Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
7FErKDnzhp.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\fontdrvhost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Windows Multimedia Platform\MoUsoCoreWorker.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\RuntimeBroker.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\SystemSettings.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\dcvkQEwWwyGFQ.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\dwm.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\Favorites\OfficeClickToRun.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\Links\dcvkQEwWwyGFQ.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Network Shortcuts\dcvkQEwWwyGFQ.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\ShellNew\explorer.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\containercrt\Hyperblock.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\containercrt\csrss.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\containercrt\dcvkQEwWwyGFQ.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\containercrt\focLwcgbbqM4pqsNJntFjNFiUvJ.vbe
|
data
|
dropped
|
|
|
|
C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\5b884080fd4f94
|
ASCII text, with very long lines (878), with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows Multimedia Platform\1f93f77a7f4778
|
ASCII text, with very long lines (510), with no line terminators
|
dropped
|
||
|
C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\9e8d7a4ca61bd9
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Recovery\6cb0b6c459d5d3
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Recovery\9e60a5f7a3bd80
|
ASCII text, with very long lines (881), with no line terminators
|
dropped
|
||
|
C:\Recovery\ecc299855ef114
|
ASCII text, with very long lines (611), with no line terminators
|
dropped
|
||
|
C:\Users\Default\Favorites\e6c9b481da804f
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\Default\Links\ecc299855ef114
|
ASCII text, with very long lines (770), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Hyperblock.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\dcvkQEwWwyGFQ.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Network Shortcuts\ecc299855ef114
|
ASCII text, with very long lines (589), with no line terminators
|
dropped
|
||
|
C:\Windows\ShellNew\7a0fd90576e088
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\containercrt\886983d96e3d3e
|
ASCII text, with very long lines (678), with no line terminators
|
dropped
|
||
|
C:\containercrt\ecc299855ef114
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\containercrt\jVeL3.bat
|
ASCII text, with no line terminators
|
dropped
|
There are 20 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\7FErKDnzhp.exe
|
"C:\Users\user\Desktop\7FErKDnzhp.exe"
|
|
|
|
C:\Windows\SysWOW64\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\containercrt\focLwcgbbqM4pqsNJntFjNFiUvJ.vbe"
|
|
|
|
C:\containercrt\Hyperblock.exe
|
"C:\containercrt\Hyperblock.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RuntimeBrokerR" /sc MINUTE /mo 10 /tr "'C:\Users\All Users\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\RuntimeBroker.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RuntimeBroker" /sc ONLOGON /tr "'C:\Users\All Users\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\RuntimeBroker.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RuntimeBrokerR" /sc MINUTE /mo 6 /tr "'C:\Users\All Users\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\RuntimeBroker.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dcvkQEwWwyGFQd" /sc MINUTE /mo 8 /tr "'C:\containercrt\dcvkQEwWwyGFQ.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dcvkQEwWwyGFQ" /sc ONLOGON /tr "'C:\containercrt\dcvkQEwWwyGFQ.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dcvkQEwWwyGFQd" /sc MINUTE /mo 14 /tr "'C:\containercrt\dcvkQEwWwyGFQ.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "MoUsoCoreWorkerM" /sc MINUTE /mo 14 /tr "'C:\Program Files\Windows Multimedia Platform\MoUsoCoreWorker.