Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
B9exXW7c3t.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files\Common Files\System\msadc\en-US\winlogon.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Microsoft\OneDrive\ListSync\QeWHGGzCXwoQygZUiDI.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Windows Mail\ctfmon.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\Links\ApplicationFrameHost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\Saved Games\QeWHGGzCXwoQygZUiDI.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\AccountPictures\RuntimeBroker.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\QeWHGGzCXwoQygZUiDI.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SchCache\QeWHGGzCXwoQygZUiDI.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Common Files\System\msadc\en-US\cc11b995f2a76d
|
ASCII text, with very long lines (360), with no line terminators
|
dropped
|
||
|
C:\Program Files\Common Files\System\msadc\en-US\winlogon.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\Microsoft\OneDrive\ListSync\2e26acd4fd0504
|
ASCII text, with very long lines (866), with no line terminators
|
dropped
|
||
|
C:\Program Files\Microsoft\OneDrive\ListSync\QeWHGGzCXwoQygZUiDI.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\Windows Mail\26c12092da979c
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows Mail\ctfmon.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Default\Links\6dd19aba3e2428
|
ASCII text, with very long lines (322), with no line terminators
|
dropped
|
||
|
C:\Users\Default\Links\ApplicationFrameHost.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Default\Saved Games\2e26acd4fd0504
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\Default\Saved Games\QeWHGGzCXwoQygZUiDI.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Public\AccountPictures\9e8d7a4ca61bd9
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\Public\AccountPictures\RuntimeBroker.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\ApplicationFrameHost.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\B9exXW7c3t.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\QeWHGGzCXwoQygZUiDI.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\RuntimeBroker.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\ctfmon.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\winlogon.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\2e26acd4fd0504
|
ASCII text, with very long lines (488), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\QeWHGGzCXwoQygZUiDI.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\SchCache\2e26acd4fd0504
|
ASCII text, with very long lines (558), with no line terminators
|
dropped
|
||
|
C:\Windows\SchCache\QeWHGGzCXwoQygZUiDI.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 21 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\B9exXW7c3t.exe
|
"C:\Users\user\Desktop\B9exXW7c3t.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "QeWHGGzCXwoQygZUiDIQ" /sc MINUTE /mo 14 /tr "'C:\Program Files\Microsoft\OneDrive\ListSync\QeWHGGzCXwoQygZUiDI.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "QeWHGGzCXwoQygZUiDI" /sc ONLOGON /tr "'C:\Program Files\Microsoft\OneDrive\ListSync\QeWHGGzCXwoQygZUiDI.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "QeWHGGzCXwoQygZUiDIQ" /sc MINUTE /mo 14 /tr "'C:\Program Files\Microsoft\OneDrive\ListSync\QeWHGGzCXwoQygZUiDI.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "QeWHGGzCXwoQygZUiDIQ" /sc MINUTE /mo 8 /tr "'C:\Windows\SchCache\QeWHGGzCXwoQygZUiDI.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "QeWHGGzCXwoQygZUiDI" /sc ONLOGON /tr "'C:\Windows\SchCache\QeWHGGzCXwoQygZUiDI.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "QeWHGGzCXwoQygZUiDIQ" /sc MINUTE /mo 13 /tr "'C:\Windows\SchCache\QeWHGGzCXwoQygZUiDI.exe'" /rl
HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "ctfmonc" /sc MINUTE /mo 12 /tr "'C:\Program Files\Windows Mail\ctfmon.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "ctfmon" /sc ONLOGON /tr "'C:\Program Files\Windows Mail\ctfmon.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "ctfmonc" /sc MINUTE /mo 11 /tr "'C:\Program Files\Windows Mail\ctfmon.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "winlogonw" /sc MINUTE /mo 5 /tr "'C:\Program Files\Common Files\System\msadc\en-US\winlogon.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "winlogon" /sc ONLOGON /tr "'C:\Program Files\Common Files\System\msadc\en-US\winlogon.exe'" /rl
HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "winlogonw" /sc MINUTE /mo 6 /tr "'C:\Program Files\Common Files\System\msadc\en-US\winlogon.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "QeWHGGzCXwoQygZUiDIQ" /sc MINUTE /mo 5 /tr "'C:\Users\Default User\Saved Games\QeWHGGzCXwoQygZUiDI.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "QeWHGGzCXwoQygZUiDI" /sc ONLOGON /tr "'C:\Users\Default User\Saved Games\QeWHGGzCXwoQygZUiDI.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "QeWHGGzCXwoQygZUiDIQ" /sc MINUTE /mo 12 /tr "'C:\Users\Default User\Saved Games\QeWHGGzCXwoQygZUiDI.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RuntimeBrokerR" /sc MINUTE /mo 12 /tr "'C:\Users\Public\AccountPictures\RuntimeBroker.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RuntimeBroker" /sc ONLOGON /tr "'C:\Users\Public\AccountPictures\RuntimeBroker.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RuntimeBrokerR" /sc MINUTE /mo 13 /tr "'C:\Users\Public\AccountPictures\RuntimeBroker.exe'" /rl
HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "ApplicationFrameHostA" /sc MINUTE /mo 14 /tr "'C:\Users\Default\Links\ApplicationFrameHost.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "ApplicationFrameHost" /sc ONLOGON /tr "'C:\Users\Default\Links\ApplicationFrameHost.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "ApplicationFrameHostA" /sc MINUTE /mo 13 /tr "'C:\Users\Default\Links\ApplicationFrameHost.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "QeWHGGzCXwoQygZUiDIQ" /sc MINUTE /mo 6 /tr "'C:\Users\user\Start Menu\Programs\Windows PowerShell\QeWHGGzCXwoQygZUiDI.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "QeWHGGzCXwoQygZUiDI" /sc ONLOGON /tr "'C:\Users\user\Start Menu\Programs\Windows PowerShell\QeWHGGzCXwoQygZUiDI.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "QeWHGGzCXwoQygZUiDIQ" /sc MINUTE /mo 6 /tr "'C:\Users\user\Start Menu\Programs\Windows PowerShell\QeWHGGzCXwoQygZUiDI.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\SchCache\QeWHGGzCXwoQygZUiDI.exe
|
"C:\Windows\SchCache\QeWHGGzCXwoQygZUiDI.exe"
|
|
|
|
C:\Users\Default\Links\ApplicationFrameHost.exe
|
C:\Users\Default\Links\ApplicationFrameHost.exe
|
|
|
|
C:\Users\Default\Links\ApplicationFrameHost.exe
|
C:\Users\Default\Links\ApplicationFrameHost.exe
|
|
|
|
C:\Program Files\Windows Mail\ctfmon.exe
|
"C:\Program Files\Windows Mail\ctfmon.exe"
|
|
|
|
C:\Program Files\Windows Mail\ctfmon.exe
|
"C:\Program Files\Windows Mail\ctfmon.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\QeWHGGzCXwoQygZUiDI.exe
|
"C:\Users\user\Start Menu\Programs\Windows PowerShell\QeWHGGzCXwoQygZUiDI.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\QeWHGGzCXwoQygZUiDI.exe
|
"C:\Users\user\Start Menu\Programs\Windows PowerShell\QeWHGGzCXwoQygZUiDI.exe"
|
|
|
|
C:\Users\Public\AccountPictures\RuntimeBroker.exe
|
C:\Users\Public\AccountPictures\RuntimeBroker.exe
|
|
|
|
C:\Users\Public\AccountPictures\RuntimeBroker.exe
|
C:\Users\Public\AccountPictures\RuntimeBroker.exe
|
|
|
|
C:\Program Files\Common Files\System\msadc\en-US\winlogon.exe
|
"C:\Program Files\Common Files\System\msadc\en-US\winlogon.exe"
|
|
|
|
C:\Program Files\Common Files\System\msadc\en-US\winlogon.exe
|
"C:\Program Files\Common Files\System\msadc\en-US\winlogon.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\QeWHGGzCXwoQygZUiDI.exe
|
"C:\Users\user\Start Menu\Programs\Windows PowerShell\QeWHGGzCXwoQygZUiDI.exe"
|
|
|
|
C:\Program Files\Windows Mail\ctfmon.exe
|
"C:\Program Files\Windows Mail\ctfmon.exe"
|
|
There are 28 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://82.146.61.164/localUniversal/3Dumpprocessor/GameWordpresstrack6/eternal4/flower8Testdump/Longpolllongpoll/Securehttpwplocal.php?ZVSxTWRKIX4WAKi9eeqlLhfkTFe6=YMPLZX6E9wpNIWg&6b216a87848e812b8911d54c09e60b83=1a5c78d0b59f0e27da6ac915b871b18e&ba66ccabe5baf5dd4d2b1b6e621d0986=gNyUTMlZGOjF2MlNGOwADM3MmNzgDOwQGMlZ2NhlTO0IWOjRTN3czN&ZVSxTWRKIX4WAKi9eeqlLhfkTFe6=YMPLZX6E9wpNIWg
|
82.146.61.164
|
|
|
|
http://82.146.61.164/localUniversal/3Dumpprocessor/GameWordpresstrack6/eternal4/flower8Testdump/Longpolllongpoll/Securehttpwplocal.php?LysFYqMsinte=I6ADlK1LX&ca5T=9SGrVSUxhWH4wgrENNx0VJZ7p&JxuQodWZtQgCI6xIcrdPEoq9ONHdbz3=CXIhDQ&6b216a87848e812b8911d54c09e60b83=1a5c78d0b59f0e27da6ac915b871b18e&ba66ccabe5baf5dd4d2b1b6e621d0986=gNyUTMlZGOjF2MlNGOwADM3MmNzgDOwQGMlZ2NhlTO0IWOjRTN3czN&LysFYqMsinte=I6ADlK1LX&ca5T=9SGrVSUxhWH4wgrENNx0VJZ7p&JxuQodWZtQgCI6xIcrdPEoq9ONHdbz3=CXIhDQ
|
82.146.61.164
|
|
|
|
http://82.146.61.164/localUniversal/3Dumpprocessor/GameWordpresstrack6/eternal4/flower8Testdump/Longpolllongpoll/Securehttpwplocal.php?2Axq4KFgntH6pOhfkXM061hX=JBth00EchN&6b216a87848e812b8911d54c09e60b83=1a5c78d0b59f0e27da6ac915b871b18e&ba66ccabe5baf5dd4d2b1b6e621d0986=gNyUTMlZGOjF2MlNGOwADM3MmNzgDOwQGMlZ2NhlTO0IWOjRTN3czN&2Axq4KFgntH6pOhfkXM061hX=JBth00EchN
|
82.146.61.164
|
|
|
|
http://82.146.61.164/localUniversal/3Dumpprocessor/GameWordpresstrack6/eternal4/flower8Testdump/Longpolllongpoll/Securehttpwplocal.php?lAhnJNadMavr7iaE=ZXVZQ&3Y9JuvB=DFJyj5HlpMCmNsD&Q7JLvKfEUznPKEqsL7rmyu=I9xsJXo7KUS2wlzq2jFduS1bkfT&6b216a87848e812b8911d54c09e60b83=1a5c78d0b59f0e27da6ac915b871b18e&ba66ccabe5baf5dd4d2b1b6e621d0986=gNyUTMlZGOjF2MlNGOwADM3MmNzgDOwQGMlZ2NhlTO0IWOjRTN3czN&lAhnJNadMavr7iaE=ZXVZQ&3Y9JuvB=DFJyj5HlpMCmNsD&Q7JLvKfEUznPKEqsL7rmyu=I9xsJXo7KUS2wlzq2jFduS1bkfT
