Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
DHL - OVERDUE ACCOUNT NOTICE - 1301669350.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\tmp87CB.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\LJAGvecDW.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_KN5M2K4GWI0PYGPD_7bface649acb4a5ac8b8c5eb3fa345c55bbcc55f_6ddcc831_e065b1b5-2f12-4cbf-afc1-37e3179d3098\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_LJAGvecDW.exe_832a725c84dc7e8e3d76e7274e65236eca5dcd_4d380c1c_19f9609d-8e2b-4b9e-a3c0-f528eeb6c484\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6D7D.tmp.dmp
|
Mini DuMP crash report, 15 streams, Fri Apr 26 08:06:26 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER706C.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER70BB.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER93E1.tmp.dmp
|
Mini DuMP crash report, 15 streams, Fri Apr 26 08:06:36 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER96FF.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER975D.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\DHL - OVERDUE ACCOUNT NOTICE - 1301669350.exe.log
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\LJAGvecDW.exe.log
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\boqXv.exe.log
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dmpcqmml.uam.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ibdnocms.0e0.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_k512x23z.gbm.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ovmymys3.fdz.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uruf5iq5.hb1.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_whjysj2c.rds.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xeqvqlsp.toa.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yq5fpoaw.4fa.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpA44C.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\LJAGvecDW.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\boqXv\boqXv.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
modified
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 18 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\DHL - OVERDUE ACCOUNT NOTICE - 1301669350.exe
|
"C:\Users\user\Desktop\DHL - OVERDUE ACCOUNT NOTICE - 1301669350.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\DHL - OVERDUE
ACCOUNT NOTICE - 1301669350.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\LJAGvecDW.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\LJAGvecDW" /XML "C:\Users\user\AppData\Local\Temp\tmp87CB.tmp"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\LJAGvecDW.exe
|
C:\Users\user\AppData\Roaming\LJAGvecDW.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\LJAGvecDW" /XML "C:\Users\user\AppData\Local\Temp\tmpA44C.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\boqXv\boqXv.exe
|
"C:\Users\user\AppData\Roaming\boqXv\boqXv.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\boqXv\boqXv.exe
|
"C:\Users\user\AppData\Roaming\boqXv\boqXv.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 6532 -s 1400
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 2744 -s 1760
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 9 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://upx.sf.net
|
unknown
|
||
|
http://mail.clslk.com
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.clslk.com
|
50.87.253.239
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
50.87.253.239
|
mail.clslk.com
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
boqXv
|
||
|
\REGISTRY\A\{56e1a22a-9de3-4704-5f0e-5d05ff15f185}\Root\InventoryApplicationFile\dhl - overdue ac|db68514595b2b7ce
|
ProgramId
|
||
|
\REGISTRY\A\{56e1a22a-9de3-4704-5f0e-5d05ff15f185}\Root\InventoryApplicationFile\dhl - overdue ac|db68514595b2b7ce
|
FileId
|
||
|
\REGISTRY\A\{56e1a22a-9de3-4704-5f0e-5d05ff15f185}\Root\InventoryApplicationFile\dhl - overdue ac|db68514595b2b7ce
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{56e1a22a-9de3-4704-5f0e-5d05ff15f185}\Root\InventoryApplicationFile\dhl - overdue ac|db68514595b2b7ce
|
LongPathHash
|
||
|
\REGISTRY\A\{56e1a22a-9de3-4704-5f0e-5d05ff15f185}\Root\InventoryApplicationFile\dhl - overdue ac|db68514595b2b7ce
|
Name
|
||
|
\REGISTRY\A\{56e1a22a-9de3-4704-5f0e-5d05ff15f185}\Root\InventoryApplicationFile\dhl - overdue ac|db68514595b2b7ce
|
OriginalFileName
|
||
|
\REGISTRY\A\{56e1a22a-9de3-4704-5f0e-5d05ff15f185}\Root\InventoryApplicationFile\dhl - overdue ac|db68514595b2b7ce
|
Publisher
|
||
|
\REGISTRY\A\{56e1a22a-9de3-4704-5f0e-5d05ff15f185}\Root\InventoryApplicationFile\dhl - overdue ac|db68514595b2b7ce
|
Version
|
||
|
\REGISTRY\A\{56e1a22a-9de3-4704-5f0e-5d05ff15f185}\Root\InventoryApplicationFile\dhl - overdue ac|db68514595b2b7ce
|
BinFileVersion
|
||
|
\REGISTRY\A\{56e1a22a-9de3-4704-5f0e-5d05ff15f185}\Root\InventoryApplicationFile\dhl - overdue ac|db68514595b2b7ce
|
BinaryType
|
||
|
\REGISTRY\A\{56e1a22a-9de3-4704-5f0e-5d05ff15f185}\Root\InventoryApplicationFile\dhl - overdue ac|db68514595b2b7ce
|
