Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Purchase order(600010310,10303).exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Purchase order(600010310,10303).exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmp2BEC.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\AmEFEED.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\AmEFEED.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\AmEFEED.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0pnzzbj1.lnw.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_40wmu0yr.oa0.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_a44p2bpk.oep.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dd1rg5se.24m.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_erv1kgds.r2v.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_iopetovc.1k2.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jvv2z4rx.fpg.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jy5jpsj4.l2o.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp3AB1.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Purchase order(600010310,10303).exe
|
"C:\Users\user\Desktop\Purchase order(600010310,10303).exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\Purchase
order(600010310,10303).exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\AmEFEED.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\AmEFEED" /XML "C:\Users\user\AppData\Local\Temp\tmp2BEC.tmp"
|
|
|
|
C:\Users\user\Desktop\Purchase order(600010310,10303).exe
|
"C:\Users\user\Desktop\Purchase order(600010310,10303).exe"
|
|
|
|
C:\Users\user\Desktop\Purchase order(600010310,10303).exe
|
"C:\Users\user\Desktop\Purchase order(600010310,10303).exe"
|
|
|
|
C:\Users\user\AppData\Roaming\AmEFEED.exe
|
C:\Users\user\AppData\Roaming\AmEFEED.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\AmEFEED" /XML "C:\Users\user\AppData\Local\Temp\tmp3AB1.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\AmEFEED.exe
|
"C:\Users\user\AppData\Roaming\AmEFEED.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/sct
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk
|
unknown
|
||
|
http://tempuri.org/Entity/Id14ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id23ResponseD
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary
|
unknown
|
||
|
http://tempuri.org/Entity/Id12Response
|
unknown
|
||
|
http://tempuri.org/
|
unknown
|
||
|
http://tempuri.org/Entity/Id2Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id15V
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
|
unknown
|
||
|
http://tempuri.org/Entity/Id21Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap
|
unknown
|
||
|
http://tempuri.org/Entity/Id9
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID
|
unknown
|
||
|
http://tempuri.org/Entity/Id8
|
unknown
|
||
|
http://tempuri.org/Entity/Id6ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id5
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepare
|
unknown
|
||
|
http://tempuri.org/Entity/Id4
|
unknown
|
||
|
http://tempuri.org/Entity/Id7
|
unknown
|
||
|
http://tempuri.org/Entity/Id6
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret
|
unknown
|
||
|
http://tempuri.org/Entity/Id19Response
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-rel-token-profile-1.0.pdf#license
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
|
unknown
|
||
|
http://tempuri.org/Entity/Id13ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/fault
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id15Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id5ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register
|
unknown
|
||
|
http://tempuri.org/Entity/Id6Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/sc
|
unknown
|
||
|
http://tempuri.org/Entity/Id1ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Volatile2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id9Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id20
|
unknown
|
||
|
http://tempuri.org/Entity/Id21
|
unknown
|
||
|
http://tempuri.org/Entity/Id22
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id23
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1
|
unknown
|
||
|
http://tempuri.org/Entity/Id24
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/Issue
|
unknown
|
||
|
http://tempuri.org/Entity/Id24Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id1Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/ReadOnly
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Replay
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Durable2PC
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/SymmetricKey
|
unknown
|
||
|
http://tempuri.org/Entity/Id21ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wsat/Completion
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust
|
unknown
|
||
|
http://tempuri.org/Entity/Id10
|
unknown
|
||
|
http://tempuri.org/Entity/Id11
|
unknown
|
||
|
http://tempuri.org/Entity/Id10ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id12
|
unknown
|
||
|
http://tempuri.org/Entity/Id16Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel
|
unknown
|
||
|
http://tempuri.org/Entity/Id13
|
unknown
|
||
|
http://tempuri.org/Entity/Id14
|
unknown
|
||
|
http://tempuri.org/Entity/Id15
|
unknown
|
||
|
http://tempuri.org/Entity/Id16
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce
|
unknown
|
||
|
http://tempuri.org/Entity/Id17
|
unknown
|
||
|
http://tempuri.org/Entity/Id18
|
unknown
|
||
|
http://tempuri.org/Entity/Id5Response
|
unknown
|
||
|
http://tempuri.org/Entity/Id19
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns
|
unknown
|
||
|
http://tempuri.org/Entity/Id15ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id10Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Renew
|
unknown
|
||
|
http://tempuri.org/Entity/Id11ResponseD
|
unknown
|
||
|
http://tempuri.org/Entity/Id8Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2006/02/addressingidentity
|
unknown
|
||
|
http://tempuri.org/Entity/Id17ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
http://tempuri.org/Entity/Id8ResponseD
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/PublicKey
|
unknown
|
||
|
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust
|
unknown
|
There are 90 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
204.10.160.198
|
unknown
|
Canada
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
42DC000
|
trusted library allocation
|
page read and write
|
|
|
|
28A6000
|
trusted library allocation
|
page read and write
|
|
|
|
4299000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
4327000
|
trusted library allocation
|
page read and write
|
|
|
|
3276000
|
trusted library allocation
|
page read and write
|
|
|
|
5DCE000
|
heap
|
page read and write
|
||
|
5D70000
|
trusted library allocation
|
page read and write
|
||
|
42C2000
|
trusted library allocation
|
