Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
NdYuOgHbM9.exe
|
PE32+ executable (console) x86-64 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_NdYuOgHbM9.exe_cb4f28724ab14918bd9bedf768381bc8ce9e286_913d62bf_baabcbcc-6ae4-49e3-af14-5f7377e55c85\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER943D.tmp.dmp
|
Mini DuMP crash report, 16 streams, Wed May 8 12:04:53 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9670.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER96A0.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5HG1921
|
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie
0x24, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dlbw15ex.j3e.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mdvxieok.f31.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tpkamr5z.y1f.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zyhcxukj.gti.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\NdYuOgHbM9.exe
|
"C:\Users\user\Desktop\NdYuOgHbM9.exe"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\NdYuOgHbM9.exe"
-Force
|
|
|
|
C:\Windows\System32\notepad.exe
|
"C:\Windows\System32\notepad.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe"
|
|
|
|
C:\Program Files (x86)\sXZLxxxVCvpdQOMpmsJLTDHHUKeepOfvgbaNCsuUxLUHfDBqRMOvfXspILySfYOM\tyVvDSdgzXcAfzWUYqtqOHNMkF.exe
|
"C:\Program Files (x86)\sXZLxxxVCvpdQOMpmsJLTDHHUKeepOfvgbaNCsuUxLUHfDBqRMOvfXspILySfYOM\tyVvDSdgzXcAfzWUYqtqOHNMkF.exe"
|
|
|
|
C:\Windows\SysWOW64\sfc.exe
|
"C:\Windows\SysWOW64\sfc.exe"
|
|
|
|
C:\Program Files (x86)\sXZLxxxVCvpdQOMpmsJLTDHHUKeepOfvgbaNCsuUxLUHfDBqRMOvfXspILySfYOM\tyVvDSdgzXcAfzWUYqtqOHNMkF.exe
|
"C:\Program Files (x86)\sXZLxxxVCvpdQOMpmsJLTDHHUKeepOfvgbaNCsuUxLUHfDBqRMOvfXspILySfYOM\tyVvDSdgzXcAfzWUYqtqOHNMkF.exe"
|
|
|
|
C:\Program Files\Mozilla Firefox\firefox.exe
|
"C:\Program Files\Mozilla Firefox\Firefox.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 2060 -s 1572
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://www.bookmyname.com/?wl=es
|
unknown
|
||
|
https://www.bookmyname.com/nom_de_domaine/tarif_nom_de_domaine.html
|
unknown
|
||
|
https://www.bookmyname.com/whois_informations_nom_de_domaine.html?wl=fr
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://mail.365.com/login.html
|
unknown
|
||
|
https://www.bookmyname.com/?wl=en
|
unknown
|
||
|
https://www.marksmile.com/
|
unknown
|
||
|
http://www.rltattoo.com/wu8v/
|
38.63.111.149
|
||
|
http://www.xn--yzyp76d.com/wu8v/?MdtlcTm=1Nt7DtzRhGe3jz/JXOJL2dnBH6uFnvwsc8PmoPLhBuJURU+BFCU8Z1cZNkrKfh5y7OIVqmEx6Y55MHCBN9ekEPrBm2pelHdYOjg1gnpKSYR8wHJ7U/KLji4=&_X=ClAdyH4P7rA8z
|
47.76.62.167
|
||
|
http://www.afilias.info/
|
unknown
|
||
|
http://www.btpbox.com/wu8v/?MdtlcTm=HNLEVoSmZQxFSmctMpTTd4dyTFjeIBcvYbInUpVYO5VLbn2V1MEgIHD38EU48JsuuCIVw/TFvn9kkkg/Sq9Xy2f3I5Wlm16rLCQIpVyEpLVAPUkeiuBH2KE=&_X=ClAdyH4P7rA8z
|
213.36.252.182
|
||
|
http://parked.reg.bookmyname.com/images/lien_2.gif
|
unknown
|
||
|
http://www.bookmyname.com/
|
unknown
|
||
|
https://parked.reg.bookmyname.com/images/es_off.gif
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://www.glissy.ca/wu8v/
|
70.32.23.111
|
||
|
http://www.eurid.eu/
|
unknown
|
||
|
http://www.btpbox.com/wu8v/
|
213.36.252.182
|
||
|
https://parked.reg.bookmyname.com/images/all_off.gif
|
unknown
|
||
|
http://www.icann.org/
|
unknown
|
||
|
http://www.wp-bits.online/wu8v/
|
116.203.164.244
|
||
|
http://parked.reg.bookmyname.com/images/lien_1.gif
|
unknown
|
||
|
https://www.bookmyname.com/whoisctc.cgi?wl=en
|
unknown
|
||
|
http://getgoodscrub.com/wu8v/?MdtlcTm=G9rRy2qYQIDZeyI4LJY6JNX1SXnAoDrMeesi9cL1NNtjWs0X9VQENpz2e8f5yO
|
unknown
|
||
|
http://auetravel.kz/wu8v/?MdtlcTm=o0dJzo0
|
unknown
|
||
|
https://www.bookmyname.com/whois_informations_nom_de_domaine.html?wl=en
|
unknown
|
||
|
http://www.yekobie.com/wu8v/?MdtlcTm=ahy6va04TVDXAoc0SI77WnjdL1KdrpLWXquRcgE4oyJhjsOsnbVcxGfgc5U1b6nV6qG/kRi3KVZWLm+W9jeCK1XNsz8i7l9KE7k2fsNVpgLsbvF63CsRx24=&_X=ClAdyH4P7rA8z
|
185.135.132.99
|
||
|
http://www.glissy.ca/wu8v/?MdtlcTm=2Ekfj6jdIBk36xhcbV2ym43lHRKg6LV7IJvggRD/yKlDT5fLDaqmfwfg0kC4k4WA5tpgDGvB1m7jQvkf/ooPPLzV8n4D4xVHdcGXqhGJgd2fmMm1GJzEmqU=&_X=ClAdyH4P7rA8z
|
70.32.23.111
|
||
|
http://www.neulevel.biz/
|
unknown
|
||
|
http://www.pir.org/
|
unknown
|
||
|
http://www.insertcoen.com/wu8v/
|
62.149.128.40
|
||
|
http://parked.reg.bookmyname.com/images/lien_4.gif
