Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
product11221.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\tmp8776.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\xOqrCwLHNYO.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\product11221.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\xOqrCwLHNYO.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4yatiyy5.5ka.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_daymgxph.rka.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wzbv2lsy.4vz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_z5xn21dc.2n2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp94C4.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\xOqrCwLHNYO.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\product11221.exe
|
"C:\Users\user\Desktop\product11221.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\xOqrCwLHNYO.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\xOqrCwLHNYO" /XML "C:\Users\user\AppData\Local\Temp\tmp8776.tmp"
|
|
|
|
C:\Users\user\Desktop\product11221.exe
|
"C:\Users\user\Desktop\product11221.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\xOqrCwLHNYO.exe
|
C:\Users\user\AppData\Roaming\xOqrCwLHNYO.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\xOqrCwLHNYO" /XML "C:\Users\user\AppData\Local\Temp\tmp94C4.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\xOqrCwLHNYO.exe
|
"C:\Users\user\AppData\Roaming\xOqrCwLHNYO.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
104.26.12.205
|
||
|
http://torosdental.com
|
unknown
|
||
|
https://api.ipify.org
|
unknown
|
||
|
http://www.ctvnews.ca/rss/business/ctv-news-business-headlines-1.867648
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://www.ctvnews.ca/rss/ctvnews-ca-top-stories-public-rss-1.822009
|
unknown
|
||
|
http://xml.weather.yahoo.com/ns/rss/1.0
|
unknown
|
||
|
http://weather.yahooapis.com/forecastrss?w=4118
|
unknown
|
||
|
http://ip-api.com
|
unknown
|
||
|
http://mail.torosdental.com
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
There are 3 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.torosdental.com
|
unknown
|
|
|
|
torosdental.com
|
159.253.43.92
|
||
|
api.ipify.org
|
104.26.12.205
|
||
|
ip-api.com
|
208.95.112.1
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.95.112.1
|
ip-api.com
|
United States
|
||
|
104.26.12.205
|
api.ipify.org
|
United States
|
||
|
159.253.43.92
|
torosdental.com
|
Turkey
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\product11221_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\product11221_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\product11221_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\product11221_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\product11221_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\product11221_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\product11221_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\product11221_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\product11221_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\product11221_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\product11221_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\product11221_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\product11221_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\product11221_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\xOqrCwLHNYO_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\xOqrCwLHNYO_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\xOqrCwLHNYO_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\xOqrCwLHNYO_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\xOqrCwLHNYO_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\xOqrCwLHNYO_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\xOqrCwLHNYO_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\xOqrCwLHNYO_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\xOqrCwLHNYO_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\xOqrCwLHNYO_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\xOqrCwLHNYO_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\xOqrCwLHNYO_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\xOqrCwLHNYO_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\xOqrCwLHNYO_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2C6C000
|
trusted library allocation
|
page read and write
|
|
|
|
3485000
|
trusted library allocation
|
page read and write
|
|
|
|
391B000
|
trusted library allocation
|
page read and write
|
|
|
|
3BF9000
|
trusted library allocation
|
page read and write
|
|
|
|
5110000
|
heap
|
page read and write
|
||
|
18E0000
|
heap
|
page read and write
|
||
|
726B000
|
trusted library allocation
|
page read and write
|
||
|
1B77000
|
heap
|
page read and write
|
||
|
7BFF000
|
stack
|
page read and write
|
||
|
5620000
|
heap
|
page read and write
|
||
|
8A7E000
|
stack
|
page read and write
|
||
|
6E80000
|
trusted library allocation
|
page read and write
|
||
|
1021000
|
heap
|
page read and write
|
||
|
932E000
|
stack
|
page read and write
|
||
|
26C2000
|
trusted library allocation
|
page read and write
|
||
|
6F6D000
|
stack
|
page read and write
|
||
|
3455000
|
trusted library allocation
|
page read and write
|
||
|
5F2C000
|
stack
|
page read and write
|
||
|
38B1000
|
trusted library allocation
|
page read and write
|
||
|
6D0C000
|
heap
|
page read and write
|
||
|
