Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
nsis-installer.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\SerenityTherapyInstaller.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\D3DSCache\5b4e827ea0c96efd\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\D3DSCache\5b4e827ea0c96efd\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
|
ASCII text, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\D3DSCache\5b4e827ea0c96efd\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
|
Matlab v4 mat-file (little endian) (, numeric, rows 0, columns 16, imaginary
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\LICENSE.electron.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\LICENSES.chromium.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\chrome_100_percent.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\chrome_200_percent.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\d3dcompiler_47.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\ffmpeg.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\icudtl.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\libEGL.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\libGLESv2.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\locales\af.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\locales\am.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\locales\ar.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\locales\bg.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\locales\bn.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\locales\ca.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\resources.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\snapshot_blob.bin
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\v8_context_snapshot.bin
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\vk_swiftshader.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\vk_swiftshader_icd.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\vulkan-1.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\496db3a3-1a7f-4f1b-9fcf-efdaeed463f0.tmp.node
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\8643e452-b938-4f7e-b6f6-6c79c3287391.tmp.node
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3dincutv.eem.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3ofq3lde.4wp.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4qs4bf1f.sjc.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4t5nvsem.qun.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_brskhiv3.m0b.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cc21cv3h.uf5.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_drghpzag.zal.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dvdjxw0x.ou2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hxhqdpqg.1c5.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_iz5dm4ax.15d.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kkrpzhpl.i5k.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ljcdovsy.igu.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_n1i5acdv.0m3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nsmbg5ro.bxw.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_orsy05su.rrt.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_r2lcpk1r.fll.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rf2mqf4h.lgx.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sbupstr1.qth.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vjlpmqyv.1re.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vresv4fo.4ql.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\a5cccf86-07fd-48a4-a9cf-7cd44af85556.tmp.node
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\e10a37c2-8429-4258-9cd3-d725395e8215.tmp.node
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\LICENSE.electron.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\LICENSES.chromium.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\SerenityTherapyInstaller.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\chrome_100_percent.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\chrome_200_percent.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\d3dcompiler_47.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\ffmpeg.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\icudtl.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\libEGL.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\libGLESv2.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\af.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\am.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\ar.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\bg.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\bn.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\ca.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\cs.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\da.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\de.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\el.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\en-GB.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\en-US.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\es-419.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\es.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\et.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\fa.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\fi.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\fil.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\fr.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\gu.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\he.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\hi.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\hr.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\hu.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\id.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\it.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\ja.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\kn.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\ko.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\lt.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\lv.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\ml.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\mr.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\ms.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\nb.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\nl.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\pl.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\pt-BR.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\pt-PT.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\ro.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\ru.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\sk.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\sl.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\sr.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\sv.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\sw.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\ta.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\te.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\th.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\tr.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\uk.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\ur.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\vi.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\zh-CN.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\locales\zh-TW.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\resources.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\resources\app.asar
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\resources\elevate.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\snapshot_blob.bin
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\v8_context_snapshot.bin
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\vk_swiftshader.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\vk_swiftshader_icd.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\7z-out\vulkan-1.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\SpiderBanner.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\StdUtils.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\app-32.7z
|
7-zip archive data, version 0.4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\nsExec.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss10B5.tmp\nsis7z.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\SerenityTherapyInstaller\1508d4cb-6eb4-4c1c-911b-6a8c7e0b4058.tmp
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\Roaming\SerenityTherapyInstaller\Local State (copy)
|
JSON data
|
dropped
|
There are 122 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\nsis-installer.exe
|
"C:\Users\user\Desktop\nsis-installer.exe"
|
|
|
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\SerenityTherapyInstaller.exe
|
"C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\SerenityTherapyInstaller.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
|
|
|
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\SerenityTherapyInstaller.exe
|
"C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\SerenityTherapyInstaller.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\SerenityTherapyInstaller"
--gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAAAGAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAACAAAAAAAAAA=
--mojo-platform-channel-handle=1972 --field-trial-handle=1976,i,9719428906805688631,3168165960160999559,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand
/prefetch:2
|
|
|
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\SerenityTherapyInstaller.exe
|
"C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\SerenityTherapyInstaller.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --user-data-dir="C:\Users\user\AppData\Roaming\SerenityTherapyInstaller" --mojo-platform-channel-handle=2144
--field-trial-handle=1976,i,9719428906805688631,3168165960160999559,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand
/prefetch:8
|
|
|
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\SerenityTherapyInstaller.exe
|
"C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\SerenityTherapyInstaller.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
|
|
|
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\SerenityTherapyInstaller.exe
|
"C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\SerenityTherapyInstaller.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\SerenityTherapyInstaller"
--gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAAAGAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAACAAAAAAAAAA=
--mojo-platform-channel-handle=1912 --field-trial-handle=1916,i,2428637527847521265,8401632774138072131,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand
/prefetch:2
|
|
|
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\SerenityTherapyInstaller.exe
|
"C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\SerenityTherapyInstaller.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --user-data-dir="C:\Users\user\AppData\Roaming\SerenityTherapyInstaller" --mojo-platform-channel-handle=1808
--field-trial-handle=1916,i,2428637527847521265,8401632774138072131,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand
/prefetch:8
|
|
|
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\SerenityTherapyInstaller.exe
|
"C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\SerenityTherapyInstaller.exe" --type=gpu-process --disable-gpu-sandbox
--use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546
--user-data-dir="C:\Users\user\AppData\Roaming\SerenityTherapyInstaller" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAAAGAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAACAAAAAAAAAA=
--mojo-platform-channel-handle=1908 --field-trial-handle=1976,i,9719428906805688631,3168165960160999559,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand
/prefetch:2
|
|
|
|
C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\SerenityTherapyInstaller.exe
|
"C:\Users\user\AppData\Local\Programs\SerenityTherapyInstaller\SerenityTherapyInstaller.exe" --type=gpu-process --disable-gpu-sandbox
--use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546
--user-data-dir="C:\Users\user\AppData\Roaming\SerenityTherapyInstaller" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAAAGAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAACAAAAAAAAAA=
--mojo-platform-channel-handle=944 --field-trial-handle=1916,i,2428637527847521265,8401632774138072131,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand
/prefetch:2
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq SerenityTherapyInstaller.exe" /FO csv | %SYSTEMROOT%\System32\find.exe
"SerenityTherapyInstaller.exe"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\tasklist.exe
|
tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq SerenityTherapyInstaller.exe" /FO csv
|
||
|
C:\Windows\SysWOW64\find.exe
|
C:\Windows\System32\find.exe "SerenityTherapyInstaller.exe"
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /d /s /c "chcp"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\chcp.com
|
chcp
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /d /s /c "tasklist"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\tasklist.exe
|
tasklist
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /d /s /c "echo %COMPUTERNAME%.%USERDNSDOMAIN%"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /d /s /c "findstr /C:"Detected boot environment" "%windir%\Panther\setupact.log""
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /C:"Detected boot environment" "C:\Windows\Panther\setupact.log"
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /d /s /c "chcp"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\chcp.com
|
chcp
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /d /s /c "tasklist"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\tasklist.exe
|
tasklist
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /d /s /c "echo %COMPUTERNAME%.%USERDNSDOMAIN%"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /d /s /c "findstr /C:"Detected boot environment" "%windir%\Panther\setupact.log""
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\findstr.exe
|
findstr /C:"Detected boot environment" "C:\Windows\Panther\setupact.log"
|
There are 37 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://sqlite.org/forum/forumpost/eb8613976a
|
unknown
|
||
|
https://url.spec.whatwg.org/#concept-url-origin
|
unknown
|
||
|
https://tools.ietf.org/html/rfc6455#section-1.3
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#sec-atomescape
|
unknown
|
||
|
https://github.com/sebhildebrandt/systeminformation.git
|
unknown
|
||
|
https://support.google.com/chrome/answer/6098869
|
unknown
|
||
|
http://anglebug.com/4633
|
unknown
|
||
|
https://anglebug.com/7382
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-Atom
|
unknown
|
||
|
https://github.com/nodejs/node/pull/35941
|
unknown
|
||
|
https://www.chromestatus.com/feature/5093566007214080
|
unknown
|
||
|
https://console.spec.whatwg.org/#table
|
unknown
|
||
|
https://github.com/nodejs/string_decoder
|
unknown
|
||
|
https://docs.google.com/
|
unknown
|
||
|
https://crbug.com/1356053
|
unknown
|
||
|
https://elinux.org/RPI_vcgencmd_usage
|
unknown
|
||
|
https://encoding.spec.whatwg.org/#textencoder
|
unknown
|
||
|
http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd-//W3C//DTD
|
unknown
|
||
|
https://github.com/tc39/proposal-weakrefs
|
unknown
|
||
|
https://goo.gl/t5IS6M).
