Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
BARSYL SHIPPING Co (VIETNAM).exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\tmp6A32.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\wpvgIECypA.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\BARSYL SHIPPING Co (VIETNAM).exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\BjTxJte.exe.log
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\wpvgIECypA.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1lykr5jp.onp.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2i4f3rds.i2s.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_k31l1yc4.hrw.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_p0ydeaxw.n30.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qizqhwak.g1u.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_r0qnup5a.fgz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_u223gsju.1gh.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wfzj2df3.4zi.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp80E7.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\BjTxJte\BjTxJte.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
modified
|
||
|
C:\Users\user\AppData\Roaming\wpvgIECypA.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 9 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\BARSYL SHIPPING Co (VIETNAM).exe
|
"C:\Users\user\Desktop\BARSYL SHIPPING Co (VIETNAM).exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\BARSYL
SHIPPING Co (VIETNAM).exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\wpvgIECypA.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\wpvgIECypA" /XML "C:\Users\user\AppData\Local\Temp\tmp6A32.tmp"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\wpvgIECypA.exe
|
C:\Users\user\AppData\Roaming\wpvgIECypA.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\wpvgIECypA" /XML "C:\Users\user\AppData\Local\Temp\tmp80E7.tmp"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\BjTxJte\BjTxJte.exe
|
"C:\Users\user\AppData\Roaming\BjTxJte\BjTxJte.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\BjTxJte\BjTxJte.exe
|
"C:\Users\user\AppData\Roaming\BjTxJte\BjTxJte.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 7 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
172.67.74.152
|
||
|
http://r3.o.lencr.org0
|
unknown
|
||
|
https://api.ipify.org
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
http://r3.i.lencr.org/0W
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://x1.c.lencr.org/0
|
unknown
|
||
|
http://x1.i.lencr.org/0
|
unknown
|
||
|
http://mail.starmech.net
|
unknown
|
||
|
http://tempuri.org/DataSet1.xsd
|
unknown
|
There are 1 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.starmech.net
|
207.174.215.249
|
|
|
|
api.ipify.org
|
172.67.74.152
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
207.174.215.249
|
mail.starmech.net
|
United States
|
|
|
|
172.67.74.152
|
api.ipify.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
BjTxJte
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run
|
BjTxJte
|
There are 7 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2B6B000
|
trusted library allocation
|
page read and write
|
|
|
|
4F89000
|
trusted library allocation
|
page read and write
|
|
|
|
2FB1000
|
trusted library allocation
|
page read and write
|
|
|
|
2FDC000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2FE4000
|
trusted library allocation
|
page read and write
|
|
|
|
4AC9000
|
trusted library allocation
|
page read and write
|
|
|
|
3C31000
|
trusted library allocation
|
page read and write
|
||
|
2770000
|
trusted library allocation
|
page read and write
|
||
|
134B000
|
trusted library allocation
|
page execute and read and write
|
||
|
56BE000
|
stack
|
page read and write
|
||
|
FA2000
|
heap
|
page read and write
|
||
|
4F86000
|
trusted library allocation
|
page read and write
|
||
|
57E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
30C6000
|
trusted library allocation
|
page read and write
|
||
|
BD6000
|
stack
|
page read and write
|
||
|
1201C000
|
stack
|
page read and write
|
||
|
569E000
|
stack
|
page read and write
|
||
|
FF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1170000
|
trusted library allocation
|
page read and write
|
||
|
2D5F000
|
stack
|
page read and write
|
||
|
2B9D000
|
trusted library allocation
|
page read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
2BDA000
|
trusted library allocation
|
page read and write
|
||
|
541C000
|
stack
|
page read and write
|
||
|
F6E000
|
heap
|
page read and write
|
||
|
111E000
|
stack
|
page read and write
|
||
|
14B7000
|
heap
|
page read and write
|
||
|
563E000
|
stack
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page read and write
|
||
|
A5A000
|
stack
|
page read and write
|
||
|
DE7E000
|
stack
|
page read and write
|
||
|
7BF000
|
unkown
|
page read and write
|
||
|
309B000
|
stack
|
page read and write
|
||
|
1056000
|
heap
|
page read and write
|
||
|
E9FC000
|
stack
|
page read and write
|
||
|
5080000
|
heap
|
page read and write
|
||
|
4F81000
|
trusted library allocation
|
page read and write
|
||
|
E2A000
|
unkown
|
page readonly
|
||
|
3EB1000
|
trusted library allocation
|
page read and write
|
||
|
1247000
|
heap
|
page read and write
|
||
|
5A3D000
|
trusted library allocation
|
page read and write
|
||
|
2D5A000
|
trusted library allocation
|
page read and write
|
||
|
94A2000
|
heap
|
page read and write
|
||
|
2C8E000
|
stack
|
page read and write
|
||
|
1468000
|
heap
|
page read and write
|
||
|
623E000
|
stack
|
page read and write
|
||
|
94EA000