page read and write
|
||
|
744C000
|
heap
|
page read and write
|
||
|
671C000
|
heap
|
page read and write
|
||
|
35FF000
|
trusted library allocation
|
page read and write
|
||
|
539C000
|
stack
|
page read and write
|
||
|
3090000
|
trusted library allocation
|
page read and write
|
||
|
6742000
|
heap
|
page read and write
|
||
|
33E9000
|
trusted library allocation
|
page read and write
|
||
|
1522000
|
trusted library allocation
|
page read and write
|
||
|
31E1000
|
trusted library allocation
|
page read and write
|
||
|
4802000
|
trusted library allocation
|
page read and write
|
||
|
350C000
|
trusted library allocation
|
page read and write
|
||
|
2670000
|
trusted library allocation
|
page execute and read and write
|
||
|
474A000
|
trusted library allocation
|
page read and write
|
||
|
6782000
|
heap
|
page read and write
|
||
|
A97000
|
heap
|
page read and write
|
||
|
155F000
|
heap
|
page read and write
|
||
|
FF7000
|
stack
|
page read and write
|
||
|
FCA000
|
stack
|
page read and write
|
||
|
41EF000
|
trusted library allocation
|
page read and write
|
||
|
793D000
|
stack
|
page read and write
|
||
|
70DE000
|
stack
|
page read and write
|
||
|
31BE000
|
stack
|
page read and write
|
||
|
4818000
|
trusted library allocation
|
page read and write
|
||
|
16C6000
|
trusted library allocation
|
page read and write
|
||
|
30F0000
|
heap
|
page execute and read and write
|
||
|
128E000
|
stack
|
page read and write
|
||
|
1532000
|
trusted library allocation
|
page read and write
|
||
|
5B10000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
2D6A000
|
heap
|
page read and write
|
||
|
DC0000
|
trusted library allocation
|
page read and write
|
||
|
2AA5000
|
trusted library allocation
|
page read and write
|
||
|
6D5F000
|
heap
|
page read and write
|
||
|
26F4000
|
trusted library allocation
|
page read and write
|
||
|
1440000
|
trusted library allocation
|
page read and write
|
||
|
63F0000
|
trusted library allocation
|
page read and write
|
||
|
E02000
|
trusted library allocation
|
page read and write
|
||
|
4638000
|
trusted library allocation
|
page read and write
|
||
|
14E0000
|
trusted library allocation
|
page read and write
|
||
|
438C000
|
trusted library allocation
|
page read and write
|
||
|
7740000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AD4000
|
trusted library allocation
|
page read and write
|
||
|
182E000
|
stack
|
page read and write
|
||
|
368C000
|
trusted library allocation
|
page read and write
|
||
|
4226000
|
trusted library allocation
|
page read and write
|
||
|
5740000
|
trusted library allocation
|
page read and write
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
5A9A000
|
trusted library allocation
|
page read and write
|
||
|
5BF0000
|
heap
|
page read and write
|
||
|
63E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
29C6000
|
trusted library allocation
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
5D05000
|
trusted library allocation
|
page read and write
|
||
|
37CA000
|
trusted library allocation
|
page read and write
|
||
|
42AE000
|
trusted library allocation
|
page read and write
|
||
|
469E000
|
trusted library allocation
|
page read and write
|
||
|
6952000
|
trusted library allocation
|
page read and write
|
||
|
37B5000
|
trusted library allocation
|
page read and write
|
||
|
4228000
|
trusted library allocation
|
page read and write
|
||
|
297F000
|
stack
|
page read and write
|
||
|
440F000
|
trusted library allocation
|
page read and write
|
||
|
A3CE000
|
stack
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
26E0000
|
trusted library allocation
|
page read and write
|
||
|
5701000
|
trusted library allocation
|
page read and write
|
||
|
2AB8000
|
trusted library allocation
|
page read and write
|
||
|
1478000
|
heap
|
page read and write
|
||
|
4483000
|
trusted library allocation
|
page read and write
|
||
|
A50E000
|
stack
|
page read and write
|
||
|
47ED000
|
trusted library allocation
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
68DA000
|
trusted library allocation
|
page read and write
|
||
|
958E000
|
stack
|
page read and write
|
||
|
5A7E000
|
stack
|
page read and write
|
||
|
4E70000
|
trusted library allocation
|
page read and write
|
||
|
472E000
|
trusted library allocation
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
767D000
|
stack
|
page read and write
|
||
|
461C000
|
trusted library allocation
|
page read and write
|
||
|
7FD9000
|
heap
|
page read and write
|
||
|
68EF000
|
trusted library allocation
|
page read and write
|
||
|
4E0E000
|
trusted library allocation
|
page read and write
|
||
|
4740000
|
trusted library allocation
|
page read and write
|
||
|
5B40000
|
trusted library allocation
|
page read and write
|
||
|
5830000
|
trusted library allocation
|
page execute and read and write
|
||
|
778E000
|
stack
|
page read and write
|
||
|
3065000
|
trusted library allocation
|
page read and write
|
||
|
5BB5000
|
heap
|
page read and write
|
||
|
30E0000
|
trusted library allocation
|
page read and write
|
||
|
5CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
469A000
|
trusted library allocation
|
page read and write
|
||
|
12CE000
|
stack
|
page read and write
|
||
|
161F000
|
heap
|
page read and write
|
||
|
43BA000
|
trusted library allocation
|
page read and write
|
||
|
56FA000
|
trusted library allocation
|
page read and write
|
||
|
6EDF1000
|
unkown
|
page execute read
|
||
|
56D0000
|
trusted library allocation
|
page read and write
|
||
|
2CB0000
|
trusted library allocation
|
page read and write
|
||
|
2CC7000
|
trusted library allocation
|
page read and write
|
||
|
8E9E000
|
stack
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
5A91000
|
trusted library allocation
|
page read and write
|
||
|
52CE000
|
stack
|
page read and write
|
||
|
35CF000
|
trusted library allocation
|
page read and write
|
||
|
1446000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E40000
|
trusted library allocation
|
page read and write
|
||
|
29CC000
|
trusted library allocation
|
page read and write
|
||
|
5760000
|
trusted library allocation
|
page read and write
|
||
|
68C2000
|
trusted library allocation
|
page read and write
|
||
|
7AA0000
|
trusted library allocation
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
50D0000
|
heap
|
page execute and read and write
|
||
|
428E000
|
trusted library allocation
|
page read and write
|
||
|
468D000
|
trusted library allocation
|
page read and write
|
||
|
701E000
|
stack
|
page read and write
|
||
|
76BE000
|
stack
|
page read and write
|
||
|
593E000
|
stack
|
page read and write
|
||
|
1500000
|
trusted library allocation
|
page read and write
|
||
|
46AA000
|
trusted library allocation
|
page read and write
|
||
|
5DE3000
|
heap
|
page read and write
|
||
|
152A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4661000
|
