Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
e8RKyR4TEM.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\AutoIt3\Icons\cwxyiNpEtlalxKGPbFFnB.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Common Files\DESIGNER\cwxyiNpEtlalxKGPbFFnB.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Mozilla Maintenance Service\cwxyiNpEtlalxKGPbFFnB.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Windows Defender\en-US\conhost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Windows Media Player\cwxyiNpEtlalxKGPbFFnB.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Windows Sidebar\Shared Gadgets\cwxyiNpEtlalxKGPbFFnB.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\WindowsHolographicDevices\SpatialStore\StartMenuExperienceHost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\RuntimeBroker.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\cwxyiNpEtlalxKGPbFFnB.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\OneDrive\WinStore.App.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Free_changer_fix.exe
|
PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\grunge cheat softwsre 0.28.4.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\j7xKo0hZ28.bat
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\cwxyiNpEtlalxKGPbFFnB.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\ShellComponents\cwxyiNpEtlalxKGPbFFnB.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SystemApps\cwxyiNpEtlalxKGPbFFnB.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\msDriverSessionHost\RuntimeBroker.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\msDriverSessionHost\chainProvider.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\msDriverSessionHost\cwxyiNpEtlalxKGPbFFnB.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\msDriverSessionHost\myVrliqnAWGzbaQrrwFJCBOXabSQn5.vbe
|
data
|
dropped
|
|
|
|
C:\Program Files (x86)\AutoIt3\Icons\b49250d0ebe870
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Common Files\DESIGNER\b49250d0ebe870
|
ASCII text, with very long lines (857), with no line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Mozilla Maintenance Service\b49250d0ebe870
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows Defender\en-US\088424020bedd6
|
ASCII text, with very long lines (367), with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows Media Player\b49250d0ebe870
|
ASCII text, with very long lines (565), with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows Sidebar\Shared Gadgets\b49250d0ebe870
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\ProgramData\WindowsHolographicDevices\SpatialStore\55b276f4edf653
|
ASCII text, with very long lines (761), with no line terminators
|
dropped
|
||
|
C:\Recovery\9e8d7a4ca61bd9
|
ASCII text, with very long lines (981), with no line terminators
|
dropped
|
||
|
C:\Recovery\b49250d0ebe870
|
ASCII text, with very long lines (485), with no line terminators
|
dropped
|
||
|
C:\Users\Default\OneDrive\fd168b19609dff
|
ASCII text, with very long lines (370), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\chainProvider.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\cwxyiNpEtlalxKGPbFFnB.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Wa4gCbdnDV
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\b49250d0ebe870
|
ASCII text, with very long lines (468), with no line terminators
|
dropped
|
||
|
C:\Windows\ShellComponents\b49250d0ebe870
|
ASCII text, with very long lines (318), with no line terminators
|
dropped
|
||
|
C:\Windows\SystemApps\b49250d0ebe870
|
ASCII text, with very long lines (564), with no line terminators
|
dropped
|
||
|
C:\msDriverSessionHost\9e8d7a4ca61bd9
|
ASCII text, with very long lines (703), with no line terminators
|
dropped
|
||
|
C:\msDriverSessionHost\LoFbtYsm9QvENfKMo8zDNNjCY.bat
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\msDriverSessionHost\b49250d0ebe870
|
ASCII text, with very long lines (891), with no line terminators
|
dropped
|
There are 30 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\e8RKyR4TEM.exe
|
"C:\Users\user\Desktop\e8RKyR4TEM.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Free_changer_fix.exe
|
"C:\Users\user\AppData\Local\Temp\Free_changer_fix.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\grunge cheat softwsre 0.28.4.exe
|
"C:\Users\user\AppData\Local\Temp\grunge cheat softwsre 0.28.4.exe"
|
|
|
|
C:\Windows\SysWOW64\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\msDriverSessionHost\myVrliqnAWGzbaQrrwFJCBOXabSQn5.vbe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\msDriverSessionHost\chainProvider.exe
|
"C:\msDriverSessionHost\chainProvider.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "cwxyiNpEtlalxKGPbFFnBc" /sc MINUTE /mo 8 /tr "'C:\Program Files\Windows Sidebar\Shared Gadgets\cwxyiNpEtlalxKGPbFFnB.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "cwxyiNpEtlalxKGPbFFnB" /sc ONLOGON /tr "'C:\Program Files\Windows Sidebar\Shared Gadgets\cwxyiNpEtlalxKGPbFFnB.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "cwxyiNpEtlalxKGPbFFnBc" /sc MINUTE /mo 10 /tr "'C:\Program Files\Windows Sidebar\Shared Gadgets\cwxyiNpEtlalxKGPbFFnB.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "conhostc" /sc MINUTE /mo 5 /tr "'C:\Program Files\Windows Defender\en-US\conhost.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "conhost" /sc ONLOGON /tr "'C:\Program Files\Windows Defender\en-US\conhost.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "conhostc" /sc MINUTE /mo 5 /tr "'C:\Program Files\Windows Defender\en-US\conhost.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "cwxyiNpEtlalxKGPbFFnBc" /sc MINUTE /mo 9 /tr "'C:\Users\user\cwxyiNpEtlalxKGPbFFnB.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "cwxyiNpEtlalxKGPbFFnB" /sc ONLOGON /tr "'C:\Users\user\cwxyiNpEtlalxKGPbFFnB.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "cwxyiNpEtlalxKGPbFFnBc" /sc MINUTE /mo 5 /tr "'C:\Users\user\cwxyiNpEtlalxKGPbFFnB.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "cwxyiNpEtlalxKGPbFFnBc" /sc MINUTE /mo 5 /tr "'C:\msDriverSessionHost\cwxyiNpEtlalxKGPbFFnB.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "cwxyiNpEtlalxKGPbFFnB" /sc ONLOGON /tr "'C:\msDriverSessionHost\cwxyiNpEtlalxKGPbFFnB.exe'" /rl
HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "cwxyiNpEtlalxKGPbFFnBc" /sc MINUTE /mo 12 /tr "'C:\msDriverSessionHost\cwxyiNpEtlalxKGPbFFnB.exe'"
/rl HIGHEST /f
|
|
|
|
C:\msDriverSessionHost\cwxyiNpEtlalxKGPbFFnB.exe
|
C:\msDriverSessionHost\cwxyiNpEtlalxKGPbFFnB.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "cwxyiNpEtlalxKGPbFFnBc" /sc MINUTE /mo 8 /tr "'C:\msDriverSessionHost\cwxyiNpEtlalxKGPbFFnB.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "cwxyiNpEtlalxKGPbFFnB" /sc ONLOGON /tr "'C:\msDriverSessionHost\cwxyiNpEtlalxKGPbFFnB.exe'" /rl
HIGHEST /f
|
|
|
|
C:\msDriverSessionHost\cwxyiNpEtlalxKGPbFFnB.exe
|
C:\msDriverSessionHost\cwxyiNpEtlalxKGPbFFnB.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "cwxyiNpEtlalxKGPbFFnBc" /sc MINUTE /mo 9 /tr "'C:\msDriverSessionHost\cwxyiNpEtlalxKGPbFFnB.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RuntimeBrokerR" /sc MINUTE /mo 11 /tr "'C:\msDriverSessionHost\RuntimeBroker.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RuntimeBroker" /sc ONLOGON /tr "'C:\msDriverSessionHost\RuntimeBroker.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RuntimeBrokerR" /sc MINUTE /mo 9 /tr "'C:\msDriverSessionHost\RuntimeBroker.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "cwxyiNpEtlalxKGPbFFnBc" /sc MINUTE /mo 8 /tr "'C:\Program Files\Windows Media Player\cwxyiNpEtlalxKGPbFFnB.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "cwxyiNpEtlalxKGPbFFnB" /sc ONLOGON /tr "'C:\Program Files\Windows Media Player\cwxyiNpEtlalxKGPbFFnB.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "cwxyiNpEtlalxKGPbFFnBc" /sc MINUTE /mo 10 /tr "'C:\Program Files\Windows Media Player\cwxyiNpEtlalxKGPbFFnB.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "StartMenuExperienceHostS" /sc MINUTE /mo 8 /tr "'C:\Users\All Users\WindowsHolographicDevices\SpatialStore\StartMenuExperienceHost.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "StartMenuExperienceHost" /sc ONLOGON /tr "'C:\Users\All Users\WindowsHolographicDevices\SpatialStore\StartMenuExperienceHost.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "StartMenuExperienceHostS" /sc MINUTE /mo 14 /tr "'C:\Users\All Users\WindowsHolographicDevices\SpatialStore\StartMenuExperienceHost.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "WinStore.AppW" /sc MINUTE /mo 5 /tr "'C:\Users\Default User\OneDrive\WinStore.App.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "WinStore.App" /sc ONLOGON /tr "'C:\Users\Default User\OneDrive\WinStore.App.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "WinStore.AppW" /sc MINUTE /mo 6 /tr "'C:\Users\Default User\OneDrive\WinStore.App.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "cwxyiNpEtlalxKGPbFFnBc" /sc MINUTE /mo 10 /tr "'C:\Program Files (x86)\common files\DESIGNER\cwxyiNpEtlalxKGPbFFnB.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "cwxyiNpEtlalxKGPbFFnB" /sc ONLOGON /tr "'C:\Program Files (x86)\common files\DESIGNER\cwxyiNpEtlalxKGPbFFnB.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "cwxyiNpEtlalxKGPbFFnBc" /sc MINUTE /mo 5 /tr "'C:\Program Files (x86)\common files\DESIGNER\cwxyiNpEtlalxKGPbFFnB.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\msDriverSessionHost\LoFbtYsm9QvENfKMo8zDNNjCY.bat" "
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 30 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://a0944507.xsph.ru/@==gbJBzYuFDT
|
|||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
https://gunaui.com/api/licensing.php
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
||
|
https://gunaui.com/
|
unknown
|
||
|
https://gunaui.com/pricing
|
unknown
|
There are 20 hidden URLs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\SOFTWARE\3dd588891f7c3b6535f48f2bcb75307d69a5f222
|
686a0e910aa468ef1e1ceea1892e55af518a2f77
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.ApplicationCompany
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1AB4B04F000
|
trusted library allocation
|
page read and write
|
|
|
|
2FB9000
|
trusted library allocation
|
page read and write
|
|
|
|
1AB38F02000
|
unkown
|
page readonly
|
|
|
|
408000
|
unkown
|
page readonly
|
|
|
|
1AB3B043000
|
trusted library allocation
|
page read and write
|
|
|
|
1AB53B00000
|
trusted library section
|
page read and write
|
|
|
|
2705000
|
trusted library allocation
|
page read and write
|
|
|
|
2736000
|
trusted library allocation
|
page read and write
|
|
|
|
1AB4B3AB000
|
trusted library allocation
|
page read and write
|
|
|
|
2666000
|
heap
|
page read and write
|
|
|
|
1AB53A20000
|
trusted library section
|
page read and write
|
|
|
|
2F71000
|
trusted library allocation
|
page read and write
|
|
|
|
34B0000
|
trusted library allocation
|
page read and write
|
|
|
|
2F91000
|
trusted library allocation
|
page read and write
|