ProductName
|
||
|
\REGISTRY\A\{56e1a22a-9de3-4704-5f0e-5d05ff15f185}\Root\InventoryApplicationFile\dhl - overdue ac|db68514595b2b7ce
|
ProductVersion
|
||
|
\REGISTRY\A\{56e1a22a-9de3-4704-5f0e-5d05ff15f185}\Root\InventoryApplicationFile\dhl - overdue ac|db68514595b2b7ce
|
LinkDate
|
||
|
\REGISTRY\A\{56e1a22a-9de3-4704-5f0e-5d05ff15f185}\Root\InventoryApplicationFile\dhl - overdue ac|db68514595b2b7ce
|
BinProductVersion
|
||
|
\REGISTRY\A\{56e1a22a-9de3-4704-5f0e-5d05ff15f185}\Root\InventoryApplicationFile\dhl - overdue ac|db68514595b2b7ce
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{56e1a22a-9de3-4704-5f0e-5d05ff15f185}\Root\InventoryApplicationFile\dhl - overdue ac|db68514595b2b7ce
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{56e1a22a-9de3-4704-5f0e-5d05ff15f185}\Root\InventoryApplicationFile\dhl - overdue ac|db68514595b2b7ce
|
Size
|
||
|
\REGISTRY\A\{56e1a22a-9de3-4704-5f0e-5d05ff15f185}\Root\InventoryApplicationFile\dhl - overdue ac|db68514595b2b7ce
|
Language
|
||
|
\REGISTRY\A\{56e1a22a-9de3-4704-5f0e-5d05ff15f185}\Root\InventoryApplicationFile\dhl - overdue ac|db68514595b2b7ce
|
Usn
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018000DDABBE6B3
|
There are 14 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2FA2000
|
trusted library allocation
|
page read and write
|
|
|
|
3A79000
|
trusted library allocation
|
page read and write
|
|
|
|
2F51000
|
trusted library allocation
|
page read and write
|
|
|
|
2FAA000
|
trusted library allocation
|
page read and write
|
|
|
|
2C8F000
|
trusted library allocation
|
page read and write
|
|
|
|
2C2C000
|
trusted library allocation
|
page read and write
|
|
|
|
2C97000
|
trusted library allocation
|
page read and write
|
|
|
|
4467000
|
trusted library allocation
|
page read and write
|
|
|
|
71F0000
|
trusted library section
|
page read and write
|
|
|
|
F24000
|
trusted library allocation
|
page read and write
|
||
|
BEF000
|
heap
|
page read and write
|
||
|
F84000
|
heap
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page read and write
|
||
|
431E000
|
trusted library allocation
|
page read and write
|
||
|
1227000
|
trusted library allocation
|
page execute and read and write
|
||
|
14DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
12D5000
|
trusted library allocation
|
page execute and read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
A52C000
|
stack
|
page read and write
|
||
|
12D0000
|
trusted library allocation
|
page read and write
|
||
|
685E000
|
stack
|
page read and write
|
||
|
59BF000
|
stack
|
page read and write
|
||
|
73E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C02000
|
heap
|
page read and write
|
||
|
7C8000
|
heap
|
page read and write
|
||
|
580E000
|
stack
|
page read and write
|
||
|
7220000
|
trusted library section
|
page read and write
|
||
|
6257000
|
trusted library allocation
|
page read and write
|
||
|
58CF000
|
stack
|
page read and write
|
||
|
1225000
|
trusted library allocation
|
page execute and read and write
|
||
|
6520000
|
trusted library allocation
|
page execute and read and write
|
||
|
FBE000
|
stack
|
page read and write
|
||
|
FDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
C7A000
|
heap
|
page read and write
|
||
|
1754000
|
trusted library allocation
|
page read and write
|
||
|
567E000
|
stack
|
page read and write
|
||
|
2535000
|
trusted library allocation
|
page read and write
|
||
|
2514000
|
trusted library allocation
|
page read and write
|
||
|
C59000
|
heap
|
page read and write
|
||
|
61EF000
|
stack
|
page read and write
|
||
|
5CEE000
|
stack
|
page read and write
|
||
|
4F30000
|
heap
|
page read and write
|
||
|
79FE000
|
stack
|
page read and write
|
||
|
A6B7000
|
trusted library allocation
|
page read and write
|
||
|
4ECE000
|
trusted library allocation
|
page read and write
|
||
|
6DF0000
|
heap
|
page read and write
|
||
|
5240000
|
heap
|
page read and write
|
||
|
A7A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A30000
|
trusted library allocation
|
page read and write
|
||
|
1645000
|
heap
|
page read and write
|
||
|
CD0000
|
trusted library allocation
|
page read and write
|
||
|
326E000
|
stack
|
page read and write
|
||
|
695E000
|
stack
|
page read and write
|
||
|
550F000
|
stack
|
page read and write
|
||
|
432E000
|
trusted library allocation
|
page read and write
|
||
|
58BF000
|
stack
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
551B000
|
trusted library allocation
|
page read and write
|
||
|
1764000
|
trusted library allocation
|
page read and write
|
||
|
5542000
|
trusted library allocation
|
page read and write
|
||
|
419D000
|
trusted library allocation
|
page read and write
|
||
|
6C39000
|
heap
|
page read and write
|
||
|
6402000
|
heap
|
page read and write
|
||
|
CE7000
|
heap
|
page read and write
|
||
|
88D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D0B000
|
trusted library allocation
|
page read and write
|
||
|
6660000
|
trusted library allocation
|
page read and write
|
||
|
51F0000