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "MoUsoCoreWorker" /sc ONLOGON /tr "'C:\Program Files\Windows Multimedia Platform\MoUsoCoreWorker.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "MoUsoCoreWorkerM" /sc MINUTE /mo 14 /tr "'C:\Program Files\Windows Multimedia Platform\MoUsoCoreWorker.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dcvkQEwWwyGFQd" /sc MINUTE /mo 12 /tr "'C:\Recovery\dcvkQEwWwyGFQ.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dcvkQEwWwyGFQ" /sc ONLOGON /tr "'C:\Recovery\dcvkQEwWwyGFQ.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dcvkQEwWwyGFQd" /sc MINUTE /mo 9 /tr "'C:\Recovery\dcvkQEwWwyGFQ.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dcvkQEwWwyGFQd" /sc MINUTE /mo 8 /tr "'C:\Users\Default User\Links\dcvkQEwWwyGFQ.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dcvkQEwWwyGFQ" /sc ONLOGON /tr "'C:\Users\Default User\Links\dcvkQEwWwyGFQ.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dcvkQEwWwyGFQd" /sc MINUTE /mo 13 /tr "'C:\Users\Default User\Links\dcvkQEwWwyGFQ.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dwmd" /sc MINUTE /mo 12 /tr "'C:\Recovery\dwm.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dwm" /sc ONLOGON /tr "'C:\Recovery\dwm.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dwmd" /sc MINUTE /mo 14 /tr "'C:\Recovery\dwm.exe'" /rl HIGHEST /f
|
|
|
|
C:\Users\Default\Links\dcvkQEwWwyGFQ.exe
|
"C:\Users\Default User\Links\dcvkQEwWwyGFQ.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "OfficeClickToRunO" /sc MINUTE /mo 14 /tr "'C:\Users\Default User\Favorites\OfficeClickToRun.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "OfficeClickToRun" /sc ONLOGON /tr "'C:\Users\Default User\Favorites\OfficeClickToRun.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Users\Default\Links\dcvkQEwWwyGFQ.exe
|
"C:\Users\Default User\Links\dcvkQEwWwyGFQ.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "OfficeClickToRunO" /sc MINUTE /mo 10 /tr "'C:\Users\Default User\Favorites\OfficeClickToRun.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dcvkQEwWwyGFQd" /sc MINUTE /mo 5 /tr "'C:\Recovery\dcvkQEwWwyGFQ.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dcvkQEwWwyGFQ" /sc ONLOGON /tr "'C:\Recovery\dcvkQEwWwyGFQ.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dcvkQEwWwyGFQd" /sc MINUTE /mo 14 /tr "'C:\Recovery\dcvkQEwWwyGFQ.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dcvkQEwWwyGFQd" /sc MINUTE /mo 9 /tr "'C:\containercrt\dcvkQEwWwyGFQ.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dcvkQEwWwyGFQ" /sc ONLOGON /tr "'C:\containercrt\dcvkQEwWwyGFQ.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dcvkQEwWwyGFQd" /sc MINUTE /mo 5 /tr "'C:\containercrt\dcvkQEwWwyGFQ.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "csrssc" /sc MINUTE /mo 13 /tr "'C:\containercrt\csrss.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "csrss" /sc ONLOGON /tr "'C:\containercrt\csrss.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\containercrt\jVeL3.bat" "
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 26 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://a0949002.xsph.ru/@=ITN0YzM4ETM
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\SOFTWARE\9abbcc7480d8fae41c025e24ab6e87fbcb63eed3
|
df3f1dcafed1387719e9922f28280149b92256e9
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2B91000
|
trusted library allocation
|
page read and write
|
|
|
|
2831000
|
trusted library allocation
|
page read and write
|
|
|
|
3334000
|
trusted library allocation
|
page read and write
|
|
|
|
2BE4000
|
trusted library allocation
|
page read and write
|
|
|
|
2E11000
|
trusted library allocation
|
page read and write
|
|
|
|
3071000
|
heap
|
page read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
4B0E000
|
stack
|
page read and write
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
1C026000
|
heap
|
page read and write
|
||
|
1C222000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
1C200000
|
heap
|
page read and write
|
||
|
3058000
|
heap
|
page read and write
|
||
|
2BFB000
|
heap
|
page read and write
|
||
|
1C2A6000
|
heap
|