28F9000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
5330000
|
trusted library allocation
|
page read and write
|
||
|
4708000
|
trusted library allocation
|
page read and write
|
||
|
95FF000
|
stack
|
page read and write
|
||
|
48C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
57B0000
|
trusted library allocation
|
page read and write
|
||
|
4688000
|
trusted library allocation
|
page read and write
|
||
|
10A7000
|
heap
|
page read and write
|
||
|
511D000
|
trusted library allocation
|
page read and write
|
||
|
83B5000
|
heap
|
page read and write
|
||
|
638C000
|
heap
|
page read and write
|
||
|
EE0000
|
trusted library allocation
|
page read and write
|
||
|
7110000
|
trusted library allocation
|
page read and write
|
||
|
3897000
|
trusted library allocation
|
page read and write
|
||
|
2950000
|
trusted library allocation
|
page read and write
|
||
|
46C8000
|
trusted library allocation
|
page read and write
|
||
|
4EB0000
|
heap
|
page read and write
|
||
|
11BC000
|
stack
|
page read and write
|
||
|
E7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
79BE000
|
stack
|
page read and write
|
||
|
46A8000
|
trusted library allocation
|
page read and write
|
||
|
724E000
|
stack
|
page read and write
|
||
|
287C000
|
stack
|
page read and write
|
||
|
1736000
|
heap
|
page read and write
|
||
|
595C000
|
stack
|
page read and write
|
||
|
1A70000
|
trusted library allocation
|
page read and write
|
||
|
2942000
|
trusted library allocation
|
page read and write
|
||
|
50A0000
|
trusted library allocation
|
page read and write
|
||
|
EB0000
|
trusted library allocation
|
page read and write
|
||
|
1620000
|
trusted library allocation
|
page read and write
|
||
|
5360000
|
heap
|
page read and write
|
||
|
F6A000
|
heap
|
page read and write
|
||
|
551D000
|
stack
|
page read and write
|
||
|
68FF000
|
stack
|
page read and write
|
||
|
17E4000
|
heap
|
page read and write
|
||
|
6E10000
|
trusted library section
|
page read and write
|
||
|
738E000
|
stack
|
page read and write
|
||
|
728E000
|
stack
|
page read and write
|
||
|
674E000
|
stack
|
page read and write
|
||
|
2B7A000
|
stack
|
page read and write
|
||
|
4DE0000
|
trusted library allocation
|
page read and write
|
||
|
15FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
ED0000
|
trusted library allocation
|
page read and write
|
||
|
34FA000
|
trusted library allocation
|
page read and write
|
||
|
341E000
|
stack
|
page read and write
|
||
|
8360000
|
heap
|
page read and write
|
||
|
456E000
|
trusted library allocation
|
page read and write
|
||
|
43A000
|
remote allocation
|
page execute and read and write
|
||
|
FA8000
|
heap
|
page read and write
|
||
|
6CE0000
|
heap
|
page read and write
|
||
|
7980000
|
heap
|
page read and write
|
||
|
5150000
|
trusted library allocation
|
page read and write
|
||
|
29E6000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
556C000
|
stack
|
page read and write
|
||
|
844A000
|
heap
|
page read and write
|
||
|
4421000
|
trusted library allocation
|
page read and write
|
||
|
941D000
|
heap
|
page read and write
|
||
|
976E000
|
trusted library allocation
|
page read and write
|
||
|
5116000
|
trusted library allocation
|
page read and write
|
||
|
4EB3000
|
heap
|
page read and write
|
||
|
273E000
|
stack
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
E67000
|
heap
|
page read and write
|
||
|
8EBD000
|
stack
|
page read and write
|
||
|
2B70000
|
trusted library allocation
|
page execute and read and write
|
||
|
40B000
|
remote allocation
|
page execute and read and write
|
||
|
62D7000
|
heap
|
page read and write
|
||
|
3010000
|
heap
|
page read and write
|
||
|
D05000
|
heap
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
797F000
|
stack
|
page read and write
|
||
|
1650000
|
trusted library allocation
|
page execute and read and write
|
||
|
EF5000
|
trusted library allocation
|
page execute and read and write
|
||
|
26CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D2E000
|
heap
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
5630000
|
heap
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
53A0000
|
trusted library section
|
page readonly
|
||
|
29BE000
|
unkown
|
page read and write
|
||
|
51F0000
|
heap
|
page read and write
|
||
|
295B000
|
trusted library allocation
|
page execute and read and write
|
||
|
8BBF000
|
stack
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
7170000
|
heap
|
page read and write
|
||
|
5044000
|
trusted library allocation
|
page read and write
|
||
|
8378000
|
heap
|
page read and write
|
||
|
690C000
|
stack
|
page read and write
|
||
|
5220000
|
heap
|
page read and write
|
||
|
7080000
|
trusted library allocation
|
page read and write
|
||
|
4748000
|
trusted library allocation
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
3656000
|
trusted library allocation
|
page read and write
|
||
|
8372000
|
heap
|
page read and write
|
||
|
A3A000
|
stack
|
page read and write
|
||
|
40D000
|
remote allocation
|
page execute and read and write
|
||
|
28B1000
|
trusted library allocation
|
page read and write
|
||
|
EDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
160D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
35FB000
|
trusted library allocation
|
page read and write
|
||
|
5210000
|
trusted library allocation
|
page read and write
|
||
|
4608000
|
trusted library allocation
|
page read and write
|
||
|
7130000
|
trusted library allocation
|