|
trusted library allocation
|
page read and write
|
||
|
6240000
|
trusted library allocation
|
page read and write
|
||
|
6380000
|
trusted library allocation
|
page read and write
|
||
|
17B0000
|
heap
|
page read and write
|
||
|
1240000
|
trusted library allocation
|
page read and write
|
||
|
F58000
|
heap
|
page read and write
|
||
|
59C0000
|
heap
|
page read and write
|
||
|
727E000
|
stack
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
73D0000
|
trusted library allocation
|
page read and write
|
||
|
52F1000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
29CF000
|
unkown
|
page read and write
|
||
|
7CAF000
|
heap
|
page read and write
|
||
|
5A0F000
|
stack
|
page read and write
|
||
|
620000
|
unkown
|
page readonly
|
||
|
3321000
|
trusted library allocation
|
page read and write
|
||
|
596E000
|
stack
|
page read and write
|
||
|
2C7F000
|
stack
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
15A1000
|
heap
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
4D1E000
|
stack
|
page read and write
|
||
|
24EE000
|
trusted library allocation
|
page read and write
|
||
|
5290000
|
heap
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
C7D000
|
stack
|
page read and write
|
||
|
4F50000
|
heap
|
page read and write
|
||
|
144E000
|
stack
|
page read and write
|
||
|
2600000
|
trusted library allocation
|
page execute and read and write
|
||
|
14A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
B9E000
|
stack
|
page read and write
|
||
|
2990000
|
trusted library allocation
|
page read and write
|
||
|
5282000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
7020000
|
trusted library allocation
|
page execute and read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
2830000
|
heap
|
page read and write
|
||
|
2D8E000
|
stack
|
page read and write
|
||
|
62EB000
|
stack
|
page read and write
|
||
|
14B4000
|
trusted library allocation
|
page read and write
|
||
|
12C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
5514000
|
trusted library allocation
|
page read and write
|
||
|
FCD000
|
trusted library allocation
|
page execute and read and write
|
||
|
551E000
|
trusted library allocation
|
page read and write
|
||
|
F40000
|
trusted library allocation
|
page read and write
|
||
|
12D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
B490000
|
trusted library allocation
|
page read and write
|
||
|
14AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
865E000
|
stack
|
page read and write
|
||
|
4ED1000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
heap
|
page execute and read and write
|
||
|
5243000
|
heap
|
page read and write
|
||
|
53AE000
|
stack
|
page read and write
|
||
|
289A000
|
stack
|
page read and write
|
||
|
4BD0000
|
trusted library section
|
page readonly
|
||
|
1694000
|
heap
|
page read and write
|
||
|
F90000
|
unkown
|
page readonly
|
||
|
285D000
|
stack
|
page read and write
|
||
|
54DC000
|
stack
|
page read and write
|
||
|
6DF0000
|
heap
|
page read and write
|
||
|
1740000
|
trusted library allocation
|
page read and write
|
||
|
175D000
|
trusted library allocation
|
page execute and read and write
|
||
|
63ED000
|
stack
|
page read and write
|
||
|
25F0000
|
trusted library allocation
|
page read and write
|
||
|
6384000
|
trusted library allocation
|
page read and write
|
||
|
12D2000
|
trusted library allocation
|
page read and write
|
||
|
84A0000
|
trusted library allocation
|
page read and write
|
||
|
6580000
|
trusted library allocation
|
page read and write
|
||
|
2AEA000
|
trusted library allocation
|
page read and write
|
||
|
5210000
|
trusted library allocation
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
7BA000
|
stack
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
536D000
|
stack
|
page read and write
|
||
|
180E000
|
stack
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
190F000
|
stack
|
page read and write
|
||
|
649E000
|
stack
|
page read and write
|
||
|
5580000
|
heap
|
page execute and read and write
|
||
|
7502000
|
trusted library allocation
|
page read and write
|
||
|
1320000
|
trusted library allocation
|
page read and write
|
||
|
2FA2000
|
trusted library allocation
|
page read and write
|
||
|
2E68000
|
trusted library allocation
|
page read and write
|
||
|
9CAF000
|
stack
|
page read and write
|
||
|
6407000
|
trusted library allocation
|
page read and write
|
||
|
A6E000
|
stack
|
page read and write
|
||
|
552A000
|
trusted library allocation
|
page read and write
|
||
|
5ACE000
|
stack
|
page read and write
|
||
|
FE0000
|
trusted library allocation
|
page read and write
|
||
|
2E5F000
|
stack
|
page read and write
|
||
|
6C24000
|
heap
|
page read and write
|
||
|
12C2000
|
trusted library allocation
|
page read and write
|
||
|
6B50000
|
trusted library allocation
|
page execute and read and write
|
||
|
586E000
|
stack
|
page read and write
|
||
|
64F0000
|
trusted library allocation
|
page read and write
|
||
|
7000000
|
trusted library allocation
|
page read and write
