Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
hesaphareketi-01.pdf.SCR.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x10f7c474, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\cbsBVT.exe.log
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\hesaphareketi-01.pdf.SCR.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gjzmj1vw.pxj.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gvhm5xf5.uqc.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_py0uxfau.tk4.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xlcbossz.gmt.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\cbsBVT\cbsBVT.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
modified
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\hesaphareketi-01.pdf.SCR.exe
|
"C:\Users\user\Desktop\hesaphareketi-01.pdf.SCR.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"Powershell.exe" ??????????-??????????E??????????x??????????e??????????c??????????u??????????t??????????i??????????o??????????n??????????P??????????o??????????l??????????i??????????c??????????y??????????
??????????B??????????y??????????p??????????a??????????s??????????s?????????? ??????????-??????????c??????????o??????????m??????????m??????????a??????????n??????????d
?????????C?????????o?????????p?????????y?????????-?????????I?????????t?????????e?????????m 'C:\Users\user\Desktop\hesaphareketi-01.pdf.SCR.exe'
'C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tt.exe'
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\cbsBVT\cbsBVT.exe
|
"C:\Users\user\AppData\Roaming\cbsBVT\cbsBVT.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\cbsBVT\cbsBVT.exe
|
"C:\Users\user\AppData\Roaming\cbsBVT\cbsBVT.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
https://aka..winsvrxd
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2.C:
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://go.micros
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
https://g.live.com/odclientsettings/Prod.C:
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
https://api.ipify.org
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
||
|
https://g.live.com/1rewlive5skydrive/OneDriveProductionV2?OneDriveUpdate=9c123752e31a927b78dc96231b6
|
unknown
|
||
|
https://api.ipify.org/
|
104.26.12.205
|
||
|
http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt0#
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
https://aka.ms/winsvr-2022-pshelp
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
http://ocsp.sectigo.com0-
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
https://github.com/sam210723/goesrecv-monitor/releases/latest
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2?OneDriveUpdate=f359a5df14f97b6802371976c96
|
unknown
|
||
|
http://business29.web-hosting.com
|
unknown
|
||
|
https://vksdr.com/goesrecv-monitor
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
There are 46 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
api.ipify.org
|
104.26.12.205
|
||
|
business29.web-hosting.com
|
198.54.114.199
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
198.54.114.199
|
business29.web-hosting.com
|
United States
|
||
|
104.26.12.205
|
api.ipify.org
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
cbsBVT
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
There are 7 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3739000
|
trusted library allocation
|
page read and write
|
|
|
|
2EA4000
|
trusted library allocation
|
page read and write
|
|
|
|
2E9C000
|
trusted library allocation
|
page read and write
|
|
|
|
2E71000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
773E000
|
stack
|
page read and write
|
||
|
4BF0000
|
trusted library allocation
|
page read and write
|
||
|
8A22000
|
trusted library allocation
|
page read and write
|
||
|
686D000
|
stack
|
page read and write
|
||
|
8820000
|
heap
|
page read and write
|
||
|
616E000
|
stack
|
page read and write
|
||
|
7F1E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5466000
|
trusted library allocation
|
page read and write
|
||
|
1F37AE4D000
|
trusted library allocation
|
page read and write
|
||
|
6A1E000
|
trusted library allocation
|
page read and write
|
||
|
119D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F37AD00000
|
heap
|
page read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
4B9E000
|
trusted library allocation
|
page read and write
|
||
|
79BC000
|
heap
|
page read and write
|
||
|
7BD0000
|
trusted library allocation
|
page read and write
|
||
|
