Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PROOF OF PAYMENT.scr.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\DNS Host\dnshost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp314F.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\9E146BE9-C76A-4720-BCDB-53011B87BD06\run.dat
|
ISO-8859 text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\hXGmUcb.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\DNS Host\dnshost.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_PROOF OF PAYMENT_eefe40cec38f9f35cfd4406c6dd1963f08220_2336c1dd_455e0c01-259e-4cc2-a1a3-06a3a147f533\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4115.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4165.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7F8A.tmp.dmp
|
Mini DuMP crash report, 15 streams, Thu Apr 25 08:09:24 2024, 0x1205a4 type
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\PROOF OF PAYMENT.scr.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\dnshost.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\hXGmUcb.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_255fx522.fjc.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_atu13qqa.nsx.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dj0qml3l.owb.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hkpnrcjz.e1z.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qurb4ie0.5y5.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_w3ert0ed.i0s.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_y4p5g4go.qzk.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yt00oka0.5fa.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp5513.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp7AEB.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\9E146BE9-C76A-4720-BCDB-53011B87BD06\catalog.dat
|
data
|
modified
|
||
|
C:\Users\user\AppData\Roaming\hXGmUcb.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 17 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\PROOF OF PAYMENT.scr.exe
|
"C:\Users\user\Desktop\PROOF OF PAYMENT.scr.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\PROOF OF
PAYMENT.scr.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\hXGmUcb.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\hXGmUcb" /XML "C:\Users\user\AppData\Local\Temp\tmp314F.tmp"
|
|
|
|
C:\Users\user\Desktop\PROOF OF PAYMENT.scr.exe
|
"C:\Users\user\Desktop\PROOF OF PAYMENT.scr.exe"
|
|
|
|
C:\Users\user\Desktop\PROOF OF PAYMENT.scr.exe
|
"C:\Users\user\Desktop\PROOF OF PAYMENT.scr.exe"
|
|
|
|
C:\Users\user\Desktop\PROOF OF PAYMENT.scr.exe
|
"C:\Users\user\Desktop\PROOF OF PAYMENT.scr.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\hXGmUcb.exe
|
C:\Users\user\AppData\Roaming\hXGmUcb.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\hXGmUcb" /XML "C:\Users\user\AppData\Local\Temp\tmp5513.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\hXGmUcb.exe
|
"C:\Users\user\AppData\Roaming\hXGmUcb.exe"
|
|
|
|
C:\Program Files (x86)\DNS Host\dnshost.exe
|
"C:\Program Files (x86)\DNS Host\dnshost.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\hXGmUcb" /XML "C:\Users\user\AppData\Local\Temp\tmp7AEB.tmp"
|
|
|
|
C:\Program Files (x86)\DNS Host\dnshost.exe
|
"C:\Program Files (x86)\DNS Host\dnshost.exe"
|
|
|
|
C:\Program Files (x86)\DNS Host\dnshost.exe
|
"C:\Program Files (x86)\DNS Host\dnshost.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7580 -s 1560
|
There are 11 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
amechi.duckdns.org
|
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 18 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
amechi.duckdns.org
|
45.95.169.113
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
45.95.169.113
|
amechi.duckdns.org
|
Croatia (LOCAL Name: Hrvatska)
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
|
DNS Host
|
||
|
\REGISTRY\A\{757be406-4d53-54cc-e052-e4754bb9014a}\Root\InventoryApplicationFile\proof of payment|a22b2451b53f019c
|
ProgramId
|
||
|
\REGISTRY\A\{757be406-4d53-54cc-e052-e4754bb9014a}\Root\InventoryApplicationFile\proof of payment|a22b2451b53f019c
|
FileId
|
||
|
\REGISTRY\A\{757be406-4d53-54cc-e052-e4754bb9014a}\Root\InventoryApplicationFile\proof of payment|a22b2451b53f019c
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{757be406-4d53-54cc-e052-e4754bb9014a}\Root\InventoryApplicationFile\proof of payment|a22b2451b53f019c
|
LongPathHash
|
||
|
\REGISTRY\A\{757be406-4d53-54cc-e052-e4754bb9014a}\Root\InventoryApplicationFile\proof of payment|a22b2451b53f019c
|
Name
|
||
|
\REGISTRY\A\{757be406-4d53-54cc-e052-e4754bb9014a}\Root\InventoryApplicationFile\proof of payment|a22b2451b53f019c
|
OriginalFileName
|
||
|
\REGISTRY\A\{757be406-4d53-54cc-e052-e4754bb9014a}\Root\InventoryApplicationFile\proof of payment|a22b2451b53f019c
|
Publisher
|
||
|
\REGISTRY\A\{757be406-4d53-54cc-e052-e4754bb9014a}\Root\InventoryApplicationFile\proof of payment|a22b2451b53f019c
|
Version
|
||
|
\REGISTRY\A\{757be406-4d53-54cc-e052-e4754bb9014a}\Root\InventoryApplicationFile\proof of payment|a22b2451b53f019c
|
BinFileVersion
|
||
|
\REGISTRY\A\{757be406-4d53-54cc-e052-e4754bb9014a}\Root\InventoryApplicationFile\proof of payment|a22b2451b53f019c
|
BinaryType
|
||
|
\REGISTRY\A\{757be406-4d53-54cc-e052-e4754bb9014a}\Root\InventoryApplicationFile\proof of payment|a22b2451b53f019c
|
ProductName
|
||
|
\REGISTRY\A\{757be406-4d53-54cc-e052-e4754bb9014a}\Root\InventoryApplicationFile\proof of payment|a22b2451b53f019c
|
ProductVersion
|
||
|
\REGISTRY\A\{757be406-4d53-54cc-e052-e4754bb9014a}\Root\InventoryApplicationFile\proof of payment|a22b2451b53f019c
|
LinkDate
|
||
|
\REGISTRY\A\{757be406-4d53-54cc-e052-e4754bb9014a}\Root\InventoryApplicationFile\proof of payment|a22b2451b53f019c
|
BinProductVersion
|
||
|
\REGISTRY\A\{757be406-4d53-54cc-e052-e4754bb9014a}\Root\InventoryApplicationFile\proof of payment|a22b2451b53f019c
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{757be406-4d53-54cc-e052-e4754bb9014a}\Root\InventoryApplicationFile\proof of payment|a22b2451b53f019c
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{757be406-4d53-54cc-e052-e4754bb9014a}\Root\InventoryApplicationFile\proof of payment|a22b2451b53f019c
|
Size
|
||
|
\REGISTRY\A\{757be406-4d53-54cc-e052-e4754bb9014a}\Root\InventoryApplicationFile\proof of payment|a22b2451b53f019c