page read and write
|
||
|
1BF5D000
|
heap
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
1B633000
|
stack
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
1C23F000
|
heap
|
page read and write
|
||
|
2E7A000
|
trusted library allocation
|
page read and write
|
||
|
30DE000
|
heap
|
page read and write
|
||
|
1BE3C000
|
heap
|
page read and write
|
||
|
30F6000
|
heap
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
7FFD9BB20000
|
trusted library allocation
|
page read and write
|
||
|
1BE5B000
|
heap
|
page read and write
|
||
|
2BF8000
|
heap
|
page read and write
|
||
|
1BDBF000
|
heap
|
page read and write
|
||
|
4E70000
|
trusted library allocation
|
page read and write
|
||
|
1ABC0000
|
trusted library allocation
|
page read and write
|
||
|
2F27000
|
heap
|
page read and write
|
||
|
7FFD9BA36000
|
trusted library allocation
|
page read and write
|
||
|
2D3000
|
unkown
|
page readonly
|
||
|
2CA2000
|
heap
|
page read and write
|
||
|
1BF87000
|
heap
|
page read and write
|
||
|
3097000
|
heap
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
2BEA000
|
heap
|
page read and write
|
||
|
1C181000
|
heap
|
page read and write
|
||
|
2E95000
|
heap
|
page read and write
|
||
|
7FFD9B9BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C8C000
|
heap
|
page read and write
|
||
|
1BA6E000
|
stack
|
page read and write
|
||
|
2EF6000
|
trusted library allocation
|
page read and write
|
||
|
309F000
|
heap
|
page read and write
|
||
|
30F6000
|
heap
|
page read and write
|
||
|
1C054000
|
heap
|
page read and write
|
||
|
30B3000
|
heap
|
page read and write
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
30AA000
|
trusted library allocation
|
page read and write
|
||
|
30AE000
|
heap
|
page read and write
|
||
|
4B14000
|
heap
|
page read and write
|
||
|
760F000
|
stack
|
page read and write
|
||
|
30BA000
|
heap
|
page read and write
|
||
|
301E000
|
stack
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
DFB000
|
heap
|
page read and write
|
||
|
532E000
|
stack
|
page read and write
|
||
|
1B96E000
|
stack
|
page read and write
|
||
|
27FE000
|
stack
|
page read and write
|
||
|
309B000
|
heap
|
page read and write
|
||
|
5A4C000
|
stack
|
page read and write
|
||
|
4C9A000
|
trusted library allocation
|
page read and write
|
||
|
1B1FE000
|
stack
|
page read and write
|
||
|
7FFD9B99D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C83000
|
heap
|
page read and write
|
||
|
7FFD9B9B4000
|
trusted library allocation
|
page read and write
|
||
|
9C2000
|
unkown
|
page readonly
|
||
|
2C81000
|
heap
|
page read and write
|
||
|
7FFD9BB90000
|
trusted library allocation
|
page read and write
|
||
|
1ADBE000
|
stack
|
page read and write
|
||
|
1BD85000
|
heap
|
page read and write
|
||
|
2786000
|
stack
|
page read and write
|
||
|
1C1B5000
|
heap
|
page read and write
|
||
|
1BE4A000
|
heap
|
page read and write
|
||
|
2FC3000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
7FFD9B9B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1283D000
|
trusted library allocation
|
page read and write
|
||
|
1B953000
|
stack
|
page read and write
|
||
|
2A1000
|
unkown
|
page execute read
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
30AF000
|
heap
|
page read and write
|
||
|
4FBA000
|
heap
|
page read and write
|
||
|
30AA000
|
heap
|
page read and write
|
||
|
12831000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB4C000
|
trusted library allocation
|
page read and write
|
||
|
1C12F000
|
heap
|
page read and write
|
||
|
1BEF9000
|
heap
|
page read and write
|
||
|
1C116000
|
heap
|
page read and write
|
||
|
30B8000
|
heap
|
page read and write
|
||
|
2C89000
|
heap
|
page read and write
|
||
|
1BDCD000
|
heap
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
31CD000
|
trusted library allocation
|
page read and write
|
||
|
2DE000
|
unkown
|
page read and write
|
||
|
3078000
|
heap
|
page read and write
|
||
|
30DE000
|
heap
|
page read and write
|
||
|
2DBF000
|
stack
|
page read and write
|
||
|
9FB000
|
heap
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB5B000
|
