Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
DVuCnBrdbI.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\Windows Multimedia Platform\qJBfikDNRbrkF.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Windows Photo Viewer\en-GB\Idle.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Common Files\qJBfikDNRbrkF.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Internet Explorer\qJBfikDNRbrkF.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Windows Mail\qJBfikDNRbrkF.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Packages\qJBfikDNRbrkF.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\Registry.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\qJBfikDNRbrkF.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\wininit.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\Desktop\qJBfikDNRbrkF.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\Downloads\upfc.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\3D Objects\WmiPrvSE.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\vgX27OamF2.bat
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Windows\Downloaded Program Files\lsass.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SchCache\csrss.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\TAPI\WmiPrvSE.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Temp\Crashpad\reports\WmiPrvSE.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Windows Multimedia Platform\6ed216578b75a5
|
ASCII text, with very long lines (763), with no line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Windows Multimedia Platform\qJBfikDNRbrkF.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Windows Photo Viewer\en-GB\6ccacd8608530f
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Windows Photo Viewer\en-GB\Idle.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\Common Files\6ed216578b75a5
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Program Files\Common Files\qJBfikDNRbrkF.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\Internet Explorer\6ed216578b75a5
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Program Files\Internet Explorer\qJBfikDNRbrkF.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\Windows Mail\6ed216578b75a5
|
ASCII text, with very long lines (824), with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows Mail\qJBfikDNRbrkF.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Packages\6ed216578b75a5
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\ProgramData\Packages\qJBfikDNRbrkF.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Recovery\56085415360792
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Recovery\6ed216578b75a5
|
ASCII text, with very long lines (420), with no line terminators
|
dropped
|
||
|
C:\Recovery\Registry.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Recovery\ee2ad38f3d4382
|
ASCII text, with very long lines (634), with no line terminators
|
dropped
|
||
|
C:\Recovery\qJBfikDNRbrkF.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Recovery\wininit.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Default\Desktop\6ed216578b75a5
|
ASCII text, with very long lines (948), with no line terminators
|
dropped
|
||
|
C:\Users\Default\Desktop\qJBfikDNRbrkF.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Default\Downloads\ea1d8f6d871115
|
ASCII text, with very long lines (563), with no line terminators
|
dropped
|
||
|
C:\Users\Default\Downloads\upfc.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\3D Objects\24dbde2999530e
|
ASCII text, with very long lines (682), with no line terminators
|
dropped
|
||
|
C:\Users\user\3D Objects\WmiPrvSE.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\DVuCnBrdbI.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\WmiPrvSE.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\qJBfikDNRbrkF.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\wininit.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\fKhYlTVFkp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Downloaded Program Files\6203df4a6bafc7
|
ASCII text, with very long lines (577), with no line terminators
|
dropped
|
||
|
C:\Windows\Downloaded Program Files\lsass.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\SchCache\886983d96e3d3e
|
ASCII text, with very long lines (707), with no line terminators
|
dropped
|
||
|
C:\Windows\SchCache\csrss.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\TAPI\24dbde2999530e
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\TAPI\WmiPrvSE.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\Crashpad\reports\24dbde2999530e
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\Crashpad\reports\WmiPrvSE.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 45 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\DVuCnBrdbI.exe
|