trusted library allocation
|
page read and write
|
||
|
4E45000
|
trusted library allocation
|
page read and write
|
||
|
369E000
|
trusted library allocation
|
page read and write
|
||
|
7A5E000
|
stack
|
page read and write
|
||
|
6ADE000
|
stack
|
page read and write
|
||
|
47A7000
|
trusted library allocation
|
page read and write
|
||
|
6380000
|
trusted library allocation
|
page read and write
|
||
|
69CE000
|
stack
|
page read and write
|
||
|
7491000
|
heap
|
page read and write
|
||
|
3331000
|
trusted library allocation
|
page read and write
|
||
|
18E0000
|
heap
|
page execute and read and write
|
||
|
290E000
|
trusted library allocation
|
page read and write
|
||
|
7AC0000
|
heap
|
page read and write
|
||
|
18D0000
|
trusted library allocation
|
page read and write
|
||
|
2B26000
|
trusted library allocation
|
page read and write
|
||
|
75DE000
|
heap
|
page read and write
|
||
|
5DA9000
|
heap
|
page read and write
|
||
|
2E9A000
|
heap
|
page read and write
|
||
|
73E8000
|
heap
|
page read and write
|
||
|
16D0000
|
trusted library allocation
|
page read and write
|
||
|
46DE000
|
trusted library allocation
|
page read and write
|
||
|
5735000
|
trusted library allocation
|
page read and write
|
||
|
161C000
|
stack
|
page read and write
|
||
|
2AC9000
|
trusted library allocation
|
page read and write
|
||
|
3B37000
|
trusted library allocation
|
page read and write
|
||
|
1443000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DF4000
|
trusted library allocation
|
page read and write
|
||
|
185B000
|
trusted library allocation
|
page read and write
|
||
|
71D0000
|
heap
|
page read and write
|
||
|
5660000
|
trusted library allocation
|
page read and write
|
||
|
37A2000
|
trusted library allocation
|
page read and write
|
||
|
1572000
|
trusted library allocation
|
page read and write
|
||
|
5C40000
|
heap
|
page read and write
|
||
|
97CF000
|
stack
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
689D000
|
stack
|
page read and write
|
||
|
43E1000
|
trusted library allocation
|
page read and write
|
||
|
5CF0000
|
trusted library allocation
|
page read and write
|
||
|
3701000
|
trusted library allocation
|
page read and write
|
||
|
372F000
|
trusted library allocation
|
page read and write
|
||
|
6773000
|
heap
|
page read and write
|
||
|
4323000
|
trusted library allocation
|
page read and write
|
||
|
5950000
|
trusted library allocation
|
page read and write
|
||
|
5CD1000
|
trusted library allocation
|
page read and write
|
||
|
A14E000
|
stack
|
page read and write
|
||
|
75C5000
|
trusted library allocation
|
page read and write
|
||
|
352D000
|
trusted library allocation
|
page read and write
|
||
|
58F0000
|
heap
|
page execute and read and write
|
||
|
460F000
|
trusted library allocation
|
page read and write
|
||
|
7CBE000
|
stack
|
page read and write
|
||
|
32F0000
|
trusted library allocation
|
page read and write
|
||
|
5873000
|
heap
|
page read and write
|
||
|
3A62000
|
trusted library allocation
|
page read and write
|
||
|
1450000
|
trusted library allocation
|
page read and write
|
||
|
71C0000
|
trusted library allocation
|
page read and write
|
||
|
75DA000
|
trusted library allocation
|
page read and write
|
||
|
1465000
|
heap
|
page read and write
|
||
|
295D000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
trusted library allocation
|
page read and write
|
||
|
73F7000
|
heap
|
page read and write
|
||
|
43CA000
|
trusted library allocation
|
page read and write
|
||
|
1462000
|
trusted library allocation
|
page read and write
|
||
|
1663000
|
heap
|
page read and write
|
||
|
6580000
|
trusted library allocation
|
page read and write
|
||
|
5D20000
|
trusted library allocation
|
page read and write
|
||
|
36DF000
|
trusted library allocation
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
71A000
|
stack
|
page read and write
|
||
|
994B000
|
stack
|
page read and write
|
||
|
66F7000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
75F0000
|
trusted library allocation
|
page read and write
|
||
|
5A10000
|
trusted library section
|
page read and write
|
||
|
348E000
|
trusted library allocation
|
page read and write
|
||
|
3483000
|
trusted library allocation
|
page read and write
|
||
|
68EA000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
trusted library allocation
|
page read and write
|
||
|
7C7000
|
stack
|
page read and write
|
||
|
6EE0F000
|
unkown
|
page readonly
|
||
|
5D50000
|
heap
|
page read and write
|
||
|
4694000
|
trusted library allocation
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
5B30000
|
trusted library allocation
|
page read and write
|
||
|
1AA0000
|
heap
|
page read and write
|
||
|
5C35000
|
heap
|
page read and write
|
||
|
4EEA000
|
trusted library allocation
|
page read and write
|
||
|
14F0000
|
heap
|
page read and write
|
||
|
96CE000
|
stack
|
page read and write
|
||
|
1590000
|
trusted library allocation
|
page read and write
|
||
|
8FF000
|
unkown
|
page read and write
|
||
|
50C1000
|
trusted library allocation
|
page read and write
|
||
|
34DB000
|
trusted library allocation
|
page read and write
|
||
|
6709000
|
heap
|
page read and write
|
||
|
42B5000
|
trusted library allocation
|
page read and write
|
||
|
5D3C000
|
heap
|
page read and write
|
||
|
6410000
|
trusted library allocation
|
page execute and read and write
|
||
|
7760000
|
trusted library allocation
|
page read and write
|
||
|
6043000
|
trusted library allocation
|
page read and write
|
||
|
14B2000
|
heap
|
page read and write
|
||
|
6400000
|
trusted library allocation
|
page read and write
|
||
|
1936000
|
heap
|
page read and write
|
||
|
6CE0000
|
heap
|
page read and write
|
||
|
EDA000
|
stack
|
page read and write
|
||
|
166E000
|
stack
|
page read and write
|
||
|
147B000
|
heap
|
page read and write
|
||
|
470D000
|
trusted library allocation
|
page read and write
|
||
|
2CA6000
|
trusted library allocation
|
page read and write
|
||
|
16A1000
|
heap
|
page read and write
|
||
|
3505000
|
trusted library allocation
|
page read and write
|
||
|
6D43000
|
heap
|
page read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
37CF000
|
trusted library allocation
|
page read and write
|
||
|
145D000
|
trusted library allocation
|
page execute and read and write
|
||
|
68DF000
|
trusted library allocation
|
page read and write
|
||
|
8ADF000
|
stack
|
page read and write
|
||
|
164D000
|
heap
|
page read and write
|
||
|
12BD000
|
stack
|
page read and write
|
||
|
5AAB000
|
trusted library allocation
|
page read and write
|
||
|
6D8A000
|
heap
|
page read and write
|
||
|
6D33000
|
heap
|
page read and write
|
||
|
42D4000
|
trusted library allocation
|
page read and write
|
||
|
6DA6000
|
heap
|
page read and write
|
||
|
47CA000
|
trusted library allocation
|
page read and write
|
||
|
46CB000
|
trusted library allocation
|
