Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
gq83mrprwy.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\xdftdueakusz\vefyedjsvjut.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Temp\zadejssjsckf.sys
|
PE32+ executable (native) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x78e0b33c, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3jmoybgc.rvl.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_skicw24l.u32.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uj0bgugp.vym.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wty1ecep.ckh.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
||
|
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_5fofh0z1.2mg.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_arojeqlb.yfq.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_fsjyb1bw.jff.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Temp\__PSScriptPolicyTest_pyntlic0.hml.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 59
|
ASCII text, with very long lines (3299)
|
downloaded
|
There are 8 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\gq83mrprwy.exe
|
"C:\Users\user\Desktop\gq83mrprwy.exe"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramData)
-ExclusionExtension '.exe' -Force
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\powercfg.exe
|
C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
|
|
|
|
C:\Windows\System32\powercfg.exe
|
C:\Windows\system32\powercfg.exe /x -hibernate-timeout-dc 0
|
|
|
|
C:\Windows\System32\powercfg.exe
|
C:\Windows\system32\powercfg.exe /x -standby-timeout-ac 0
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\powercfg.exe
|
C:\Windows\system32\powercfg.exe /x -standby-timeout-dc 0
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe delete "CENLNOGJ"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe create "CENLNOGJ" binpath= "C:\ProgramData\xdftdueakusz\vefyedjsvjut.exe" start= "auto"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe stop eventlog
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\system32\sc.exe start "CENLNOGJ"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\ProgramData\xdftdueakusz\vefyedjsvjut.exe
|
C:\ProgramData\xdftdueakusz\vefyedjsvjut.exe
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramData)
-ExclusionExtension '.exe' -Force
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\powercfg.exe
|
C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
|
|
|
|
C:\Windows\System32\powercfg.exe
|
C:\Windows\system32\powercfg.exe /x -hibernate-timeout-dc 0
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\powercfg.exe
|
C:\Windows\system32\powercfg.exe /x -standby-timeout-ac 0
|
|
|
|
C:\Windows\System32\powercfg.exe
|
C:\Windows\system32\powercfg.exe /x -standby-timeout-dc 0
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\explorer.exe
|
explorer.exe
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http:///
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2432 --field-trial-handle=1932,i,323240388522049765,3171702959307320635,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c wusa /uninstall /kb:890830 /quiet /norestart
|
||
|
C:\Windows\System32\wusa.exe
|
wusa /uninstall /kb:890830 /quiet /norestart
|
||
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c wusa /uninstall /kb:890830 /quiet /norestart
|
||
|
C:\Windows\System32\wusa.exe
|
wusa /uninstall /kb:890830 /quiet /norestart
|
There are 31 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://g.live.com/odclientsettings/Prod.C:
|
unknown
|
||
|
https://www.google.com/async/ddljson?async=ntp:2
|
142.250.64.196
|
||
|
https://pachydermal-deviati.000webhostapp.com/api/endpoint.php.
