Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
45brrQrxwH.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\tmp365A.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\XEWKUH.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\45brrQrxwH.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\XEWKUH.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_42je1sfx.03f.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bcgfpzw5.w3t.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_go252xjx.txz.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hycgfdcy.xlg.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_okpkk2nj.ahp.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_se303tbl.oa0.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xputypb2.s4g.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yuvhpig3.ge3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp4771.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\XEWKUH.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\45brrQrxwH.exe
|
"C:\Users\user\Desktop\45brrQrxwH.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\45brrQrxwH.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\XEWKUH.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\XEWKUH" /XML "C:\Users\user\AppData\Local\Temp\tmp365A.tmp"
|
|
|
|
C:\Users\user\Desktop\45brrQrxwH.exe
|
"C:\Users\user\Desktop\45brrQrxwH.exe"
|
|
|
|
C:\Users\user\Desktop\45brrQrxwH.exe
|
"C:\Users\user\Desktop\45brrQrxwH.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\XEWKUH.exe
|
C:\Users\user\AppData\Roaming\XEWKUH.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\XEWKUH" /XML "C:\Users\user\AppData\Local\Temp\tmp4771.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\XEWKUH.exe
|
"C:\Users\user\AppData\Roaming\XEWKUH.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
172.67.74.152
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://crl.glob
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
||
|
http://go.mic
|
unknown
|
||
|
http://smtp.yandex.com
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
https://api.ipify.org
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.sakkal.com-u
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 25 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
smtp.yandex.ru
|
77.88.21.158
|
||
|
api.ipify.org
|
172.67.74.152
|
||
|
smtp.yandex.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
77.88.21.158
|
smtp.yandex.ru
|
Russian Federation
|
||
|
172.67.74.152
|
api.ipify.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\45brrQrxwH_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\45brrQrxwH_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\45brrQrxwH_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\45brrQrxwH_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\45brrQrxwH_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\45brrQrxwH_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\45brrQrxwH_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\45brrQrxwH_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\45brrQrxwH_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\45brrQrxwH_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\45brrQrxwH_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\45brrQrxwH_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\45brrQrxwH_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\45brrQrxwH_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\XEWKUH_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\XEWKUH_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\XEWKUH_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\XEWKUH_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\XEWKUH_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\XEWKUH_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\XEWKUH_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\XEWKUH_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\XEWKUH_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\XEWKUH_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\XEWKUH_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\XEWKUH_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\XEWKUH_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\XEWKUH_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
496D000
|
trusted library allocation
|
page read and write
|
|
|
|
435000
|
remote allocation
|
page execute and read and write
|
|
|
|
2F61000
|
trusted library allocation
|
page read and write
|
|
|
|
3CD9000
|
trusted library allocation
|
page read and write
|
|
|
|
3031000
|
trusted library allocation
|
page read and write
|
|
|
|
305B000
|
trusted library allocation
|
page read and write
|
|
|
|
2F8B000
|
trusted library allocation
|
page read and write
|
|
|
|
FFE000
|
heap
|
page read and write
|
||
|
912000
|
unkown
|
page readonly
|
||
|
2F4E000
|
trusted library allocation
|
page read and write
|
||
|