page execute and read and write
|
||
|
15F4000
|
trusted library allocation
|
page read and write
|
||
|
660E000
|
stack
|
page read and write
|
||
|
40C000
|
remote allocation
|
page execute and read and write
|
||
|
6C3C000
|
heap
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
CA7000
|
heap
|
page read and write
|
||
|
301A000
|
heap
|
page read and write
|
||
|
5183000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
EEA000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A80000
|
heap
|
page read and write
|
||
|
5320000
|
trusted library allocation
|
page read and write
|
||
|
EE2000
|
trusted library allocation
|
page read and write
|
||
|
6E00000
|
trusted library section
|
page read and write
|
||
|
9445000
|
heap
|
page read and write
|
||
|
2FDF000
|
stack
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
409000
|
remote allocation
|
page execute and read and write
|
||
|
50FB000
|
trusted library allocation
|
page read and write
|
||
|
50D0000
|
trusted library allocation
|
page read and write
|
||
|
1A10000
|
trusted library allocation
|
page read and write
|
||
|
4E90000
|
trusted library allocation
|
page read and write
|
||
|
EF2000
|
trusted library allocation
|
page read and write
|
||
|
7260000
|
trusted library allocation
|
page read and write
|
||
|
1AE0000
|
heap
|
page execute and read and write
|
||
|
43A2000
|
trusted library allocation
|
page read and write
|
||
|
1009000
|
heap
|
page read and write
|
||
|
5240000
|
heap
|
page read and write
|
||
|
6EFD000
|
stack
|
page read and write
|
||
|
5650000
|
heap
|
page read and write
|
||
|
E7E000
|
stack
|
page read and write
|
||
|
83DF000
|
heap
|
page read and write
|
||
|
6F7C000
|
stack
|
page read and write
|
||
|
5072000
|
trusted library allocation
|
page read and write
|
||
|
1610000
|
trusted library allocation
|
page read and write
|
||
|
6F6E000
|
trusted library allocation
|
page read and write
|
||
|
6EFD000
|
stack
|
page read and write
|
||
|
2946000
|
trusted library allocation
|
page execute and read and write
|
||
|
5977000
|
heap
|
page read and write
|
||
|
5090000
|
heap
|
page execute and read and write
|
||
|
5350000
|
heap
|
page read and write
|
||
|
516C000
|
stack
|
page read and write
|
||
|
637C000
|
heap
|
page read and write
|
||
|
404000
|
remote allocation
|
page execute and read and write
|
||
|
50F0000
|
trusted library allocation
|
page read and write
|
||
|
5CDC000
|
stack
|
page read and write
|
||
|
43E7000
|
trusted library allocation
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
32E0000
|
heap
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
1011000
|
heap
|
page read and write
|
||
|
443F000
|
trusted library allocation
|
page read and write
|
||
|
5122000
|
trusted library allocation
|
page read and write
|
||
|
513D000
|
trusted library allocation
|
page read and write
|
||
|
2E41000
|
trusted library allocation
|
page read and write
|
||
|
842B000
|
heap
|
page read and write
|
||
|
6F1F000
|
stack
|
page read and write
|
||
|
650E000
|
stack
|
page read and write
|
||
|
4A4C000
|
stack
|
page read and write
|
||
|
83BD000
|
heap
|
page read and write
|
||
|
3421000
|
trusted library allocation
|
page read and write
|
||
|
435000
|
remote allocation
|
page execute and read and write
|
||
|
4E70000
|
trusted library allocation
|
page read and write
|
||
|
5DDD000
|
stack
|
page read and write
|
||
|
6BDE000
|
stack
|
page read and write
|
||
|
369E000
|
trusted library allocation
|
page read and write
|
||
|
635D000
|
heap
|
page read and write
|
||
|
4E60000
|
heap
|
page read and write
|
||
|
4318000
|
trusted library allocation
|
page read and write
|
||
|
1A76000
|
trusted library allocation
|
page read and write
|
||
|
1808000
|
trusted library allocation
|
page read and write
|
||
|
7070000
|
trusted library allocation
|
page read and write
|
||
|
72CE000
|
stack
|
page read and write
|
||
|
6F60000
|
trusted library allocation
|
page read and write
|
||
|
1775000
|
heap
|
page read and write
|
||
|
46E8000
|
trusted library allocation
|
page read and write
|
||
|
4DBD000
|
trusted library allocation
|
page read and write
|
||
|
77ED000
|
stack
|
page read and write
|
||
|
6B40000
|
heap
|
page read and write
|
||
|
420000
|
remote allocation
|
page execute and read and write
|
||
|
294A000
|
trusted library allocation
|
page execute and read and write
|
||
|
FE90000
|
trusted library allocation
|
page read and write
|
||
|
8FAC000
|
stack
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
B37000
|
stack
|
page read and write
|
||
|
CB4000
|
heap
|
page read and write
|
||
|
5139000
|
trusted library allocation
|
page read and write
|
||
|
706E000
|
stack
|
page read and write
|
||
|
EDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
8452000
|
heap
|
page read and write
|
||
|
7F690000
|
trusted library allocation
|
page execute and read and write
|
||
|
6CFF000
|
heap
|
page read and write
|
||
|
448A000
|
trusted library allocation
|
page read and write
|
||
|
1708000
|
heap
|
page read and write
|
||
|
3B99000
|
trusted library allocation
|
page read and write
|
||
|
5061000
|
trusted library allocation
|
page read and write
|
||
|
29AE000
|
trusted library allocation
|
page read and write
|
||
|
4DAE000
|
trusted library allocation
|
page read and write
|
||
|
3608000
|
trusted library allocation
|
page read and write
|
||
|
3CBA000
|
trusted library allocation
|
page read and write
|
||
|
5132000
|
