Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
filmora-idco_setup_full1901.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\Users\Public\Documents\Wondershare\NFWCHK.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
 |
|
|
C:\Users\Public\Documents\Wondershare\NFWCHK.exe.config
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\Public\Documents\Wondershare\WAE_DOWNTASK_1901.xml
|
XML 1.0 document, ASCII text, with CRLF, LF line terminators
|
dropped
|
||
|
C:\Users\Public\Documents\Wondershare\filmora-idco_64bit_full1901.exe.~P2S
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-04-19 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-04-20 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-04-24 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-05-02 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-05-02.1 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-05-03 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-05-04 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-05-05 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-05-06 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-05-07 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-05-09 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-05-13 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-05-14 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-05-15 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-05-16 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-05-17 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-05-18 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-05-19 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-05-22 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-05-24 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-05-25 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-05-26 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wondershare\WAE\wsWAE.log.2024-05-27 (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-04-19 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-04-20 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-04-21 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-04-22 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-04-23 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-04-24 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-04-25 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-04-25.1 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-04-28 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-04-28.1 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-04-29 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-04-29.1 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-04-30 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-04-30.1 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-02 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-02.1 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-02.2 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-03 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-03.1 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-04 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-05 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-06 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-07 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-07.1 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-08 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-09 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-09.1 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-12 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-13 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-13.1 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-14 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-14.1 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-15 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-16 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-16.1 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-17 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-17.1 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-19 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-22 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-22.1 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-23 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-24 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-24.1 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-25 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-26 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wsduilib.log.2024-05-27 (copy)
