Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
EGSh5caf8a.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\EGSh5caf8a.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\EGSh5caf8a.exe
|
"C:\Users\user\Desktop\EGSh5caf8a.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:38 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:38 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:39 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:40 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:41 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:42 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:43 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:43 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:44 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:45 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:46 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:47 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:48 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:48 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:49 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:50 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:51 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:52 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:53 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:53 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:54 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:55 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:56 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 11:57 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 12:01 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 12:07 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 12:13 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 12:17 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 12:21 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"SCHtAsKs.EXe" /create /tn WindowsUpdates797722446 /tr "C:\Users\user\AppData\Roaming\MicrosoftwindowsUpdates\Accounts_Ledger_Software.eXE"
/st 12:25 /du 9999:59 /sc daily /ri 1 /f /RL HIGHEST
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 51 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://204.12.199.30:20991/async.txt
|
204.12.199.30
|
|
|
|
http://204.12.199.30:20991/hatthgola.vmp.dll
|
204.12.199.30
|
|
|
|
http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
http://schemas.m
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningCAR36.crl0y
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningCAR36.crt0#
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
|
unknown
|
||
|
http://204.12.199.30:20991/hatthgola.vmp.dllC:
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://204.12.199.30:20991
|
unknown
|
||
|
http://schemas.microH
|
unknown
|
There are 5 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
204.12.199.30
|
unknown
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EGSh5caf8a_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EGSh5caf8a_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EGSh5caf8a_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EGSh5caf8a_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EGSh5caf8a_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EGSh5caf8a_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EGSh5caf8a_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EGSh5caf8a_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EGSh5caf8a_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EGSh5caf8a_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EGSh5caf8a_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EGSh5caf8a_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EGSh5caf8a_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\EGSh5caf8a_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2C4A000
|
trusted library allocation
|
page read and write
|
|
|
|
28DA000
|
trusted library allocation
|
page read and write
|
|
|
|
2B31000
|
trusted library allocation
|
page read and write
|
||
|
303D000
|
stack
|
page read and write
|
||
|
322E000
|
unkown
|
page read and write
|
||
|
29C0000
|
heap
|
page read and write
|
||
|
2AE8000
|
trusted library allocation
|
page read and write
|
||
|
2A0E000
|
stack
|
page read and write
|
||
|
2E68000
|
heap
|
page read and write
|
||
|
29BB000
|
heap
|
page read and write
|
||
|
2B8F000
|
stack
|
page read and write
|
||
|
A30000
|
trusted library allocation
|
page read and write
|
||
|
50B000
|
heap
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