|
||
|
1300000
|
trusted library allocation
|
page read and write
|
||
|
7010000
|
trusted library allocation
|
page read and write
|
||
|
4B70000
|
trusted library allocation
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
5536000
|
trusted library allocation
|
page read and write
|
||
|
63F0000
|
heap
|
page read and write
|
||
|
6F00000
|
heap
|
page read and write
|
||
|
402C000
|
trusted library allocation
|
page read and write
|
||
|
2D50000
|
heap
|
page read and write
|
||
|
5030000
|
trusted library allocation
|
page read and write
|
||
|
24CC000
|
stack
|
page read and write
|
||
|
855E000
|
stack
|
page read and write
|
||
|
F30000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
trusted library allocation
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
742000
|
heap
|
page read and write
|
||
|
153E000
|
stack
|
page read and write
|
||
|
3721000
|
trusted library allocation
|
page read and write
|
||
|
14A4000
|
trusted library allocation
|
page read and write
|
||
|
10F9000
|
stack
|
page read and write
|
||
|
4819000
|
stack
|
page read and write
|
||
|
3FB6000
|
trusted library allocation
|
page read and write
|
||
|
7350000
|
trusted library section
|
page read and write
|
||
|
190C000
|
stack
|
page read and write
|
||
|
9A2C000
|
stack
|
page read and write
|
||
|
1560000
|
trusted library allocation
|
page read and write
|
||
|
6398000
|
trusted library allocation
|
page read and write
|
||
|
870000
|
trusted library allocation
|
page read and write
|
||
|
4E70000
|
heap
|
page read and write
|
||
|
439B000
|
trusted library allocation
|
page read and write
|
||
|
24F1000
|
trusted library allocation
|
page read and write
|
||
|
2C5A000
|
heap
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
A82000
|
trusted library allocation
|
page read and write
|
||
|
6510000
|
trusted library allocation
|
page read and write
|
||
|
5522000
|
trusted library allocation
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
2530000
|
trusted library allocation
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
553D000
|
trusted library allocation
|
page read and write
|
||
|
1490000
|
trusted library allocation
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
7E5000
|
heap
|
page read and write
|
||
|
AA73000
|
heap
|
page read and write
|
||
|
1568000
|
heap
|
page read and write
|
||
|
3C85000
|
trusted library allocation
|
page read and write
|
||
|
3C49000
|
trusted library allocation
|
page read and write
|
||
|
5516000
|
trusted library allocation
|
page read and write
|
||
|
4E60000
|
trusted library allocation
|
page execute and read and write
|
||
|
1378000
|
heap
|
page read and write
|
||
|
6670000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
trusted library allocation
|
page read and write
|
||
|
5260000
|
heap
|
page execute and read and write
|
||
|
4E9E000
|
stack
|
page read and write
|
||
|
505E000
|
stack
|
page read and write
|
||
|
FC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
FC4000
|
trusted library allocation
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page execute and read and write
|
||
|
25B0000
|
heap
|
page read and write
|
||
|
2610000
|
heap
|
page read and write
|
||
|
12A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
622000
|
unkown
|
page readonly
|
||
|
5214000
|
trusted library allocation
|
page read and write
|
||
|
5271000
|
trusted library allocation
|
page read and write
|
||
|
6C3B000
|
heap
|
page read and write
|
||
|
43E000
|
remote allocation
|
page execute and read and write
|
||
|
7D7D000
|
stack
|
page read and write
|
||
|
665E000
|
stack
|
page read and write
|
||
|
12C0000
|
trusted library allocation
|
page read and write
|
||
|
4D30000
|
trusted library allocation
|
page execute and read and write
|
||
|
5276000
|
trusted library allocation
|
page read and write
|
||
|
AF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
298F000
|
stack
|
page read and write
|
||
|
4ED6000
|
trusted library allocation
|
page read and write
|
||
|
4BCC000
|
stack
|
page read and write
|
||
|
6E0E000
|
heap
|
page read and write
|
||
|
FEA000
|
trusted library allocation
|
page execute and read and write
|
||
|
874000
|
trusted library allocation
|
page read and write
|
||
|
6DB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
150E000
|
stack
|
page read and write
|
||
|
338E000
|
stack
|
page read and write
|
||
|
52D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
651C000
|
trusted library allocation
|
page read and write
|
||
|
2B02000
|
trusted library allocation
|
page read and write
|
||
|
70A000
|
heap
|
page read and write
|
||
|
156F000
|
stack
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
27B2000
|
trusted library allocation
|
page read and write
|
||
|
C0F000
|
stack
|
page read and write
|
||
|
873000
|
trusted library allocation
|
page execute and read and write
|
||
|
14BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
53A0000
|
trusted library allocation
|
page read and write
|
||
|