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 67 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\filmora-idco_setup_full1901.exe
|
"C:\Users\user\Desktop\filmora-idco_setup_full1901.exe"
|
|
|
|
C:\Users\Public\Documents\Wondershare\NFWCHK.exe
|
C:\Users\Public\Documents\Wondershare\NFWCHK.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://23.34.82.26/cbs_down/filmora-idco_64bit_full1901.exe
|
unknown
|
||
|
https://223.5.5.5
|
unknown
|
||
|
http://download.wondershare.net/cbs_downo;
|
unknown
|
||
|
http://platform.wondershare.cc/
|
unknown
|
||
|
http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
|
unknown
|
||
|
https://download.wondershare.net/cbs_down/filmora-idco_full1901.exe
|
unknown
|
||
|
http://download.wondershare.com/in
|
unknown
|
||
|
http://23.34.82.12/cbs_down/filmora-idco_64bit_full1901.exe
|
unknown
|
||
|
https://filmora.wondershare.net/install/filmora-win-idco.html?act=install
|
unknown
|
||
|
http://download.wondershare.net/cbs_down
|
unknown
|
||
|
http://download.wondershare.net/cbs_down/filmora-idco_64bit_full1901.exewin_x64
|
unknown
|
||
|
https://prod-web.wondershare.cc/api/v1/prodweb/trk&os=Windows
|
unknown
|
||
|
http://download.wondershare.net/cbs_down/filmora-idco_64bit_full1901.exeSY
|
unknown
|
||
|
http://download.wondershare.net/cbs_down/filmora-idco_64bit_full1901.exe
|
unknown
|
||
|
https://pc-api.wondershare.cc
|
unknown
|
||
|
http://download.wondershare.net/cbs_downq
|
unknown
|
||
|
https://analytics.300624.com:8106/sa?project=UA_Wae_Web
|
unknown
|
||
|
https://analytics.wondershare.cc:8106/sa?project=
|
unknown
|
||
|
http://pop.wondersha
|
unknown
|
||
|
http://download.wondershare.net/cbs_downm
|
unknown
|
||
|
http://download.wondershare.net/cbs_downp
|
unknown
|
||
|
https://www.wondershare.com/privacy.html
|
unknown
|
||
|
https://223.5.5.5Mzc4Miop0xjZfMjQzNzgwOTYzOTcyMTg4MTY=&uid=/resolve?type=1&short=1&name=&ak=&key=&ts
|
unknown
|
||
|
http://download.wondershare.net/cbs_down/filmora-idco_64bit_
|
unknown
|
||
|
http://download.wondershare.net/cbs_down/filmora-idco_64bit_full1901.exeSl
|
unknown
|
||
|
https://www.wondershare.com/company/end-user-license-agreement.html
|
unknown
|
||
|
http://platform.wondershare.cc
|
unknown
|
||
|
https://curl.se/docs/http-cookies.html
|
unknown
|
||
|
http://download.wondershare.net/cbs_downP
|
unknown
|
||
|
http://platform.wondershare.cc/rest/v2/downloader/runtime/?client_sign=
|
unknown
|
||
|
https://download.wond
|
unknown
|
||
|
https://curl.se/docs/alt-svc.html
|
unknown
|
||
|
https://filmora.wondershare.net/install/filmora-win-idco.html?act=installap
|
unknown
|
||
|
https://pc-api.300624.com
|
unknown
|
||
|
https://analytics.wondershare.cc:8106/sa?project=UA_Wae_Web
|
unknown
|
||
|
https://analytics.wondershare.cc:8106/sa?project=https://analytics.300624.com:8106/sa?project=downlo
|
unknown
|
||
|
https://analytics.300624.com:8106/sa?project=
|
unknown
|
||
|
https://download.wondershare.net/cbs_down/filmora-idco_full1901.exey
|
unknown
|
||
|
http://download.wondershare.net/cbs_down.exe
|
unknown
|
||
|
http://download.wondershare.com/inst/NetFxLite.exe
|
unknown
|
||
|
https://wae.tmp
|
unknown
|
||
|
http://download.wondershare.net/cbs_down1
|
unknown
|
||
|
http://download.wondershare.net/cbs_down/filmora-idco_64bit_full1901.execom
|
unknown
|
||
|
http://pop.wondershare.com/filmora-license.html
|
unknown
|
||
|
http://download.wondershare.net/cbs_down3
|
unknown
|
||
|
http://download.wondershare.net/cbs_downexe
|
unknown
|
||
|
https://analytics.wondershare.cc:8106/sa?project=UA_Wae_Web:
|
unknown
|
||
|
https://www.wondershare.com/privacy.htmle.html
|
unknown
|
||
|
http://download.wondershare.net/cbs_down/filmora-idco_64bit_full1901.exeSr:
|
unknown
|
||
|
http://download.wondershare.net/cbs_down/filmora-idco_64bit_full1901.exeS
|
unknown
|
||
|
https://223.6.6.6
|
unknown
|
||
|
http://23.34.82.12/cbs_down/filmora-idco_64bit_full1901.exey
|
unknown
|
||
|
http://download.wondershare.net/cbs_down/filmora-idco_64bi
|
unknown
|
There are 43 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
47.251.49.246
|
unknown
|
United States
|
||
|
23.34.82.12
|
unknown
|
United States
|
||
|
47.254.80.199
|
unknown
|
United States
|
||
|
23.34.82.26
|
unknown
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
||
|
47.88.57.97
|
unknown
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\WafCX