"C:\Users\user\Desktop\DVuCnBrdbI.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkFq" /sc MINUTE /mo 9 /tr "'C:\Program Files\Windows Mail\qJBfikDNRbrkF.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkF" /sc ONLOGON /tr "'C:\Program Files\Windows Mail\qJBfikDNRbrkF.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkFq" /sc MINUTE /mo 12 /tr "'C:\Program Files\Windows Mail\qJBfikDNRbrkF.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkFq" /sc MINUTE /mo 6 /tr "'C:\Recovery\qJBfikDNRbrkF.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkF" /sc ONLOGON /tr "'C:\Recovery\qJBfikDNRbrkF.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkFq" /sc MINUTE /mo 13 /tr "'C:\Recovery\qJBfikDNRbrkF.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkFq" /sc MINUTE /mo 9 /tr "'C:\Program Files (x86)\windows multimedia platform\qJBfikDNRbrkF.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkF" /sc ONLOGON /tr "'C:\Program Files (x86)\windows multimedia platform\qJBfikDNRbrkF.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkFq" /sc MINUTE /mo 10 /tr "'C:\Program Files (x86)\windows multimedia platform\qJBfikDNRbrkF.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkFq" /sc MINUTE /mo 13 /tr "'C:\Users\Default\Desktop\qJBfikDNRbrkF.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkF" /sc ONLOGON /tr "'C:\Users\Default\Desktop\qJBfikDNRbrkF.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkFq" /sc MINUTE /mo 8 /tr "'C:\Users\Default\Desktop\qJBfikDNRbrkF.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkFq" /sc MINUTE /mo 14 /tr "'C:\Recovery\qJBfikDNRbrkF.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkF" /sc ONLOGON /tr "'C:\Recovery\qJBfikDNRbrkF.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkFq" /sc MINUTE /mo 12 /tr "'C:\Recovery\qJBfikDNRbrkF.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "WmiPrvSEW" /sc MINUTE /mo 13 /tr "'C:\Windows\TAPI\WmiPrvSE.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "WmiPrvSE" /sc ONLOGON /tr "'C:\Windows\TAPI\WmiPrvSE.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "WmiPrvSEW" /sc MINUTE /mo 8 /tr "'C:\Windows\TAPI\WmiPrvSE.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkFq" /sc MINUTE /mo 8 /tr "'C:\Recovery\qJBfikDNRbrkF.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkF" /sc ONLOGON /tr "'C:\Recovery\qJBfikDNRbrkF.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkFq" /sc MINUTE /mo 13 /tr "'C:\Recovery\qJBfikDNRbrkF.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkFq" /sc MINUTE /mo 11 /tr "'C:\Recovery\qJBfikDNRbrkF.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkF" /sc ONLOGON /tr "'C:\Recovery\qJBfikDNRbrkF.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkFq" /sc MINUTE /mo 7 /tr "'C:\Recovery\qJBfikDNRbrkF.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "wininitw" /sc MINUTE /mo 7 /tr "'C:\Recovery\wininit.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "wininit" /sc ONLOGON /tr "'C:\Recovery\wininit.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "wininitw" /sc MINUTE /mo 13 /tr "'C:\Recovery\wininit.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkFq" /sc MINUTE /mo 14 /tr "'C:\Program Files\Internet Explorer\qJBfikDNRbrkF.exe'" /f
|
|
|
|
C:\Recovery\qJBfikDNRbrkF.exe
|
C:\Recovery\qJBfikDNRbrkF.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkF" /sc ONLOGON /tr "'C:\Program Files\Internet Explorer\qJBfikDNRbrkF.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Program Files\Internet Explorer\qJBfikDNRbrkF.exe
|
"C:\Program Files\Internet Explorer\qJBfikDNRbrkF.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "qJBfikDNRbrkFq" /sc MINUTE /mo 14 /tr "'C:\Program Files\Internet Explorer\qJBfikDNRbrkF.exe'" /rl
HIGHEST /f
|
|
|
|
C:\Recovery\wininit.exe
|
C:\Recovery\wininit.exe
|
|
|
|
C:\Recovery\wininit.exe
|
C:\Recovery\wininit.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "IdleI" /sc MINUTE /mo 8 /tr "'C:\Program Files (x86)\windows photo viewer\en-GB\Idle.exe'" /f
|
|
|
|
C:\Windows\TAPI\WmiPrvSE.exe
|
C:\Windows\TAPI\WmiPrvSE.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "Idle" /sc ONLOGON /tr "'C:\Program Files (x86)\windows photo viewer\en-GB\Idle.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\TAPI\WmiPrvSE.exe
|
C:\Windows\TAPI\WmiPrvSE.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "IdleI" /sc MINUTE /mo 13 /tr "'C:\Program Files (x86)\windows photo viewer\en-GB\Idle.exe'" /rl
HIGHEST /f
|
|
There are 30 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://golovkcc.beget.tech/@==gbJBzYuFDT
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\0f31ac9bb004d3f5a6cb2b453cd95adf8de32863
|
9acf6ccf72aeaaea48b5014c9ec02910bdc4e965
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.ApplicationCompany
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
26D1000
|
trusted library allocation
|
page read and write
|
|
|
|
270D000
|
trusted library allocation
|
page read and write
|
|
|
|
2F21000
|
trusted library allocation
|