page read and write
|
||
|
16D0000
|
heap
|
page read and write
|
||
|
1563000
|
heap
|
page read and write
|
||
|
6749000
|
heap
|
page read and write
|
||
|
1580000
|
heap
|
page execute and read and write
|
||
|
5FE0000
|
trusted library allocation
|
page read and write
|
||
|
4628000
|
trusted library allocation
|
page read and write
|
||
|
466E000
|
trusted library allocation
|
page read and write
|
||
|
2A8B000
|
trusted library allocation
|
page read and write
|
||
|
57C0000
|
trusted library allocation
|
page read and write
|
||
|
43E4000
|
trusted library allocation
|
page read and write
|
||
|
157B000
|
trusted library allocation
|
page execute and read and write
|
||
|
73CA000
|
heap
|
page read and write
|
||
|
67AC000
|
heap
|
page read and write
|
||
|
75C2000
|
trusted library allocation
|
page read and write
|
||
|
5A60000
|
trusted library allocation
|
page read and write
|
||
|
47AE000
|
trusted library allocation
|
page read and write
|
||
|
42CE000
|
trusted library allocation
|
page read and write
|
||
|
6AF0000
|
trusted library allocation
|
page read and write
|
||
|
2AAD000
|
trusted library allocation
|
page read and write
|
||
|
A64C000
|
stack
|
page read and write
|
||
|
18B7000
|
heap
|
page read and write
|
||
|
1830000
|
trusted library allocation
|
page execute and read and write
|
||
|
4402000
|
trusted library allocation
|
page read and write
|
||
|
5D90000
|
trusted library allocation
|
page read and write
|
||
|
443A000
|
trusted library allocation
|
page read and write
|
||
|
D8F000
|
stack
|
page read and write
|
||
|
E06000
|
trusted library allocation
|
page execute and read and write
|
||
|
69D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
75C0000
|
trusted library allocation
|
page read and write
|
||
|
3100000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C6F000
|
heap
|
page read and write
|
||
|
4764000
|
trusted library allocation
|
page read and write
|
||
|
439E000
|
trusted library allocation
|
page read and write
|
||
|
75C9000
|
trusted library allocation
|
page read and write
|
||
|
5BD0000
|
trusted library allocation
|
page read and write
|
||
|
5CBE000
|
stack
|
page read and write
|
||
|
5A20000
|
heap
|
page read and write
|
||
|
5D82000
|
heap
|
page read and write
|
||
|
15DE000
|
stack
|
page read and write
|
||
|
5A20000
|
heap
|
page execute and read and write
|
||
|
EF9000
|
stack
|
page read and write
|
||
|
4372000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
526E000
|
stack
|
page read and write
|
||
|
3B40000
|
trusted library allocation
|
page read and write
|
||
|
7640000
|
trusted library section
|
page read and write
|
||
|
847E000
|
stack
|
page read and write
|
||
|
4EC0000
|
trusted library allocation
|
page read and write
|
||
|
E7E000
|
stack
|
page read and write
|
||
|
5870000
|
heap
|
page read and write
|
||
|
15F0000
|
trusted library allocation
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
78D000
|
stack
|
page read and write
|
||
|
56D2000
|
trusted library allocation
|
page read and write
|
||
|
564D000
|
trusted library allocation
|
page read and write
|
||
|
1444000
|
trusted library allocation
|
page read and write
|
||
|
46D9000
|
trusted library allocation
|
page read and write
|
||
|
36E9000
|
trusted library allocation
|
page read and write
|
||
|
A60F000
|
stack
|
page read and write
|
||
|
4E11000
|
trusted library allocation
|
page read and write
|
||
|
4220000
|
trusted library allocation
|
page read and write
|
||
|
145B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7160000
|
trusted library allocation
|
page read and write
|
||
|
5730000
|
trusted library allocation
|
page read and write
|
||
|
7F8F000
|
stack
|
page read and write
|
||
|
5641000
|
trusted library allocation
|
page read and write
|
||
|
5AE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
748E000
|
stack
|
page read and write
|
||
|
57E3000
|
heap
|
page read and write
|
||
|
7CA000
|
stack
|
page read and write
|
||
|
5D6E000
|
heap
|
page read and write
|
||
|
77AA000
|
trusted library allocation
|
page read and write
|
||
|
425C000
|
trusted library allocation
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
4476000
|
trusted library allocation
|
page read and write
|
||
|
51FE000
|
stack
|
page read and write
|
||
|
7345000
|
trusted library allocation
|
page read and write
|
||
|
14A5000
|
heap
|
page read and write
|
||
|
5F8C000
|
stack
|
page read and write
|
||
|
266B000
|
stack
|
page read and write
|
||
|
4800000
|
trusted library allocation
|
page read and write
|
||
|
6D59000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
5D40000
|
trusted library allocation
|
page execute and read and write
|
||
|
4ED0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6370000
|
trusted library allocation
|
page execute and read and write
|
||
|
6076000
|
trusted library allocation
|
page read and write
|
||
|
1930000
|
heap
|
page read and write
|
||
|
1838000
|
trusted library allocation
|
page read and write
|
||
|
5AC0000
|
trusted library allocation
|
page read and write
|
||
|
A24E000
|
stack
|
page read and write
|
||
|
1537000
|
trusted library allocation
|
page execute and read and write
|
||
|
1556000
|
heap
|
page read and write
|
||
|
2BAA000
|
trusted library allocation
|
page read and write
|
||
|
6D22000
|
heap
|
page read and write
|
||
|
5C50000
|
heap
|
page read and write
|
||
|
2B49000
|
trusted library allocation
|
page read and write
|
||
|
475F000
|
trusted library allocation
|
page read and write
|
||
|
7630000
|
trusted library allocation
|
page read and write
|
||
|
3736000
|
trusted library allocation
|
page read and write
|
||
|
6073000
|
trusted library allocation
|
page read and write
|
||
|
29BE000
|
trusted library allocation
|
page read and write
|
||
|
7CFE000
|
stack
|
page read and write
|
||
|
45EE000
|
trusted library allocation
|
page read and write
|
||
|
745F000
|
heap
|
page read and write
|
||
|
333B000
|
trusted library allocation
|
page read and write
|
||
|
529C000
|
stack
|
page read and write
|
||
|
5AA5000
|
trusted library allocation
|
page read and write
|
||
|
6070000
|
trusted library allocation
|
page read and write
|
||
|
1516000
|
heap
|
page read and write
|
||
|
146A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
7F8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4727000
|
trusted library allocation
|
page read and write
|
||
|
1530000
|
trusted library allocation
|
page read and write
|
||
|
4365000
|
trusted library allocation
|
page read and write
|
||
|
9A4C000
|
stack
|
page read and write
|
||
|
3499000
|
trusted library allocation
|
page read and write
|
||
|
9E2E000
|
stack
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
3480000
|
trusted library allocation
|
page read and write
|
||
|
145E000
|
stack
|
page read and write
|
||
|
182E000
|
stack
|