5EEE000
|
stack
|
page read and write
|
||
|
AD5000
|
heap
|
page read and write
|
||
|
2E7A000
|
stack
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
2D72000
|
trusted library allocation
|
page read and write
|
||
|
2D36000
|
trusted library allocation
|
page read and write
|
||
|
2B10000
|
trusted library allocation
|
page read and write
|
||
|
4BE000
|
unkown
|
page read and write
|
||
|
738000
|
heap
|
page read and write
|
||
|
302E000
|
unkown
|
page read and write
|
||
|
2A7E000
|
stack
|
page read and write
|
||
|
29C0000
|
heap
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
2950000
|
heap
|
page read and write
|
||
|
A66000
|
trusted library allocation
|
page execute and read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
B59000
|
heap
|
page read and write
|
||
|
2930000
|
heap
|
page read and write
|
||
|
4ECD000
|
stack
|
page read and write
|
||
|
68E0000
|
trusted library section
|
page read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
2D8B000
|
heap
|
page read and write
|
||
|
29AE000
|
unkown
|
page read and write
|
||
|
A7B000
|
trusted library allocation
|
page execute and read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
5AA000
|
stack
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
70F000
|
unkown
|
page read and write
|
||
|
307A000
|
stack
|
page read and write
|
||
|
29BE000
|
stack
|
page read and write
|
||
|
321F000
|
stack
|
page read and write
|
||
|
60E000
|
stack
|
page read and write
|
||
|
2B20000
|
trusted library allocation
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
295B000
|
trusted library allocation
|
page read and write
|
||
|
297E000
|
stack
|
page read and write
|
||
|
2D9E000
|
trusted library allocation
|
page read and write
|
||
|
2D76000
|
trusted library allocation
|
page read and write
|
||
|
61BE000
|
stack
|
page read and write
|
||
|
67A000
|
stack
|
page read and write
|
||
|
2FF8000
|
heap
|
page read and write
|
||
|
56D000
|
stack
|
page read and write
|
||
|
27A0000
|
heap
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
78F000
|
stack
|
page read and write
|
||
|
2B59000
|
trusted library allocation
|
page read and write
|
||
|
69A000
|
stack
|
page read and write
|
||
|
607E000
|
stack
|
page read and write
|
||
|
59AE000
|
stack
|
page read and write
|
||
|
2B2B000
|
trusted library allocation
|
page read and write
|
||
|
43A000
|
stack
|
page read and write
|
||
|
2EAA000
|
stack
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
315F000
|
unkown
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
AAE000
|
heap
|
page read and write
|
||
|
472000
|
unkown
|
page readonly
|
||
|
2AD9000
|
trusted library allocation
|
page read and write
|
||
|
286D000
|
stack
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
2B52000
|
trusted library allocation
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
6DD000
|
stack
|
page read and write
|
||
|
35FF000
|
stack
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
29BD000
|
trusted library allocation
|
page read and write
|
||
|
80E000
|
unkown
|
page read and write
|
||
|
1CD000
|
stack
|
page read and write
|
||
|
E08000
|
trusted library allocation
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
2820000
|
trusted library allocation
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
3895000
|
trusted library allocation
|
page read and write
|
||
|
31DF000
|
stack
|
page read and write
|
||
|
70E000
|
unkown
|
page read and write
|
||
|
A77000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
2959000
|
trusted library allocation
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
302B000
|
heap
|
page read and write
|
||
|
2B4E000
|
trusted library allocation
|
page read and write
|
||
|
2D0E000
|
stack
|
page read and write
|
||
|
2F5F000
|
unkown
|
page read and write
|
||
|
2994000
|
trusted library allocation
|
page read and write
|
||
|
310E000
|
unkown
|
page read and write
|
||
|
2C61000
|
trusted library allocation
|
page read and write
|
||
|
2D6A000
|
stack
|
page read and write
|
||
|
5E5000
|
heap
|
page read and write
|
||
|
2B4E000
|
stack
|
page read and write
|
||
|
C9F000
|
stack
|
page read and write
|
||
|
34BF000
|
stack
|
page read and write
|
||
|
B79000
|
heap
|
page read and write
|
||
|
2BED000
|
stack
|
page read and write
|
||
|
27D4000
|
trusted library allocation
|
page read and write
|
||
|
3B0000
|
heap
|
page read and write
|
||
|
2D2D000
|
stack
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
3350000
|
heap
|
page read and write
|
||
|
2DFD000
|