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2
|
unknown
|
||
|
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.250.64.196
|
||
|
https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_ogb%3Fhl%3Den-US%26async%3Dfixed:0&hl=en-US&q=EgRmgZjcGKv9rrEGIjCUP8rJI6uQpcCA_sA23NWIvsltkwq3MeDorQiPFEiOdS9-9s9TL79P98P43HdQwyEyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
|
142.250.64.196
|
||
|
https://g.live.com/odclientsettings/ProdV2?OneDriveUpdate=f359a5df14f97b6802371976c96
|
unknown
|
||
|
http://ocsp.cloudflare.com/origin_ca0
|
unknown
|
||
|
https://pachydermal-deviati.000webhostapp.com/api/endpoint.php
|
145.14.144.253
|
||
|
http://crl.cloudflare.com/origin_ca.crl
|
unknown
|
||
|
https://pachydermal-deviati.000webhostapp.com/api/endpoint.phprdurxnlmtixfcpxr
|
unknown
|
||
|
http://crl.cloudflare.com/origin_ca.crl0
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
http://ocsp.cloudflare.com/origin_ca
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2.C:
|
unknown
|
||
|
https://pachydermal-deviati.000webhostapp.com/api/endpoint.php--cinit-version=3.4.0--nicehash--tls--
|
unknown
|
||
|
https://www.google.com/async/newtab_promos
|
142.250.64.196
|
||
|
https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
|
142.250.64.196
|
||
|
https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgRmgZjcGKv9rrEGIjD60VmSgpC6cOPMVPM6iFgI5KUXbg-hj5Slfx8AmR1Y-wEuAbZfNmjYd7xW-s1FHlsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
|
142.250.64.196
|
||
|
https://pachydermal-deviati.000webhostapp.com/api/endpoint.php.exee
|
unknown
|
||
|
http://crl.cloudflare.com/origin_ca.crlf
|
unknown
|
||
|
https://g.live.com/1rewlive5skydrive/OneDriveProductionV2?OneDriveUpdate=9c123752e31a927b78dc96231b6
|
unknown
|
||
|
https://pachydermal-deviati.000webhostapp.com/api/endpoint.phpD
|
unknown
|
There are 13 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
us-east-1.route-1.000webhost.awex.io
|
145.14.144.253
|
|
|
|
www.google.com
|
142.250.64.196
|
||
|
xmr-eu1.nanopool.org
|
212.47.253.124
|
||
|
pachydermal-deviati.000webhostapp.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
51.15.65.182
|
unknown
|
France
|
|
|
|
145.14.144.16
|
unknown
|
Netherlands
|
|
|
|
145.14.144.253
|
us-east-1.route-1.000webhost.awex.io
|
Netherlands
|
|
|
|
192.168.2.16
|
unknown
|
unknown
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
192.168.2.5
|
unknown
|
unknown
|
||
|
142.250.64.196
|
www.google.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MRT
|
DontOfferThroughWUAU
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
14DA000
|
heap
|
page read and write
|
|
|
|
14A8000
|
heap
|
page read and write
|
|
|
|
122A6000
|
heap
|
page read and write
|
|
|
|
BB1000
|
heap
|
page read and write
|
|
|
|
14E9000
|
heap
|
page read and write
|
|
|
|
14A0000
|
heap
|
page read and write
|
|
|
|
C43000
|
heap
|
page read and write
|
|
|
|
C30000
|
heap
|
page read and write
|
|
|
|
B95000
|
heap
|
page read and write
|
|
|
|
14E5000
|
heap
|
page read and write
|
|
|
|
C2D000
|
heap
|
page read and write
|
|
|
|
23630F50000
|
heap
|
page read and write
|
||
|
14FF000
|
heap
|
page read and write
|
||
|
17BD9ED000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1509000
|
heap
|
page read and write
|
||
|
7FF74F580000
|
unkown
|
page readonly
|
||
|
1F4E4940000
|
trusted library section
|
page readonly
|
||
|
1F4E8D10000
|
trusted library allocation
|
page read and write
|
||
|
1E2FA3A5000
|
heap
|
page read and write
|
||
|
1E829EE0000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
EC774FF000
|
stack
|
page read and write
|
||
|
1CBFE358000
|
heap
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
1541000
|
heap
|
page read and write
|
||
|
1F4E3F91000
|
trusted library allocation
|
page read and write
|
||
|
1F4E8D12000
|
trusted library allocation
|
page read and write
|
||
|
20B20FF000
|
stack
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
7FF79734A000
|
unkown
|
page readonly
|
||
|
254DFEC0000
|
heap
|
page read and write
|
||
|
1F4E3FE0000
|
trusted library allocation
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
12400000
|
trusted library allocation
|
page read and write
|
||
|
1E829E10000
|
heap
|
page read and write
|