|
unknown
|
||
|
http://crbug.com/110263
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-annexB-Assertion
|
unknown
|
||
|
https://github.com/google/caja/blob/HEAD/src/com/google/caja/ses/repairES5.js
|
unknown
|
||
|
https://tc39.github.io/ecma262/#sec-%iteratorprototype%-object
|
unknown
|
||
|
https://url.spec.whatwg.org/#concept-urlencoded-serializer
|
unknown
|
||
|
https://www.chromium.org/blink/origin-trials/portals.
|
unknown
|
||
|
http://anglebug.com/6929
|
unknown
|
||
|
https://semver.org/
|
unknown
|
||
|
https://wiki.squid-cache.org/SquidFaq/InnerWorkings#What_is_a_half-closed_filedescriptor.3F
|
unknown
|
||
|
https://nodejs.org/api/fs.html
|
unknown
|
||
|
https://chromium.googlesource.com/chromium/src/
|
unknown
|
||
|
https://github.com/nodejs/node/pull/21313
|
unknown
|
||
|
https://www.chromium.org/blink/origin-trials/portals.The
|
unknown
|
||
|
https://anglebug.com/7246
|
unknown
|
||
|
https://anglebug.com/7369
|
unknown
|
||
|
https://anglebug.com/7489
|
unknown
|
||
|
https://bit.ly/3rpDuEX.
|
unknown
|
||
|
https://crbug.com/593024
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-NonemptyClassRanges
|
unknown
|
||
|
https://w3c.github.io/manifest/#installability-signals
|
unknown
|
||
|
http://www.midnight-commander.org/browser/lib/tty/key.c
|
unknown
|
||
|
https://nodejs.org/
|
unknown
|
||
|
https://tools.ietf.org/html/rfc7540#section-8.1.2.5
|
unknown
|
||
|
http://exslt.org/common
|
unknown
|
||
|
https://github.com/tensorflow/models
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-Hex4Digits
|
unknown
|
||
|
http://www.squid-cache.org/Doc/config/half_closed_clients/
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-DecimalEscape
|
unknown
|
||
|
https://c.docs.google.com/
|
unknown
|
||
|
https://github.com/KhronosGroup/SPIRV-Headers.git
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-annexB-ClassControlLetter
|
unknown
|
||
|
https://www.sqlite.org/src/info/908f001483982c43
|
unknown
|
||
|
https://tc39.es/ecma262/#sec-timeclip
|
unknown
|
||
|
https://issuetracker.google.com/161903006
|
unknown
|
||
|
http://127.0.0.1
|
unknown
|
||
|
https://crbug.com/1300575
|
unknown
|
||
|
https://github.com/nodejs/node/pull/33661
|
unknown
|
||
|
http://www.nongnu.org/freebangfont/downloads.html#mukti
|
unknown
|
||
|
https://crbug.com/710443
|
unknown
|
||
|
http://narwhaljs.org)
|
unknown
|
||
|
http://istanbul-js.org/
|
unknown
|
||
|
https://github.com/tensorflow/tflite-support
|
unknown
|
||
|
https://github.com/WICG/scheduling-apis
|
unknown
|
||
|
https://sqlite.org/
|
unknown
|
||
|
https://crbug.com/1060012
|
unknown
|
||
|
http://localhosthttp://127.0.0.1object-src
|
unknown
|
||
|
https://code.google.com/p/chromium/issues/detail?id=25916
|
unknown
|
||
|
http://anglebug.com/3997
|
unknown
|
||
|
http://anglebug.com/4722
|
unknown
|
||
|
http://crbug.com/642605
|
unknown
|
||
|
https://fetch.spec.whatwg.org/#fetch-timing-info
|
unknown
|
||
|
http://anglebug.com/1452
|
unknown
|
||
|
https://webassembly.github.io/spec/web-api
|
unknown
|
||
|
https://github.com/electron/electron/issues/18397.Module
|
unknown
|
||
|
https://github.com/nodejs/node/pull/12607
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/#sec-line-terminators
|
unknown
|
||
|
http://www.sqlite.org/
|
unknown
|
||
|
https://www.unicode.org/Public/UNIDATA/EastAsianWidth.txt
|
unknown
|
||
|
https://crbug.com/650547callClearTwiceUsing
|
unknown
|
||
|
https://github.com/npm/node-tar/issues/183
|
unknown
|
||
|
http://html4/loose.dtd
|
unknown
|
||
|
http://anglebug.com/3502
|
unknown
|
||
|
http://anglebug.com/3623
|
unknown
|
||
|
https://gitlab.freedesktop.org/xdg/xdgmime
|
unknown
|
||
|
http://anglebug.com/3625
|
unknown
|
||
|
http://anglebug.com/3624
|
unknown
|
||
|
http://www.unicode.org/copyright.html
|
unknown
|
||
|
https://beacons.gcp.gvt2.com/domainreliability/upload
|
unknown
|
||
|
http://anglebug.com/2894
|
unknown
|
||
|
http://anglebug.com/3862
|
unknown
|
||
|
http://anglebug.com/4836
|
unknown
|
||
|
https://issuetracker.google.com/issues/166475273
|
unknown
|
||
|
https://developer.chrome.com/docs/extensions/mv3/cross-origin-isolation/.
|
unknown
|
||
|
https://github.com/WICG/construct-stylesheets/issues/119#issuecomment-588352418.
|
unknown
|
||
|
https://www.ecma-international.org/ecma-262/8.0/#prod-annexB-ExtendedAtom
|
unknown
|
||
|
https://github.com/w3c/webappsec-trusted-types/wiki/Trusted-Types-for-function-constructor
|
unknown
|
||
|
https://heycam.github.io/webidl/#es-iterable-entries
|
unknown
|
||
|
https://github.com/wasdk/wasmparser
|
unknown
|
||
|
https://heycam.github.io/webidl/#es-interfaces
|
unknown
|
||
|
https://sqlite.org/forum/forumpost/36937b197273d403
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
chrome.cloudflare-dns.com
|
172.64.41.3
|
||
|
ipinfo.io
|
34.117.186.192
|
||
|
illitmagnetic.site
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
34.117.186.192
|
ipinfo.io
|
United States
|
||
|
162.159.61.3
|
unknown
|
United States
|
||
|
172.64.41.3
|
chrome.cloudflare-dns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\cfbc383d-9aa0-5771-9485-7b806e8442d5
|
InstallLocation
|
||
|
HKEY_CURRENT_USER\SOFTWARE\cfbc383d-9aa0-5771-9485-7b806e8442d5
|
KeepShortcuts
|
||
|
HKEY_CURRENT_USER\SOFTWARE\cfbc383d-9aa0-5771-9485-7b806e8442d5
|
ShortcutName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cfbc383d-9aa0-5771-9485-7b806e8442d5
|
DisplayName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cfbc383d-9aa0-5771-9485-7b806e8442d5
|
UninstallString
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cfbc383d-9aa0-5771-9485-7b806e8442d5
|
QuietUninstallString
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cfbc383d-9aa0-5771-9485-7b806e8442d5
|
DisplayVersion
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cfbc383d-9aa0-5771-9485-7b806e8442d5
|
DisplayIcon
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cfbc383d-9aa0-5771-9485-7b806e8442d5
|
Publisher
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cfbc383d-9aa0-5771-9485-7b806e8442d5
|
NoModify
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cfbc383d-9aa0-5771-9485-7b806e8442d5
|
NoRepair
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cfbc383d-9aa0-5771-9485-7b806e8442d5
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer
|
GlobalAssocChangedCounter
|
There are 3 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7B2F000
|
heap
|
page read and write
|
||
|
6399000
|
trusted library allocation
|
page read and write
|
||
|
745D000
|
stack
|
page read and write
|
||
|
35CF000
|
stack
|
page read and write
|
||
|
23E5000
|
heap
|
page read and write
|
||
|
7AB0000
|
heap
|
page read and write
|
||
|
4DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
8C3000
|
heap
|
page read and write
|
||
|
358E000
|
stack
|
page read and write
|
||
|
7D0F000
|
stack
|
page read and write
|
||
|
3547000
|
heap
|
page read and write
|
||
|
8F5000
|
heap
|
page read and write
|
||
|
792E000
|
stack
|
page read and write
|
||
|
8A8B000
|
unkown
|
page execute read
|
||
|
7AF4000
|
heap
|
page read and write
|
||
|
30B7000
|
heap
|
page read and write
|
||
|
2770000
|
heap
|
page read and write
|
||
|
7F428000
|
trusted library allocation
|
page execute and read and write
|
||
|
72ED000
|
stack
|
page read and write
|
||
|
307D000
|
stack
|
page read and write
|
||
|
33D4000
|
trusted library allocation
|
page read and write
|
||
|
7B09000
|
heap
|
page read and write
|
||
|
7DF0000
|
trusted library allocation
|
page read and write