trusted library allocation
|
page read and write
|
||
|
325D000
|
stack
|
page read and write
|
||
|
2D38000
|
trusted library allocation
|
page read and write
|
||
|
2B2F000
|
trusted library allocation
|
page read and write
|
||
|
2F9E000
|
stack
|
page read and write
|
||
|
2D4E000
|
stack
|
page read and write
|
||
|
296A000
|
trusted library allocation
|
page read and write
|
||
|
3028000
|
heap
|
page read and write
|
||
|
29D0000
|
trusted library allocation
|
page read and write
|
||
|
29AE000
|
unkown
|
page read and write
|
||
|
2880000
|
heap
|
page execute and read and write
|
||
|
2C63000
|
trusted library allocation
|
page read and write
|
||
|
2D5A000
|
trusted library allocation
|
page read and write
|
||
|
28EA000
|
stack
|
page read and write
|
||
|
2FDE000
|
unkown
|
page read and write
|
||
|
2D4E000
|
stack
|
page read and write
|
||
|
EDC000
|
stack
|
page read and write
|
||
|
A4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2930000
|
heap
|
page read and write
|
||
|
AED000
|
heap
|
page read and write
|
||
|
2D50000
|
heap
|
page read and write
|
||
|
59A000
|
stack
|
page read and write
|
||
|
55D000
|
stack
|
page read and write
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
2987000
|
trusted library allocation
|
page read and write
|
||
|
2957000
|
trusted library allocation
|
page read and write
|
||
|
2A1B000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
2CD000
|
stack
|
page read and write
|
||
|
70F000
|
unkown
|
page read and write
|
||
|
2D7B000
|
heap
|
page read and write
|
||
|
3010000
|
heap
|
page read and write
|
||
|
2C6B000
|
heap
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
2D57000
|
trusted library allocation
|
page read and write
|
||
|
51FD000
|
stack
|
page read and write
|
||
|
293A000
|
stack
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
31AE000
|
stack
|
page read and write
|
||
|
7CE000
|
unkown
|
page read and write
|
||
|
51C000
|
stack
|
page read and write
|
||
|
6EF4D000
|
unkown
|
page read and write
|
||
|
31C8000
|
heap
|
page read and write
|
||
|
2E01000
|
trusted library allocation
|
page read and write
|
||
|
29BB000
|
trusted library allocation
|
page read and write
|
||
|
357F000
|
unkown
|
page read and write
|
||
|
A43000
|
trusted library allocation
|
page execute and read and write
|
||
|
2805000
|
trusted library allocation
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
2974000
|
trusted library allocation
|
page read and write
|
||
|
31EF000
|
stack
|
page read and write
|
||
|
30DF000
|
stack
|
page read and write
|
||
|
2A4F000
|
stack
|
page read and write
|
||
|
295D000
|
trusted library allocation
|
page read and write
|
||
|
2B56000
|
trusted library allocation
|
page read and write
|
||
|
2953000
|
trusted library allocation
|
page read and write
|
||
|
3420000
|
heap
|
page read and write
|
||
|
29EF000
|
unkown
|
page read and write
|
||
|
2BDE000
|
unkown
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
28B0000
|
heap
|
page read and write
|
||
|
3420000
|
heap
|
page read and write
|
||
|
43A000
|
stack
|
page read and write
|
||
|
2E1A000
|
trusted library allocation
|
page read and write
|
||
|
28AE000
|
stack
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
EE7000
|
heap
|
page read and write
|
||
|
2B01000
|
trusted library allocation
|
page read and write
|
||
|
2B1A000
|
trusted library allocation
|
page read and write
|
||
|
57E000
|
unkown
|
page read and write
|
||
|
2955000
|
trusted library allocation
|
page read and write
|
||
|
2F20000
|
heap
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
A62000
|
trusted library allocation
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
29BF000
|
stack
|
page read and write
|
||
|
507E000
|
stack
|
page read and write
|
||
|
470000
|
unkown
|
page readonly
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
2B4C000
|
trusted library allocation
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
2972000
|
trusted library allocation
|
page read and write
|
||
|
2D74000
|
trusted library allocation
|
page read and write
|
||
|
2B46000
|
trusted library allocation
|
page read and write
|
||
|
29EE000
|
unkown
|
page read and write
|
||
|
2D85000
|
trusted library allocation
|
page read and write
|
||
|
6EF30000
|
unkown
|
page readonly
|
||
|
500000
|
heap
|
page read and write
|
||
|
2D3F000
|
trusted library allocation
|
page read and write
|
||
|
8F8000
|
stack
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
663D000
|
stack
|
page read and write
|
||
|
297E000
|
unkown
|
page read and write