||
|
155B000
|
heap
|
page read and write
|
||
|
1B925E50000
|
heap
|
page read and write
|
||
|
1F4E8D15000
|
trusted library allocation
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
1F4E90E5000
|
trusted library allocation
|
page read and write
|
||
|
1FED6800000
|
heap
|
page read and write
|
||
|
5C00000
|
direct allocation
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
10E34FE000
|
unkown
|
page readonly
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
12400000
|
trusted library allocation
|
page read and write
|
||
|
18ED4C60000
|
heap
|
page read and write
|
||
|
151D000
|
heap
|
page read and write
|
||
|
1F4E8D11000
|
trusted library allocation
|
page read and write
|
||
|
14F9000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
15199550000
|
heap
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
28DDDD80000
|
heap
|
page read and write
|
||
|
1511000
|
heap
|
page read and write
|
||
|
2642F334000
|
heap
|
page read and write
|
||
|
28DDDDA0000
|
heap
|
page read and write
|
||
|
20166225000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1511000
|
heap
|
page read and write
|
||
|
1519000
|
heap
|
page read and write
|
||
|
14E9000
|
heap
|
page read and write
|
||
|
1E829D10000
|
heap
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
1F4E4102000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1F4E382B000
|
heap
|
page read and write
|
||
|
1F4E3800000
|
heap
|
page read and write
|
||
|
1E829DF0000
|
heap
|
page read and write
|
||
|
14F9000
|
heap
|
page read and write
|
||
|
2642F4F0000
|
heap
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
1F4E3913000
|
heap
|
page read and write
|
||
|
28491020000
|
heap
|
page read and write
|
||
|
1F4E4930000
|
trusted library section
|
page readonly
|
||
|
AFE000
|
stack
|
page read and write
|
||
|
1F4E387D000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1F4E8E90000
|
heap
|
page read and write
|
||
|
66BD19D000
|
stack
|
page read and write
|
||
|
20488960000
|
unkown
|
page read and write
|
||
|
1B925D10000
|
heap
|
page read and write
|
||
|
12400000
|
trusted library allocation
|
page read and write
|
||
|
1F4E411B000
|
heap
|
page read and write
|
||
|
19046DA0000
|
heap
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
7FF74F589000
|
unkown
|
page readonly
|
||
|
10E1E7B000
|
stack
|
page read and write
|
||
|
1F4E90C2000
|
trusted library allocation
|
page read and write
|
||
|
7FF79734A000
|
unkown
|
page readonly
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
1FE805D8000
|
heap
|
page read and write
|
||
|
1F4E8D10000
|
trusted library allocation
|
page read and write
|
||
|
1519000
|
heap
|
page read and write
|
||
|
10E347E000
|
stack
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
12400000
|
trusted library allocation
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
12400000
|
trusted library allocation
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
1F4E8E4F000
|
heap
|
page read and write
|
||
|
1CBFE350000
|
heap
|
page read and write
|
||
|
17BDCFE000
|
stack
|
page read and write
|
||
|
1FED6720000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
15C0000
|
direct allocation
|
page execute and read and write
|
||
|
BB2000
|
heap
|
page read and write
|
||
|
140000000
|
unkown
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
1F4E38FF000
|
heap
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
18ED4AB0000
|
heap
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
2946B1F000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
23630FE0000
|
heap
|
page read and write
|
||
|
1F4E8D14000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1E2FA1C9000
|
heap
|
page read and write
|
||
|
88934ED000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1512000
|
heap
|
page read and write
|
||
|
DC4C6FF000
|
stack
|
page read and write
|
||
|
170C7C09000
|
heap
|
page read and write
|
||
|
1F4E8DE0000
|
trusted library allocation
|
page read and write
|
||
|
254E0240000
|
unkown
|
page read and write
|
||
|
10E25FB000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1F4E4000000
|
heap
|
page read and write
|
||
|
2946B9F000
|
stack
|
page read and write
|
||
|
1F4E3750000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