|
heap
|
page read and write
|
||
|
2AE4000
|
heap
|
page read and write
|
||
|
7F4B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5DC7000
|
heap
|
page read and write
|
||
|
7A7E000
|
stack
|
page read and write
|
||
|
6A7E000
|
stack
|
page read and write
|
||
|
5240000
|
trusted library allocation
|
page read and write
|
||
|
56FE000
|
stack
|
page read and write
|
||
|
13E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
34D2000
|
trusted library allocation
|
page read and write
|
||
|
4673000
|
trusted library allocation
|
page read and write
|
||
|
2970000
|
trusted library allocation
|
page execute and read and write
|
||
|
64DB000
|
trusted library allocation
|
page read and write
|
||
|
95B8000
|
heap
|
page read and write
|
||
|
3C91000
|
trusted library allocation
|
page read and write
|
||
|
5490000
|
heap
|
page execute and read and write
|
||
|
B5E000
|
stack
|
page read and write
|
||
|
2BCE000
|
trusted library allocation
|
page read and write
|
||
|
DE3E000
|
stack
|
page read and write
|
||
|
93E9000
|
heap
|
page read and write
|
||
|
11C5C000
|
stack
|
page read and write
|
||
|
13CF000
|
stack
|
page read and write
|
||
|
636D000
|
trusted library allocation
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
103A0000
|
heap
|
page read and write
|
||
|
CB7000
|
heap
|
page read and write
|
||
|
F5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
D80000
|
unkown
|
page readonly
|
||
|
104A000
|
heap
|
page read and write
|
||
|
1007000
|
trusted library allocation
|
page execute and read and write
|
||
|
5070000
|
heap
|
page read and write
|
||
|
6100000
|
heap
|
page read and write
|
||
|
13E0000
|
trusted library allocation
|
page read and write
|
||
|
85BF000
|
stack
|
page read and write
|
||
|
6D1C000
|
stack
|
page read and write
|
||
|
2F61000
|
trusted library allocation
|
page read and write
|
||
|
1029000
|
heap
|
page read and write
|
||
|
551C000
|
unkown
|
page read and write
|
||
|
6360000
|
trusted library allocation
|
page read and write
|
||
|
EA9E000
|
stack
|
page read and write
|
||
|
F44000
|
trusted library allocation
|
page read and write
|
||
|
5226000
|
trusted library allocation
|
page read and write
|
||
|
EA5000
|
heap
|
page read and write
|
||
|
5206000
|
trusted library allocation
|
page read and write
|
||
|
5E0D000
|
heap
|
page read and write
|
||
|
1880000
|
trusted library allocation
|
page read and write
|
||
|
FFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
CD3000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BF0000
|
heap
|
page read and write
|
||
|
E85E000
|
stack
|
page read and write
|
||
|
D16000
|
heap
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
30C1000
|
trusted library allocation
|
page read and write
|
||
|
F99C000
|
stack
|
page read and write
|
||
|
E03E000
|
stack
|
page read and write
|
||
|
F24B000
|
stack
|
page read and write
|
||
|
1385000
|
heap
|
page read and write
|
||
|
13CE000
|
stack
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
4E7C000
|
stack
|
page read and write
|
||
|
64BB000
|
stack
|
page read and write
|
||
|
5D00000
|
heap
|
page read and write
|
||
|
58DD000
|
stack
|
page read and write
|
||
|
116E000
|
stack
|
page read and write
|
||
|
5A70000
|
heap
|
page read and write
|
||
|
64D0000
|
trusted library allocation
|
page read and write
|
||
|
87C000
|
stack
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
2D6B000
|
trusted library allocation
|
page read and write
|
||
|
58C0000
|
trusted library allocation
|
page read and write
|
||
|
533B000
|
stack
|
page read and write
|
||
|
10F5000
|
heap
|
page read and write
|
||
|
2B5B000
|
trusted library allocation
|
page read and write
|
||
|
E8FB000
|
stack
|
page read and write
|
||
|
11B1C000
|
stack
|
page read and write
|
||
|
486D000
|
trusted library allocation
|
page read and write
|
||
|
5CD0000
|
trusted library allocation
|
page read and write
|
||
|
5600000
|
heap
|
page read and write
|
||
|
1470000
|
trusted library allocation
|
page read and write
|
||
|
A3DC000
|
stack
|
page read and write
|
||
|
CE4000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
DB6000
|
trusted library allocation
|
page execute and read and write
|
||
|
16A0000
|
heap
|
page read and write
|
||
|
6760000
|
trusted library allocation
|
page execute and read and write
|
||
|
863E000
|
stack
|
page read and write
|
||
|
69FE000
|
stack
|
page read and write
|
||
|
2D7E000
|
trusted library allocation
|
page read and write
|
||
|
4F60000
|
trusted library allocation
|
page read and write
|
||
|
3D51000
|
trusted library allocation
|
page read and write
|
||
|
4FA0000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
trusted library allocation
|
page read and write
|
||
|
3E91000
|
trusted library allocation
|
page read and write
|
||
|
4A97000
|
trusted library allocation
|
page read and write
|
||
|
55EC000
|
stack
|
page read and write
|
||
|
64C0000
|
trusted library allocation
|
page read and write
|
||
|
FED000
|
trusted library allocation
|
page execute and read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
6DE0000
|
trusted library allocation
|
page read and write
|
||
|
B59000
|
stack
|
page read and write
|
||
|
1143000
|
trusted library allocation
|
page execute and read and write
|
||
|
36FB000
|
trusted library allocation
|
page read and write
|
||
|
DC5000
|
trusted library allocation
|
page execute and read and write
|
||
|
635F000
|
trusted library allocation
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
2FA5000
|
trusted library allocation
|
page read and write