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\WafCX
|
1901
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Wondershare\Wondershare Helper Compact
|
ClientSign
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Wondershare\WAF
|
ClientSign
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
BEA8000
|
heap
|
page read and write
|
||
|
B337000
|
heap
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
33DE000
|
trusted library allocation
|
page read and write
|
||
|
5A7C000
|
heap
|
page read and write
|
||
|
BF0D000
|
heap
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
BF0D000
|
heap
|
page read and write
|
||
|
F091000
|
heap
|
page read and write
|
||
|
BEAB000
|
heap
|
page read and write
|
||
|
1BE14000
|
trusted library allocation
|
page read and write
|
||
|
BE93000
|
heap
|
page read and write
|
||
|
BF0C000
|
heap
|
page read and write
|
||
|
BF71000
|
heap
|
page read and write
|
||
|
3C24000
|
heap
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
54CC000
|
trusted library allocation
|
page read and write
|
||
|
7FFEC9330000
|
trusted library allocation
|
page read and write
|
||
|
BEA6000
|
heap
|
page read and write
|
||
|
5A10000
|
heap
|
page read and write
|
||
|
3C48000
|
heap
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
3C3C000
|
heap
|
page read and write
|
||
|
F091000
|
heap
|
page read and write
|
||
|
D27000
|
heap
|
page read and write
|
||
|
F0F4000
|
heap
|
page read and write
|
||
|
BE93000
|
heap
|
page read and write
|
||
|
58FE000
|
stack
|
page read and write
|
||
|
37FD000
|
stack
|
page read and write
|
||
|
BE8E000
|
stack
|
page read and write
|
||
|
690F000
|
stack
|
page read and write
|
||
|
5AA4000
|
heap
|
page read and write
|
||
|
1BDB0000
|
heap
|
page read and write
|
||
|
17D0000
|
trusted library allocation
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
B34F000
|
heap
|
page read and write
|
||
|
3C48000
|
heap
|
page read and write
|
||
|
B30B000
|
heap
|
page read and write
|
||
|
1333F000
|
trusted library allocation
|
page read and write
|
||
|
B2DA000
|
heap
|
page read and write
|
||
|
551E000
|
trusted library allocation
|
page read and write
|
||
|
5DCB000
|
stack
|
page read and write
|
||
|
BEA8000
|
heap
|
page read and write
|
||
|
B304000
|
heap
|
page read and write
|
||
|
CD1000
|
heap
|
page read and write
|
||
|
BF0D000
|
heap
|
page read and write
|
||
|
5ADB000
|
heap
|
page read and write
|
||
|
5AA2000
|
heap
|
page read and write
|
||
|
5518000
|
trusted library allocation
|
page read and write
|
||
|
1593000
|
heap
|
page read and write
|
||
|
1229000
|
heap
|
page read and write
|
||
|
1330000
|
remote allocation
|
page read and write
|
||
|
5AB5000
|
heap
|
page read and write
|
||
|
BE90000
|
heap
|
page read and write
|
||
|
BE98000
|
heap
|
page read and write
|
||
|
5ACE000
|
heap
|
page read and write
|
||
|
BF0C000
|
heap
|
page read and write
|
||
|
B32A000
|
heap
|
page read and write
|
||
|
D07000
|
heap
|
page read and write
|
||
|
BE98000
|
heap
|
page read and write
|
||
|
BFD4000
|
heap
|
page read and write
|
||
|
BE93000
|
heap
|
page read and write
|
||
|
BE98000
|
heap
|
page read and write
|
||
|
57BF000
|
stack
|
page read and write
|
||
|
BEA8000
|
heap
|
page read and write
|
||
|
B320000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
5AA1000
|
heap
|
page read and write
|
||
|
1BCE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFEC9350000
|
trusted library allocation
|
page execute and read and write
|
||
|
16B5000
|
heap
|
page read and write
|
||
|
BF0D000
|
heap
|
page read and write
|
||
|
5ADD000
|
heap
|
page read and write
|
||
|
5AE2000
|
heap
|
page read and write
|
||
|
5A9F000
|
heap
|
page read and write
|
||
|
291000
|
unkown
|
page execute read
|
||
|
5A76000
|
heap
|
page read and write
|
||
|
12A2000
|
heap
|
page read and write
|
||
|
7FFEC91F2000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C48000
|
heap
|
page read and write
|
||
|
5AD5000
|
heap
|
page read and write
|
||
|
290000
|
unkown
|
page readonly
|
||
|
A6F2000
|
trusted library allocation
|
page read and write
|
||
|
BE93000
|
heap
|
page read and write
|
||
|
BF70000
|
heap
|
page read and write
|
||
|
5A9F000
|
heap
|
page read and write
|
||
|
BE9C000
|
heap
|
page read and write
|
||
|
BEA8000
|
heap
|
page read and write
|
||
|
BF71000
|
heap
|
page read and write
|
||
|
9134000
|
heap
|
page read and write
|
||
|
D61000
|
heap
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
CD1000
|
heap
|
page read and write
|
||
|
7FFEC9150000
|