23630FE5000
|
heap
|
page read and write
|
||
|
1B925D30000
|
heap
|
page read and write
|
||
|
18ED49B0000
|
heap
|
page read and write
|
||
|
1F4E38B3000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1F4E410C000
|
heap
|
page read and write
|
||
|
1F4E38B8000
|
heap
|
page read and write
|
||
|
28490FE0000
|
heap
|
page read and write
|
||
|
1F4E411A000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1CBFE2D0000
|
heap
|
page read and write
|
||
|
1F4E8EAE000
|
heap
|
page read and write
|
||
|
ABCA7DC000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
5200000
|
direct allocation
|
page read and write
|
||
|
10E22FE000
|
unkown
|
page readonly
|
||
|
BE6000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1E2FA3A0000
|
heap
|
page read and write
|
||
|
10E26FE000
|
unkown
|
page readonly
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1F4E4640000
|
trusted library allocation
|
page read and write
|
||
|
1F4E8E54000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
7916B7F000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1F4E8CE0000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
9D273FE000
|
stack
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
12290000
|
heap
|
page read and write
|
||
|
15199370000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
151B000
|
heap
|
page read and write
|
||
|
14F0000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1F4E900E000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
10E2EFE000
|
unkown
|
page readonly
|
||
|
170C7BE0000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1CBFE300000
|
heap
|
page read and write
|
||
|
15199389000
|
heap
|
page read and write
|
||
|
1513000
|
heap
|
page read and write
|
||
|
23630E70000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
12272000
|
heap
|
page read and write
|
||
|
151995D5000
|
heap
|
page read and write
|
||
|
18ED4C20000
|
heap
|
page read and write
|
||
|
28491029000
|
heap
|
page read and write
|
||
|
454C71F000
|
stack
|
page read and write
|
||
|
170C7B90000
|
heap
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
1E2FA0C0000
|
heap
|
page read and write
|
||
|
B59000
|
heap
|
page read and write
|
||
|
28DDE1A5000
|
heap
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
20165F00000
|
heap
|
page read and write
|
||
|
254E0235000
|
heap
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
20165FE0000
|
heap
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
1F4E90FF000
|
trusted library allocation
|
page read and write
|
||
|
7FF74F80A000
|
unkown
|
page readonly
|
||
|
1FE807C5000
|
heap
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
1F4E4920000
|
trusted library section
|
page readonly
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
10E33FE000
|
unkown
|
page readonly
|
||
|
1538000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
18ED48B0000
|
heap
|
page read and write
|
||
|
1F4E387B000
|
heap
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
1F4E3780000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1CBFE2F5000
|
heap
|
page read and write
|
||
|
1515000
|
heap
|
page read and write
|
||
|
1F4E8D44000
|
trusted library allocation
|
page read and write
|
||
|
10E23FE000
|
stack
|
page read and write
|
||
|
12400000
|
trusted library allocation
|
page read and write
|
||
|
1F4E906F000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
C4E000
|
heap
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
1515000
|
heap
|
page read and write
|
||
|
66BD4FF000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
2A00000
|
direct allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1F4E8DD0000
|
trusted library allocation
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
284911D0000
|
heap
|
page read and write
|
||
|
20B217F000
|
stack
|
page read and write
|
||
|
1F4E4015000
|
heap
|
page read and write
|
||
|
19046E88000
|
heap
|
page read and write
|
||
|
1F4E3902000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
14C2000
|
heap
|
page read and write
|
||
|
1FE805A0000
|
heap
|
page read and write
|
||
|
1F4E8F03000
|
heap
|
page read and write
|
||
|
1CBFE2C0000
|
heap
|
page read and write
|
||
|
E83F7CF000
|
stack
|
page read and write
|
||
|