|
|
|
7500000
|
heap
|
page read and write
|
||
|
7FFD9B7D7000
|
trusted library allocation
|
page read and write
|
||
|
1CBCB000
|
stack
|
page read and write
|
||
|
887000
|
heap
|
page read and write
|
||
|
8BA77FF000
|
stack
|
page read and write
|
||
|
1AB3941D000
|
heap
|
page read and write
|
||
|
1BCCE000
|
stack
|
page read and write
|
||
|
5BE000
|
unkown
|
page read and write
|
||
|
1AB394E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
945000
|
heap
|
page read and write
|
||
|
88D000
|
heap
|
page read and write
|
||
|
15F4000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
1E5000
|
heap
|
page read and write
|
||
|
1AB535FC000
|
heap
|
page read and write
|
||
|
7FFD9B80C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AB53910000
|
heap
|
page execute and read and write
|
||
|
3210000
|
heap
|
page readonly
|
||
|
1C0BF000
|
heap
|
page read and write
|
||
|
1BACF000
|
stack
|
page read and write
|
||
|
2F5C000
|
stack
|
page read and write
|
||
|
CA2000
|
unkown
|
page readonly
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
BCF000
|
stack
|
page read and write
|
||
|
942000
|
heap
|
page read and write
|
||
|
D7F000
|
stack
|
page read and write
|
||
|
1C079000
|
heap
|
page read and write
|
||
|
874000
|
heap
|
page read and write
|
||
|
87C000
|
heap
|
page read and write
|
||
|
396000
|
heap
|
page read and write
|
||
|
7FFD9B7C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
366F000
|
stack
|
page read and write
|
||
|
989000
|
heap
|
page read and write
|
||
|
1C03D000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1AB53D44000
|
heap
|
page read and write
|
||
|
1AB5500D000
|
trusted library allocation
|
page read and write
|
||
|
2F8E000
|
stack
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
1134000
|
heap
|
page read and write
|
||
|
4B4F000
|
stack
|
page read and write
|
||
|
879000
|
heap
|
page read and write
|
||
|
7FFD9B963000
|
trusted library allocation
|
page read and write
|
||
|
1AB53720000
|
trusted library section
|
page read and write
|
||
|
7FFD9B9B7000
|
trusted library allocation
|
page read and write
|
||
|
33B9000
|
trusted library allocation
|
page read and write
|
||
|
1AB3B4AA000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B876000
|
trusted library allocation
|
page read and write
|
||
|
134B000
|
heap
|
page read and write
|
||
|
1AB53622000
|
heap
|
page read and write
|
||
|
87F000
|
heap
|
page read and write
|
||
|
858000
|
heap
|
page read and write
|
||
|
893000
|
heap
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
80E000
|
stack
|
page read and write
|
||
|
7FFD9B7C0000
|
trusted library allocation
|
page read and write
|
||
|
1AB3AF21000
|
trusted library allocation
|
page read and write
|
||
|
3534000
|
heap
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
366E000
|
stack
|
page read and write
|
||
|
1AB393F2000
|
heap
|
page read and write
|
||
|
37AC000
|
stack
|
page read and write
|
||
|
1AB538F0000
|
heap
|
page execute and read and write
|
||
|
1AB52F50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B992000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B860000
|
trusted library allocation
|
page read and write
|
||
|
1BABF000
|
stack
|
page read and write
|
||
|
875000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1BE23000
|
stack
|
page read and write
|
||
|
3534000
|
heap
|
page read and write
|
||
|
1C0AC000
|
heap
|
page read and write
|
||
|
7FFD9B95E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9B3000
|
trusted library allocation
|
page read and write
|
||
|
4C4F000
|
stack
|
page read and write
|
||
|
CA0000
|
unkown
|
page readonly
|
||
|
52E0000
|
heap
|
page read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page execute and read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
2F6C000
|
stack
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
8BA6FFE000
|
stack
|
page read and write
|
||
|
7FFD9B7E2000
|
trusted library allocation
|
page read and write
|
||
|
26EE000
|
stack
|
page read and write
|
||
|
9CC000
|
heap
|
page read and write
|
||
|
96B000
|
heap
|
page read and write
|
||
|
1AB39550000
|
heap
|
page read and write
|
||
|
524E000
|
stack
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
1AB393DA000
|
heap
|
page read and write
|
||
|
1AB54E42000
|
trusted library allocation
|
page read and write
|
||
|
1C335000
|
heap
|
page read and write
|
||
|
838000
|
heap
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
891000
|
heap
|
page read and write
|
||
|
7FFD9BBF0000
|
trusted library allocation
|
page read and write
|
||
|
1C203000
|
heap
|
page read and write
|
||
|
1AB38F3E000
|
unkown
|
page readonly
|
||
|
1AB53D90000
|
heap
|
page read and write
|
||
|
1B4FE000
|
stack
|
page read and write
|
||
|
6D00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
A6D000
|
stack
|
page read and write
|
||
|
31AB000
|
trusted library allocation
|
page read and write
|
||
|
1C515000
|
heap
|
page read and write
|
||
|
376F000
|
stack
|
page read and write
|
||
|
1C330000
|
heap
|
page read and write
|
||
|
7FFD9B98B000
|
trusted library allocation
|
page read and write
|
||
|
1338000
|
heap
|
page read and write
|
||
|
1CA2E000
|
stack
|
page read and write
|
||
|
1C34A000
|
heap
|
page read and write
|
||
|
D8F000
|
stack
|
page read and write
|
||
|
7FFD9B804000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B89C000
|
trusted library allocation
|
page execute and read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
5E3000
|
unkown