trusted library allocation
|
page read and write
|
||
|
1797000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
66FB000
|
stack
|
page read and write
|
||
|
50F0000
|
trusted library section
|
page readonly
|
||
|
45E8000
|
trusted library allocation
|
page read and write
|
||
|
6AD0000
|
trusted library allocation
|
page read and write
|
||
|
99A0000
|
trusted library allocation
|
page read and write
|
||
|
45B8000
|
trusted library allocation
|
page read and write
|
||
|
2880000
|
trusted library allocation
|
page execute and read and write
|
||
|
161A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3739000
|
trusted library allocation
|
page read and write
|
||
|
883D000
|
stack
|
page read and write
|
||
|
1A42000
|
trusted library allocation
|
page read and write
|
||
|
7074000
|
trusted library allocation
|
page read and write
|
||
|
78EE000
|
stack
|
page read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
2C11000
|
trusted library allocation
|
page read and write
|
||
|
974C000
|
stack
|
page read and write
|
||
|
841F000
|
heap
|
page read and write
|
||
|
F10000
|
trusted library allocation
|
page read and write
|
||
|
B5A000
|
heap
|
page read and write
|
||
|
4483000
|
trusted library allocation
|
page read and write
|
||
|
DE7000
|
heap
|
page read and write
|
||
|
C7F000
|
stack
|
page read and write
|
||
|
6F3F000
|
stack
|
page read and write
|
||
|
5070000
|
trusted library allocation
|
page read and write
|
||
|
1640000
|
trusted library allocation
|
page read and write
|
||
|
8417000
|
heap
|
page read and write
|
||
|
51AE000
|
stack
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
28A0000
|
heap
|
page execute and read and write
|
||
|
93BE000
|
stack
|
page read and write
|
||
|
11F0000
|
trusted library allocation
|
page read and write
|
||
|
8382000
|
heap
|
page read and write
|
||
|
112A000
|
stack
|
page read and write
|
||
|
4D90000
|
trusted library allocation
|
page read and write
|
||
|
427000
|
remote allocation
|
page execute and read and write
|
||
|
984C000
|
stack
|
page read and write
|
||
|
CFE000
|
stack
|
page read and write
|
||
|
7060000
|
trusted library allocation
|
page execute and read and write
|
||
|
69F0000
|
heap
|
page read and write
|
||
|
9390000
|
heap
|
page read and write
|
||
|
4DC2000
|
trusted library allocation
|
page read and write
|
||
|
8BFE000
|
stack
|
page read and write
|
||
|
6C7E000
|
stack
|
page read and write
|
||
|
5610000
|
heap
|
page read and write
|
||
|
7F5A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
539C000
|
stack
|
page read and write
|
||
|
3471000
|
trusted library allocation
|
page read and write
|
||
|
50F0000
|
heap
|
page read and write
|
||
|
717C000
|
stack
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
18A0000
|
trusted library allocation
|
page read and write
|
||
|
2B80000
|
heap
|
page execute and read and write
|
||
|
B92000
|
heap
|
page read and write
|
||
|
4CCB000
|
stack
|
page read and write
|
||
|
6FB0000
|
trusted library allocation
|
page read and write
|
||
|
5A90000
|
heap
|
page read and write
|
||
|
680B000
|
stack
|
page read and write
|
||
|
1A5D000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
trusted library allocation
|
page read and write
|
||
|
4648000
|
trusted library allocation
|
page read and write
|
||
|
1A80000
|
trusted library allocation
|
page read and write
|
||
|
50A5000
|
trusted library allocation
|
page read and write
|
||
|
922E000
|
stack
|
page read and write
|
||
|
5111000
|
trusted library allocation
|
page read and write
|
||
|
2E19000
|
trusted library allocation
|
page read and write
|
||
|
91EE000
|
stack
|
page read and write
|
||
|
4628000
|
trusted library allocation
|
page read and write
|
||
|
1A4E000
|
trusted library allocation
|
page read and write
|
||
|
2970000
|
heap
|
page read and write
|
||
|
4E00000
|
trusted library allocation
|
page read and write
|
||
|
556E000
|
stack
|
page read and write
|
||
|
6CDF000
|
stack
|
page read and write
|
||
|
72D0000
|
heap
|
page read and write
|
||
|
94D7000
|
heap
|
page read and write
|
||
|
2C41000
|
trusted library allocation
|
page read and write
|
||
|
70FB000
|
stack
|
page read and write
|
||
|
EF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A3B000
|
trusted library allocation
|
page read and write
|
||
|
5030000
|
trusted library allocation
|
page read and write
|
||
|
6A00000
|
trusted library allocation
|
page read and write
|
||
|
18E7000
|
heap
|
page read and write
|
||
|
839C000
|
heap
|
page read and write
|
||
|
283F000
|
stack
|
page read and write
|
||
|
2F0E000
|
unkown
|
page read and write
|
||
|
192F000
|
stack
|
page read and write
|
||
|
EFB000
|
trusted library allocation
|
page execute and read and write
|
||
|
913E000
|
stack
|
page read and write
|
||
|
B5E000
|
heap
|
page read and write
|
||
|
E2E000
|
stack
|
page read and write
|
||
|
4DAD000
|
stack
|
page read and write
|
||
|
52F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
B5E000
|
stack
|
page read and write
|
||
|
4768000
|
trusted library allocation
|
page read and write
|
||
|
2933000
|
trusted library allocation
|
page read and write
|
||
|
6E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
8A3D000
|
stack
|
page read and write
|
||
|
1A30000
|
trusted library allocation
|
page read and write
|
||
|
1AC0000
|
heap
|
page execute and read and write
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
1A74000
|
trusted library allocation