52834FF000
|
stack
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
7916AFC000
|
stack
|
page read and write
|
||
|
122BC000
|
heap
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
1513000
|
heap
|
page read and write
|
||
|
10E3E7E000
|
stack
|
page read and write
|
||
|
10E317E000
|
stack
|
page read and write
|
||
|
1F4E90F4000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
151F000
|
heap
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
14F9000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
15199380000
|
heap
|
page read and write
|
||
|
1511000
|
heap
|
page read and write
|
||
|
14FB000
|
heap
|
page read and write
|
||
|
1F4E90F1000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
1F4E8F00000
|
heap
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
7FF7970C1000
|
unkown
|
page execute read
|
||
|
1FED6820000
|
heap
|
page read and write
|
||
|
ABCABFE000
|
stack
|
page read and write
|
||
|
7FF74F581000
|
unkown
|
page execute read
|
||
|
1511000
|
heap
|
page read and write
|
||
|
151F000
|
heap
|
page read and write
|
||
|
EC775FF000
|
stack
|
page read and write
|
||
|
20B207D000
|
stack
|
page read and write
|
||
|
1F4E9015000
|
trusted library allocation
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
1E82A1D5000
|
heap
|
page read and write
|
||
|
1517000
|
heap
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
1520000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1E2F9FE0000
|
heap
|
page read and write
|
||
|
14F7000
|
heap
|
page read and write
|
||
|
1F4E3895000
|
heap
|
page read and write
|
||
|
12400000
|
trusted library allocation
|
page read and write
|
||
|
1511000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
12400000
|
trusted library allocation
|
page read and write
|
||
|
12205000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1F4E90A0000
|
remote allocation
|
page read and write
|
||
|
1F4E9070000
|
trusted library allocation
|
page read and write
|
||
|
204887D0000
|
heap
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
18ED4C65000
|
heap
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
1FED68F0000
|
heap
|
page read and write
|
||
|
1F4E8EF2000
|
heap
|
page read and write
|
||
|
12DB000
|
stack
|
page read and write
|
||
|
1560000
|
heap
|
page readonly
|
||
|
1501000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1FED6618000
|
heap
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1F4E4950000
|
trusted library section
|
page readonly
|
||
|
7FF7970C0000
|
unkown
|
page readonly
|
||
|
10E21F7000
|
stack
|
page read and write
|
||
|
151F000
|
heap
|
page read and write
|
||
|
1538000
|
heap
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
15199570000
|
heap
|
page read and write
|
||
|
1501000
|
heap
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
1F4E9040000
|
trusted library allocation
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
4800000
|
direct allocation
|
page read and write
|
||
|
140001000
|
unkown
|
page execute read
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
23630F70000
|
heap
|
page read and write
|
||
|
12400000
|
trusted library allocation
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
1F4E8DD0000
|
trusted library allocation
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
1F4E9030000
|
trusted library allocation
|
page read and write
|
||
|
1509000
|
heap
|
page read and write
|
||
|
10E29F9000
|
stack
|
page read and write
|
||
|
1F4E8E61000
|
heap
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
1F4E904D000
|
trusted library allocation
|
page read and write
|
||
|
1B925B30000
|
heap
|
page read and write
|
||
|
284911D5000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
2946A9D000
|
stack
|
page read and write
|
||
|
1F4E4840000
|
trusted library allocation
|
page read and write
|
||
|
1F4E3FD0000
|
trusted library allocation
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
1F4E9056000
|
trusted library allocation
|
page read and write
|
||
|
34921BF000
|
stack
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
19047140000
|
heap
|
page read and write
|
||
|
151B000
|
heap
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
10E2AFE000
|
unkown
|
page readonly