|
||
|
2E7A000
|
stack
|
page read and write
|
||
|
2D1F000
|
unkown
|
page read and write
|
||
|
29DF000
|
unkown
|
page read and write
|
||
|
631A000
|
heap
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
B42000
|
heap
|
page read and write
|
||
|
2B67000
|
trusted library allocation
|
page read and write
|
||
|
4FF000
|
unkown
|
page read and write
|
||
|
7CF000
|
stack
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
2D3A000
|
trusted library allocation
|
page read and write
|
||
|
28EA000
|
stack
|
page read and write
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
30F0000
|
heap
|
page read and write
|
||
|
2E0B000
|
trusted library allocation
|
page read and write
|
||
|
2D7E000
|
unkown
|
page read and write
|
||
|
30D000
|
stack
|
page read and write
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
29BF000
|
trusted library allocation
|
page read and write
|
||
|
2B16000
|
trusted library allocation
|
page read and write
|
||
|
2810000
|
trusted library allocation
|
page read and write
|
||
|
31BF000
|
stack
|
page read and write
|
||
|
299E000
|
unkown
|
page read and write
|
||
|
2AE4000
|
trusted library allocation
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
34A0000
|
heap
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
4FE000
|
unkown
|
page read and write
|
||
|
3400000
|
heap
|
page read and write
|
||
|
677D000
|
stack
|
page read and write
|
||
|
3B0000
|
heap
|
page read and write
|
||
|
2E05000
|
trusted library allocation
|
page read and write
|
||
|
2962000
|
trusted library allocation
|
page read and write
|
||
|
81E000
|
unkown
|
page read and write
|
||
|
2FEE000
|
unkown
|
page read and write
|
||
|
28EA000
|
stack
|
page read and write
|
||
|
63FE000
|
stack
|
page read and write
|
||
|
30C8000
|
heap
|
page read and write
|
||
|
2DBB000
|
heap
|
page read and write
|
||
|
2992000
|
trusted library allocation
|
page read and write
|
||
|
3B0000
|
heap
|
page read and write
|
||
|
2D6A000
|
trusted library allocation
|
page read and write
|
||
|
29FF000
|
unkown
|
page read and write
|
||
|
A40000
|
trusted library allocation
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
319E000
|
stack
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
30A000
|
stack
|
page read and write
|
||
|
498E000
|
stack
|
page read and write
|
||
|
A6A000
|
trusted library allocation
|
page execute and read and write
|
||
|
6CB000
|
heap
|
page read and write
|
||
|
A72000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
AE6000
|
heap
|
page read and write
|
||
|
34A000
|
stack
|
page read and write
|
||
|
297E000
|
unkown
|
page read and write
|
||
|
2E22000
|
trusted library allocation
|
page read and write
|
||
|
29DB000
|
heap
|
page read and write
|
||
|
2E6F000
|
stack
|
page read and write
|
||
|
29A6000
|
trusted library allocation
|
page read and write
|
||
|
63D000
|
stack
|
page read and write
|
||
|
2B8A000
|
stack
|
page read and write
|
||
|
DFF000
|
stack
|
page read and write
|
||
|
2D0E000
|
unkown
|
page read and write
|
||
|
6780000
|
heap
|
page read and write
|
||
|
2C3E000
|
stack
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
2B1C000
|
trusted library allocation
|
page read and write
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
65D000
|
stack
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
2F9F000
|
unkown
|
page read and write
|
||
|
338E000
|
stack
|
page read and write
|
||
|
74E000
|
stack
|
page read and write
|
||
|
5FEE000
|
stack
|
page read and write
|
||
|
2B63000
|
trusted library allocation
|
page read and write
|
||
|
2ED000
|
stack
|
page read and write
|
||
|
29EA000
|
stack
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
31BE000
|
stack
|
page read and write
|
||
|
2C5F000
|
stack
|
page read and write
|
||
|
293A000
|
stack
|
page read and write
|
||
|
317E000
|
stack
|
page read and write
|
||
|
290A000
|
stack
|
page read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
A50000
|
trusted library allocation
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
30BE000
|
stack
|
page read and write
|
||
|
3891000
|
trusted library allocation
|
page read and write
|
||
|
6302000
|
heap
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
70F000
|
unkown
|
page read and write
|
||
|
6EF4F000
|
unkown
|
page readonly
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
2E3A000
|
stack
|
page read and write
|
||
|
5EAE000
|
stack
|
page read and write
|
||
|
62C0000
|
heap
|
page read and write
|
||
|
2FDE000
|
stack
|
page read and write
|
||
|
2E07000
|
trusted library allocation