|
Language
|
||
|
\REGISTRY\A\{757be406-4d53-54cc-e052-e4754bb9014a}\Root\InventoryApplicationFile\proof of payment|a22b2451b53f019c
|
Usn
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
|
TickCount
|
There are 12 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3AB9000
|
trusted library allocation
|
page read and write
|
|
|
|
4F20000
|
trusted library section
|
page read and write
|
|
|
|
4296000
|
trusted library allocation
|
page read and write
|
|
|
|
3579000
|
trusted library allocation
|
page read and write
|
|
|
|
2AB1000
|
trusted library allocation
|
page read and write
|
|
|
|
5AA0000
|
trusted library section
|
page read and write
|
|
|
|
2D51000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
4195000
|
trusted library allocation
|
page read and write
|
|
|
|
30D1000
|
trusted library allocation
|
page read and write
|
|
|
|
4467000
|
trusted library allocation
|
page read and write
|
|
|
|
FA0000
|
trusted library allocation
|
page read and write
|
||
|
3316000
|
trusted library allocation
|
page read and write
|
||
|
EA000
|
stack
|
page read and write
|
||
|
4404000
|
trusted library allocation
|
page read and write
|
||
|
EBE000
|
stack
|
page read and write
|
||
|
686E000
|
stack
|
page read and write
|
||
|
1120000
|
heap
|
page execute and read and write
|
||
|
49D1000
|
trusted library allocation
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
41B4000
|
trusted library allocation
|
page read and write
|
||
|
90F000
|
heap
|
page read and write
|
||
|
2CC0000
|
heap
|
page read and write
|
||
|
4A60000
|
trusted library allocation
|
page read and write
|
||
|
A1E000
|
heap
|
page read and write
|
||
|
2AA0000
|
heap
|
page read and write
|
||
|
4FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
D69E000
|
stack
|
page read and write
|
||
|
6A10000
|
heap
|
page read and write
|
||
|
D06D000
|
stack
|
page read and write
|
||
|
2DD000
|
stack
|
page read and write
|
||
|
305D000
|
trusted library allocation
|
page read and write
|
||
|
C59000
|
stack
|
page read and write
|
||
|
80DF000
|
stack
|
page read and write
|
||
|
2A4B000
|
heap
|
page read and write
|
||
|
A58000
|
heap
|
page read and write
|
||
|
5540000
|
heap
|
page read and write
|
||
|
920000
|
trusted library allocation
|
page read and write
|
||
|
5560000
|
heap
|
page read and write
|
||
|
2C4E000
|
stack
|
page read and write
|
||
|
4FAE000
|
trusted library allocation
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
3370000
|
trusted library allocation
|
page read and write
|
||
|
6A1D000
|
stack
|
page read and write
|
||
|
8DA0000
|
trusted library allocation
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page execute and read and write
|
||
|
7E1D000
|
stack
|
page read and write
|
||
|
132E000
|
stack
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
8A20000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FA0000
|
heap
|
page read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
5240000
|
trusted library allocation
|
page execute and read and write
|
||
|
27D5000
|
trusted library allocation
|
page read and write
|
||
|
B3A4000
|
trusted library allocation
|
page read and write
|
||
|
C96D000
|
stack
|
page read and write
|
||
|
BED000
|
trusted library allocation
|
page execute and read and write
|
||
|
722E000
|
stack
|
page read and write
|
||
|
29A000
|
stack
|
page read and write
|
||
|
4F50000
|
trusted library section
|
page read and write
|
||
|
F80000
|
trusted library allocation
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
10E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F70000
|
trusted library allocation
|
page read and write
|
||
|
2D10000
|
trusted library allocation
|
page read and write
|
||
|
1190000
|
trusted library allocation
|
page read and write
|
||
|
4BF0000
|
trusted library allocation
|
page read and write
|
||
|
3332000
|
trusted library allocation
|
page read and write
|
||
|
33E8000
|
trusted library allocation
|
page read and write
|
||
|
7FAB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6331000
|
stack
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
11BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
CF3D000
|
stack
|
page read and write
|
||
|
4D60000
|
heap
|
page read and write
|
||
|
ED5000
|
heap
|
page read and write
|
||
|
F83000
|
trusted library allocation
|
page execute and read and write
|
||
|
5590000
|
trusted library allocation
|
page read and write
|
||
|
339E000
|
trusted library allocation
|
page read and write
|
||
|
2510000
|
trusted library allocation
|
page execute and read and write
|
||
|
8310000
|
heap
|
page read and write
|
||
|
CEFD000
|
stack
|
page read and write
|
||
|
DD8000
|
heap
|
page read and write
|
||
|
139F000
|
trusted library allocation
|
page read and write
|
||
|
2D20000
|
trusted library allocation
|
page read and write
|
||
|
8BE000
|
stack
|
page read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
256D000
|
trusted library allocation
|
page read and write
|
||
|
1525000
|
trusted library allocation
|
page read and write
|
||
|
5EDE000
|
stack
|
page read and write
|
||
|
299E000
|
trusted library allocation
|
page read and write
|
||
|
CCC0000
|
heap
|
page read and write
|
||
|
C42E000
|
stack
|
page read and write
|
||
|
C6EE000
|
stack
|
page read and write
|
||
|
2555000
|
trusted library allocation
|
page read and write
|
||
|
257D000
|
stack
|
page read and write
|
||
|
2353000
|
heap
|
page read and write
|
||
|
4E4C000
|
stack
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
87B0000
|
heap
|
page read and write
|
||
|
6610000
|
trusted library allocation
|
page read and write
|
||
|
3434000
|
trusted library allocation
|
page read and write
|
||
|
967000
|
heap
|
page read and write
|
||
|
C77E000
|
stack
|
page read and write
|
||
|
3276000
|
trusted library allocation
|
page read and write
|
||
|
5750000
|
trusted library allocation
|
page read and write
|
||
|
25AE000
|
stack
|
page read and write
|
||
|
25BD000
|
stack
|
page read and write
|
||
|
C0B000
|
trusted library allocation
|
page execute and read and write
|
||
|
D2F000
|
stack
|
page read and write
|
||
|
D2AE000
|
stack
|
page read and write
|
||
|
D0FE000
|
stack