trusted library allocation
|
page read and write
|
||
|
BF0C000
|
heap
|
page read and write
|
||
|
F091000
|
heap
|
page read and write
|
||
|
BE98000
|
heap
|
page read and write
|
||
|
BFD4000
|
heap
|
page read and write
|
||
|
F6E000
|
stack
|
page read and write
|
||
|
BE98000
|
heap
|
page read and write
|
||
|
BF73000
|
heap
|
page read and write
|
||
|
3C48000
|
heap
|
page read and write
|
||
|
5A66000
|
heap
|
page read and write
|
||
|
5AC5000
|
heap
|
page read and write
|
||
|
BEA8000
|
heap
|
page read and write
|
||
|
1843000
|
heap
|
page execute and read and write
|
||
|
600D000
|
stack
|
page read and write
|
||
|
C14000
|
unkown
|
page readonly
|
||
|
1266000
|
heap
|
page read and write
|
||
|
3C42000
|
heap
|
page read and write
|
||
|
1C3DE000
|
stack
|
page read and write
|
||
|
12B4000
|
heap
|
page read and write
|
||
|
911A000
|
heap
|
page read and write
|
||
|
F091000
|
heap
|
page read and write
|
||
|
7FFEC9360000
|
trusted library allocation
|
page read and write
|
||
|
BE98000
|
heap
|
page read and write
|
||
|
B348000
|
heap
|
page read and write
|
||
|
F0F4000
|
heap
|
page read and write
|
||
|
B2FE000
|
heap
|
page read and write
|
||
|
3D6B000
|
stack
|
page read and write
|
||
|
51C0000
|
trusted library allocation
|
page read and write
|
||
|
947F000
|
stack
|
page read and write
|
||
|
5AF1000
|
heap
|
page read and write
|
||
|
D23000
|
heap
|
page read and write
|
||
|
5AE5000
|
heap
|
page read and write
|
||
|
CE1000
|
heap
|
page read and write
|
||
|
1BAFB000
|
stack
|
page read and write
|
||
|
1BE10000
|
trusted library allocation
|
page read and write
|
||
|
BEA8000
|
heap
|
page read and write
|
||
|
7FFEC9142000
|
trusted library allocation
|
page execute and read and write
|
||
|
C10000
|
unkown
|
page readonly
|
||
|
5AE4000
|
heap
|
page read and write
|
||
|
1BDC0000
|
trusted library allocation
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
7FFEC92C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFEC927A000
|
trusted library allocation
|
page read and write
|
||
|
6A0E000
|
stack
|
page read and write
|
||
|
7FFEC9370000
|
trusted library allocation
|
page read and write
|
||
|
5AD5000
|
heap
|
page read and write
|
||
|
D19000
|
heap
|
page read and write
|
||
|
1BE1A000
|
trusted library allocation
|
page read and write
|
||
|
5ACA000
|
heap
|
page read and write
|
||
|
BF0C000
|
heap
|
page read and write
|
||
|
BEA8000
|
heap
|
page read and write
|
||
|
5910000
|
heap
|
page read and write
|
||
|
BF0E000
|
heap
|
page read and write
|
||
|
5AC5000
|
heap
|
page read and write
|
||
|
13335000
|
trusted library allocation
|
page read and write
|
||
|
5AB5000
|
heap
|
page read and write
|
||
|
BE98000
|
heap
|
page read and write
|
||
|
BE9C000
|
heap
|
page read and write
|
||
|
BEAB000
|
heap
|
page read and write
|
||
|
BE98000
|
heap
|
page read and write
|
||
|
B2EA000
|
heap
|
page read and write
|
||
|
5A9F000
|
heap
|
page read and write
|
||
|
17D4000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
CC6000
|
heap
|
page read and write
|
||
|
BE93000
|
heap
|
page read and write
|
||
|
5AB7000
|
heap
|
page read and write
|
||
|
F090000
|
heap
|
page read and write
|
||
|
CE1000
|
heap
|
page read and write
|
||
|
D49000
|
heap
|
page read and write
|
||
|
BEA6000
|
heap
|
page read and write
|
||
|
BF0D000
|
heap
|
page read and write
|
||
|
5493000
|
heap
|
page read and write
|
||
|
BF0D000
|
heap
|
page read and write
|
||
|
CC9000
|
heap
|
page read and write
|
||
|
BFD6000
|
heap
|
page read and write
|
||
|
D07000
|
heap
|
page read and write
|
||
|
BFD6000
|
heap
|
page read and write
|
||
|
B32F000
|
heap
|
page read and write
|
||
|
127E000
|
heap
|
page read and write
|
||
|
5490000
|
heap
|
page read and write
|
||
|
D47000
|
heap
|
page read and write
|
||
|
5A79000
|
heap
|
page read and write
|
||
|
3DBB000
|
stack
|
page read and write
|
||
|
3C3C000
|
heap
|
page read and write
|
||
|
BE88000
|
stack
|
page read and write
|
||
|
7FFEC9205000
|
trusted library allocation
|
page read and write
|
||
|
C93000
|
heap
|
page read and write
|
||
|
5A6F000
|
heap
|
page read and write
|
||
|
B2FA000
|
heap
|
page read and write
|
||
|
3C27000
|
heap
|
page read and write
|
||
|
BE94000
|
heap
|
page read and write
|
||
|
C78000
|
heap
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
1C4DE000
|
stack
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
7FF407CF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
BF0C000
|
heap
|
page read and write
|
||
|
BEAD000
|
heap
|