|
page read and write
|
||
|
36D0000
|
heap
|
page read and write
|
||
|
2B1E000
|
trusted library allocation
|
page read and write
|
||
|
303D000
|
stack
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
29CE000
|
trusted library allocation
|
page read and write
|
||
|
298D000
|
trusted library allocation
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
A44000
|
trusted library allocation
|
page read and write
|
||
|
2A0B000
|
heap
|
page read and write
|
||
|
2AEB000
|
trusted library allocation
|
page read and write
|
||
|
301F000
|
unkown
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
68DE000
|
stack
|
page read and write
|
||
|
2B4A000
|
trusted library allocation
|
page read and write
|
||
|
33CF000
|
stack
|
page read and write
|
||
|
667D000
|
stack
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
2ECB000
|
heap
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
27C0000
|
trusted library allocation
|
page read and write
|
||
|
2E08000
|
heap
|
page read and write
|
||
|
2F7F000
|
stack
|
page read and write
|
||
|
3230000
|
heap
|
page read and write
|
||
|
28FD000
|
stack
|
page read and write
|
||
|
28FF000
|
stack
|
page read and write
|
||
|
CDE000
|
stack
|
page read and write
|
||
|
2ADC000
|
trusted library allocation
|
page read and write
|
||
|
34EB000
|
heap
|
page read and write
|
||
|
334F000
|
unkown
|
page read and write
|
||
|
78F000
|
stack
|
page read and write
|
||
|
2E3D000
|
stack
|
page read and write
|
||
|
312F000
|
unkown
|
page read and write
|
||
|
2DA2000
|
trusted library allocation
|
page read and write
|
||
|
307B000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
3FE000
|
unkown
|
page read and write
|
||
|
2AFD000
|
trusted library allocation
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
2D70000
|
trusted library allocation
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
2B0C000
|
trusted library allocation
|
page read and write
|
||
|
ABF000
|
heap
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
3160000
|
heap
|
page read and write
|
||
|
2D9C000
|
trusted library allocation
|
page read and write
|
||
|
2D4F000
|
trusted library allocation
|
page read and write
|
||
|
38F6000
|
trusted library allocation
|
page read and write
|
||
|
71A000
|
stack
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
1BD000
|
stack
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
2AE6000
|
trusted library allocation
|
page read and write
|
||
|
30E8000
|
heap
|
page read and write
|
||
|
2E24000
|
trusted library allocation
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
28AF000
|
unkown
|
page read and write
|
||
|
6EF46000
|
unkown
|
page readonly
|
||
|
299E000
|
trusted library allocation
|
page read and write
|
||
|
303C000
|
heap
|
page read and write
|
||
|
2D83000
|
trusted library allocation
|
page read and write
|
||
|
2B50000
|
trusted library allocation
|
page read and write
|
||
|
28DB000
|
heap
|
page read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
28C6000
|
trusted library allocation
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
527E000
|
stack
|
page read and write
|
||
|
2DA0000
|
trusted library allocation
|
page read and write
|
||
|
32A000
|
stack
|
page read and write
|
||
|
62CC000
|
heap
|
page read and write
|
||
|
2D3C000
|
trusted library allocation
|
page read and write
|
||
|
AAA000
|
heap
|
page read and write
|
||
|
64FE000
|
stack
|
page read and write
|
||
|
28FD000
|
stack
|
page read and write
|
||
|
2B4D000
|
stack
|
page read and write
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
2DBF000
|
trusted library allocation
|
page read and write
|
||
|
3108000
|
heap
|
page read and write
|
||
|
5DAD000
|
stack
|
page read and write
|
||
|
2D98000
|
trusted library allocation
|
page read and write
|
||
|
3430000
|
heap
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
2F5E000
|
unkown
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
2E3D000
|
stack
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
2942000
|
trusted library allocation
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
278F000
|
stack
|
page read and write
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
4F3E000
|
stack
|
page read and write
|
||
|
2D6F000
|
stack
|
page read and write
|
||
|
1FA000
|
stack
|
page read and write
|
||
|
2930000
|
heap
|
page read and write
|
||
|
2976000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
2989000
|
trusted library allocation
|
page read and write
|
||
|
28AD000
|
stack
|
page read and write
|
||
|
32F8000
|