|
82.146.61.164
|
|
|
|
http://82.146.61.164/localUniversal/3Dumpprocessor/GameWordpresstrack6/eternal4/flower8Testdump/Longpolllongpoll/Securehttpwplocal.php?gcnWXuE9MUipBZc=bVK2py9yji&Y5YSB7xC1sNfAEv19t=v6&6b216a87848e812b8911d54c09e60b83=1a5c78d0b59f0e27da6ac915b871b18e&ba66ccabe5baf5dd4d2b1b6e621d0986=gNyUTMlZGOjF2MlNGOwADM3MmNzgDOwQGMlZ2NhlTO0IWOjRTN3czN&gcnWXuE9MUipBZc=bVK2py9yji&Y5YSB7xC1sNfAEv19t=v6
|
82.146.61.164
|
|
|
|
http://82.146.61.164/localUniversal/3Dumpprocessor/GameWordpresstrack6/eternal4/flower8Testdump/Longpolllongpoll/Securehttpwplocal.php?md25=UA&vb=r948xSj667Ud7PLnWmgd&6b216a87848e812b8911d54c09e60b83=1a5c78d0b59f0e27da6ac915b871b18e&ba66ccabe5baf5dd4d2b1b6e621d0986=gNyUTMlZGOjF2MlNGOwADM3MmNzgDOwQGMlZ2NhlTO0IWOjRTN3czN&md25=UA&vb=r948xSj667Ud7PLnWmgd
|
82.146.61.164
|
|
|
|
http://82.146.61.164/localUniversal/3Dumpprocessor/GameWordpresstrack6/eternal4/flower8Testdump/Longpolllongpoll/Securehttpwplocal.php?4DpgykXUnYal=5pRDw8u&VEaEdbRUQLKbDAyInpMt9jQQ58K=tH6x0e&6b216a87848e812b8911d54c09e60b83=1a5c78d0b59f0e27da6ac915b871b18e&ba66ccabe5baf5dd4d2b1b6e621d0986=gNyUTMlZGOjF2MlNGOwADM3MmNzgDOwQGMlZ2NhlTO0IWOjRTN3czN&4DpgykXUnYal=5pRDw8u&VEaEdbRUQLKbDAyInpMt9jQQ58K=tH6x0e
|
82.146.61.164
|
|
|
|
http://82.146.61.164/localUniversal/3Dumpprocessor/GameWordpresstrack6/eternal4/flower8Testdump/Longpolllongpoll/@=wWYj9GbwdHc0RHalJXdjV2U
|
|
||
|
http://82.146.61.164/localUniversal/3Dumpprocessor/GameWordpresstrack6/eternal4/flower8Testdump/Long
|
unknown
|
|
|
|
http://82.146.61.164
|
unknown
|
|
|
|
http://82.146.61.164/localUniversal/3Dumpprocessor/GameWordpresstrack6/eternal4/flower8Testdump/Longpolllongpoll/Securehttpwplocal.php?Qwo2irmnoV=YhU7MQKNp5jw68qGmj2EO9Q&XsrVJW5pTKYX7gxvZm1Wq9s31l9E=QdZRbjejzETA4cwkSJGvHolI3&6b216a87848e812b8911d54c09e60b83=1a5c78d0b59f0e27da6ac915b871b18e&ba66ccabe5baf5dd4d2b1b6e621d0986=gNyUTMlZGOjF2MlNGOwADM3MmNzgDOwQGMlZ2NhlTO0IWOjRTN3czN&Qwo2irmnoV=YhU7MQKNp5jw68qGmj2EO9Q&XsrVJW5pTKYX7gxvZm1Wq9s31l9E=QdZRbjejzETA4cwkSJGvHolI3
|
82.146.61.164
|
|
|
|
http://82.146.61.164/localUniversal/3Dumpprocessor/GameWordpresstrack6/eternal4/flower8Testdump/Longpolllongpoll/Securehttpwplocal.php?nTpz4tBkEffHSxvJX2feX5v=PFt&EW3lilo=8ZvGO6YDsWpwXo96D7U&6b216a87848e812b8911d54c09e60b83=1a5c78d0b59f0e27da6ac915b871b18e&ba66ccabe5baf5dd4d2b1b6e621d0986=gNyUTMlZGOjF2MlNGOwADM3MmNzgDOwQGMlZ2NhlTO0IWOjRTN3czN&nTpz4tBkEffHSxvJX2feX5v=PFt&EW3lilo=8ZvGO6YDsWpwXo96D7U
|
82.146.61.164
|
|
|
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
There are 3 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
82.146.61.164
|
unknown
|
Russian Federation
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
QeWHGGzCXwoQygZUiDI
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
QeWHGGzCXwoQygZUiDI
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ctfmon
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
winlogon
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
winlogon
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
RuntimeBroker
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
RuntimeBroker
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ApplicationFrameHost
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ApplicationFrameHost
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
QeWHGGzCXwoQygZUiDI
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
QeWHGGzCXwoQygZUiDI
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
QeWHGGzCXwoQygZUiDI
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
QeWHGGzCXwoQygZUiDI
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
QeWHGGzCXwoQygZUiDI
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\9f70c27f8c8b14f1c1bc1f16a0480e84d87b2221
|
7ea5e182a51cf878b159fd05d3cd930692d3cf8e
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QeWHGGzCXwoQygZUiDI_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QeWHGGzCXwoQygZUiDI_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QeWHGGzCXwoQygZUiDI_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QeWHGGzCXwoQygZUiDI_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QeWHGGzCXwoQygZUiDI_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QeWHGGzCXwoQygZUiDI_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QeWHGGzCXwoQygZUiDI_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QeWHGGzCXwoQygZUiDI_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QeWHGGzCXwoQygZUiDI_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QeWHGGzCXwoQygZUiDI_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QeWHGGzCXwoQygZUiDI_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QeWHGGzCXwoQygZUiDI_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QeWHGGzCXwoQygZUiDI_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\QeWHGGzCXwoQygZUiDI_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ApplicationFrameHost_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ApplicationFrameHost_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ApplicationFrameHost_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ApplicationFrameHost_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ApplicationFrameHost_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ApplicationFrameHost_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ApplicationFrameHost_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ApplicationFrameHost_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ApplicationFrameHost_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ApplicationFrameHost_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ApplicationFrameHost_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ApplicationFrameHost_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ApplicationFrameHost_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ApplicationFrameHost_RASMANCS
|
FileDirectory
|
There are 41 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2F3F000
|
trusted library allocation
|
page read and write
|
|
|
|
2E81000
|
trusted library allocation
|
page read and write
|
|
|
|
275F000
|
trusted library allocation
|
page read and write
|
|
|
|
2A61000
|
trusted library allocation
|
page read and write
|
|
|
|
2721000
|
trusted library allocation
|
page read and write
|
|
|
|
2BDF000
|
trusted library allocation
|
page read and write
|
|
|
|
2F01000
|
trusted library allocation
|
page read and write
|
|
|
|
2551000
|
trusted library allocation
|
page read and write
|
|
|
|
2A51000
|
trusted library allocation
|
page read and write
|
|
|
|
2F11000
|
trusted library allocation
|
page read and write
|
|
|
|
2F4F000
|
trusted library allocation
|
page read and write
|
|
|
|
2DB1000
|
trusted library allocation
|
page read and write
|
|
|
|
2E51000
|
trusted library allocation
|
page read and write
|
|
|
|
31CB000
|
trusted library allocation
|
page read and write
|
|
|
|
33E1000
|
trusted library allocation
|
page read and write
|
|
|
|
25A1000
|
trusted library allocation
|
page read and write
|
|
|
|
12E8D000
|
trusted library allocation
|
page read and write
|
|
|
|
3081000
|
trusted library allocation
|
page read and write
|
|
|
|
2BA1000
|
trusted library allocation
|
page read and write
|
|
|
|
2B31000
|
trusted library allocation
|
page read and write
|
|
|
|
2B6F000
|
trusted library allocation
|
page read and write
|
|
|
|
341F000
|
trusted library allocation
|
page read and write
|
|
|
|
258F000
|
trusted library allocation
|
page read and write
|
|
|
|
2E8F000
|
trusted library allocation
|
page read and write
|
|
|
|
2DEF000
|
trusted library allocation
|
page read and write
|
|
|
|
12D12000
|
trusted library allocation
|
page read and write
|
||
|
166F000
|
stack
|
page read and write
|
||
|
7FF848F3F000
|
trusted library allocation
|
page execute and read and write
|
||
|
AF6000
|
stack
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
16CF000
|
stack
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
1C2F5000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page execute and read and write
|
||
|
7FF848E44000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
C85000
|
heap
|
page read and write
|
||
|
3497000
|
trusted library allocation
|
page read and write
|
||
|
135C6000
|
trusted library allocation
|
page read and write
|
||
|
1B88E000
|
stack
|
page read and write
|
||
|
249F000
|
stack
|
page read and write
|
||
|
7FF848FC1000
|
trusted library allocation
|
page read and write
|
||
|
3188000
|
trusted library allocation
|
page read and write
|
||
|
10E8000
|
heap
|
page read and write
|
||
|
1310D000
|
trusted library allocation
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
125A3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E07000
|
trusted library allocation
|
page read and write
|
||
|
AB5000
|
heap
|
page read and write
|
||
|
7FF4C4830000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FC1000
|
trusted library allocation
|
page read and write
|
||
|
2BF1000
|
trusted library allocation
|
page read and write
|
||
|
2CF8000
|
trusted library allocation
|
page read and write
|
||
|
2F48000
|
trusted library allocation
|
page read and write
|
||
|
990000
|
unkown
|
page readonly
|
||
|
D10000
|
heap
|
page read and write
|
||
|
B36000
|
stack
|
page read and write
|
||
|
118F000
|
stack
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
1AFB0000
|
heap
|
page read and write
|
||
|
13961000
|
trusted library allocation
|
page read and write
|
||
|
2611000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F1F000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