56E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1120C000
|
stack
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
72AD000
|
heap
|
page read and write
|
||
|
3149000
|
trusted library allocation
|
page read and write
|
||
|
2A52000
|
trusted library allocation
|
page read and write
|
||
|
55EE000
|
stack
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
6D82000
|
trusted library allocation
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
2E6F000
|
stack
|
page read and write
|
||
|
CB70000
|
trusted library allocation
|
page read and write
|
||
|
8BDD000
|
stack
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
5CB0000
|
heap
|
page read and write
|
||
|
2F7B000
|
trusted library allocation
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
10A9D000
|
stack
|
page read and write
|
||
|
5166000
|
trusted library allocation
|
page read and write
|
||
|
1222000
|
trusted library allocation
|
page read and write
|
||
|
6B7F000
|
stack
|
page read and write
|
||
|
3F7F000
|
trusted library allocation
|
page read and write
|
||
|
2B50000
|
trusted library allocation
|
page read and write
|
||
|
2CCE000
|
stack
|
page read and write
|
||
|
E94000
|
heap
|
page read and write
|
||
|
CA90000
|
trusted library section
|
page read and write
|
||
|
55D0000
|
heap
|
page read and write
|
||
|
40D000
|
remote allocation
|
page execute and read and write
|
||
|
6C00000
|
trusted library allocation
|
page read and write
|
||
|
2C21000
|
trusted library allocation
|
page read and write
|
||
|
59D0000
|
heap
|
page read and write
|
||
|
543A000
|
trusted library allocation
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
5126000
|
trusted library allocation
|
page read and write
|
||
|
5121000
|
trusted library allocation
|
page read and write
|
||
|
2F0A000
|
heap
|
page read and write
|
||
|
7FD60000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A20000
|
heap
|
page read and write
|
||
|
573E000
|
stack
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
1307000
|
heap
|
page read and write
|
||
|
2A42000
|
trusted library allocation
|
page read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
92DC000
|
stack
|
page read and write
|
||
|
129E000
|
stack
|
page read and write
|
||
|
70D0000
|
trusted library allocation
|
page read and write
|
||
|
3137000
|
trusted library allocation
|
page read and write
|
||
|
CB15000
|
trusted library allocation
|
page read and write
|
||
|
301E000
|
trusted library allocation
|
page read and write
|
||
|
5100000
|
trusted library allocation
|
page read and write
|
||
|
8F5D000
|
stack
|
page read and write
|
||
|
2D9E000
|
stack
|
page read and write
|
||
|
3C29000
|
trusted library allocation
|
page read and write
|
||
|
CAA0000
|
trusted library allocation
|
page read and write
|
||
|
52A0000
|
trusted library section
|
page readonly
|
||
|
52C0000
|
heap
|
page read and write
|
||
|
DB9000
|
stack
|
page read and write
|
||
|
3016000
|
trusted library allocation
|
page read and write
|
||
|
B7EE000
|
stack
|
page read and write
|
||
|
12DD000
|
heap
|
page read and write
|
||
|
3129000
|
trusted library allocation
|
page read and write
|
||
|
53F0000
|
heap
|
page execute and read and write
|
||
|
2A5B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B00000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B10000
|
heap
|
page execute and read and write
|
||
|
5310000
|
heap
|
page read and write
|
||
|
1237000
|
trusted library allocation
|
page execute and read and write
|
||
|
3145000
|
trusted library allocation
|
page read and write
|
||
|
2D37000
|
trusted library allocation
|
page execute and read and write
|
||
|
54A0000
|
heap
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
70B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D20000
|
trusted library allocation
|
page read and write
|
||
|
16F7000
|
heap
|
page read and write
|
||
|
31DD000
|
trusted library allocation
|
page read and write
|
||
|
1275000
|
heap
|
page read and write
|
||
|
CAB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
CF7000
|
stack
|
page read and write
|
||
|
6A30000
|
trusted library allocation
|
page read and write
|
||
|
6C10000
|
trusted library allocation
|
page execute and read and write
|
||
|
91DC000
|
stack
|
page read and write
|
||
|
105E000
|
heap
|
page read and write
|
||
|
3147000
|
trusted library allocation
|
page read and write
|
||
|
5330000
|
heap
|
page read and write
|
||
|
53F0000
|
trusted library allocation
|
page read and write
|
||
|
FFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
31D1000
|
trusted library allocation
|
page read and write
|
||
|
55F3000
|
heap
|
page read and write
|
||
|
60CE000
|
stack
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
597E000
|
stack
|
page read and write
|
||
|
101A000
|
trusted library allocation
|
page execute and read and write
|
||
|
E28000
|
heap
|
page read and write
|
||
|
684E000
|
stack
|
page read and write
|
||