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1FE805D0000
|
heap
|
page read and write
|
||
|
1517000
|
heap
|
page read and write
|
||
|
18ED49C5000
|
heap
|
page read and write
|
||
|
18ED4990000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1509000
|
heap
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
9D272FD000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
99695EF000
|
stack
|
page read and write
|
||
|
1F4E3841000
|
heap
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
1F4E38A0000
|
heap
|
page read and write
|
||
|
1F4E906C000
|
trusted library allocation
|
page read and write
|
||
|
170C7B70000
|
heap
|
page read and write
|
||
|
531147E000
|
stack
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
BC5000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
7FF74F589000
|
unkown
|
page readonly
|
||
|
12267000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
7FF74F581000
|
unkown
|
page execute read
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
1F4E90BA000
|
trusted library allocation
|
page read and write
|
||
|
528347F000
|
stack
|
page read and write
|
||
|
7FF7970C0000
|
unkown
|
page readonly
|
||
|
1F4E8D00000
|
trusted library allocation
|
page read and write
|
||
|
1F4E908E000
|
trusted library allocation
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
1F4E8F0A000
|
heap
|
page read and write
|
||
|
14C2000
|
heap
|
page read and write
|
||
|
1541000
|
heap
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
14000A000
|
unkown
|
page readonly
|
||
|
28491000000
|
heap
|
page read and write
|
||
|
28DDDD70000
|
heap
|
page read and write
|
||
|
122A8000
|
heap
|
page read and write
|
||
|
204887F0000
|
unkown
|
page read and write
|
||
|
7FF74F580000
|
unkown
|
page readonly
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
DC4C77F000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1F4E4113000
|
heap
|
page read and write
|
||
|
170C7C14000
|
heap
|
page read and write
|
||
|
19046E80000
|
heap
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
7FF74F58B000
|
unkown
|
page write copy
|
||
|
1F4E9018000
|
trusted library allocation
|
page read and write
|
||
|
1541000
|
heap
|
page read and write
|
||
|
1F4E3879000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
19046F80000
|
heap
|
page read and write
|
||
|
1F4E8D30000
|
trusted library allocation
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
DE5000
|
heap
|
page read and write
|
||
|
1F4E4100000
|
heap
|
page read and write
|
||
|
1F4E8EEC000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
20166220000
|
heap
|
page read and write
|
||
|
1F4E9000000
|
trusted library allocation
|
page read and write
|
||
|
1600000
|
direct allocation
|
page read and write
|
||
|
7FF74F80A000
|
unkown
|
page readonly
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1F4E9064000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
E83F6CD000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1B925B40000
|
heap
|
page read and write
|
||
|
2642F300000
|
heap
|
page read and write
|
||
|
12400000
|
trusted library allocation
|
page read and write
|
||
|
DC4C67D000
|
stack
|
page read and write
|
||
|
204887F0000
|
unkown
|
page read and write
|
||
|
151995D0000
|
heap
|
page read and write
|
||
|
28DDDE30000
|
heap
|
page read and write
|
||
|
140007000
|
unkown
|
page readonly
|
||
|
1FED68F5000
|
heap
|
page read and write
|
||
|
18ED49B8000
|
heap
|
page read and write
|
||
|
6600000
|
direct allocation
|
page read and write
|
||
|
1B925E55000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1F4E911A000
|
trusted library allocation
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
10E2BFB000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1F4E3813000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1533000
|
heap
|
page read and write
|
||
|
1F4E3720000
|
heap
|
page read and write
|
||
|
66BD5FE000
|
stack
|
page read and write
|
||
|
20488860000
|
heap
|
page read and write
|
||
|
17BD9FD000
|
stack
|
page read and write
|
||
|
14F9000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
122B4000
|
heap
|
page read and write
|
||
|
14F0000
|
heap
|
page read and write
|
||
|
254DFE40000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