page read and write
|
|
|
|
3735000
|
trusted library allocation
|
page read and write
|
|
|
|
291D000
|
trusted library allocation
|
page read and write
|
|
|
|
29AF000
|
trusted library allocation
|
page read and write
|
|
|
|
2591000
|
trusted library allocation
|
page read and write
|
|
|
|
2E2D000
|
trusted library allocation
|
page read and write
|
|
|
|
2DF1000
|
trusted library allocation
|
page read and write
|
|
|
|
3051000
|
trusted library allocation
|
page read and write
|
|
|
|
2971000
|
trusted library allocation
|
page read and write
|
|
|
|
12F31000
|
trusted library allocation
|
page read and write
|
|
|
|
28E1000
|
trusted library allocation
|
page read and write
|
|
|
|
12DF8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
13028000
|
trusted library allocation
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
3757000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9B2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
C52000
|
unkown
|
page readonly
|
||
|
7FFD9BB51000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB77000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
8C9000
|
heap
|
page read and write
|
||
|
1C4EB000
|
heap
|
page read and write
|
||
|
1BE1E000
|
stack
|
page read and write
|
||
|
2960000
|
heap
|
page read and write
|
||
|
7FFD9BABF000
|
trusted library allocation
|
page execute and read and write
|
||
|
25C0000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
7FFD9BB4C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
trusted library allocation
|
page read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
1116000
|
heap
|
page read and write
|
||
|
12F28000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2784000
|
trusted library allocation
|
page read and write
|
||
|
99C000
|
heap
|
page read and write
|
||
|
128F1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB81000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
13B7000
|
heap
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
7FFD9B9AC000
|
trusted library allocation
|
page read and write
|
||
|
1BF20000
|
heap
|
page read and write
|
||
|
128E8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
BC1000
|
heap
|
page read and write
|
||
|
12E41000
|
trusted library allocation
|
page read and write
|
||
|
1BC14000
|
stack
|
page read and write
|
||
|
1B483000
|
stack
|
page read and write
|
||
|
90A000
|
heap
|
page read and write
|
||
|
A3D000
|
heap
|
page read and write
|
||
|
1B0A0000
|
heap
|
page read and write
|
||
|
1BF0B000
|
heap
|
page read and write
|
||
|
1510000
|
trusted library allocation
|
page read and write
|
||
|
7FF4E6690000
|
trusted library allocation
|
page execute and read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
566000
|
stack
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
7FFD9B9A3000
|
trusted library allocation
|
page read and write
|
||
|
10EB000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
7FFD9BB84000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB30000
|
trusted library allocation
|
page read and write
|
||
|
1420000
|
trusted library allocation
|
page read and write
|
||
|
1173000
|
heap
|
page read and write
|
||
|
7FFD9B99D000
|
trusted library allocation
|
page execute and read and write
|
||
|
C0C000
|
heap
|
page read and write
|
||
|
B8C000
|
heap
|
page read and write
|
||
|
1BA30000
|
heap
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
7FFD9BB5C000
|
trusted library allocation
|
page read and write
|
||
|
1C0E9000
|
heap
|
page read and write
|
||
|
166F000
|
stack
|
page read and write
|
||
|
1B5A3000
|
stack
|
page read and write
|
||
|
1B920000
|
trusted library section
|
page read and write
|
||
|
28DE000
|
stack
|
page read and write
|
||
|
F80000
|
trusted library allocation
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
29A0000
|
trusted library allocation
|
page read and write
|
||
|
2EB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
1B9CE000
|
stack
|
page read and write
|
||
|
B36000
|
heap
|
page read and write
|
||
|
7FFD9BA56000
|
trusted library allocation
|
page read and write
|
||
|
AF6000
|
stack
|
page read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
1BE93000
|
stack
|
page read and write
|
||
|
1A910000
|
trusted library allocation
|
page read and write
|
||
|
1BC9F000
|
stack
|
page read and write
|
||
|
7FFD9B9AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BAC1000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B384000
|
stack
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
12DFD000
|
trusted library allocation
|
page read and write
|
||
|
1C139000
|
heap
|
page read and write
|
||
|
96D000
|
heap
|
page read and write
|
||
|
1B2AE000
|
stack
|
page read and write
|
||
|
7FFD9BB90000
|
trusted library allocation
|
page read and write
|
||
|
1A700000
|
trusted library allocation
|
page read and write
|
||
|
1BA10000
|
heap
|
page execute and read and write