|
5A7E000
|
stack
|
page read and write
|
||
|
40F000
|
remote allocation
|
page execute and read and write
|
||
|
65CD000
|
stack
|
page read and write
|
||
|
68DE000
|
stack
|
page read and write
|
||
|
6ABE000
|
stack
|
page read and write
|
||
|
875E000
|
stack
|
page read and write
|
||
|
31D7000
|
trusted library allocation
|
page read and write
|
||
|
544A000
|
trusted library allocation
|
page read and write
|
||
|
1305000
|
trusted library allocation
|
page read and write
|
||
|
2BA0000
|
trusted library allocation
|
page read and write
|
||
|
114C000
|
heap
|
page read and write
|
||
|
10BDE000
|
stack
|
page read and write
|
||
|
3059000
|
trusted library allocation
|
page read and write
|
||
|
7270000
|
heap
|
page read and write
|
||
|
3CD1000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
trusted library allocation
|
page read and write
|
||
|
8B9F000
|
stack
|
page read and write
|
||
|
6A1D000
|
stack
|
page read and write
|
||
|
1081E000
|
stack
|
page read and write
|
||
|
515E000
|
trusted library allocation
|
page read and write
|
||
|
10CDE000
|
stack
|
page read and write
|
||
|
111CF000
|
stack
|
page read and write
|
||
|
543E000
|
trusted library allocation
|
page read and write
|
||
|
5161000
|
trusted library allocation
|
page read and write
|
||
|
70E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A00000
|
heap
|
page read and write
|
||
|
544D000
|
trusted library allocation
|
page read and write
|
||
|
5140000
|
trusted library allocation
|
page read and write
|
||
|
2D35000
|
trusted library allocation
|
page execute and read and write
|
||
|
7100000
|
heap
|
page read and write
|
||
|
2F11000
|
trusted library allocation
|
page read and write
|
||
|
6BD8000
|
trusted library allocation
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page read and write
|
||
|
31F7000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
1085E000
|
stack
|
page read and write
|
||
|
6BD3000
|
trusted library allocation
|
page read and write
|
||
|
1024000
|
heap
|
page read and write
|
||
|
1232000
|
trusted library allocation
|
page read and write
|
||
|
2EFF000
|
unkown
|
page read and write
|
||
|
100F000
|
heap
|
page read and write
|
||
|
412000
|
remote allocation
|
page execute and read and write
|
||
|
5196000
|
trusted library allocation
|
page read and write
|
||
|
6BA7000
|
trusted library allocation
|
page read and write
|
||
|
6B9D000
|
trusted library allocation
|
page read and write
|
||
|
50AE000
|
stack
|
page read and write
|
||
|
3127000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
31D9000
|
trusted library allocation
|
page read and write
|
||
|
2CD1000
|
trusted library allocation
|
page read and write
|
||
|
2F5B000
|
trusted library allocation
|
page read and write
|
||
|
1230000
|
trusted library allocation
|
page read and write
|
||
|
5423000
|
heap
|
page read and write
|
||
|
2A4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
658E000
|
stack
|
page read and write
|
||
|
940B000
|
trusted library allocation
|
page read and write
|
||
|
31FD000
|
trusted library allocation
|
page read and write
|
||
|
5442000
|
trusted library allocation
|
page read and write
|
||
|
42B000
|
remote allocation
|
page execute and read and write
|
||
|
11F0000
|
trusted library allocation
|
page read and write
|
||
|
5190000
|
heap
|
page read and write
|
||
|
31FF000
|
trusted library allocation
|
page read and write
|
||
|
DF9000
|
stack
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
EEA000
|
heap
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
CB30000
|
trusted library allocation
|
page execute and read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
418000
|
remote allocation
|
page execute and read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
50DD000
|
stack
|
page read and write
|
||
|
12F0000
|
trusted library allocation
|
page read and write
|
||
|
5480000
|
trusted library section
|
page readonly
|
||
|
11D5000
|
heap
|
page read and write
|
||
|
2D10000
|
trusted library allocation
|
page read and write
|
||
|
F5E000
|
stack
|
page read and write
|
||
|
1203000
|
trusted library allocation
|
page execute and read and write
|
||
|
314D000
|
trusted library allocation
|
page read and write
|
||
|
5230000
|
heap
|
page read and write
|
||
|
16E0000
|
trusted library allocation
|
page read and write
|
||
|
593E000
|
stack
|
page read and write
|
||
|
54A0000
|
heap
|
page read and write
|
||
|
65F7000
|
heap
|
page read and write
|
||
|
1130C000
|
stack
|
page read and write
|
||
|
1055E000
|
stack
|
page read and write
|
||
|
424000
|
remote allocation
|
page execute and read and write
|
||
|
CBA000
|
stack
|
page read and write
|
||
|
2EBE000
|
unkown
|
page read and write
|
||
|
5436000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
trusted library allocation
|
page read and write
|
||
|
2E3A000
|
stack
|
page read and write
|
||
|
2A57000
|
trusted library allocation
|