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page execute and read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
10E2000
|
trusted library allocation
|
page read and write
|
||
|
324B000
|
trusted library allocation
|
page read and write
|
||
|
411B000
|
trusted library allocation
|
page read and write
|
||
|
D76000
|
heap
|
page read and write
|
||
|
10DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
6890000
|
heap
|
page read and write
|
||
|
32A000
|
stack
|
page read and write
|
||
|
5860000
|
heap
|
page read and write
|
||
|
77E000
|
stack
|
page read and write
|
||
|
5FDF000
|
stack
|
page read and write
|
||
|
1057000
|
heap
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
49B0000
|
trusted library allocation
|
page read and write
|
||
|
69DE000
|
stack
|
page read and write
|
||
|
2564000
|
trusted library allocation
|
page read and write
|
||
|
3741000
|
trusted library allocation
|
page read and write
|
||
|
5250000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C60000
|
heap
|
page read and write
|
||
|
4C40000
|
trusted library allocation
|
page read and write
|
||
|
3040000
|
trusted library allocation
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
577E000
|
stack
|
page read and write
|
||
|
9050000
|
trusted library allocation
|
page read and write
|
||
|
2600000
|
trusted library allocation
|
page read and write
|
||
|
342C000
|
trusted library allocation
|
page read and write
|
||
|
67BC000
|
stack
|
page read and write
|
||
|
C05000
|
heap
|
page read and write
|
||
|
74E000
|
stack
|
page read and write
|
||
|
5210000
|
trusted library allocation
|
page execute and read and write
|
||
|
BD3000
|
trusted library allocation
|
page execute and read and write
|
||
|
424C000
|
trusted library allocation
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
41D4000
|
trusted library allocation
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
3306000
|
trusted library allocation
|
page read and write
|
||
|
6B5E000
|
stack
|
page read and write
|
||
|
3045000
|
trusted library allocation
|
page read and write
|
||
|
BE3000
|
trusted library allocation
|
page read and write
|
||
|
271F000
|
trusted library allocation
|
page read and write
|
||
|
4233000
|
trusted library allocation
|
page read and write
|
||
|
4EF0000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
696F000
|
stack
|
page read and write
|
||
|
D58000
|
stack
|
page read and write
|
||
|
6970000
|
trusted library allocation
|
page read and write
|
||
|
7004000
|
trusted library allocation
|
page read and write
|
||
|
E11000
|
trusted library allocation
|
page read and write
|
||
|
260C000
|
stack
|
page read and write
|
||
|
5260000
|
trusted library allocation
|
page read and write
|
||
|
D59F000
|
stack
|
page read and write
|
||
|
6632000
|
trusted library allocation
|
page read and write
|
||
|
5CEE000
|
stack
|
page read and write
|
||
|
4138000
|
trusted library allocation
|
page read and write
|
||
|
4F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
41A4000
|
trusted library allocation
|
page read and write
|
||
|
1390000
|
trusted library allocation
|
page read and write
|
||
|
49BB000
|
trusted library allocation
|
page read and write
|
||
|
302E000
|
stack
|
page read and write
|
||
|
4BF0000
|
trusted library allocation
|
page read and write
|
||
|
78F000
|
stack
|
page read and write
|
||
|
6A4E000
|
stack
|
page read and write
|
||
|
A21000
|
heap
|
page read and write
|
||
|
F84000
|
trusted library allocation
|
page read and write
|
||
|
CFEC000
|
stack
|
page read and write
|
||
|
89EC000
|
stack
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
132F000
|
trusted library allocation
|
page read and write
|
||
|
9030000
|
trusted library allocation
|
page read and write
|
||
|
29BE000
|
trusted library allocation
|
page read and write
|
||
|
4C20000
|
trusted library allocation
|
page read and write
|
||
|
917000
|
heap
|
page read and write
|
||
|
BF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
11A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
865F000
|
stack
|
page read and write
|
||
|
4C4D000
|
stack
|
page read and write
|
||
|
33D0000
|
trusted library allocation
|
page read and write
|
||
|
2C55000
|
trusted library allocation
|
page read and write
|
||
|
93D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D47000
|
heap
|
page read and write
|
||
|
3D51000
|
trusted library allocation
|
page read and write
|
||
|
4FD0000
|
trusted library allocation
|
page read and write
|
||
|
80E000
|
heap
|
page read and write
|
||
|
DD5000
|
heap
|
page read and write
|
||
|
3224000
|
trusted library allocation
|
page read and write
|
||
|
C1C000
|
stack
|
page read and write
|
||
|
B68000
|
stack
|
page read and write
|
||
|
BDF000
|
stack
|
page read and write
|
||
|
5570000
|
heap
|
page execute and read and write
|
||
|
940000
|
trusted library allocation
|
page read and write
|
||
|
426C000
|
trusted library allocation
|
page read and write
|
||
|
4BC0000
|
trusted library section
|
page readonly
|
||
|
3360000
|
trusted library allocation
|
page read and write
|
||
|
4FBD000
|
trusted library allocation
|
page read and write
|
||
|
139C000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
5520000
|
heap
|
page read and write
|
||
|
FDE000
|
heap
|
page read and write
|
||
|
10EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
F3F000
|
stack
|
page read and write
|
||
|
1183000
|
trusted library allocation
|
page execute and read and write
|
||
|
136A000
|
heap
|
page read and write
|
||
|
10D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
694E000
|
stack
|
page read and write
|
||
|
BC0000
|
trusted library allocation
|
page read and write
|
||
|
427C000
|
trusted library allocation
|
page read and write
|
||
|
9E4000
|
heap
|
page read and write
|
||
|
4FF0000
|
trusted library allocation
|
page read and write
|
||
|
7DDE000
|
stack
|
page read and write
|
||
|
FE9000
|
heap
|
page read and write
|
||
|
D020000
|
trusted library allocation
|
page execute and read and write
|
||
|
2991000
|
trusted library allocation
|
page read and write
|
||
|
7D2000
|
trusted library allocation
|
page read and write
|
||
|
BDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
841E000
|
stack
|