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://www.bookmyname.com/?wl=de
|
unknown
|
||
|
http://www.marksmile.com/asset/lp_qrcode.png
|
unknown
|
||
|
http://www.auetravel.kz/wu8v/?MdtlcTm=o0dJzo0+KyysCnVnWeLPfMg3QtOn0MLLvJyzkFXrx5kDb0wpr6IDXytzlnmsuKpUsYAyYVSTQNkMYoOoJGqE4svaZh/Kq8S3fINkBD+7AXaHwSZaIMNjuTk=&_X=ClAdyH4P7rA8z
|
89.35.125.17
|
||
|
https://www.namecheap.com/domains/registration/results/?domain=luckydomainz.shop
|
unknown
|
||
|
http://www.387mfyr.sbs/wu8v/
|
137.220.252.40
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://parked.reg.bookmyname.com/images/lien_3.gif
|
unknown
|
||
|
https://www.bookmyname.com/
|
unknown
|
||
|
http://www.lm2ue.us/wu8v/
|
91.195.240.123
|
||
|
http://parked.reg.bookmyname.com/images/lien_7.gif
|
unknown
|
||
|
https://parked.reg.bookmyname.com/images/fr_on.gif
|
unknown
|
||
|
http://www.insertcoen.com:80/wu8v/?MdtlcTm=jVsDngfN17jo53xCVVHLBYy1RtgDvNhrjbHy79NIDh3y3n8I8UoARbyDj
|
unknown
|
||
|
http://www.selectif.xyz/wu8v/
|
203.161.46.103
|
||
|
http://www.xn--yzyp76d.com/wu8v/
|
47.76.62.167
|
||
|
https://parked.reg.bookmyname.com/styles/styles-redir.css
|
unknown
|
||
|
http://parked.reg.bookmyname.com/images/lien_6.gif
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://www.auetravel.kz/wu8v/
|
89.35.125.17
|
||
|
https://parked.reg.bookmyname.com/images/fr_banniere_haut.jpg
|
unknown
|
||
|
http://www.fivetownsjcc.com/wu8v/?MdtlcTm=qj5NyNfN5WRMG7LniAROgWXsn6IsT6LjPGDeNkCQJp+HAmWfWpmvawkojhaRs1ogLHUlWi64I+vgy847wrcuJ4qAlI0oKyKfHw/MBjiNhxVy0+aqylgl+KA=&_X=ClAdyH4P7rA8z
|
208.112.85.150
|
||
|
https://parked.reg.bookmyname.com/images/gb_off.gif
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
http://parked.reg.bookmyname.com/images/lien_5.gif
|
unknown
|
||
|
http://www.selectif.xyz/wu8v/?MdtlcTm=ex7yQ3cnGheAaOrzEPkQGznKrbGAUhLo9VsCiDPBWJ5DUtj6oFWZ51Qu3bZCInwfBew3O0jwDr4r/fHP0DTqez+F51VR4AlcQUWQ9cVyxEHzKlzGRO1dndY=&_X=ClAdyH4P7rA8z
|
203.161.46.103
|
||
|
https://www.bookmyname.com
|
unknown
|
||
|
https://www.sedo.com/services/parking.php3
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
http://www.getgoodscrub.com/wu8v/?MdtlcTm=G9rRy2qYQIDZeyI4LJY6JNX1SXnAoDrMeesi9cL1NNtjWs0X9VQENpz2e8f5yOztQaquY8UP2JEf8lkZo3Uj0uY+2wpGE8iKQtZfEVhbpqTk/gf9HUsxLCg=&_X=ClAdyH4P7rA8z
|
35.213.232.35
|
||
|
https://parked.reg.bookmyname.com/images/logo_book.gif
|
unknown
|
||
|
https://www.bookmyname.com/?wl=fr
|
unknown
|
||
|
http://www.luckydomainz.shop/wu8v/
|
91.195.240.19
|
||
|
http://www.marksmile.com/asset/lp_style.css
|
unknown
|
||
|
https://img.sedoparking.com/templates/images/hero_nc.svg
|
unknown
|
||
|
http://www.wp-bits.online/wu8v/?MdtlcTm=h80XCq9V6N6s/txg4v4Fr8zmHDyj0DPil4lDzKoi2YAFaI23LxlO/y0x83EXcngteSl0Ff377sWS2kC2x8x2lEbqmRL/y9GY06LsNZ5NdSPXBqH5i7fNvls=&_X=ClAdyH4P7rA8z
|
116.203.164.244
|
||
|
http://parked.reg.bookmyname.com/images/lien_8.gif
|
unknown
|
||
|
http://www.lm2ue.us
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
https://www.bookmyname.com/whoisctc.cgi?wl=fr
|
unknown
|
||
|
http://www.insertcoen.com/wu8v/?MdtlcTm=jVsDngfN17jo53xCVVHLBYy1RtgDvNhrjbHy79NIDh3y3n8I8UoARbyDj0OI5nlukHb+wqYtKmURqZRRAHON04+Cmz5V6OWL/4It3e8ivry7nxqUmvN5lOs=&_X=ClAdyH4P7rA8z
|
62.149.128.40
|
||
|
http://www.rltattoo.com/wu8v/?MdtlcTm=kM+nKItVIOm9nxv083MKEZreo78kZmjvmDxFimKXw4NllaUxz2FZA/AxFfoR4c/c0+8T1IsyqFRuVBpkxsrpf3yFfXK/MNDg35iPLFQJ6s8K1nL5VHh3xe8=&_X=ClAdyH4P7rA8z
|
38.63.111.149
|
||
|
http://www.getgoodscrub.com/wu8v/
|
35.213.232.35
|
||
|
http://www.yekobie.com/wu8v/
|
185.135.132.99
|
There are 67 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.selectif.xyz
|
203.161.46.103
|
|
|
|
www.yekobie.com
|
unknown
|
|
|
|
www.lebonergy.com
|
unknown
|
|
|
|
www.insertcoen.com
|
unknown
|
|
|
|
www.fivetownsjcc.com
|
unknown
|
|
|
|
www.luckydomainz.shop
|
unknown
|
|
|
|
www.glissy.ca
|
unknown
|
|
|
|
www.rltattoo.com
|
38.63.111.149
|
||
|
yekobie.com
|
185.135.132.99
|
||
|
parkingpage.namecheap.com
|
91.195.240.19
|
||
|
www.auetravel.kz
|
89.35.125.17
|
||
|
glissy.ca
|
70.32.23.111
|
||
|
www.lm2ue.us
|
91.195.240.123
|
||
|
insertcoen.com
|
62.149.128.40
|
||
|
www.getgoodscrub.com
|
35.213.232.35
|
||
|
www.387mfyr.sbs
|
137.220.252.40
|
||
|
www.xn--yzyp76d.com
|
47.76.62.167
|
||
|
www.btpbox.com
|
213.36.252.182
|
||
|
www.wp-bits.online
|
116.203.164.244
|
||
|
fivetownsjcc.com
|
208.112.85.150
|
There are 10 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