page execute and read and write
|
||
|
1237000
|
trusted library allocation
|
page execute and read and write
|
||
|
10AC000
|
heap
|
page read and write
|
||
|
1038000
|
heap
|
page read and write
|
||
|
51C0000
|
trusted library allocation
|
page read and write
|
||
|
6D00000
|
trusted library allocation
|
page read and write
|
||
|
123B000
|
trusted library allocation
|
page execute and read and write
|
||
|
56D0000
|
trusted library allocation
|
page read and write
|
||
|
5C9E000
|
heap
|
page read and write
|
||
|
70C0000
|
heap
|
page read and write
|
||
|
5441000
|
trusted library allocation
|
page read and write
|
||
|
5490000
|
heap
|
page read and write
|
||
|
697A000
|
heap
|
page read and write
|
||
|
2F46000
|
trusted library allocation
|
page read and write
|
||
|
EC7000
|
heap
|
page read and write
|
||
|
100D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D08000
|
trusted library allocation
|
page read and write
|
||
|
6A7E000
|
stack
|
page read and write
|
||
|
6BDD000
|
trusted library allocation
|
page read and write
|
||
|
E2E000
|
heap
|
page read and write
|
||
|
3044000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
3136000
|
trusted library allocation
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4513000
|
trusted library allocation
|
page read and write
|
||
|
5320000
|
trusted library allocation
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
31EF000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
1204000
|
trusted library allocation
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
2ABE000
|
stack
|
page read and write
|
||
|
44C5000
|
trusted library allocation
|
page read and write
|
||
|
31DF000
|
trusted library allocation
|
page read and write
|
||
|
31F3000
|
trusted library allocation
|
page read and write
|
||
|
314E000
|
stack
|
page read and write
|
||
|
2C8E000
|
unkown
|
page read and write
|
||
|
581C000
|
stack
|
page read and write
|
||
|
6A39000
|
trusted library allocation
|
page read and write
|
||
|
2EAE000
|
stack
|
page read and write
|
||
|
5104000
|
trusted library allocation
|
page read and write
|
||
|
587E000
|
stack
|
page read and write
|
||
|
3205000
|
trusted library allocation
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
75BE000
|
stack
|
page read and write
|
||
|
415000
|
remote allocation
|
page execute and read and write
|
||
|
A7D000
|
stack
|
page read and write
|
||
|
2D2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
31E9000
|
trusted library allocation
|
page read and write
|
||
|
31E3000
|
trusted library allocation
|
page read and write
|
||
|
6BF0000
|
heap
|
page read and write
|
||
|
6A70000
|
trusted library allocation
|
page read and write
|
||
|
5194000
|
trusted library allocation
|
page read and write
|
||
|
31FB000
|
trusted library allocation
|
page read and write
|
||
|
571C000
|
stack
|
page read and write
|
||
|
3207000
|
trusted library allocation
|
page read and write
|
||
|
1032000
|
heap
|
page read and write
|
||
|
E15000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
511E000
|
trusted library allocation
|
page read and write
|
||
|
5446000
|
trusted library allocation
|
page read and write
|
||
|
2C00000
|
trusted library allocation
|
page read and write
|
||
|
2F89000
|
trusted library allocation
|
page read and write
|
||
|
2F87000
|
trusted library allocation
|
page read and write
|
||
|
2A3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
ABA000
|
stack
|
page read and write
|
||
|
1250000
|
trusted library allocation
|
page read and write
|
||
|
542B000
|
trusted library allocation
|
page read and write
|
||
|
8F1E000
|
stack
|
page read and write
|
||
|
7FBC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F11000
|
trusted library allocation
|
page read and write
|
||
|
6C40000
|
trusted library allocation
|
page read and write
|
||
|
2EF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
544E000
|
trusted library allocation
|
page read and write
|
||
|
1230000
|
trusted library allocation
|
page read and write
|
||
|
54C0000
|
heap
|
page read and write
|
||
|
422000
|
remote allocation
|
page execute and read and write
|
||
|
53C0000
|
trusted library allocation
|
page read and write
|
||
|
13E0000
|
trusted library allocation
|
page read and write
|
||
|
1235000
|
trusted library allocation
|
page execute and read and write
|
||
|
8A9E000
|
stack
|
page read and write
|
||
|
1232000
|
trusted library allocation
|
page read and write
|
||
|
10EA000
|
heap
|
page read and write
|
||
|
2DEF000
|
unkown
|
page read and write
|
||
|
66CE000
|
stack
|
page read and write
|
||
|
5C70000
|
heap
|
page read and write
|
||
|
3203000
|
trusted library allocation
|
page read and write
|
||
|
120D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6CAF000
|
stack
|
page read and write
|
||
|
FF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
110CE000
|
stack
|
page read and write
|
||
|
6C48000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