23631019000
|
heap
|
page read and write
|
||
|
254DFE50000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
20166080000
|
heap
|
page read and write
|
||
|
1F4E3873000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
7FF7970C9000
|
unkown
|
page readonly
|
||
|
12400000
|
trusted library allocation
|
page read and write
|
||
|
10E2E7E000
|
stack
|
page read and write
|
||
|
10E2DFE000
|
unkown
|
page readonly
|
||
|
1F4E8E2C000
|
heap
|
page read and write
|
||
|
1F4E8E5A000
|
heap
|
page read and write
|
||
|
204886F0000
|
heap
|
page read and write
|
||
|
11C0000
|
direct allocation
|
page execute read
|
||
|
7916BFF000
|
stack
|
page read and write
|
||
|
135E000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1F4E4CC0000
|
trusted library allocation
|
page read and write
|
||
|
1F4E90FC000
|
trusted library allocation
|
page read and write
|
||
|
14F9000
|
heap
|
page read and write
|
||
|
BEA000
|
heap
|
page read and write
|
||
|
1513000
|
heap
|
page read and write
|
||
|
ABCAAFE000
|
stack
|
page read and write
|
||
|
1F4EA000000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1F4E411C000
|
heap
|
page read and write
|
||
|
151D000
|
heap
|
page read and write
|
||
|
7FF797348000
|
unkown
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
10E2FFE000
|
unkown
|
page readonly
|
||
|
2642F320000
|
heap
|
page read and write
|
||
|
1F4E8ECA000
|
heap
|
page read and write
|
||
|
1F4E4970000
|
trusted library section
|
page readonly
|
||
|
1F4E90A0000
|
remote allocation
|
page read and write
|
||
|
99694ED000
|
stack
|
page read and write
|
||
|
1F4E4960000
|
trusted library section
|
page readonly
|
||
|
170C7C00000
|
heap
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1501000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
7FF7970CB000
|
unkown
|
page write copy
|
||
|
7FF74F58B000
|
unkown
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1F4E90A3000
|
trusted library allocation
|
page read and write
|
||
|
1F4E8CF0000
|
trusted library allocation
|
page read and write
|
||
|
10E35FB000
|
stack
|
page read and write
|
||
|
1F4E9091000
|
trusted library allocation
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
1F4E8E00000
|
heap
|
page read and write
|
||
|
EC771ED000
|
stack
|
page read and write
|
||
|
2642F6E5000
|
heap
|
page read and write
|
||
|
7FF7970C9000
|
unkown
|
page readonly
|
||
|
28DDE1A0000
|
heap
|
page read and write
|
||
|
531157F000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
454C69D000
|
stack
|
page read and write
|
||
|
1F4E38A2000
|
heap
|
page read and write
|
||
|
1F4E3740000
|
heap
|
page read and write
|
||
|
C4E000
|
heap
|
page read and write
|
||
|
1B925B48000
|
heap
|
page read and write
|
||
|
1E2FA1CB000
|
heap
|
page read and write
|
||
|
1E829EE8000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1FED6610000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
20166088000
|
heap
|
page read and write
|
||
|
1F4E9050000
|
trusted library allocation
|
page read and write
|
||
|
10E3EFE000
|
unkown
|
page readonly
|
||
|
1F4E8D40000
|
trusted library allocation
|
page read and write
|
||
|
170C7A90000
|
heap
|
page read and write
|
||
|
1517000
|
heap
|
page read and write
|
||
|
125E000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
11BE000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
20488B50000
|
heap
|
page read and write
|
||
|
1F4E388F000
|
heap
|
page read and write
|
||
|
1E2FA3B0000
|
unkown
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1501000
|
heap
|
page read and write
|
||
|
12400000
|
trusted library allocation
|
page read and write
|
||
|
10E2CFE000
|
unkown
|
page readonly
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
1F4E411A000
|
heap
|
page read and write
|
||
|
7FF7970CC000
|
unkown
|
page write copy
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
1553000
|
heap
|
page read and write
|
||
|
349213F000
|
stack
|
page read and write
|
||
|
1F4E90A0000
|
trusted library allocation
|
page read and write
|
||
|
10E36FE000
|
unkown
|
page readonly
|
||
|
D9EC1BD000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1509000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1F4E8D30000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