|
page read and write
|
||
|
5730000
|
trusted library allocation
|
page execute and read and write
|
||
|
CBE000
|
stack
|
page read and write
|
||
|
41D000
|
remote allocation
|
page execute and read and write
|
||
|
5230000
|
heap
|
page read and write
|
||
|
8E3E000
|
stack
|
page read and write
|
||
|
2DEB000
|
trusted library allocation
|
page read and write
|
||
|
2DEB000
|
heap
|
page read and write
|
||
|
16BE000
|
stack
|
page read and write
|
||
|
5170000
|
heap
|
page execute and read and write
|
||
|
57DD000
|
trusted library allocation
|
page read and write
|
||
|
1627000
|
trusted library allocation
|
page execute and read and write
|
||
|
E9E000
|
stack
|
page read and write
|
||
|
424000
|
remote allocation
|
page execute and read and write
|
||
|
843C000
|
heap
|
page read and write
|
||
|
7070000
|
trusted library section
|
page read and write
|
||
|
1733000
|
heap
|
page read and write
|
||
|
57C0000
|
trusted library allocation
|
page read and write
|
||
|
E50000
|
trusted library allocation
|
page read and write
|
||
|
4D94000
|
trusted library allocation
|
page read and write
|
||
|
1700000
|
heap
|
page read and write
|
||
|
3107000
|
trusted library allocation
|
page read and write
|
||
|
10BE000
|
stack
|
page read and write
|
||
|
923F000
|
stack
|
page read and write
|
||
|
5074000
|
trusted library allocation
|
page read and write
|
||
|
30C7000
|
trusted library allocation
|
page read and write
|
||
|
1120000
|
trusted library allocation
|
page read and write
|
||
|
8260000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
107E000
|
stack
|
page read and write
|
||
|
2B91000
|
trusted library allocation
|
page read and write
|
||
|
6CEB000
|
heap
|
page read and write
|
||
|
988E000
|
stack
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
1B70000
|
heap
|
page read and write
|
||
|
6E7E000
|
stack
|
page read and write
|
||
|
576E000
|
stack
|
page read and write
|
||
|
3C39000
|
trusted library allocation
|
page read and write
|
||
|
F8F000
|
stack
|
page read and write
|
||
|
2E90000
|
trusted library allocation
|
page read and write
|
||
|
B1E000
|
stack
|
page read and write
|
||
|
2DF8000
|
trusted library allocation
|
page read and write
|
||
|
2F8B000
|
trusted library allocation
|
page read and write
|
||
|
694C000
|
stack
|
page read and write
|
||
|
727E000
|
stack
|
page read and write
|
||
|
8435000
|
heap
|
page read and write
|
||
|
2D4F000
|
stack
|
page read and write
|
||
|
604D000
|
stack
|
page read and write
|
||
|
4DA0000
|
trusted library allocation
|
page read and write
|
||
|
5050000
|
trusted library allocation
|
page read and write
|
||
|
B75000
|
heap
|
page read and write
|
||
|
3948000
|
trusted library allocation
|
page read and write
|
||
|
7090000
|
heap
|
page read and write
|
||
|
8486000
|
heap
|
page read and write
|
||
|
2BD9000
|
trusted library allocation
|
page read and write
|
||
|
2D0E000
|
stack
|
page read and write
|
||
|
6361000
|
heap
|
page read and write
|
||
|
4C18000
|
trusted library allocation
|
page read and write
|
||
|
7113000
|
trusted library allocation
|
page read and write
|
||
|
94B0000
|
heap
|
page read and write
|
||
|
5180000
|
heap
|
page read and write
|
||
|
2C48000
|
trusted library allocation
|
page read and write
|
||
|
1670000
|
heap
|
page read and write
|
||
|
73F2000
|
trusted library allocation
|
page read and write
|
||
|
8499000
|
heap
|
page read and write
|
||
|
624B000
|
stack
|
page read and write
|
||
|
4DD0000
|
trusted library allocation
|
page read and write
|
||
|
7080000
|
heap
|
page read and write
|
||
|
15F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
83E4000
|
heap
|
page read and write
|
||
|
108E000
|
stack
|
page read and write
|
||
|
2C56000
|
trusted library allocation
|
page read and write
|
||
|
9DF0000
|
trusted library allocation
|
page read and write
|
||
|
2EC3000
|
trusted library allocation
|
page read and write
|
||
|
8ABE000
|
stack
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
EE0000
|
trusted library allocation
|
page read and write
|
||
|
9330000
|
trusted library allocation
|
page read and write
|
||
|
29BE000
|
stack
|
page read and write
|
||
|
1622000
|
trusted library allocation
|
page read and write
|
||
|
1A56000
|
trusted library allocation
|
page read and write
|
||
|
2B1D000
|
trusted library allocation
|
page read and write
|
||
|
E88000
|
heap
|
page read and write
|
||
|
6384000
|
heap
|
page read and write
|
||
|
EF2000
|
trusted library allocation
|
page read and write
|
||
|
6350000
|
heap
|
page read and write
|
||
|
438000
|
remote allocation
|
page execute and read and write
|
||
|
1B2C000
|
stack
|
page read and write
|
||
|
F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E1E000
|
stack
|
page read and write
|
||
|
EF7000
|
trusted library allocation
|
page execute and read and write
|
||
|
15F0000
|
trusted library allocation
|
page read and write
|
||
|
505E000
|
trusted library allocation
|
page read and write
|
||
|
EE3000
|
trusted library allocation
|
page read and write
|
||
|
C8E000
|
heap
|
page read and write
|
||
|
837C000
|
heap
|
page read and write
|
||
|
436000
|
remote allocation
|
page execute and read and write
|
||
|
7266000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
trusted library allocation
|
page read and write
|
||
|
6046000
|
trusted library allocation
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
434000
|
remote allocation
|