31E1000
|
trusted library allocation
|
page read and write
|
||
|
3135000
|
trusted library allocation
|
page read and write
|
||
|
6D70000
|
heap
|
page read and write
|
||
|
2FE1000
|
trusted library allocation
|
page read and write
|
||
|
569E000
|
stack
|
page read and write
|
||
|
139E000
|
stack
|
page read and write
|
||
|
2A23000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D50000
|
trusted library allocation
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
5484000
|
trusted library section
|
page readonly
|
||
|
55CD000
|
stack
|
page read and write
|
||
|
3141000
|
trusted library allocation
|
page read and write
|
||
|
3151000
|
trusted library allocation
|
page read and write
|
||
|
10D1E000
|
stack
|
page read and write
|
||
|
433000
|
remote allocation
|
page execute and read and write
|
||
|
935E000
|
stack
|
page read and write
|
||
|
51A5000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
FEE000
|
stack
|
page read and write
|
||
|
16DC000
|
stack
|
page read and write
|
||
|
51B0000
|
trusted library allocation
|
page read and write
|
||
|
5410000
|
trusted library allocation
|
page read and write
|
||
|
2F5D000
|
trusted library allocation
|
page read and write
|
||
|
543E000
|
trusted library allocation
|
page read and write
|
||
|
10F7000
|
heap
|
page read and write
|
||
|
1277000
|
heap
|
page read and write
|
||
|
3133000
|
trusted library allocation
|
page read and write
|
||
|
656E000
|
heap
|
page read and write
|
||
|
51A9000
|
trusted library allocation
|
page read and write
|
||
|
2D22000
|
trusted library allocation
|
page read and write
|
||
|
727F000
|
heap
|
page read and write
|
||
|
70C0000
|
trusted library allocation
|
page read and write
|
||
|
3FE1000
|
trusted library allocation
|
page read and write
|
||
|
5200000
|
heap
|
page execute and read and write
|
||
|
31F9000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
51A0000
|
trusted library allocation
|
page read and write
|
||
|
7070000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D26000
|
trusted library allocation
|
page execute and read and write
|
||
|
6970000
|
heap
|
page read and write
|
||
|
2A40000
|
trusted library allocation
|
page read and write
|
||
|
3131000
|
trusted library allocation
|
page read and write
|
||
|
7090000
|
trusted library allocation
|
page read and write
|
||
|
411000
|
remote allocation
|
page execute and read and write
|
||
|
1350000
|
trusted library allocation
|
page read and write
|
||
|
3155000
|
trusted library allocation
|
page read and write
|
||
|
52F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C3A000
|
stack
|
page read and write
|
||
|
307A000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
2B40000
|
heap
|
page read and write
|
||
|
123B000
|
trusted library allocation
|
page execute and read and write
|
||
|
52B0000
|
heap
|
page read and write
|
||
|
312D000
|
trusted library allocation
|
page read and write
|
||
|
69B3000
|
heap
|
page read and write
|
||
|
2D3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
45FE000
|
trusted library allocation
|
page read and write
|
||
|
512D000
|
trusted library allocation
|
page read and write
|
||
|
2FAA000
|
trusted library allocation
|
page read and write
|
||
|
31F5000
|
trusted library allocation
|
page read and write
|
||
|
2E2E000
|
stack
|
page read and write
|
||
|
2BCD000
|
stack
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
3C21000
|
trusted library allocation
|
page read and write
|
||
|
8CE0000
|
heap
|
page read and write
|
||
|
6CF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
CFA000
|
stack
|
page read and write
|
||
|
51A2000
|
trusted library allocation
|
page read and write
|
||
|
530B000
|
stack
|
page read and write
|
||
|
4DBC000
|
stack
|
page read and write
|
||
|
314B000
|
trusted library allocation
|
page read and write
|
||
|
1051E000
|
stack
|
page read and write
|
||
|
E47000
|
heap
|
page read and write
|
||
|
59BE000
|
stack
|
page read and write
|
||
|
2B90000
|
trusted library allocation
|
page read and write
|
||
|
313B000
|
trusted library allocation
|
page read and write
|
||
|
669E000
|
stack
|
page read and write
|
||
|
3157000
|
trusted library allocation
|
page read and write
|
||
|
302D000
|
trusted library allocation
|
page read and write
|
||
|
70CF000
|
stack
|
page read and write
|
||
|
1107000
|
heap
|
page read and write
|
||
|
679E000
|
stack
|
page read and write
|
||
|
40C000
|
remote allocation
|
page execute and read and write
|
||
|
670E000
|
stack
|
page read and write
|
||
|
7288000
|
heap
|
page read and write
|
||
|
680E000
|
stack
|
page read and write
|
||
|
2A50000
|
trusted library allocation
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
2A30000
|
trusted library allocation
|
page read and write
|
||
|
2BA5000
|
trusted library allocation
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
5460000
|
heap
|
page read and write
|
||
|
