Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
RFQ_HB648836_Enquiry.cmd
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 4294967295 bytes, 1 file, at 0x75 +A "x.exe", number 1, 58 datablocks,
0 compression
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\x.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\XClient.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Links\Rwelpqci.PIF
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Links\icqplewR.pif
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
modified
|
|
|
|
C:\ProgramData\38797.cmd
|
Unicode text, UTF-8 text, with very long lines (577), with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\7435.cmd
|
Unicode text, UTF-8 text, with very long lines (324), with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\neo.cmd
|
Unicode text, UTF-8 text, with very long lines (372), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\icqplewR.pif.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Log.tmp
|
Generic INItialization configuration [WIN]
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1y1immse.k14.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2apngmrl.xa2.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2r2bvm2t.dkq.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2ty1ljfz.vkp.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4jaupix2.4gl.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4xixrpk0.g4t.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_es0l3mcu.dgl.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fvltbcou.4ot.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_iowgqri5.cdb.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jbm43ulr.lrw.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sl1pmxkn.fr2.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tigecjhr.m1m.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_urieutje.04j.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vew4f2w3.pzm.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vpxu1kti.hs3.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_y3kc2kfn.vij.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Loader.Log
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\Links\Rwelpqci.url
|
MS Windows 95 Internet shortcut text (URL=<file:"C:\\Users\\user\\Links\\Rwelpqci.PIF">), ASCII text, with CRLF line terminators
|
dropped
|
There are 19 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\AppData\Local\Temp\x.exe
|
"C:\Users\user\AppData\Local\Temp\x.exe"
|
|
|
|
C:\Users\user\Links\icqplewR.pif
|
C:\\Users\\user\\Links\icqplewR.pif
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\user\Links\icqplewR.pif'
|
|
|
|
C:\Users\user\Links\Rwelpqci.PIF
|
"C:\Users\user\Links\Rwelpqci.PIF"
|
|
|
|
C:\Users\user\Links\icqplewR.pif
|
C:\\Users\\user\\Links\icqplewR.pif
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess 'icqplewR.pif'
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\user\AppData\Roaming\XClient.exe'
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess 'XClient.exe'
|
|
|
|
C:\Users\user\AppData\Roaming\XClient.exe
|
"C:\Users\user\AppData\Roaming\XClient.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\XClient.exe
|
"C:\Users\user\AppData\Roaming\XClient.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\Desktop\RFQ_HB648836_Enquiry.cmd" "
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\extrac32.exe
|
extrac32 /y "C:\Users\user\Desktop\RFQ_HB648836_Enquiry.cmd" "C:\Users\user\AppData\Local\Temp\x.exe"
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\\Users\\All Users\\7435.cmd""
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\\Users\\All Users\\38797.cmd""
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 11 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
204.10.161.147
|
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://crl.miG
|
unknown
|
||
|
http://crl.micro
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
http://crl.microsoft
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://crl.microG?
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://www.codeproject.com/Articles/16009/A-Much-Easier-to-Use-ListView
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.pmail.com
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://crl.mi
|
unknown
|
There are 10 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
204.10.161.147
|
unknown
|
Canada
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Rwelpqci
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
XClient
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
There are 2 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1B19F000
|
heap
|
page read and write
|
|
|
|
202BA000
|
heap
|
page read and write
|
|
|
|
1E045000
|
trusted library allocation
|
page read and write
|
|
|
|
1CEE0000
|
trusted library section
|
page read and write
|
|
|
|
3A2E000
|
direct allocation
|
page read and write
|
|
|
|
1D0A9000
|
trusted library allocation
|
page read and write
|
|
|
|
1CCDE000
|
heap
|
page read and write
|
|
|
|
1CE90000
|
trusted library section
|
page read and write
|
|
|
|
279D0000
|
trusted library allocation
|
page read and write
|
||
|
24E80000
|
trusted library allocation
|
page read and write
|
||
|
221D0000
|
trusted library allocation
|
page read and write
|
||
|
25FE0000
|
trusted library allocation
|
page read and write
|
||
|
28441000
|
trusted library allocation
|
page read and write
|
||
|
D2E000
|
stack
|
page read and write
|
||
|
200F000
|
stack
|
page read and write
|
||
|
273F0000
|
trusted library allocation
|
page read and write
