
|
stack
|
page read and write
|
||
|
598D000
|
trusted library allocation
|
page read and write
|
||
|
345F000
|
trusted library allocation
|
page read and write
|
||
|
7AA0000
|
trusted library section
|
page read and write
|
||
|
2C20000
|
heap
|
page read and write
|
||
|
1420000
|
trusted library allocation
|
page read and write
|
||
|
1683000
|
trusted library allocation
|
page execute and read and write
|
||
|
5ACC000
|
stack
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
52D4000
|
trusted library allocation
|
page read and write
|
||
|
C50000
|
trusted library allocation
|
page read and write
|
||
|
98BE000
|
stack
|
page read and write
|
||
|
5EA000
|
stack
|
page read and write
|
||
|
734E000
|
stack
|
page read and write
|
||
|
C4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3206000
|
trusted library allocation
|
page read and write
|
||
|
6D48000
|
trusted library allocation
|
page read and write
|
||
|
6D40000
|
trusted library allocation
|
page read and write
|
||
|
1980000
|
trusted library allocation
|
page read and write
|
||
|
4089000
|
trusted library allocation
|
page read and write
|
||
|
1395000
|
heap
|
page read and write
|
||
|
3FE2000
|
trusted library allocation
|
page read and write
|
||
|
409000
|
remote allocation
|
page execute and read and write
|
||
|
5270000
|
heap
|
page read and write
|
||
|
6C0E000
|
stack
|
page read and write
|
||
|
A29E000
|
stack
|
page read and write
|
||
|
670F000
|
stack
|
page read and write
|
||
|
3B56000
|
trusted library allocation
|
page read and write
|
||
|
6F8E000
|
stack
|
page read and write
|
||
|
1780000
|
trusted library allocation
|
page execute and read and write
|
||
|
1986000
|
trusted library allocation
|
page execute and read and write
|
||
|
674E000
|
stack
|
page read and write
|
||
|
317E000
|
unkown
|
page read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
5070000
|
heap
|
page read and write
|
||
|
4D80000
|
trusted library allocation
|
page read and write
|
||
|
1A0E000
|
stack
|
page read and write
|
||
|
144B000
|
trusted library allocation
|
page execute and read and write
|
||
|
AC0E000
|
stack
|
page read and write
|
||
|
578E000
|
heap
|
page read and write
|
||
|
6E9E000
|
stack
|
page read and write
|
||
|
786A000
|
trusted library allocation
|
page read and write
|
||
|
56B0000
|
trusted library allocation
|
page read and write
|
||
|
29A9000
|
stack
|
page read and write
|
||
|
6DC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7EE50000
|
trusted library allocation
|
page execute and read and write
|
||
|
A4DE000
|
stack
|
page read and write
|
||
|
14F0000
|
trusted library allocation
|
page read and write
|
||
|
752E000
|
stack
|
page read and write
|
||
|
CA2000
|
heap
|
page read and write
|
||
|
5724000
|
heap
|
page read and write
|
||
|
10F4000
|
trusted library allocation
|
page read and write
|
||
|
3B3F000
|
trusted library allocation
|
page read and write
|
||
|
96BE000
|
stack
|
page read and write
|
||
|
A5EF000
|
stack
|
page read and write
|
||
|
10FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
6DA0000
|
trusted library allocation
|
page read and write
|
||
|
1607000
|
heap
|
page read and write
|
||
|
56DE000
|
trusted library allocation
|
page read and write
|
||
|
6AEA000
|
heap
|
page read and write
|
||
|
73D0000
|
heap
|
page read and write
|
||
|
53B2000
|
trusted library allocation
|
page read and write
|
||
|
3EA9000
|
trusted library allocation
|
page read and write
|
||
|
56CB000
|
trusted library allocation
|
page read and write
|
||
|
5360000
|
trusted library allocation
|
page read and write
|
||
|
5330000
|
trusted library allocation
|
page read and write
|
||
|
3421000
|
trusted library allocation
|
page read and write
|
||
|
142D000
|
trusted library allocation
|
page execute and read and write
|
||
|
C52000
|
trusted library allocation
|
page read and write
|
||
|
1AB4000
|
heap
|
page read and write
|
||
|
279E000
|
stack
|
page read and write
|
||
|
573E000
|
trusted library allocation
|
page read and write
|
||
|
A96E000
|
stack
|
page read and write
|
||
|
2E6F000
|
trusted library allocation
|
page read and write
|
||
|
1413000
|
trusted library allocation
|
page execute and read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
517E000
|
stack
|
page read and write
|
||
|
6ABE000
|
heap
|
page read and write
|
||
|
6DB0000
|
trusted library allocation
|
page read and write
|
||
|
7850000
|
trusted library allocation
|
page read and write
|
||
|
5760000
|
heap
|
page read and write
|
||
|
3863000
|
trusted library allocation
|
page read and write
|
||
|
17A0000
|
heap
|
page read and write
|
||
|
146F000
|
heap
|
page read and write
|
||
|
1A18000
|
trusted library allocation
|
page read and write
|
||
|
3BD2000
|
trusted library allocation
|
page read and write
|
||
|
55B0000
|
trusted library section
|
page readonly
|
||
|
6ACE000
|
stack
|
page read and write
|
||
|
2E15000
|
trusted library allocation
|
page read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
5030000
|
heap
|
page read and write
|
||
|
9B3D000
|
stack
|
page read and write
|
||
|
5720000
|
heap
|
page read and write
|
||
|
59CC000
|
stack
|
page read and write
|
||
|
6EAD000
|
trusted library allocation
|
page read and write
|
||
|
5255000
|
heap
|
page read and write
|
||
|
14F9000
|
stack
|
page read and write
|
||
|
6D43000
|
trusted library allocation
|
page read and write
|
There are 575 hidden memdumps, click here to show them.