2F56000
|
trusted library allocation
|
page read and write
|
||
|
2D46000
|
trusted library allocation
|
page read and write
|
||
|
3054000
|
trusted library allocation
|
page read and write
|
||
|
313D000
|
trusted library allocation
|
page read and write
|
||
|
3129000
|
trusted library allocation
|
page read and write
|
||
|
5414000
|
trusted library allocation
|
page read and write
|
||
|
31E7000
|
trusted library allocation
|
page read and write
|
||
|
543B000
|
trusted library allocation
|
page read and write
|
||
|
5B8E000
|
stack
|
page read and write
|
||
|
5180000
|
heap
|
page read and write
|
||
|
5110000
|
heap
|
page read and write
|
||
|
870000
|
unkown
|
page readonly
|
||
|
6C50000
|
trusted library allocation
|
page execute and read and write
|
||
|
3057000
|
trusted library allocation
|
page read and write
|
||
|
1017000
|
heap
|
page read and write
|
||
|
312F000
|
trusted library allocation
|
page read and write
|
||
|
2C6E000
|
trusted library allocation
|
page read and write
|
||
|
1149000
|
heap
|
page read and write
|
||
|
1010000
|
trusted library allocation
|
page read and write
|
||
|
5172000
|
trusted library allocation
|
page read and write
|
||
|
2A33000
|
trusted library allocation
|
page read and write
|
||
|
1003000
|
trusted library allocation
|
page read and write
|
||
|
5130000
|
trusted library allocation
|
page read and write
|
||
|
3124000
|
trusted library allocation
|
page read and write
|
||
|
7387000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
61CF000
|
stack
|
page read and write
|
||
|
597E000
|
stack
|
page read and write
|
||
|
FFA000
|
heap
|
page read and write
|
||
|
5280000
|
trusted library allocation
|
page execute and read and write
|
||
|
55ED000
|
stack
|
page read and write
|
||
|
7460000
|
trusted library allocation
|
page execute and read and write
|
||
|
31D3000
|
trusted library allocation
|
page read and write
|
||
|
4C28000
|
trusted library allocation
|
page read and write
|
||
|
7080000
|
trusted library allocation
|
page read and write
|
||
|
9E5000
|
heap
|
page read and write
|
||
|
1226000
|
trusted library allocation
|
page execute and read and write
|
||
|
42A000
|
remote allocation
|
page execute and read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
1012000
|
trusted library allocation
|
page read and write
|
||
|
DFD000
|
stack
|
page read and write
|
||
|
55E0000
|
heap
|
page read and write
|
||
|
10AA0000
|
heap
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
423000
|
remote allocation
|
page execute and read and write
|
||
|
3066000
|
trusted library allocation
|
page read and write
|
||
|
4928000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
6FCE000
|
stack
|
page read and write
|
||
|
10F5000
|
heap
|
page read and write
|
||
|
1134E000
|
stack
|
page read and write
|
||
|
30C9000
|
trusted library allocation
|
page read and write
|
||
|
EBA000
|
heap
|
page read and write
|
||
|
6BA0000
|
trusted library allocation
|
page read and write
|
||
|
1071E000
|
stack
|
page read and write
|
||
|
414000
|
remote allocation
|
page execute and read and write
|
||
|
410000
|
remote allocation
|
page execute and read and write
|
||
|
3070000
|
trusted library allocation
|
page read and write
|
||
|
3143000
|
trusted library allocation
|
page read and write
|
||
|
40E000
|
remote allocation
|
page execute and read and write
|
||
|
6B90000
|
trusted library allocation
|
page read and write
|
||
|
8CDD000
|
stack
|
page read and write
|
||
|
3153000
|
trusted library allocation
|
page read and write
|
||
|
608F000
|
stack
|
page read and write
|
||
|
8E1E000
|
stack
|
page read and write
|
||
|
2F59000
|
trusted library allocation
|
page read and write
|
||
|
CE10000
|
trusted library section
|
page read and write
|
||
|
7360000
|
heap
|
page read and write
|
||
|
895F000
|
stack
|
page read and write
|
||
|
2B40000
|
trusted library allocation
|
page execute and read and write
|
||
|
F9E000
|
stack
|
page read and write
|
||
|
114E000
|
stack
|
page read and write
|
||
|
1144E000
|
stack
|
page read and write
|
||
|
2FA0000
|
heap
|
page execute and read and write
|
||
|
3201000
|
trusted library allocation
|
page read and write
|
||
|
727B000
|
heap
|
page read and write
|
||
|
31DB000
|
trusted library allocation
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
trusted library allocation
|
page read and write
|
||
|
625E000
|
stack
|
page read and write
|
||
|
2BFC000
|
stack
|
page read and write
|
||
|
547B000
|
stack
|
page read and write
|
||
|
3112000
|
trusted library allocation
|
page read and write
|
||
|
12C3000
|
heap
|
page read and write
|
||
|
5452000
|
trusted library allocation
|
page read and write
|
||
|
6D60000
|
trusted library allocation
|
page read and write
|
||
|
434000
|
remote allocation
|
page execute and read and write
|
||
|
2CBB000
|
heap
|
page read and write
|
||
|
545D000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
heap
|