page read and write
|
||
|
12A4000
|
heap
|
page read and write
|
||
|
5AB7000
|
heap
|
page read and write
|
||
|
11FC000
|
heap
|
page read and write
|
||
|
5A54000
|
heap
|
page read and write
|
||
|
BE9B000
|
heap
|
page read and write
|
||
|
1C1D0000
|
trusted library allocation
|
page read and write
|
||
|
BE9C000
|
heap
|
page read and write
|
||
|
13344000
|
trusted library allocation
|
page read and write
|
||
|
3C50000
|
heap
|
page read and write
|
||
|
11CE000
|
stack
|
page read and write
|
||
|
BE96000
|
heap
|
page read and write
|
||
|
3C48000
|
heap
|
page read and write
|
||
|
3C05000
|
heap
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
BE93000
|
heap
|
page read and write
|
||
|
BF0E000
|
heap
|
page read and write
|
||
|
7FFEC920D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C2B000
|
heap
|
page read and write
|
||
|
7FFEC9320000
|
trusted library allocation
|
page read and write
|
||
|
CE3000
|
heap
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
BE93000
|
heap
|
page read and write
|
||
|
5AA4000
|
heap
|
page read and write
|
||
|
5390000
|
heap
|
page read and write
|
||
|
7FFEC913A000
|
trusted library allocation
|
page execute and read and write
|
||
|
D1D000
|
heap
|
page read and write
|
||
|
7FFEC9140000
|
trusted library allocation
|
page read and write
|
||
|
7FFEC9232000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BCF0000
|
trusted library allocation
|
page read and write
|
||
|
BFD6000
|
heap
|
page read and write
|
||
|
7FFEC9194000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C27000
|
heap
|
page read and write
|
||
|
5AF4000
|
heap
|
page read and write
|
||
|
BEA8000
|
heap
|
page read and write
|
||
|
34A4000
|
heap
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
BE98000
|
heap
|
page read and write
|
||
|
9138000
|
heap
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
F0F4000
|
heap
|
page read and write
|
||
|
BF71000
|
heap
|
page read and write
|
||
|
7FFEC92A8000
|
trusted library allocation
|
page read and write
|
||
|
54E0000
|
trusted library allocation
|
page read and write
|
||
|
B2EF000
|
heap
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
C03C000
|
heap
|
page read and write
|
||
|
CDE000
|
heap
|
page read and write
|
||
|
54F8000
|
trusted library allocation
|
page read and write
|
||
|
BE98000
|
heap
|
page read and write
|
||
|
54E8000
|
trusted library allocation
|
page read and write
|
||
|
5AD5000
|
heap
|
page read and write
|
||
|
12D4000
|
heap
|
page read and write
|
||
|
BFD6000
|
heap
|
page read and write
|
||
|
7FFEC936B000
|
trusted library allocation
|
page read and write
|
||
|
BFD6000
|
heap
|
page read and write
|
||
|
551C000
|
trusted library allocation
|
page read and write
|
||
|
121E000
|
heap
|
page read and write
|
||
|
BF0D000
|
heap
|
page read and write
|
||
|
572F000
|
stack
|
page read and write
|
||
|
7FFEC9132000
|
trusted library allocation
|
page execute and read and write
|
||
|
BE93000
|
heap
|
page read and write
|
||
|
5ACD000
|
heap
|
page read and write
|
||
|
57FB000
|
stack
|
page read and write
|
||
|
BEAC000
|
heap
|
page read and write
|
||
|
BE93000
|
heap
|
page read and write
|
||
|
BEA8000
|
heap
|
page read and write
|
||
|
567E000
|
stack
|
page read and write
|
||
|
5ADB000
|
heap
|
page read and write
|
||
|
33DC000
|
trusted library allocation
|
page read and write
|
||
|
F091000
|
heap
|
page read and write
|
||
|
5F0E000
|
stack
|
page read and write
|
||
|
BEA8000
|
heap
|
page read and write
|
||
|
3C29000
|
heap
|
page read and write
|
||
|
B325000
|
heap
|
page read and write
|
||
|
D1D000
|
heap
|
page read and write
|
||
|
5AC5000
|
heap
|
page read and write
|
||
|
423000
|
unkown
|
page read and write
|
||
|
2FDE000
|
stack
|
page read and write
|
||
|
5AD8000
|
heap
|
page read and write
|
||
|
BE9C000
|
heap
|
page read and write
|
||
|
BE96000
|
heap
|
page read and write
|
||
|
FAE000
|
stack
|
page read and write
|
||
|
BE98000
|
heap
|
page read and write
|
||
|
BE93000
|
heap
|
page read and write
|
||
|
1425000
|
heap
|
page read and write
|
||
|
BF0E000
|
heap
|
page read and write
|
||
|
5AED000
|
heap
|
page read and write
|
||
|
34A0000
|
heap
|
page read and write
|
||
|
BF70000
|
heap
|
page read and write
|
||
|
D39000
|
heap
|
page read and write
|
||
|
F091000
|
heap
|
page read and write
|
||
|
7FFEC9300000
|
trusted library allocation
|
page execute and read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
BFD6000
|
heap
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
5AEC000