547A000
|
trusted library allocation
|
page read and write
|
||
|
1F3756B4000
|
heap
|
page read and write
|
||
|
2580000
|
heap
|
page read and write
|
||
|
6A40000
|
trusted library allocation
|
page read and write
|
||
|
1F37AEF1000
|
trusted library allocation
|
page read and write
|
||
|
11ED000
|
heap
|
page read and write
|
||
|
799C000
|
heap
|
page read and write
|
||
|
7C00000
|
trusted library allocation
|
page read and write
|
||
|
5AB0000
|
trusted library allocation
|
page read and write
|
||
|
CC0000
|
trusted library allocation
|
page read and write
|
||
|
F0E000
|
stack
|
page read and write
|
||
|
5A0E000
|
stack
|
page read and write
|
||
|
7B5F000
|
stack
|
page read and write
|
||
|
4EF0000
|
trusted library section
|
page read and write
|
||
|
2CFC000
|
stack
|
page read and write
|
||
|
75C0000
|
heap
|
page read and write
|
||
|
2CBE000
|
stack
|
page read and write
|
||
|
2910000
|
trusted library allocation
|
page read and write
|
||
|
5510000
|
heap
|
page read and write
|
||
|
6AF0000
|
trusted library allocation
|
page read and write
|
||
|
5050000
|
heap
|
page read and write
|
||
|
71F0000
|
heap
|
page execute and read and write
|
||
|
D34F37B000
|
stack
|
page read and write
|
||
|
1F37AEFF000
|
trusted library allocation
|
page read and write
|
||
|
1F37AE70000
|
remote allocation
|
page read and write
|
||
|
1525000
|
trusted library allocation
|
page execute and read and write
|
||
|
7A5E000
|
stack
|
page read and write
|
||
|
57CE000
|
stack
|
page read and write
|
||
|
7B1E000
|
stack
|
page read and write
|
||
|
D9C000
|
stack
|
page read and write
|
||
|
1F375729000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
1F37AC74000
|
heap
|
page read and write
|
||
|
1F37AAE0000
|
trusted library allocation
|
page read and write
|
||
|
1F3764F0000
|
trusted library section
|
page readonly
|
||
|
71E000
|
stack
|
page read and write
|
||
|
CF2000
|
trusted library allocation
|
page read and write
|
||
|
58CE000
|
stack
|
page read and write
|
||
|
1F37ACE3000
|
heap
|
page read and write
|
||
|
69F0000
|
heap
|
page read and write
|
||
|
7BF0000
|
trusted library allocation
|
page read and write
|
||
|
627C000
|
heap
|
page read and write
|
||
|
4C30000
|
heap
|
page read and write
|
||
|
7991000
|
heap
|
page read and write
|
||
|
3420000
|
heap
|
page read and write
|
||
|
4BE0000
|
trusted library allocation
|
page read and write
|
||
|
1F37AD02000
|
heap
|
page read and write
|
||
|
51FC000
|
trusted library allocation
|
page read and write
|
||
|
8670000
|
trusted library allocation
|
page execute and read and write
|
||
|
88AA000
|
heap
|
page read and write
|
||
|
564C000
|
stack
|
page read and write
|
||
|
5A4D000
|
stack
|
page read and write
|
||
|
8770000
|
trusted library allocation
|
page read and write
|
||
|
D34DE77000
|
stack
|
page read and write
|
||
|
87B0000
|
trusted library allocation
|
page read and write
|
||
|
1F37AD0A000
|
heap
|
page read and write
|
||
|
32DE000
|
stack
|
page read and write
|
||
|
1F375F02000
|
heap
|
page read and write
|
||
|
5ABE000
|
stack
|
page read and write
|
||
|
1170000
|
trusted library allocation
|
page read and write
|
||
|
4E28000
|
trusted library allocation
|
page read and write
|
||
|
8690000
|
heap
|
page read and write
|
||
|
548D000
|
trusted library allocation
|
page read and write
|
||
|
D34E77E000
|
unkown
|
page readonly
|
||
|
D34E57E000
|
unkown
|
page readonly
|
||
|
4BD0000
|
trusted library allocation
|
page read and write
|
||
|
11BB000
|
heap
|
page read and write
|
||
|
1044000
|
trusted library allocation
|
page read and write
|
||
|
2B31000
|
trusted library allocation
|
page read and write
|
||
|
1F375640000
|
heap
|
page read and write
|
||
|
4C30000
|
heap
|
page read and write
|
||
|
5EAB000
|
trusted library allocation
|
page read and write
|
||
|
7A17000
|
heap
|
page read and write
|
||
|
791E000
|
stack
|
page read and write
|
||
|
4C00000
|
heap
|
page readonly
|
||
|
3417000
|
heap
|
page read and write
|
||
|
546B000
|
trusted library allocation
|
page read and write
|
||
|
4BD5000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F375613000
|
heap
|
page read and write
|
||
|
1F37ACF2000
|
heap
|
page read and write
|
||
|
1F37AAD0000
|
trusted library allocation
|
page read and write
|
||
|
3E88000
|
trusted library allocation
|
page read and write
|
||
|
CE0000
|
trusted library allocation
|
page read and write
|
||
|
5D09000
|
trusted library allocation
|
page read and write
|
||
|
5486000
|