page read and write
|
||
|
5CF1000
|
trusted library allocation
|
page read and write
|
||
|
420A000
|
trusted library allocation
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
37D4000
|
trusted library allocation
|
page read and write
|
||
|
32E8000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
4250000
|
trusted library allocation
|
page read and write
|
||
|
1546000
|
heap
|
page read and write
|
||
|
335B000
|
trusted library allocation
|
page read and write
|
||
|
6D7E000
|
heap
|
page read and write
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
3B1A000
|
trusted library allocation
|
page read and write
|
||
|
5200000
|
trusted library allocation
|
page read and write
|
||
|
32FC000
|
trusted library allocation
|
page read and write
|
||
|
35B6000
|
trusted library allocation
|
page read and write
|
||
|
7FB0000
|
heap
|
page read and write
|
||
|
3228000
|
trusted library allocation
|
page read and write
|
||
|
46C7000
|
trusted library allocation
|
page read and write
|
||
|
5DA4000
|
heap
|
page read and write
|
||
|
A38000
|
heap
|
page read and write
|
||
|
36AB000
|
trusted library allocation
|
page read and write
|
||
|
150D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1680000
|
trusted library allocation
|
page execute and read and write
|
||
|
5CC0000
|
trusted library allocation
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
5B7F000
|
stack
|
page read and write
|
||
|
7FD1000
|
heap
|
page read and write
|
||
|
7932000
|
trusted library allocation
|
page read and write
|
||
|
4805000
|
trusted library allocation
|
page read and write
|
||
|
59DB000
|
stack
|
page read and write
|
||
|
35F5000
|
trusted library allocation
|
page read and write
|
||
|
16A0000
|
trusted library allocation
|
page read and write
|
||
|
42C5000
|
trusted library allocation
|
page read and write
|
||
|
8840000
|
heap
|
page read and write
|
||
|
42A4000
|
trusted library allocation
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
3495000
|
trusted library allocation
|
page read and write
|
||
|
4214000
|
trusted library allocation
|
page read and write
|
||
|
29CA000
|
trusted library allocation
|
page read and write
|
||
|
467B000
|
trusted library allocation
|
page read and write
|
||
|
36E4000
|
trusted library allocation
|
page read and write
|
||
|
29BF000
|
stack
|
page read and write
|
||
|
B7E000
|
stack
|
page read and write
|
||
|
6040000
|
trusted library allocation
|
page read and write
|
||
|
43C4000
|
trusted library allocation
|
page read and write
|
||
|
6379000
|
trusted library allocation
|
page execute and read and write
|
||
|
4EB0000
|
heap
|
page read and write
|
||
|
45C3000
|
trusted library allocation
|
page read and write
|
||
|
52DC000
|
stack
|
page read and write
|
||
|
65DC000
|
stack
|
page read and write
|
||
|
3CC0000
|
trusted library allocation
|
page read and write
|
||
|
26DE000
|
stack
|
page read and write
|
||
|
75E5000
|
trusted library allocation
|
page read and write
|
||
|
68C5000
|
trusted library allocation
|
page read and write
|
||
|
3AFB000
|
trusted library allocation
|
page read and write
|
||
|
1466000
|
trusted library allocation
|
page execute and read and write
|
||
|
31C1000
|
trusted library allocation
|
page read and write
|
||
|
4479000
|
trusted library allocation
|
page read and write
|
||
|
E0A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C00000
|
heap
|
page read and write
|
||
|
1A90000
|
trusted library allocation
|
page read and write
|
||
|
5710000
|
trusted library allocation
|
page read and write
|
||
|
57D1000
|
trusted library allocation
|
page read and write
|
||
|
1AA7000
|
heap
|
page read and write
|
||
|
603E000
|
stack
|
page read and write
|
||
|
3291000
|
trusted library allocation
|
page read and write
|
||
|
17FE000
|
stack
|
page read and write
|
||
|
35AC000
|
trusted library allocation
|
page read and write
|
||
|
43E6000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
5DC1000
|
heap
|
page read and write
|
||
|
37AB000
|
trusted library allocation
|
page read and write
|
||
|
155C000
|
heap
|
page read and write
|
||
|
56F0000
|
trusted library allocation
|
page read and write
|
||
|
675B000
|
heap
|
page read and write
|
||
|
5D00000
|
trusted library allocation
|
page read and write
|
||
|
536F000
|
stack
|
page read and write
|
||
|
E1B000
|
trusted library allocation
|
page execute and read and write
|
||
|
187D000
|
trusted library allocation
|
page read and write
|
||
|
5D8B000
|
heap
|
page read and write
|
||
|
6A20000
|
trusted library allocation
|
page read and write
|
||
|
6955000
|
trusted library allocation
|
page read and write
|
||
|
1442000
|
trusted library allocation
|
page read and write
|
||
|
914E000
|
stack
|
page read and write
|
||
|
7600000
|
trusted library allocation
|
page read and write
|
||
|
144A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
3060000
|
trusted library allocation
|
page read and write
|
||
|
3AC5000
|
trusted library allocation
|
page read and write
|
||
|
43AA000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
6940000
|
trusted library allocation
|
page read and write
|
||
|
68D8000
|
trusted library allocation
|
page read and write
|
||
|
8856000
|
heap
|
page read and write
|
||
|
681E000
|
stack
|
page read and write
|
||
|
3B2B000
|
trusted library allocation
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
52D0000
|
trusted library allocation
|
page read and write
|
||
|
8BE000
|
unkown
|
page read and write
|
||
|
5E80000
|
trusted library allocation
|
page execute and read and write
|
||
|
954E000
|
stack
|
page read and write
|
||
|
E00000
|
trusted library allocation
|
page read and write
|
||
|
D92000
|
unkown
|
page readonly
|
||
|
DD7000
|
heap
|
page read and write
|
||
|
1450000
|
trusted library allocation
|
page read and write
|
||
|
3B21000
|
trusted library allocation
|
page read and write
|
||
|
4468000
|
trusted library allocation
|
page read and write
|
||
|
9A8D000
|
unkown
|
page read and write
|
||
|
7020000
|
heap
|
page read and write
|
||
|
42AA000
|
trusted library allocation
|
page read and write
|
||
|
6EE0D000
|
unkown
|
page read and write
|
||
|
35EE000
|
trusted library allocation
|
page read and write
|
||
|
570D000
|
trusted library allocation
|
page read and write
|
||
|
2A76000
|
trusted library allocation
|
page read and write
|
||
|
445A000
|
trusted library allocation
|
page read and write
|
||
|
56FE000
|
trusted library allocation
|
page read and write
|
||
|
446B000
|
trusted library allocation
|
page read and write
|
||
|
2A7E000
|
trusted library allocation
|
page read and write
|
||
|
56F5000
|
trusted library allocation
|
page read and write
|
||
|
6590000
|
trusted library allocation
|
page execute and read and write
|
||
|
4781000
|
trusted library allocation
|
page read and write
|
||
|
980E000
|
stack
|