page execute and read and write
|
||
|
72A0000
|
heap
|
page read and write
|
||
|
1016000
|
trusted library allocation
|
page execute and read and write
|
||
|
510B000
|
trusted library allocation
|
page read and write
|
||
|
10E1E000
|
stack
|
page read and write
|
||
|
691E000
|
stack
|
page read and write
|
||
|
872000
|
unkown
|
page readonly
|
||
|
5249000
|
trusted library allocation
|
page read and write
|
||
|
CAC0000
|
trusted library allocation
|
page read and write
|
||
|
72BF000
|
heap
|
page read and write
|
||
|
6D48000
|
trusted library allocation
|
page read and write
|
||
|
2F00000
|
heap
|
page execute and read and write
|
||
|
5430000
|
trusted library allocation
|
page read and write
|
||
|
2A2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5432000
|
trusted library allocation
|
page read and write
|
||
|
879E000
|
stack
|
page read and write
|
||
|
5C60000
|
heap
|
page read and write
|
||
|
106C000
|
heap
|
page read and write
|
||
|
2C60000
|
trusted library allocation
|
page read and write
|
||
|
694D000
|
stack
|
page read and write
|
||
|
45C3000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
D37000
|
stack
|
page read and write
|
||
|
4DCC000
|
stack
|
page read and write
|
||
|
5190000
|
trusted library allocation
|
page read and write
|
||
|
2D0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
10EB000
|
heap
|
page read and write
|
||
|
124E000
|
stack
|
page read and write
|
||
|
122F000
|
stack
|
page read and write
|
||
|
5330000
|
heap
|
page read and write
|
||
|
2C10000
|
heap
|
page execute and read and write
|
||
|
54C5000
|
heap
|
page read and write
|
||
|
2D1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BBE000
|
stack
|
page read and write
|
||
|
3029000
|
trusted library allocation
|
page read and write
|
||
|
1000000
|
trusted library allocation
|
page read and write
|
||
|
547E000
|
trusted library allocation
|
page read and write
|
||
|
53D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5150000
|
trusted library allocation
|
page read and write
|
||
|
6D30000
|
trusted library allocation
|
page execute and read and write
|
||
|
655F000
|
stack
|
page read and write
|
||
|
6BE7000
|
trusted library allocation
|
page read and write
|
||
|
931D000
|
stack
|
page read and write
|
||
|
5144000
|
trusted library allocation
|
page read and write
|
||
|
318F000
|
stack
|
page read and write
|
||
|
8A5F000
|
stack
|
page read and write
|
||
|
2F9E000
|
stack
|
page read and write
|
||
|
2BBE000
|
stack
|
page read and write
|
||
|
10B5000
|
heap
|
page read and write
|
||
|
5416000
|
trusted library allocation
|
page read and write
|
||
|
583C000
|
stack
|
page read and write
|
||
|
3F39000
|
trusted library allocation
|
page read and write
|
||
|
413000
|
remote allocation
|
page execute and read and write
|
||
|
1608000
|
trusted library allocation
|
page read and write
|
||
|
5420000
|
heap
|
page read and write
|
||
|
12C7000
|
heap
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
2A70000
|
trusted library allocation
|
page read and write
|
||
|
6D40000
|
trusted library allocation
|
page read and write
|
||
|
1248000
|
heap
|
page read and write
|
||
|
16F0000
|
heap
|
page read and write
|
||
|
74BE000
|
stack
|
page read and write
|
||
|
31EB000
|
trusted library allocation
|
page read and write
|
||
|
5426000
|
trusted library allocation
|
page read and write
|
||
|
516D000
|
trusted library allocation
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
3F4D000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
5456000
|
trusted library allocation
|
page read and write
|
||
|
6C2D000
|
stack
|
page read and write
|
||
|
3042000
|
trusted library allocation
|
page read and write
|
||
|
112F000
|
stack
|
page read and write
|
||
|
5451000
|
trusted library allocation
|
page read and write
|
||
|
55F0000
|
heap
|
page read and write
|
||
|
12CA000
|
heap
|
page read and write
|
||
|
7120000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A24000
|
trusted library allocation
|
page read and write
|
||
|
E5E000
|
heap
|
page read and write
|
||
|
1300000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
3121000
|
trusted library allocation
|
page read and write
|
||
|
2A10000
|
trusted library allocation
|
page read and write
|
||
|
735E000
|
stack
|
page read and write
|
||
|
5183000
|
heap
|
page read and write
|
||
|
2F1B000
|
trusted library allocation
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
51A0000
|
trusted library allocation
|
page read and write
|
||
|
121D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FF1000
|
trusted library allocation
|
page read and write
|
||
|
6BE0000
|
trusted library allocation
|
page read and write
|
||
|
67DE000
|
stack
|
page read and write
|
||
|
514B000
|
trusted library allocation
|
page read and write
|
||
|
4477000
|
trusted library allocation
|
page read and write
|
||
|
2D30000
|
trusted library allocation