|
||
|
263E000
|
trusted library allocation
|
page read and write
|
||
|
298C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB84000
|
trusted library allocation
|
page read and write
|
||
|
1352000
|
heap
|
page read and write
|
||
|
1B5CE000
|
stack
|
page read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
1A9A0000
|
trusted library allocation
|
page read and write
|
||
|
128ED000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB2B000
|
trusted library allocation
|
page read and write
|
||
|
12971000
|
trusted library allocation
|
page read and write
|
||
|
1B8AE000
|
stack
|
page read and write
|
||
|
1305D000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
1B9AE000
|
stack
|
page read and write
|
||
|
12978000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA56000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C1ED000
|
heap
|
page read and write
|
||
|
7FFD9BACA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
1BB1F000
|
stack
|
page read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page execute and read and write
|
||
|
137B000
|
heap
|
page read and write
|
||
|
1C445000
|
heap
|
page read and write
|
||
|
1C00E000
|
stack
|
page read and write
|
||
|
1BB3E000
|
stack
|
page read and write
|
||
|
1B3EE000
|
stack
|
page read and write
|
||
|
1C4C3000
|
heap
|
page read and write
|
||
|
1BEA4000
|
heap
|
page read and write
|
||
|
1B8C3000
|
stack
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
7FFD9BB80000
|
trusted library allocation
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
7FFD9B9AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C0AB000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
E4F000
|
stack
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
1136000
|
heap
|
page read and write
|
||
|
7FFD9B9BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B664000
|
stack
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AC5D000
|
stack
|
page read and write
|
||
|
7FFD9BB63000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB4E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BACF000
|
trusted library allocation
|
page execute and read and write
|
||
|
BEC000
|
heap
|
page read and write
|
||
|
1B460000
|
heap
|
page execute and read and write
|
||
|
1C213000
|
heap
|
page read and write
|
||
|
7FFD9BB81000
|
trusted library allocation
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page read and write
|
||
|
1154000
|
heap
|
page read and write
|
||
|
1B7A3000
|
stack
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
860000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA46000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B99D000
|
trusted library allocation
|
page execute and read and write
|
||
|
15B0000
|
trusted library allocation
|
page read and write
|
||
|
1BF5D000
|
heap
|
page read and write
|
||
|
12DF1000
|
trusted library allocation
|
page read and write
|
||
|
1C5AF000
|
heap
|
page read and write
|
||
|
1BF13000
|
stack
|
page read and write
|
||
|
1B6C4000
|
stack
|
page read and write
|
||
|
1B2E0000
|
heap
|
page read and write
|
||
|
7FFD9B9FC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB51000
|
trusted library allocation
|
page read and write
|
||
|
996000
|
heap
|
page read and write
|
||
|
7FFD9BB5B000
|
trusted library allocation
|
page read and write
|
||
|
8F6000
|
stack
|
page read and write
|
||
|
F4F000
|
stack
|
page read and write
|
||
|
15FF000
|
stack
|
page read and write
|
||
|
1BABE000
|
stack
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB3E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB3A000
|
trusted library allocation
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
FE5000
|
heap
|
page read and write
|
||
|
7FFD9BB30000
|
trusted library allocation
|
page read and write
|
||
|
1C256000
|
heap
|
page read and write
|
||
|
7FFD9B9B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB80000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
1C1BA000
|
heap
|
page read and write
|
||
|
C2A000
|
heap
|
page read and write
|
||
|
30FD000
|
trusted library allocation
|
page read and write
|
||
|
D54000
|
unkown
|
page readonly
|
||
|
1B05E000
|
stack
|
page read and write
|
||
|
BD9000
|
heap
|
page read and write
|
||
|
12DF3000
|
trusted library allocation
|
page read and write
|
||
|
1BBC0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B9EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C1DA000
|
heap
|
page read and write
|
||
|
2A1D000
|
trusted library allocation
|
page read and write
|
||
|
1BCCE000
|
stack
|
page read and write
|
||
|
875000
|
heap
|
page read and write
|
||
|
9FC000
|
heap
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
D58000
|
unkown
|
page readonly
|
||
|
1C1AD000
|
heap
|
page read and write
|
||
|
126D8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
11A3000
|
heap
|
page read and write
|
||
|