heap
|
page read and write
|
||
|
A5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
A53000
|
trusted library allocation
|
page read and write
|
||
|
31FF000
|
stack
|
page read and write
|
||
|
28D0000
|
heap
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
74F000
|
unkown
|
page read and write
|
||
|
6EF31000
|
unkown
|
page execute read
|
||
|
35BE000
|
stack
|
page read and write
|
||
|
2E3D000
|
stack
|
page read and write
|
||
|
2910000
|
heap
|
page read and write
|
||
|
2B48000
|
trusted library allocation
|
page read and write
|
||
|
2D51000
|
trusted library allocation
|
page read and write
|
||
|
29FE000
|
unkown
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
29EE000
|
unkown
|
page read and write
|
||
|
2B06000
|
trusted library allocation
|
page read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
29C1000
|
trusted library allocation
|
page read and write
|
||
|
34C0000
|
heap
|
page read and write
|
||
|
2AFB000
|
trusted library allocation
|
page read and write
|
||
|
2960000
|
heap
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
2FEE000
|
unkown
|
page read and write
|
||
|
28AD000
|
stack
|
page read and write
|
||
|
5BF000
|
unkown
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
296C000
|
trusted library allocation
|
page read and write
|
||
|
29C5000
|
trusted library allocation
|
page read and write
|
||
|
596E000
|
stack
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
2B54000
|
trusted library allocation
|
page read and write
|
||
|
370000
|
heap
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
297E000
|
unkown
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
2970000
|
trusted library allocation
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
2FBE000
|
stack
|
page read and write
|
||
|
2B65000
|
trusted library allocation
|
page read and write
|
||
|
317E000
|
unkown
|
page read and write
|
||
|
592D000
|
stack
|
page read and write
|
||
|
298B000
|
trusted library allocation
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
339E000
|
stack
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
6790000
|
heap
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
2F1E000
|
unkown
|
page read and write
|
||
|
341F000
|
stack
|
page read and write
|
||
|
29AD000
|
stack
|
page read and write
|
||
|
2D9A000
|
trusted library allocation
|
page read and write
|
||
|
2B18000
|
trusted library allocation
|
page read and write
|
||
|
2DA8000
|
trusted library allocation
|
page read and write
|
||
|
339E000
|
stack
|
page read and write
|
||
|
67DE000
|
stack
|
page read and write
|
||
|
30FB000
|
heap
|
page read and write
|
||
|
2AC0000
|
heap
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
2B37000
|
trusted library allocation
|
page read and write
|
||
|
62BE000
|
stack
|
page read and write
|
||
|
5C6D000
|
stack
|
page read and write
|
||
|
2DC2000
|
trusted library allocation
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
309E000
|
stack
|
page read and write
|
||
|
1ED000
|
stack
|
page read and write
|
||
|
2DBD000
|
trusted library allocation
|
page read and write
|
||
|
CF7000
|
heap
|
page read and write
|
||
|
29B9000
|
trusted library allocation
|
page read and write
|
||
|
2960000
|
heap
|
page read and write
|
||
|
2D2E000
|
stack
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
28AD000
|
stack
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
294F000
|
trusted library allocation
|
page read and write
|
||
|
2790000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D9E000
|
stack
|
page read and write
|
||
|
2D9F000
|
stack
|
page read and write
|
||
|
2B5D000
|
stack
|
page read and write
|
||
|
2B40000
|
trusted library allocation
|
page read and write
|
||
|
31C0000
|
heap
|
page read and write
|
||
|
2E03000
|
trusted library allocation
|
page read and write
|
||
|
29FE000
|
stack
|
page read and write
|
||
|
2DA6000
|
trusted library allocation
|
page read and write
|
||
|
2AFF000
|
trusted library allocation
|
page read and write
|
||
|
728000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
2D34000
|
trusted library allocation
|
page read and write
|
||
|
523E000
|
stack
|
page read and write
|
||
|
5C2E000
|
stack
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
68F0000
|
trusted library allocation
|
page read and write
|
||
|
653E000
|
stack
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
29A8000
|
trusted library allocation
|
page read and write
|
||
|
29C7000
|
trusted library allocation
|
page read and write
|
||
|
78F000
|
stack
|
page read and write
|
||