203.161.46.103
|
www.selectif.xyz
|
Malaysia
|
|
|
|
62.149.128.40
|
insertcoen.com
|
Italy
|
||
|
208.112.85.150
|
fivetownsjcc.com
|
United States
|
||
|
137.220.252.40
|
www.387mfyr.sbs
|
Singapore
|
||
|
38.63.111.149
|
www.rltattoo.com
|
United States
|
||
|
91.195.240.123
|
www.lm2ue.us
|
Germany
|
||
|
91.195.240.19
|
parkingpage.namecheap.com
|
Germany
|
||
|
70.32.23.111
|
glissy.ca
|
United States
|
||
|
89.35.125.17
|
www.auetravel.kz
|
Romania
|
||
|
116.203.164.244
|
www.wp-bits.online
|
Germany
|
||
|
185.135.132.99
|
yekobie.com
|
France
|
||
|
35.213.232.35
|
www.getgoodscrub.com
|
United States
|
||
|
47.76.62.167
|
www.xn--yzyp76d.com
|
United States
|
||
|
213.36.252.182
|
www.btpbox.com
|
France
|
There are 4 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
|
EnableLUA
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications\Settings\Windows.SystemToast.SecurityAndMaintenance
|
Enabled
|
||
|
\REGISTRY\A\{927f2a0a-456f-b354-e0cb-2130ade78479}\Root\InventoryApplicationFile\ndyuoghbm9.exe|1414c7370ae5f6a2
|
ProgramId
|
||
|
\REGISTRY\A\{927f2a0a-456f-b354-e0cb-2130ade78479}\Root\InventoryApplicationFile\ndyuoghbm9.exe|1414c7370ae5f6a2
|
FileId
|
||
|
\REGISTRY\A\{927f2a0a-456f-b354-e0cb-2130ade78479}\Root\InventoryApplicationFile\ndyuoghbm9.exe|1414c7370ae5f6a2
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{927f2a0a-456f-b354-e0cb-2130ade78479}\Root\InventoryApplicationFile\ndyuoghbm9.exe|1414c7370ae5f6a2
|
LongPathHash
|
||
|
\REGISTRY\A\{927f2a0a-456f-b354-e0cb-2130ade78479}\Root\InventoryApplicationFile\ndyuoghbm9.exe|1414c7370ae5f6a2
|
Name
|
||
|
\REGISTRY\A\{927f2a0a-456f-b354-e0cb-2130ade78479}\Root\InventoryApplicationFile\ndyuoghbm9.exe|1414c7370ae5f6a2
|
OriginalFileName
|
||
|
\REGISTRY\A\{927f2a0a-456f-b354-e0cb-2130ade78479}\Root\InventoryApplicationFile\ndyuoghbm9.exe|1414c7370ae5f6a2
|
Publisher
|
||
|
\REGISTRY\A\{927f2a0a-456f-b354-e0cb-2130ade78479}\Root\InventoryApplicationFile\ndyuoghbm9.exe|1414c7370ae5f6a2
|
Version
|
||
|
\REGISTRY\A\{927f2a0a-456f-b354-e0cb-2130ade78479}\Root\InventoryApplicationFile\ndyuoghbm9.exe|1414c7370ae5f6a2
|
BinFileVersion
|
||
|
\REGISTRY\A\{927f2a0a-456f-b354-e0cb-2130ade78479}\Root\InventoryApplicationFile\ndyuoghbm9.exe|1414c7370ae5f6a2
|
BinaryType
|
||
|
\REGISTRY\A\{927f2a0a-456f-b354-e0cb-2130ade78479}\Root\InventoryApplicationFile\ndyuoghbm9.exe|1414c7370ae5f6a2
|
ProductName
|
||
|
\REGISTRY\A\{927f2a0a-456f-b354-e0cb-2130ade78479}\Root\InventoryApplicationFile\ndyuoghbm9.exe|1414c7370ae5f6a2
|
ProductVersion
|
||
|
\REGISTRY\A\{927f2a0a-456f-b354-e0cb-2130ade78479}\Root\InventoryApplicationFile\ndyuoghbm9.exe|1414c7370ae5f6a2
|
LinkDate
|
||
|
\REGISTRY\A\{927f2a0a-456f-b354-e0cb-2130ade78479}\Root\InventoryApplicationFile\ndyuoghbm9.exe|1414c7370ae5f6a2
|
BinProductVersion
|
||
|
\REGISTRY\A\{927f2a0a-456f-b354-e0cb-2130ade78479}\Root\InventoryApplicationFile\ndyuoghbm9.exe|1414c7370ae5f6a2
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{927f2a0a-456f-b354-e0cb-2130ade78479}\Root\InventoryApplicationFile\ndyuoghbm9.exe|1414c7370ae5f6a2
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{927f2a0a-456f-b354-e0cb-2130ade78479}\Root\InventoryApplicationFile\ndyuoghbm9.exe|1414c7370ae5f6a2
|
Size
|
||
|
\REGISTRY\A\{927f2a0a-456f-b354-e0cb-2130ade78479}\Root\InventoryApplicationFile\ndyuoghbm9.exe|1414c7370ae5f6a2
|
Language
|
||
|
\REGISTRY\A\{927f2a0a-456f-b354-e0cb-2130ade78479}\Root\InventoryApplicationFile\ndyuoghbm9.exe|1414c7370ae5f6a2
|
Usn
|
There are 11 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2F30000
|
trusted library allocation
|
page read and write
|
|
|
|
2A80000
|
system
|
page execute and read and write
|
|
|
|
27B0000
|
unkown
|
page execute and read and write
|
|
|
|
5B50000
|
unclassified section
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
5250000
|
unclassified section
|
page execute and read and write
|
|
|
|
1EF3AD80000
|
trusted library allocation
|
page read and write
|
|
|
|
2F70000
|
trusted library allocation
|
page read and write
|
|
|
|
5760000
|
system
|
page execute and read and write
|
|
|
|
582D000
|
direct allocation
|
page execute and read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
AC0000
|
unkown
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
B27000
|
unkown
|
page readonly
|
||
|
4DF0000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