FF7000
|
trusted library allocation
|
page execute and read and write
|
||
|
A62C000
|
stack
|
page read and write
|
||
|
14B0000
|
trusted library allocation
|
page read and write
|
||
|
681E000
|
stack
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
2995000
|
trusted library allocation
|
page read and write
|
||
|
437C000
|
trusted library allocation
|
page read and write
|
||
|
25D0000
|
trusted library allocation
|
page read and write
|
||
|
791000
|
heap
|
page read and write
|
||
|
6E00000
|
heap
|
page read and write
|
||
|
DBA000
|
stack
|
page read and write
|
||
|
F20000
|
trusted library allocation
|
page read and write
|
||
|
5B18000
|
trusted library allocation
|
page read and write
|
||
|
70EE000
|
stack
|
page read and write
|
||
|
F23000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D9C000
|
stack
|
page read and write
|
||
|
71EE000
|
stack
|
page read and write
|
||
|
7FCB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
78F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C3F000
|
unkown
|
page read and write
|
||
|
4D45000
|
heap
|
page read and write
|
||
|
2FB6000
|
trusted library allocation
|
page read and write
|
||
|
2C3E000
|
stack
|
page read and write
|
||
|
6290000
|
heap
|
page read and write
|
||
|
5AAE000
|
stack
|
page read and write
|
||
|
172F000
|
stack
|
page read and write
|
||
|
F42000
|
trusted library allocation
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
A76000
|
trusted library allocation
|
page execute and read and write
|
||
|
A8B000
|
trusted library allocation
|
page execute and read and write
|
||
|
ED5000
|
heap
|
page read and write
|
||
|
7231000
|
trusted library allocation
|
page read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
2920000
|
heap
|
page read and write
|
||
|
525E000
|
stack
|
page read and write
|
||
|
FE2000
|
trusted library allocation
|
page read and write
|
||
|
FD3000
|
trusted library allocation
|
page read and write
|
||
|
A87000
|
trusted library allocation
|
page execute and read and write
|
||
|
3280000
|
heap
|
page execute and read and write
|
||
|
AA0000
|
trusted library allocation
|
page read and write
|
||
|
13A6000
|
heap
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
5039000
|
trusted library allocation
|
page read and write
|
||
|
1677000
|
heap
|
page read and write
|
||
|
57CC000
|
stack
|
page read and write
|
||
|
2C1E000
|
stack
|
page read and write
|
||
|
7D9000
|
heap
|
page read and write
|
||
|
FE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
6587000
|
trusted library allocation
|
page read and write
|
||
|
5216000
|
trusted library allocation
|
page read and write
|
||
|
1760000
|
trusted library allocation
|
page read and write
|
||
|
4391000
|
trusted library allocation
|
page read and write
|
||
|
17A0000
|
trusted library allocation
|
page read and write
|
||
|
B5E000
|
stack
|
page read and write
|
||
|
1787000
|
trusted library allocation
|
page execute and read and write
|
||
|
7290000
|
trusted library section
|
page read and write
|
||
|
2A71000
|
trusted library allocation
|
page read and write
|
||
|
10E8000
|
heap
|
page read and write
|
||
|
176D000
|
trusted library allocation
|
page execute and read and write
|
||
|
129E000
|
stack
|
page read and write
|
||
|
12A4000
|
trusted library allocation
|
page read and write
|
||
|
1910000
|
trusted library allocation
|
page execute and read and write
|
||
|
1639000
|
heap
|
page read and write
|
||
|
24FD000
|
trusted library allocation
|
page read and write
|
||
|
2F3C000
|
stack
|
page read and write
|
||
|
525E000
|
trusted library allocation
|
page read and write
|
||
|
3C21000
|
trusted library allocation
|
page read and write
|
||
|
98BE000
|
stack
|
page read and write
|
||
|
2B11000
|
trusted library allocation
|
page read and write
|
||
|
10AC000
|
stack
|
page read and write
|
||
|
5050000
|
trusted library allocation
|
page read and write
|
||
|
793000
|
heap
|
page read and write
|
||
|
5820000
|
heap
|
page execute and read and write
|
||
|
5040000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D24000
|
heap
|
page read and write
|
||
|
25F9000
|
trusted library allocation
|
page read and write
|
||
|
25C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F79000
|
trusted library allocation
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
1475000
|
heap
|
page read and write
|
||
|
5A4E000
|
stack
|
page read and write
|
||
|
F4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
2520000
|
trusted library allocation
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
5790000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DF0000
|
trusted library allocation
|
page read and write
|
||
|
42A2000
|
trusted library allocation
|
page read and write
|
||
|
C15000
|
trusted library allocation
|
page read and write
|
||
|
2CA3000
|
trusted library allocation
|
page read and write
|
||
|
F2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
AEE000
|
stack
|
page read and write