|
page readonly
|
||
|
1AB391AA000
|
unkown
|
page readonly
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
5A1C000
|
stack
|
page read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
1AB38F00000
|
unkown
|
page readonly
|
||
|
1AB394D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC70000
|
trusted library allocation
|
page read and write
|
||
|
12F7D000
|
trusted library allocation
|
page read and write
|
||
|
5A70000
|
heap
|
page read and write
|
||
|
1B3B4000
|
stack
|
page read and write
|
||
|
861000
|
heap
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
5B3000
|
unkown
|
page readonly
|
||
|
52D1000
|
trusted library allocation
|
page read and write
|
||
|
1BDC3000
|
stack
|
page read and write
|
||
|
1C4B4000
|
heap
|
page read and write
|
||
|
7FFD9B7C7000
|
trusted library allocation
|
page read and write
|
||
|
1AB393A0000
|
heap
|
page read and write
|
||
|
1AB39570000
|
heap
|
page read and write
|
||
|
323F000
|
stack
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
1C317000
|
heap
|
page read and write
|
||
|
1BC2E000
|
stack
|
page read and write
|
||
|
895000
|
heap
|
page read and write
|
||
|
8BA63ED000
|
stack
|
page read and write
|
||
|
2F60000
|
heap
|
page execute and read and write
|
||
|
1C368000
|
heap
|
page read and write
|
||
|
858000
|
heap
|
page read and write
|
||
|
7FFD9BAF9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7C4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
89A000
|
heap
|
page read and write
|
||
|
1B4FD000
|
stack
|
page read and write
|
||
|
162F000
|
stack
|
page read and write
|
||
|
1C048000
|
heap
|
page read and write
|
||
|
1AB38F02000
|
unkown
|
page readonly
|
||
|
1358000
|
heap
|
page read and write
|
||
|
7FFD9B7D4000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
3256000
|
trusted library allocation
|
page read and write
|
||
|
52F4000
|
heap
|
page read and write
|
||
|
11AE000
|
heap
|
page read and write
|
||
|
2F75000
|
stack
|
page read and write
|
||
|
1C1D3000
|
heap
|
page read and write
|
||
|
1C1E9000
|
heap
|
page read and write
|
||
|
7FFD9B96A000
|
trusted library allocation
|
page read and write
|
||
|
8C4000
|
heap
|
page read and write
|
||
|
1C1CA000
|
heap
|
page read and write
|
||
|
1AB3AED0000
|
heap
|
page read and write
|
||
|
895000
|
heap
|
page read and write
|
||
|
883000
|
heap
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
9F7000
|
heap
|
page read and write
|
||
|
1590000
|
trusted library allocation
|
page read and write
|
||
|
8E8000
|
heap
|
page read and write
|
||
|
145E000
|
stack
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
1C1AA000
|
heap
|
page read and write
|
||
|
344B000
|
trusted library allocation
|
page read and write
|
||
|
1C261000
|
heap
|
page read and write
|
||
|
353B000
|
heap
|
page read and write
|
||
|
1C42F000
|
heap
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
2E2E000
|
stack
|
page read and write
|
||
|
7FFD9BB10000
|
trusted library allocation
|
page read and write
|
||
|
12F0000
|
trusted library allocation
|
page read and write
|
||
|
34AA000
|
heap
|
page read and write
|
||
|
1AB55220000
|
heap
|
page read and write
|
||
|
1C04B000
|
heap
|
page read and write
|
||
|
1AB53D92000
|
heap
|
page read and write
|
||
|
7FFD9BAF0000
|
trusted library allocation
|
page read and write
|
||
|
30F0000
|
heap
|
page read and write
|
||
|
3347000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
1B1BE000
|
stack
|
page read and write
|
||
|
873000
|
heap
|
page read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page read and write
|
||
|
1AB53650000
|
heap
|
page read and write
|
||
|
A2F000
|
stack
|
page read and write
|
||
|
1AB3957A000
|
heap
|
page read and write
|
||
|
77FF000
|
stack
|
page read and write
|
||
|
6CF7000
|
heap
|
page read and write
|
||
|
1AB394E3000
|
trusted library allocation
|
page read and write
|
||
|
8BA7BFC000
|
stack
|
page read and write
|
||
|
7FFD9B8E1000
|
trusted library allocation
|
page execute and read and write
|
||
|
5523000
|
heap
|
page read and write
|
||
|
591E000
|
stack
|
page read and write
|
||
|
87E000
|
heap
|
page read and write
|
||
|
1C061000
|
heap
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
7FFD9B7FC000
|
trusted library allocation
|
page read and write
|
||
|
1AFA0000
|
trusted library allocation
|
page read and write
|
||
|
1AB3AF10000
|
heap
|
page execute and read and write
|
||
|
7FFD9B7E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
155E000
|
stack
|
page read and write
|
||
|
34D3000
|
trusted library allocation
|
page read and write
|
||
|
1C2EB000
|
heap
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page read and write
|
||
|
C7F000
|
stack
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
1AB3B48F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
87D000
|
heap
|
page read and write
|
||
|
3532000
|
heap
|
page read and write
|
||
|
12FA1000
|
trusted library allocation
|
page read and write
|
||
|
2FE5000
|
trusted library allocation
|
page read and write
|
||
|
897000
|
heap
|
page read and write
|
||
|
C85000
|
heap
|
page read and write
|
||
|
13BE000
|
heap
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
7FFD9B7B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1635000
|
heap
|
page read and write
|
||
|
7FFD9B7C2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB44000
|
trusted library allocation
|
page read and write
|
||
|
1AFC0000
|
trusted library allocation
|
page read and write
|
||
|
8BA7FFE000
|
stack
|