page execute and read and write
|
||
|
4BCC000
|
stack
|
page read and write
|
||
|
6B30000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C9A000
|
trusted library allocation
|
page read and write
|
||
|
F77000
|
heap
|
page read and write
|
||
|
1660000
|
trusted library allocation
|
page read and write
|
||
|
62A5000
|
heap
|
page read and write
|
||
|
6BEB000
|
heap
|
page read and write
|
||
|
6290000
|
heap
|
page read and write
|
||
|
2BCE000
|
stack
|
page read and write
|
||
|
83A2000
|
heap
|
page read and write
|
||
|
4E7D000
|
trusted library allocation
|
page read and write
|
||
|
7FA90000
|
trusted library allocation
|
page execute and read and write
|
||
|
758E000
|
stack
|
page read and write
|
||
|
2957000
|
trusted library allocation
|
page execute and read and write
|
||
|
8890000
|
heap
|
page read and write
|
||
|
798A000
|
heap
|
page read and write
|
||
|
2C35000
|
trusted library allocation
|
page read and write
|
||
|
3B91000
|
trusted library allocation
|
page read and write
|
||
|
2930000
|
trusted library allocation
|
page read and write
|
||
|
E70000
|
trusted library allocation
|
page read and write
|
||
|
4DC0000
|
trusted library allocation
|
page read and write
|
||
|
117E000
|
stack
|
page read and write
|
||
|
57C3000
|
trusted library allocation
|
page read and write
|
||
|
94BA000
|
heap
|
page read and write
|
||
|
ECD000
|
trusted library allocation
|
page execute and read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
4449000
|
trusted library allocation
|
page read and write
|
||
|
5040000
|
trusted library allocation
|
page read and write
|
||
|
55F0000
|
trusted library allocation
|
page read and write
|
||
|
4435000
|
trusted library allocation
|
page read and write
|
||
|
ED3000
|
trusted library allocation
|
page execute and read and write
|
||
|
4668000
|
trusted library allocation
|
page read and write
|
||
|
566E000
|
stack
|
page read and write
|
||
|
927D000
|
stack
|
page read and write
|
||
|
70A0000
|
heap
|
page read and write
|
||
|
2940000
|
trusted library allocation
|
page read and write
|
||
|
69A000
|
stack
|
page read and write
|
||
|
428000
|
remote allocation
|
page execute and read and write
|
||
|
6F50000
|
trusted library allocation
|
page execute and read and write
|
||
|
83AD000
|
heap
|
page read and write
|
||
|
162B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6990000
|
trusted library allocation
|
page read and write
|
||
|
6C2A000
|
heap
|
page read and write
|
||
|
52DE000
|
stack
|
page read and write
|
||
|
3799000
|
trusted library allocation
|
page read and write
|
||
|
57D3000
|
trusted library allocation
|
page read and write
|
||
|
3C7A000
|
trusted library allocation
|
page read and write
|
||
|
84CD000
|
heap
|
page read and write
|
||
|
3651000
|
trusted library allocation
|
page read and write
|
||
|
4422000
|
trusted library allocation
|
page read and write
|
||
|
6030000
|
trusted library allocation
|
page read and write
|
||
|
939D000
|
heap
|
page read and write
|
||
|
C4C000
|
heap
|
page read and write
|
||
|
6DBE000
|
stack
|
page read and write
|
||
|
403000
|
remote allocation
|
page execute and read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
4DF0000
|
trusted library allocation
|
page read and write
|
||
|
C8A000
|
heap
|
page read and write
|
||
|
5960000
|
heap
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
17BC000
|
heap
|
page read and write
|
||
|
5010000
|
heap
|
page read and write
|
||
|
6C0000
|
unkown
|
page readonly
|
||
|
45C8000
|
trusted library allocation
|
page read and write
|
||
|
44A1000
|
trusted library allocation
|
page read and write
|
||
|
7190000
|
trusted library allocation
|
page read and write
|
||
|
70B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
69A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
90ED000
|
stack
|
page read and write
|
||
|
E74000
|
trusted library allocation
|
page read and write
|
||
|
2E26000
|
trusted library allocation
|
page read and write
|
||
|
6EBE000
|
stack
|
page read and write
|
||
|
48D0000
|
trusted library allocation
|
page read and write
|
||
|
93B1000
|
heap
|
page read and write
|
||
|
99A000
|
stack
|
page read and write
|
||
|
2D50000
|
heap
|
page read and write
|
||
|
14F8000
|
stack
|
page read and write
|
||
|
2952000
|
trusted library allocation
|
page read and write
|
||
|
3C11000
|
trusted library allocation
|
page read and write
|
||
|
664E000
|
stack
|
page read and write
|
||
|
5102000
|
trusted library allocation
|
page read and write
|
||
|
1675000
|
heap
|
page read and write
|
||
|
8D3E000
|
stack
|
page read and write
|
||
|
2A2D000
|
stack
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
84D1000
|
heap
|
page read and write
|
||
|
53C0000
|
heap
|
page read and write
|
||
|
706E000
|
stack
|
page read and write
|
||
|
402000
|
remote allocation
|
page execute and read and write
|
||
|
6F6E000
|
stack
|
page read and write
|
||
|
8F30000
|
heap
|
page read and write
|
||
|
118E000
|
stack
|
page read and write
|
||
|
2E38000
|
trusted library allocation
|
page read and write
|
||
|
1B6E000
|
stack
|
page read and write
|
||
|
5E8C000
|
stack
|
page read and write
|
||
|
4E20000
|
trusted library allocation
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
7250000
|
trusted library allocation
|
page execute and read and write
|
||
|
93F1000
|
heap
|
page read and write
|
||
|
838E000
|
heap
|
page read and write
|
||
|
7350000
|