page read and write
|
||
|
17EF000
|
stack
|
page read and write
|
||
|
4E16000
|
trusted library allocation
|
page read and write
|
||
|
47C0000
|
trusted library allocation
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
45FE000
|
trusted library allocation
|
page read and write
|
||
|
331F000
|
trusted library allocation
|
page read and write
|
||
|
42CB000
|
trusted library allocation
|
page read and write
|
||
|
12F6000
|
stack
|
page read and write
|
||
|
34C3000
|
trusted library allocation
|
page read and write
|
||
|
6735000
|
heap
|
page read and write
|
||
|
E17000
|
trusted library allocation
|
page execute and read and write
|
||
|
53AE000
|
stack
|
page read and write
|
||
|
5E6C000
|
stack
|
page read and write
|
||
|
172E000
|
stack
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
4E1D000
|
trusted library allocation
|
page read and write
|
||
|
12E5000
|
heap
|
page read and write
|
||
|
15D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
461F000
|
trusted library allocation
|
page read and write
|
||
|
57B0000
|
trusted library allocation
|
page read and write
|
||
|
4608000
|
trusted library allocation
|
page read and write
|
||
|
58E0000
|
heap
|
page read and write
|
||
|
E10000
|
trusted library allocation
|
page read and write
|
||
|
66DC000
|
stack
|
page read and write
|
||
|
DE4000
|
trusted library allocation
|
page read and write
|
||
|
14FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
35DC000
|
trusted library allocation
|
page read and write
|
||
|
6EE06000
|
unkown
|
page readonly
|
||
|
14DA000
|
heap
|
page read and write
|
||
|
4393000
|
trusted library allocation
|
page read and write
|
||
|
4454000
|
trusted library allocation
|
page read and write
|
||
|
5D0E000
|
trusted library allocation
|
page read and write
|
||
|
4372000
|
trusted library allocation
|
page read and write
|
||
|
33D7000
|
trusted library allocation
|
page read and write
|
||
|
46EB000
|
trusted library allocation
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
5CD0000
|
trusted library allocation
|
page read and write
|
||
|
57E0000
|
heap
|
page read and write
|
||
|
3070000
|
trusted library allocation
|
page read and write
|
||
|
2690000
|
heap
|
page read and write
|
||
|
34D9000
|
trusted library allocation
|
page read and write
|
||
|
5A76000
|
trusted library allocation
|
page read and write
|
||
|
45E2000
|
trusted library allocation
|
page read and write
|
||
|
7A9E000
|
stack
|
page read and write
|
||
|
75F4000
|
trusted library allocation
|
page read and write
|
||
|
DDB000
|
heap
|
page read and write
|
||
|
4471000
|
trusted library allocation
|
page read and write
|
||
|
5CDC000
|
trusted library allocation
|
page read and write
|
||
|
163F000
|
heap
|
page read and write
|
||
|
E30000
|
trusted library allocation
|
page read and write
|
||
|
36B8000
|
trusted library allocation
|
page read and write
|
||
|
5624000
|
trusted library allocation
|
page read and write
|
||
|
4701000
|
trusted library allocation
|
page read and write
|
||
|
7FD5000
|
heap
|
page read and write
|
||
|
41C9000
|
trusted library allocation
|
page read and write
|
||
|
14A4000
|
heap
|
page read and write
|
||
|
439E000
|
trusted library allocation
|
page read and write
|
||
|
9310000
|
heap
|
page read and write
|
||
|
3696000
|
trusted library allocation
|
page read and write
|
||
|
4233000
|
trusted library allocation
|
page read and write
|
||
|
521E000
|
stack
|
page read and write
|
||
|
428F000
|
trusted library allocation
|
page read and write
|
||
|
35E3000
|
trusted library allocation
|
page read and write
|
||
|
5FDE000
|
stack
|
page read and write
|
||
|
58A0000
|
heap
|
page read and write
|
||
|
FD7000
|
stack
|
page read and write
|
||
|
B1C000
|
heap
|
page read and write
|
||
|
6A50000
|
trusted library allocation
|
page read and write
|
||
|
76F6000
|
trusted library allocation
|
page read and write
|
||
|
7F90000
|
heap
|
page read and write
|
||
|
1526000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A6B000
|
trusted library allocation
|
page read and write
|
||
|
43D1000
|
trusted library allocation
|
page read and write
|
||
|
34BA000
|
trusted library allocation
|
page read and write
|
||
|
7348000
|
trusted library allocation
|
page read and write
|
||
|
5A82000
|
trusted library allocation
|
page read and write
|
||
|
43AF000
|
trusted library allocation
|
page read and write
|
||
|
7D00000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AC4000
|
trusted library allocation
|
page read and write
|
||
|
295A000
|
trusted library allocation
|
page read and write
|
||
|
7610000
|
trusted library allocation
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
15E0000
|
heap
|
page read and write
|
||
|
6944000
|
trusted library allocation
|
page read and write
|
||
|
5E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
58A3000
|
heap
|
page read and write
|
||
|
BB6000
|
heap
|
page read and write
|
||
|
5DC8000
|
heap
|
page read and write
|
||
|
75C8000
|
heap
|
page read and write
|
||
|
2ADF000
|
trusted library allocation
|
page read and write
|
||
|
443F000
|
trusted library allocation
|
page read and write
|
||
|
6A40000
|
trusted library allocation
|
page execute and read and write
|
||
|
425F000
|
trusted library allocation
|
page read and write
|
||
|
73C0000
|
heap
|
page read and write
|
||
|
1668000
|
heap
|
page read and write
|
||
|
3B27000
|
trusted library allocation
|
page read and write
|
||
|
7550000
|
trusted library section
|
page read and write
|
||
|
14AF000
|
heap
|
page read and write
|
||
|
47FC000
|
trusted library allocation
|
page read and write
|
||
|
26F0000
|
trusted library allocation
|
page read and write
|
||
|
673A000
|
heap
|
page read and write
|
||
|
14F4000
|
trusted library allocation
|
page read and write
|
||
|
5D80000
|
trusted library allocation
|
page read and write
|
||
|
46FB000
|
trusted library allocation
|
page read and write
|
||
|
4DEF000
|
stack
|
page read and write
|
||
|
5D94000
|
heap
|
page read and write
|
||
|
42B3000
|
trusted library allocation
|
page read and write
|
||
|
5AA0000
|
trusted library allocation
|
page read and write
|
||
|
56E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5646000
|
trusted library allocation
|
page read and write
|
||
|
462B000
|
trusted library allocation
|
page read and write
|
||
|
5A3F000
|
stack
|
page read and write
|
||
|
422E000
|
trusted library allocation
|
page read and write
|
||
|
7090000
|
heap
|
page read and write
|
||
|
5D46000
|
heap
|
page read and write
|
||
|
4EE8000
|
trusted library allocation
|
page read and write
|
||
|
A38E000
|
stack
|
page read and write
|
||
|
67B4000
|
heap
|
page read and write
|
||
|
447F000
|
trusted library allocation
|
page read and write
|
||
|
708E000
|
stack
|
page read and write
|
||
|
4223000
|
trusted library allocation
|