page read and write
|
||
|
7FFD9B7E4000
|
trusted library allocation
|
page read and write
|
||
|
12F91000
|
trusted library allocation
|
page read and write
|
||
|
5520000
|
trusted library allocation
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
88C000
|
heap
|
page read and write
|
||
|
5F6000
|
stack
|
page read and write
|
||
|
7FFD9BA7F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page read and write
|
||
|
580000
|
unkown
|
page readonly
|
||
|
1AB393BC000
|
heap
|
page read and write
|
||
|
6CF0000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
1630000
|
heap
|
page read and write
|
||
|
1AB53D20000
|
heap
|
page read and write
|
||
|
1C13E000
|
heap
|
page read and write
|
||
|
7FFD9B7D3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B961000
|
trusted library allocation
|
page read and write
|
||
|
1AB535E6000
|
heap
|
page read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
3430000
|
heap
|
page read and write
|
||
|
7FFD9B983000
|
trusted library allocation
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
876000
|
heap
|
page read and write
|
||
|
2FDE000
|
stack
|
page read and write
|
||
|
7FFD9B7BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C234000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page execute and read and write
|
||
|
404000
|
unkown
|
page read and write
|
||
|
32A5000
|
heap
|
page read and write
|
||
|
2669000
|
heap
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AC7E000
|
stack
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
126F1000
|
trusted library allocation
|
page read and write
|
||
|
552D000
|
heap
|
page read and write
|
||
|
595E000
|
stack
|
page read and write
|
||
|
126FD000
|
trusted library allocation
|
page read and write
|
||
|
353B000
|
heap
|
page read and write
|
||
|
B7E000
|
stack
|
page read and write
|
||
|
34B9000
|
heap
|
page read and write
|
||
|
7FFD9B96C000
|
trusted library allocation
|
page read and write
|
||
|
878000
|
heap
|
page read and write
|
||
|
581000
|
unkown
|
page execute read
|
||
|
1AB39580000
|
heap
|
page read and write
|
||
|
30B7000
|
trusted library allocation
|
page read and write
|
||
|
54AD000
|
stack
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
1C030000
|
heap
|
page read and write
|
||
|
1AB53684000
|
heap
|
page read and write
|
||
|
1C92E000
|
stack
|
page read and write
|
||
|
8A3000
|
heap
|
page read and write
|
||
|
1201000
|
heap
|
page read and write
|
||
|
349E000
|
heap
|
page read and write
|
||
|
1AB58F30000
|
heap
|
page read and write
|
||
|
1116000
|
stack
|
page read and write
|
||
|
2F87000
|
stack
|
page read and write
|
||
|
7FFD9B9A3000
|
trusted library allocation
|
page read and write
|
||
|
3404000
|
trusted library allocation
|
page read and write
|
||
|
3046000
|
trusted library allocation
|
page read and write
|
||
|
87F000
|
heap
|
page read and write
|
||
|
11FF000
|
heap
|
page read and write
|
||
|
7FFD9B80B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B95E000
|
stack
|
page read and write
|
||
|
2F9A000
|
stack
|
page read and write
|
||
|
7FFD9BAF6000
|
trusted library allocation
|
page read and write
|
||
|
1B51D000
|
stack
|
page read and write
|
||
|
1AB3B534000
|
trusted library allocation
|
page read and write
|
||
|
1AB535E0000
|
heap
|
page read and write
|
||
|
11B2000
|
heap
|
page read and write
|
||
|
536F000
|
stack
|
page read and write
|
||
|
87A000
|
heap
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
5C4000
|
unkown
|
page read and write
|
||
|
96F000
|
heap
|
page read and write
|
||
|
8A5000
|
heap
|
page read and write
|
||
|
32EA000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page read and write
|
||
|
44A0000
|
heap
|
page read and write
|
||
|
2795000
|
heap
|
page read and write
|
||
|
126F3000
|
trusted library allocation
|
page read and write
|
||
|
3150000
|
trusted library allocation
|
page read and write
|
||
|
34DA000
|
trusted library allocation
|
page read and write
|
||
|
34DE000
|
heap
|
page read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
88D000
|
heap
|
page read and write
|
||
|
98E000
|
heap
|
page read and write
|
||
|
7FFD9B86C000
|
trusted library allocation
|
page execute and read and write
|
||
|
34D6000
|
heap
|
page read and write
|
||
|
34DE000
|
heap
|
page read and write
|
||
|
1AB53765000
|
heap
|
page read and write
|
||
|
2F83000
|
stack
|
page read and write
|
||
|
3478000
|
heap
|
page read and write
|
||
|
126F8000
|
trusted library allocation
|
page read and write
|
||
|
34DE000
|
heap
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
8BA67FE000
|
stack
|
page read and write
|
||
|
52EA000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6FB000
|
stack
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C3BF000
|
heap
|
page read and write
|
||
|
7FFD9B7F7000
|
trusted library allocation
|
page read and write
|
||
|
34AA000
|
heap
|
page read and write
|
||
|
7FFD9B7B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
886000
|
heap
|
page read and write
|
||
|
1AB53760000
|
heap
|
page read and write
|
||
|
1C150000
|
heap
|
page read and write
|
||
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B973000
|
trusted library allocation
|
page read and write
|
||
|
1B93E000
|
stack
|
page read and write
|
||
|
1C328000
|
heap
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C3AA000
|
heap
|
page read and write
|
||
|
1C0E8000
|
heap
|
page read and write
|
||
|
9E9000
|
heap
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
89A000
|