|
||
|
2F31000
|
unkown
|
page execute read
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
7A57000
|
heap
|
page read and write
|
||
|
30BD000
|
heap
|
page read and write
|
||
|
50FF000
|
heap
|
page read and write
|
||
|
79AE000
|
unkown
|
page readonly
|
||
|
5741000
|
heap
|
page read and write
|
||
|
5681000
|
heap
|
page read and write
|
||
|
34E0000
|
trusted library allocation
|
page read and write
|
||
|
79C7000
|
unkown
|
page readonly
|
||
|
263D000
|
stack
|
page read and write
|
||
|
5500000
|
heap
|
page read and write
|
||
|
7AE7000
|
heap
|
page read and write
|
||
|
7D60000
|
trusted library allocation
|
page read and write
|
||
|
8A8E000
|
unkown
|
page execute read
|
||
|
323B000
|
stack
|
page read and write
|
||
|
6810000
|
direct allocation
|
page read and write
|
||
|
2F31000
|
unkown
|
page execute read
|
||
|
8A01000
|
heap
|
page read and write
|
||
|
731000
|
unkown
|
page execute read
|
||
|
74BD000
|
stack
|
page read and write
|
||
|
3457000
|
heap
|
page read and write
|
||
|
53C0000
|
heap
|
page read and write
|
||
|
76B0000
|
heap
|
page read and write
|
||
|
951000
|
heap
|
page read and write
|
||
|
4E40000
|
heap
|
page read and write
|
||
|
782C000
|
unkown
|
page readonly
|
||
|
4EC0000
|
direct allocation
|
page read and write
|
||
|
5F10000
|
heap
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
7CC0000
|
trusted library allocation
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
3495000
|
trusted library allocation
|
page execute and read and write
|
||
|
5500000
|
heap
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
36D8000
|
trusted library allocation
|
page read and write
|
||
|
5562000
|
heap
|
page read and write
|
||
|
7A70000
|
trusted library allocation
|
page read and write
|
||
|
88AE000
|
stack
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
903000
|
heap
|
page read and write
|
||
|
29FB000
|
heap
|
page read and write
|
||
|
79AB000
|
unkown
|
page readonly
|
||
|
5554000
|
heap
|
page read and write
|
||
|
86C1000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
281E000
|
stack
|
page read and write
|
||
|
8A8B000
|
unkown
|
page execute read
|
||
|
33C0000
|
trusted library allocation
|
page read and write
|
||
|
8B38000
|
heap
|
page read and write
|
||
|
5582000
|
heap
|
page read and write
|
||
|
4D00000
|
heap
|
page read and write
|
||
|
2A48000
|
heap
|
page read and write
|
||
|
4E40000
|
heap
|
page read and write
|
||
|
6399000
|
trusted library allocation
|
page read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
3450000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
5F51000
|
heap
|
page read and write
|
||
|
2A47000
|
heap
|
page read and write
|
||
|
89AD000
|
stack
|
page read and write
|
||
|
3664000
|
trusted library allocation
|
page read and write
|
||
|
3470000
|
heap
|
page read and write
|
||
|
7415000
|
heap
|
page execute and read and write
|
||
|
2DC8000
|
heap
|
page read and write
|
||
|
755D000
|
stack
|
page read and write
|
||
|
8E6E000
|
stack
|
page read and write
|
||
|
5541000
|
heap
|
page read and write
|
||
|
27F0000
|
heap
|
page read and write
|
||
|
3790000
|
heap
|
page read and write
|
||
|
8AB0000
|
heap
|
page read and write
|
||
|
8ACC000
|
heap
|
page read and write
|
||
|
6112000
|
heap
|
page read and write
|
||
|
23C0000
|
direct allocation
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
2531000
|
unkown
|
page execute read
|
||
|
32CC000
|
heap
|
page read and write
|
||
|
94E000
|
heap
|
page read and write
|
||
|
7AE2000
|
heap
|
page read and write
|
||
|
4E40000
|
heap
|
page read and write
|
||
|
7E00000
|
trusted library allocation
|
page read and write
|
||
|
7D8D000
|
stack
|
page read and write
|
||
|
969000
|
heap
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
51CE000
|
stack
|
page read and write
|
||
|
1131000
|
unkown
|
page execute read
|
||
|
362F000
|
stack
|
page read and write
|
||
|
5160000
|
trusted library allocation
|
page read and write
|
||
|
8B14000
|
heap
|
page read and write
|
||
|
2A41000
|
heap
|
page read and write
|
||
|
7C20000
|
trusted library allocation
|
page read and write
|
||
|
3490000
|
trusted library allocation
|
page read and write
|
||
|
78DD000
|
stack
|
page read and write
|
||
|
8A8E000
|
unkown
|
page execute read
|
||
|
3590000
|
heap
|
page read and write
|
||
|
323D000
|
stack
|
page read and write
|
||
|
946000
|
heap
|
page read and write
|
||
|
79E0000
|
unkown
|
page readonly
|
||
|
7B5F000
|
heap
|
page read and write
|
||
|
5702000
|
heap
|
page read and write
|
||
|
79E0000
|
unkown
|
page readonly
|
||
|
4331000
|
unkown
|
page execute read
|
||
|
3260000
|
heap
|
page read and write
|
||
|
7205000
|
unkown
|
page readonly
|
||
|
2DBB000
|
heap
|
page read and write
|
||
|
7E20000
|
heap
|
page read and write
|
||
|
416000
|
unkown
|
page read and write
|
||
|
31DC000
|
heap
|
page read and write
|
||
|
2A3F000
|
heap
|
page read and write
|
||
|
7A0D000
|
heap
|
page read and write
|
||
|
553000
|
unkown
|
page read and write
|
||
|
4E40000
|
heap
|
page read and write
|
||
|
33D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
336F000
|
stack
|
page read and write
|
||
|
5742000
|
heap
|
page read and write
|
||
|
6091000
|
heap
|
page read and write
|
||
|
742E000
|
stack
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
7841000
|
unkown
|
page readonly
|
||
|
2334000
|
heap
|
page read and write
|
||
|
2BCD000
|
stack
|
page read and write
|
||
|
786F000
|
stack
|
page read and write
|
||
|
3627000
|
heap
|
page read and write
|
||
|
7C60000
|
trusted library allocation
|
page read and write
|
||
|
4FF000
|
unkown
|
page read and write
|
||
|
2DB5000
|
heap
|
page read and write
|
||
|
784C000
|
unkown
|
page readonly
|
||
|
766E000
|
stack
|
page read and write
|
||
|
4CFF000
|
stack
|
page read and write
|
||
|
3650000
|
trusted library allocation
|
page read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
5641000
|
heap
|
page read and write
|
||
|
7640000
|
heap
|
page read and write
|
||
|
5671000
|
trusted library allocation
|
page read and write
|
||
|
7DE0000
|
trusted library allocation
|
page read and write
|
||
|
8C70000
|
trusted library allocation
|
page read and write
|
||
|
2AFE000
|
stack
|
page read and write
|
||
|
5580000
|
heap
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
2CCD000
|
stack
|
page read and write
|
||
|
7E30000
|
trusted library allocation
|
page read and write
|
||
|
7D52000
|
trusted library allocation
|
page read and write
|
||
|
5AC6000
|
trusted library allocation
|
page read and write
|
||
|
7B27000
|
heap
|
page read and write
|
||
|
7E80000
|
trusted library allocation
|
page read and write
|
||
|
50CC000
|
heap
|
page read and write
|
||
|
27DE000
|
unkown
|
page read and write
|
||
|
50C2000
|
heap
|
page read and write
|
||
|
3790000
|
heap
|
page read and write
|
||
|
5320000
|
direct allocation
|
page read and write
|
||
|
8DD000
|
heap
|
page read and write
|
||
|
511E000
|
stack
|
page read and write
|
||
|
4EFE000
|
direct allocation
|
page read and write
|
||
|
7AE9000
|
heap
|
page read and write
|
||
|
7B4E000
|
stack
|
page read and write
|
||
|
2820000
|
heap
|
page read and write
|
||
|
74D0000
|
heap
|
page execute and read and write
|
||
|
2F6D000
|
stack
|
page read and write
|
||
|
4E40000
|
heap
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
878000
|
heap
|
page read and write
|
||
|
5AC0000
|
direct allocation
|
page read and write
|
||
|
50C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8B24000