12B0B000
|
trusted library allocation
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
7FF848E5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AE02000
|
heap
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F8A000
|
trusted library allocation
|
page read and write
|
||
|
12551000
|
trusted library allocation
|
page read and write
|
||
|
12DB1000
|
trusted library allocation
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
1BE95000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
D60000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
1BB40000
|
heap
|
page read and write
|
||
|
7FF849132000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FBC000
|
trusted library allocation
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
1BAF3000
|
stack
|
page read and write
|
||
|
1AAEE000
|
stack
|
page read and write
|
||
|
7FF848EC6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E44000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E27000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849045000
|
trusted library allocation
|
page read and write
|
||
|
12B95000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F06000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B990000
|
heap
|
page read and write
|
||
|
1C1FD000
|
stack
|
page read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
23CF000
|
stack
|
page read and write
|
||
|
D02000
|
heap
|
page read and write
|
||
|
2652000
|
trusted library allocation
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page read and write
|
||
|
1268000
|
heap
|
page read and write
|
||
|
613000
|
heap
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
1290000
|
heap
|
page read and write
|
||
|
7FF848E90000
|
trusted library allocation
|
page read and write
|
||
|
FCB000
|
heap
|
page read and write
|
||
|
1BB07000
|
stack
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
13020000
|
trusted library allocation
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page execute and read and write
|
||
|
E02000
|
heap
|
page read and write
|
||
|
7FF848E3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AA90000
|
trusted library allocation
|
page read and write
|
||
|
674000
|
heap
|
page read and write
|
||
|
D86000
|
heap
|
page read and write
|
||
|
68F000
|
heap
|
page read and write
|
||
|
1B12D000
|
stack
|
page read and write
|
||
|
1AE0000
|
heap
|
page read and write
|
||
|
C2D000
|
heap
|
page read and write
|
||
|
2680000
|
trusted library allocation
|
page read and write
|
||
|
1C9F4000
|
stack
|
page read and write
|
||
|
174B000
|
heap
|
page read and write
|
||
|
13DF000
|
heap
|
page read and write
|
||
|
2CE8000
|
trusted library allocation
|
page read and write
|
||
|
12DB8000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F9C000
|
trusted library allocation
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
2C30000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
D76000
|
heap
|
page read and write
|
||
|
1AEC0000
|
heap
|
page read and write
|
||
|
1C0FF000
|
stack
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
13787000
|
trusted library allocation
|
page read and write
|
||
|
12A5D000
|
trusted library allocation
|
page read and write
|
||
|
990000
|
unkown
|
page readonly
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
1B9DE000
|
stack
|
page read and write
|
||
|
7FF848E23000
|
trusted library allocation
|
page execute and read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
1C3FE000
|
stack
|
page read and write
|
||
|
10F3000
|
heap
|
page read and write
|
||
|
1AFED000
|
stack
|
page read and write
|
||
|
151F000
|
stack
|
page read and write
|
||
|
A60000
|
trusted library allocation
|
page read and write
|
||
|
2D02000
|
trusted library allocation
|
page read and write
|
||
|
1B21E000
|
stack
|
page read and write
|
||
|
7FF848EA6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF3000
|
trusted library allocation
|
page read and write
|
||
|
1BA9E000
|
stack
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page execute and read and write
|
||
|
1082000
|
heap
|
page read and write
|
||
|
8F6000
|
stack
|
page read and write
|
||
|
1C8FE000
|
stack
|
page read and write
|
||
|
2605000
|
trusted library allocation
|
page read and write
|
||
|
1AFCE000
|
stack
|
page read and write
|
||
|
1C2FB000
|
heap
|
page read and write
|
||
|
1072000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
12F33000
|
trusted library allocation
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
1BBA0000
|
heap
|
page execute and read and write
|
||
|
7FF849007000
|
trusted library allocation
|
page read and write
|
||
|
100F000
|
stack
|
page read and write
|
||
|
7FF848E07000
|
trusted library allocation
|
page read and write
|
||
|
1BDEE000
|
stack
|
page read and write
|
||
|
FE9000
|
heap
|
page read and write
|
||
|
D8C000
|
heap
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E27000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD7000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F31000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B4AE000
|
stack
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
2710000
|
heap
|
page read and write
|
||
|
12FBB000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E44000
|
trusted library allocation
|
page read and write
|
||
|
11A5000
|
heap
|
page read and write
|
||
|
7FF848F90000
|
trusted library allocation
|
page read and write
|
||
|
13A6000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
2DFD000
|
trusted library allocation
|
page read and write
|
||
|
7FF849118000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
1312B000
|
trusted library allocation
|
page read and write
|
||
|
1BF16000
|
heap
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849170000
|
trusted library allocation
|
page execute and read and write
|
||
|
1040000
|
trusted library allocation
|
page read and write
|
||
|
1385000
|
heap
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
7FF848EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848DF4000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F4F000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF84904B000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E3C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FD1000
|
trusted library allocation
|
page read and write
|
||
|
992000
|
unkown
|
page readonly
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
1C2C1000
|
heap
|
page read and write
|
||
|
31FF000
|
stack
|
page read and write
|
||
|
7FF848E96000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E37000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
13A4E000
|
trusted library allocation
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page read and write
|
||
|
FA8000
|
heap
|
page read and write
|
||
|
7FF848FCC000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FAB000
|
trusted library allocation
|
page read and write
|
||
|
1B580000
|
heap
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
1264B000
|
trusted library allocation
|
page read and write
|
||
|
2FC5000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
1348B000
|
trusted library allocation
|
page read and write
|
||
|
125A8000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
AF2000
|
unkown
|
page readonly
|
||
|
13E1000
|
heap
|
page read and write
|
||
|
18B0000
|
heap
|
page execute and read and write
|
||
|
7FF848FA6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FE3000
|
trusted library allocation
|
page read and write
|
||
|
2F03000
|
trusted library allocation
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
2FC2000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA6000
|
trusted library allocation
|
page read and write
|
||
|
12E51000
|
trusted library allocation
|
page read and write
|
||
|
107C000
|
heap
|
page read and write
|
||
|
7FF848E33000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
2BE6000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
643000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
7FF848DF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
12B33000
|
trusted library allocation
|
page read and write
|
||
|
16E0000
|
heap
|
page read and write
|
||
|
702000
|
heap
|
page read and write
|
||
|
1788000
|
heap
|
page read and write
|
||
|
2C19000
|
trusted library allocation
|
page read and write
|
||
|
12E81000
|
trusted library allocation
|
page read and write
|
||
|
12C82000
|
trusted library allocation
|
page read and write
|
||
|
2FBF000
|
trusted library allocation
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
1C402000
|
heap
|
page read and write
|
||
|
1BEAA000
|
heap
|
page read and write
|
||
|
7FF848FC3000
|
trusted library allocation
|
page read and write
|
||
|
3494000
|
trusted library allocation
|
page read and write
|
||
|
1249000
|
heap
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
10B5000
|
heap
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
1B93B000
|
stack
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
1BBD0000
|
heap
|
page read and write
|
||
|
9C0000
|
trusted library allocation
|
page read and write
|
||
|
1B40C000
|
stack
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848EA6000
|
trusted library allocation
|
page read and write
|
||
|
2C80000
|
heap
|
page execute and read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
7FF84909C000
|
trusted library allocation
|
page read and write
|
||
|
1148000
|
heap
|
page read and write
|
||
|
2FB8000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
1C2FE000
|
stack
|
page read and write
|
||
|
1C01E000
|
stack
|
page read and write
|
||
|
1B84E000
|
stack
|
page read and write
|
||
|