|
heap
|
page read and write
|
||
|
3C50000
|
heap
|
page read and write
|
||
|
D2D000
|
heap
|
page read and write
|
||
|
BFD4000
|
heap
|
page read and write
|
||
|
BF0C000
|
heap
|
page read and write
|
||
|
B385000
|
heap
|
page read and write
|
||
|
F091000
|
heap
|
page read and write
|
||
|
5A44000
|
heap
|
page read and write
|
||
|
5ADA000
|
heap
|
page read and write
|
||
|
54FE000
|
trusted library allocation
|
page read and write
|
||
|
BF70000
|
heap
|
page read and write
|
||
|
3C27000
|
heap
|
page read and write
|
||
|
3C48000
|
heap
|
page read and write
|
||
|
7FFEC9340000
|
trusted library allocation
|
page execute and read and write
|
||
|
BE96000
|
heap
|
page read and write
|
||
|
5396000
|
heap
|
page read and write
|
||
|
3C2B000
|
heap
|
page read and write
|
||
|
F0F4000
|
heap
|
page read and write
|
||
|
17DA000
|
trusted library allocation
|
page read and write
|
||
|
5512000
|
trusted library allocation
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
5524000
|
trusted library allocation
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
152E000
|
stack
|
page read and write
|
||
|
F091000
|
heap
|
page read and write
|
||
|
BE98000
|
heap
|
page read and write
|
||
|
1346000
|
heap
|
page read and write
|
||
|
5510000
|
trusted library allocation
|
page read and write
|
||
|
BE9E000
|
heap
|
page read and write
|
||
|
F091000
|
heap
|
page read and write
|
||
|
7FFEC9163000
|
trusted library allocation
|
page execute and read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
BF71000
|
heap
|
page read and write
|
||
|
3C27000
|
heap
|
page read and write
|
||
|
BF0E000
|
heap
|
page read and write
|
||
|
3C2F000
|
heap
|
page read and write
|
||
|
BEA4000
|
heap
|
page read and write
|
||
|
12DF000
|
heap
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
3BF2000
|
heap
|
page read and write
|
||
|
5528000
|
trusted library allocation
|
page read and write
|
||
|
B306000
|
heap
|
page read and write
|
||
|
16B0000
|
heap
|
page read and write
|
||
|
56DF000
|
stack
|
page read and write
|
||
|
9183000
|
heap
|
page read and write
|
||
|
D13000
|
heap
|
page read and write
|
||
|
3C48000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
16AB000
|
trusted library allocation
|
page read and write
|
||
|
CEB000
|
heap
|
page read and write
|
||
|
5AF9000
|
heap
|
page read and write
|
||
|
41E000
|
unkown
|
page write copy
|
||
|
2E9C000
|
stack
|
page read and write
|
||
|
54DE000
|
trusted library allocation
|
page read and write
|
||
|
1C0C0000
|
heap
|
page read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
BE98000
|
heap
|
page read and write
|
||
|
BEAB000
|
heap
|
page read and write
|
||
|
7FFEC9275000
|
trusted library allocation
|
page read and write
|
||
|
D27000
|
heap
|
page read and write
|
||
|
BE93000
|
heap
|
page read and write
|
||
|
5AB5000
|
heap
|
page read and write
|
||
|
D0F000
|
heap
|
page read and write
|
||
|
5496000
|
heap
|
page read and write
|
||
|
BF0D000
|
heap
|
page read and write
|
||
|
134C000
|
heap
|
page read and write
|
||
|
5AC8000
|
heap
|
page read and write
|
||
|
F091000
|
heap
|
page read and write
|
||
|
BF0C000
|
heap
|
page read and write
|
||
|
54CE000
|
trusted library allocation
|
page read and write
|
||
|
BEA8000
|
heap
|
page read and write
|
||
|
F091000
|
heap
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
7FFEC9200000
|
trusted library allocation
|
page read and write
|
||
|
54F1000
|
trusted library allocation
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
54DA000
|
trusted library allocation
|
page read and write
|
||
|
BE93000
|
heap
|
page read and write
|
||
|
7FFEC9272000
|
trusted library allocation
|
page read and write
|
||
|
BE9C000
|
heap
|
page read and write
|
||
|
BEA8000
|
heap
|
page read and write
|
||
|
2EDE000
|
stack
|
page read and write
|
||
|
3BE0000
|
heap
|
page read and write
|
||
|
CC7000
|
heap
|
page read and write
|
||
|
54E2000
|
trusted library allocation
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
D47000
|
heap
|
page read and write
|
||
|
BFD4000
|
heap
|
page read and write
|
||
|
D32000
|
heap
|
page read and write
|
||
|
5A59000
|
heap
|
page read and write
|
||
|
BE98000
|
heap
|
page read and write
|
||
|
D6D000
|
heap
|
page read and write
|
||
|
16A0000
|
trusted library allocation
|
page read and write
|
||
|
BE9C000
|
heap
|
page read and write
|
||
|
5500000
|
trusted library allocation
|
page read and write
|
||
|
3331000
|
trusted library allocation
|
page read and write
|
||
|
90A0000
|