|
||
|
475E000
|
trusted library allocation
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
D07000
|
trusted library allocation
|
page execute and read and write
|
||
|
56E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
559C000
|
stack
|
page read and write
|
||
|
10DF000
|
heap
|
page read and write
|
||
|
1640000
|
trusted library allocation
|
page execute and read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
667B000
|
stack
|
page read and write
|
||
|
5AAB000
|
heap
|
page read and write
|
||
|
5280000
|
trusted library allocation
|
page read and write
|
||
|
17DE000
|
stack
|
page read and write
|
||
|
4F72000
|
trusted library allocation
|
page read and write
|
||
|
8970000
|
trusted library allocation
|
page read and write
|
||
|
3012000
|
trusted library allocation
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
3DB1000
|
trusted library allocation
|
page read and write
|
||
|
3CD1000
|
trusted library allocation
|
page read and write
|
||
|
77DC000
|
heap
|
page read and write
|
||
|
E95F000
|
stack
|
page read and write
|
||
|
9420000
|
heap
|
page read and write
|
||
|
6E80000
|
heap
|
page read and write
|
||
|
88DC000
|
stack
|
page read and write
|
||
|
86E9000
|
heap
|
page read and write
|
||
|
A29C000
|
stack
|
page read and write
|
||
|
2FAD000
|
trusted library allocation
|
page read and write
|
||
|
1154000
|
trusted library allocation
|
page read and write
|
||
|
D6E000
|
stack
|
page read and write
|
||
|
66BC000
|
stack
|
page read and write
|
||
|
5D8E000
|
heap
|
page read and write
|
||
|
1330000
|
trusted library allocation
|
page read and write
|
||
|
4F42000
|
trusted library allocation
|
page read and write
|
||
|
4E9E000
|
stack
|
page read and write
|
||
|
63BD000
|
stack
|
page read and write
|
||
|
5AA1000
|
heap
|
page read and write
|
||
|
3E71000
|
trusted library allocation
|
page read and write
|
||
|
E620000
|
trusted library allocation
|
page read and write
|
||
|
D89000
|
stack
|
page read and write
|
||
|
1417000
|
trusted library allocation
|
page execute and read and write
|
||
|
633E000
|
stack
|
page read and write
|
||
|
2B10000
|
heap
|
page execute and read and write
|
||
|
5640000
|
heap
|
page read and write
|
||
|
E8E000
|
stack
|
page read and write
|
||
|
30D0000
|
trusted library allocation
|
page read and write
|
||
|
E75E000
|
stack
|
page read and write
|
||
|
3536000
|
trusted library allocation
|
page read and write
|
||
|
F4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
D93000
|
trusted library allocation
|
page execute and read and write
|
||
|
85F0000
|
trusted library allocation
|
page read and write
|
||
|
2B96000
|
trusted library allocation
|
page read and write
|
||
|
2F9F000
|
trusted library allocation
|
page read and write
|
||
|
65BE000
|
stack
|
page read and write
|
||
|
1120000
|
trusted library allocation
|
page read and write
|
||
|
E3E000
|
stack
|
page read and write
|
||
|
CC0000
|
trusted library allocation
|
page read and write
|
||
|
FF2000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
66E000
|
unkown
|
page read and write
|
||
|
E6AE000
|
stack
|
page read and write
|
||
|
3074000
|
trusted library allocation
|
page read and write
|
||
|
70CC000
|
heap
|
page read and write
|
||
|
6365000
|
trusted library allocation
|
page read and write
|
||
|
6770000
|
trusted library allocation
|
page execute and read and write
|
||
|
13D8000
|
trusted library allocation
|
page read and write
|
||
|
75D000
|
stack
|
page read and write
|
||
|
1650000
|
heap
|
page execute and read and write
|
||
|
7C80000
|
trusted library allocation
|
page read and write
|
||
|
555C000
|
unkown
|
page read and write
|
||
|
1494000
|
trusted library allocation
|
page read and write
|
||
|
F34C000
|
stack
|
page read and write
|
||
|
58BD000
|
trusted library allocation
|
page read and write
|
||
|
1093000
|
heap
|
page read and write
|
||
|
3E81000
|
trusted library allocation
|
page read and write
|
||
|
F40000
|
trusted library allocation
|
page read and write
|
||
|
64BE000
|
stack
|
page read and write
|
||
|
2D20000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A9D000
|
stack
|
page read and write
|
||
|
1190000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
AD5000
|
heap
|
page read and write
|
||
|
53F0000
|
trusted library section
|
page readonly
|
||
|
28FE000
|
stack
|
page read and write
|
||
|
11AC000
|
stack
|
page read and write
|
||
|
94F7000
|
heap
|
page read and write
|
||
|
579F000
|
stack
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
5350000
|
heap
|
page read and write
|
||
|
7930000
|
trusted library allocation
|
page read and write
|
||
|
323B000
|
trusted library allocation
|
page read and write
|
||
|
5DFE000
|
heap
|
page read and write
|
||
|
6D5C000
|
stack
|
page read and write
|
||
|
71E0000
|
heap
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
61F0000
|
heap
|
page read and write
|
||
|
2E17000
|
trusted library allocation
|
page read and write
|
||
|
1234000
|
heap
|
page read and write
|
||
|
117B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5320000
|
heap
|
page read and write
|
||
|
2E15000
|
trusted library allocation
|
page read and write
|
||
|
520D000
|
trusted library allocation
|
page read and write
|
||
|
E5C000
|
stack
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
85FF000
|
trusted library allocation
|
page read and write
|
||
|
2A8E000
|
stack
|
page read and write
|
||
|
707F000
|
stack
|
page read and write
|
||
|
AD9000
|
stack
|
page read and write
|
||
|
AD80000
|