|
heap
|
page read and write
|
||
|
890A000
|
trusted library allocation
|
page read and write
|
||
|
71F4000
|
unkown
|
page readonly
|
||
|
50BF000
|
stack
|
page read and write
|
||
|
96E000
|
heap
|
page read and write
|
||
|
7A74000
|
heap
|
page read and write
|
||
|
86C1000
|
unkown
|
page write copy
|
||
|
56C2000
|
heap
|
page read and write
|
||
|
32C0000
|
heap
|
page read and write
|
||
|
4CC0000
|
heap
|
page read and write
|
||
|
2DA4000
|
heap
|
page read and write
|
||
|
32C0000
|
heap
|
page read and write
|
||
|
5F50000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
8BB2000
|
trusted library allocation
|
page read and write
|
||
|
53CD000
|
trusted library allocation
|
page read and write
|
||
|
969000
|
heap
|
page read and write
|
||
|
7E50000
|
trusted library allocation
|
page read and write
|
||
|
63BC000
|
trusted library allocation
|
page read and write
|
||
|
2F31000
|
unkown
|
page execute read
|
||
|
4E00000
|
heap
|
page read and write
|
||
|
6011000
|
heap
|
page read and write
|
||
|
7CA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
76C0000
|
heap
|
page read and write
|
||
|
3419000
|
heap
|
page read and write
|
||
|
88A0000
|
trusted library allocation
|
page read and write
|
||
|
7290000
|
direct allocation
|
page read and write
|
||
|
3450000
|
trusted library allocation
|
page read and write
|
||
|
5555000
|
heap
|
page read and write
|
||
|
7B92000
|
heap
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
7CA0000
|
trusted library allocation
|
page read and write
|
||
|
305D000
|
stack
|
page read and write
|
||
|
5371000
|
trusted library allocation
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
762E000
|
stack
|
page read and write
|
||
|
5ED1000
|
heap
|
page read and write
|
||
|
2D1F000
|
stack
|
page read and write
|
||
|
226C000
|
stack
|
page read and write
|
||
|
7C80000
|
heap
|
page execute and read and write
|
||
|
76D9000
|
heap
|
page read and write
|
||
|
74D5000
|
heap
|
page execute and read and write
|
||
|
3463000
|
trusted library allocation
|
page execute and read and write
|
||
|
8960000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A45000
|
heap
|
page read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
784C000
|
unkown
|
page readonly
|
||
|
7861000
|
unkown
|
page readonly
|
||
|
7A77000
|
trusted library allocation
|
page read and write
|
||
|
2D9F000
|
stack
|
page read and write
|
||
|
5270000
|
heap
|
page read and write
|
||
|
2B3F000
|
stack
|
page read and write
|
||
|
96E000
|
heap
|
page read and write
|
||
|
75AB000
|
stack
|
page read and write
|
||
|
7570000
|
heap
|
page read and write
|
||
|
777E000
|
stack
|
page read and write
|
||
|
7410000
|
heap
|
page execute and read and write
|
||
|
31FC000
|
heap
|
page read and write
|
||
|
7970000
|
heap
|
page read and write
|
||
|
29FB000
|
heap
|
page read and write
|
||
|
3390000
|
heap
|
page read and write
|
||
|
88F0000
|
heap
|
page read and write
|
||
|
292F000
|
stack
|
page read and write
|
||
|
7A01000
|
heap
|
page read and write
|
||
|
3464000
|
trusted library allocation
|
page read and write
|
||
|
6199000
|
trusted library allocation
|
page read and write
|
||
|
3695000
|
trusted library allocation
|
page execute and read and write
|
||
|
7188000
|
trusted library allocation
|
page read and write
|
||
|
7EF60000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D31000
|
unkown
|
page execute read
|
||
|
5F51000
|
heap
|
page read and write
|
||
|
3509000
|
heap
|
page read and write
|
||
|
36AF000
|
stack
|
page read and write
|
||
|
4D40000
|
heap
|
page read and write
|
||
|
2D4D000
|
stack
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
6110000
|
heap
|
page read and write
|
||
|
7C50000
|
trusted library allocation
|
page read and write
|
||
|
7DC0000
|
trusted library allocation
|
page read and write
|
||
|
27E0000
|
heap
|
page read and write
|
||
|
2DB2000
|
heap
|
page read and write
|
||
|
746E000
|
stack
|
page read and write
|
||
|
4B80000
|
direct allocation
|
page read and write
|
||
|
31AF000
|
unkown
|
page read and write
|
||
|
86C0000
|
trusted library allocation
|
page read and write
|
||
|
7AF0000
|
heap
|
page read and write
|
||
|
751E000
|
stack
|
page read and write
|
||
|
4950000
|
heap
|
page read and write
|
||
|
79B2000
|
unkown
|
page readonly
|
||
|
4A1E000
|
stack
|
page read and write
|
||
|
5381000
|
trusted library allocation
|
page read and write
|
||
|
88EE000
|
stack
|
page read and write
|
||
|
79FE000
|
heap
|
page read and write
|
||
|
8E50000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D0E000
|
stack
|
page read and write
|
||
|
2DAA000
|
heap
|
page read and write
|
||
|
76AA000
|
stack
|
page read and write
|
||
|
7CE0000
|
trusted library allocation
|
page read and write
|
||
|
8EF000
|
heap
|
page read and write
|
||
|
340F000
|
heap
|
page read and write
|
||
|
2DC5000
|
heap
|
page read and write
|
||
|
5701000
|
heap
|
page read and write
|
||
|
8A00000
|
trusted library allocation
|
page read and write
|
||
|
77EE000
|
stack
|
page read and write
|
||
|
3500000
|
trusted library allocation
|
page read and write
|
||
|
2D5E000
|
stack
|
page read and write
|
||
|
8690000
|
trusted library allocation
|
page read and write
|
||
|
6B31000
|
unkown
|
page execute read
|
||
|
4D08000
|
trusted library allocation
|
page read and write
|
||
|
79AB000
|
unkown
|
page readonly
|
||
|
7C30000
|
trusted library allocation
|
page read and write
|
||
|
7BD0000
|
heap
|
page read and write
|
||
|
61A9000
|
trusted library allocation
|
page read and write
|
||
|
8A3000
|
heap
|
page read and write
|
||
|
8960000
|
trusted library allocation
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
32E4000
|
heap
|
page read and write
|
||
|
2BCF000
|
stack
|
page read and write
|
||
|
7A3F000
|
heap
|
page read and write
|
||
|
890D000
|
stack
|
page read and write
|
||
|
796E000
|
stack
|
page read and write
|
||
|
2DCB000
|
heap
|
page read and write
|
||
|
77AE000
|
stack
|
page read and write
|
||
|
88F6000
|
trusted library allocation
|
page read and write
|
||
|
7205000
|
unkown
|
page readonly
|
||
|
8850000
|
heap
|
page read and write
|
||
|
6092000
|
heap
|
page read and write
|
||
|
4FB000
|
unkown
|
page read and write
|
||
|
34B0000
|
trusted library allocation
|
page read and write
|
||
|
95E000
|
heap
|
page read and write
|
||
|
8930000
|
trusted library allocation
|
page read and write
|
||
|
5639000
|
trusted library allocation
|
page read and write
|
||
|
5F50000
|
heap
|
page read and write
|
||
|
7B0E000
|
stack
|
page read and write
|
||
|
969000
|
heap
|
page read and write
|
||
|
89F0000
|
heap
|
page read and write
|
||
|
29E1000
|
heap
|
page read and write
|
||
|
4E40000
|
heap
|
page read and write
|
||
|
525E000
|
stack
|
page read and write
|
||
|
969000
|
heap
|
page read and write
|
||
|
3502000
|
trusted library allocation
|
page read and write
|
||
|
4E3000
|
unkown
|
page read and write
|
||
|
721D000
|
stack
|
page read and write
|
||
|
4A9E000
|
stack
|
page read and write
|
||
|
29FB000
|
heap
|
page read and write
|
||
|
3679000
|
trusted library allocation
|
page read and write
|
||
|
8A35000
|
heap
|
page read and write
|
||
|
73FD000
|
stack
|
page read and write
|
||
|
326C000
|
heap
|
page read and write
|
||
|
7A2E000
|
stack
|
page read and write
|
||
|
7AC9000
|
heap
|
page read and write
|
||
|
7C70000
|
trusted library allocation
|
page read and write
|
||
|
74EA000
|
stack
|
page read and write
|
||
|
33EE000