7FFD9B9AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B9BC000
|
trusted library allocation
|
page read and write
|
||
|
1316000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
131C000
|
heap
|
page read and write
|
||
|
12931000
|
trusted library allocation
|
page read and write
|
||
|
27D0000
|
heap
|
page execute and read and write
|
||
|
2641000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB90000
|
trusted library allocation
|
page read and write
|
||
|
1297D000
|
trusted library allocation
|
page read and write
|
||
|
BEA000
|
heap
|
page read and write
|
||
|
BD2000
|
heap
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
14B5000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page execute and read and write
|
||
|
7FFD9BACA000
|
trusted library allocation
|
page execute and read and write
|
||
|
A77000
|
heap
|
page read and write
|
||
|
10B8000
|
heap
|
page read and write
|
||
|
7FFD9BB4E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
E4F000
|
stack
|
page read and write
|
||
|
7FFD9BABA000
|
trusted library allocation
|
page execute and read and write
|
||
|
153E000
|
stack
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
1C508000
|
heap
|
page read and write
|
||
|
1005000
|
heap
|
page read and write
|
||
|
7FFD9B9CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
1B68E000
|
stack
|
page read and write
|
||
|
7FFD9BACF000
|
trusted library allocation
|
page execute and read and write
|
||
|
B6F000
|
stack
|
page read and write
|
||
|
1C284000
|
heap
|
page read and write
|
||
|
10DB000
|
heap
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page read and write
|
||
|
8DB000
|
heap
|
page read and write
|
||
|
1B58E000
|
stack
|
page read and write
|
||
|
12721000
|
trusted library allocation
|
page read and write
|
||
|
1B860000
|
heap
|
page read and write
|
||
|
1C155000
|
heap
|
page read and write
|
||
|
7FFD9BB53000
|
trusted library allocation
|
page read and write
|
||
|
1BA1E000
|
stack
|
page read and write
|
||
|
7FFD9BA66000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB63000
|
trusted library allocation
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
B9B000
|
heap
|
page read and write
|
||
|
A45000
|
heap
|
page read and write
|
||
|
840000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
B72000
|
heap
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
7FFD9BA96000
|
trusted library allocation
|
page execute and read and write
|
||
|
299A000
|
trusted library allocation
|
page read and write
|
||
|
1C3ED000
|
heap
|
page read and write
|
||
|
128E1000
|
trusted library allocation
|
page read and write
|
||
|
12F21000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
BA0000
|
heap
|
page execute and read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
DDF000
|
stack
|
page read and write
|
||
|
9C1000
|
heap
|
page read and write
|
||
|
7FFD9B9C4000
|
trusted library allocation
|
page read and write
|
||
|
BD5000
|
heap
|
page read and write
|
||
|
1CADE000
|
stack
|
page read and write
|
||
|
1B4AC000
|
stack
|
page read and write
|
||
|
C0F000
|
heap
|
page read and write
|
||
|
7FFD9BB73000
|
trusted library allocation
|
page read and write
|
||
|
3103000
|
trusted library allocation
|
page read and write
|
||
|
298E000
|
trusted library allocation
|
page read and write
|
||
|
2EAA000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB3C000
|
trusted library allocation
|
page read and write
|
||
|
1C9DE000
|
stack
|
page read and write
|
||
|
1A5C0000
|
trusted library allocation
|
page read and write
|
||
|
B5A000
|
heap
|
page read and write
|
||
|
1C590000
|
heap
|
page read and write
|
||
|
113C000
|
heap
|
page read and write
|
||
|
1565000
|
heap
|
page read and write
|
||
|
126E1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
12AE000
|
stack
|
page read and write
|
||
|
10F6000
|
stack
|
page read and write
|
||
|
304F000
|
stack
|
page read and write
|
||
|
1C49E000
|
heap
|
page read and write
|
||
|
7FFD9BB46000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
C20000
|
heap
|
page execute and read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B900000
|
trusted library section
|
page read and write
|
||
|
1B8EE000
|
stack
|
page read and write
|
||
|
B40000
|
trusted library allocation
|
page read and write
|
||
|
1B2C0000
|
heap
|
page execute and read and write
|
||
|
1B7AE000
|
stack
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B050000
|
heap
|
page execute and read and write
|
||
|
1C4DD000
|
heap
|
page read and write
|
||
|
2992000
|
trusted library allocation
|
page read and write
|
||
|
1BF47000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
1C4AA000
|
heap
|
page read and write
|
||
|
1B96E000
|
stack
|
page read and write
|
||
|
F16000
|
stack
|
page read and write
|
||
|
AF6000
|
stack
|
page read and write
|
||
|
7FFD9BB1A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EA7000