1C344000
|
heap
|
page read and write
|
||
|
2BEC000
|
trusted library allocation
|
page read and write
|
||
|
1C09E000
|
stack
|
page read and write
|
||
|
31ED000
|
trusted library allocation
|
page read and write
|
||
|
106E000
|
stack
|
page read and write
|
||
|
1B910000
|
heap
|
page execute and read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
1C1FE000
|
stack
|
page read and write
|
||
|
1BF19000
|
heap
|
page read and write
|
||
|
A8F000
|
heap
|
page read and write
|
||
|
16E6000
|
heap
|
page read and write
|
||
|
1BED7000
|
heap
|
page read and write
|
||
|
125FB000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FBE000
|
trusted library allocation
|
page read and write
|
||
|
ABC000
|
heap
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
2F46000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
3491000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B5AF000
|
stack
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
A05000
|
heap
|
page read and write
|
||
|
7FF848F21000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CA2000
|
trusted library allocation
|
page read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
7E8000
|
heap
|
page read and write
|
||
|
D74000
|
heap
|
page read and write
|
||
|
7FF848F3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C30B000
|
heap
|
page read and write
|
||
|
125AD000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FAE000
|
trusted library allocation
|
page read and write
|
||
|
13874000
|
trusted library allocation
|
page read and write
|
||
|
111B000
|
heap
|
page read and write
|
||
|
FFD000
|
heap
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
7FF848FCC000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
1C6FE000
|
stack
|
page read and write
|
||
|
C1F000
|
heap
|
page read and write
|
||
|
12E0000
|
trusted library allocation
|
page read and write
|
||
|
1C20A000
|
heap
|
page read and write
|
||
|
7FF849102000
|
trusted library allocation
|
page read and write
|
||
|
1C21E000
|
stack
|
page read and write
|
||
|
AFB000
|
heap
|
page read and write
|
||
|
13B3B000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FEB000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA1000
|
trusted library allocation
|
page read and write
|
||
|
13083000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
1369A000
|
trusted library allocation
|
page read and write
|
||
|
2CC2000
|
trusted library allocation
|
page read and write
|
||
|
1B0EF000
|
stack
|
page read and write
|
||
|
2BF0000
|
heap
|
page execute and read and write
|
||
|
2F97000
|
trusted library allocation
|
page read and write
|
||
|
1C322000
|
heap
|
page read and write
|
||
|
260B000
|
trusted library allocation
|
page read and write
|
||
|
1BAEE000
|
stack
|
page read and write
|
||
|
F16000
|
stack
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C0DE000
|
stack
|
page read and write
|
||
|
12B00000
|
trusted library allocation
|
page read and write
|
||
|
FE6000
|
heap
|
page read and write
|
||
|
1C2D9000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
114C000
|
heap
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page read and write
|
||
|
12C4B000
|
trusted library allocation
|
page read and write
|
||
|
7FF84903B000
|
trusted library allocation
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF4000
|
trusted library allocation
|
page read and write
|
||
|
D38000
|
heap
|
page read and write
|
||
|
140F000
|
heap
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B0A0000
|
heap
|
page execute and read and write
|
||
|
7FF848DF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B7FF000
|
stack
|
page read and write
|
||
|
6E4000
|
heap
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
E25000
|
heap
|
page read and write
|
||
|
13F0F000
|
trusted library allocation
|
page read and write
|
||
|
FFF000
|
stack
|
page read and write
|
||
|
7FF848E44000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E13000
|
trusted library allocation
|
page execute and read and write
|
||
|
1310000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
CC6000
|
heap
|
page read and write
|
||
|
7FF848E4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page execute and read and write
|
||
|
D8F000
|
stack
|
page read and write
|
||
|
264C000
|
trusted library allocation
|
page read and write
|
||
|
133E3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1765000
|
heap
|
page read and write
|
||
|
1130000
|
trusted library allocation
|
page read and write
|
||
|
DDF000
|
heap
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
7FF84905C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FF8000
|
trusted library allocation
|
page read and write
|
||
|
12558000
|
trusted library allocation
|
page read and write
|
||
|
7FF849047000
|
trusted library allocation
|
page read and write
|
||
|
12721000
|
trusted library allocation
|
page read and write
|
||
|
1A580000
|
trusted library allocation
|
page read and write
|
||
|
133F1000
|
trusted library allocation
|
page read and write
|
||
|
10DA000
|
heap
|
page read and write
|
||
|
1B56E000
|
stack
|
page read and write
|
||
|
1C1FE000
|
stack
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
1BFDE000
|
stack
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
124E000
|
stack
|
page read and write
|
||
|
1B1AE000
|
stack
|
page read and write
|
||
|
7FF848F2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FD1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F1A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E3C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E04000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
13FD2000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490AD000
|
trusted library allocation
|
page read and write
|
||
|
1120000
|
heap
|
page execute and read and write
|
||
|
25FF000
|
trusted library allocation
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
7FF848F9C000
|
trusted library allocation
|
page read and write
|
||
|
1B0B0000
|
trusted library allocation
|
page read and write
|
||
|
12E53000
|
trusted library allocation
|
page read and write
|
||
|
1B110000
|
heap
|
page read and write
|
||
|
7FF848F57000
|
trusted library allocation
|
page execute and read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
2C08000
|
trusted library allocation
|
page read and write
|
||
|
1449000
|
heap
|
page read and write
|
||
|
11EC000
|
heap
|
page read and write
|
||
|
1BA83000
|
stack
|
page read and write
|
||
|
2E4F000
|
stack
|
page read and write
|
||
|
641000
|
heap
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F06000
|
trusted library allocation
|
page execute and read and write
|
||
|
13FA9000
|
trusted library allocation
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
1BE89000
|
heap
|
page read and write
|
||
|
7FF848E13000
|
trusted library allocation
|
page execute and read and write
|
||
|
13091000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
12B41000
|
trusted library allocation
|
page read and write
|
||
|
1019000
|
heap
|
page read and write
|
||
|
1BE15000
|
stack
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1150000
|
trusted library allocation
|
page read and write
|
||
|
7BB000
|
heap
|
page read and write
|
||
|
1465000
|
heap
|
page read and write
|
||
|
7FF848F1F000
|
trusted library allocation
|
page execute and read and write
|
||
|
621000
|
heap
|
page read and write
|
||
|
31EF000
|
trusted library allocation
|
page read and write
|
||
|
A02000
|
heap
|
page read and write
|
||
|
7FF848DE0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
646000
|
heap
|
page read and write
|
||
|
7FF849160000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
D4D000
|
heap
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
DC1000
|
heap
|
page read and write
|
||
|
F80000
|
trusted library allocation
|
page read and write
|
||
|
26F0000
|
heap
|
page execute and read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
7FF848DF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1029000
|
heap
|
page read and write
|
||
|
A4F000
|
stack
|
page read and write
|
||
|
1BD90000
|
heap
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
2E00000
|
trusted library section
|
page read and write
|
||
|
2F12000
|
trusted library allocation
|
page read and write
|
||
|
13FBE000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB3000
|
trusted library allocation
|
page read and write
|
||
|
1B410000
|
trusted library allocation
|
page read and write
|
||
|
A56000
|
heap
|
page read and write
|
||
|
7FF848E4B000
|
trusted library allocation
|
page execute and read and write
|
||
|
25FC000
|
trusted library allocation
|
page read and write
|
||
|
17E0000
|
heap
|
page read and write
|
||
|
7FF848F4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
12723000
|
trusted library allocation
|
page read and write
|
||
|
30C7000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA1000
|
trusted library allocation
|
page read and write
|
||
|
2CAE000
|
trusted library allocation
|
page read and write
|
||
|
CA7000
|
heap
|
page read and write
|
||
|
1BDDF000
|
stack
|
page read and write
|
||
|
1272D000
|
trusted library allocation
|
page read and write
|
||
|
108E000
|
stack
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
13C28000
|
trusted library allocation
|
page read and write
|
||
|
2FBE000
|
trusted library allocation
|
page read and write
|
||
|
79F000
|
heap
|
page read and write
|
||
|
1350000
|
heap
|
page execute and read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
1B3DD000
|
stack
|
page read and write
|
||
|
7FF848EA6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
1027000