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
5ABE000
|
stack
|
page read and write
|
||
|
2D04000
|
trusted library allocation
|
page read and write
|
||
|
3125000
|
trusted library allocation
|
page read and write
|
||
|
7460000
|
trusted library section
|
page read and write
|
||
|
2F7D000
|
trusted library allocation
|
page read and write
|
||
|
6BED000
|
stack
|
page read and write
|
||
|
6BD0000
|
trusted library allocation
|
page read and write
|
||
|
1337000
|
heap
|
page read and write
|
||
|
31D5000
|
trusted library allocation
|
page read and write
|
||
|
2CB0000
|
heap
|
page read and write
|
||
|
1095F000
|
stack
|
page read and write
|
||
|
13E4000
|
trusted library allocation
|
page read and write
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
trusted library allocation
|
page read and write
|
||
|
51E0000
|
trusted library allocation
|
page read and write
|
||
|
5470000
|
trusted library allocation
|
page read and write
|
||
|
417000
|
remote allocation
|
page execute and read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
51B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
56A0000
|
trusted library section
|
page read and write
|
||
|
2D32000
|
trusted library allocation
|
page read and write
|
||
|
6560000
|
heap
|
page read and write
|
||
|
542E000
|
trusted library allocation
|
page read and write
|
||
|
31E5000
|
trusted library allocation
|
page read and write
|
||
|
13A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
54B0000
|
trusted library allocation
|
page read and write
|
||
|
B8EE000
|
stack
|
page read and write
|
||
|
312B000
|
trusted library allocation
|
page read and write
|
||
|
5240000
|
trusted library allocation
|
page read and write
|
||
|
2C85000
|
trusted library allocation
|
page read and write
|
||
|
1317000
|
heap
|
page read and write
|
||
|
6A25000
|
heap
|
page read and write
|
||
|
73C1000
|
heap
|
page read and write
|
||
|
CB10000
|
trusted library allocation
|
page read and write
|
||
|
FF4000
|
trusted library allocation
|
page read and write
|
||
|
2EEC000
|
stack
|
page read and write
|
||
|
6F6E000
|
stack
|
page read and write
|
||
|
7160000
|
heap
|
page read and write
|
||
|
2D03000
|
trusted library allocation
|
page execute and read and write
|
||
|
65AC000
|
heap
|
page read and write
|
||
|
4F18000
|
trusted library allocation
|
page read and write
|
||
|
404F000
|
trusted library allocation
|
page read and write
|
||
|
905E000
|
stack
|
page read and write
|
||
|
10F5E000
|
stack
|
page read and write
|
||
|
5320000
|
trusted library allocation
|
page execute and read and write
|
||
|
3059000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
6A79000
|
trusted library allocation
|
page read and write
|
||
|
2A46000
|
trusted library allocation
|
page execute and read and write
|
||
|
7130000
|
heap
|
page read and write
|
||
|
6CEE000
|
stack
|
page read and write
|
||
|
3114000
|
trusted library allocation
|
page read and write
|
||
|
13F7000
|
heap
|
page read and write
|
||
|
12E0000
|
trusted library allocation
|
page read and write
|
||
|
3123000
|
trusted library allocation
|
page read and write
|
||
|
CB00000
|
trusted library allocation
|
page read and write
|
||
|
313F000
|
trusted library allocation
|
page read and write
|
||
|
2AFB000
|
stack
|
page read and write
|
||
|
314F000
|
trusted library allocation
|
page read and write
|
||
|
5420000
|
trusted library allocation
|
page read and write
|
||
|
559C000
|
stack
|
page read and write
|
||
|
51C0000
|
trusted library allocation
|
page read and write
|
||
|
31F1000
|
trusted library allocation
|
page read and write
|
||
|
9AA000
|
stack
|
page read and write
|
||
|
1099D000
|
stack
|
page read and write
|
||
|
51B5000
|
trusted library allocation
|
page read and write
|
||
|
5480000
|
heap
|
page execute and read and write
|
||
|
10E5E000
|
stack
|
page read and write
|
||
|
648D000
|
stack
|
page read and write
|
||
|
5245000
|
trusted library allocation
|
page read and write
|
||
|
416000
|
remote allocation
|
page execute and read and write
|
||
|
125E000
|
heap
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
6C30000
|
heap
|
page read and write
|
||
|
122A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F07000
|
trusted library allocation
|
page read and write
|
||
|
2FF9000
|
trusted library allocation
|
page read and write
|
||
|
52C5000
|
heap
|
page read and write
|
||
|
5242000
|
trusted library allocation
|
page read and write
|
||
|
4009000
|
trusted library allocation
|
page read and write
|
||
|
31ED000
|
trusted library allocation
|
page read and write
|
||
|
E61000
|
heap
|
page read and write
|
||
|
5400000
|
trusted library allocation
|
page read and write
|
||
|
2EC2000
|
trusted library allocation
|
page read and write
|
||
|
2B3E000
|
trusted library allocation
|
page read and write
|
||
|
3139000
|
trusted library allocation
|
page read and write
|
There are 646 hidden memdumps, click here to show them.