|
trusted library allocation
|
page read and write
|
||
|
1C16F000
|
heap
|
page read and write
|
||
|
7FFD9B9CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BA6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
129C1000
|
trusted library allocation
|
page read and write
|
||
|
1C09D000
|
stack
|
page read and write
|
||
|
12591000
|
trusted library allocation
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
C5C000
|
heap
|
page read and write
|
||
|
7FFD9B974000
|
trusted library allocation
|
page read and write
|
||
|
1BDC3000
|
stack
|
page read and write
|
||
|
7FFD9B9A4000
|
trusted library allocation
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
1B56E000
|
stack
|
page read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2650000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9B4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B993000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C597000
|
heap
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B996000
|
trusted library allocation
|
page read and write
|
||
|
C50000
|
unkown
|
page readonly
|
||
|
1AF50000
|
trusted library allocation
|
page read and write
|
||
|
8D9000
|
heap
|
page read and write
|
||
|
7FFD9BA46000
|
trusted library allocation
|
page read and write
|
||
|
1C15F000
|
heap
|
page read and write
|
||
|
122E000
|
heap
|
page read and write
|
||
|
7FFD9B9A7000
|
trusted library allocation
|
page read and write
|
||
|
1B5DE000
|
stack
|
page read and write
|
||
|
126D3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B97D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB3C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
263B000
|
trusted library allocation
|
page read and write
|
||
|
12F6000
|
stack
|
page read and write
|
||
|
1BD1E000
|
stack
|
page read and write
|
||
|
30FA000
|
trusted library allocation
|
page read and write
|
||
|
1B9B0000
|
heap
|
page read and write
|
||
|
1C270000
|
heap
|
page read and write
|
||
|
1B4A4000
|
stack
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB20000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B99D000
|
trusted library allocation
|
page execute and read and write
|
||
|
10ED000
|
heap
|
page read and write
|
||
|
7FFD9BBA0000
|
trusted library allocation
|
page read and write
|
||
|
13061000
|
trusted library allocation
|
page read and write
|
||
|
12598000
|
trusted library allocation
|
page read and write
|
||
|
B86000
|
heap
|
page read and write
|
||
|
7FFD9B99B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C122000
|
heap
|
page read and write
|
||
|
2647000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB4C000
|
trusted library allocation
|
page read and write
|
||
|
13051000
|
trusted library allocation
|
page read and write
|
||
|
2644000
|
trusted library allocation
|
page read and write
|
||
|
310F000
|
trusted library allocation
|
page read and write
|
||
|
2994000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB80000
|
trusted library allocation
|
page read and write
|
||
|
115B000
|
heap
|
page read and write
|
||
|
1C515000
|
heap
|
page read and write
|
||
|
1B18E000
|
stack
|
page read and write
|
||
|
1AB1E000
|
stack
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
13048000
|
trusted library allocation
|
page read and write
|
||
|
1C55B000
|
heap
|
page read and write
|
||
|
7FFD9BAD1000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BA2C000
|
trusted library allocation
|
page execute and read and write
|
||
|
8DD000
|
heap
|
page read and write
|
||
|
7FFD9B9DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB13000
|
trusted library allocation
|
page read and write
|
||
|
1BEFB000
|
heap
|
page read and write
|
||
|
1C5C2000
|
heap
|
page read and write
|
||
|
7FFD9BAD1000
|
trusted library allocation
|
page execute and read and write
|
||
|
B20000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B972000
|
trusted library allocation
|
page read and write
|
||
|
28AE000
|
stack
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
1B2A9000
|
heap
|
page read and write
|
||
|
1C48A000
|
heap
|
page read and write
|
||
|
1C192000
|
heap
|
page read and write
|
||
|
F75000
|
heap
|
page read and write
|
||
|
1C43F000
|
heap
|
page read and write
|
||
|
125A1000
|
trusted library allocation
|
page read and write
|
||
|
9D2000
|
heap
|
page read and write
|
||
|
126DD000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
7FFD9B9A3000
|
trusted library allocation
|
page read and write
|
||
|
24EE000
|
stack
|
page read and write
|
||
|
B70000
|
trusted library allocation
|
page read and write
|
||
|
3100000
|
trusted library allocation
|
page read and write
|
||
|
1675000
|
heap
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
1670000
|
heap
|
page read and write
|
||
|
2F1E000
|
stack
|
page read and write
|
||
|
1BB90000
|
heap
|
page execute and read and write
|
||
|
1C0D4000
|
heap
|