3050000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
59CD000
|
direct allocation
|
page execute and read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
D0E000
|
heap
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
7FFD9B96E000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1EF38DE6000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
11B0000
|
unkown
|
page readonly
|
||
|
3170000
|
direct allocation
|
page execute and read and write
|
||
|
B11000
|
unkown
|
page execute read
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
D0A000
|
heap
|
page read and write
|
||
|
2CED000
|
heap
|
page read and write
|
||
|
485A000
|
unkown
|
page read and write
|
||
|
B1E000
|
unkown
|
page readonly
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
unkown
|
page readonly
|
||
|
4814000
|
unclassified section
|
page read and write
|
||
|
2AF1A6CA000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
587E000
|
system
|
page execute and read and write
|
||
|
2D94000
|
heap
|
page read and write
|
||
|
2E10000
|
heap
|
page read and write
|
||
|
11D0000
|
unkown
|
page readonly
|
||
|
5829000
|
direct allocation
|
page execute and read and write
|
||
|
580B000
|
system
|
page execute and read and write
|
||
|
1A3D2000
|
system
|
page read and write
|
||
|
7BFC000
|
heap
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
7C1F000
|
heap
|
page read and write
|
||
|
1392000
|
heap
|
page read and write
|
||
|
B1E000
|
unkown
|
page readonly
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
7C02000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
F43000
|
unkown
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
3D16000
|
unclassified section
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
C423DFD000
|
stack
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2D4E000
|
stack
|
page read and write
|
||
|
3714000
|
unkown
|
page read and write
|
||
|
AF4000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2D10000
|
stack
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
44F0000
|
unclassified section
|
page read and write
|
||
|
2AF1C1CE000
|
trusted library allocation
|
page read and write
|
||
|
1378000
|
heap
|
page read and write
|
||
|
41CC000
|
unclassified section
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2A78000
|
stack
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2AF1C101000
|
trusted library allocation
|
page read and write
|
||
|
4B76FFA000
|
stack
|
page read and write
|
||
|
3A38000
|
unkown
|
page read and write
|
||
|
30E9000
|
heap
|
page read and write
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
B1E000
|
unkown
|
page readonly
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
7C3C000
|
heap
|
page read and write
|
||
|
7FF4569D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
343D000
|
direct allocation
|
page execute and read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
7FFD9B973000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
DF0000
|
unkown
|
page readonly
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2CED000
|
heap
|
page read and write
|
||
|
B25000
|
unkown
|
page read and write
|
||
|
2AF1A6DB000
|
heap
|
page read and write
|
||
|
5F0000
|
unkown
|
page readonly
|
||
|
7DB000
|
stack
|
page read and write
|
||
|
6411000
|
unclassified section
|
page execute and read and write
|
||
|
2D50000
|
unkown
|
page read and write
|
||
|
D0E000
|
heap
|
page read and write
|
||
|
AF4000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
3071000
|
unkown
|
page execute and read and write
|
||
|
1EF38E8C000
|
heap
|
page read and write
|
||
|
1EF38ED9000
|
heap
|
page read and write
|
||
|
1EF38D00000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1EF38E22000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
269F000
|
stack
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2D66000
|
heap
|
page read and write
|
||
|
52C4000
|
heap
|
page read and write
|
||
|
2D54000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2CE2000
|
heap
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
2DC3000
|
heap
|
page read and write
|
||
|
A31000
|
unkown
|
page readonly
|
||
|
4DD0000
|
heap
|
page read and write
|
||
|
1EF53188000
|
heap
|
page read and write
|
||
|
7C52000
|
heap
|
page read and write
|
||
|
117C000
|
stack
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1EF3AA30000
|
trusted library allocation
|