|
||
|
26030000
|
trusted library allocation
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
27C90000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
7D4C000
|
heap
|
page read and write
|
||
|
1FC40000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
229EF000
|
trusted library allocation
|
page read and write
|
||
|
26F60000
|
trusted library allocation
|
page read and write
|
||
|
409C000
|
direct allocation
|
page read and write
|
||
|
25690000
|
trusted library allocation
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
27550000
|
trusted library allocation
|
page read and write
|
||
|
221D0000
|
trusted library allocation
|
page read and write
|
||
|
27C20000
|
trusted library allocation
|
page read and write
|
||
|
3330000
|
heap
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
27590000
|
trusted library allocation
|
page read and write
|
||
|
1B0EE000
|
stack
|
page read and write
|
||
|
27130000
|
trusted library allocation
|
page read and write
|
||
|
26030000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
24750000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
3475000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E80000
|
trusted library allocation
|
page read and write
|
||
|
28076000
|
trusted library allocation
|
page read and write
|
||
|
4F20000
|
heap
|
page execute and read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
698E000
|
stack
|
page read and write
|
||
|
5013000
|
trusted library allocation
|
page read and write
|
||
|
7BF0000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
7F348000
|
trusted library allocation
|
page execute and read and write
|
||
|
25680000
|
trusted library allocation
|
page read and write
|
||
|
25FE0000
|
trusted library allocation
|
page read and write
|
||
|
4BD3000
|
trusted library allocation
|
page read and write
|
||
|
275C0000
|
trusted library allocation
|
page read and write
|
||
|
278E0000
|
trusted library allocation
|
page read and write
|
||
|
7F8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3AC9000
|
direct allocation
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
26AF0000
|
trusted library allocation
|
page read and write
|
||
|
4D3B000
|
trusted library allocation
|
page read and write
|
||
|
25680000
|
trusted library allocation
|
page read and write
|
||
|
26AF0000
|
trusted library allocation
|
page read and write
|
||
|
26FD5000
|
trusted library allocation
|
page read and write
|
||
|
35CB000
|
heap
|
page read and write
|
||
|
1D04A000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
8230000
|
trusted library allocation
|
page execute and read and write
|
||
|
3386000
|
heap
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
284CB000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
32B8000
|
heap
|
page read and write
|
||
|
7EC50000
|
direct allocation
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
32C8000
|
trusted library allocation
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
27040000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
25FE0000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
279E1000
|
trusted library allocation
|
page read and write
|
||
|
201B7000
|
heap
|
page read and write
|
||
|
25FF0000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
6AAE000
|
stack
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
202E000
|
stack
|
page read and write
|
||
|
2836D000
|
trusted library allocation
|
page read and write
|
||
|
27A64000
|
trusted library allocation
|
page read and write
|
||
|
7EC50000
|
direct allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
2768A000
|
heap
|
page read and write
|
||
|
26F60000
|
trusted library allocation
|
page read and write
|
||
|
25690000
|
trusted library allocation
|
page read and write
|
||
|
26F80000
|
trusted library allocation
|
page read and write
|
||
|
795E000
|
stack
|
page read and write
|
||
|
27A00000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
7E0E000
|
heap
|
page read and write
|
||
|
26B10000
|
trusted library allocation
|
page read and write
|
||
|
323F000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
27050000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
56B5000
|
trusted library allocation
|
page read and write
|
||
|
273F0000
|
trusted library allocation
|
page read and write
|
||
|
24E90000
|
trusted library allocation
|
page read and write
|
||
|
1F5B000
|
heap
|
page read and write
|
||
|
25E80000
|
trusted library allocation
|
page read and write
|
||
|
291F1000
|
trusted library allocation
|
page read and write
|
||
|
85BA000
|
heap
|
page read and write
|
||
|
25E90000
|
trusted library allocation
|
page read and write
|
||
|
279D0000
|
trusted library allocation
|
page read and write
|
||
|
275C0000
|
trusted library allocation
|
page read and write
|
||
|
25690000
|
trusted library allocation
|
page read and write
|
||
|
26760000
|
trusted library allocation
|
page read and write
|
||
|
5A41000
|
trusted library allocation
|
page read and write
|
||
|
29B2C000
|
trusted library allocation
|
page read and write
|
||
|
27CE0000
|
trusted library allocation
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
25680000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
25FC0000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
26980000
|
trusted library allocation
|
page read and write
|
||
|
202FE000
|
heap
|
page read and write
|
||
|
7A0A000
|
heap
|
page read and write
|
||
|
27A00000
|
trusted library allocation
|
page read and write
|
||
|
24750000
|
trusted library allocation
|
page read and write
|
||
|