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
4BE0000
|
heap
|
page read and write
|
||
|
291E000
|
unkown
|
page read and write
|
||
|
2580000
|
heap
|
page execute and read and write
|
||
|
9BAE000
|
stack
|
page read and write
|
||
|
F87000
|
heap
|
page read and write
|
||
|
29DE000
|
stack
|
page read and write
|
||
|
1014000
|
heap
|
page read and write
|
||
|
53DC000
|
stack
|
page read and write
|
||
|
4D20000
|
trusted library allocation
|
page read and write
|
||
|
14C5000
|
heap
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page read and write
|
||
|
6F08000
|
heap
|
page read and write
|
||
|
5394000
|
trusted library allocation
|
page read and write
|
||
|
32CF000
|
stack
|
page read and write
|
||
|
7340000
|
trusted library allocation
|
page execute and read and write
|
||
|
727000
|
heap
|
page read and write
|
||
|
6EBF000
|
stack
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
6BC0000
|
heap
|
page read and write
|
||
|
F46000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AF0000
|
heap
|
page read and write
|
||
|
3C29000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
heap
|
page read and write
|
||
|
12DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
12AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
155C000
|
heap
|
page read and write
|
||
|
5B4F000
|
stack
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
6D0000
|
unkown
|
page readonly
|
||
|
C10000
|
trusted library allocation
|
page read and write
|
||
|
2560000
|
trusted library allocation
|
page read and write
|
||
|
526A000
|
trusted library allocation
|
page read and write
|
||
|
6248000
|
trusted library allocation
|
page read and write
|
||
|
2540000
|
trusted library allocation
|
page read and write
|
||
|
F3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
72C0000
|
trusted library allocation
|
page read and write
|
||
|
1753000
|
trusted library allocation
|
page execute and read and write
|
||
|
32E0000
|
trusted library allocation
|
page read and write
|
||
|
BD7000
|
heap
|
page read and write
|
||
|
A70000
|
trusted library allocation
|
page read and write
|
||
|
FCA000
|
heap
|
page read and write
|
||
|
64F7000
|
trusted library allocation
|
page read and write
|
||
|
5250000
|
trusted library allocation
|
page read and write
|
||
|
59AE000
|
stack
|
page read and write
|
||
|
63B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D4E000
|
stack
|
page read and write
|
||
|
1538000
|
heap
|
page read and write
|
||
|
2A45000
|
trusted library allocation
|
page read and write
|
||
|
AFA000
|
stack
|
page read and write
|
||
|
53C3000
|
heap
|
page read and write
|
||
|
9B6E000
|
stack
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page read and write
|
||
|
25FD000
|
trusted library allocation
|
page read and write
|
||
|
BBB000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
6B40000
|
heap
|
page read and write
|
||
|
123C000
|
stack
|
page read and write
|
||
|
657D000
|
stack
|
page read and write
|
||
|
A2FE000
|
stack
|
page read and write
|
||
|
83E000
|
stack
|
page read and write
|
||
|
84AA000
|
trusted library allocation
|
page read and write
|
||
|
5200000
|
trusted library allocation
|
page read and write
|
||
|
6BD8000
|
heap
|
page read and write
|
||
|
553E000
|
stack
|
page read and write
|
||
|
E7E000
|
stack
|
page read and write
|
||
|
4B60000
|
trusted library allocation
|
page read and write
|
||
|
279A000
|
trusted library allocation
|
page read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
EA0000
|
trusted library allocation
|
page read and write
|
||
|
515F000
|
stack
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
24F6000
|
trusted library allocation
|
page read and write
|
||
|
C84000
|
heap
|
page read and write
|
||
|
F9A000
|
unkown
|
page readonly
|
||
|
1A2F000
|
stack
|
page read and write
|
||
|
78A000
|
stack
|
page read and write
|
||
|
27C1000
|
trusted library allocation
|
page read and write
|
||
|
4F00000
|
trusted library allocation
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
27BC000
|
trusted library allocation
|
page read and write
|
||
|
7C29000
|
heap
|
page read and write
|
||
|
5CF0000
|
heap
|
page read and write
|
||
|
106E000
|
stack
|
page read and write
|
||
|
29BB000
|
trusted library allocation
|
page read and write
|
||
|
4EDD000
|
trusted library allocation
|
page read and write
|
||
|
1027000
|
heap
|
page read and write
|
||
|
A1FE000
|
stack
|
page read and write
|
||
|
6260000
|
heap
|
page read and write
|
||
|
526E000
|
trusted library allocation
|
page read and write
|
||
|
52A0000
|
heap
|
page read and write
|
||
|
639C000
|
trusted library allocation
|
page read and write
|
||
|
2D12000
|
trusted library allocation
|
page read and write
|
||
|
84B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FDF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
669E000
|
stack
|
page read and write
|
||
|
A3FF000
|
stack
|
page read and write
|
||
|
6250000
|
trusted library allocation