page read and write
|
||
|
2CD8000
|
heap
|
page read and write
|
||
|
3112000
|
unkown
|
page read and write
|
||
|
B11000
|
unkown
|
page execute read
|
||
|
9E0000
|
unkown
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2DA8000
|
heap
|
page read and write
|
||
|
1000000
|
unkown
|
page readonly
|
||
|
7C24000
|
heap
|
page read and write
|
||
|
26C0000
|
unkown
|
page readonly
|
||
|
1190000
|
unkown
|
page readonly
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
7C14000
|
heap
|
page read and write
|
||
|
B10000
|
unkown
|
page readonly
|
||
|
1900000
|
unkown
|
page readonly
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
3B84000
|
unclassified section
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2CED000
|
heap
|
page read and write
|
||
|
1EF38E4B000
|
heap
|
page read and write
|
||
|
1EF38DEC000
|
heap
|
page read and write
|
||
|
7C5C000
|
heap
|
page read and write
|
||
|
11D0000
|
unkown
|
page readonly
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
A40000
|
unkown
|
page read and write
|
||
|
4FEE000
|
unclassified section
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
1330000
|
unkown
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
2AD0000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
49A6000
|
unclassified section
|
page read and write
|
||
|
1EF52990000
|
trusted library allocation
|
page read and write
|
||
|
2AF1A6C0000
|
heap
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
1EF3A950000
|
heap
|
page execute and read and write
|
||
|
2AF1C021000
|
trusted library allocation
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
50FA000
|
stack
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2D60000
|
unkown
|
page read and write
|
||
|
7C33000
|
heap
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2AF1A6EE000
|
heap
|
page read and write
|
||
|
34C2000
|
unclassified section
|
page read and write
|
||
|
A40000
|
unkown
|
page read and write
|
||
|
2AF1A550000
|
heap
|
page read and write
|
||
|
2D7A000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1EF38E4D000
|
heap
|
page read and write
|
||
|
B27000
|
unkown
|
page readonly
|
||
|
1EF38FB0000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
unkown
|
page readonly
|
||
|
7C07000
|
heap
|
page read and write
|
||
|
2F60000
|
unkown
|
page readonly
|
||
|
7E50000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
55DE000
|
stack
|
page read and write
|
||
|
7FFD9B7A4000
|
trusted library allocation
|
page read and write
|
||
|
1EF38F45000
|
heap
|
page read and write
|
||
|
1EF38E20000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
836F000
|
stack
|
page read and write
|
||
|
589E000
|
direct allocation
|
page execute and read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1EF38FA0000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2D66000
|
heap
|
page read and write
|
||
|
B11000
|
unkown
|
page execute read
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
AA0000
|
unkown
|
page readonly
|
||
|
9E0000
|
unkown
|
page read and write
|
||
|
26B0000
|
heap
|
page read and write
|
||
|
2AF1BEA0000
|
trusted library allocation
|
page read and write
|
||
|
641E000
|
stack
|
page read and write
|
||
|
5700000
|
direct allocation
|
page execute and read and write
|
||
|
379C000
|
unclassified section
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
1350000
|
unkown
|
page readonly
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D17000
|
heap
|
page read and write
|
||
|
4B769FE000
|
stack
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
2CB0000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
C4235FB000
|
stack
|
page read and write
|
||
|
1EF39015000
|
heap
|
page read and write
|
||
|
316C000
|
unkown
|
page read and write
|
||
|
4B766FE000
|
stack
|
page read and write
|
||
|
1000000
|
unkown
|
page readonly
|
||
|
1EF38E0B000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E24000
|
heap
|
page read and write
|
||
|
107A000
|
stack
|
page read and write
|
||
|
2DCC000
|
unkown
|
page read and write
|
||
|
7C4D000
|
heap
|
page read and write
|
||
|
1EF38C42000
|
unkown
|
page readonly
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
unkown
|
page readonly
|
||
|
2CED000
|
heap
|
page read and write
|
||
|
315E000
|
heap
|
page read and write
|
||
|
6160000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
647E000
|
unclassified section
|