page read and write
|
||
|
5510000
|
heap
|
page read and write
|
||
|
6A5E000
|
stack
|
page read and write
|
||
|
CDC8000
|
heap
|
page read and write
|
||
|
118D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E5D000
|
stack
|
page read and write
|
||
|
3144000
|
trusted library allocation
|
page read and write
|
||
|
5040000
|
heap
|
page read and write
|
||
|
4FB1000
|
trusted library allocation
|
page read and write
|
||
|
3240000
|
trusted library allocation
|
page read and write
|
||
|
1314000
|
trusted library allocation
|
page read and write
|
||
|
49B4000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
trusted library allocation
|
page read and write
|
||
|
431C000
|
trusted library allocation
|
page read and write
|
||
|
6974000
|
trusted library allocation
|
page read and write
|
||
|
40E9000
|
trusted library allocation
|
page read and write
|
||
|
1184000
|
trusted library allocation
|
page read and write
|
||
|
D1E000
|
stack
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
2C65000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
trusted library allocation
|
page read and write
|
||
|
11C4000
|
trusted library allocation
|
page read and write
|
||
|
4AA000
|
stack
|
page read and write
|
||
|
567E000
|
stack
|
page read and write
|
||
|
C73E000
|
stack
|
page read and write
|
||
|
830B000
|
heap
|
page read and write
|
||
|
C27000
|
heap
|
page read and write
|
||
|
554E000
|
heap
|
page read and write
|
||
|
7B4000
|
trusted library allocation
|
page read and write
|
||
|
4BA6000
|
trusted library allocation
|
page read and write
|
||
|
D16F000
|
stack
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
CCD0000
|
heap
|
page read and write
|
||
|
CB6E000
|
stack
|
page read and write
|
||
|
DF4000
|
trusted library allocation
|
page read and write
|
||
|
327C000
|
trusted library allocation
|
page read and write
|
||
|
60AE000
|
stack
|
page read and write
|
||
|
49D6000
|
trusted library allocation
|
page read and write
|
||
|
7CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
6810000
|
heap
|
page read and write
|
||
|
CDDC000
|
heap
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
255F000
|
stack
|
page read and write
|
||
|
4F94000
|
trusted library allocation
|
page read and write
|
||
|
4DA0000
|
heap
|
page read and write
|
||
|
7D0000
|
trusted library allocation
|
page read and write
|
||
|
B3A0000
|
trusted library allocation
|
page read and write
|
||
|
E36000
|
trusted library allocation
|
page read and write
|
||
|
4B50000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B60000
|
trusted library allocation
|
page read and write
|
||
|
4BE5000
|
trusted library allocation
|
page read and write
|
||
|
113C000
|
stack
|
page read and write
|
||
|
3CE000
|
unkown
|
page read and write
|
||
|
81DE000
|
stack
|
page read and write
|
||
|
95B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5020000
|
heap
|
page read and write
|
||
|
3729000
|
trusted library allocation
|
page read and write
|
||
|
3E2E000
|
trusted library allocation
|
page read and write
|
||
|
4CA0000
|
heap
|
page read and write
|
||
|
6A1E000
|
heap
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
3EE000
|
unkown
|
page read and write
|
||
|
4FE0000
|
trusted library allocation
|
page read and write
|
||
|
55A1000
|
trusted library allocation
|
page read and write
|
||
|
4B65000
|
trusted library allocation
|
page read and write
|
||
|
3030000
|
trusted library allocation
|
page read and write
|
||
|
2AAE000
|
stack
|
page read and write
|
||
|
92D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5710000
|
heap
|
page read and write
|
||
|
4E80000
|
trusted library section
|
page readonly
|
||
|
2560000
|
trusted library allocation
|
page read and write
|
||
|
3D9B000
|
trusted library allocation
|
page read and write
|
||
|
4A50000
|
heap
|
page read and write
|
||
|
7F1F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A10000
|
trusted library allocation
|
page read and write
|
||
|
4E50000
|
trusted library allocation
|
page execute and read and write
|
||
|
946000
|
trusted library allocation
|
page execute and read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
F9E000
|
stack
|
page read and write
|
||
|
A7D000
|
heap
|
page read and write
|
||
|
1170000
|
trusted library allocation
|
page read and write
|
||
|
11C5000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
41F4000
|
trusted library allocation
|
page read and write
|
||
|
4BB2000
|
trusted library allocation
|
page read and write
|
||
|
7A0000
|
trusted library allocation
|
page read and write
|
||
|
4119000
|
trusted library allocation
|
page read and write
|
||
|
1348000
|
heap
|
page read and write
|
||
|
A69000
|
stack
|
page read and write
|
||
|
138B000
|
heap
|
page read and write
|
||
|
688C000
|
stack
|
page read and write
|
||
|
429C000
|
trusted library allocation
|
page read and write
|
||
|
3721000
|
trusted library allocation
|
page read and write
|
||
|
6C5D000
|
stack
|
page read and write
|
||
|
250D000
|
stack
|
page read and write
|
||
|
C72E000
|
stack
|
page read and write
|
||
|
4B80000
|
trusted library allocation
|
page read and write
|
||
|
3342000
|
trusted library allocation
|
page read and write
|
||
|
10B4000
|
trusted library allocation
|
page read and write
|
||
|
116E000
|
stack
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page execute and read and write
|
||
|
D39C000
|
stack
|
page read and write
|
||
|
4EE0000
|
heap
|
page read and write
|
||
|
1DF000
|
unkown
|
page read and write
|
||
|
4C60000
|
trusted library section
|
page readonly
|
||
|
428C000
|
trusted library allocation
|
page read and write
|
||
|
6B5D000
|
stack
|
page read and write
|
||
|
32D2000
|
trusted library allocation
|
page read and write
|
||
|
7320000
|
heap
|
page read and write
|
||
|
4424000
|
trusted library allocation
|
page read and write
|
||
|
12E0000
|
trusted library allocation
|
page read and write
|
||
|
1310000
|
trusted library allocation
|
page read and write
|
||
|
70E0000
|
heap
|
page read and write
|
||
|
FC8000
|
heap
|
page read and write
|
||
|
6C5E000
|
stack
|
page read and write
|
||
|
FA6000
|
trusted library allocation
|
page execute and read and write
|
||
|
298D000
|
trusted library allocation
|
page read and write