trusted library allocation
|
page read and write
|
||
|
CC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C70000
|
heap
|
page execute and read and write
|
||
|
33E4000
|
trusted library allocation
|
page read and write
|
||
|
4CB0000
|
trusted library allocation
|
page read and write
|
||
|
5E93000
|
trusted library allocation
|
page read and write
|
||
|
DD8000
|
heap
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
1F3764E0000
|
trusted library section
|
page readonly
|
||
|
790000
|
heap
|
page read and write
|
||
|
1184000
|
trusted library allocation
|
page read and write
|
||
|
4C00000
|
trusted library allocation
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page execute and read and write
|
||
|
33D0000
|
trusted library allocation
|
page read and write
|
||
|
5492000
|
trusted library allocation
|
page read and write
|
||
|
252000
|
unkown
|
page readonly
|
||
|
676E000
|
stack
|
page read and write
|
||
|
1F37AF1A000
|
trusted library allocation
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
7F2000
|
heap
|
page read and write
|
||
|
773000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D5A000
|
trusted library allocation
|
page read and write
|
||
|
A3C000
|
stack
|
page read and write
|
||
|
4C20000
|
trusted library allocation
|
page read and write
|
||
|
7A14000
|
heap
|
page read and write
|
||
|
E22000
|
heap
|
page read and write
|
||
|
76FE000
|
stack
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F37AE8E000
|
trusted library allocation
|
page read and write
|
||
|
1F37AC54000
|
heap
|
page read and write
|
||
|
7ADE000
|
stack
|
page read and write
|
||
|
1F375E02000
|
heap
|
page read and write
|
||
|
D34ECFE000
|
stack
|
page read and write
|
||
|
4C40000
|
trusted library allocation
|
page execute and read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
7C20000
|
trusted library allocation
|
page read and write
|
||
|
4BEF000
|
trusted library allocation
|
page read and write
|
||
|
873E000
|
stack
|
page read and write
|
||
|
4BB6000
|
trusted library allocation
|
page read and write
|
||
|
CD0000
|
trusted library allocation
|
page read and write
|
||
|
4B94000
|
trusted library allocation
|
page read and write
|
||
|
7BC0000
|
trusted library allocation
|
page read and write
|
||
|
4C60000
|
heap
|
page read and write
|
||
|
4BF5000
|
trusted library allocation
|
page read and write
|
||
|
6A27000
|
trusted library allocation
|
page read and write
|
||
|
5500000
|
heap
|
page read and write
|
||
|
5840000
|
heap
|
page read and write
|
||
|
826000
|
heap
|
page read and write
|
||
|
1230000
|
trusted library allocation
|
page read and write
|
||
|
5887000
|
heap
|
page read and write
|
||
|
1F375F1A000
|
heap
|
page read and write
|
||
|
75D0000
|
heap
|
page read and write
|
||
|
CEA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F3765F0000
|
trusted library allocation
|
page read and write
|
||
|
2E5F000
|
trusted library allocation
|
page read and write
|
||
|
5010000
|
heap
|
page execute and read and write
|
||
|
6278000
|
heap
|
page read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
634D000
|
heap
|
page read and write
|
||
|
10F8000
|
stack
|
page read and write
|
||
|
8862000
|
heap
|
page read and write
|
||
|
D34EBFE000
|
stack
|
page read and write
|
||
|
4BC2000
|
trusted library allocation
|
page read and write
|
||
|
1F37AE08000
|
trusted library allocation
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
787000
|
stack
|
page read and write
|
||
|
8780000
|
trusted library allocation
|
page read and write
|
||
|
D34E67B000
|
stack
|
page read and write
|
||
|
1F37567D000
|
heap
|
page read and write
|
||
|
6C22000
|
trusted library allocation
|
page read and write
|
||
|
4F60000
|
heap
|
page execute and read and write
|
||
|
6D3C000
|
stack
|
page read and write
|
||
|
1F37AEE8000
|
trusted library allocation
|
page read and write
|
||
|
1180000
|
trusted library allocation
|
page read and write
|
||
|
750E000
|
stack
|
page read and write
|
||
|
5660000
|
heap
|
page read and write
|
||
|
748E000
|
stack
|
page read and write
|
||
|
1F37AC1F000
|
heap
|
page read and write
|
||
|
1F375F13000
|
heap
|
page read and write
|
||
|
1F37AEE5000
|
trusted library allocation
|
page read and write
|
||
|
5060000
|
heap
|
page read and write
|
||
|
1F37AB00000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
8D3F000
|
stack
|
page read and write
|
||
|
5460000
|
trusted library allocation
|
page read and write
|
||
|
43E000
|