heap
|
page read and write
|
||
|
BEA0000
|
heap
|
page read and write
|
||
|
8E2F000
|
stack
|
page read and write
|
||
|
6007000
|
stack
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
5ADD000
|
heap
|
page read and write
|
||
|
1BE30000
|
heap
|
page read and write
|
||
|
5AE8000
|
heap
|
page read and write
|
||
|
5A22000
|
heap
|
page read and write
|
||
|
D55000
|
stack
|
page read and write
|
||
|
6A4E000
|
stack
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
5380000
|
heap
|
page read and write
|
||
|
563E000
|
stack
|
page read and write
|
||
|
552C000
|
trusted library allocation
|
page read and write
|
||
|
90A3000
|
heap
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
BE98000
|
heap
|
page read and write
|
||
|
BEA8000
|
heap
|
page read and write
|
||
|
BE98000
|
heap
|
page read and write
|
||
|
9110000
|
heap
|
page read and write
|
||
|
13EE000
|
stack
|
page read and write
|
||
|
BE98000
|
heap
|
page read and write
|
||
|
7FF407CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
D34000
|
heap
|
page read and write
|
||
|
5ADB000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
BE98000
|
heap
|
page read and write
|
||
|
BEA8000
|
heap
|
page read and write
|
||
|
7FFEC91FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
CDA000
|
heap
|
page read and write
|
||
|
BF0D000
|
heap
|
page read and write
|
||
|
A37000
|
stack
|
page read and write
|
||
|
36F0000
|
heap
|
page read and write
|
||
|
5AC5000
|
heap
|
page read and write
|
||
|
7FFEC915F000
|
trusted library allocation
|
page execute and read and write
|
||
|
3CA000
|
unkown
|
page readonly
|
||
|
5394000
|
heap
|
page read and write
|
||
|
429000
|
unkown
|
page readonly
|
||
|
1C5DE000
|
stack
|
page read and write
|
||
|
D4C000
|
heap
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
576E000
|
stack
|
page read and write
|
||
|
539F000
|
heap
|
page read and write
|
||
|
CC4000
|
heap
|
page read and write
|
||
|
BE9C000
|
heap
|
page read and write
|
||
|
B3B5000
|
heap
|
page read and write
|
||
|
90B2000
|
heap
|
page read and write
|
||
|
126C000
|
heap
|
page read and write
|
||
|
12EE000
|
heap
|
page read and write
|
||
|
5AC4000
|
heap
|
page read and write
|
||
|
B389000
|
heap
|
page read and write
|
||
|
5526000
|
trusted library allocation
|
page read and write
|
||
|
3CA000
|
unkown
|
page readonly
|
||
|
B488000
|
heap
|
page read and write
|
||
|
5AE3000
|
heap
|
page read and write
|
||
|
5AA4000
|
heap
|
page read and write
|
||
|
5ACE000
|
heap
|
page read and write
|
||
|
5AD3000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
1596000
|
heap
|
page read and write
|
||
|
BF71000
|
heap
|
page read and write
|
||
|
C12000
|
unkown
|
page readonly
|
||
|
3C4B000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
7FFEC92A0000
|
trusted library allocation
|
page read and write
|
||
|
169E000
|
stack
|
page read and write
|
||
|
BE93000
|
heap
|
page read and write
|
||
|
BF73000
|
heap
|
page read and write
|
||
|
B2D000
|
stack
|
page read and write
|
||
|
BE9C000
|
heap
|
page read and write
|
||
|
20000
|
trusted library allocation
|
page read and write
|
||
|
1330000
|
remote allocation
|
page read and write
|
||
|
5AB5000
|
heap
|
page read and write
|
||
|
CFF000
|
heap
|
page read and write
|
||
|
1C2DE000
|
stack
|
page read and write
|
||
|
C3E000
|
stack
|
page read and write
|
||
|
1BF3C000
|
stack
|
page read and write
|
||
|
5AC8000
|
heap
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
5AE9000
|
heap
|
page read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
5AF1000
|
heap
|
page read and write
|
||
|
BF0E000
|
heap
|
page read and write
|
||
|
5A8E000
|
heap
|
page read and write
|
||
|
5AE3000
|
heap
|
page read and write
|
||
|
1590000
|
heap
|
page read and write
|
||
|
5AE9000
|
heap
|
page read and write
|
||
|
BE9C000
|
heap
|
page read and write
|
||
|
BEA6000
|
heap
|
page read and write
|
||
|
36AB000
|
stack
|
page read and write
|
||
|
F0F4000
|
heap
|
page read and write
|
||
|
5508000
|
trusted library allocation
|
page read and write
|
||
|
BF0D000
|
heap
|
page read and write
|
||
|
BF73000
|
heap
|
page read and write
|
||
|
CE3000
|
heap
|
page read and write
|
||
|
5AE1000
|
heap
|
page read and write
|
||
|
BF0C000
|
heap
|
page read and write
|
||
|
551A000
|
trusted library allocation
|
page read and write
|
||
|
BE93000
|
heap
|
page read and write
|
||
|
BE93000
|
heap
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
CCD000
|
heap
|
page read and write
|
||
|
3C50000
|
heap