|
||
|
528E000
|
stack
|
page read and write
|
||
|
4E6B000
|
stack
|
page read and write
|
||
|
601E000
|
stack
|
page read and write
|
||
|
827000
|
heap
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
33C8000
|
trusted library allocation
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
51C2000
|
trusted library allocation
|
page read and write
|
||
|
BFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
425C000
|
trusted library allocation
|
page read and write
|
||
|
365A000
|
trusted library allocation
|
page read and write
|
||
|
51BD000
|
trusted library allocation
|
page read and write
|
||
|
48B000
|
heap
|
page read and write
|
||
|
1448000
|
trusted library allocation
|
page read and write
|
||
|
397000
|
stack
|
page read and write
|
||
|
3571000
|
trusted library allocation
|
page read and write
|
||
|
41B5000
|
trusted library allocation
|
page read and write
|
||
|
41E4000
|
trusted library allocation
|
page read and write
|
||
|
E22000
|
trusted library allocation
|
page read and write
|
||
|
C970000
|
heap
|
page read and write
|
||
|
7DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page execute and read and write
|
||
|
3070000
|
trusted library allocation
|
page read and write
|
||
|
8A6E000
|
stack
|
page read and write
|
||
|
D48000
|
heap
|
page read and write
|
||
|
6BAF000
|
stack
|
page read and write
|
||
|
7FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
71E000
|
stack
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
51AE000
|
trusted library allocation
|
page read and write
|
||
|
2D30000
|
trusted library allocation
|
page read and write
|
||
|
4F00000
|
heap
|
page read and write
|
||
|
49E0000
|
trusted library allocation
|
page read and write
|
||
|
530E000
|
stack
|
page read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
4CA3000
|
heap
|
page read and write
|
||
|
4F80000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F7F000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
4117000
|
trusted library allocation
|
page read and write
|
||
|
4F90000
|
trusted library allocation
|
page read and write
|
||
|
32DA000
|
trusted library allocation
|
page read and write
|
||
|
2A95000
|
trusted library allocation
|
page read and write
|
||
|
11E5000
|
trusted library allocation
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
6E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A70000
|
heap
|
page execute and read and write
|
||
|
5000000
|
trusted library allocation
|
page read and write
|
||
|
4D80000
|
trusted library allocation
|
page execute and read and write
|
||
|
67FE000
|
stack
|
page read and write
|
||
|
669A000
|
heap
|
page read and write
|
||
|
C02000
|
trusted library allocation
|
page read and write
|
||
|
119D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3369000
|
trusted library allocation
|
page read and write
|
||
|
2791000
|
trusted library allocation
|
page read and write
|
||
|
9680000
|
trusted library section
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
E1D000
|
trusted library allocation
|
page read and write
|
||
|
11A0000
|
trusted library allocation
|
page read and write
|
||
|
61AF000
|
stack
|
page read and write
|
||
|
173E000
|
stack
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
5160000
|
heap
|
page read and write
|
||
|
10BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
4C10000
|
trusted library allocation
|
page read and write
|
||
|
1337000
|
heap
|
page read and write
|
||
|
4BBB000
|
stack
|
page read and write
|
||
|
3062000
|
trusted library allocation
|
page read and write
|
||
|
8300000
|
heap
|
page read and write
|
||
|
CDB0000
|
heap
|
page read and write
|
||
|
3D6F000
|
trusted library allocation
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
7F2000
|
trusted library allocation
|
page read and write
|
||
|
1320000
|
trusted library allocation
|
page read and write
|
||
|
8EE000
|
stack
|
page read and write
|
||
|
2988000
|
trusted library allocation
|
page read and write
|
||
|
30B0000
|
trusted library allocation
|
page read and write
|
||
|
483C000
|
stack
|
page read and write
|
||
|
4BA1000
|
trusted library allocation
|
page read and write
|
||
|
151C000
|
stack
|
page read and write
|
||
|
4FC0000
|
heap
|
page read and write
|
||
|
27EE000
|
trusted library allocation
|
page read and write
|
||
|
6770000
|
trusted library section
|
page read and write
|
||
|
4BAD000
|
trusted library allocation
|
page read and write
|
||
|
737000
|
stack
|
page read and write
|
||
|
CBBD000
|
stack
|
page read and write
|
||
|
3545000
|
trusted library allocation
|
page read and write
|
||
|
88EC000
|
stack
|
page read and write
|
||
|
3D59000
|
trusted library allocation
|
page read and write
|
||
|
8F5000
|
heap
|
page read and write
|
||
|
7E7000
|
heap
|
page read and write
|
||
|
4B30000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
trusted library allocation
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
431C000
|
trusted library allocation
|
page read and write
|
||
|
7C0000
|
trusted library allocation
|
page read and write
|
||
|
2540000
|
trusted library allocation
|
page read and write
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
2560000
|
heap
|
page execute and read and write
|
||
|
D0BE000
|
stack
|
page read and write
|
||
|
2571000
|
trusted library allocation
|
page read and write
|
||
|
49CE000
|
trusted library allocation
|
page read and write
|
||
|
4370000
|
trusted library allocation
|
page read and write
|
||
|
29A0000
|
trusted library allocation
|
page read and write
|
||
|
C780000
|
heap
|
page read and write
|
||
|
6B10000
|
trusted library allocation
|
page read and write
|
||
|
361E000
|
trusted library allocation
|
page read and write
|
||
|
3E7C000
|
trusted library allocation
|
page read and write
|
||
|
40D1000
|
trusted library allocation
|
page read and write
|
||
|
8DCB000
|
trusted library allocation
|
page read and write
|
||
|
78F000
|
stack
|
page read and write
|
||
|
500E000
|
stack
|
page read and write
|
||
|
150000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
4E20000
|
heap
|
page execute and read and write
|
||
|
4390000
|
trusted library allocation
|
page read and write
|
||
|
40D9000
|
trusted library allocation
|