page execute and read and write
|
||
|
2D34000
|
heap
|
page read and write
|
||
|
3441000
|
direct allocation
|
page execute and read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2AF1A6F1000
|
heap
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page read and write
|
||
|
403A000
|
unclassified section
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2AF1BF00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page execute and read and write
|
||
|
510000
|
unkown
|
page readonly
|
||
|
C3F000
|
stack
|
page read and write
|
||
|
B10000
|
unkown
|
page readonly
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
7FFD9B782000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
4212000
|
unkown
|
page read and write
|
||
|
1EF3A9C6000
|
trusted library allocation
|
page read and write
|
||
|
1EF4A971000
|
trusted library allocation
|
page read and write
|
||
|
5B4F000
|
stack
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
B10000
|
unkown
|
page readonly
|
||
|
1A6AC000
|
system
|
page read and write
|
||
|
2CE2000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2B5F000
|
stack
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
A9E000
|
stack
|
page read and write
|
||
|
4B76EFD000
|
stack
|
page read and write
|
||
|
1EF38F80000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1EF3A9B8000
|
trusted library allocation
|
page read and write
|
||
|
156F000
|
stack
|
page read and write
|
||
|
2D9B000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1EF38F00000
|
heap
|
page read and write
|
||
|
581B000
|
system
|
page execute and read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
4B775FC000
|
stack
|
page read and write
|
||
|
2AF1A4B8000
|
system
|
page execute and read and write
|
||
|
2CED000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1EF38EE0000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
4B7E000
|
unkown
|
page read and write
|
||
|
53A0000
|
heap
|
page read and write
|
||
|
11C0000
|
unkown
|
page readonly
|
||
|
1EF3A961000
|
trusted library allocation
|
page read and write
|
||
|
500000
|
unkown
|
page readonly
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
3EA8000
|
unclassified section
|
page read and write
|
||
|
330E000
|
direct allocation
|
page execute and read and write
|
||
|
2AF1A4B5000
|
system
|
page execute and read and write
|
||
|
2D6D000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1206000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
11F0000
|
unkown
|
page read and write
|
||
|
2AF1C010000
|
trusted library allocation
|
page read and write
|
||
|
1EF38C7A000
|
unkown
|
page readonly
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1570000
|
unkown
|
page readonly
|
||
|
E00000
|
unkown
|
page readonly
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
7C1A000
|
heap
|
page read and write
|
||
|
1010000
|
unkown
|
page readonly
|
||
|
5D0000
|
unkown
|
page readonly
|
||
|
3EEE000
|
unkown
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1EF53250000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
117C000
|
stack
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
1EF38FB3000
|
trusted library allocation
|
page read and write
|
||
|
1EF3AA69000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
4B768FE000
|
stack
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1AA94000
|
system
|
page read and write
|
||
|
7C43000
|
heap
|
page read and write
|
||
|
598C000
|
unkown
|
page read and write
|
||
|
1190000
|
unkown
|
page readonly
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
43A4000
|
unkown
|
page read and write
|
||
|
4536000
|
unkown
|
page read and write
|
||
|
520E000
|
stack
|
page read and write
|
||
|
520000
|
unkown
|
page readonly
|
||
|
38A6000
|
unkown
|
page read and write
|
||
|
131E000
|
stack
|
page read and write
|
||
|
30DE000
|
unkown
|
page execute and read and write
|
||
|
2AF1A680000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1EF53020000
|
trusted library section
|
page read and write
|
||
|
7C48000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2AF1A440000
|
system
|
page execute and read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
3052000
|
unkown
|
page read and write
|
||
|
5A48000
|
direct allocation
|
page execute and read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
520000
|
unkown
|
page readonly
|
||
|
2F60000
|
unkown
|
page readonly
|