trusted library allocation
|
page read and write
|
||
|
2BED000
|
heap
|
page read and write
|
||
|
3093000
|
heap
|
page read and write
|
||
|
4FBD000
|
heap
|
page read and write
|
||
|
32D9000
|
trusted library allocation
|
page read and write
|
||
|
2820000
|
heap
|
page execute and read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
30F6000
|
heap
|
page read and write
|
||
|
7FFD9BB6B000
|
trusted library allocation
|
page read and write
|
||
|
2C17000
|
heap
|
page read and write
|
||
|
7FFD9BB80000
|
trusted library allocation
|
page read and write
|
||
|
2FDF000
|
stack
|
page read and write
|
||
|
2C3B000
|
stack
|
page read and write
|
||
|
1C198000
|
heap
|
page read and write
|
||
|
2C8C000
|
heap
|
page read and write
|
||
|
2776000
|
stack
|
page read and write
|
||
|
27E5000
|
heap
|
page read and write
|
||
|
1C26D000
|
heap
|
page read and write
|
||
|
3078000
|
heap
|
page read and write
|
||
|
1C258000
|
heap
|
page read and write
|
||
|
1BF47000
|
heap
|
page read and write
|
||
|
1C015000
|
heap
|
page read and write
|
||
|
2F20000
|
heap
|
page read and write
|
||
|
3248000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
740E000
|
stack
|
page read and write
|
||
|
ECD000
|
heap
|
page read and write
|
||
|
30DE000
|
heap
|
page read and write
|
||
|
1C24B000
|
heap
|
page read and write
|
||
|
1BE06000
|
heap
|
page read and write
|
||
|
541E000
|
stack
|
page read and write
|
||
|
1BE70000
|
heap
|
page read and write
|
||
|
DE5000
|
heap
|
page read and write
|
||
|
1BD6E000
|
stack
|
page read and write
|
||
|
7FFD9BB5C000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
7FFD9B9A2000
|
trusted library allocation
|
page read and write
|
||
|
2A0000
|
unkown
|
page readonly
|
||
|
1BEC3000
|
heap
|
page read and write
|
||
|
30F6000
|
heap
|
page read and write
|
||
|
2BEC000
|
trusted library allocation
|
page read and write
|
||
|
1BDD7000
|
heap
|
page read and write
|
||
|
7FFD9BB4B000
|
trusted library allocation
|
page read and write
|
||
|
1C0B9000
|
heap
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
A12000
|
heap
|
page read and write
|
||
|
30AF000
|
heap
|
page read and write
|
||
|
1C21C000
|
heap
|
page read and write
|
||
|
2BE6000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
1C178000
|
heap
|
page read and write
|
||
|
2EDE000
|
stack
|
page read and write
|
||
|
1BEAE000
|
heap
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
2C17000
|
heap
|
page read and write
|
||
|
1C294000
|
heap
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
3107000
|
heap
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B982000
|
trusted library allocation
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
2C8A000
|
heap
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
2C83000
|
heap
|
page read and write
|
||
|
30B9000
|
heap
|
page read and write
|
||
|
1C90B000
|
stack
|
page read and write
|
||
|
2B00000
|
heap
|
page readonly
|
||
|
3092000
|
heap
|
page read and write
|
||
|
1BE6D000
|
heap
|
page read and write
|
||
|
DDB000
|
heap
|
page read and write
|
||
|
E6D000
|
heap
|
page read and write
|
||
|
1B7DE000
|
stack
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
30DE000
|
heap
|
page read and write
|
||
|
7FFD9B9AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3078000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
DED000
|
heap
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
2C2C000
|
heap
|
page read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page read and write
|
||
|
1BEAB000
|
heap
|
page read and write
|
||
|
328F000
|
trusted library allocation
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
7FFD9BB63000
|
trusted library allocation
|
page read and write
|
||
|
309E000
|
heap
|
page read and write
|
||
|
551E000
|
stack
|
page read and write
|
||
|
12B91000
|
trusted library allocation
|
page read and write
|
||
|
E28000
|
heap
|
page read and write
|
||
|
277C000
|
stack
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
12E1D000
|
trusted library allocation
|
page read and write
|
||
|
2EBE000
|
stack
|