25680000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
284EA000
|
trusted library allocation
|
page read and write
|
||
|
21EAB000
|
stack
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
2212F000
|
stack
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
FE3C07E000
|
stack
|
page read and write
|
||
|
27100000
|
trusted library allocation
|
page read and write
|
||
|
50E0000
|
trusted library allocation
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
1D047000
|
trusted library allocation
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
27920000
|
trusted library allocation
|
page read and write
|
||
|
7F8B8000
|
trusted library allocation
|
page execute and read and write
|
||
|
27170000
|
trusted library allocation
|
page read and write
|
||
|
27A60000
|
trusted library allocation
|
page read and write
|
||
|
27950000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
5931000
|
trusted library allocation
|
page read and write
|
||
|
27170000
|
trusted library allocation
|
page read and write
|
||
|
26950000
|
trusted library allocation
|
page read and write
|
||
|
9DF000
|
stack
|
page read and write
|
||
|
1B120000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
26765000
|
heap
|
page read and write
|
||
|
1EEF000
|
stack
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
26AA0000
|
trusted library allocation
|
page read and write
|
||
|
25680000
|
trusted library allocation
|
page read and write
|
||
|
7FB26000
|
direct allocation
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
86F0000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
1F550000
|
trusted library allocation
|
page read and write
|
||
|
356E000
|
heap
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
27C90000
|
trusted library allocation
|
page read and write
|
||
|
258E0000
|
trusted library allocation
|
page read and write
|
||
|
3498000
|
heap
|
page read and write
|
||
|
79F6000
|
heap
|
page read and write
|
||
|
42BE000
|
stack
|
page read and write
|
||
|
20301000
|
heap
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
D8C000
|
stack
|
page read and write
|
||
|
1FCD000
|
heap
|
page read and write
|
||
|
26AB0000
|
trusted library allocation
|
page read and write
|
||
|
27020000
|
trusted library allocation
|
page read and write
|
||
|
8ABE000
|
stack
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
25680000
|
trusted library allocation
|
page read and write
|
||
|
1F4FE000
|
stack
|
page read and write
|
||
|
4E6F000
|
stack
|
page read and write
|
||
|
221F0000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
1B110000
|
trusted library allocation
|
page read and write
|
||
|
26AC0000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
25750000
|
trusted library allocation
|
page read and write
|
||
|
2D880000000
|
trusted library allocation
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
27120000
|
trusted library allocation
|
page read and write
|
||
|
26AA0000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
2756C000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
21C3000
|
heap
|
page read and write
|
||
|
3AD0000
|
direct allocation
|
page read and write
|
||
|
2770C000
|
heap
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
7BB0000
|
trusted library allocation
|
page read and write
|
||
|
27960000
|
trusted library allocation
|
page read and write
|
||
|
279E1000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
28F41000
|
trusted library allocation
|
page read and write
|
||
|
25FF0000
|
trusted library allocation
|
page read and write
|
||
|
8AB0000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
25FE0000
|
trusted library allocation
|
page read and write
|
||
|
26ADA000
|
trusted library allocation
|
page read and write
|
||
|
40D000
|
unkown
|
page read and write
|
||
|
282EB000
|
trusted library allocation
|
page read and write
|
||
|
1F550000
|
trusted library allocation
|
page read and write
|
||
|
7EBD8000
|
direct allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
279D0000
|
trusted library allocation
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
26FC0000
|
trusted library allocation
|
page read and write
|
||
|
27390000
|
trusted library allocation
|
page read and write
|
||
|
25680000
|
trusted library allocation
|
page read and write
|
||
|
45C000
|
unkown
|
page read and write
|
||
|
22696000
|
direct allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
279D0000
|
trusted library allocation
|
page read and write
|
||
|
25680000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
5101000
|
trusted library allocation
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
8760000
|
heap
|
page read and write
|
||
|
26A90000
|
trusted library allocation
|
page read and write
|
||
|
27C22000
|
trusted library allocation
|
page read and write
|
||
|
2D8FDC10000
|
heap
|
page read and write
|
||
|
27970000
|
trusted library allocation
|
page read and write
|
||
|
269B0000
|
trusted library allocation
|
page read and write
|
||
|
74EE000
|
stack
|
page read and write
|
||
|
23804000
|
trusted library allocation
|
page read and write
|
||
|
3958000
|
direct allocation
|
page read and write
|
||
|
273D0000
|
trusted library allocation
|
page read and write
|
||
|
5FA1000
|
trusted library allocation
|
page read and write
|
||
|
26AD0000
|
trusted library allocation
|
page read and write
|
||
|
25680000
|
trusted library allocation
|
page read and write
|
||
|
7705000
|
heap
|
page read and write
|
||
|
26AC0000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
24730000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
33B6000
|