remote allocation
|
page execute and read and write
|
||
|
6A30000
|
trusted library allocation
|
page execute and read and write
|
||
|
CE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F37562B000
|
heap
|
page read and write
|
||
|
5D01000
|
trusted library allocation
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
5B57000
|
heap
|
page read and write
|
||
|
D34E279000
|
stack
|
page read and write
|
||
|
7C50000
|
trusted library allocation
|
page read and write
|
||
|
51AE000
|
stack
|
page read and write
|
||
|
7BA000
|
heap
|
page read and write
|
||
|
7A1E000
|
stack
|
page read and write
|
||
|
6A20000
|
trusted library allocation
|
page read and write
|
||
|
740E000
|
stack
|
page read and write
|
||
|
5440000
|
trusted library allocation
|
page read and write
|
||
|
D34EF7E000
|
unkown
|
page readonly
|
||
|
5472000
|
trusted library allocation
|
page read and write
|
||
|
8C4E000
|
stack
|
page read and write
|
||
|
5650000
|
trusted library allocation
|
page read and write
|
||
|
85E000
|
heap
|
page read and write
|
||
|
7A9E000
|
stack
|
page read and write
|
||
|
121B000
|
trusted library allocation
|
page execute and read and write
|
||
|
88B0000
|
heap
|
page read and write
|
||
|
D34EA7E000
|
unkown
|
page readonly
|
||
|
5504000
|
heap
|
page read and write
|
||
|
4BD2000
|
trusted library allocation
|
page read and write
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
4FBD000
|
stack
|
page read and write
|
||
|
5AF0000
|
heap
|
page read and write
|
||
|
54AA000
|
trusted library allocation
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F37AA50000
|
trusted library allocation
|
page read and write
|
||
|
1F37568E000
|
heap
|
page read and write
|
||
|
33F0000
|
trusted library allocation
|
page read and write
|
||
|
4C70000
|
heap
|
page execute and read and write
|
||
|
7C30000
|
trusted library allocation
|
page read and write
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
8BC0000
|
trusted library allocation
|
page read and write
|
||
|
833000
|
heap
|
page read and write
|
||
|
1F376091000
|
trusted library allocation
|
page read and write
|
||
|
D34F07E000
|
unkown
|
page readonly
|
||
|
118D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F37AAE0000
|
trusted library allocation
|
page read and write
|
||
|
71F5000
|
heap
|
page execute and read and write
|
||
|
8A61000
|
trusted library allocation
|
page read and write
|
||
|
1F37AE6F000
|
trusted library allocation
|
page read and write
|
||
|
1F37C000000
|
heap
|
page read and write
|
||
|
8CD0000
|
heap
|
page read and write
|
||
|
1F3756FF000
|
heap
|
page read and write
|
||
|
8A40000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CC0000
|
trusted library section
|
page read and write
|
||
|
250000
|
unkown
|
page readonly
|
||
|
3070000
|
heap
|
page read and write
|
||
|
4B90000
|
trusted library allocation
|
page read and write
|
||
|
1F37AEF4000
|
trusted library allocation
|
page read and write
|
||
|
289E000
|
stack
|
page read and write
|
||
|
CFB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1252000
|
heap
|
page read and write
|
||
|
784000
|
trusted library allocation
|
page read and write
|
||
|
A5F000
|
stack
|
page read and write
|
||
|
1F375674000
|
heap
|
page read and write
|
||
|
5EA4000
|
trusted library allocation
|
page read and write
|
||
|
2B2E000
|
stack
|
page read and write
|
||
|
1F37AC00000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
1F37AE56000
|
trusted library allocation
|
page read and write
|
||
|
7999000
|
heap
|
page read and write
|
||
|
774000
|
trusted library allocation
|
page read and write
|
||
|
2EB0000
|
trusted library allocation
|
page read and write
|
||
|
1F376340000
|
trusted library allocation
|
page read and write
|
||
|
7C70000
|
trusted library allocation
|
page read and write
|
||
|
E33000
|
heap
|
page read and write
|
||
|
1F37AE6C000
|
trusted library allocation
|
page read and write
|
||
|
1054000
|
trusted library allocation
|
page read and write
|
||
|
1F37AEA3000
|
trusted library allocation
|
page read and write
|
||
|
77BE000
|
stack
|
page read and write
|
||
|
D34EEFE000
|
stack
|
page read and write
|
||
|
1512000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
4BF0000
|
trusted library allocation
|
page read and write
|
||
|
7C10000
|
trusted library allocation
|
page read and write
|
||
|
780000
|
trusted library allocation
|
page read and write
|
||
|
104D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C80000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C80000