page read and write
|
||
|
1BDC2000
|
heap
|
page read and write
|
||
|
1BC63000
|
stack
|
page read and write
|
||
|
30CF000
|
trusted library allocation
|
page read and write
|
||
|
4CD0000
|
heap
|
page read and write
|
||
|
3032000
|
trusted library allocation
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
30F6000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
2780000
|
stack
|
page read and write
|
||
|
30B1000
|
heap
|
page read and write
|
||
|
2A1000
|
unkown
|
page execute read
|
||
|
3090000
|
heap
|
page read and write
|
||
|
2C81000
|
heap
|
page read and write
|
||
|
1B75E000
|
stack
|
page read and write
|
||
|
594C000
|
stack
|
page read and write
|
||
|
2A0000
|
unkown
|
page readonly
|
||
|
7FFD9B9CC000
|
trusted library allocation
|
page read and write
|
||
|
30BB000
|
heap
|
page read and write
|
||
|
1C059000
|
heap
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
DC8000
|
heap
|
page read and write
|
||
|
3170000
|
trusted library allocation
|
page read and write
|
||
|
1C03D000
|
heap
|
page read and write
|
||
|
3094000
|
heap
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BFF000
|
heap
|
page read and write
|
||
|
1C0FA000
|
heap
|
page read and write
|
||
|
1C1B1000
|
heap
|
page read and write
|
||
|
EE2000
|
heap
|
page read and write
|
||
|
309D000
|
heap
|
page read and write
|
||
|
27A2000
|
stack
|
page read and write
|
||
|
7FFD9B9A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
9D6000
|
heap
|
page read and write
|
||
|
116E000
|
stack
|
page read and write
|
||
|
1C0D8000
|
heap
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
2BC8000
|
heap
|
page read and write
|
||
|
1C142000
|
heap
|
page read and write
|
||
|
309E000
|
heap
|
page read and write
|
||
|
F15000
|
heap
|
page read and write
|
||
|
590F000
|
stack
|
page read and write
|
||
|
7FFD9B984000
|
trusted library allocation
|
page read and write
|
||
|
12B9D000
|
trusted library allocation
|
page read and write
|
||
|
1B534000
|
stack
|
page read and write
|
||
|
C85000
|
heap
|
page read and write
|
||
|
1BFB1000
|
heap
|
page read and write
|
||
|
7FFD9B9DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B10000
|
heap
|
page read and write
|
||
|
1BF53000
|
heap
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
||
|
1C08A000
|
heap
|
page read and write
|
||
|
7FFD9B9BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
1BE61000
|
heap
|
page read and write
|
||
|
12B98000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA96000
|
trusted library allocation
|
page execute and read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
7FFD9BA66000
|
trusted library allocation
|
page read and write
|
||
|
2C2A000
|
heap
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B33F000
|
stack
|
page read and write
|
||
|
2B8E000
|
stack
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
4EB0000
|
heap
|
page read and write
|
||
|
7FFD9B9B7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB23000
|
trusted library allocation
|
page read and write
|
||
|
30C3000
|
heap
|
page read and write
|
||
|
7FFD9B9AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C8C000
|
heap
|
page read and write
|
||
|
7FFD9B9C4000
|
trusted library allocation
|
page read and write
|
||
|
2D3000
|
unkown
|
page readonly
|
||
|
28F8000
|
trusted library allocation
|
page read and write
|
||
|
1BD70000
|
heap
|
page read and write
|
||
|
1C0E3000
|
heap
|
page read and write
|
||
|
2B4E000
|
stack
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
30DE000
|
heap
|
page read and write
|
||
|
511F000
|
stack
|
page read and write
|
||
|
1BF70000
|
heap
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BE21000
|
heap
|
page read and write
|
||
|
7FFD9BA5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BA54000
|
stack
|
page read and write
|
||
|
1294000
|
heap
|
page read and write
|
||
|
7FFD9BB80000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
1C06E000
|
heap
|
page read and write
|
||
|
7FFD9BB53000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB73000
|
trusted library allocation