heap
|
page read and write
|
||
|
A8F000
|
unkown
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
7ECBF000
|
direct allocation
|
page read and write
|
||
|
34D8000
|
heap
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
3926000
|
direct allocation
|
page read and write
|
||
|
26FF0000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
27970000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
2D8FDC30000
|
heap
|
page read and write
|
||
|
27960000
|
trusted library allocation
|
page read and write
|
||
|
257A0000
|
trusted library allocation
|
page read and write
|
||
|
27970000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
2794C000
|
trusted library allocation
|
page read and write
|
||
|
25680000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
6FEE000
|
stack
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
58EA000
|
trusted library allocation
|
page read and write
|
||
|
25680000
|
trusted library allocation
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
87C1000
|
heap
|
page read and write
|
||
|
27A30000
|
trusted library allocation
|
page read and write
|
||
|
29891000
|
trusted library allocation
|
page read and write
|
||
|
870000
|
trusted library allocation
|
page read and write
|
||
|
26950000
|
trusted library allocation
|
page read and write
|
||
|
29126000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
27A60000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
27970000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
1FCD0000
|
trusted library allocation
|
page read and write
|
||
|
25FB0000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
27970000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
25680000
|
trusted library allocation
|
page read and write
|
||
|
1E7E000
|
heap
|
page read and write
|
||
|
6FB0000
|
trusted library allocation
|
page read and write
|
||
|
75F2000
|
heap
|
page read and write
|
||
|
27140000
|
trusted library allocation
|
page read and write
|
||
|
25E90000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
279D0000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
87BD000
|
heap
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
27A70000
|
trusted library allocation
|
page read and write
|
||
|
29627000
|
trusted library allocation
|
page read and write
|
||
|
27C21000
|
trusted library allocation
|
page read and write
|
||
|
275C0000
|
trusted library allocation
|
page read and write
|
||
|
25FE0000
|
trusted library allocation
|
page read and write
|
||
|
273C0000
|
trusted library allocation
|
page read and write
|
||
|
270E0000
|
trusted library allocation
|
page read and write
|
||
|
2216E000
|
stack
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
26F50000
|
trusted library allocation
|
page read and write
|
||
|
26FE0000
|
trusted library allocation
|
page read and write
|
||
|
1F77000
|
heap
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
27A60000
|
trusted library allocation
|
page read and write
|
||
|
38F9000
|
direct allocation
|
page read and write
|
||
|
27210000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
25750000
|
trusted library allocation
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
3430000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
281A7000
|
trusted library allocation
|
page read and write
|
||
|
8C90000
|
trusted library allocation
|
page execute and read and write
|
||
|
73AD000
|
stack
|
page read and write
|
||
|
25FF0000
|
trusted library allocation
|
page read and write
|
||
|
28357000
|
trusted library allocation
|
page read and write
|
||
|
27390000
|
trusted library allocation
|
page read and write
|
||
|
26F30000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
279F0000
|
trusted library allocation
|
page read and write
|
||
|
276F5000
|
heap
|
page read and write
|
||
|
2A01E000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
26AA0000
|
trusted library allocation
|
page read and write
|
||
|
24F10000
|
trusted library allocation
|
page read and write
|
||
|
3B18000
|
direct allocation
|
page read and write
|
||
|
6D30000
|
heap
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
2255E000
|
stack
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
21EAE000
|
stack
|
page execute and read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
24750000
|
trusted library allocation
|
page read and write
|
||
|
2D8FDC78000
|
heap
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
25FE0000
|
trusted library allocation
|
page read and write
|
||
|
27C50000
|
trusted library allocation
|
page read and write
|
||
|
1F65000
|
heap
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
6D4A000
|
heap
|
page read and write
|
||
|
26AE0000
|
trusted library allocation
|
page read and write
|
||
|
2A081000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
27A40000
|
trusted library allocation
|
page read and write
|
||
|
25FE0000
|
trusted library allocation
|
page read and write
|
||
|
7CC0000
|
trusted library allocation
|
page read and write
|
||
|
28A22000
|
trusted library allocation
|
page read and write
|
||
|
27930000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
23B6F000
|
trusted library allocation
|
page read and write
|
||
|
87AE000
|
stack
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
3269000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
25680000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
4808000
|
trusted library allocation
|
page read and write
|
||
|
88CF000
|
heap
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
27580000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