heap
|
page read and write
|
||
|
7FFD9B7CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1207000
|
heap
|
page read and write
|
||
|
7FFD9B7C3000
|
trusted library allocation
|
page read and write
|
||
|
1C27C000
|
heap
|
page read and write
|
||
|
15B0000
|
heap
|
page read and write
|
||
|
1C0CE000
|
stack
|
page read and write
|
||
|
4E8E000
|
stack
|
page read and write
|
||
|
3470000
|
heap
|
page read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
7FFD9BB20000
|
trusted library allocation
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
7FFD9B7E0000
|
trusted library allocation
|
page read and write
|
||
|
1C3E7000
|
heap
|
page read and write
|
||
|
1C408000
|
heap
|
page read and write
|
||
|
1C0FD000
|
heap
|
page read and write
|
||
|
1C3FB000
|
heap
|
page read and write
|
||
|
581E000
|
stack
|
page read and write
|
||
|
1C371000
|
heap
|
page read and write
|
||
|
1C38D000
|
heap
|
page read and write
|
||
|
7FFD9B963000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7E0000
|
trusted library allocation
|
page read and write
|
||
|
32B4000
|
trusted library allocation
|
page read and write
|
||
|
1C130000
|
heap
|
page read and write
|
||
|
7FFD9B7EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C44B000
|
heap
|
page read and write
|
||
|
1AB5367F000
|
heap
|
page read and write
|
||
|
D72000
|
unkown
|
page readonly
|
||
|
337D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
1AB53D30000
|
heap
|
page read and write
|
||
|
88C000
|
heap
|
page read and write
|
||
|
1C4DB000
|
heap
|
page read and write
|
||
|
2F92000
|
stack
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
873000
|
heap
|
page read and write
|
||
|
2F66000
|
stack
|
page read and write
|
||
|
88E000
|
heap
|
page read and write
|
||
|
1C0C5000
|
heap
|
page read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
11D1000
|
heap
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
CA0000
|
unkown
|
page readonly
|
||
|
5524000
|
heap
|
page read and write
|
||
|
30DE000
|
stack
|
page read and write
|
||
|
1AB54E20000
|
trusted library allocation
|
page read and write
|
||
|
25B0000
|
heap
|
page execute and read and write
|
||
|
33DB000
|
heap
|
page read and write
|
||
|
1C323000
|
heap
|
page read and write
|
||
|
1AB39230000
|
heap
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
88C000
|
heap
|
page read and write
|
||
|
349A000
|
heap
|
page read and write
|
||
|
7FFD9B896000
|
trusted library allocation
|
page execute and read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
894000
|
heap
|
page read and write
|
||
|
1C37E000
|
heap
|
page read and write
|
||
|
35B000
|
stack
|
page read and write
|
||
|
3260000
|
heap
|
page read and write
|
||
|
7FF412130000
|
trusted library allocation
|
page execute and read and write
|
||
|
25E0000
|
heap
|
page read and write
|
||
|
7FFD9B7D0000
|
trusted library allocation
|
page read and write
|
||
|
34D5000
|
trusted library allocation
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
1C404000
|
heap
|
page read and write
|
||
|
87D000
|
heap
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B966000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B98C000
|
trusted library allocation
|
page read and write
|
||
|
581000
|
unkown
|
page execute read
|
||
|
1C12E000
|
heap
|
page read and write
|
||
|
8E8000
|
heap
|
page read and write
|
||
|
13D8000
|
heap
|
page read and write
|
||
|
1C23B000
|
heap
|
page read and write
|
||
|
7FFD9B81C000
|
trusted library allocation
|
page execute and read and write
|
||
|
760F000
|
heap
|
page read and write
|
||
|
88C000
|
heap
|
page read and write
|
||
|
2FFB000
|
trusted library allocation
|
page read and write
|
||
|
12F9D000
|
trusted library allocation
|
page read and write
|
||
|
1C30B000
|
heap
|
page read and write
|
||
|
1B9C0000
|
heap
|
page read and write
|
||
|
1B9B0000
|
heap
|
page read and write
|
||
|
34DE000
|
heap
|
page read and write
|
||
|
1B6FE000
|
stack
|
page read and write
|
||
|
1AB39350000
|
heap
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
599E000
|
stack
|
page read and write
|
||
|
7FFD9B99B000
|
trusted library allocation
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
353B000
|
heap
|
page read and write
|
||
|
1C080000
|
heap
|
page read and write
|
||
|
898000
|
heap
|
page read and write
|
||
|
9AF000
|
heap
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
90C000
|
heap
|
page read and write
|
||
|
5E2000
|
unkown
|
page readonly
|
||
|
900000
|
heap
|
page read and write
|
||
|
12F98000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B95C000
|
trusted library allocation
|
page read and write
|
||
|
1C02E000
|
stack
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B83C000
|
trusted library allocation
|
page execute and read and write
|
||
|
32A0000
|
heap
|
page read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C10F000
|
heap
|
page read and write
|
||
|
30E8000
|
trusted library allocation
|
page read and write
|
||
|
1AB53710000
|
trusted library allocation
|
page read and write
|
||
|
1BB20000
|
heap
|
page execute and read and write
|
||
|
7FFD9B7E4000
|
trusted library allocation
|
page read and write
|
||
|
1AB53770000
|
heap
|
page read and write
|
||
|
34DE000
|
heap
|
page read and write
|
||
|
3036000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
||
|
12F73000
|
trusted library allocation
|
page read and write
|
||
|
11D3000
|
heap
|
page read and write
|
||
|
873000
|
heap
|
page read and write
|
||
|
580000
|