page read and write
|
||
|
6A60000
|
trusted library allocation
|
page read and write
|
||
|
4B9E000
|
trusted library allocation
|
page read and write
|
||
|
75AE000
|
stack
|
page read and write
|
||
|
4FD0000
|
heap
|
page read and write
|
||
|
139E000
|
heap
|
page read and write
|
||
|
3DE0000
|
trusted library allocation
|
page read and write
|
||
|
404C000
|
trusted library allocation
|
page read and write
|
||
|
4254000
|
trusted library allocation
|
page read and write
|
||
|
2550000
|
trusted library allocation
|
page read and write
|
||
|
2779000
|
trusted library allocation
|
page read and write
|
||
|
5740000
|
trusted library section
|
page read and write
|
||
|
466C000
|
stack
|
page read and write
|
||
|
52CE000
|
stack
|
page read and write
|
||
|
4EAD000
|
stack
|
page read and write
|
||
|
24D0000
|
trusted library allocation
|
page read and write
|
||
|
98F000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
11AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
82DD000
|
stack
|
page read and write
|
||
|
30C0000
|
heap
|
page execute and read and write
|
||
|
5010000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
FB7000
|
trusted library allocation
|
page execute and read and write
|
||
|
27B5000
|
trusted library allocation
|
page read and write
|
||
|
11DC000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
6E10000
|
trusted library allocation
|
page read and write
|
||
|
3051000
|
trusted library allocation
|
page read and write
|
||
|
61EE000
|
stack
|
page read and write
|
||
|
933000
|
trusted library allocation
|
page read and write
|
||
|
5220000
|
heap
|
page read and write
|
||
|
1537000
|
heap
|
page read and write
|
||
|
910000
|
trusted library allocation
|
page read and write
|
||
|
31A000
|
stack
|
page read and write
|
||
|
2C60000
|
heap
|
page execute and read and write
|
||
|
64EC000
|
stack
|
page read and write
|
||
|
808000
|
heap
|
page read and write
|
||
|
5760000
|
heap
|
page read and write
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
6800000
|
trusted library allocation
|
page read and write
|
||
|
7F9A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D70000
|
trusted library allocation
|
page read and write
|
||
|
D2E000
|
stack
|
page read and write
|
||
|
2C5A000
|
trusted library allocation
|
page read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
AD000
|
stack
|
page read and write
|
||
|
4BD0000
|
trusted library allocation
|
page read and write
|
||
|
4C90000
|
trusted library allocation
|
page read and write
|
||
|
246E000
|
stack
|
page read and write
|
||
|
3749000
|
trusted library allocation
|
page read and write
|
||
|
3D85000
|
trusted library allocation
|
page read and write
|
||
|
43E4000
|
trusted library allocation
|
page read and write
|
||
|
6E9E000
|
stack
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
1380000
|
trusted library allocation
|
page read and write
|
||
|
2721000
|
trusted library allocation
|
page read and write
|
||
|
646E000
|
stack
|
page read and write
|
||
|
CC6E000
|
stack
|
page read and write
|
||
|
160000
|
unkown
|
page readonly
|
||
|
10CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E60000
|
trusted library allocation
|
page read and write
|
||
|
942000
|
trusted library allocation
|
page read and write
|
||
|
25C0000
|
heap
|
page execute and read and write
|
||
|
ADA000
|
heap
|
page read and write
|
||
|
732E000
|
stack
|
page read and write
|
||
|
4E90000
|
heap
|
page read and write
|
||
|
49DD000
|
trusted library allocation
|
page read and write
|
||
|
402C000
|
trusted library allocation
|
page read and write
|
||
|
271E000
|
stack
|
page read and write
|
||
|
9040000
|
trusted library allocation
|
page execute and read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
68DE000
|
stack
|
page read and write
|
||
|
D1FE000
|
stack
|
page read and write
|
||
|
304E000
|
trusted library allocation
|
page read and write
|
||
|
CDD8000
|
heap
|
page read and write
|
||
|
611F000
|
stack
|
page read and write
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
4BE0000
|
trusted library allocation
|
page read and write
|
||
|
4C65000
|
trusted library section
|
page readonly
|
||
|
FB2000
|
trusted library allocation
|
page read and write
|
||
|
4E10000
|
heap
|
page read and write
|
||
|
4FE0000
|
heap
|
page read and write
|
||
|
9290000
|
trusted library allocation
|
page read and write
|
||
|
94A000
|
trusted library allocation
|
page execute and read and write
|
||
|
35D8000
|
trusted library allocation
|
page read and write
|
||
|
273E000
|
stack
|
page read and write
|
||
|
FBB000
|
trusted library allocation
|
page execute and read and write
|
||
|
5FEE000
|
stack
|
page read and write
|
||
|
303B000
|
trusted library allocation
|
page read and write
|
||
|
BBF000
|
stack
|
page read and write
|
||
|
C93E000
|
stack
|
page read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
C86D000
|
stack
|
page read and write
|
||
|
6CB0000
|
trusted library allocation
|
page read and write
|
||
|
3438000
|
trusted library allocation
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
4194000
|
trusted library allocation
|
page read and write
|
||
|
162000
|
unkown
|
page readonly
|
||
|
4BC3000
|
heap
|
page read and write
|
||
|
1529000
|
trusted library allocation
|
page read and write
|
||
|
8FE000
|
heap
|
page read and write
|
||
|
6AAE000
|
stack
|
page read and write
|
||
|
278D000
|
trusted library allocation
|
page read and write
|
||
|
12CF000
|
stack
|
page read and write
|
||
|
2C50000
|
trusted library allocation
|
page read and write
|
||
|
8FA000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
5EEF000
|
stack
|
page read and write
|
||
|
957000
|
trusted library allocation
|
page execute and read and write
|
||
|
70F000
|
unkown
|
page read and write
|
||
|
1180000
|
trusted library allocation
|
page read and write
|
||
|
1740000
|
heap
|
page read and write
|
||
|
2530000
|
trusted library allocation
|
page read and write
|
||
|
5A7000
|
stack
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
328E000
|
trusted library allocation
|
page read and write
|
||
|
FF5000
|
heap
|
page read and write
|
||
|
684E000
|
stack
|
page read and write
|
||
|
E47000
|
heap
|
page read and write
|
||
|
4E00000