26031000
|
trusted library allocation
|
page read and write
|
||
|
27970000
|
trusted library allocation
|
page read and write
|
||
|
27A30000
|
trusted library allocation
|
page read and write
|
||
|
221D0000
|
trusted library allocation
|
page read and write
|
||
|
1B202000
|
heap
|
page read and write
|
||
|
6A4B000
|
stack
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
299E0000
|
trusted library allocation
|
page read and write
|
||
|
21D44000
|
direct allocation
|
page read and write
|
||
|
8890000
|
heap
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
27A10000
|
trusted library allocation
|
page read and write
|
||
|
5BF1000
|
trusted library allocation
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
221C0000
|
trusted library allocation
|
page read and write
|
||
|
286D8000
|
trusted library allocation
|
page read and write
|
||
|
27320000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
1B1CB000
|
heap
|
page read and write
|
||
|
27A7D000
|
trusted library allocation
|
page read and write
|
||
|
26950000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
426000
|
unkown
|
page execute and read and write
|
||
|
56B0000
|
trusted library allocation
|
page read and write
|
||
|
7B90000
|
trusted library allocation
|
page read and write
|
||
|
2230000
|
heap
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
1B64F000
|
stack
|
page read and write
|
||
|
270C0000
|
trusted library allocation
|
page read and write
|
||
|
3270000
|
trusted library allocation
|
page read and write
|
||
|
7EBC0000
|
direct allocation
|
page read and write
|
||
|
275AC000
|
trusted library allocation
|
page read and write
|
||
|
26AD0000
|
trusted library allocation
|
page read and write
|
||
|
27030000
|
trusted library allocation
|
page read and write
|
||
|
27970000
|
trusted library allocation
|
page read and write
|
||
|
26D75000
|
trusted library allocation
|
page read and write
|
||
|
279D0000
|
trusted library allocation
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
40A5000
|
direct allocation
|
page execute and read and write
|
||
|
27970000
|
trusted library allocation
|
page read and write
|
||
|
1DE0000
|
heap
|
page read and write
|
||
|
8558000
|
heap
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
27920000
|
trusted library allocation
|
page read and write
|
||
|
4D8000
|
unkown
|
page execute and read and write
|
||
|
26AD0000
|
trusted library allocation
|
page read and write
|
||
|
26AF0000
|
trusted library allocation
|
page read and write
|
||
|
275C0000
|
trusted library allocation
|
page read and write
|
||
|
279F0000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
26F9C000
|
trusted library allocation
|
page read and write
|
||
|
4507000
|
trusted library allocation
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
7C30000
|
trusted library allocation
|
page read and write
|
||
|
27580000
|
trusted library allocation
|
page read and write
|
||
|
28390000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
23DAA000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
25680000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
26AF0000
|
trusted library allocation
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
7E350000
|
direct allocation
|
page read and write
|
||
|
885B000
|
heap
|
page read and write
|
||
|
7670000
|
heap
|
page read and write
|
||
|
279D0000
|
trusted library allocation
|
page read and write
|
||
|
279D0000
|
trusted library allocation
|
page read and write
|
||
|
279E1000
|
trusted library allocation
|
page read and write
|
||
|
27390000
|
trusted library allocation
|
page read and write
|
||
|
5926000
|
trusted library allocation
|
page read and write
|
||
|
27A60000
|
trusted library allocation
|
page read and write
|
||
|
26AD0000
|
trusted library allocation
|
page read and write
|
||
|
24750000
|
trusted library allocation
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
25FF0000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
276F3000
|
heap
|
page read and write
|
||
|
34EC000
|
heap
|
page read and write
|
||
|
297A1000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
76FA000
|
heap
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
275B0000
|
trusted library allocation
|
page read and write
|
||
|
25680000
|
trusted library allocation
|
page read and write
|
||
|
53B1000
|
trusted library allocation
|
page read and write
|
||
|
276BF000
|
heap
|
page read and write
|
||
|
82E000
|
unkown
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
1F567000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
2774B000
|
heap
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
226D2000
|
heap
|
page read and write
|
||
|
1F550000
|
trusted library allocation
|
page read and write
|
||
|
27C50000
|
trusted library allocation
|
page read and write
|
||
|
23C94000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
21D68000
|
direct allocation
|
page read and write
|
||
|
785E000
|
stack
|
page read and write
|
||
|
27A70000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
289BA000
|
trusted library allocation
|
page read and write
|
||
|
23ECC000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
3253000
|
trusted library allocation
|
page execute and read and write
|
||
|
77DE000
|
stack
|
page read and write
|
||
|
77E0000
|
trusted library allocation
|
page read and write
|
||
|
8730000
|
trusted library allocation
|
page read and write
|
||
|
4F80000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
26AF0000
|
trusted library allocation
|
page read and write
|
||
|
273C0000
|
trusted library allocation