||
|
B25000
|
unkown
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
4B770FD000
|
stack
|
page read and write
|
||
|
2D70000
|
unkown
|
page read and write
|
||
|
2AF1C100000
|
trusted library allocation
|
page read and write
|
||
|
35DC000
|
unclassified section
|
page read and write
|
||
|
832E000
|
stack
|
page read and write
|
||
|
559F000
|
stack
|
page read and write
|
||
|
1A492000
|
system
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2CE4000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
5670000
|
heap
|
page read and write
|
||
|
1EF53158000
|
heap
|
page read and write
|
||
|
2D50000
|
unkown
|
page read and write
|
||
|
2AF1C003000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
131E000
|
stack
|
page read and write
|
||
|
1EF530E0000
|
heap
|
page execute and read and write
|
||
|
5F0000
|
unkown
|
page readonly
|
||
|
30F0000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2AF1C1BE000
|
trusted library allocation
|
page read and write
|
||
|
8FC000
|
stack
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EF4A961000
|
trusted library allocation
|
page read and write
|
||
|
4B76BFE000
|
stack
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1378000
|
heap
|
page read and write
|
||
|
2D59000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
7FFD9B949000
|
trusted library allocation
|
page read and write
|
||
|
2F10000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2D91000
|
heap
|
page read and write
|
||
|
13A5000
|
heap
|
page read and write
|
||
|
8FC000
|
stack
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
4B76CFE000
|
stack
|
page read and write
|
||
|
34B2000
|
direct allocation
|
page execute and read and write
|
||
|
500000
|
unkown
|
page readonly
|
||
|
2CE4000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
46C8000
|
unkown
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2AF1C1C4000
|
trusted library allocation
|
page read and write
|
||
|
B10000
|
unkown
|
page readonly
|
||
|
5210000
|
direct allocation
|
page read and write
|
||
|
2D87000
|
heap
|
page read and write
|
||
|
4B38000
|
unclassified section
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B767FE000
|
stack
|
page read and write
|
||
|
2AF1A6EA000
|
heap
|
page read and write
|
||
|
2AF1A640000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2AF1A690000
|
heap
|
page read and write
|
||
|
AC0000
|
unkown
|
page read and write
|
||
|
4D5C000
|
stack
|
page read and write
|
||
|
1321000
|
unkown
|
page readonly
|
||
|
1330000
|
unkown
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
5800000
|
system
|
page execute and read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
58A000
|
stack
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
1EF38C40000
|
unkown
|
page readonly
|
||
|
D0A000
|
heap
|
page read and write
|
||
|
1EF38DE0000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2AF1A6CE000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
B25000
|
unkown
|
page read and write
|
||
|
316E000
|
stack
|
page read and write
|
||
|
4682000
|
unclassified section
|
page read and write
|
||
|
3299000
|
direct allocation
|
page execute and read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B923000
|
trusted library allocation
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
4B76AFC000
|
stack
|
page read and write
|
||
|
1EF39010000
|
heap
|
page read and write
|
||
|
59B1000
|
direct allocation
|
page execute and read and write
|
||
|
107A000
|
stack
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2D68000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
7FFD9B7AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
52A7000
|
heap
|
page read and write
|
||
|
1350000
|
unkown
|
page readonly
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
5827000
|
system
|
page execute and read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2D7A000
|
heap
|
page read and write
|
||
|
1010000
|
unkown
|
page readonly
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
329D000
|
direct allocation
|
page execute and read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
B25000
|
unkown
|
page read and write
|
||
|
2D9F000
|
heap
|
page read and write
|
||
|
30F0000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
4080000
|
unkown
|
page read and write
|
||
|
26C0000
|
unkown
|
page readonly
|
||
|
7FFD9B793000
|
trusted library allocation