|
trusted library allocation
|
page read and write
|
||
|
1F37AC8F000
|
heap
|
page read and write
|
||
|
33E0000
|
trusted library allocation
|
page read and write
|
||
|
8760000
|
trusted library allocation
|
page execute and read and write
|
||
|
25F0000
|
heap
|
page execute and read and write
|
||
|
CB0000
|
trusted library allocation
|
page read and write
|
||
|
D34EE7E000
|
unkown
|
page readonly
|
||
|
25E000
|
unkown
|
page readonly
|
||
|
6B20000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E21000
|
trusted library allocation
|
page read and write
|
||
|
8777000
|
trusted library allocation
|
page read and write
|
||
|
D34D88C000
|
stack
|
page read and write
|
||
|
2E98000
|
trusted library allocation
|
page read and write
|
||
|
2FC000
|
stack
|
page read and write
|
||
|
662D000
|
stack
|
page read and write
|
||
|
1183000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BB1000
|
trusted library allocation
|
page read and write
|
||
|
1F376A11000
|
trusted library allocation
|
page read and write
|
||
|
7BE0000
|
trusted library allocation
|
page read and write
|
||
|
79D1000
|
heap
|
page read and write
|
||
|
723E000
|
stack
|
page read and write
|
||
|
1F37ABB0000
|
trusted library allocation
|
page read and write
|
||
|
1F37AE15000
|
trusted library allocation
|
page read and write
|
||
|
744A000
|
stack
|
page read and write
|
||
|
D34E37E000
|
unkown
|
page readonly
|
||
|
25A0000
|
trusted library allocation
|
page read and write
|
||
|
88CE000
|
heap
|
page read and write
|
||
|
1190000
|
trusted library allocation
|
page read and write
|
||
|
86FD000
|
stack
|
page read and write
|
||
|
1F37AB10000
|
trusted library allocation
|
page read and write
|
||
|
79B4000
|
heap
|
page read and write
|
||
|
1F3756A0000
|
heap
|
page read and write
|
||
|
DF4000
|
heap
|
page read and write
|
||
|
28F0000
|
heap
|
page read and write
|
||
|
1F37ACF9000
|
heap
|
page read and write
|
||
|
1F3756B0000
|
heap
|
page read and write
|
||
|
7C40000
|
trusted library allocation
|
page read and write
|
||
|
DA7000
|
heap
|
page read and write
|
||
|
D34E47B000
|
stack
|
page read and write
|
||
|
7FE000
|
heap
|
page read and write
|
||
|
4CBE000
|
stack
|
page read and write
|
||
|
2C60000
|
trusted library allocation
|
page read and write
|
||
|
4FCB000
|
stack
|
page read and write
|
||
|
CC4000
|
trusted library allocation
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
7B9D000
|
stack
|
page read and write
|
||
|
2720000
|
heap
|
page read and write
|
||
|
7F1F8000
|
trusted library allocation
|
page execute and read and write
|
||
|
CAF000
|
stack
|
page read and write
|
||
|
D34E17E000
|
unkown
|
page readonly
|
||
|
D34ED7E000
|
unkown
|
page readonly
|
||
|
3080000
|
heap
|
page read and write
|
||
|
2DF7000
|
stack
|
page read and write
|
||
|
D34FA7E000
|
unkown
|
page readonly
|
||
|
68AE000
|
stack
|
page read and write
|
||
|
6270000
|
heap
|
page read and write
|
||
|
2731000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
4D01000
|
trusted library allocation
|
page read and write
|
||
|
2317000
|
trusted library allocation
|
page execute and read and write
|
||
|
69AE000
|
stack
|
page read and write
|
||
|
33ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
73CE000
|
stack
|
page read and write
|
||
|
1F3764A0000
|
trusted library section
|
page readonly
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
54B0000
|
trusted library allocation
|
page read and write
|
||
|
1F37AE72000
|
trusted library allocation
|
page read and write
|
||
|
6A13000
|
trusted library allocation
|
page read and write
|
||
|
1F37AC42000
|
heap
|
page read and write
|
||
|
1F37AAB0000
|
trusted library allocation
|
page read and write
|
||
|
7800000
|
trusted library allocation
|
page read and write
|
||
|
738E000
|
stack
|
page read and write
|
||
|
1050000
|
trusted library allocation
|
page read and write
|
||
|
6B6E000
|
stack
|
page read and write
|
||
|
1F3764D0000
|
trusted library section
|
page readonly
|
||
|
1F3764B0000
|
trusted library section
|
page readonly
|
||
|
5A3D000
|
stack
|
page read and write
|
||
|
4C33000
|
heap
|
page read and write
|
||
|
1F375713000
|
heap
|
page read and write
|
||
|
1043000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A00000
|
trusted library allocation
|
page read and write
|
||
|
28E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
8660000
|
heap
|
page read and write
|
||
|
8740000
|
heap
|