|
page read and write
|
||
|
893B000
|
heap
|
page read and write
|
||
|
827D000
|
stack
|
page read and write
|
||
|
22198000
|
trusted library allocation
|
page read and write
|
||
|
25680000
|
trusted library allocation
|
page read and write
|
||
|
279D0000
|
trusted library allocation
|
page read and write
|
||
|
7A8D000
|
heap
|
page read and write
|
||
|
C40000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
27C20000
|
trusted library allocation
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
26AB1000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
7BF0000
|
heap
|
page read and write
|
||
|
26950000
|
trusted library allocation
|
page read and write
|
||
|
26A90000
|
trusted library allocation
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
221C0000
|
trusted library allocation
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
1D00F000
|
stack
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
1D030000
|
heap
|
page read and write
|
||
|
32B0000
|
heap
|
page execute and read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
40A1000
|
direct allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
3450000
|
trusted library allocation
|
page read and write
|
||
|
27E73000
|
trusted library allocation
|
page read and write
|
||
|
29720000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
24750000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
3227000
|
heap
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
86E0000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
26AF0000
|
trusted library allocation
|
page read and write
|
||
|
1FCF0000
|
trusted library allocation
|
page read and write
|
||
|
27540000
|
trusted library allocation
|
page read and write
|
||
|
27692000
|
heap
|
page read and write
|
||
|
25690000
|
trusted library allocation
|
page read and write
|
||
|
772C000
|
heap
|
page read and write
|
||
|
1FD0E000
|
stack
|
page read and write
|
||
|
27970000
|
trusted library allocation
|
page read and write
|
||
|
24F30000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
22699000
|
heap
|
page read and write
|
||
|
270D0000
|
trusted library allocation
|
page read and write
|
||
|
22D5D000
|
heap
|
page read and write
|
||
|
26ADC000
|
trusted library allocation
|
page read and write
|
||
|
27070000
|
trusted library allocation
|
page read and write
|
||
|
27100000
|
trusted library allocation
|
page read and write
|
||
|
26AC0000
|
trusted library allocation
|
page read and write
|
||
|
26950000
|
trusted library allocation
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
851E000
|
heap
|
page read and write
|
||
|
22330000
|
trusted library allocation
|
page read and write
|
||
|
275E1000
|
heap
|
page read and write
|
||
|
79FC000
|
heap
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
29F41000
|
trusted library allocation
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
27130000
|
trusted library allocation
|
page read and write
|
||
|
27590000
|
trusted library allocation
|
page read and write
|
||
|
202FB000
|
heap
|
page read and write
|
||
|
26AB0000
|
trusted library allocation
|
page read and write
|
||
|
1B1C0000
|
heap
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
27970000
|
trusted library allocation
|
page read and write
|
||
|
23A60000
|
trusted library allocation
|
page read and write
|
||
|
279D0000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
6FF0000
|
trusted library allocation
|
page read and write
|
||
|
24F1C000
|
trusted library allocation
|
page read and write
|
||
|
527000
|
heap
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
26980000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
1CF0000
|
heap
|
page read and write
|
||
|
7BD0000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
25FE0000
|
trusted library allocation
|
page read and write
|
||
|
273BE000
|
trusted library allocation
|
page read and write
|
||
|
1CCC0000
|
heap
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
279D0000
|
trusted library allocation
|
page read and write
|
||
|
26950000
|
trusted library allocation
|
page read and write
|
||
|
27CC0000
|
trusted library allocation
|
page read and write
|
||
|
1F0E000
|
heap
|
page read and write
|
||
|
279D0000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
503D000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
8593000
|
heap
|
page read and write
|
||
|
74EA000
|
stack
|
page read and write
|
||
|
27970000
|
trusted library allocation
|
page read and write
|
||
|
1CEB6000
|
trusted library allocation
|
page read and write
|
||
|
25690000
|
trusted library allocation
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
273E0000
|
trusted library allocation
|
page read and write
|
||
|
8670000
|
heap
|
page read and write
|
||
|
25FE0000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
270C0000
|
trusted library allocation
|
page read and write
|
||
|
296B8000
|
trusted library allocation
|
page read and write
|
||
|
26AA0000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
27A60000
|
trusted library allocation
|
page read and write
|
||
|
27010000
|
trusted library allocation
|
page read and write
|
||
|
7920000
|
trusted library allocation
|
page read and write
|
||
|
7EBD0000
|
direct allocation
|
page read and write
|
||
|
257CC000
|
heap
|
page read and write
|
||
|
27CA0000
|
trusted library allocation
|
page read and write
|
||
|
3460000
|
trusted library allocation
|
page read and write
|
||
|
25FE0000
|
trusted library allocation
|
page read and write
|
||
|
2A56F000
|
trusted library allocation
|
page read and write
|
||
|