page read and write
|
||
|
7FFD9B9B3000
|
trusted library allocation
|
page read and write
|
||
|
1C486000
|
heap
|
page read and write
|
||
|
1C1EB000
|
heap
|
page read and write
|
||
|
13053000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
7FFD9B9B3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA56000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B973000
|
trusted library allocation
|
page execute and read and write
|
||
|
A7A000
|
heap
|
page read and write
|
||
|
7FFD9B9BC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9BC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB56000
|
trusted library allocation
|
page read and write
|
||
|
2920000
|
heap
|
page read and write
|
||
|
2EA4000
|
trusted library allocation
|
page read and write
|
||
|
9FA000
|
heap
|
page read and write
|
||
|
126D1000
|
trusted library allocation
|
page read and write
|
||
|
1B37D000
|
stack
|
page read and write
|
||
|
7FFD9BB33000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
7FFD9B993000
|
trusted library allocation
|
page execute and read and write
|
||
|
BA0000
|
trusted library allocation
|
page read and write
|
||
|
125E1000
|
trusted library allocation
|
page read and write
|
||
|
FF5000
|
heap
|
page read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B98C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9FC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB4C000
|
trusted library allocation
|
page read and write
|
||
|
12C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
||
|
119C000
|
heap
|
page read and write
|
||
|
BEF000
|
heap
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
1B3CF000
|
stack
|
page read and write
|
||
|
906000
|
heap
|
page read and write
|
||
|
2997000
|
trusted library allocation
|
page read and write
|
||
|
2D5E000
|
stack
|
page read and write
|
||
|
1B6AE000
|
stack
|
page read and write
|
||
|
12F2F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB74000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
BBF000
|
heap
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page read and write
|
||
|
1B28E000
|
stack
|
page read and write
|
||
|
7FFD9B9B7000
|
trusted library allocation
|
page read and write
|
||
|
1BF22000
|
heap
|
page read and write
|
||
|
128E3000
|
trusted library allocation
|
page read and write
|
||
|
13321000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB63000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB30000
|
trusted library allocation
|
page read and write
|
||
|
12D5000
|
heap
|
page read and write
|
||
|
7FFD9B9BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B9AC000
|
trusted library allocation
|
page read and write
|
||
|
119A000
|
heap
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
1600000
|
heap
|
page execute and read and write
|
||
|
7FFD9B994000
|
trusted library allocation
|
page read and write
|
||
|
943000
|
heap
|
page read and write
|
||
|
1B080000
|
trusted library allocation
|
page read and write
|
||
|
1C3E0000
|
heap
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AC1F000
|
stack
|
page read and write
|
||
|
1B080000
|
heap
|
page read and write
|
||
|
7FFD9BA5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
12593000
|
trusted library allocation
|
page read and write
|
||
|
1C0D9000
|
heap
|
page read and write
|
||
|
143E000
|
stack
|
page read and write
|
||
|
F4F000
|
stack
|
page read and write
|
||
|
BC0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B994000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B994000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9B3000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
C08000
|
heap
|
page read and write
|
||
|
D45000
|
heap
|
page read and write
|
||
|
7FFD9B9C4000
|
trusted library allocation
|
page read and write
|
||
|
14F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA86000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
7FFD9BB53000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA26000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
1BEF4000
|
heap
|
page read and write
|
||
|
1B2AE000
|
stack
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
1BF74000
|
heap
|
page read and write
|
||
|
1C27B000
|
heap
|
page read and write
|
||
|
9CF000
|
heap
|
page read and write
|
||
|
1BF0E000
|
stack
|
page read and write
|
||
|
1B7B0000
|
heap
|
page read and write
|
||
|
2580000
|
heap
|
page read and write
|
||
|
13058000
|
trusted library allocation
|
page read and write
|
||
|
1C106000
|
heap
|
page read and write
|
||
|
25A0000
|
trusted library allocation
|
page read and write
|
||
|
1C53F000
|
heap
|
page read and write
|
||
|
7FFD9B9B4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B992000
|
trusted library allocation
|
page read and write
|
||
|
1BF9E000
|
heap
|
page read and write
|
||
|
7FFD9B9CC000
|
trusted library allocation
|
page read and write
|
||
|
1AE20000
|