|
page read and write
|
||
|
2D68000
|
heap
|
page read and write
|
||
|
1900000
|
unkown
|
page readonly
|
||
|
2AF1C1B0000
|
trusted library allocation
|
page read and write
|
||
|
2AF1C015000
|
trusted library allocation
|
page read and write
|
||
|
2D96000
|
heap
|
page read and write
|
||
|
B11000
|
unkown
|
page execute read
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
7C0C000
|
heap
|
page read and write
|
||
|
5D0000
|
unkown
|
page readonly
|
||
|
4DC0000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
B27000
|
unkown
|
page readonly
|
||
|
52A0000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
A2E000
|
stack
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2CED000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
156F000
|
stack
|
page read and write
|
||
|
4B76DFF000
|
stack
|
page read and write
|
||
|
3582000
|
unclassified section
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
4B774FE000
|
stack
|
page read and write
|
||
|
2D85000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
582A000
|
system
|
page execute and read and write
|
||
|
26B0000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2B84000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
||
|
332C000
|
unkown
|
page read and write
|
||
|
4B76323000
|
stack
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2B1E000
|
stack
|
page read and write
|
||
|
3052000
|
unkown
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2D63000
|
heap
|
page read and write
|
||
|
1EF38FF0000
|
heap
|
page read and write
|
||
|
3BCA000
|
unkown
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
AA0000
|
unkown
|
page readonly
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EF38F40000
|
heap
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
332C000
|
unkown
|
page read and write
|
||
|
1EF530F0000
|
heap
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
4B773FE000
|
stack
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
59C6000
|
direct allocation
|
page execute and read and write
|
||
|
7FFD9B97C000
|
trusted library allocation
|
page read and write
|
||
|
58A000
|
stack
|
page read and write
|
||
|
2AF1BEA0000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
C4245FE000
|
stack
|
page read and write
|
||
|
2F34000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
1EF4A967000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
30ED000
|
heap
|
page read and write
|
||
|
7CF0000
|
trusted library allocation
|
page read and write
|
||
|
2AF1C00E000
|
trusted library allocation
|
page read and write
|
||
|
E00000
|
unkown
|
page readonly
|
||
|
435E000
|
unclassified section
|
page read and write
|
||
|
11B0000
|
unkown
|
page readonly
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B944000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
DF0000
|
unkown
|
page readonly
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
B27000
|
unkown
|
page readonly
|
||
|
510000
|
unkown
|
page readonly
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E24000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2D6D000
|
heap
|
page read and write
|
||
|
2CF3000
|
heap
|
page read and write
|
||
|
2D49000
|
heap
|
page read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
4CCA000
|
unclassified section
|
page read and write
|
||
|
A31000
|
unkown
|
page readonly
|
||
|
2CF3000
|
heap
|
page read and write
|
||
|
B1E000
|
unkown
|
page readonly
|
||
|
3D5C000
|
unkown
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
7D00000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
2AF1C000000
|
trusted library allocation
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
7BF9000
|
heap
|
page read and write
|
||
|
30F0000
|
trusted library allocation
|
page read and write
|
||
|
C424DFE000
|
stack
|
page read and write
|
||
|
2AF1C017000
|
trusted library allocation
|
page read and write
|
||
|
11F0000
|
unkown
|
page read and write
|
||
|
2F5F000
|
stack
|
page read and write
|
||
|
1EF38F20000
|
heap
|
page read and write
|
||
|
1321000
|
unkown
|
page readonly
|
||
|
2D63000
|
heap
|
page read and write
|
||
|
2CE9000
|
heap
|
page read and write
|
||
|
2E11000
|
heap
|
page read and write
|
||
|
7FFD9B83C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EF3A7CC000
|
heap
|
page read and write
|
||
|
11C0000
|
unkown
|
page readonly
|
There are 619 hidden memdumps, click here to show them.