1F4E90E8000
|
trusted library allocation
|
page read and write
|
||
|
122A5000
|
heap
|
page read and write
|
||
|
1F4E8E42000
|
heap
|
page read and write
|
||
|
28490F00000
|
heap
|
page read and write
|
||
|
12400000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
145F000
|
stack
|
page read and write
|
||
|
140009000
|
unkown
|
page read and write
|
||
|
10E32FE000
|
unkown
|
page readonly
|
||
|
20488B55000
|
heap
|
page read and write
|
||
|
2000000
|
direct allocation
|
page read and write
|
||
|
1F4E9072000
|
trusted library allocation
|
page read and write
|
||
|
1F4E90A0000
|
remote allocation
|
page read and write
|
||
|
1E82A1D0000
|
heap
|
page read and write
|
||
|
1501000
|
heap
|
page read and write
|
||
|
996956F000
|
stack
|
page read and write
|
||
|
1F4E9107000
|
trusted library allocation
|
page read and write
|
||
|
1E2FA0E0000
|
heap
|
page read and write
|
||
|
BC1000
|
heap
|
page read and write
|
||
|
9D272EE000
|
stack
|
page read and write
|
||
|
170C7BE5000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
10E327E000
|
stack
|
page read and write
|
||
|
34920BD000
|
stack
|
page read and write
|
||
|
1FE805B0000
|
heap
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
1F4E8F13000
|
heap
|
page read and write
|
||
|
1F4E3929000
|
heap
|
page read and write
|
||
|
151B000
|
heap
|
page read and write
|
||
|
E83F74F000
|
stack
|
page read and write
|
||
|
1FE807C0000
|
heap
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
28DDDE38000
|
heap
|
page read and write
|
||
|
1515000
|
heap
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
1229F000
|
heap
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
10E2D7E000
|
stack
|
page read and write
|
||
|
7000000
|
direct allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
1509000
|
heap
|
page read and write
|
||
|
1F4E385B000
|
heap
|
page read and write
|
||
|
23631010000
|
heap
|
page read and write
|
||
|
1F4E4002000
|
heap
|
page read and write
|
||
|
10E2F7E000
|
stack
|
page read and write
|
||
|
20166000000
|
heap
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
1FE807A0000
|
heap
|
page read and write
|
||
|
13DE000
|
stack
|
page read and write
|
||
|
1E2FA1C0000
|
heap
|
page read and write
|
||
|
10E24FE000
|
unkown
|
page readonly
|
||
|
12400000
|
trusted library allocation
|
page read and write
|
||
|
7FF7970CB000
|
unkown
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
19047145000
|
heap
|
page read and write
|
||
|
11D40000
|
trusted library allocation
|
page read and write
|
||
|
1CBFE2F0000
|
heap
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1F4E9008000
|
trusted library allocation
|
page read and write
|
||
|
1F4E8D00000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
2642F6E0000
|
heap
|
page read and write
|
||
|
14DA000
|
heap
|
page read and write
|
||
|
151C000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
19046FA0000
|
heap
|
page read and write
|
||
|
12200000
|
trusted library allocation
|
page read and write
|
||
|
122B8000
|
heap
|
page read and write
|
||
|
1F4E4391000
|
trusted library allocation
|
page read and write
|
||
|
7FF7970C1000
|
unkown
|
page execute read
|
||
|
1F4E8EC3000
|
heap
|
page read and write
|
||
|
1F4E3790000
|
trusted library section
|
page read and write
|
||
|
12400000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
6FB000
|
stack
|
page read and write
|
||
|
2642F329000
|
heap
|
page read and write
|
||
|
52831BC000
|
stack
|
page read and write
|
||
|
254E0230000
|
heap
|
page read and write
|
||
|
531110D000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
2642F2F0000
|
heap
|
page read and write
|
||
|
3400000
|
direct allocation
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
1519000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
10E31FE000
|
unkown
|
page readonly
|
||
|
1538000
|
heap
|
page read and write
|
||
|
10E337E000
|
stack
|
page read and write
|
||
|
151D000
|
heap
|
page read and write
|
||
|
1F4E3891000
|
heap
|
page read and write
|
||
|
3E00000
|
direct allocation
|
page read and write
|
||
|
1F4E8E1F000
|
heap
|
page read and write
|
||
|
C43000
|
heap
|
page read and write
|
There are 655 hidden memdumps, click here to show them.