trusted library allocation
|
page read and write
|
||
|
66FC000
|
stack
|
page read and write
|
||
|
14A0000
|
trusted library allocation
|
page read and write
|
||
|
3F61000
|
trusted library allocation
|
page read and write
|
||
|
608E000
|
stack
|
page read and write
|
||
|
3C51000
|
trusted library allocation
|
page read and write
|
||
|
63C6000
|
trusted library allocation
|
page read and write
|
||
|
580B000
|
stack
|
page read and write
|
||
|
79DC000
|
stack
|
page read and write
|
||
|
78DC000
|
stack
|
page read and write
|
||
|
EBE0000
|
heap
|
page read and write
|
||
|
540F000
|
stack
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
52DE000
|
stack
|
page read and write
|
||
|
957B000
|
heap
|
page read and write
|
||
|
18B7000
|
heap
|
page read and write
|
||
|
4AE5000
|
trusted library allocation
|
page read and write
|
||
|
2780000
|
heap
|
page read and write
|
||
|
6370000
|
trusted library allocation
|
page read and write
|
||
|
3D88000
|
trusted library allocation
|
page read and write
|
||
|
5A1E000
|
stack
|
page read and write
|
||
|
51E4000
|
trusted library allocation
|
page read and write
|
||
|
6747000
|
trusted library allocation
|
page read and write
|
||
|
3538000
|
trusted library allocation
|
page read and write
|
||
|
5400000
|
heap
|
page read and write
|
||
|
6850000
|
trusted library allocation
|
page read and write
|
||
|
89A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
122F000
|
stack
|
page read and write
|
||
|
2FD8000
|
trusted library allocation
|
page read and write
|
||
|
3F89000
|
trusted library allocation
|
page read and write
|
||
|
18A5000
|
trusted library allocation
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
5710000
|
heap
|
page read and write
|
||
|
647F000
|
stack
|
page read and write
|
||
|
2C2F000
|
stack
|
page read and write
|
||
|
F89C000
|
stack
|
page read and write
|
||
|
2D81000
|
trusted library allocation
|
page read and write
|
||
|
5C2E000
|
stack
|
page read and write
|
||
|
1342000
|
trusted library allocation
|
page read and write
|
||
|
F2C000
|
unkown
|
page read and write
|
||
|
1476000
|
heap
|
page read and write
|
||
|
5860000
|
trusted library allocation
|
page read and write
|
||
|
6183000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
30BE000
|
trusted library allocation
|
page read and write
|
||
|
EE1F000
|
stack
|
page read and write
|
||
|
57D0000
|
heap
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
673C000
|
stack
|
page read and write
|
||
|
140F000
|
stack
|
page read and write
|
||
|
51C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
70EE000
|
heap
|
page read and write
|
||
|
4C1E000
|
trusted library allocation
|
page read and write
|
||
|
1402000
|
trusted library allocation
|
page read and write
|
||
|
15CE000
|
stack
|
page read and write
|
||
|
94D1000
|
heap
|
page read and write
|
||
|
3010000
|
trusted library allocation
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
17E0000
|
trusted library section
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
6DD7000
|
heap
|
page read and write
|
||
|
52D0000
|
heap
|
page read and write
|
||
|
D94000
|
trusted library allocation
|
page read and write
|
||
|
559C000
|
stack
|
page read and write
|
||
|
13E4000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
1144000
|
trusted library allocation
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
CE0000
|
trusted library allocation
|
page read and write
|
||
|
3BB1000
|
trusted library allocation
|
page read and write
|
||
|
E8F000
|
stack
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
6BE0000
|
trusted library allocation
|
page read and write
|
||
|
EBF0000
|
heap
|
page read and write
|
||
|
56D0000
|
trusted library allocation
|
page read and write
|
||
|
7E2F000
|
stack
|
page read and write
|
||
|
115D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E90000
|
heap
|
page read and write
|
||
|
95BE000
|
heap
|
page read and write
|
||
|
F95000
|
heap
|
page read and write
|
||
|
A4DC000
|
stack
|
page read and write
|
||
|
E27000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
30A0000
|
trusted library allocation
|
page read and write
|
||
|
1460000
|
trusted library allocation
|
page read and write
|
||
|
77C0000
|
trusted library allocation
|
page read and write
|
||
|
A39D000
|
stack
|
page read and write
|
||
|
7823000
|
heap
|
page read and write
|
||
|
6840000
|
trusted library allocation
|
page read and write
|
||
|
1347000
|
trusted library allocation
|
page execute and read and write
|
||
|
3CF1000
|
trusted library allocation
|
page read and write
|
||
|
BEA000
|
heap
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
1490000
|
trusted library allocation
|
page read and write
|
||
|
10DB000
|
stack
|
page read and write
|
||
|
505E000
|
stack
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
53D5000
|
heap
|
page read and write
|
||
|
3D81000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
EFAE000
|
stack
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
1340000
|
trusted library allocation
|
page read and write
|
||
|
C95000
|
heap
|
page read and write
|
||
|
CDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
9588000
|
heap
|
page read and write
|
||
|
F30000
|
trusted library allocation
|
page read and write
|
||
|
3D31000
|
trusted library allocation
|
page read and write
|
||
|
3FD2000
|
trusted library allocation
|
page read and write
|
||
|
1130000
|
trusted library allocation
|
page read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
D9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