|
heap
|
page read and write
|
||
|
970000
|
trusted library allocation
|
page read and write
|
||
|
4151000
|
trusted library allocation
|
page read and write
|
||
|
109F000
|
stack
|
page read and write
|
||
|
4DA5000
|
heap
|
page read and write
|
||
|
323E000
|
trusted library allocation
|
page read and write
|
||
|
2741000
|
trusted library allocation
|
page read and write
|
||
|
4F70000
|
trusted library allocation
|
page read and write
|
||
|
481C000
|
stack
|
page read and write
|
||
|
11B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2350000
|
heap
|
page read and write
|
||
|
BF0000
|
trusted library allocation
|
page read and write
|
||
|
62EF000
|
stack
|
page read and write
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
230E000
|
stack
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
673E000
|
heap
|
page read and write
|
||
|
4BC4000
|
trusted library allocation
|
page read and write
|
||
|
550D000
|
stack
|
page read and write
|
||
|
F8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
88E000
|
stack
|
page read and write
|
||
|
4F6D000
|
stack
|
page read and write
|
||
|
4BC6000
|
trusted library allocation
|
page read and write
|
||
|
105D000
|
heap
|
page read and write
|
||
|
11F3000
|
heap
|
page read and write
|
||
|
CB7E000
|
stack
|
page read and write
|
||
|
841000
|
heap
|
page read and write
|
||
|
8D5A000
|
trusted library allocation
|
page read and write
|
||
|
5730000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F9B000
|
trusted library allocation
|
page read and write
|
||
|
4C80000
|
trusted library allocation
|
page execute and read and write
|
||
|
5560000
|
trusted library allocation
|
page execute and read and write
|
||
|
25EE000
|
stack
|
page read and write
|
||
|
519F000
|
trusted library allocation
|
page read and write
|
||
|
5D9E000
|
stack
|
page read and write
|
||
|
2610000
|
heap
|
page read and write
|
||
|
2721000
|
trusted library allocation
|
page read and write
|
||
|
5510000
|
heap
|
page read and write
|
||
|
11B2000
|
trusted library allocation
|
page read and write
|
||
|
33FD000
|
trusted library allocation
|
page read and write
|
||
|
4137000
|
trusted library allocation
|
page read and write
|
||
|
3DB8000
|
trusted library allocation
|
page read and write
|
||
|
923000
|
trusted library allocation
|
page execute and read and write
|
||
|
66AF000
|
heap
|
page read and write
|
||
|
136B000
|
stack
|
page read and write
|
||
|
2630000
|
heap
|
page read and write
|
||
|
7000000
|
trusted library allocation
|
page read and write
|
||
|
BF2000
|
trusted library allocation
|
page read and write
|
||
|
C5EE000
|
stack
|
page read and write
|
||
|
27B8000
|
trusted library allocation
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
932000
|
heap
|
page read and write
|
||
|
5190000
|
trusted library allocation
|
page read and write
|
||
|
E16000
|
trusted library allocation
|
page read and write
|
||
|
13F4000
|
heap
|
page read and write
|
||
|
3056000
|
trusted library allocation
|
page read and write
|
||
|
380000
|
heap
|
page read and write
|
||
|
CEEC000
|
stack
|
page read and write
|
||
|
C3EE000
|
stack
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
2470000
|
trusted library allocation
|
page execute and read and write
|
||
|
234B000
|
stack
|
page read and write
|
||
|
29A5000
|
trusted library allocation
|
page read and write
|
||
|
7C3000
|
trusted library allocation
|
page read and write
|
||
|
10A0000
|
trusted library allocation
|
page read and write
|
||
|
51B1000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
2AAB000
|
heap
|
page read and write
|
||
|
CCBD000
|
stack
|
page read and write
|
||
|
422000
|
remote allocation
|
page execute and read and write
|
||
|
8B6E000
|
stack
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
7B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
9FF000
|
stack
|
page read and write
|
||
|
63A000
|
stack
|
page read and write
|
||
|
E34000
|
trusted library allocation
|
page read and write
|
||
|
2FED000
|
stack
|
page read and write
|
||
|
208000
|
unkown
|
page readonly
|
||
|
D69000
|
heap
|
page read and write
|
||
|
952000
|
trusted library allocation
|
page read and write
|
||
|
82F0000
|
heap
|
page read and write
|
||
|
4FA5000
|
heap
|
page read and write
|
||
|
6730000
|
heap
|
page read and write
|
||
|
10F5000
|
stack
|
page read and write
|
||
|
19E000
|
unkown
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
3AB1000
|
trusted library allocation
|
page read and write
|
||
|
5131000
|
trusted library allocation
|
page read and write
|
||
|
5370000
|
heap
|
page execute and read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
4BE0000
|
heap
|
page read and write
|
||
|
FAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
25DD000
|
trusted library allocation
|
page read and write
|
||
|
54D0000
|
heap
|
page read and write
|
||
|
5AF0000
|
heap
|
page read and write
|
||
|
CA3E000
|
stack
|
page read and write
|
||
|
CA7E000
|
stack
|
page read and write
|
||
|
4B70000
|
trusted library allocation
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
4E84000
|
trusted library section
|
page readonly
|
||
|
43E000
|
stack
|
page read and write
|
||
|
4B90000
|
trusted library allocation
|
page read and write
|
||
|
F9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1384000
|
trusted library allocation
|
page read and write
|
||
|
3F67000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
trusted library allocation
|
page read and write
|
||
|
1300000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D5E000
|
stack
|
page read and write
|
||
|
49F0000
|
trusted library allocation
|
page read and write
|
||
|
D49C000
|
stack
|
page read and write
|
||
|
27AC000
|
trusted library allocation
|
page read and write
|
||
|
855E000
|
stack
|
page read and write
|
||
|
E0E000
|
trusted library allocation
|
page read and write
|
||
|
6A64000
|
trusted library allocation
|
page read and write
|
||
|
51B6000
|
trusted library allocation
|
page read and write
|
||
|
5E9F000
|
stack
|
page read and write
|
||
|
82E0000
|
heap
|
page read and write
|
||
|
1370000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B8B000
|
trusted library allocation
|
page read and write
|
||
|
BD4000
|