unkown
|
page readonly
|
||
|
1AB3AD3F000
|
heap
|
page read and write
|
||
|
1AB535F4000
|
heap
|
page read and write
|
||
|
7FFD9B7B4000
|
trusted library allocation
|
page read and write
|
||
|
851000
|
heap
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
52F0000
|
heap
|
page read and write
|
||
|
7FFD9BC40000
|
trusted library allocation
|
page read and write
|
||
|
1AB3B497000
|
trusted library allocation
|
page read and write
|
||
|
1AB39330000
|
heap
|
page read and write
|
||
|
1C4A5000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
59DB000
|
stack
|
page read and write
|
||
|
3423000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
405000
|
unkown
|
page write copy
|
||
|
1AB59160000
|
trusted library allocation
|
page read and write
|
||
|
1AB3AF00000
|
heap
|
page read and write
|
||
|
858000
|
heap
|
page read and write
|
||
|
2E80000
|
heap
|
page execute and read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
27B6000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC10000
|
trusted library allocation
|
page read and write
|
||
|
1AB53913000
|
heap
|
page execute and read and write
|
||
|
1C502000
|
heap
|
page read and write
|
||
|
1AB3B482000
|
trusted library allocation
|
page read and write
|
||
|
33EE000
|
stack
|
page read and write
|
||
|
1AB394A7000
|
heap
|
page read and write
|
||
|
874000
|
heap
|
page read and write
|
||
|
1BECE000
|
stack
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
1C2A7000
|
heap
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
1B5F3000
|
stack
|
page read and write
|
||
|
1AB394B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8C4000
|
heap
|
page read and write
|
||
|
4FCF000
|
stack
|
page read and write
|
||
|
1AB393B0000
|
heap
|
page read and write
|
||
|
7FFD9B7CC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
3100000
|
trusted library allocation
|
page read and write
|
||
|
873000
|
heap
|
page read and write
|
||
|
7FFD9BC20000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9CD000
|
trusted library allocation
|
page read and write
|
||
|
1AB393F0000
|
heap
|
page read and write
|
||
|
1C277000
|
heap
|
page read and write
|
||
|
1AB53D4B000
|
heap
|
page read and write
|
||
|
5BE000
|
unkown
|
page write copy
|
||
|
97E000
|
stack
|
page read and write
|
||
|
B6E000
|
stack
|
page read and write
|
||
|
93F000
|
heap
|
page read and write
|
||
|
1396000
|
heap
|
page read and write
|
||
|
1AB53773000
|
heap
|
page read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
7FFD9B8DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
78FC000
|
stack
|
page read and write
|
||
|
274C000
|
trusted library allocation
|
page read and write
|
||
|
4D8E000
|
stack
|
page read and write
|
||
|
1C418000
|
heap
|
page read and write
|
||
|
7FFD9BB30000
|
trusted library allocation
|
page read and write
|
||
|
882000
|
heap
|
page read and write
|
||
|
444E000
|
stack
|
page read and write
|
||
|
8E8000
|
heap
|
page read and write
|
||
|
1AB3B4C9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B896000
|
trusted library allocation
|
page execute and read and write
|
||
|
325E000
|
stack
|
page read and write
|
||
|
1C11A000
|
heap
|
page read and write
|
||
|
136D000
|
heap
|
page read and write
|
||
|
1AB55242000
|
heap
|
page read and write
|
||
|
1BD24000
|
stack
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page read and write
|
||
|
8C4000
|
heap
|
page read and write
|
||
|
5E1000
|
unkown
|
page read and write
|
||
|
1BFCE000
|
stack
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
1AB4AF21000
|
trusted library allocation
|
page read and write
|
||
|
313E000
|
stack
|
page read and write
|
||
|
27C5000
|
trusted library allocation
|
page read and write
|
||
|
1C47E000
|
heap
|
page read and write
|
||
|
1C0F2000
|
heap
|
page read and write
|
||
|
7FFD9B7CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AB535F0000
|
heap
|
page read and write
|
||
|
1C460000
|
heap
|
page read and write
|
||
|
89A000
|
heap
|
page read and write
|
||
|
1AB59188000
|
trusted library allocation
|
page read and write
|
||
|
4510000
|
heap
|
page read and write
|
||
|
1C054000
|
heap
|
page read and write
|
||
|
7FFD9BB06000
|
trusted library allocation
|
page read and write
|
||
|
929000
|
heap
|
page read and write
|
||
|
9DE000
|
heap
|
page read and write
|
||
|
7FFD9B8A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
353B000
|
heap
|
page read and write
|
||
|
5B3000
|
unkown
|
page readonly
|
||
|
4FE0000
|
heap
|
page read and write
|
||
|
7FFD9B7C3000
|
trusted library allocation
|
page read and write
|
||
|
1BF2E000
|
stack
|
page read and write
|
||
|
1A720000
|
trusted library allocation
|
page read and write
|
||
|
33D8000
|
heap
|
page read and write
|
||
|
7FFD9B80C000
|
trusted library allocation
|
page execute and read and write
|
||
|
31FB000
|
trusted library allocation
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
7FFD9BC50000
|
trusted library allocation
|
page read and write
|
||
|
5E2000
|
unkown
|
page write copy
|
||
|
1AB3941B000
|
heap
|
page read and write
|
||
|
89A000
|
heap
|
page read and write
|
||
|
8C4000
|
heap
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
1C17D000
|
heap
|
page read and write
|
||
|
38AC000
|
stack
|
page read and write
|
||
|
1C3D9000
|
heap
|
page read and write
|
||
|
2FD8000
|
trusted library allocation
|
page read and write
|
||
|
89F000
|
heap
|
page read and write
|
||
|
2914000
|
heap
|
page read and write
|
||
|
1C064000
|
heap
|