|
stack
|
page read and write
|
||
|
8A50000
|
trusted library allocation
|
page read and write
|
||
|
6371000
|
trusted library allocation
|
page read and write
|
||
|
785D000
|
stack
|
page read and write
|
||
|
8CD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
730000
|
unkown
|
page readonly
|
||
|
7857000
|
unkown
|
page readonly
|
||
|
4CC8000
|
heap
|
page read and write
|
||
|
61D0000
|
heap
|
page read and write
|
||
|
315D000
|
stack
|
page read and write
|
||
|
7C4E000
|
stack
|
page read and write
|
||
|
8F2E000
|
stack
|
page read and write
|
||
|
3258000
|
heap
|
page read and write
|
||
|
7AD8000
|
heap
|
page read and write
|
||
|
2F7E000
|
unkown
|
page read and write
|
||
|
7AA9000
|
heap
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
63D5000
|
trusted library allocation
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
894D000
|
trusted library allocation
|
page read and write
|
||
|
782E000
|
stack
|
page read and write
|
||
|
5EC0000
|
trusted library allocation
|
page read and write
|
||
|
35BE000
|
stack
|
page read and write
|
||
|
7D70000
|
trusted library allocation
|
page read and write
|
||
|
88E4000
|
trusted library allocation
|
page read and write
|
||
|
8C1E000
|
stack
|
page read and write
|
||
|
2B5E000
|
stack
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
6810000
|
direct allocation
|
page read and write
|
||
|
89B0000
|
heap
|
page read and write
|
||
|
4E40000
|
heap
|
page read and write
|
||
|
56C2000
|
heap
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
31D0000
|
heap
|
page read and write
|
||
|
48EE000
|
stack
|
page read and write
|
||
|
6CE000
|
stack
|
page read and write
|
||
|
951000
|
heap
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
5441000
|
heap
|
page read and write
|
||
|
1B31000
|
unkown
|
page execute read
|
||
|
63A9000
|
trusted library allocation
|
page read and write
|
||
|
3078000
|
stack
|
page read and write
|
||
|
52D0000
|
trusted library allocation
|
page read and write
|
||
|
4D80000
|
heap
|
page read and write
|
||
|
66D0000
|
direct allocation
|
page read and write
|
||
|
880D000
|
stack
|
page read and write
|
||
|
7AF7000
|
heap
|
page read and write
|
||
|
2531000
|
unkown
|
page execute read
|
||
|
4E40000
|
heap
|
page read and write
|
||
|
2EFD000
|
stack
|
page read and write
|
||
|
7CCE000
|
stack
|
page read and write
|
||
|
7CB0000
|
trusted library allocation
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
5703000
|
heap
|
page read and write
|
||
|
2B2F000
|
unkown
|
page read and write
|
||
|
30F0000
|
heap
|
page read and write
|
||
|
5566000
|
heap
|
page read and write
|
||
|
959000
|
heap
|
page read and write
|
||
|
7A1F000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1B31000
|
unkown
|
page execute read
|
||
|
79F1000
|
heap
|
page read and write
|
||
|
320C000
|
heap
|
page read and write
|
||
|
54C0000
|
trusted library allocation
|
page read and write
|
||
|
5ED0000
|
heap
|
page read and write
|
||
|
5601000
|
heap
|
page read and write
|
||
|
731000
|
unkown
|
page execute read
|
||
|
56C2000
|
heap
|
page read and write
|
||
|
7C80000
|
trusted library allocation
|
page read and write
|
||
|
59B000
|
unkown
|
page readonly
|
||
|
7C0F000
|
stack
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
520E000
|
stack
|
page read and write
|
||
|
60D0000
|
heap
|
page read and write
|
||
|
75EE000
|
stack
|
page read and write
|
||
|
4930000
|
heap
|
page read and write
|
||
|
4CBE000
|
stack
|
page read and write
|
||
|
7837000
|
unkown
|
page readonly
|
||
|
7A91000
|
heap
|
page read and write
|
||
|
74DE000
|
stack
|
page read and write
|
||
|
762E000
|
stack
|
page read and write
|
||
|
33DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DB0000
|
trusted library allocation
|
page read and write
|
||
|
3460000
|
trusted library allocation
|
page read and write
|
||
|
5580000
|
heap
|
page read and write
|
||
|
2885000
|
heap
|
page read and write
|
||
|
72AE000
|
stack
|
page read and write
|
||
|
7C10000
|
trusted library allocation
|
page read and write
|
||
|
56C2000
|
heap
|
page read and write
|
||
|
730000
|
unkown
|
page readonly
|
||
|
7E90000
|
trusted library allocation
|
page execute and read and write
|
||
|
506A000
|
direct allocation
|
page read and write
|
||
|
31C5000
|
heap
|
page read and write
|
||
|
3492000
|
trusted library allocation
|
page read and write
|
||
|
79BB000
|
heap
|
page read and write
|
||
|
2E9D000
|
stack
|
page read and write
|
||
|
53DD000
|
trusted library allocation
|
page read and write
|
||
|
6190000
|
trusted library allocation
|
page read and write
|
||
|
7B72000
|
heap
|
page read and write
|
||
|
2B0E000
|
stack
|
page read and write
|
||
|
52CE000
|
stack
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
2B8E000
|
stack
|
page read and write
|
||
|
344F000
|
stack
|
page read and write
|
||
|
4D41000
|
heap
|
page read and write
|
||
|
2BDC000
|
stack
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
76EF000
|
stack
|
page read and write
|
||
|
969000
|
heap
|
page read and write
|
||
|
2EE0000
|
direct allocation
|
page read and write
|
||
|
7841000
|
unkown
|
page readonly
|
||
|
8947000
|
trusted library allocation
|
page read and write
|
||
|
3385000
|
heap
|
page read and write
|
||
|
5603000
|
heap
|
page read and write
|
||
|
951000
|
heap
|
page read and write
|
||
|
57C0000
|
direct allocation
|
page read and write
|
||
|
2C61000
|
heap
|
page read and write
|
||
|
5480000
|
heap
|
page read and write
|
||
|
3540000
|
heap
|
page read and write
|
||
|
79F6000
|
heap
|
page read and write
|
||
|
6131000
|
unkown
|
page execute read
|
||
|
52FD000
|
stack
|
page read and write
|
||
|
6091000
|
heap
|
page read and write
|
||
|
7D30000
|
trusted library allocation
|
page read and write
|
||
|
349F000
|
heap
|
page read and write
|
||
|
6B31000
|
unkown
|
page execute read
|
||
|
538E000
|
trusted library allocation
|
page read and write
|
||
|
7AED000
|
heap
|
page read and write
|
||
|
3278000
|
stack
|
page read and write
|
||
|
5500000
|
heap
|
page read and write
|
||
|
2C61000
|
heap
|
page read and write
|
||
|
2DA6000
|
heap
|
page read and write
|
||
|
8A60000
|
trusted library allocation
|
page read and write
|
||
|
872D000
|
stack
|
page read and write
|
||
|
5682000
|
heap
|
page read and write
|
||
|
756D000
|
stack
|
page read and write
|
||
|
557C000
|
heap
|
page read and write
|
||
|
949000
|
heap
|
page read and write
|
||
|
7A60000
|
heap
|
page execute and read and write
|
||
|
3663000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
3520000
|
trusted library allocation
|
page read and write
|
||
|
29C8000
|
heap
|
page read and write
|
||
|
79AD000
|
heap
|
page read and write
|
||
|
6189000
|
trusted library allocation
|
page read and write
|
||
|
7B74000
|
heap
|
page read and write
|
||
|
8FB000
|
heap
|
page read and write
|
||
|
89EE000
|
stack
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
7B88000
|
heap
|
page read and write
|
||
|
74AD000
|
stack
|
page read and write
|
||
|
96C000
|
heap
|
page read and write
|
||
|
969000
|
heap
|
page read and write
|
||
|
324E000
|
unkown
|
page read and write
|
||
|
40E000
|
unkown
|
page read and write
|
||
|
2E24000
|
heap
|
page read and write
|
||
|
530E000
|
stack
|
page read and write
|
||
|
23E0000
|
heap
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
36F0000
|
heap
|
page read and write
|
||
|
5260000
|
trusted library allocation
|
page execute and read and write
|
||
|
56C2000
|
heap
|