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
6F95000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
17D0000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
28D0000
|
heap
|
page read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
2C21000
|
trusted library allocation
|
page read and write
|
||
|
895000
|
heap
|
page read and write
|
||
|
3F51000
|
trusted library allocation
|
page read and write
|
||
|
C1F000
|
trusted library allocation
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
78C000
|
heap
|
page read and write
|
||
|
5435000
|
heap
|
page read and write
|
||
|
5AEE000
|
stack
|
page read and write
|
||
|
FFB000
|
trusted library allocation
|
page execute and read and write
|
||
|
5531000
|
trusted library allocation
|
page read and write
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
3729000
|
trusted library allocation
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
5510000
|
trusted library allocation
|
page read and write
|
||
|
1618000
|
heap
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
12BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7210000
|
trusted library allocation
|
page execute and read and write
|
||
|
12F9000
|
stack
|
page read and write
|
||
|
1920000
|
heap
|
page read and write
|
||
|
2AD6000
|
trusted library allocation
|
page read and write
|
||
|
1020000
|
heap
|
page execute and read and write
|
||
|
4EB4000
|
trusted library allocation
|
page read and write
|
||
|
140E000
|
stack
|
page read and write
|
||
|
5240000
|
trusted library section
|
page readonly
|
||
|
57BE000
|
stack
|
page read and write
|
||
|
32A000
|
stack
|
page read and write
|
||
|
3391000
|
trusted library allocation
|
page read and write
|
||
|
122B000
|
trusted library allocation
|
page execute and read and write
|
||
|
4394000
|
trusted library allocation
|
page read and write
|
||
|
2A58000
|
trusted library allocation
|
page read and write
|
||
|
298E000
|
unkown
|
page read and write
|
||
|
1339000
|
stack
|
page read and write
|
||
|
2C52000
|
trusted library allocation
|
page read and write
|
||
|
527D000
|
trusted library allocation
|
page read and write
|
||
|
2A50000
|
trusted library allocation
|
page read and write
|
||
|
4F70000
|
trusted library allocation
|
page read and write
|
||
|
1438000
|
heap
|
page read and write
|
||
|
590E000
|
stack
|
page read and write
|
||
|
63A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F04000
|
heap
|
page read and write
|
||
|
4EB0000
|
trusted library allocation
|
page read and write
|
||
|
3EE000
|
stack
|
page read and write
|
||
|
56CC000
|
stack
|
page read and write
|
||
|
5430000
|
heap
|
page read and write
|
||
|
6B50000
|
heap
|
page read and write
|
||
|
A72000
|
trusted library allocation
|
page read and write
|
||
|
6500000
|
trusted library allocation
|
page read and write
|
||
|
2786000
|
trusted library allocation
|
page read and write
|
||
|
63FD000
|
stack
|
page read and write
|
||
|
42E0000
|
trusted library allocation
|
page read and write
|
||
|
5BEE000
|
stack
|
page read and write
|
||
|
F5C000
|
stack
|
page read and write
|
||
|
6AC0000
|
heap
|
page read and write
|
||
|
6C56000
|
heap
|
page read and write
|
||
|
1634000
|
heap
|
page read and write
|
||
|
5D00000
|
heap
|
page read and write
|
||
|
6880000
|
heap
|
page read and write
|
||
|
14F0000
|
trusted library allocation
|
page read and write
|
||
|
1245000
|
heap
|
page read and write
|
||
|
1780000
|
trusted library allocation
|
page read and write
|
||
|
29C0000
|
trusted library allocation
|
page read and write
|
||
|
1930000
|
heap
|
page read and write
|
||
|
279D000
|
trusted library allocation
|
page read and write
|
||
|
523E000
|
stack
|
page read and write
|
||
|
2510000
|
trusted library allocation
|
page read and write
|
||
|
1222000
|
trusted library allocation
|
page read and write
|
||
|
4D53000
|
heap
|
page read and write
|
||
|
41D8000
|
trusted library allocation
|
page read and write
|
||
|
64DE000
|
stack
|
page read and write
|
||
|
123E000
|
stack
|
page read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
2AED000
|
trusted library allocation
|
page read and write
|
||
|
70E000
|
heap
|
page read and write
|
||
|
15BC000
|
stack
|
page read and write
|
||
|
1820000
|
heap
|
page read and write
|
||
|
4224000
|
trusted library allocation
|
page read and write
|
||
|
4359000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
4117000
|
trusted library allocation
|
page read and write
|
||
|
77D000
|
stack
|
page read and write
|
||
|
2A40000
|
trusted library allocation
|
page read and write
|
||
|
7280000
|
trusted library allocation
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
1330000
|
trusted library allocation
|
page read and write
|
||
|
541E000
|
stack
|
page read and write
|
||
|
6F10000
|
heap
|
page read and write
|
||
|
2DCF000
|
stack
|
page read and write
|
||
|
5B10000
|
trusted library allocation
|
page read and write
|
||
|
6BDC000
|
heap
|
page read and write
|
||
|
BF9000
|
stack
|