heap
|
page read and write
|
||
|
937E000
|
stack
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
29D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
93BC000
|
heap
|
page read and write
|
||
|
EC4000
|
trusted library allocation
|
page read and write
|
||
|
6FAE000
|
stack
|
page read and write
|
||
|
A3D0000
|
trusted library section
|
page read and write
|
||
|
6D7E000
|
stack
|
page read and write
|
||
|
29FF000
|
unkown
|
page read and write
|
||
|
2F5F000
|
unkown
|
page read and write
|
||
|
4DA4000
|
trusted library allocation
|
page read and write
|
||
|
6C27000
|
heap
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
CF9000
|
stack
|
page read and write
|
||
|
18B0000
|
heap
|
page read and write
|
||
|
6C2C000
|
heap
|
page read and write
|
||
|
5A94000
|
heap
|
page read and write
|
||
|
196C000
|
stack
|
page read and write
|
||
|
7120000
|
trusted library allocation
|
page read and write
|
||
|
BFC000
|
heap
|
page read and write
|
||
|
8CFE000
|
stack
|
page read and write
|
||
|
94FE000
|
stack
|
page read and write
|
||
|
439000
|
remote allocation
|
page execute and read and write
|
||
|
ED0000
|
trusted library allocation
|
page read and write
|
||
|
2970000
|
trusted library allocation
|
page read and write
|
||
|
600B000
|
stack
|
page read and write
|
||
|
5130000
|
trusted library allocation
|
page read and write
|
||
|
8EC0000
|
heap
|
page read and write
|
||
|
B8F000
|
heap
|
page read and write
|
||
|
1616000
|
trusted library allocation
|
page execute and read and write
|
||
|
90AC000
|
stack
|
page read and write
|
||
|
D45000
|
heap
|
page read and write
|
||
|
797000
|
stack
|
page read and write
|
||
|
ED4000
|
trusted library allocation
|
page read and write
|
||
|
5ECC000
|
stack
|
page read and write
|
||
|
41A3000
|
trusted library allocation
|
page read and write
|
||
|
2E46000
|
trusted library allocation
|
page read and write
|
||
|
437000
|
remote allocation
|
page execute and read and write
|
||
|
EF0000
|
trusted library allocation
|
page read and write
|
||
|
74FC000
|
stack
|
page read and write
|
||
|
3915000
|
trusted library allocation
|
page read and write
|
||
|
53B0000
|
heap
|
page read and write
|
||
|
707C000
|
stack
|
page read and write
|
||
|
1A51000
|
trusted library allocation
|
page read and write
|
||
|
38D9000
|
trusted library allocation
|
page read and write
|
||
|
748E000
|
stack
|
page read and write
|
||
|
EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
48D8000
|
trusted library allocation
|
page read and write
|
||
|
7194000
|
trusted library allocation
|
page read and write
|
||
|
6B92000
|
heap
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page execute and read and write
|
||
|
1204000
|
trusted library allocation
|
page read and write
|
||
|
787E000
|
stack
|
page read and write
|
||
|
5345000
|
heap
|
page read and write
|
||
|
7103000
|
trusted library allocation
|
page read and write
|
||
|
4E72000
|
trusted library allocation
|
page read and write
|
||
|
2B3D000
|
stack
|
page read and write
|
||
|
84AD000
|
heap
|
page read and write
|
||
|
8840000
|
heap
|
page read and write
|
||
|
19F0000
|
trusted library allocation
|
page read and write
|
||
|
5090000
|
trusted library allocation
|
page read and write
|
||
|
2C92000
|
trusted library allocation
|
page read and write
|
||
|
67CE000
|
stack
|
page read and write
|
||
|
88A0000
|
heap
|
page read and write
|
||
|
533E000
|
stack
|
page read and write
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
1600000
|
trusted library allocation
|
page read and write
|
||
|
3629000
|
trusted library allocation
|
page read and write
|
||
|
2F9E000
|
stack
|
page read and write
|
||
|
2D06000
|
trusted library allocation
|
page read and write
|
||
|
4728000
|
trusted library allocation
|
page read and write
|
||
|
77C000
|
unkown
|
page readonly
|
||
|
491D000
|
stack
|
page read and write
|
||
|
6CF0000
|
heap
|
page read and write
|
||
|
6AA0000
|
heap
|
page read and write
|
||
|
15E0000
|
trusted library allocation
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
28BD000
|
stack
|
page read and write
|
||
|
F74000
|
heap
|
page read and write
|
||
|
1612000
|
trusted library allocation
|
page read and write
|
||
|
734E000
|
stack
|
page read and write
|
||
|
38B9000
|
trusted library allocation
|
page read and write
|
||
|
5340000
|
heap
|
page read and write
|
||
|
423000
|
remote allocation
|
page execute and read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
FB5000
|
heap
|
page read and write
|
||
|
4DB7000
|
trusted library allocation
|
page read and write
|
||
|
EC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7EE70000
|
trusted library allocation
|
page execute and read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
6900000
|
heap
|
page read and write
|
||
|
428E000
|
trusted library allocation
|
page read and write
|
||
|
2B6E000
|
stack
|
page read and write
|
||
|
83CA000
|
heap
|
page read and write
|
||
|
40A000
|
remote allocation
|
page execute and read and write
|
||
|
E73000
|
trusted library allocation
|
page execute and read and write
|
||
|
57AC000
|
stack
|
page read and write
|
||
|
5F9B000
|
stack
|
page read and write
|
||
|
11CE000
|
stack
|
page read and write
|
||
|
6A20000
|
trusted library allocation
|
page execute and read and write
|
||
|
702D000
|
stack
|
page read and write
|
||
|
83A8000
|
heap
|
page read and write
|
||
|
5720000
|
trusted library allocation