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
12E5000
|
heap
|
page read and write
|
||
|
2799000
|
stack
|
page read and write
|
||
|
1C16D000
|
heap
|
page read and write
|
||
|
1BDE7000
|
heap
|
page read and write
|
||
|
1BB5E000
|
stack
|
page read and write
|
||
|
1BDDD000
|
heap
|
page read and write
|
||
|
1BE8C000
|
heap
|
page read and write
|
||
|
7FFD9B9B2000
|
trusted library allocation
|
page read and write
|
||
|
A3B000
|
heap
|
page read and write
|
||
|
4EA0000
|
heap
|
page read and write
|
||
|
1A860000
|
trusted library allocation
|
page read and write
|
||
|
11A0000
|
trusted library allocation
|
page read and write
|
||
|
12E11000
|
trusted library allocation
|
page read and write
|
||
|
750F000
|
stack
|
page read and write
|
||
|
139E000
|
stack
|
page read and write
|
||
|
27AA000
|
stack
|
page read and write
|
||
|
2C8C000
|
heap
|
page read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
DE8000
|
heap
|
page read and write
|
||
|
7FFD9B9B3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9A4000
|
trusted library allocation
|
page read and write
|
||
|
30F6000
|
heap
|
page read and write
|
||
|
3071000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
308F000
|
heap
|
page read and write
|
||
|
2F2B000
|
heap
|
page read and write
|
||
|
7FFD9BA0C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BD9F000
|
heap
|
page read and write
|
||
|
7FFD9BB2C000
|
trusted library allocation
|
page read and write
|
||
|
2C82000
|
heap
|
page read and write
|
||
|
30A7000
|
heap
|
page read and write
|
||
|
108E000
|
stack
|
page read and write
|
||
|
30C3000
|
heap
|
page read and write
|
||
|
30A4000
|
heap
|
page read and write
|
||
|
526F000
|
stack
|
page read and write
|
||
|
7FFD9B98D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1180000
|
trusted library allocation
|
page read and write
|
||
|
4E60000
|
heap
|
page read and write
|
||
|
27E0000
|
heap
|
page read and write
|
||
|
7FFD9BA6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
A01000
|
heap
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
||
|
30BA000
|
heap
|
page read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page read and write
|
||
|
1BD8B000
|
heap
|
page read and write
|
||
|
7FFD9BA66000
|
trusted library allocation
|
page execute and read and write
|
||
|
12833000
|
trusted library allocation
|
page read and write
|
||
|
308E000
|
heap
|
page read and write
|
||
|
30B2000
|
heap
|
page read and write
|
||
|
2BF1000
|
heap
|
page read and write
|
||
|
2C8C000
|
heap
|
page read and write
|
||
|
12B93000
|
trusted library allocation
|
page read and write
|
||
|
580E000
|
stack
|
page read and write
|
||
|
126F000
|
stack
|
page read and write
|
||
|
7FFD9B9DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
12838000
|
trusted library allocation
|
page read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
3094000
|
heap
|
page read and write
|
||
|
1C80E000
|
stack
|
page read and write
|
||
|
1BEE0000
|
heap
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
2C83000
|
heap
|
page read and write
|
||
|
1B83E000
|
stack
|
page read and write
|
||
|
2E4000
|
unkown
|
page read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page execute and read and write
|
||
|
3141000
|
trusted library allocation
|
page read and write
|
||
|
2C8C000
|
heap
|
page read and write
|
||
|
1C17B000
|
heap
|
page read and write
|
||
|
7FFD9BA86000
|
trusted library allocation
|
page execute and read and write
|
||
|
BF0000
|
trusted library allocation
|
page read and write
|
||
|
30DE000
|
heap
|
page read and write
|
||
|
30A2000
|
heap
|
page read and write
|
||
|
565E000
|
stack
|
page read and write
|
||
|
2797000
|
stack
|
page read and write
|
||
|
4FB0000
|
heap
|
page read and write
|
||
|
7FFD9BB80000
|
trusted library allocation
|
page read and write
|
||
|
1C079000
|
heap
|
page read and write
|
||
|
303000
|
unkown
|
page readonly
|
||
|
2BFB000
|
heap
|
page read and write
|
||
|
3098000
|
heap
|
page read and write
|
||
|
9C0000
|
unkown
|
page readonly
|
||
|
1B230000
|
heap
|
page read and write
|
||