page read and write
|
||
|
231B000
|
trusted library allocation
|
page execute and read and write
|
||
|
D3A000
|
stack
|
page read and write
|
||
|
1F37AE00000
|
trusted library allocation
|
page read and write
|
||
|
28DD000
|
stack
|
page read and write
|
||
|
79B9000
|
heap
|
page read and write
|
||
|
26FE000
|
stack
|
page read and write
|
||
|
3360000
|
heap
|
page read and write
|
||
|
329E000
|
stack
|
page read and write
|
||
|
2E57000
|
trusted library allocation
|
page read and write
|
||
|
7A5E000
|
stack
|
page read and write
|
||
|
CA5000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
5AF5000
|
heap
|
page read and write
|
||
|
51AC000
|
trusted library allocation
|
page read and write
|
||
|
257F000
|
stack
|
page read and write
|
||
|
1F37AE70000
|
remote allocation
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
2631000
|
trusted library allocation
|
page read and write
|
||
|
1F37AE70000
|
remote allocation
|
page read and write
|
||
|
237E000
|
stack
|
page read and write
|
||
|
4C2E000
|
stack
|
page read and write
|
||
|
7A1B000
|
heap
|
page read and write
|
||
|
8E8000
|
heap
|
page read and write
|
||
|
88A0000
|
heap
|
page read and write
|
||
|
2DBC000
|
stack
|
page read and write
|
||
|
6D5000
|
heap
|
page read and write
|
||
|
798000
|
heap
|
page read and write
|
||
|
1F37AE10000
|
trusted library allocation
|
page read and write
|
||
|
D34F47E000
|
unkown
|
page readonly
|
||
|
797B000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
1F37AAC0000
|
trusted library allocation
|
page read and write
|
||
|
88A4000
|
heap
|
page read and write
|
||
|
590E000
|
stack
|
page read and write
|
||
|
88B6000
|
heap
|
page read and write
|
||
|
D34EAFE000
|
stack
|
page read and write
|
||
|
3E49000
|
trusted library allocation
|
page read and write
|
||
|
1546000
|
heap
|
page read and write
|
||
|
1F376A40000
|
trusted library allocation
|
page read and write
|
||
|
1F375F00000
|
heap
|
page read and write
|
||
|
B2E000
|
stack
|
page read and write
|
||
|
245D000
|
stack
|
page read and write
|
||
|
74CB000
|
stack
|
page read and write
|
||
|
8890000
|
heap
|
page read and write
|
||
|
D5E000
|
stack
|
page read and write
|
||
|
A2E000
|
stack
|
page read and write
|
||
|
11A5000
|
heap
|
page read and write
|
||
|
54A4000
|
trusted library allocation
|
page read and write
|
||
|
7B3000
|
heap
|
page read and write
|
||
|
4C18000
|
trusted library allocation
|
page read and write
|
||
|
2E1F000
|
stack
|
page read and write
|
||
|
734B000
|
stack
|
page read and write
|
||
|
1256000
|
heap
|
page read and write
|
||
|
100E000
|
stack
|
page read and write
|
||
|
1F37AE18000
|
trusted library allocation
|
page read and write
|
||
|
1F3764C0000
|
trusted library section
|
page readonly
|
||
|
11E3000
|
heap
|
page read and write
|
||
|
1F37AC61000
|
heap
|
page read and write
|
||
|
8898000
|
heap
|
page read and write
|
||
|
8C50000
|
trusted library allocation
|
page read and write
|
||
|
1F375C80000
|
trusted library allocation
|
page read and write
|
||
|
4B80000
|
trusted library allocation
|
page read and write
|
||
|
482B000
|
stack
|
page read and write
|
||
|
7BB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7AE000
|
heap
|
page read and write
|
||
|
717E000
|
stack
|
page read and write
|
||
|
D10000
|
trusted library allocation
|
page read and write
|
||
|
CDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F37AB00000
|
trusted library allocation
|
page read and write
|
||
|
151A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1217000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B5E000
|
stack
|
page read and write
|
||
|
7D5000
|
heap
|
page read and write
|
||
|
3400000
|
trusted library allocation
|
page read and write
|
||
|
E06000
|
heap
|
page read and write
|
||
|
1F37AA40000
|
trusted library allocation
|
page read and write
|
||
|
1F37ACCE000
|
heap
|
page read and write
|
||
|
D34E07E000
|
stack
|
page read and write
|
||
|
C9E000
|
stack
|
page read and write
|
||
|
7F610000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F37AE00000
|
trusted library allocation
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
4E56000
|
trusted library allocation
|
page read and write
|
||
|
1F37AC4F000
|
heap
|
page read and write
|
||
|
3A2000
|
unkown
|
page readonly
|
||
|
2330000
|
trusted library allocation
|
page read and write
|
||
|
70FE000
|
stack
|
page read and write
|
||
|
2E61000
|
trusted library allocation
|
page read and write
|
||
|
6D7D000
|
stack