trusted library allocation
|
page read and write
|
||
|
12F2D000
|
trusted library allocation
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
7FFD9B9B7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA86000
|
trusted library allocation
|
page execute and read and write
|
||
|
BAE000
|
heap
|
page read and write
|
||
|
C45000
|
heap
|
page read and write
|
||
|
1BEFE000
|
heap
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
7FFD9BB6B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
130A1000
|
trusted library allocation
|
page read and write
|
||
|
1C4E8000
|
heap
|
page read and write
|
||
|
7FFD9BB57000
|
trusted library allocation
|
page read and write
|
||
|
1C0FF000
|
heap
|
page read and write
|
||
|
A39000
|
heap
|
page read and write
|
||
|
7FFD9B9C3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B983000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA0C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AEFD000
|
stack
|
page read and write
|
||
|
7FFD9B98D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB56000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA76000
|
trusted library allocation
|
page execute and read and write
|
||
|
C50000
|
unkown
|
page readonly
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
9BB000
|
heap
|
page read and write
|
||
|
1BEA0000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page execute and read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
10D5000
|
heap
|
page read and write
|
||
|
7FFD9B9C4000
|
trusted library allocation
|
page read and write
|
||
|
1BD94000
|
stack
|
page read and write
|
||
|
7FFD9BB10000
|
trusted library allocation
|
page read and write
|
||
|
7B5000
|
heap
|
page read and write
|
||
|
12621000
|
trusted library allocation
|
page read and write
|
||
|
1B9B0000
|
heap
|
page read and write
|
||
|
7FFD9BB5B000
|
trusted library allocation
|
page read and write
|
||
|
2EAD000
|
trusted library allocation
|
page read and write
|
||
|
B3C000
|
heap
|
page read and write
|
||
|
7FFD9B9BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B9FC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C574000
|
heap
|
page read and write
|
||
|
7FFD9BB33000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
7FFD9BA4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B9D4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
1C0A0000
|
heap
|
page read and write
|
||
|
7FFD9BA76000
|
trusted library allocation
|
page execute and read and write
|
||
|
115E000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
299D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBB0000
|
trusted library allocation
|
page read and write
|
||
|
1118000
|
heap
|
page read and write
|
||
|
12981000
|
trusted library allocation
|
page read and write
|
||
|
1B7CB000
|
stack
|
page read and write
|
||
|
176F000
|
stack
|
page read and write
|
||
|
1B1AE000
|
stack
|
page read and write
|
||
|
7FFD9BB1C000
|
trusted library allocation
|
page read and write
|
||
|
1B3AE000
|
stack
|
page read and write
|
||
|
1259D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page execute and read and write
|
||
|
CDE000
|
stack
|
page read and write
|
||
|
8A8000
|
heap
|
page read and write
|
||
|
1C47C000
|
heap
|
page read and write
|
||
|
1B4CF000
|
stack
|
page read and write
|
||
|
7FFD9B9BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C11E000
|
heap
|
page read and write
|
||
|
7FFD9B9B4000
|
trusted library allocation
|
page read and write
|
||
|
9FF000
|
heap
|
page read and write
|
||
|
12973000
|
trusted library allocation
|
page read and write
|
||
|
1C1D3000
|
heap
|
page read and write
|
||
|
7FFD9B9A2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B9BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
7FFD9B9AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
3759000
|
trusted library allocation
|
page read and write
|
||
|
1BEE8000
|
heap
|
page read and write
|
||
|
111B000
|
heap
|
page read and write
|
||
|
7FFD9B9B7000
|
trusted library allocation
|
page read and write
|
||
|
264D000
|
trusted library allocation
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
1B7BF000
|
stack
|
page read and write
|
||
|
13DF000
|
stack
|
page read and write
|
||
|
7FFD9BA86000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AE6C000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
26CE000
|
stack
|
page read and write
|
||
|
12E01000
|
trusted library allocation
|
page read and write
|
||
|
2DE0000
|
heap
|
page execute and read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
1CC7B000
|
stack
|
page read and write
|
||
|
FA0000
|
trusted library allocation
|
page read and write
|
||
|
1C286000
|
heap
|
page read and write
|
||
|
1C10E000
|
stack
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA56000
|
trusted library allocation
|
page read and write
|
There are 622 hidden memdumps, click here to show them.