page read and write
|
||
|
29DF000
|
heap
|
page read and write
|
||
|
5683000
|
heap
|
page read and write
|
||
|
8A8F000
|
unkown
|
page readonly
|
||
|
556D000
|
heap
|
page read and write
|
||
|
7D90000
|
trusted library allocation
|
page read and write
|
||
|
50C7000
|
heap
|
page read and write
|
||
|
34D0000
|
heap
|
page read and write
|
||
|
32CE000
|
heap
|
page read and write
|
||
|
5470000
|
trusted library allocation
|
page read and write
|
||
|
8940000
|
trusted library allocation
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
2F2B000
|
stack
|
page read and write
|
||
|
2DA6000
|
heap
|
page read and write
|
||
|
29DD000
|
heap
|
page read and write
|
||
|
743A000
|
stack
|
page read and write
|
||
|
894E000
|
stack
|
page read and write
|
||
|
32E3000
|
heap
|
page read and write
|
||
|
5731000
|
unkown
|
page execute read
|
||
|
961000
|
heap
|
page read and write
|
||
|
5370000
|
heap
|
page execute and read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
731000
|
unkown
|
page execute read
|
||
|
8EF000
|
heap
|
page read and write
|
||
|
6131000
|
unkown
|
page execute read
|
||
|
1B31000
|
unkown
|
page execute read
|
||
|
4E40000
|
heap
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
4B00000
|
direct allocation
|
page read and write
|
||
|
32C0000
|
heap
|
page read and write
|
||
|
8900000
|
trusted library allocation
|
page read and write
|
||
|
7A2E000
|
heap
|
page read and write
|
||
|
359D000
|
heap
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
55C1000
|
heap
|
page read and write
|
||
|
8CB2000
|
trusted library allocation
|
page read and write
|
||
|
2D8D000
|
stack
|
page read and write
|
||
|
86FD000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
5731000
|
unkown
|
page execute read
|
||
|
358E000
|
stack
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
366D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5422000
|
trusted library allocation
|
page read and write
|
||
|
776E000
|
stack
|
page read and write
|
||
|
2B15000
|
heap
|
page read and write
|
||
|
77BD000
|
stack
|
page read and write
|
||
|
3600000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
8860000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A3F000
|
heap
|
page read and write
|
||
|
34ED000
|
heap
|
page read and write
|
||
|
2A06000
|
heap
|
page read and write
|
||
|
3430000
|
heap
|
page read and write
|
||
|
8A8F000
|
unkown
|
page readonly
|
||
|
2B60000
|
direct allocation
|
page read and write
|
||
|
957000
|
heap
|
page read and write
|
||
|
50CB000
|
heap
|
page read and write
|
||
|
483000
|
unkown
|
page read and write
|
||
|
783D000
|
unkown
|
page readonly
|
||
|
8A10000
|
trusted library allocation
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
791B000
|
stack
|
page read and write
|
||
|
7D10000
|
trusted library allocation
|
page read and write
|
||
|
94E000
|
heap
|
page read and write
|
||
|
349C000
|
heap
|
page read and write
|
||
|
5ED1000
|
heap
|
page read and write
|
||
|
4E00000
|
heap
|
page execute and read and write
|
||
|
7CF0000
|
trusted library allocation
|
page read and write
|
||
|
79E2000
|
unkown
|
page readonly
|
||
|
5F50000
|
heap
|
page read and write
|
||
|
7BE0000
|
trusted library allocation
|
page read and write
|
||
|
4200000
|
trusted library allocation
|
page read and write
|
||
|
2780000
|
heap
|
page read and write
|
||
|
524E000
|
stack
|
page read and write
|
||
|
317E000
|
stack
|
page read and write
|
||
|
79AF000
|
stack
|
page read and write
|
||
|
7AB8000
|
heap
|
page read and write
|
||
|
2F69000
|
stack
|
page read and write
|
||
|
492F000
|
stack
|
page read and write
|
||
|
3284000
|
heap
|
page read and write
|
||
|
7A80000
|
heap
|
page execute and read and write
|
||
|
5400000
|
heap
|
page read and write
|
||
|
5500000
|
heap
|
page read and write
|
||
|
556A000
|
heap
|
page read and write
|
||
|
328E000
|
stack
|
page read and write
|
||
|
5702000
|
heap
|
page read and write
|
||
|
961000
|
heap
|
page read and write
|
||
|
36B0000
|
trusted library allocation
|
page read and write
|
||
|
782C000
|
unkown
|
page readonly
|
||
|
752F000
|
direct allocation
|
page read and write
|
||
|
2A05000
|
heap
|
page read and write
|
||
|
8770000
|
trusted library allocation
|
page read and write
|
||
|
4CC1000
|
heap
|
page read and write
|
||
|
5440000
|
heap
|
page read and write
|
||
|
7D80000
|
trusted library allocation
|
page read and write
|
||
|
70E000
|
stack
|
page read and write
|
||
|
34D7000
|
heap
|
page read and write
|
||
|
8C5E000
|
stack
|
page read and write
|
||
|
32B6000
|
heap
|
page read and write
|
||
|
7A60000
|
heap
|
page read and write
|
||
|
8905000
|
trusted library allocation
|
page read and write
|
||
|
5FD1000
|
heap
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
969000
|
heap
|
page read and write
|
||
|
7A90000
|
trusted library allocation
|
page read and write
|
||
|
73BE000
|
stack
|
page read and write
|
||
|
4D5C000
|
stack
|
page read and write
|
||
|
412000
|
unkown
|
page read and write
|
||
|
2DCA000
|
heap
|
page read and write
|
||
|
79C7000
|
unkown
|
page readonly
|
||
|
7A90000
|
heap
|
page read and write
|
||
|
277C000
|
stack
|
page read and write
|
||
|
8D1000
|
heap
|
page read and write
|
||
|
56C1000
|
heap
|
page read and write
|
||
|
4331000
|
unkown
|
page execute read
|
||
|
3692000
|
trusted library allocation
|
page read and write
|
||
|
4D40000
|
heap
|
page read and write
|
||
|
5210000
|
heap
|
page read and write
|
||
|
8910000
|
trusted library allocation
|
page read and write
|
||
|
2B98000
|
heap
|
page read and write
|
||
|
2BC9000
|
heap
|
page read and write
|
||
|
6519000
|
trusted library allocation
|
page read and write
|
||
|
31F8000
|
heap
|
page read and write
|
||
|
3500000
|
heap
|
page read and write
|
||
|
3660000
|
trusted library allocation
|
page read and write
|
||
|
4DB0000
|
trusted library allocation
|
page read and write
|
||
|
2370000
|
heap
|
page read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
29C0000
|
heap
|
page read and write
|
||
|
50C0000
|
heap
|
page read and write
|
||
|
3931000
|
unkown
|
page execute read
|
||
|
7ACF000
|
heap
|
page read and write
|
||
|
60D1000
|
heap
|
page read and write
|
||
|
33E8000
|
heap
|
page read and write
|
||
|
22BE000
|
stack
|
page read and write
|
||
|
31C0000
|
heap
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
7D40000
|
trusted library allocation
|
page read and write
|
||
|
7AFF000
|
heap
|
page read and write
|
||
|
73EB000
|
stack
|
page read and write
|
||
|
73AD000
|
stack
|
page read and write
|
||
|
7B8E000
|
stack
|
page read and write
|
||
|
79AE000
|
unkown
|
page readonly
|
||
|
5F10000
|
heap
|
page read and write
|
||
|
79B5000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
71DC000
|
stack
|
page read and write
|
||
|
8870000
|
trusted library allocation
|
page read and write
|
||
|
8AF2000
|
heap
|
page read and write
|
||
|
25F7000
|
heap
|
page read and write
|
||
|
324F000
|
stack
|
page read and write
|
||
|
2860000
|
heap
|
page read and write
|
||
|
907000
|
heap
|
page read and write
|
||
|
3370000
|
heap
|
page read and write
|
||
|
32E0000
|
heap
|
page read and write
|
||
|
2DB2000
|
heap
|
page read and write
|
||
|
58C9000
|
trusted library allocation
|
page read and write
|
||
|
273D000
|
stack
|
page read and write
|
||
|
37A0000
|
heap
|
page read and write
|
||
|
6381000
|
trusted library allocation
|
page read and write
|
||
|
521E000
|
stack
|
page read and write
|
||
|
5642000
|