63D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
D0B000
|
trusted library allocation
|
page execute and read and write
|
||
|
D70000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E31000
|
trusted library allocation
|
page read and write
|
||
|
5DDF000
|
heap
|
page read and write
|
||
|
86E0000
|
heap
|
page read and write
|
||
|
3120000
|
trusted library allocation
|
page read and write
|
||
|
4248000
|
trusted library allocation
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
28CE000
|
stack
|
page read and write
|
||
|
57FF000
|
stack
|
page read and write
|
||
|
6350000
|
trusted library allocation
|
page read and write
|
||
|
2B2C000
|
trusted library allocation
|
page read and write
|
||
|
2F96000
|
trusted library allocation
|
page read and write
|
||
|
123B000
|
heap
|
page read and write
|
||
|
78D0000
|
trusted library section
|
page read and write
|
||
|
107C000
|
stack
|
page read and write
|
||
|
2BEE000
|
stack
|
page read and write
|
||
|
5060000
|
heap
|
page execute and read and write
|
||
|
1481000
|
heap
|
page read and write
|
||
|
78F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D8D000
|
trusted library allocation
|
page read and write
|
||
|
F87000
|
heap
|
page read and write
|
||
|
5AA7000
|
heap
|
page read and write
|
||
|
DE0000
|
trusted library allocation
|
page read and write
|
||
|
6780000
|
heap
|
page read and write
|
||
|
4F6B000
|
trusted library allocation
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
511E000
|
stack
|
page read and write
|
||
|
E68000
|
heap
|
page read and write
|
||
|
2B21000
|
trusted library allocation
|
page read and write
|
||
|
5250000
|
trusted library allocation
|
page read and write
|
||
|
66FE000
|
stack
|
page read and write
|
||
|
DC7000
|
trusted library allocation
|
page execute and read and write
|
||
|
6DD0000
|
heap
|
page read and write
|
||
|
4C1D000
|
stack
|
page read and write
|
||
|
2B67000
|
trusted library allocation
|
page read and write
|
||
|
5344000
|
heap
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
CED000
|
trusted library allocation
|
page execute and read and write
|
||
|
47E5000
|
trusted library allocation
|
page read and write
|
||
|
3901000
|
trusted library allocation
|
page read and write
|
||
|
4B33000
|
trusted library allocation
|
page read and write
|
||
|
EB7E000
|
stack
|
page read and write
|
||
|
F53000
|
trusted library allocation
|
page read and write
|
||
|
16D0000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
A4E000
|
unkown
|
page read and write
|
||
|
BCD000
|
heap
|
page read and write
|
||
|
61CE000
|
stack
|
page read and write
|
||
|
553B000
|
stack
|
page read and write
|
||
|
11D5C000
|
stack
|
page read and write
|
||
|
51FE000
|
trusted library allocation
|
page read and write
|
||
|
557F000
|
stack
|
page read and write
|
||
|
4F6E000
|
trusted library allocation
|
page read and write
|
||
|
2B5F000
|
trusted library allocation
|
page read and write
|
||
|
5220000
|
trusted library allocation
|
page read and write
|
||
|
93FC000
|
heap
|
page read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
DB2000
|
trusted library allocation
|
page read and write
|
||
|
2DCB000
|
heap
|
page read and write
|
||
|
6377000
|
trusted library allocation
|
page read and write
|
||
|
1860000
|
trusted library allocation
|
page read and write
|
||
|
2EAD000
|
stack
|
page read and write
|
||
|
51E0000
|
trusted library allocation
|
page read and write
|
||
|
144A000
|
heap
|
page read and write
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
2FB5000
|
trusted library allocation
|
page read and write
|
||
|
43E000
|
remote allocation
|
page execute and read and write
|
||
|
27F0000
|
heap
|
page execute and read and write
|
||
|
30CB000
|
trusted library allocation
|
page read and write
|
||
|
1177000
|
trusted library allocation
|
page execute and read and write
|
||
|
30F0000
|
trusted library allocation
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
13FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
F48F000
|
stack
|
page read and write
|
||
|
3E11000
|
trusted library allocation
|
page read and write
|
||
|
5A47000
|
trusted library allocation
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
73E2000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
EB3F000
|
stack
|
page read and write
|
||
|
63C0000
|
trusted library allocation
|
page read and write
|
||
|
E61E000
|
stack
|
page read and write
|
||
|
3BA000
|
stack
|
page read and write
|
||
|
547E000
|
stack
|
page read and write
|
||
|
122E000
|
heap
|
page read and write
|
||
|
107DE000
|
stack
|
page read and write
|
||
|
1218000
|
heap
|
page read and write
|
||
|
F8F000
|
stack
|
page read and write
|
||
|
5A80000
|
heap
|
page read and write
|
||
|
93E0000
|
heap
|
page read and write
|
||
|
BCA000
|
unkown
|
page readonly
|
||
|
5340000
|
heap
|
page read and write
|
||
|
E27E000
|
stack
|
page read and write
|
||
|
94E7000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
13F3000
|
trusted library allocation
|
page read and write
|
||
|
7910000
|
trusted library section
|
page read and write
|
||
|
6358000
|
trusted library allocation
|
page read and write
|
||
|
86DC000
|
stack
|
page read and write
|
||
|
30C9000
|
trusted library allocation
|
page read and write
|
||
|
5DE4000
|
heap
|
page read and write
|
||
|
4A82000
|
trusted library allocation
|
page read and write
|
||
|
2E37000
|
trusted library allocation
|
page read and write
|
||
|
2B63000
|
trusted library allocation
|
page read and write
|
||