page read and write
|
||
|
5D20000
|
heap
|
page read and write
|
||
|
1A94000
|
trusted library allocation
|
page read and write
|
||
|
1577000
|
trusted library allocation
|
page execute and read and write
|
||
|
59E0000
|
trusted library section
|
page readonly
|
||
|
2811000
|
trusted library allocation
|
page read and write
|
||
|
4EE0000
|
trusted library allocation
|
page read and write
|
||
|
5DB0000
|
heap
|
page read and write
|
||
|
35FA000
|
trusted library allocation
|
page read and write
|
||
|
36C5000
|
trusted library allocation
|
page read and write
|
||
|
7840000
|
trusted library allocation
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
6A30000
|
trusted library allocation
|
page read and write
|
||
|
29C4000
|
trusted library allocation
|
page read and write
|
||
|
76C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
14F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
16C4000
|
trusted library allocation
|
page read and write
|
||
|
5AAE000
|
trusted library allocation
|
page read and write
|
||
|
6D2D000
|
heap
|
page read and write
|
||
|
1642000
|
heap
|
page read and write
|
||
|
42BB000
|
trusted library allocation
|
page read and write
|
||
|
76EF000
|
trusted library allocation
|
page read and write
|
||
|
45E9000
|
trusted library allocation
|
page read and write
|
||
|
696C000
|
stack
|
page read and write
|
||
|
5E40000
|
trusted library allocation
|
page execute and read and write
|
||
|
35C2000
|
trusted library allocation
|
page read and write
|
||
|
4EE5000
|
trusted library allocation
|
page read and write
|
||
|
142D000
|
trusted library allocation
|
page execute and read and write
|
||
|
37BE000
|
trusted library allocation
|
page read and write
|
||
|
990F000
|
stack
|
page read and write
|
||
|
186E000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
trusted library allocation
|
page read and write
|
||
|
14F0000
|
trusted library allocation
|
page read and write
|
||
|
691C000
|
stack
|
page read and write
|
||
|
46D4000
|
trusted library allocation
|
page read and write
|
||
|
36CD000
|
trusted library allocation
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
6360000
|
trusted library allocation
|
page execute and read and write
|
||
|
8865000
|
trusted library allocation
|
page read and write
|
||
|
3A21000
|
trusted library allocation
|
page read and write
|
||
|
7FA0000
|
trusted library allocation
|
page read and write
|
||
|
360B000
|
trusted library allocation
|
page read and write
|
||
|
47B9000
|
trusted library allocation
|
page read and write
|
||
|
4374000
|
trusted library allocation
|
page read and write
|
||
|
6EDF0000
|
unkown
|
page readonly
|
||
|
8E0E000
|
stack
|
page read and write
|
||
|
76D0000
|
trusted library allocation
|
page read and write
|
||
|
144D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4299000
|
trusted library allocation
|
page read and write
|
||
|
3B08000
|
trusted library allocation
|
page read and write
|
||
|
5D2C000
|
heap
|
page read and write
|
||
|
5C1E000
|
stack
|
page read and write
|
||
|
71E0000
|
heap
|
page read and write
|
||
|
5720000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
heap
|
page read and write
|
||
|
330B000
|
trusted library allocation
|
page read and write
|
||
|
46B4000
|
trusted library allocation
|
page read and write
|
||
|
67BC000
|
heap
|
page read and write
|
||
|
155A000
|
heap
|
page read and write
|
||
|
7E8E000
|
stack
|
page read and write
|
||
|
3383000
|
trusted library allocation
|
page read and write
|
||
|
1423000
|
trusted library allocation
|
page execute and read and write
|
||
|
4423000
|
trusted library allocation
|
page read and write
|
||
|
75A5000
|
heap
|
page read and write
|
||
|
5209000
|
trusted library allocation
|
page read and write
|
||
|
4E50000
|
trusted library allocation
|
page read and write
|
||
|
160E000
|
heap
|
page read and write
|
||
|
AF8000
|
heap
|
page read and write
|
||
|
57B0000
|
trusted library allocation
|
page read and write
|
||
|
5D40000
|
heap
|
page read and write
|
||
|
A28E000
|
stack
|
page read and write
|
||
|
43F5000
|
trusted library allocation
|
page read and write
|
||
|
4615000
|
trusted library allocation
|
page read and write
|
||
|
7E4E000
|
stack
|
page read and write
|
||
|
4DFB000
|
trusted library allocation
|
page read and write
|
||
|
7F8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
56E0000
|
trusted library allocation
|
page read and write
|
||
|
6795000
|
heap
|
page read and write
|
||
|
35B4000
|
trusted library allocation
|
page read and write
|
||
|
2948000
|
trusted library allocation
|
page read and write
|
||
|
7FD70000
|
trusted library allocation
|
page execute and read and write
|
||
|
676A000
|
heap
|
page read and write
|
||
|
427D000
|
trusted library allocation
|
page read and write
|
||
|
46BA000
|
trusted library allocation
|
page read and write
|
||
|
5B20000
|
trusted library allocation
|
page read and write
|
||
|
511E000
|
stack
|
page read and write
|
||
|
A78E000
|
stack
|
page read and write
|
||
|
57D6000
|
trusted library allocation
|
page read and write
|
||
|
3486000
|
trusted library allocation
|
page read and write
|
||
|
1305000
|
heap
|
page read and write
|
||
|
2700000
|
heap
|
page execute and read and write
|
||
|
DED000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C38000
|
trusted library allocation
|
page read and write
|
||
|
71BB000
|
stack
|
page read and write
|
||
|
DE3000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AB0000
|
trusted library allocation
|
page read and write
|
||
|
59D0000
|
trusted library allocation
|
page read and write
|
||
|
47D6000
|
trusted library allocation
|
page read and write
|
||
|
13FE000
|
stack
|
page read and write
|
||
|
7D4E000
|
stack
|
page read and write
|
||
|
4404000
|
trusted library allocation
|
page read and write
|
||
|
5D4E000
|
heap
|
page read and write
|
||
|
1565000
|
heap
|
page read and write
|
||
|
68C0000
|
trusted library allocation
|
page read and write
|
||
|
33CF000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
34FA000
|
trusted library allocation
|
page read and write
|
||
|
5620000
|
trusted library allocation
|
page read and write
|
||
|
1671000
|
heap
|
page read and write
|
||
|
441C000
|
trusted library allocation
|
page read and write
|
||
|
3364000
|
trusted library allocation
|
page read and write
|
||
|
437E000
|
trusted library allocation
|
page read and write
|
||
|
6960000
|
trusted library allocation
|
page read and write
|
||
|
45D7000
|
trusted library allocation
|
page read and write
|
||
|
34E6000
|
trusted library allocation
|
page read and write
|
||
|
52DA000
|
trusted library allocation
|
page read and write
|
||
|
1498000
|
heap
|
page read and write
|
||
|
4655000
|
trusted library allocation
|
page read and write
|
||
|
562B000
|
trusted library allocation
|