heap
|
page read and write
|
||
|
313E000
|
stack
|
page read and write
|
||
|
5480000
|
heap
|
page read and write
|
||
|
327F000
|
stack
|
page read and write
|
||
|
2F9D000
|
stack
|
page read and write
|
||
|
51D5000
|
trusted library allocation
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
7D90000
|
trusted library allocation
|
page execute and read and write
|
||
|
5576000
|
heap
|
page read and write
|
||
|
8C60000
|
trusted library allocation
|
page read and write
|
||
|
4ADF000
|
stack
|
page read and write
|
||
|
75EE000
|
stack
|
page read and write
|
||
|
5580000
|
heap
|
page read and write
|
||
|
3290000
|
heap
|
page read and write
|
||
|
6390000
|
trusted library allocation
|
page read and write
|
||
|
5FD2000
|
heap
|
page read and write
|
||
|
50CD000
|
heap
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
5170000
|
heap
|
page execute and read and write
|
||
|
4EC3000
|
heap
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
3283000
|
heap
|
page read and write
|
||
|
3530000
|
heap
|
page readonly
|
||
|
749B000
|
stack
|
page read and write
|
||
|
2A44000
|
heap
|
page read and write
|
||
|
29FB000
|
heap
|
page read and write
|
||
|
61D1000
|
heap
|
page read and write
|
||
|
5579000
|
heap
|
page read and write
|
||
|
86AA000
|
unkown
|
page write copy
|
||
|
7837000
|
unkown
|
page readonly
|
||
|
747E000
|
stack
|
page read and write
|
||
|
7565000
|
heap
|
page execute and read and write
|
||
|
4FDF000
|
heap
|
page read and write
|
||
|
5F24000
|
trusted library allocation
|
page read and write
|
||
|
8CF0000
|
trusted library allocation
|
page read and write
|
||
|
78EE000
|
stack
|
page read and write
|
||
|
7E82000
|
trusted library allocation
|
page read and write
|
||
|
726E000
|
stack
|
page read and write
|
||
|
957000
|
heap
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
73AD000
|
stack
|
page read and write
|
||
|
7560000
|
heap
|
page execute and read and write
|
||
|
7D4E000
|
stack
|
page read and write
|
||
|
759A000
|
stack
|
page read and write
|
||
|
2DC1000
|
heap
|
page read and write
|
||
|
86AA000
|
unkown
|
page write copy
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
73D7000
|
direct allocation
|
page read and write
|
||
|
2A09000
|
heap
|
page read and write
|
||
|
52BC000
|
stack
|
page read and write
|
||
|
8A0A000
|
trusted library allocation
|
page read and write
|
||
|
95E000
|
heap
|
page read and write
|
||
|
342F000
|
stack
|
page read and write
|
||
|
56C2000
|
heap
|
page read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
3598000
|
heap
|
page read and write
|
||
|
89C4000
|
heap
|
page read and write
|
||
|
34C0000
|
heap
|
page readonly
|
||
|
5549000
|
heap
|
page read and write
|
||
|
35FF000
|
stack
|
page read and write
|
||
|
7F410000
|
trusted library allocation
|
page execute and read and write
|
||
|
7CB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7A09000
|
heap
|
page read and write
|
||
|
2F20000
|
trusted library allocation
|
page read and write
|
||
|
8C80000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F90000
|
heap
|
page read and write
|
||
|
7D00000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
71FD000
|
unkown
|
page readonly
|
||
|
4D00000
|
trusted library allocation
|
page read and write
|
||
|
3931000
|
unkown
|
page execute read
|
||
|
8920000
|
trusted library allocation
|
page read and write
|
||
|
6051000
|
heap
|
page read and write
|
||
|
4D00000
|
heap
|
page read and write
|
||
|
469000
|
unkown
|
page read and write
|
||
|
789B000
|
stack
|
page read and write
|
||
|
308F000
|
stack
|
page read and write
|
||
|
783D000
|
unkown
|
page readonly
|
||
|
730000
|
unkown
|
page readonly
|
||
|
328A000
|
heap
|
page read and write
|
||
|
8950000
|
trusted library allocation
|
page read and write
|
||
|
8919000
|
trusted library allocation
|
page read and write
|
||
|
355F000
|
heap
|
page read and write
|
||
|
515F000
|
stack
|
page read and write
|
||
|
87A0000
|
trusted library allocation
|
page read and write
|
||
|
304E000
|
stack
|
page read and write
|
||
|
78AE000
|
stack
|
page read and write
|
||
|
79E2000
|
unkown
|
page readonly
|
||
|
286C000
|
heap
|
page read and write
|
||
|
7EF78000
|
trusted library allocation
|
page execute and read and write
|
||
|
6052000
|
heap
|
page read and write
|
||
|
7CD0000
|
trusted library allocation
|
page read and write
|
||
|
23E8000
|
heap
|
page read and write
|
||
|
32BE000
|
stack
|
page read and write
|
||
|
7E70000
|
trusted library allocation
|
page read and write
|
||
|
86F000
|
stack
|
page read and write
|
||
|
2C0E000
|
stack
|
page read and write
|
||
|
884E000
|
stack
|
page read and write
|
||
|
2DA4000
|
heap
|
page read and write
|
||
|
961000
|
heap
|
page read and write
|
||
|
7D50000
|
trusted library allocation
|
page read and write
|
||
|
34C0000
|
heap
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
5682000
|
heap
|
page read and write
|
||
|
4DC1000
|
heap
|
page read and write
|
||
|
5CC0000
|
direct allocation
|
page read and write
|
||
|
7BCD000
|
stack
|
page read and write
|
||
|
7B45000
|
heap
|
page read and write
|
||
|
528E000
|
stack
|
page read and write
|
||
|
5440000
|
heap
|
page read and write
|
||
|
7E10000
|
trusted library allocation
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
3479000
|
trusted library allocation
|
page read and write
|
||
|
35AE000
|
unkown
|
page read and write
|
||
|
95E000
|
heap
|
page read and write
|
||
|
8910000
|
trusted library allocation
|
page read and write
|
||
|
2790000
|
heap
|
page read and write
|
||
|
8907000
|
trusted library allocation
|
page read and write
|
||
|
4DC0000
|
heap
|
page read and write
|
||
|
79B2000
|
unkown
|
page readonly
|
||
|
5360000
|
heap
|
page read and write
|
||
|
4B00000
|
heap
|
page read and write
|
||
|
5574000
|
heap
|
page read and write
|
||
|
A6F000
|
stack
|
page read and write
|
||
|
89F2000
|
heap
|
page read and write
|
||
|
907000
|
heap
|
page read and write
|
||
|
94E000
|
heap
|
page read and write
|
||
|
297F000
|
stack
|
page read and write
|
||
|
352F000
|
unkown
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
36F8000
|
heap
|
page read and write
|
||
|
50C2000
|
heap
|
page read and write
|
||
|
7AD5000
|
heap
|
page read and write
|
||
|
5181000
|
trusted library allocation
|
page read and write
|
||
|
25F0000
|
heap
|
page read and write
|
||
|
8EA000
|
heap
|
page read and write
|
||
|
3690000
|
trusted library allocation
|
page read and write
|
||
|
95E000
|
heap
|
page read and write
|
||
|
2B9E000
|
stack
|
page read and write
|
||
|
7C8D000
|
stack
|
page read and write
|
||
|
8A40000
|
trusted library allocation
|
page read and write
|
||
|
50D0000
|
heap
|
page read and write
|
||
|
346D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
8CD000
|
heap
|
page read and write
|
||
|
7882000
|
heap
|
page read and write
|
||
|
293E000
|
stack
|
page read and write
|
||
|
50BD000
|
stack
|
page read and write
|
||
|
2B60000
|
trusted library allocation
|
page read and write
|
||
|
4331000
|
unkown
|
page execute read
|
||
|
7C90000
|
trusted library allocation
|
page read and write
|
||
|
6D50000
|
direct allocation
|
page read and write
|
||
|
7C40000
|
trusted library allocation
|
page read and write
|
||
|
79A5000
|
heap
|
page read and write
|
||
|
8770000
|
trusted library allocation
|
page execute and read and write
|
||
|
3420000
|
heap
|
page read and write
|
||
|
90A000
|
heap
|
page read and write
|
||
|
8EC000
|
heap
|
page read and write