|
7FFD9BB30000
|
trusted library allocation
|
page read and write
|
||
|
1BFC8000
|
heap
|
page read and write
|
||
|
2CA2000
|
heap
|
page read and write
|
||
|
F9E000
|
heap
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
heap
|
page execute and read and write
|
||
|
1BEEC000
|
heap
|
page read and write
|
||
|
9DC000
|
heap
|
page read and write
|
||
|
7FFD9BB2A000
|
trusted library allocation
|
page read and write
|
||
|
3039000
|
heap
|
page read and write
|
||
|
1B85F000
|
stack
|
page read and write
|
||
|
2BFB000
|
heap
|
page read and write
|
||
|
7FFD9B983000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB5A000
|
trusted library allocation
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
7FFD9BB43000
|
trusted library allocation
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
936000
|
stack
|
page read and write
|
||
|
30BA000
|
heap
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
1C1E2000
|
heap
|
page read and write
|
||
|
6B10000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA56000
|
trusted library allocation
|
page read and write
|
||
|
30B3000
|
heap
|
page read and write
|
||
|
BD6000
|
stack
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
1C231000
|
heap
|
page read and write
|
||
|
1BFCE000
|
heap
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
30B3000
|
heap
|
page read and write
|
||
|
2B8F000
|
stack
|
page read and write
|
||
|
7FFD9B9A4000
|
trusted library allocation
|
page read and write
|
||
|
288A000
|
trusted library allocation
|
page read and write
|
||
|
EE4000
|
heap
|
page read and write
|
||
|
30DE000
|
heap
|
page read and write
|
||
|
A92000
|
unkown
|
page readonly
|
||
|
1160000
|
heap
|
page read and write
|
||
|
2C82000
|
heap
|
page read and write
|
||
|
A3D000
|
heap
|
page read and write
|
||
|
309F000
|
heap
|
page read and write
|
||
|
7FFD9B9DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
30DE000
|
heap
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
5280000
|
heap
|
page read and write
|
||
|
4FB7000
|
heap
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
501E000
|
stack
|
page read and write
|
||
|
4E80000
|
heap
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
30BB000
|
heap
|
page read and write
|
||
|
1BC5E000
|
stack
|
page read and write
|
||
|
F0F000
|
heap
|
page read and write
|
||
|
2CA2000
|
heap
|
page read and write
|
||
|
1C070000
|
heap
|
page read and write
|
||
|
30B9000
|
heap
|
page read and write
|
||
|
2F89000
|
trusted library allocation
|
page read and write
|
||
|
1C1D1000
|
heap
|
page read and write
|
||
|
30F6000
|
heap
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
3052000
|
trusted library allocation
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
7FFD9B9BC000
|
trusted library allocation
|
page read and write
|
||
|
536C000
|
stack
|
page read and write
|
||
|
4EA6000
|
heap
|
page read and write
|
||
|
2F47000
|
trusted library allocation
|
page read and write
|
||
|
311A000
|
trusted library allocation
|
page read and write
|
||
|
1C70D000
|
stack
|
page read and write
|
||
|
1B11D000
|
stack
|
page read and write
|
||
|
2BFB000
|
heap
|
page read and write
|
||
|
1BE96000
|
heap
|
page read and write
|
||
|
1C287000
|
heap
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page read and write
|
||
|
2896000
|
trusted library allocation
|
page read and write
|
||
|
D8E000
|
stack
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B39D000
|
stack
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
2C53000
|
heap
|
page read and write
|
||
|
BD5000
|
heap
|
page read and write
|
||
|
1C153000
|
heap
|
page read and write
|
||
|
3093000
|
heap
|
page read and write
|
||
|
7FF4E3600000
|
trusted library allocation
|
page execute and read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
DFD000
|
heap
|
page read and write
|
||
|
4C81000
|
trusted library allocation
|
page read and write
|
||
|
26F0000
|
heap
|
page read and write
|
||
|
2C17000
|
heap
|
page read and write
|
||
|
11E4000
|
heap
|
page read and write
|
||
|
26A6000
|
stack
|
page read and write
|