page read and write
|
||
|
4288000
|
trusted library allocation
|
page read and write
|
||
|
E12000
|
trusted library allocation
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
7AB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
57C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
49AC000
|
stack
|
page read and write
|
||
|
7590000
|
heap
|
page read and write
|
||
|
5652000
|
trusted library allocation
|
page read and write
|
||
|
1876000
|
trusted library allocation
|
page read and write
|
||
|
5D30000
|
trusted library allocation
|
page read and write
|
||
|
744E000
|
stack
|
page read and write
|
||
|
6DD000
|
stack
|
page read and write
|
||
|
4EF0000
|
heap
|
page read and write
|
||
|
14AE000
|
stack
|
page read and write
|
||
|
35A3000
|
trusted library allocation
|
page read and write
|
||
|
2CAC000
|
trusted library allocation
|
page read and write
|
||
|
328E000
|
stack
|
page read and write
|
||
|
59F0000
|
heap
|
page read and write
|
||
|
6A1E000
|
stack
|
page read and write
|
||
|
5CD6000
|
trusted library allocation
|
page read and write
|
||
|
5B90000
|
trusted library allocation
|
page execute and read and write
|
||
|
192B000
|
stack
|
page read and write
|
||
|
7F970000
|
trusted library allocation
|
page execute and read and write
|
||
|
7605000
|
trusted library allocation
|
page read and write
|
||
|
63D0000
|
trusted library allocation
|
page read and write
|
||
|
3218000
|
trusted library allocation
|
page read and write
|
||
|
5A71000
|
trusted library allocation
|
page read and write
|
||
|
A67000
|
heap
|
page read and write
|
||
|
479A000
|
trusted library allocation
|
page read and write
|
||
|
47F7000
|
trusted library allocation
|
page read and write
|
||
|
42D9000
|
trusted library allocation
|
page read and write
|
||
|
4291000
|
trusted library allocation
|
page read and write
|
||
|
1850000
|
trusted library allocation
|
page read and write
|
||
|
837E000
|
stack
|
page read and write
|
||
|
7459000
|
heap
|
page read and write
|
||
|
4755000
|
trusted library allocation
|
page read and write
|
||
|
43EF000
|
trusted library allocation
|
page read and write
|
||
|
29C0000
|
trusted library allocation
|
page read and write
|
||
|
153B000
|
trusted library allocation
|
page execute and read and write
|
||
|
6CA000
|
stack
|
page read and write
|
||
|
4E22000
|
trusted library allocation
|
page read and write
|
||
|
5BB0000
|
heap
|
page read and write
|
||
|
783F000
|
stack
|
page read and write
|
||
|
5CE3000
|
trusted library allocation
|
page read and write
|
||
|
32C7000
|
trusted library allocation
|
page read and write
|
||
|
46D0000
|
trusted library allocation
|
page read and write
|
||
|
1620000
|
heap
|
page read and write
|
||
|
66F5000
|
heap
|
page read and write
|
||
|
4EC2000
|
trusted library allocation
|
page read and write
|
||
|
3516000
|
trusted library allocation
|
page read and write
|
||
|
4435000
|
trusted library allocation
|
page read and write
|
||
|
42CD000
|
trusted library allocation
|
page read and write
|
||
|
5990000
|
trusted library allocation
|
page read and write
|
||
|
47E0000
|
trusted library allocation
|
page read and write
|
||
|
3AE2000
|
trusted library allocation
|
page read and write
|
||
|
444A000
|
trusted library allocation
|
page read and write
|
||
|
37F6000
|
trusted library allocation
|
page read and write
|
||
|
6760000
|
heap
|
page read and write
|
||
|
5D00000
|
heap
|
page read and write
|
||
|
1455000
|
trusted library allocation
|
page execute and read and write
|
||
|
5BA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4201000
|
trusted library allocation
|
page read and write
|
||
|
3616000
|
trusted library allocation
|
page read and write
|
||
|
6350000
|
trusted library allocation
|
page read and write
|
||
|
39F1000
|
trusted library allocation
|
page read and write
|
||
|
332A000
|
trusted library allocation
|
page read and write
|
||
|
5E50000
|
trusted library section
|
page read and write
|
||
|
5DD9000
|
heap
|
page read and write
|
||
|
4210000
|
trusted library allocation
|
page read and write
|
||
|
6EE0D000
|
unkown
|
page read and write
|
||
|
542C000
|
stack
|
page read and write
|
||
|
4461000
|
trusted library allocation
|
page read and write
|
||
|
6B00000
|
trusted library allocation
|
page execute and read and write
|
||
|
2680000
|
trusted library allocation
|
page read and write
|
||
|
68E5000
|
trusted library allocation
|
page read and write
|
||
|
66E0000
|
heap
|
page read and write
|
||
|
5770000
|
trusted library section
|
page readonly
|
||
|
5C30000
|
heap
|
page read and write
|
||
|
437000
|
remote allocation
|
page execute and read and write
|
||
|
18A0000
|
trusted library allocation
|
page read and write
|
||
|
280E000
|
stack
|
page read and write
|
||
|
5A00000
|
heap
|
page read and write
|
||
|
6420000
|
trusted library allocation
|
page execute and read and write
|
||
|
32F2000
|
trusted library allocation
|
page read and write
|
||
|
446000
|
remote allocation
|
page execute and read and write
|
||
|
317B000
|
stack
|
page read and write
|
||
|
16C0000
|
trusted library allocation
|
page read and write
|
||
|
5CCB000
|
trusted library allocation
|
page read and write
|
||
|
672A000
|
heap
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
7340000
|
trusted library allocation
|
page read and write
|
||
|
3933000
|
trusted library allocation
|
page read and write
|
||
|
924F000
|
stack
|
page read and write
|
||
|
75D8000
|
trusted library allocation
|
page read and write
|
||
|
5CEE000
|
trusted library allocation
|
page read and write
|
||
|
148F000
|
heap
|
page read and write
|
||
|
57A0000
|
heap
|
page read and write
|
||
|
41E1000
|
trusted library allocation
|
page read and write
|
||
|
5D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
1666000
|
heap
|
page read and write
|
||
|
5BBE000
|
stack
|
page read and write
|
||
|
16E7000
|
heap
|
page read and write
|
||
|
71DD000
|
stack
|
page read and write
|
||
|
6D3F000
|
heap
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
6D57000
|
heap
|
page read and write
|
||
|
A4CE000
|
stack
|
page read and write
|
||
|
15CE000
|
stack
|
page read and write
|
||
|
56E4000
|
trusted library allocation
|
page read and write
|
||
|
8F50000
|
heap
|
page read and write
|
||
|
754E000
|
stack
|
page read and write
|
||
|
4EF3000
|
heap
|
page read and write
|
||
|
4474000
|
trusted library allocation
|
page read and write
|
||
|
5B2D000
|
stack
|
page read and write
|
||
|
37DA000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
75DF000
|
trusted library allocation
|
page read and write
|
||
|
3811000
|
trusted library allocation
|
page read and write
|
||
|
5A8E000
|
trusted library allocation
|
page read and write
|
||
|
381F000
|
trusted library allocation
|
page read and write
|
||
|
1600000
|
heap
|
page read and write
|