|
heap
|
page read and write
|
||
|
1C26B000
|
heap
|
page read and write
|
||
|
11B5000
|
heap
|
page read and write
|
||
|
7FF849108000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FE3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
1415000
|
heap
|
page read and write
|
||
|
7FF848F41000
|
trusted library allocation
|
page execute and read and write
|
||
|
14F6000
|
stack
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
111F000
|
heap
|
page read and write
|
||
|
7FF848E1B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CD7000
|
trusted library allocation
|
page read and write
|
||
|
1BB9E000
|
stack
|
page read and write
|
||
|
12AFB000
|
trusted library allocation
|
page read and write
|
||
|
2FC8000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
trusted library allocation
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
7FF848FC3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA3000
|
trusted library allocation
|
page read and write
|
||
|
33DE000
|
stack
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A9E000
|
stack
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
611000
|
heap
|
page read and write
|
||
|
7FF848F4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
170C000
|
heap
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
1C23F000
|
heap
|
page read and write
|
||
|
D35000
|
heap
|
page read and write
|
||
|
7FF848F1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1380000
|
heap
|
page execute and read and write
|
||
|
7FF848DF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FBC000
|
trusted library allocation
|
page read and write
|
||
|
D2B000
|
heap
|
page read and write
|
||
|
7FF848E13000
|
trusted library allocation
|
page read and write
|
||
|
C48000
|
heap
|
page read and write
|
||
|
7FF848F57000
|
trusted library allocation
|
page execute and read and write
|
||
|
1031000
|
heap
|
page read and write
|
||
|
2B9D000
|
trusted library allocation
|
page read and write
|
||
|
730000
|
trusted library allocation
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
1B6DE000
|
stack
|
page read and write
|
||
|
B02000
|
heap
|
page read and write
|
||
|
2BC0000
|
trusted library allocation
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
1BBEA000
|
stack
|
page read and write
|
||
|
2B8D000
|
trusted library allocation
|
page read and write
|
||
|
1B77E000
|
stack
|
page read and write
|
||
|
13081000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
1BF9E000
|
stack
|
page read and write
|
||
|
7FF848F41000
|
trusted library allocation
|
page execute and read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B833000
|
stack
|
page read and write
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
132E7000
|
trusted library allocation
|
page read and write
|
||
|
1A5D0000
|
trusted library allocation
|
page read and write
|
||
|
1BB5B000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
1BEC9000
|
heap
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
13FC2000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB3000
|
trusted library allocation
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
2FBB000
|
trusted library allocation
|
page read and write
|
||
|
1BF1D000
|
stack
|
page read and write
|
||
|
C95000
|
heap
|
page read and write
|
||
|
1CAF3000
|
stack
|
page read and write
|
||
|
7FF848FD6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F9B000
|
trusted library allocation
|
page read and write
|
||
|
2CA4000
|
trusted library allocation
|
page read and write
|
||
|
F16000
|
stack
|
page read and write
|
||
|
304F000
|
trusted library allocation
|
page read and write
|
||
|
1B68F000
|
stack
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
12E46000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C32C000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
12865000
|
trusted library allocation
|
page read and write
|
||
|
13088000
|
trusted library allocation
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
1C200000
|
heap
|
page read and write
|
||
|
930000
|
trusted library allocation
|
page read and write
|
||
|
1BE8E000
|
heap
|
page read and write
|
||
|
E90000
|
heap
|
page execute and read and write
|
||
|
C3E000
|
heap
|
page read and write
|
||
|
1C335000
|
heap
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
10CD000
|
heap
|
page read and write
|
||
|
1C3F3000
|
stack
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
1B3DE000
|
stack
|
page read and write
|
||
|
1BE20000
|
heap
|
page read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page read and write
|
||
|
2E30000
|
trusted library section
|
page read and write
|
||
|
C26000
|
heap
|
page read and write
|
||
|
2608000
|
trusted library allocation
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E34000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
63A000
|
heap
|
page read and write
|
||
|
1AFDE000
|
stack
|
page read and write
|
||
|
1545000
|
heap
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
7FF848F9C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E17000
|
trusted library allocation
|
page read and write
|
||
|
1186000
|
heap
|
page read and write
|
||
|
7FF848F21000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
12A6D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB1000
|
trusted library allocation
|
page read and write
|
||
|
DEB000
|
heap
|
page read and write
|
||
|
7FF848FBE000
|
trusted library allocation
|
page read and write
|
||
|
12F03000
|
trusted library allocation
|
page read and write
|
||
|
1ADE0000
|
trusted library allocation
|
page read and write
|
||
|
1C4FE000
|
stack
|
page read and write
|
||
|
7FF848E0C000
|
trusted library allocation
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7EA000
|
heap
|
page read and write
|
||
|
2F00000
|
trusted library allocation
|
page read and write
|
||
|
2EFD000
|
trusted library allocation
|
page read and write
|
||
|
1AA80000
|
trusted library allocation
|
page read and write
|
||
|
1255D000
|
trusted library allocation
|
page read and write
|
||
|
1781000
|
heap
|
page read and write
|
||
|
1125000
|
heap
|
page read and write
|
||
|
7FF848F4F000
|
trusted library allocation
|
page execute and read and write
|
||
|
133ED000
|
trusted library allocation
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
DF7000
|
heap
|
page read and write
|
||
|
7FF848E17000
|
trusted library allocation
|
page read and write
|
||
|
2FCB000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E23000
|
trusted library allocation
|
page execute and read and write
|
||
|
13F47000
|
trusted library allocation
|
page read and write
|
||
|
1385000
|
heap
|
page read and write
|
||
|
12BE000
|
stack
|
page read and write
|
||
|
12B38000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E3C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E13000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F57000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C23D000
|
stack
|
page read and write
|
||
|
7FF84908B000
|
trusted library allocation
|
page read and write
|
||
|
12E56000
|
trusted library allocation
|
page read and write
|
||
|
133E8000
|
trusted library allocation
|
page read and write
|
||
|
2D39000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
12E88000
|
trusted library allocation
|
page read and write
|
||
|
1C28A000
|
heap
|
page read and write
|
||
|
7FF848E6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BD1B000
|
stack
|
page read and write
|
||
|
11BF000
|
heap
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
1B9E0000
|
heap
|
page read and write
|
||
|
7FF849037000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E1C000
|
trusted library allocation
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
7FF849008000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FBB000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
6A9000
|
heap
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page execute and read and write
|
||
|
13CDA000
|
trusted library allocation
|
page read and write
|
||
|
6FC000
|
heap
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
1B49D000
|
stack
|
page read and write
|
||
|
1AFAE000
|
stack
|
page read and write
|
||
|
1750000
|
heap
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
7FF848ECC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CE02000
|
heap
|
page read and write
|
||
|
116E000
|
stack
|
page read and write
|
||
|
7FF848E23000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B804000
|
stack
|
page read and write
|
||
|
FBC000
|
heap
|
page read and write
|
||
|
7FF848E3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E34000
|
trusted library allocation
|
page read and write
|
||
|
1B60E000
|
stack
|
page read and write
|
||
|
2DF0000
|
heap
|
page execute and read and write
|
||
|
1BB3B000
|
stack
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
1B6F0000
|
heap
|
page execute and read and write
|
||
|
1AEB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848DED000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FD1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E2C000
|
trusted library allocation
|
page read and write
|
||
|
2F06000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
12F08000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FD3000
|
trusted library allocation
|
page read and write
|
||
|
2BDC000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B96E000
|
stack
|
page read and write
|
||
|
1BE9E000
|
stack
|
page read and write
|
||
|
1AB60000
|
trusted library allocation
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
7FF848FAC000
|
trusted library allocation
|
page read and write
|
||
|