trusted library allocation
|
page read and write
|
||
|
4FB6000
|
trusted library allocation
|
page read and write
|
||
|
2ED000
|
stack
|
page read and write
|
||
|
11BB000
|
stack
|
page read and write
|
||
|
A10000
|
trusted library allocation
|
page read and write
|
||
|
24A0000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
7008000
|
trusted library allocation
|
page read and write
|
||
|
139C000
|
heap
|
page read and write
|
||
|
632D000
|
stack
|
page read and write
|
||
|
924000
|
trusted library allocation
|
page read and write
|
||
|
4BB0000
|
trusted library allocation
|
page read and write
|
||
|
7FDE000
|
stack
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page read and write
|
||
|
3083000
|
heap
|
page read and write
|
||
|
5630000
|
heap
|
page read and write
|
||
|
924000
|
heap
|
page read and write
|
||
|
E30000
|
trusted library allocation
|
page read and write
|
||
|
1177000
|
heap
|
page read and write
|
||
|
6660000
|
heap
|
page read and write
|
||
|
51F3000
|
heap
|
page read and write
|
||
|
4C10000
|
heap
|
page execute and read and write
|
||
|
DF0000
|
trusted library allocation
|
page read and write
|
||
|
DFB000
|
trusted library allocation
|
page read and write
|
||
|
4E95000
|
heap
|
page read and write
|
||
|
7D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
2520000
|
trusted library allocation
|
page read and write
|
||
|
4C00000
|
trusted library allocation
|
page execute and read and write
|
||
|
930000
|
trusted library allocation
|
page read and write
|
||
|
49E2000
|
trusted library allocation
|
page read and write
|
||
|
82E7000
|
heap
|
page read and write
|
||
|
1386000
|
trusted library allocation
|
page read and write
|
||
|
C82E000
|
stack
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
51F0000
|
heap
|
page read and write
|
||
|
5310000
|
heap
|
page read and write
|
||
|
47E000
|
stack
|
page read and write
|
||
|
2992000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
2C45000
|
trusted library allocation
|
page read and write
|
||
|
251E000
|
stack
|
page read and write
|
||
|
2620000
|
trusted library allocation
|
page read and write
|
||
|
32EC000
|
trusted library allocation
|
page read and write
|
||
|
D1AE000
|
stack
|
page read and write
|
||
|
3090000
|
trusted library allocation
|
page read and write
|
||
|
D89000
|
stack
|
page read and write
|
||
|
65EC000
|
stack
|
page read and write
|
||
|
11E9000
|
trusted library allocation
|
page read and write
|
||
|
CDC0000
|
heap
|
page read and write
|
||
|
5DEF000
|
stack
|
page read and write
|
||
|
69BE000
|
stack
|
page read and write
|
||
|
163D000
|
stack
|
page read and write
|
||
|
12FE000
|
stack
|
page read and write
|
||
|
41C4000
|
trusted library allocation
|
page read and write
|
||
|
6760000
|
trusted library allocation
|
page execute and read and write
|
||
|
42A8000
|
trusted library allocation
|
page read and write
|
||
|
74AC000
|
stack
|
page read and write
|
||
|
5271000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
1747000
|
heap
|
page read and write
|
||
|
1376000
|
heap
|
page read and write
|
||
|
9D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6CA0000
|
trusted library allocation
|
page read and write
|
||
|
4BC0000
|
trusted library allocation
|
page read and write
|
||
|
2610000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C60000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B0000
|
trusted library allocation
|
page read and write
|
||
|
13DF000
|
heap
|
page read and write
|
||
|
33D8000
|
trusted library allocation
|
page read and write
|
||
|
5A9E000
|
stack
|
page read and write
|
||
|
9EE000
|
heap
|
page read and write
|
||
|
132C000
|
trusted library allocation
|
page read and write
|
||
|
6F9D000
|
stack
|
page read and write
|
||
|
6C50000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
7F7000
|
trusted library allocation
|
page execute and read and write
|
||
|
33A6000
|
trusted library allocation
|
page read and write
|
||
|
4C30000
|
trusted library allocation
|
page execute and read and write
|
||
|
8CAF000
|
stack
|
page read and write
|
||
|
328C000
|
trusted library allocation
|
page read and write
|
||
|
519B000
|
trusted library allocation
|
page read and write
|
||
|
4B60000
|
trusted library allocation
|
page read and write
|
||
|
4FC2000
|
trusted library allocation
|
page read and write
|
||
|
51D0000
|
trusted library allocation
|
page read and write
|
||
|
C07000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C70000
|
trusted library allocation
|
page read and write
|
||
|
5500000
|
trusted library allocation
|
page execute and read and write
|
||
|
11DF000
|
trusted library allocation
|
page read and write
|
||
|
10B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
935E000
|
trusted library allocation
|
page read and write
|
||
|
70E000
|
unkown
|
page read and write
|
||
|
64AE000
|
stack
|
page read and write
|
||
|
851E000
|
stack
|
page read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
11BF000
|
stack
|
page read and write
|
||
|
9EA000
|
heap
|
page read and write
|
||
|
5190000
|
trusted library allocation
|
page read and write
|
||
|
74E000
|
stack
|
page read and write
|
||
|
42FC000
|
trusted library allocation
|
page read and write
|
||
|
8BAE000
|
stack
|
page read and write
|
||
|
33B6000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
trusted library allocation
|
page read and write
|
||
|
4A80000
|
trusted library allocation
|
page execute and read and write
|
||
|
435F000
|
trusted library allocation
|
page read and write
|
||
|
11B0000
|
trusted library allocation
|
page read and write
|
||
|
4B84000
|
trusted library allocation
|
page read and write
|
||
|
4EDB000
|
stack
|
page read and write
|
||
|
4288000
|
trusted library allocation
|
page read and write
|
||
|
11C0000
|
trusted library allocation
|
page read and write
|
||
|
599E000
|
stack
|
page read and write
|
||
|
30A0000
|
trusted library allocation
|
page read and write
|
||
|
85E000
|
stack
|
page read and write
|
||
|
F1E000
|
stack
|
page read and write
|
||
|
54F0000
|
heap
|
page execute and read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
6ABF000
|
stack
|
page read and write
|
There are 818 hidden memdumps, click here to show them.