page read and write
|
||
|
12F78000
|
trusted library allocation
|
page read and write
|
||
|
1AB38F2F000
|
unkown
|
page readonly
|
||
|
8E0000
|
trusted library allocation
|
page read and write
|
||
|
76FE000
|
stack
|
page read and write
|
||
|
34AA000
|
heap
|
page read and write
|
||
|
1AB536F0000
|
heap
|
page read and write
|
||
|
526E000
|
stack
|
page read and write
|
||
|
89D000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
1AB54FEE000
|
trusted library allocation
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
7FFD9B800000
|
trusted library allocation
|
page read and write
|
||
|
1B0BE000
|
stack
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
7FFD9B7B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E96000
|
stack
|
page read and write
|
||
|
1C2FF000
|
heap
|
page read and write
|
||
|
12D0000
|
trusted library allocation
|
page read and write
|
||
|
1AB53664000
|
heap
|
page read and write
|
||
|
448E000
|
stack
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
A18000
|
heap
|
page read and write
|
||
|
7FFD9BC60000
|
trusted library allocation
|
page execute and read and write
|
||
|
8BA73FC000
|
stack
|
page read and write
|
||
|
2F70000
|
stack
|
page read and write
|
||
|
7FFD9B896000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7D4000
|
trusted library allocation
|
page read and write
|
||
|
3508000
|
heap
|
page read and write
|
||
|
1AB3B4BD000
|
trusted library allocation
|
page read and write
|
||
|
33BD000
|
stack
|
page read and write
|
||
|
1C48B000
|
heap
|
page read and write
|
||
|
3534000
|
heap
|
page read and write
|
||
|
10F6000
|
stack
|
page read and write
|
||
|
1C43A000
|
heap
|
page read and write
|
||
|
1AB53D81000
|
heap
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
34DE000
|
heap
|
page read and write
|
||
|
87C000
|
heap
|
page read and write
|
||
|
1AB53920000
|
heap
|
page read and write
|
||
|
873000
|
heap
|
page read and write
|
||
|
1C387000
|
heap
|
page read and write
|
||
|
15D0000
|
trusted library allocation
|
page read and write
|
||
|
34EF000
|
stack
|
page read and write
|
||
|
353B000
|
heap
|
page read and write
|
||
|
8E8000
|
heap
|
page read and write
|
||
|
882000
|
heap
|
page read and write
|
||
|
7FFD9B7DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
352E000
|
stack
|
page read and write
|
||
|
3534000
|
heap
|
page read and write
|
||
|
1AB39310000
|
heap
|
page read and write
|
||
|
53AB000
|
stack
|
page read and write
|
||
|
1BBC0000
|
heap
|
page execute and read and write
|
||
|
4FD0000
|
heap
|
page read and write
|
||
|
1398000
|
heap
|
page read and write
|
||
|
86F000
|
heap
|
page read and write
|
||
|
7FFD9BC00000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FCC000
|
trusted library allocation
|
page read and write
|
||
|
2EDE000
|
stack
|
page read and write
|
||
|
135B000
|
heap
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
4ECE000
|
stack
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
1B2BE000
|
stack
|
page read and write
|
||
|
92F000
|
heap
|
page read and write
|
||
|
7FFD9B7CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
7FFD9B87C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
||
|
79FC000
|
stack
|
page read and write
|
||
|
362F000
|
stack
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAFC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B987000
|
trusted library allocation
|
page read and write
|
||
|
1C198000
|
heap
|
page read and write
|
||
|
906000
|
heap
|
page read and write
|
||
|
87D000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
882000
|
heap
|
page read and write
|
||
|
1AB39427000
|
heap
|
page read and write
|
||
|
1AB38F3A000
|
unkown
|
page readonly
|
||
|
12C5000
|
heap
|
page read and write
|
||
|
1C32E000
|
heap
|
page read and write
|
||
|
1C436000
|
heap
|
page read and write
|
||
|
1AB393A5000
|
heap
|
page read and write
|
||
|
3534000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
136B000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
1AB39585000
|
heap
|
page read and write
|
||
|
A9A000
|
heap
|
page read and write
|
||
|
BD0000
|
trusted library allocation
|
page read and write
|
||
|
3532000
|
heap
|
page read and write
|
||
|
898000
|
heap
|
page read and write
|
||
|
89C000
|
heap
|
page read and write
|
||
|
7FFD9B80D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AB53602000
|
heap
|
page read and write
|
||
|
7FFD9B7ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C293000
|
heap
|
page read and write
|
||
|
12F71000
|
trusted library allocation
|
page read and write
|
||
|
1AB5363E000
|
heap
|
page read and write
|
||
|
861000
|
heap
|
page read and write
|
||
|
7FFD9B7F3000
|
trusted library allocation
|
page read and write
|
||
|
1C076000
|
heap
|
page read and write
|
||
|
86E000
|
heap
|
page read and write
|
||
|
86D000
|
heap
|
page read and write
|
||
|
6CF0000
|
heap
|
page read and write
|
||
|
1C12B000
|
heap
|
page read and write
|
||
|
1C3F2000
|
heap
|
page read and write
|
||
|
26F1000
|
trusted library allocation
|
page read and write
|
||
|
1C05D000
|
heap
|
page read and write
|
||
|
1AB53D96000
|
heap
|
page read and write
|
||
|
1C0A3000
|
heap
|
page read and write
|
||
|
15F0000
|
heap
|
page read and write
|
||
|
1AB536E0000
|
trusted library section
|
page readonly
|
||
|
152E000
|
stack
|
page read and write
|
||
|
7FFD9BAE2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
2F89000
|
stack
|
page read and write
|
There are 722 hidden memdumps, click here to show them.