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
B339000
|
heap
|
page read and write
|
||
|
7FFEC92B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
CEA000
|
heap
|
page read and write
|
||
|
CFF000
|
heap
|
page read and write
|
||
|
91C0000
|
trusted library section
|
page readonly
|
||
|
3C29000
|
heap
|
page read and write
|
||
|
13331000
|
trusted library allocation
|
page read and write
|
||
|
5AC3000
|
heap
|
page read and write
|
||
|
BE93000
|
heap
|
page read and write
|
||
|
9112000
|
heap
|
page read and write
|
||
|
B317000
|
heap
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
3C1A000
|
heap
|
page read and write
|
||
|
BEA6000
|
heap
|
page read and write
|
||
|
36C0000
|
heap
|
page read and write
|
||
|
347F000
|
stack
|
page read and write
|
||
|
BF70000
|
heap
|
page read and write
|
||
|
927F000
|
heap
|
page read and write
|
||
|
F091000
|
heap
|
page read and write
|
||
|
7FFEC9156000
|
trusted library allocation
|
page read and write
|
||
|
5A5D000
|
heap
|
page read and write
|
||
|
BF0D000
|
heap
|
page read and write
|
||
|
54DC000
|
trusted library allocation
|
page read and write
|
||
|
BF0D000
|
heap
|
page read and write
|
||
|
54D8000
|
trusted library allocation
|
page read and write
|
||
|
54C8000
|
trusted library allocation
|
page read and write
|
||
|
909B000
|
heap
|
page read and write
|
||
|
5A71000
|
heap
|
page read and write
|
||
|
D43000
|
heap
|
page read and write
|
||
|
BF0C000
|
heap
|
page read and write
|
||
|
BE93000
|
heap
|
page read and write
|
||
|
3C2B000
|
heap
|
page read and write
|
||
|
D23000
|
heap
|
page read and write
|
||
|
5680000
|
heap
|
page read and write
|
||
|
F091000
|
heap
|
page read and write
|
||
|
5AE7000
|
heap
|
page read and write
|
||
|
B2DC000
|
heap
|
page read and write
|
||
|
5AE5000
|
heap
|
page read and write
|
||
|
CDA000
|
heap
|
page read and write
|
||
|
BF0C000
|
heap
|
page read and write
|
||
|
F091000
|
heap
|
page read and write
|
||
|
6B4F000
|
stack
|
page read and write
|
||
|
1BDF0000
|
heap
|
page execute and read and write
|
||
|
CCD000
|
heap
|
page read and write
|
||
|
5ECF000
|
stack
|
page read and write
|
||
|
3A2E000
|
stack
|
page read and write
|
||
|
9195000
|
heap
|
page read and write
|
||
|
41E000
|
unkown
|
page read and write
|
||
|
5A8E000
|
heap
|
page read and write
|
||
|
7FFEC9310000
|
trusted library allocation
|
page execute and read and write
|
||
|
D5B000
|
heap
|
page read and write
|
||
|
B2EC000
|
heap
|
page read and write
|
||
|
3C50000
|
heap
|
page read and write
|
||
|
5AB5000
|
heap
|
page read and write
|
||
|
3B4F000
|
stack
|
page read and write
|
||
|
5A48000
|
heap
|
page read and write
|
||
|
BF71000
|
heap
|
page read and write
|
||
|
BEA8000
|
heap
|
page read and write
|
||
|
8D2E000
|
stack
|
page read and write
|
||
|
337E000
|
stack
|
page read and write
|
||
|
5D8D000
|
stack
|
page read and write
|
||
|
5AB5000
|
heap
|
page read and write
|
||
|
3C29000
|
heap
|
page read and write
|
||
|
D37000
|
heap
|
page read and write
|
||
|
1840000
|
heap
|
page execute and read and write
|
||
|
7FFEC9280000
|
trusted library allocation
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
5ACB000
|
heap
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
5C8C000
|
stack
|
page read and write
|
||
|
5A9F000
|
heap
|
page read and write
|
||
|
BF71000
|
heap
|
page read and write
|
||
|
5AD8000
|
heap
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
1BCF4000
|
trusted library allocation
|
page read and write
|
||
|
F091000
|
heap
|
page read and write
|
||
|
392E000
|
stack
|
page read and write
|
||
|
6010000
|
trusted library allocation
|
page read and write
|
||
|
BEA9000
|
heap
|
page read and write
|
||
|
5A8C000
|
heap
|
page read and write
|
||
|
F091000
|
heap
|
page read and write
|
||
|
BF0D000
|
heap
|
page read and write
|
||
|
BF70000
|
heap
|
page read and write
|
||
|
7FFEC920A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C48000
|
heap
|
page read and write
|
||
|
C10000
|
unkown
|
page readonly
|
||
|
299E000
|
stack
|
page read and write
|
||
|
5AAE000
|
heap
|
page read and write
|
||
|
D37000
|
heap
|
page read and write
|
||
|
1330000
|
remote allocation
|
page read and write
|
||
|
BF0C000
|
heap
|
page read and write
|
||
|
D51000
|
heap
|
page read and write
|
||
|
5A41000
|
heap
|
page read and write
|
||
|
B2E2000
|
heap
|
page read and write
|
||
|
CD9000
|
heap
|
page read and write
|
||
|
BF0C000
|
heap
|
page read and write
|
There are 576 hidden memdumps, click here to show them.