1B3A3000
|
stack
|
page read and write
|
||
|
2B3E000
|
trusted library allocation
|
page read and write
|
||
|
1165000
|
heap
|
page read and write
|
||
|
13E3F000
|
trusted library allocation
|
page read and write
|
||
|
1BF03000
|
heap
|
page read and write
|
||
|
13628000
|
trusted library allocation
|
page read and write
|
||
|
2C59000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
13BF000
|
stack
|
page read and write
|
||
|
133E1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FD3000
|
trusted library allocation
|
page read and write
|
||
|
1BD93000
|
stack
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FE7000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F37000
|
trusted library allocation
|
page execute and read and write
|
||
|
260E000
|
trusted library allocation
|
page read and write
|
||
|
1B7E0000
|
heap
|
page read and write
|
||
|
7FF848FCC000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
6E1000
|
heap
|
page read and write
|
||
|
1840000
|
trusted library allocation
|
page read and write
|
||
|
1615000
|
heap
|
page read and write
|
||
|
1BDBE000
|
stack
|
page read and write
|
||
|
12CDB000
|
trusted library allocation
|
page read and write
|
||
|
1BE43000
|
heap
|
page read and write
|
||
|
2EFF000
|
stack
|
page read and write
|
||
|
1C13E000
|
stack
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BE32000
|
heap
|
page read and write
|
||
|
7FF848FDB000
|
trusted library allocation
|
page read and write
|
||
|
950000
|
trusted library allocation
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
2C1E000
|
trusted library allocation
|
page read and write
|
||
|
12561000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849148000
|
trusted library allocation
|
page read and write
|
||
|
1C1DE000
|
stack
|
page read and write
|
||
|
2C08000
|
trusted library allocation
|
page read and write
|
||
|
1C27F000
|
heap
|
page read and write
|
||
|
104C000
|
heap
|
page read and write
|
||
|
7FF848E4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CD5E000
|
stack
|
page read and write
|
||
|
7FF848E13000
|
trusted library allocation
|
page read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
7FF848EBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
150E000
|
stack
|
page read and write
|
||
|
1720000
|
heap
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848EC6000
|
trusted library allocation
|
page read and write
|
||
|
2A5E000
|
stack
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
7FF848EC6000
|
trusted library allocation
|
page execute and read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
7FF848F9E000
|
trusted library allocation
|
page read and write
|
||
|
2FBC000
|
trusted library allocation
|
page read and write
|
||
|
12BA5000
|
trusted library allocation
|
page read and write
|
||
|
1350000
|
trusted library allocation
|
page read and write
|
||
|
1024000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
1BB4E000
|
heap
|
page read and write
|
||
|
2DAE000
|
stack
|
page read and write
|
||
|
12EFB000
|
trusted library allocation
|
page read and write
|
||
|
1BCE3000
|
stack
|
page read and write
|
||
|
7FF848F3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
12F13000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E1C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
9B6000
|
stack
|
page read and write
|
||
|
7FF848E12000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF7000
|
trusted library allocation
|
page read and write
|
||
|
C4B000
|
heap
|
page read and write
|
||
|
7FF848F06000
|
trusted library allocation
|
page execute and read and write
|
||
|
101C000
|
heap
|
page read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
13E4F000
|
trusted library allocation
|
page read and write
|
||
|
1B33D000
|
stack
|
page read and write
|
||
|
4F6000
|
stack
|
page read and write
|
||
|
12D57000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DFC000
|
trusted library allocation
|
page read and write
|
||
|
CE0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0C000
|
trusted library allocation
|
page read and write
|
||
|
81A000
|
heap
|
page read and write
|
||
|
139E000
|
stack
|
page read and write
|
||
|
1CCFF000
|
stack
|
page read and write
|
||
|
7FF848E07000
|
trusted library allocation
|
page read and write
|
||
|
1ABD0000
|
trusted library allocation
|
page read and write
|
||
|
1B41F000
|
stack
|
page read and write
|
||
|
2FCE000
|
trusted library allocation
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
12BA8000
|
trusted library allocation
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
1760000
|
heap
|
page read and write
|
||
|
7FF848E6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BE7E000
|
heap
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
F65000
|
heap
|
page read and write
|
||
|
7FF849001000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
1AF30000
|
trusted library allocation
|
page read and write
|
||
|
1BCDF000
|
stack
|
page read and write
|
||
|
34A3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F80000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F90000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CB8000
|
trusted library allocation
|
page read and write
|
||
|
1B630000
|
heap
|
page execute and read and write
|
||
|
7FF848E33000
|
trusted library allocation
|
page read and write
|
||
|
2F57000
|
trusted library allocation
|
page read and write
|
||
|
C23000
|
heap
|
page read and write
|
||
|
7FF848E5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F83000
|
trusted library allocation
|
page read and write
|
||
|
1B5DE000
|
stack
|
page read and write
|
||
|
12E58000
|
trusted library allocation
|
page read and write
|
||
|
2F2C000
|
trusted library allocation
|
page read and write
|
||
|
1BDAE000
|
stack
|
page read and write
|
||
|
1C210000
|
heap
|
page read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E02000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E23000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
1BA1E000
|
stack
|
page read and write
|
||
|
7FF848FB3000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
1375000
|
heap
|
page read and write
|
||
|
140C000
|
heap
|
page read and write
|
||
|
13D8B000
|
trusted library allocation
|
page read and write
|
||
|
DAB000
|
heap
|
page read and write
|
||
|
2F31000
|
trusted library allocation
|
page read and write
|
||
|
1C238000
|
heap
|
page read and write
|
||
|
1BEFE000
|
stack
|
page read and write
|
||
|
A7A000
|
heap
|
page read and write
|
||
|
1BDF0000
|
heap
|
page read and write
|
||
|
111D000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
B04000
|
heap
|
page read and write
|
||
|
BD6000
|
stack
|
page read and write
|
||
|
12D59000
|
trusted library allocation
|
page read and write
|
||
|
133E3000
|
trusted library allocation
|
page read and write
|
||
|
12DBD000
|
trusted library allocation
|
page read and write
|
||
|
127CB000
|
trusted library allocation
|
page read and write
|
||
|
B38000
|
heap
|
page read and write
|
||
|
1AA1D000
|
stack
|
page read and write
|
||
|
2B70000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1236000
|
heap
|
page read and write
|
||
|
2B90000
|
trusted library allocation
|
page read and write
|
||
|
1B480000
|
heap
|
page read and write
|
||
|
F98000
|
heap
|
page read and write
|
||
|
7FF848E37000
|
trusted library allocation
|
page read and write
|
||
|
1181000
|
heap
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
12F6000
|
stack
|
page read and write
|
||
|
7FF8490D8000
|
trusted library allocation
|
page read and write
|
||
|
1BA0E000
|
stack
|
page read and write
|
||
|
12B31000
|
trusted library allocation
|
page read and write
|
||
|
13AE000
|
stack
|
page read and write
|
||
|
13F8B000
|
trusted library allocation
|
page read and write
|
||
|
1B8E0000
|
heap
|
page read and write
|
||
|
1CE05000
|
heap
|
page read and write
|
||
|
125A1000
|
trusted library allocation
|
page read and write
|
||
|
F88000
|
heap
|
page read and write
|
||
|
13F72000
|
trusted library allocation
|
page read and write
|
||
|
16E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B7DE000
|
stack
|
page read and write
|
||
|
2EBE000
|
stack
|
page read and write
|
||
|
C4F000
|
stack
|
page read and write
|
||
|
1C391000
|
heap
|
page read and write
|
||
|
7FF848E40000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
2F53000
|
trusted library allocation
|
page read and write
|
||
|
DED000
|
heap
|
page read and write
|
||
|
7FF848FE3000
|
trusted library allocation
|
page read and write
|
||
|
12FAB000
|
trusted library allocation
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
CC3000
|
heap
|
page read and write
|
||
|
1BB90000
|
heap
|
page execute and read and write
|
||
|
7FF848F06000
|
trusted library allocation
|
page execute and read and write
|
||
|
13EF1000
|
trusted library allocation
|
page read and write
|
||
|
1BD8E000
|
stack
|
page read and write
|
||
|
1C24D000
|
heap
|
page read and write
|
||
|
7FF848F3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
135BD000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
2602000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
12DC1000
|
trusted library allocation
|
page read and write
|
||
|
1B58E000
|
stack
|
page read and write
|
||
|
1BE46000
|
heap
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
E80000
|
trusted library allocation
|
page read and write
|
||
|
18A0000
|
heap
|
page read and write
|
||
|
FBA000
|
heap
|
page read and write
|
||
|
2CC9000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DE3000
|
trusted library allocation
|
page execute and read and write
|
||
|
12DF000
|
stack
|
page read and write