|
7FDC000
|
stack
|
page read and write
|
||
|
2BD6000
|
trusted library allocation
|
page read and write
|
||
|
13AE000
|
stack
|
page read and write
|
||
|
2FEF000
|
trusted library allocation
|
page read and write
|
||
|
2ACC000
|
stack
|
page read and write
|
||
|
C8A000
|
stack
|
page read and write
|
||
|
EA3D000
|
stack
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
7E30000
|
trusted library section
|
page read and write
|
||
|
E71C000
|
stack
|
page read and write
|
||
|
5650000
|
heap
|
page read and write
|
||
|
3D71000
|
trusted library allocation
|
page read and write
|
||
|
2AD0000
|
trusted library allocation
|
page read and write
|
||
|
169E000
|
stack
|
page read and write
|
||
|
8930000
|
trusted library allocation
|
page read and write
|
||
|
2EFC000
|
stack
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
6DDB000
|
heap
|
page read and write
|
||
|
1412000
|
trusted library allocation
|
page read and write
|
||
|
2D86000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
heap
|
page execute and read and write
|
||
|
15D0000
|
heap
|
page read and write
|
||
|
2DBA000
|
trusted library allocation
|
page read and write
|
||
|
56C0000
|
heap
|
page read and write
|
||
|
521F000
|
stack
|
page read and write
|
||
|
BC2000
|
unkown
|
page readonly
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
683E000
|
stack
|
page read and write
|
||
|
2B04000
|
trusted library allocation
|
page read and write
|
||
|
DCB000
|
trusted library allocation
|
page execute and read and write
|
||
|
95AC000
|
heap
|
page read and write
|
||
|
3BF1000
|
trusted library allocation
|
page read and write
|
||
|
6BD0000
|
heap
|
page read and write
|
||
|
5A28000
|
trusted library allocation
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
5313000
|
heap
|
page read and write
|
||
|
BB8000
|
heap
|
page read and write
|
||
|
1332000
|
trusted library allocation
|
page read and write
|
||
|
3B90000
|
trusted library allocation
|
page read and write
|
||
|
EB9000
|
stack
|
page read and write
|
||
|
5840000
|
trusted library allocation
|
page execute and read and write
|
||
|
693C000
|
stack
|
page read and write
|
||
|
7920000
|
trusted library section
|
page read and write
|
||
|
100B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C11000
|
trusted library allocation
|
page read and write
|
||
|
2D6E000
|
trusted library allocation
|
page read and write
|
||
|
5DA4000
|
heap
|
page read and write
|
||
|
E17E000
|
stack
|
page read and write
|
||
|
108DF000
|
stack
|
page read and write
|
||
|
7F110000
|
trusted library allocation
|
page execute and read and write
|
||
|
3BD1000
|
trusted library allocation
|
page read and write
|
||
|
5820000
|
heap
|
page read and write
|
||
|
5870000
|
heap
|
page read and write
|
||
|
4F8D000
|
trusted library allocation
|
page read and write
|
||
|
CD4000
|
trusted library allocation
|
page read and write
|
||
|
114D000
|
trusted library allocation
|
page execute and read and write
|
||
|
11E9C000
|
stack
|
page read and write
|
||
|
2F3E000
|
trusted library allocation
|
page read and write
|
||
|
2790000
|
trusted library allocation
|
page read and write
|
||
|
14CC000
|
heap
|
page read and write
|
||
|
10B2000
|
heap
|
page read and write
|
||
|
56F0000
|
trusted library allocation
|
page read and write
|
||
|
B5B0000
|
trusted library allocation
|
page read and write
|
||
|
1028000
|
heap
|
page read and write
|
||
|
4FFC000
|
stack
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
E9E000
|
stack
|
page read and write
|
||
|
5430000
|
heap
|
page execute and read and write
|
||
|
93EE000
|
heap
|
page read and write
|
||
|
52C0000
|
heap
|
page execute and read and write
|
||
|
5212000
|
trusted library allocation
|
page read and write
|
||
|
6C00000
|
heap
|
page read and write
|
||
|
979000
|
stack
|
page read and write
|
||
|
3DF1000
|
trusted library allocation
|
page read and write
|
||
|
1480000
|
trusted library allocation
|
page read and write
|
||
|
94D7000
|
heap
|
page read and write
|
||
|
E91000
|
heap
|
page read and write
|
||
|
51D0000
|
trusted library allocation
|
page read and write
|
||
|
E1A000
|
heap
|
page read and write
|
||
|
B1E7000
|
trusted library allocation
|
page read and write
|
||
|
4F7E000
|
trusted library allocation
|
page read and write
|
||
|
30E3000
|
heap
|
page read and write
|
||
|
AADC000
|
stack
|
page read and write
|
||
|
2FDA000
|
trusted library allocation
|
page read and write
|
||
|
E0E000
|
heap
|
page read and write
|
||
|
1005000
|
trusted library allocation
|
page execute and read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
F38E000
|
stack
|
page read and write
|
||
|
157E000
|
stack
|
page read and write
|
||
|
84BE000
|
stack
|
page read and write
|
||
|
F0E000
|
stack
|
page read and write
|
||
|
2901000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
797E000
|
stack
|
page read and write
|
||
|
3292000
|
trusted library allocation
|
page read and write
|
||
|
2B52000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
trusted library allocation
|
page read and write
|
||
|
11D9C000
|
stack
|
page read and write
|
||
|
18B0000
|
heap
|
page read and write
|
||
|
5245000
|
trusted library allocation
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
F0AF000
|
stack
|
page read and write
|
||
|
37D000
|
stack
|
page read and write
|
||
|
310B000
|
trusted library allocation
|
page read and write
|
||
|
16C0000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
7812000
|
heap
|
page read and write
|
||
|
5F8D000
|
stack
|
page read and write