|
page read and write
|
||
|
B5E000
|
stack
|
page read and write
|
||
|
77DE000
|
stack
|
page read and write
|
||
|
5D68000
|
trusted library allocation
|
page read and write
|
||
|
CF7000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AB7000
|
trusted library allocation
|
page read and write
|
||
|
30BC000
|
heap
|
page read and write
|
||
|
6C00000
|
trusted library allocation
|
page read and write
|
||
|
D34EB7E000
|
unkown
|
page readonly
|
||
|
1F3754F0000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
4BC0000
|
heap
|
page execute and read and write
|
||
|
79A2000
|
heap
|
page read and write
|
||
|
3428000
|
heap
|
page read and write
|
||
|
CCD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F37AEBA000
|
trusted library allocation
|
page read and write
|
||
|
1F37AE20000
|
trusted library allocation
|
page read and write
|
||
|
1F3756A2000
|
heap
|
page read and write
|
||
|
4B70000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F37ACF5000
|
heap
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
DAF000
|
stack
|
page read and write
|
||
|
D34F17E000
|
stack
|
page read and write
|
||
|
1F375626000
|
heap
|
page read and write
|
||
|
1F37ABA0000
|
trusted library allocation
|
page read and write
|
||
|
8750000
|
trusted library allocation
|
page read and write
|
||
|
6B10000
|
trusted library allocation
|
page read and write
|
||
|
877A000
|
trusted library allocation
|
page read and write
|
||
|
77F0000
|
heap
|
page execute and read and write
|
||
|
3B31000
|
trusted library allocation
|
page read and write
|
||
|
1F37AAE1000
|
trusted library allocation
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
1F37ACE7000
|
heap
|
page read and write
|
||
|
33F9000
|
trusted library allocation
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
5680000
|
heap
|
page execute and read and write
|
||
|
50AE000
|
stack
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
7F8000
|
heap
|
page read and write
|
||
|
D34E97E000
|
unkown
|
page readonly
|
||
|
7BA0000
|
trusted library allocation
|
page read and write
|
||
|
4F70000
|
trusted library section
|
page readonly
|
||
|
670000
|
heap
|
page read and write
|
||
|
3A0000
|
unkown
|
page readonly
|
||
|
5B10000
|
heap
|
page read and write
|
||
|
51B0000
|
trusted library allocation
|
page read and write
|
||
|
1F37AAD0000
|
trusted library allocation
|
page read and write
|
||
|
7939000
|
heap
|
page read and write
|
||
|
1F375F1A000
|
heap
|
page read and write
|
||
|
68A000
|
stack
|
page read and write
|
||
|
1F375600000
|
heap
|
page read and write
|
||
|
1510000
|
trusted library allocation
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
672F000
|
stack
|
page read and write
|
||
|
875D000
|
trusted library allocation
|
page read and write
|
||
|
2310000
|
trusted library allocation
|
page read and write
|
||
|
3FA000
|
stack
|
page read and write
|
||
|
127C000
|
heap
|
page read and write
|
||
|
2620000
|
heap
|
page execute and read and write
|
||
|
5450000
|
trusted library allocation
|
page read and write
|
||
|
33E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7832000
|
heap
|
page read and write
|
||
|
3076000
|
heap
|
page read and write
|
||
|
1F375E00000
|
heap
|
page read and write
|
||
|
3E21000
|
trusted library allocation
|
page read and write
|
||
|
CD3000
|
trusted library allocation
|
page read and write
|
||
|
1F37ACAF000
|
heap
|
page read and write
|
||
|
79D6000
|
heap
|
page read and write
|
||
|
BAE000
|
stack
|
page read and write
|
||
|
1F37AE91000
|
trusted library allocation
|
page read and write
|
||
|
D34DF7E000
|
unkown
|
page readonly
|
||
|
1F375679000
|
heap
|
page read and write
|
||
|
1F37AEA0000
|
trusted library allocation
|
page read and write
|
||
|
D34E87B000
|
stack
|
page read and write
|
||
|
124A000
|
heap
|
page read and write
|
||
|
D34E9FE000
|
stack
|
page read and write
|
||
|
1F375E15000
|
heap
|
page read and write
|
||
|
87C0000
|
trusted library allocation
|
page read and write
|
||
|
5481000
|
trusted library allocation
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
547E000
|
trusted library allocation
|
page read and write
|
||
|
4CD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
D34EC7E000
|
unkown
|
page readonly
|
||
|
71BE000
|
stack
|
page read and write
|
||
|
1F3755F0000
|
heap
|
page read and write
|
||
|
6C0000
|
trusted library allocation
|
page read and write
|
||
|
7993000
|
heap
|
page read and write
|
||
|
4CFF000
|
stack
|
page read and write