|
||
|
273C000
|
stack
|
page read and write
|
||
|
8CE0000
|
trusted library allocation
|
page read and write
|
||
|
736D000
|
stack
|
page read and write
|
||
|
25AC000
|
stack
|
page read and write
|
||
|
53C1000
|
heap
|
page read and write
|
||
|
5602000
|
heap
|
page read and write
|
||
|
7E60000
|
trusted library allocation
|
page read and write
|
||
|
5FD0000
|
heap
|
page read and write
|
||
|
5AC0000
|
direct allocation
|
page read and write
|
||
|
732A000
|
stack
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
8960000
|
trusted library allocation
|
page read and write
|
||
|
1131000
|
unkown
|
page execute read
|
||
|
4FBF000
|
stack
|
page read and write
|
||
|
4E40000
|
heap
|
page read and write
|
||
|
786E000
|
stack
|
page read and write
|
||
|
8780000
|
trusted library allocation
|
page read and write
|
||
|
29DD000
|
heap
|
page read and write
|
||
|
7B2B000
|
heap
|
page read and write
|
||
|
7B4A000
|
heap
|
page read and write
|
||
|
340B000
|
heap
|
page read and write
|
||
|
54C1000
|
heap
|
page read and write
|
||
|
2DAB000
|
heap
|
page read and write
|
||
|
8940000
|
trusted library allocation
|
page read and write
|
||
|
5FD1000
|
heap
|
page read and write
|
||
|
79C1000
|
heap
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
3478000
|
heap
|
page read and write
|
||
|
34E9000
|
trusted library allocation
|
page read and write
|
||
|
59B000
|
unkown
|
page readonly
|
||
|
2A08000
|
heap
|
page read and write
|
||
|
4CC1000
|
heap
|
page read and write
|
||
|
448000
|
unkown
|
page read and write
|
||
|
4951000
|
heap
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
88E0000
|
trusted library allocation
|
page read and write
|
||
|
57B1000
|
trusted library allocation
|
page read and write
|
||
|
5582000
|
heap
|
page read and write
|
||
|
7A70000
|
trusted library allocation
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
50CB000
|
heap
|
page read and write
|
||
|
8A07000
|
trusted library allocation
|
page read and write
|
||
|
772E000
|
stack
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
83DF000
|
unkown
|
page readonly
|
||
|
2E60000
|
direct allocation
|
page read and write
|
||
|
3931000
|
unkown
|
page execute read
|
||
|
6AD0000
|
direct allocation
|
page read and write
|
||
|
332E000
|
stack
|
page read and write
|
||
|
8950000
|
heap
|
page read and write
|
||
|
959000
|
heap
|
page read and write
|
||
|
29DD000
|
heap
|
page read and write
|
||
|
7D20000
|
trusted library allocation
|
page read and write
|
||
|
8D1000
|
heap
|
page read and write
|
||
|
36C0000
|
heap
|
page readonly
|
||
|
50CC000
|
heap
|
page read and write
|
||
|
8BD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7A4B000
|
heap
|
page read and write
|
||
|
6010000
|
heap
|
page read and write
|
||
|
345D000
|
heap
|
page read and write
|
||
|
3670000
|
trusted library allocation
|
page read and write
|
||
|
303B000
|
stack
|
page read and write
|
||
|
8EEE000
|
stack
|
page read and write
|
||
|
33D0000
|
trusted library allocation
|
page read and write
|
||
|
61E5000
|
trusted library allocation
|
page read and write
|
||
|
2330000
|
heap
|
page read and write
|
||
|
53C1000
|
heap
|
page read and write
|
||
|
2A3F000
|
heap
|
page read and write
|
||
|
2BAD000
|
heap
|
page read and write
|
||
|
959000
|
heap
|
page read and write
|
||
|
320E000
|
stack
|
page read and write
|
||
|
8EAB000
|
stack
|
page read and write
|
||
|
32C2000
|
heap
|
page read and write
|
||
|
50CB000
|
heap
|
page read and write
|
||
|
2531000
|
unkown
|
page execute read
|
||
|
31E5000
|
heap
|
page read and write
|
||
|
7B68000
|
heap
|
page read and write
|
||
|
2DAC000
|
heap
|
page read and write
|
||
|
8950000
|
trusted library allocation
|
page read and write
|
||
|
7861000
|
unkown
|
page readonly
|
||
|
5441000
|
heap
|
page read and write
|
||
|
7630000
|
heap
|
page read and write
|
||
|
4DC0000
|
heap
|
page read and write
|
||
|
41E000
|
unkown
|
page read and write
|
||
|
8ED000
|
heap
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
3450000
|
heap
|
page read and write
|
||
|
327D000
|
stack
|
page read and write
|
||
|
4E40000
|
heap
|
page read and write
|
||
|
79EE000
|
stack
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
1131000
|
unkown
|
page execute read
|
||
|
282C000
|
stack
|
page read and write
|
||
|
876E000
|
stack
|
page read and write
|
||
|
71FD000
|
unkown
|
page readonly
|
||
|
5540000
|
heap
|
page read and write
|
||
|
8FE000
|
heap
|
page read and write
|
||
|
31F5000
|
heap
|
page read and write
|
||
|
7C90000
|
trusted library allocation
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
3620000
|
heap
|
page read and write
|
||
|
4E40000
|
heap
|
page read and write
|
||
|
7978000
|
heap
|
page read and write
|
||
|
5602000
|
heap
|
page read and write
|
||
|
61BC000
|
trusted library allocation
|
page read and write
|
||
|
4E00000
|
heap
|
page read and write
|
||
|
76AE000
|
stack
|
page read and write
|
||
|
7BCE000
|
stack
|
page read and write
|
||
|
2DA4000
|
heap
|
page read and write
|
||
|
31FE000
|
unkown
|
page read and write
|
||
|
7AA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E40000
|
heap
|
page read and write
|
||
|
7A44000
|
heap
|
page read and write
|
||
|
4BC8000
|
heap
|
page read and write
|
||
|
7A50000
|
trusted library allocation
|
page read and write
|
||
|
7E40000
|
trusted library allocation
|
page read and write
|
||
|
54F000
|
unkown
|
page read and write
|
||
|
6210000
|
heap
|
page read and write
|
||
|
256C000
|
stack
|
page read and write
|
||
|
7857000
|
unkown
|
page readonly
|
||
|
2DA2000
|
heap
|
page read and write
|
||
|
7DD0000
|
trusted library allocation
|
page read and write
|
||
|
4A5F000
|
stack
|
page read and write
|
||
|
3505000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BDC000
|
heap
|
page read and write
|
||
|
60D1000
|
heap
|
page read and write
|
||
|
345E000
|
heap
|
page read and write
|
||
|
86FD000
|
unkown
|
page write copy
|
||
|
33E0000
|
heap
|
page read and write
|
||
|
2C70000
|
heap
|
page read and write
|
||
|
4D31000
|
unkown
|
page execute read
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
7BF0000
|
trusted library allocation
|
page read and write
|
||
|
29FB000
|
heap
|
page read and write
|
||
|
7999000
|
heap
|
page read and write
|
||
|
4D9D000
|
stack
|
page read and write
|
||
|
54C0000
|
heap
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
957000
|
heap
|
page read and write
|
||
|
7DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
83DF000
|
unkown
|
page readonly
|
||
|
34AA000
|
heap
|
page read and write
|
||
|
32FF000
|
stack
|
page read and write
|
||
|
71F4000
|
unkown
|
page readonly
|
||
|
7962000
|
heap
|
page read and write
|
||
|
2DB7000
|
heap
|
page read and write
|
||
|
563D000
|
trusted library allocation
|
page read and write
|
||
|
25F5000
|
heap
|
page read and write
|
||
|
6150000
|
heap
|
page read and write
|
||
|
3470000
|
trusted library allocation
|
page read and write
|
||
|
63E4000
|
trusted library allocation
|
page read and write
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
4B30000
|
heap
|
page read and write
|
||
|
5F90000
|
heap
|
page read and write
|
||
|
34E9000
|
heap
|
page read and write
|
||
|
6181000
|
trusted library allocation
|
page read and write
|
||
|
7C00000
|
trusted library allocation
|
page read and write
|
||
|
48AF000
|
stack
|
page read and write
|
||
|
7B0C000
|
heap
|
page read and write
|
There are 974 hidden memdumps, click here to show them.