1FD80000
|
trusted library allocation
|
page read and write
|
||
|
25E80000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
1FD30000
|
trusted library allocation
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
273B0000
|
trusted library allocation
|
page read and write
|
||
|
23B4F000
|
trusted library allocation
|
page read and write
|
||
|
25790000
|
trusted library allocation
|
page read and write
|
||
|
27693000
|
heap
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
26AC0000
|
trusted library allocation
|
page read and write
|
||
|
21D5A000
|
direct allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
27970000
|
trusted library allocation
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
273A0000
|
trusted library allocation
|
page read and write
|
||
|
27970000
|
trusted library allocation
|
page read and write
|
||
|
773A000
|
heap
|
page read and write
|
||
|
2D8FDC7C000
|
heap
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
68BE000
|
stack
|
page read and write
|
||
|
2032C000
|
heap
|
page read and write
|
||
|
27040000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
25780000
|
trusted library allocation
|
page read and write
|
||
|
26AD0000
|
trusted library allocation
|
page read and write
|
||
|
86ED000
|
trusted library allocation
|
page read and write
|
||
|
24760000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
279D0000
|
trusted library allocation
|
page read and write
|
||
|
27140000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
25680000
|
trusted library allocation
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
27580000
|
trusted library allocation
|
page read and write
|
||
|
27390000
|
trusted library allocation
|
page read and write
|
||
|
416000
|
unkown
|
page readonly
|
||
|
26950000
|
trusted library allocation
|
page read and write
|
||
|
27190000
|
trusted library allocation
|
page read and write
|
||
|
27A80000
|
trusted library allocation
|
page read and write
|
||
|
27380000
|
trusted library allocation
|
page read and write
|
||
|
7C7E000
|
stack
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
1B1C0000
|
heap
|
page read and write
|
||
|
28B6E000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
279D0000
|
trusted library allocation
|
page read and write
|
||
|
273E0000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
8587000
|
heap
|
page read and write
|
||
|
26FA0000
|
trusted library allocation
|
page read and write
|
||
|
27A60000
|
trusted library allocation
|
page read and write
|
||
|
7B80000
|
trusted library allocation
|
page execute and read and write
|
||
|
7A11000
|
heap
|
page read and write
|
||
|
84A0000
|
heap
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
7677000
|
heap
|
page read and write
|
||
|
279D0000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
4C37000
|
trusted library allocation
|
page read and write
|
||
|
27070000
|
trusted library allocation
|
page read and write
|
||
|
890000
|
trusted library allocation
|
page read and write
|
||
|
26950000
|
trusted library allocation
|
page read and write
|
||
|
26AD0000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
25730000
|
trusted library allocation
|
page read and write
|
||
|
25FE0000
|
trusted library allocation
|
page read and write
|
||
|
24F40000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
2E89000
|
stack
|
page read and write
|
||
|
27550000
|
trusted library allocation
|
page read and write
|
||
|
614C000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
28540000
|
trusted library allocation
|
page read and write
|
||
|
27560000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
86E0000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
1B180000
|
heap
|
page read and write
|
||
|
27920000
|
trusted library allocation
|
page read and write
|
||
|
26030000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
4B88000
|
trusted library allocation
|
page read and write
|
||
|
27970000
|
trusted library allocation
|
page read and write
|
||
|
83E0000
|
trusted library allocation
|
page read and write
|
||
|
272E0000
|
trusted library allocation
|
page read and write
|
||
|
278E0000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
76D0000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
8516000
|
heap
|
page read and write
|
||
|
276BD000
|
heap
|
page read and write
|
||
|
B9E000
|
stack
|
page read and write
|
||
|
25FE0000
|
trusted library allocation
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
A9C000
|
stack
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
8600000
|
trusted library allocation
|
page read and write
|
||
|
21EEE000
|
stack
|
page read and write
|
||
|
281DA000
|
trusted library allocation
|
page read and write
|
||
|
269D0000
|
trusted library allocation
|
page read and write
|
||
|
8A70000
|
trusted library allocation
|
page execute and read and write
|
||
|
86CE000
|
stack
|
page read and write
|
||
|
26AE0000
|
trusted library allocation
|
page read and write
|
||
|
1B1D6000
|
heap
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
53CA000
|
trusted library allocation
|
page read and write
|
||
|
25A21000
|
heap
|
page read and write
|
||
|
27C21000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
7EAA0000
|
direct allocation
|
page read and write
|
||
|
7380000
|
heap
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
27A00000
|
trusted library allocation
|
page read and write
|
||
|
6FD0000
|
trusted library allocation
|
page read and write
|
||
|
26030000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
25780000
|
trusted library allocation
|