|
||
|
7FF848E3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AE5000
|
heap
|
page read and write
|
||
|
7FF848FAB000
|
trusted library allocation
|
page read and write
|
||
|
D4B000
|
heap
|
page read and write
|
||
|
134C0000
|
trusted library allocation
|
page read and write
|
||
|
1B70E000
|
stack
|
page read and write
|
||
|
7FF848E23000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA6000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
1709000
|
heap
|
page read and write
|
||
|
1BEFC000
|
heap
|
page read and write
|
||
|
1BB89000
|
heap
|
page read and write
|
||
|
7FF848E33000
|
trusted library allocation
|
page read and write
|
||
|
1C31D000
|
stack
|
page read and write
|
||
|
1BE5B000
|
heap
|
page read and write
|
||
|
1B9EE000
|
stack
|
page read and write
|
||
|
10F6000
|
stack
|
page read and write
|
||
|
133D3000
|
trusted library allocation
|
page read and write
|
||
|
1AFF0000
|
trusted library allocation
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F47000
|
trusted library allocation
|
page execute and read and write
|
||
|
135AD000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E33000
|
trusted library allocation
|
page read and write
|
||
|
1BB8E000
|
stack
|
page read and write
|
||
|
7FF848FC6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DE2000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E34000
|
trusted library allocation
|
page read and write
|
||
|
1B6AE000
|
stack
|
page read and write
|
||
|
1BAEE000
|
stack
|
page read and write
|
||
|
1C6FF000
|
stack
|
page read and write
|
||
|
7FF848ECC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FBC000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F8C000
|
trusted library allocation
|
page read and write
|
||
|
259F000
|
stack
|
page read and write
|
||
|
D00000
|
trusted library allocation
|
page read and write
|
||
|
7FF849142000
|
trusted library allocation
|
page read and write
|
||
|
1C36F000
|
heap
|
page read and write
|
||
|
1BE4E000
|
heap
|
page read and write
|
||
|
7FF848FB3000
|
trusted library allocation
|
page read and write
|
||
|
12A51000
|
trusted library allocation
|
page read and write
|
||
|
11F0000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
1C03E000
|
stack
|
page read and write
|
||
|
1C2A0000
|
heap
|
page read and write
|
||
|
2C24000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
2C96000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
1BA4F000
|
stack
|
page read and write
|
||
|
1AF02000
|
heap
|
page execute and read and write
|
||
|
7FF848F4F000
|
trusted library allocation
|
page execute and read and write
|
||
|
12731000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DE4000
|
trusted library allocation
|
page read and write
|
||
|
1C380000
|
heap
|
page read and write
|
||
|
7FF848E3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848EB6000
|
trusted library allocation
|
page read and write
|
||
|
111C000
|
heap
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
2F8F000
|
trusted library allocation
|
page read and write
|
||
|
12F1D000
|
trusted library allocation
|
page read and write
|
||
|
3127000
|
trusted library allocation
|
page read and write
|
||
|
62C000
|
heap
|
page read and write
|
||
|
7FF848E7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
FFB000
|
heap
|
page read and write
|
||
|
1069000
|
heap
|
page read and write
|
||
|
1722000
|
heap
|
page read and write
|
||
|
1B4D3000
|
stack
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
1BA37000
|
stack
|
page read and write
|
||
|
7FF848F1F000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
12AE000
|
stack
|
page read and write
|
||
|
7FF848E26000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
1B903000
|
stack
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC6000
|
trusted library allocation
|
page read and write
|
||
|
AEE000
|
unkown
|
page readonly
|
||
|
2F9B000
|
trusted library allocation
|
page read and write
|
||
|
1BF0A000
|
heap
|
page read and write
|
||
|
CF9000
|
heap
|
page read and write
|
||
|
1C69D000
|
stack
|
page read and write
|
||
|
2F86000
|
trusted library allocation
|
page read and write
|
||
|
1189000
|
heap
|
page read and write
|
||
|
FFB000
|
heap
|
page read and write
|
||
|
7FF848F2F000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E23000
|
trusted library allocation
|
page read and write
|
||
|
2D0E000
|
stack
|
page read and write
|
||
|
7FF848E9C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
1A750000
|
trusted library allocation
|
page read and write
|
||
|
1B60D000
|
stack
|
page read and write
|
||
|
7FF848FCE000
|
trusted library allocation
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FAC000
|
trusted library allocation
|
page read and write
|
||
|
1BB4A000
|
heap
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page read and write
|
||
|
1720000
|
heap
|
page read and write
|
||
|
7FF84900B000
|
trusted library allocation
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
823000
|
heap
|
page read and write
|
||
|
348E000
|
trusted library allocation
|
page read and write
|
||
|
2C20000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page execute and read and write
|
||
|
12F18000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E16000
|
trusted library allocation
|
page read and write
|
||
|
11EA000
|
heap
|
page read and write
|
||
|
C46000
|
heap
|
page read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
2CF4000
|
trusted library allocation
|
page read and write
|
||
|
1B4EE000
|
stack
|
page read and write
|
||
|
7FF848FD1000
|
trusted library allocation
|
page read and write
|
||
|
6F6000
|
stack
|
page read and write
|
||
|
F70000
|
heap
|
page execute and read and write
|
||
|
1B4AE000
|
stack
|
page read and write
|
||
|
7FF848E23000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F08000
|
trusted library allocation
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
1B73F000
|
stack
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
2BEC000
|
trusted library allocation
|
page read and write
|
||
|
2DC0000
|
trusted library section
|
page read and write
|
||
|
1348D000
|
trusted library allocation
|
page read and write
|
||
|
12D69000
|
trusted library allocation
|
page read and write
|
||
|
254F000
|
stack
|
page read and write
|
||
|
265F000
|
stack
|
page read and write
|
||
|
1BDFD000
|
stack
|
page read and write
|
||
|
6C7000
|
heap
|
page read and write
|
||
|
2530000
|
trusted library allocation
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
134D0000
|
trusted library allocation
|
page read and write
|
||
|
8FF000
|
stack
|
page read and write
|
||
|
1BE9E000
|
stack
|
page read and write
|
||
|
7FF848E4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C95E000
|
stack
|
page read and write
|
||
|
CAA000
|
heap
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page read and write
|
||
|
1C7FF000
|
stack
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
12BA1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F9E000
|
trusted library allocation
|
page read and write
|
||
|
1B2D0000
|
heap
|
page execute and read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F21000
|
trusted library allocation
|
page execute and read and write
|
||
|
12DB3000
|
trusted library allocation
|
page read and write
|
||
|
12BA3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E22000
|
trusted library allocation
|
page read and write
|
||
|
2CAC000
|
trusted library allocation
|
page read and write
|
||
|
3460000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD1000
|
trusted library allocation
|
page read and write
|
||
|
1800000
|
heap
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BB1F000
|
stack
|
page read and write
|
||
|
F20000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BD93000
|
stack
|
page read and write
|
||
|
7FF848F51000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BC94000
|
stack
|
page read and write
|
||
|
12BDB000
|
trusted library allocation
|
page read and write
|
||
|
1B9F4000
|
stack
|
page read and write
|
||
|
2DD0000
|
trusted library section
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
1C0F3000
|
stack
|
page read and write
|
||
|
7FF848FE1000
|
trusted library allocation
|
page read and write
|
||
|
C51000
|
heap
|
page read and write
|
||
|
12B3D000
|
trusted library allocation
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
1C2AD000
|
heap
|
page read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
A92000
|
heap
|
page read and write
|
||
|
131FA000
|
trusted library allocation
|
page read and write
|
||
|
CF1000
|
heap
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page read and write
|
||
|
3070000
|
heap
|
page execute and read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
11AF000
|
heap
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
1860000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F27000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E0C000
|
trusted library allocation
|
page read and write
|
||
|
1935000
|
heap
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
2E20000
|
trusted library section
|
page read and write
|
||
|
7FF848FCE000
|
trusted library allocation
|
page read and write
|
||
|
13AC000
|
heap
|
page read and write
|
||
|
1C2FE000
|
stack
|
page read and write
|
||
|
FC8000
|
heap
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
1AE80000
|
trusted library allocation
|
page read and write
|
||
|
EFE000
|
stack
|
page read and write
|
||
|
16EC000
|
heap
|
page read and write
|
||
|
1B8DF000
|
stack
|
page read and write
|
||
|
1930000
|
heap
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