page read and write
|
||
|
51FE000
|
stack
|
page read and write
|
||
|
4321000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
87D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6CFE000
|
stack
|
page read and write
|
||
|
2D10000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
181E000
|
stack
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
5262000
|
trusted library allocation
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
59D0000
|
heap
|
page read and write
|
||
|
12CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A4E000
|
stack
|
page read and write
|
||
|
2516000
|
trusted library allocation
|
page read and write
|
||
|
322E000
|
stack
|
page read and write
|
||
|
548E000
|
stack
|
page read and write
|
||
|
53C0000
|
heap
|
page read and write
|
||
|
5900000
|
heap
|
page execute and read and write
|
||
|
6F7D000
|
heap
|
page read and write
|
||
|
4D40000
|
heap
|
page read and write
|
||
|
AF7000
|
stack
|
page read and write
|
||
|
14AE000
|
stack
|
page read and write
|
||
|
5A8E000
|
stack
|
page read and write
|
||
|
594E000
|
stack
|
page read and write
|
||
|
64E0000
|
trusted library allocation
|
page read and write
|
||
|
3310000
|
heap
|
page execute and read and write
|
||
|
661E000
|
stack
|
page read and write
|
||
|
5220000
|
trusted library allocation
|
page read and write
|
||
|
4EBE000
|
stack
|
page read and write
|
||
|
1448000
|
heap
|
page read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page execute and read and write
|
||
|
178B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
271F000
|
stack
|
page read and write
|
||
|
2DDB000
|
heap
|
page read and write
|
||
|
24D0000
|
trusted library allocation
|
page read and write
|
||
|
553F000
|
stack
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BDF000
|
trusted library section
|
page readonly
|
||
|
B09B000
|
trusted library allocation
|
page read and write
|
||
|
51E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
883000
|
trusted library allocation
|
page read and write
|
||
|
5B0E000
|
stack
|
page read and write
|
||
|
6390000
|
trusted library allocation
|
page read and write
|
||
|
1681000
|
heap
|
page read and write
|
||
|
563F000
|
stack
|
page read and write
|
||
|
6F74000
|
heap
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
1010000
|
trusted library allocation
|
page read and write
|
||
|
14D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E5F000
|
trusted library allocation
|
page read and write
|
||
|
F92000
|
unkown
|
page readonly
|
||
|
1530000
|
heap
|
page read and write
|
||
|
5083000
|
heap
|
page read and write
|
||
|
1555000
|
heap
|
page read and write
|
||
|
4F50000
|
heap
|
page execute and read and write
|
||
|
577E000
|
stack
|
page read and write
|
||
|
13A3000
|
heap
|
page read and write
|
||
|
6F42000
|
heap
|
page read and write
|
||
|
FF2000
|
trusted library allocation
|
page read and write
|
||
|
504E000
|
stack
|
page read and write
|
||
|
6400000
|
trusted library allocation
|
page read and write
|
||
|
4F60000
|
trusted library allocation
|
page execute and read and write
|
||
|
5250000
|
heap
|
page read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
552E000
|
trusted library allocation
|
page read and write
|
||
|
BE4000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
4E50000
|
trusted library allocation
|
page read and write
|
||
|
BBE000
|
heap
|
page read and write
|
||
|
2B0C000
|
trusted library allocation
|
page read and write
|
||
|
6890000
|
trusted library allocation
|
page execute and read and write
|
||
|
2721000
|
trusted library allocation
|
page read and write
|
||
|
64F0000
|
trusted library allocation
|
page read and write
|
||
|
5080000
|
heap
|
page read and write
|
||
|
14D0000
|
trusted library allocation
|
page read and write
|
||
|
3A71000
|
trusted library allocation
|
page read and write
|
||
|
2B10000
|
heap
|
page execute and read and write
|
||
|
2870000
|
heap
|
page read and write
|
||
|
4CDE000
|
stack
|
page read and write
|
||
|
5256000
|
trusted library allocation
|
page read and write
|
||
|
1910000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F59000
|
trusted library allocation
|
page read and write
|
||
|
2C8D000
|
trusted library allocation
|
page read and write
|
||
|
860000
|
trusted library allocation
|
page read and write
|
||
|
1310000
|
trusted library allocation
|
page execute and read and write
|
||
|
9A6E000
|
stack
|
page read and write
|
||
|
51BB000
|
stack
|
page read and write
|
||
|
4B69000
|
stack
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
6F71000
|
heap
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
6F7000
|
stack
|
page read and write
|
||
|
992B000
|
stack
|
page read and write
|
||
|
540E000
|
stack
|
page read and write
|
||
|
525B000
|
trusted library allocation
|
page read and write
|
||
|
7DBE000
|
stack
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
563F000
|
stack
|
page read and write
|
There are 643 hidden memdumps, click here to show them.