page read and write
|
||
|
7C20000
|
trusted library allocation
|
page read and write
|
||
|
7C50000
|
trusted library allocation
|
page read and write
|
||
|
1B1CE000
|
heap
|
page read and write
|
||
|
26AE0000
|
trusted library allocation
|
page read and write
|
||
|
28F41000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
27110000
|
trusted library allocation
|
page read and write
|
||
|
6B92000
|
heap
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
77CB000
|
heap
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
7F2F8000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B40000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
258E0000
|
trusted library allocation
|
page read and write
|
||
|
27684000
|
heap
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
27110000
|
trusted library allocation
|
page read and write
|
||
|
25FE0000
|
trusted library allocation
|
page read and write
|
||
|
887000
|
heap
|
page read and write
|
||
|
893000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D46000
|
trusted library allocation
|
page read and write
|
||
|
24750000
|
trusted library allocation
|
page read and write
|
||
|
270AC000
|
trusted library allocation
|
page read and write
|
||
|
26010000
|
trusted library allocation
|
page read and write
|
||
|
273B0000
|
trusted library allocation
|
page read and write
|
||
|
26AD0000
|
trusted library allocation
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
25680000
|
trusted library allocation
|
page read and write
|
||
|
73EB000
|
stack
|
page read and write
|
||
|
27CC0000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
27678000
|
heap
|
page read and write
|
||
|
26B80000
|
trusted library allocation
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
273A0000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
279F0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
270D0000
|
trusted library allocation
|
page read and write
|
||
|
1CC9E000
|
stack
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
25FE0000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
879E000
|
heap
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
559B000
|
trusted library allocation
|
page read and write
|
||
|
85FB000
|
trusted library allocation
|
page read and write
|
||
|
27970000
|
trusted library allocation
|
page read and write
|
||
|
273F0000
|
trusted library allocation
|
page read and write
|
||
|
293F5000
|
trusted library allocation
|
page read and write
|
||
|
1B1E1000
|
heap
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
79C5000
|
heap
|
page read and write
|
||
|
26AC0000
|
trusted library allocation
|
page read and write
|
||
|
27970000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
26AE0000
|
trusted library allocation
|
page read and write
|
||
|
24FB0000
|
trusted library allocation
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
1FD20000
|
trusted library allocation
|
page read and write
|
||
|
7726000
|
heap
|
page read and write
|
||
|
25FE0000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
25750000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
24EF0000
|
trusted library allocation
|
page read and write
|
||
|
327E000
|
stack
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
8B3D000
|
stack
|
page read and write
|
||
|
26960000
|
trusted library allocation
|
page read and write
|
||
|
8857000
|
heap
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
1B124000
|
trusted library allocation
|
page read and write
|
||
|
26F70000
|
trusted library allocation
|
page read and write
|
||
|
26030000
|
trusted library allocation
|
page read and write
|
||
|
27900000
|
trusted library allocation
|
page read and write
|
||
|
8894000
|
heap
|
page read and write
|
||
|
4DAD000
|
stack
|
page read and write
|
||
|
25FE0000
|
trusted library allocation
|
page read and write
|
||
|
275CF000
|
trusted library allocation
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
227A0000
|
trusted library allocation
|
page read and write
|
||
|
25680000
|
trusted library allocation
|
page read and write
|
||
|
5AEB000
|
trusted library allocation
|
page read and write
|
||
|
2768F000
|
heap
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
5D87000
|
trusted library allocation
|
page read and write
|
||
|
4F4D000
|
stack
|
page read and write
|
||
|
D0F000
|
stack
|
page read and write
|
||
|
222BE000
|
stack
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
26AA0000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
2949D000
|
trusted library allocation
|
page read and write
|
||
|
25FE0000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
25790000
|
trusted library allocation
|
page read and write
|
||
|
27A20000
|
trusted library allocation
|
page read and write
|
||
|
7B50000
|
trusted library allocation
|
page read and write
|
||
|
85C4000
|
heap
|
page read and write
|
||
|
279E0000
|
trusted library allocation
|
page read and write
|
||
|
26970000
|
trusted library allocation
|
page read and write
|
||
|
25680000
|
trusted library allocation
|
page read and write
|
||
|
24F20000
|
trusted library allocation
|
page read and write
|
||
|
27110000
|
trusted library allocation
|
page read and write
|
||
|
89F000
|
stack
|
page read and write
|
||
|
2D8FDE70000
|
heap
|
page read and write
|
||
|
84B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
256B0000
|
trusted library allocation
|
page read and write
|
||
|
27A50000
|
trusted library allocation
|
page read and write
|
||
|
2030B000
|
heap
|
page read and write
|
||
|
279D0000
|
trusted library allocation
|
page read and write
|