|
||
|
BD5000
|
heap
|
page read and write
|
||
|
2BDE000
|
trusted library allocation
|
page read and write
|
||
|
65FE000
|
stack
|
page read and write
|
||
|
E625000
|
trusted library allocation
|
page read and write
|
||
|
276C000
|
stack
|
page read and write
|
||
|
EADD000
|
stack
|
page read and write
|
||
|
3DD1000
|
trusted library allocation
|
page read and write
|
||
|
2F50000
|
heap
|
page execute and read and write
|
||
|
7EC9000
|
trusted library section
|
page read and write
|
||
|
141B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3752000
|
trusted library allocation
|
page read and write
|
||
|
3E51000
|
trusted library allocation
|
page read and write
|
||
|
102C000
|
stack
|
page read and write
|
||
|
57C0000
|
heap
|
page read and write
|
||
|
EE5D000
|
stack
|
page read and write
|
||
|
13ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A3E000
|
stack
|
page read and write
|
||
|
FDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BAF000
|
unkown
|
page read and write
|
||
|
11FDC000
|
stack
|
page read and write
|
||
|
51EB000
|
trusted library allocation
|
page read and write
|
||
|
53D0000
|
heap
|
page read and write
|
||
|
6760000
|
trusted library allocation
|
page read and write
|
||
|
6BF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
FC0000
|
trusted library allocation
|
page read and write
|
||
|
A15C000
|
stack
|
page read and write
|
||
|
E3BD000
|
stack
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
F4EE000
|
stack
|
page read and write
|
||
|
1406000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D03000
|
trusted library allocation
|
page read and write
|
||
|
5310000
|
heap
|
page read and write
|
||
|
873F000
|
stack
|
page read and write
|
||
|
EC7E000
|
stack
|
page read and write
|
||
|
7080000
|
heap
|
page read and write
|
||
|
783A000
|
heap
|
page read and write
|
||
|
140A000
|
trusted library allocation
|
page execute and read and write
|
||
|
133A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FCE000
|
stack
|
page read and write
|
||
|
FDD000
|
heap
|
page read and write
|
||
|
11EDC000
|
stack
|
page read and write
|
||
|
56B0000
|
heap
|
page execute and read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
E13E000
|
stack
|
page read and write
|
||
|
373C000
|
trusted library allocation
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
6BBC000
|
stack
|
page read and write
|
||
|
C1A000
|
heap
|
page read and write
|
||
|
3475000
|
trusted library allocation
|
page read and write
|
||
|
3B49000
|
trusted library allocation
|
page read and write
|
||
|
5A6E000
|
stack
|
page read and write
|
||
|
5A30000
|
trusted library allocation
|
page read and write
|
||
|
F6A000
|
heap
|
page read and write
|
||
|
5201000
|
trusted library allocation
|
page read and write
|
||
|
58B0000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
trusted library allocation
|
page read and write
|
||
|
9410000
|
heap
|
page read and write
|
||
|
144C000
|
stack
|
page read and write
|
||
|
2BC6000
|
trusted library allocation
|
page read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
7F7F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
85DC000
|
stack
|
page read and write
|
||
|
1870000
|
trusted library allocation
|
page execute and read and write
|
||
|
E66E000
|
stack
|
page read and write
|
||
|
6B3E000
|
stack
|
page read and write
|
||
|
548D000
|
stack
|
page read and write
|
||
|
119DC000
|
stack
|
page read and write
|
||
|
2D5C000
|
trusted library allocation
|
page read and write
|
||
|
5715000
|
heap
|
page read and write
|
||
|
3C71000
|
trusted library allocation
|
page read and write
|
||
|
59DC000
|
stack
|
page read and write
|
||
|
60FD000
|
stack
|
page read and write
|
||
|
1890000
|
trusted library allocation
|
page read and write
|
||
|
2D60000
|
trusted library allocation
|
page read and write
|
||
|
6740000
|
trusted library allocation
|
page read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
3EC1000
|
trusted library allocation
|
page read and write
|
||
|
DBA000
|
trusted library allocation
|
page execute and read and write
|
||
|
10D5000
|
heap
|
page read and write
|
||
|
637D000
|
stack
|
page read and write
|
||
|
3CB1000
|
trusted library allocation
|
page read and write
|
||
|
DC2000
|
trusted library allocation
|
page read and write
|
||
|
6BBE000
|
stack
|
page read and write
|
||
|
E65E000
|
stack
|
page read and write
|
||
|
FD4000
|
trusted library allocation
|
page read and write
|
||
|
A9E6000
|
trusted library allocation
|
page read and write
|
||
|
E51E000
|
stack
|
page read and write
|
||
|
60CE000
|
stack
|
page read and write
|
||
|
4968000
|
trusted library allocation
|
page read and write
|
||
|
3D60000
|
trusted library allocation
|
page read and write
|
||
|
ED5C000
|
stack
|
page read and write
|
||
|
EC5000
|
heap
|
page read and write
|
||
|
5810000
|
trusted library section
|
page readonly
|
||
|
30AB000
|
trusted library allocation
|
page read and write
|
||
|
EE7000
|
heap
|
page read and write
|
||
|
2B00000
|
trusted library allocation
|
page read and write
|
||
|
3ED1000
|
trusted library allocation
|
page read and write
|
||
|
E3C0000
|
heap
|
page read and write
|
||
|
30A9000
|
trusted library allocation
|
page read and write
|
||
|
2EB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ED1000
|
trusted library allocation
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
DAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
FF0000
|
trusted library allocation
|
page read and write
|
||
|
589F000
|
stack