|
2945000
|
trusted library allocation
|
page read and write
|
||
|
2DB9000
|
trusted library allocation
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
4CD0000
|
heap
|
page read and write
|
||
|
2B69000
|
trusted library allocation
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
3FE000
|
unkown
|
page read and write
|
||
|
31C0000
|
heap
|
page read and write
|
||
|
2951000
|
trusted library allocation
|
page read and write
|
||
|
2B14000
|
trusted library allocation
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
78E000
|
stack
|
page read and write
|
||
|
38B9000
|
trusted library allocation
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
2E3E000
|
unkown
|
page read and write
|
||
|
2D87000
|
trusted library allocation
|
page read and write
|
||
|
2E7A000
|
stack
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
323D000
|
stack
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
||
|
617F000
|
stack
|
page read and write
|
||
|
28B0000
|
heap
|
page read and write
|
||
|
2DFF000
|
trusted library allocation
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
331E000
|
unkown
|
page read and write
|
||
|
323B000
|
heap
|
page read and write
|
||
|
2F7F000
|
unkown
|
page read and write
|
||
|
2E20000
|
trusted library allocation
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
2891000
|
trusted library allocation
|
page read and write
|
||
|
2964000
|
trusted library allocation
|
page read and write
|
||
|
82E000
|
unkown
|
page read and write
|
||
|
307A000
|
stack
|
page read and write
|
||
|
2AF9000
|
trusted library allocation
|
page read and write
|
||
|
2E1C000
|
trusted library allocation
|
page read and write
|
||
|
36E0000
|
heap
|
page read and write
|
||
|
29A2000
|
trusted library allocation
|
page read and write
|
||
|
2B3E000
|
trusted library allocation
|
page read and write
|
||
|
51BE000
|
stack
|
page read and write
|
||
|
2978000
|
trusted library allocation
|
page read and write
|
||
|
AE4000
|
heap
|
page read and write
|
||
|
335E000
|
unkown
|
page read and write
|
||
|
4F70000
|
heap
|
page execute and read and write
|
||
|
29AB000
|
trusted library allocation
|
page read and write
|
||
|
29A0000
|
trusted library allocation
|
page read and write
|
||
|
2DBB000
|
trusted library allocation
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
2B9A000
|
stack
|
page read and write
|
||
|
2FFE000
|
stack
|
page read and write
|
||
|
330E000
|
unkown
|
page read and write
|
||
|
2B77000
|
heap
|
page read and write
|
||
|
65B000
|
heap
|
page read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
2E09000
|
trusted library allocation
|
page read and write
|
||
|
2D6E000
|
trusted library allocation
|
page read and write
|
||
|
5D6F000
|
stack
|
page read and write
|
||
|
2C1E000
|
stack
|
page read and write
|
||
|
64F000
|
stack
|
page read and write
|
||
|
380000
|
heap
|
page read and write
|
||
|
29A4000
|
trusted library allocation
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
353E000
|
unkown
|
page read and write
|
||
|
5B2E000
|
stack
|
page read and write
|
||
|
327A000
|
stack
|
page read and write
|
||
|
2E0E000
|
stack
|
page read and write
|
||
|
2D68000
|
trusted library allocation
|
page read and write
|
||
|
74E000
|
stack
|
page read and write
|
||
|
2DA4000
|
trusted library allocation
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
2DBF000
|
unkown
|
page read and write
|
||
|
2D55000
|
trusted library allocation
|
page read and write
|
||
|
2D5E000
|
stack
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
2B03000
|
trusted library allocation
|
page read and write
|
||
|
2EA0000
|
heap
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
2816000
|
trusted library allocation
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
68F5000
|
trusted library allocation
|
page read and write
|
||
|
326F000
|
unkown
|
page read and write
|
||
|
2D53000
|
trusted library allocation
|
page read and write
|
||
|
2966000
|
trusted library allocation
|
page read and write
|
||
|
50BE000
|
stack
|
page read and write
|
||
|
29BF000
|
unkown
|
page read and write
|
||
|
297E000
|
unkown
|
page read and write
|
||
|
2E6D000
|
stack
|
page read and write
|
||
|
28CD000
|
stack
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
2E48000
|
heap
|
page read and write
|
||
|
329A000
|
stack
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
67B000
|
heap
|
page read and write
|
||
|
314F000
|
unkown
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
There are 602 hidden memdumps, click here to show them.