||
|
4EA7000
|
heap
|
page read and write
|
||
|
2DE000
|
unkown
|
page write copy
|
||
|
555E000
|
stack
|
page read and write
|
||
|
30AF000
|
heap
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
12E18000
|
trusted library allocation
|
page read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
10A0000
|
heap
|
page execute and read and write
|
||
|
309C000
|
heap
|
page read and write
|
||
|
30BF000
|
heap
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BF13000
|
heap
|
page read and write
|
||
|
4A70000
|
heap
|
page read and write
|
||
|
302000
|
unkown
|
page write copy
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
C40000
|
heap
|
page execute and read and write
|
||
|
30A1000
|
heap
|
page read and write
|
||
|
3098000
|
heap
|
page read and write
|
||
|
302000
|
unkown
|
page readonly
|
||
|
EAC000
|
heap
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
1B820000
|
heap
|
page execute and read and write
|
||
|
770C000
|
stack
|
page read and write
|
||
|
7FFD9B9CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
F11000
|
heap
|
page read and write
|
||
|
2EFE000
|
stack
|
page read and write
|
||
|
2C7F000
|
stack
|
page read and write
|
||
|
1B860000
|
heap
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
2793000
|
stack
|
page read and write
|
||
|
149E000
|
stack
|
page read and write
|
||
|
2C12000
|
heap
|
page read and write
|
||
|
4FB1000
|
heap
|
page read and write
|
||
|
2C2B000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
E8F000
|
stack
|
page read and write
|
||
|
12E21000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
31F5000
|
trusted library allocation
|
page read and write
|
||
|
276C000
|
stack
|
page read and write
|
||
|
2C12000
|
heap
|
page read and write
|
||
|
1BDD2000
|
heap
|
page read and write
|
||
|
1B73E000
|
stack
|
page read and write
|
||
|
2CA2000
|
heap
|
page read and write
|
||
|
7FFD9B9CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B9AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B43E000
|
stack
|
page read and write
|
||
|
2C2E000
|
heap
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B99C000
|
trusted library allocation
|
page read and write
|
||
|
2C83000
|
heap
|
page read and write
|
||
|
1B65F000
|
stack
|
page read and write
|
||
|
2C12000
|
heap
|
page read and write
|
||
|
E26000
|
heap
|
page read and write
|
||
|
AA9000
|
heap
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
2C82000
|
heap
|
page read and write
|
||
|
1290000
|
heap
|
page read and write
|
||
|
324F000
|
stack
|
page read and write
|
||
|
7FFD9BA3C000
|
trusted library allocation
|
page execute and read and write
|
||
|
30A5000
|
heap
|
page read and write
|
||
|
7FFD9B9C3000
|
trusted library allocation
|
page read and write
|
||
|
2CA2000
|
heap
|
page read and write
|
||
|
1C0FD000
|
heap
|
page read and write
|
||
|
1C297000
|
heap
|
page read and write
|
||
|
516E000
|
stack
|
page read and write
|
||
|
9C0000
|
unkown
|
page readonly
|
||
|
1B550000
|
heap
|
page execute and read and write
|
||
|
309F000
|
heap
|
page read and write
|
||
|
2E63000
|
trusted library allocation
|
page read and write
|
||
|
2D3B000
|
stack
|
page read and write
|
||
|
52EE000
|
stack
|
page read and write
|
||
|
1AE40000
|
trusted library allocation
|
page read and write
|
||
|
1BF0E000
|
heap
|
page read and write
|
||
|
2CA2000
|
heap
|
page read and write
|
||
|
3017000
|
trusted library allocation
|
page read and write
|
||
|
2E0E000
|
stack
|
page read and write
|
||
|
30F6000
|
heap
|
page read and write
|
||
|
7FFD9B993000
|
trusted library allocation
|
page read and write
|
||
|
1165000
|
heap
|
page read and write
|
||
|
1BE19000
|
heap
|
page read and write
|
||
|
7FFD9B9D4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9FC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C83000
|
heap
|
page read and write
|
||
|
301000
|
unkown
|
page read and write
|
||
|
52AD000
|
stack
|
page read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
1BB6B000
|
stack
|
page read and write
|
There are 547 hidden memdumps, click here to show them.