|
page read and write
|
||
|
E25000
|
heap
|
page read and write
|
||
|
3241000
|
trusted library allocation
|
page read and write
|
||
|
12CF000
|
stack
|
page read and write
|
||
|
52F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1336000
|
trusted library allocation
|
page execute and read and write
|
||
|
A25C000
|
stack
|
page read and write
|
||
|
CFE000
|
stack
|
page read and write
|
||
|
132E000
|
stack
|
page read and write
|
||
|
79A000
|
stack
|
page read and write
|
||
|
B1E000
|
stack
|
page read and write
|
||
|
327C000
|
trusted library allocation
|
page read and write
|
||
|
301E000
|
trusted library allocation
|
page read and write
|
||
|
30CD000
|
trusted library allocation
|
page read and write
|
||
|
93F000
|
stack
|
page read and write
|
||
|
4F92000
|
trusted library allocation
|
page read and write
|
||
|
531E000
|
stack
|
page read and write
|
||
|
89DC000
|
stack
|
page read and write
|
||
|
49E5000
|
trusted library allocation
|
page read and write
|
||
|
BDB000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
58AE000
|
stack
|
page read and write
|
||
|
5210000
|
trusted library allocation
|
page read and write
|
||
|
9462000
|
heap
|
page read and write
|
||
|
F5A000
|
stack
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
55BE000
|
stack
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
E81C000
|
stack
|
page read and write
|
||
|
3D91000
|
trusted library allocation
|
page read and write
|
||
|
A11C000
|
stack
|
page read and write
|
||
|
3D11000
|
trusted library allocation
|
page read and write
|
||
|
11E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6ABE000
|
stack
|
page read and write
|
||
|
FB6000
|
stack
|
page read and write
|
||
|
6BE0000
|
heap
|
page read and write
|
||
|
1400000
|
trusted library allocation
|
page read and write
|
||
|
647E000
|
stack
|
page read and write
|
||
|
2D10000
|
trusted library allocation
|
page read and write
|
||
|
14DA000
|
heap
|
page read and write
|
||
|
1450000
|
trusted library allocation
|
page read and write
|
||
|
941D000
|
heap
|
page read and write
|
||
|
FD3000
|
trusted library allocation
|
page execute and read and write
|
||
|
68A000
|
heap
|
page read and write
|
||
|
11B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8975000
|
trusted library allocation
|
page read and write
|
||
|
48EB000
|
trusted library allocation
|
page read and write
|
||
|
28D8000
|
trusted library allocation
|
page read and write
|
||
|
2D72000
|
trusted library allocation
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
D80000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
2B99000
|
trusted library allocation
|
page read and write
|
||
|
5CCD000
|
stack
|
page read and write
|
||
|
5CE0000
|
heap
|
page read and write
|
||
|
F43000
|
trusted library allocation
|
page execute and read and write
|
||
|
E99E000
|
stack
|
page read and write
|
||
|
144E000
|
heap
|
page read and write
|
||
|
2D6C000
|
stack
|
page read and write
|
||
|
1211C000
|
stack
|
page read and write
|
||
|
536D000
|
stack
|
page read and write
|
||
|
134E000
|
stack
|
page read and write
|
||
|
6D9C000
|
stack
|
page read and write
|
||
|
11DE000
|
stack
|
page read and write
|
||
|
5830000
|
heap
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
D82000
|
unkown
|
page readonly
|
||
|
2D81000
|
trusted library allocation
|
page read and write
|
||
|
526C000
|
stack
|
page read and write
|
||
|
6B7C000
|
stack
|
page read and write
|
||
|
13E7000
|
heap
|
page read and write
|
||
|
F9F000
|
heap
|
page read and write
|
||
|
1483000
|
heap
|
page read and write
|
||
|
D5E000
|
stack
|
page read and write
|
||
|
5224000
|
trusted library allocation
|
page read and write
|
||
|
63E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AF0000
|
trusted library allocation
|
page read and write
|
||
|
50DE000
|
stack
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
2B9B000
|
trusted library allocation
|
page read and write
|
||
|
5A20000
|
trusted library allocation
|
page read and write
|
||
|
4241000
|
trusted library allocation
|
page read and write
|
||
|
4E30000
|
heap
|
page execute and read and write
|
||
|
5D11000
|
heap
|
page read and write
|
||
|
EF6E000
|
stack
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
5A40000
|
trusted library allocation
|
page read and write
|
||
|
E2BD000
|
stack
|
page read and write
|
||
|
EB7000
|
heap
|
page read and write
|
||
|
F5EE000
|
stack
|
page read and write
|
||
|
7EF90000
|
trusted library allocation
|
page execute and read and write
|
||
|
EE6E000
|
stack
|
page read and write
|
||
|
67FE000
|
stack
|
page read and write
|
||
|
ED1E000
|
stack
|
page read and write
|
||
|
2EC0000
|
heap
|
page execute and read and write
|
||
|
4FDE000
|
stack
|
page read and write
|
||
|
EBDD000
|
stack
|
page read and write
|
||
|
1150000
|
trusted library allocation
|
page read and write
|
||
|
673D000
|
stack
|
page read and write
|
||
|
163E000
|
stack
|
page read and write
|
||
|
11ADC000
|
stack
|
page read and write
|
||
|
4F9E000
|
stack
|
page read and write
|
||
|
A01C000
|
stack
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
3B21000
|
trusted library allocation
|
page read and write
|
||
|
18A0000
|
trusted library allocation
|
page read and write
|
||
|
93F6000
|
heap
|
page read and write
|
||
|
1002000
|
trusted library allocation
|
page read and write
|
||
|
11B5C000
|
stack
|
page read and write
|
||
|
6750000
|
trusted library allocation
|
page execute and read and write
|
There are 800 hidden memdumps, click here to show them.