|
||
|
1527000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C50000
|
trusted library allocation
|
page read and write
|
||
|
1F37ACC6000
|
heap
|
page read and write
|
||
|
4F80000
|
trusted library allocation
|
page read and write
|
||
|
777E000
|
stack
|
page read and write
|
||
|
3390000
|
heap
|
page read and write
|
||
|
340A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F37AC2C000
|
heap
|
page read and write
|
||
|
5B45000
|
heap
|
page read and write
|
||
|
6290000
|
heap
|
page read and write
|
||
|
D34F9FE000
|
stack
|
page read and write
|
||
|
1F375702000
|
heap
|
page read and write
|
||
|
4B9B000
|
trusted library allocation
|
page read and write
|
||
|
D34EFFE000
|
stack
|
page read and write
|
||
|
7000000
|
heap
|
page read and write
|
||
|
1227000
|
heap
|
page read and write
|
||
|
2E9A000
|
trusted library allocation
|
page read and write
|
||
|
331E000
|
stack
|
page read and write
|
||
|
4BAE000
|
trusted library allocation
|
page read and write
|
||
|
1F37567B000
|
heap
|
page read and write
|
||
|
54A0000
|
trusted library allocation
|
page read and write
|
||
|
5A7D000
|
stack
|
page read and write
|
||
|
154C000
|
heap
|
page read and write
|
||
|
5B00000
|
heap
|
page read and write
|
||
|
2470000
|
heap
|
page read and write
|
||
|
713F000
|
stack
|
page read and write
|
||
|
1F37AEFC000
|
trusted library allocation
|
page read and write
|
||
|
1F37ABA0000
|
trusted library allocation
|
page read and write
|
||
|
4BD0000
|
trusted library allocation
|
page read and write
|
||
|
472E000
|
stack
|
page read and write
|
||
|
2E6D000
|
trusted library allocation
|
page read and write
|
||
|
1F37AE64000
|
trusted library allocation
|
page read and write
|
||
|
7C7000
|
heap
|
page read and write
|
||
|
83C0000
|
trusted library allocation
|
page read and write
|
||
|
75E000
|
stack
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
7C60000
|
trusted library allocation
|
page read and write
|
||
|
2700000
|
heap
|
page read and write
|
||
|
8680000
|
trusted library allocation
|
page read and write
|
||
|
1F375510000
|
heap
|
page read and write
|
||
|
4EE0000
|
heap
|
page read and write
|
||
|
4C70000
|
trusted library allocation
|
page read and write
|
||
|
1F37ACC4000
|
heap
|
page read and write
|
||
|
51A6000
|
trusted library allocation
|
page read and write
|
||
|
578C000
|
stack
|
page read and write
|
||
|
730D000
|
stack
|
page read and write
|
||
|
1233000
|
heap
|
page read and write
|
||
|
3173000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
1516000
|
trusted library allocation
|
page execute and read and write
|
||
|
335F000
|
stack
|
page read and write
|
||
|
DEF000
|
heap
|
page read and write
|
||
|
D34F27E000
|
unkown
|
page readonly
|
||
|
6C0F000
|
stack
|
page read and write
|
||
|
1F37AF07000
|
trusted library allocation
|
page read and write
|
||
|
62C1000
|
heap
|
page read and write
|
||
|
4BBD000
|
trusted library allocation
|
page read and write
|
||
|
754A000
|
stack
|
page read and write
|
||
|
1F375695000
|
heap
|
page read and write
|
||
|
1F375D90000
|
trusted library section
|
page read and write
|
||
|
1522000
|
trusted library allocation
|
page read and write
|
||
|
5EB3000
|
trusted library allocation
|
page read and write
|
||
|
1F37AE0E000
|
trusted library allocation
|
page read and write
|
||
|
B3A000
|
stack
|
page read and write
|
||
|
794F000
|
heap
|
page read and write
|
||
|
3631000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
trusted library allocation
|
page read and write
|
||
|
5D29000
|
trusted library allocation
|
page read and write
|
||
|
79AD000
|
heap
|
page read and write
|
||
|
51D0000
|
trusted library allocation
|
page read and write
|
||
|
8A50000
|
trusted library allocation
|
page read and write
|
||
|
1242000
|
heap
|
page read and write
|
||
|
30C8000
|
heap
|
page read and write
|
||
|
152B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6B00000
|
trusted library allocation
|
page execute and read and write
|
||
|
2920000
|
heap
|
page execute and read and write
|
||
|
1F37AEC2000
|
trusted library allocation
|
page read and write
|
||
|
D34EDFE000
|
stack
|
page read and write
|
||
|
546E000
|
trusted library allocation
|
page read and write
|
||
|
727E000
|
stack
|
page read and write
|
||
|
78DF000
|
stack
|
page read and write
|
||
|
1F37AB14000
|
trusted library allocation
|
page read and write
|
||
|
1F37565B000
|
heap
|
page read and write
|
There are 611 hidden memdumps, click here to show them.