|
page read and write
|
||
|
5125000
|
trusted library allocation
|
page read and write
|
||
|
510E000
|
trusted library allocation
|
page read and write
|
||
|
8363000
|
heap
|
page read and write
|
||
|
41F000
|
remote allocation
|
page execute and read and write
|
||
|
26E0000
|
trusted library allocation
|
page read and write
|
||
|
1130000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DD6000
|
trusted library allocation
|
page read and write
|
||
|
5060000
|
heap
|
page read and write
|
||
|
293D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6B6C000
|
heap
|
page read and write
|
||
|
5340000
|
trusted library allocation
|
page execute and read and write
|
||
|
3BB9000
|
trusted library allocation
|
page read and write
|
||
|
405000
|
remote allocation
|
page execute and read and write
|
||
|
6323000
|
heap
|
page read and write
|
||
|
720E000
|
stack
|
page read and write
|
||
|
5FDD000
|
stack
|
page read and write
|
||
|
E55000
|
heap
|
page read and write
|
||
|
4E80000
|
trusted library allocation
|
page execute and read and write
|
||
|
5615000
|
heap
|
page read and write
|
||
|
8ED0000
|
heap
|
page read and write
|
||
|
5EEE000
|
stack
|
page read and write
|
||
|
B77000
|
heap
|
page read and write
|
||
|
6E30000
|
trusted library allocation
|
page read and write
|
||
|
50FE000
|
trusted library allocation
|
page read and write
|
||
|
83C5000
|
heap
|
page read and write
|
||
|
7240000
|
heap
|
page read and write
|
||
|
7AFE000
|
stack
|
page read and write
|
||
|
5070000
|
trusted library allocation
|
page read and write
|
||
|
E1E000
|
stack
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
7340000
|
heap
|
page read and write
|
||
|
90FE000
|
stack
|
page read and write
|
||
|
EFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
5FCE000
|
stack
|
page read and write
|
||
|
2CC0000
|
trusted library allocation
|
page read and write
|
||
|
7180000
|
heap
|
page read and write
|
||
|
51E0000
|
heap
|
page execute and read and write
|
||
|
5140000
|
trusted library allocation
|
page execute and read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
346D000
|
trusted library allocation
|
page read and write
|
||
|
614E000
|
stack
|
page read and write
|
||
|
6C2000
|
unkown
|
page readonly
|
||
|
2890000
|
trusted library allocation
|
page read and write
|
||
|
1A20000
|
trusted library allocation
|
page execute and read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
45D8000
|
trusted library allocation
|
page read and write
|
||
|
1625000
|
trusted library allocation
|
page execute and read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
2C00000
|
heap
|
page execute and read and write
|
||
|
421000
|
remote allocation
|
page execute and read and write
|
||
|
4E79000
|
trusted library allocation
|
page read and write
|
||
|
EED000
|
trusted library allocation
|
page execute and read and write
|
||
|
998E000
|
stack
|
page read and write
|
||
|
172A000
|
heap
|
page read and write
|
||
|
2C5A000
|
trusted library allocation
|
page read and write
|
||
|
93DC000
|
heap
|
page read and write
|
||
|
57D0000
|
trusted library allocation
|
page read and write
|
||
|
9476000
|
heap
|
page read and write
|
||
|
48D6000
|
trusted library allocation
|
page read and write
|
||
|
506D000
|
trusted library allocation
|
page read and write
|
||
|
8397000
|
heap
|
page read and write
|
||
|
2DFD000
|
trusted library allocation
|
page read and write
|
||
|
7100000
|
trusted library allocation
|
page read and write
|
||
|
16FC000
|
stack
|
page read and write
|
||
|
5224000
|
heap
|
page read and write
|
||
|
3519000
|
trusted library allocation
|
page read and write
|
||
|
2CA5000
|
trusted library allocation
|
page read and write
|
||
|
50EB000
|
stack
|
page read and write
|
||
|
5066000
|
trusted library allocation
|
page read and write
|
||
|
4DD4000
|
trusted library allocation
|
page read and write
|
||
|
41E000
|
remote allocation
|
page execute and read and write
|
||
|
1A3E000
|
trusted library allocation
|
page read and write
|
||
|
7359000
|
heap
|
page read and write
|
||
|
5120000
|
heap
|
page read and write
|
||
|
4520000
|
trusted library allocation
|
page read and write
|
||
|
4DB1000
|
trusted library allocation
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
345F000
|
trusted library allocation
|
page read and write
|
||
|
1227000
|
heap
|
page read and write
|
||
|
7ABF000
|
stack
|
page read and write
|
||
|
422000
|
remote allocation
|
page execute and read and write
|
||
|
19AE000
|
stack
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
8270000
|
heap
|
page read and write
|
||
|
7360000
|
trusted library allocation
|
page read and write
|
||
|
678E000
|
stack
|
page read and write
|
||
|
6040000
|
trusted library allocation
|
page read and write
|
||
|
18C0000
|
heap
|
page read and write
|
||
|
28F9000
|
stack
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
29E0000
|
trusted library allocation
|
page read and write
|
||
|
72C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5970000
|
heap
|
page read and write
|
||
|
90BD000
|
stack
|
page read and write
|
||
|
4DF5000
|
trusted library allocation
|
page read and write
|
||
|
26F0000
|
heap
|
page read and write
|
||
|
94BE000
|
stack
|
page read and write
|
||
|
26C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
711E000
|
trusted library allocation
|
page read and write
|
There are 728 hidden memdumps, click here to show them.