7FF848F27000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B2AF000
|
stack
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
FA5000
|
heap
|
page read and write
|
||
|
1890000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0C000
|
trusted library allocation
|
page read and write
|
||
|
300E000
|
stack
|
page read and write
|
||
|
7FF848FBA000
|
trusted library allocation
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
345E000
|
trusted library allocation
|
page read and write
|
||
|
1B48E000
|
stack
|
page read and write
|
||
|
A5C000
|
heap
|
page read and write
|
||
|
10B6000
|
heap
|
page read and write
|
||
|
FB5000
|
heap
|
page read and write
|
||
|
1C11E000
|
stack
|
page read and write
|
||
|
12F11000
|
trusted library allocation
|
page read and write
|
||
|
1405000
|
heap
|
page read and write
|
||
|
1C0A0000
|
heap
|
page read and write
|
||
|
1BB10000
|
heap
|
page read and write
|
||
|
7FF848E40000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BC8E000
|
stack
|
page read and write
|
||
|
1CE5B000
|
stack
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
12728000
|
trusted library allocation
|
page read and write
|
||
|
2E60000
|
trusted library section
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
1BC9E000
|
stack
|
page read and write
|
||
|
FDD000
|
heap
|
page read and write
|
||
|
63C000
|
heap
|
page read and write
|
||
|
2FC4000
|
trusted library allocation
|
page read and write
|
||
|
7FF849016000
|
trusted library allocation
|
page read and write
|
||
|
1B780000
|
heap
|
page read and write
|
||
|
C79000
|
heap
|
page read and write
|
||
|
1BBFE000
|
stack
|
page read and write
|
||
|
7FF848F9E000
|
trusted library allocation
|
page read and write
|
||
|
1BED3000
|
stack
|
page read and write
|
||
|
7FF848E37000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page read and write
|
||
|
1C502000
|
heap
|
page execute and read and write
|
||
|
698000
|
heap
|
page read and write
|
||
|
7FF848F1A000
|
trusted library allocation
|
page execute and read and write
|
||
|
12BB1000
|
trusted library allocation
|
page read and write
|
||
|
1010000
|
trusted library allocation
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FE3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E04000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F47000
|
trusted library allocation
|
page execute and read and write
|
||
|
12E5B000
|
trusted library allocation
|
page read and write
|
||
|
13FDE000
|
trusted library allocation
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
1BC13000
|
stack
|
page read and write
|
||
|
C9B000
|
heap
|
page read and write
|
||
|
2440000
|
heap
|
page execute and read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
2B78000
|
trusted library allocation
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
1BE6D000
|
heap
|
page read and write
|
||
|
7FF848EA6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F27000
|
trusted library allocation
|
page execute and read and write
|
||
|
12F21000
|
trusted library allocation
|
page read and write
|
||
|
DC3000
|
heap
|
page read and write
|
||
|
7FF848EC6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E3C000
|
trusted library allocation
|
page read and write
|
||
|
1C37E000
|
heap
|
page read and write
|
||
|
7FF848F1A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FDB000
|
trusted library allocation
|
page read and write
|
||
|
970000
|
heap
|
page execute and read and write
|
||
|
13FCE000
|
trusted library allocation
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
3155000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
1BE25000
|
heap
|
page read and write
|
||
|
2A20000
|
heap
|
page execute and read and write
|
||
|
2B76000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FD6000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
7FF848F9C000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF2000
|
trusted library allocation
|
page read and write
|
||
|
1BF9E000
|
stack
|
page read and write
|
||
|
1BCFE000
|
stack
|
page read and write
|
||
|
2DAE000
|
stack
|
page read and write
|
||
|
1C219000
|
heap
|
page read and write
|
||
|
174D000
|
heap
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
12A61000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FCC000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F51000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E2B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FBA000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
1B98E000
|
stack
|
page read and write
|
||
|
7FF848FF1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
1BB4E000
|
stack
|
page read and write
|
||
|
1AFD0000
|
heap
|
page execute and read and write
|
||
|
12BAD000
|
trusted library allocation
|
page read and write
|
||
|
1BE9F000
|
heap
|
page read and write
|
||
|
1C39F000
|
heap
|
page read and write
|
||
|
1C297000
|
heap
|
page read and write
|
||
|
1B8FF000
|
stack
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
F0F000
|
stack
|
page read and write
|
||
|
1CBFE000
|
stack
|
page read and write
|
||
|
9A0000
|
heap
|
page execute and read and write
|
||
|
CB5000
|
heap
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
2655000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F3F000
|
trusted library allocation
|
page execute and read and write
|
||
|
1090000
|
heap
|
page execute and read and write
|
||
|
7FF848E2C000
|
trusted library allocation
|
page read and write
|
||
|
1C5FF000
|
stack
|
page read and write
|
||
|
12D3D000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
2F75000
|
trusted library allocation
|
page read and write
|
||
|
11A9000
|
heap
|
page read and write
|
||
|
7FF848EAC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
C13000
|
heap
|
page read and write
|
||
|
ABF000
|
heap
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
2F2A000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E27000
|
trusted library allocation
|
page read and write
|
||
|
1302000
|
heap
|
page read and write
|
||
|
7FF848FCE000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E3C000
|
trusted library allocation
|
page read and write
|
||
|
140A000
|
heap
|
page read and write
|
||
|
1C263000
|
heap
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page execute and read and write
|
||
|
1295000
|
heap
|
page read and write
|
||
|
7FF848E2C000
|
trusted library allocation
|
page read and write
|
||
|
1B42E000
|
stack
|
page read and write
|
||
|
1BFFE000
|
stack
|
page read and write
|
||
|
2930000
|
heap
|
page execute and read and write
|
||
|
7FF849001000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
B56000
|
stack
|
page read and write
|
||
|
2B2E000
|
stack
|
page read and write
|
||
|
2550000
|
trusted library allocation
|
page read and write
|
||
|
2D10000
|
heap
|
page execute and read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
12AF0000
|
trusted library allocation
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848EDC000
|
trusted library allocation
|
page execute and read and write
|
||
|
125B1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD1000
|
trusted library allocation
|
page read and write
|
||
|
13CE000
|
heap
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BDF0000
|
heap
|
page execute and read and write
|
||
|
7FF849085000
|
trusted library allocation
|
page read and write
|
||
|
30A5000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E07000
|
trusted library allocation
|
page read and write
|
||
|
1202000
|
heap
|
page read and write
|
||
|
788000
|
heap
|
page read and write
|
||
|
D18000
|
heap
|
page read and write
|
||
|
1B8CE000
|
stack
|
page read and write
|
||
|
1C355000
|
heap
|
page read and write
|
||
|
7FF848FD6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
11C1000
|
heap
|
page read and write
|
||
|
12F01000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E4B000
|
trusted library allocation
|
page execute and read and write
|
||
|
12E61000
|
trusted library allocation
|
page read and write
|
||
|
1BEB6000
|
heap
|
page read and write
|
||
|
1B81E000
|
stack
|
page read and write
|
||
|
1BB32000
|
heap
|
page read and write
|
||
|
7FF848EB6000
|
trusted library allocation
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
12F0D000
|
trusted library allocation
|
page read and write
|
||
|
1ACAE000
|
stack
|
page read and write
|
||
|
30FF000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
trusted library allocation
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
1B500000
|
heap
|
page read and write
|
||
|
12F11000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
84F000
|
heap
|
page read and write
|
||
|
7BD000
|
heap
|
page read and write
|
||
|
ABA000
|
heap
|
page read and write
|
||
|
7FF848F51000
|
trusted library allocation
|
page execute and read and write
|
||
|
12553000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD3000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
7A5000
|
heap
|
page read and write
|
||
|
133E000
|
stack
|
page read and write
|
||
|
12E5D000
|
trusted library allocation
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
1308D000
|
trusted library allocation
|
page read and write
|
||
|
2B4F000
|
trusted library allocation
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB3000
|
trusted library allocation
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
1405000
|
heap
|
page read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
14028000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E37000
|
trusted library allocation
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
There are 1329 hidden memdumps, click here to show them.