Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
FortniteHack.exe1.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Dllhost\WinRing0x64.sys
|
PE32+ executable (native) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6Y9CVTAOHZQ67PGGTWC454FW0.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
modified
|
|
|
|
C:\ProgramData\Dllhost\winlogson.exe
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
modified
|
||
|
C:\ProgramData\HostData\logs.uce
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_FortniteHack.exe_77e1171ff451da10852a4338d6cafd15dac29fca_626e8a90_b8a231f8-c2d9-4ed8-8bea-c60f0fa0f86a\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB381.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Mar 13 12:35:12 2025, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB43D.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB47D.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2i1fhcct.5u2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3dx30wkz.rrh.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kilhamhh.aab.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tbk3rbsf.ylw.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\logs.uce
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve.LOG1
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\logs.uce
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 8 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\FortniteHack.exe1.exe
|
"C:\Users\user\Desktop\FortniteHack.exe1.exe"
|
|
|
|
C:\Users\user\Desktop\FortniteHack.exe1.exe
|
"C:\Users\user\Desktop\FortniteHack.exe1.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\6Y9CVTAOHZQ67PGGTWC454FW0.exe
|
"C:\Users\user\AppData\Local\Temp\6Y9CVTAOHZQ67PGGTWC454FW0.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"cmd.exe" /C powershell -EncodedCommand "PAAjAFUAagBvAGkATwBEAFQAbgAjAD4AIABBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAEEAZQBzACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAGQAOQA2AGYAYwBEAHYAYwBjADUAIwA+ACAALQBGAG8AcgBjAGUAIAA8ACMAWQBKAE8AUwA4AHgAIwA+AA=="
& powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg
/x -standby-timeout-dc 0 & powercfg /hibernate off
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
powershell -EncodedCommand "PAAjAFUAagBvAGkATwBEAFQAbgAjAD4AIABBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAEEAZQBzACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAGQAOQA2AGYAYwBEAHYAYwBjADUAIwA+ACAALQBGAG8AcgBjAGUAIAA8ACMAWQBKAE8AUwA4AHgAIwA+AA=="
|
|
|
|
C:\Windows\SysWOW64\powercfg.exe
|
powercfg /x -hibernate-timeout-ac 0
|
|
|
|
C:\Windows\SysWOW64\powercfg.exe
|
powercfg /x -hibernate-timeout-dc 0
|
|
|
|
C:\Windows\SysWOW64\powercfg.exe
|
powercfg /x -standby-timeout-ac 0
|
|
|
|
C:\Windows\SysWOW64\powercfg.exe
|
powercfg /x -standby-timeout-dc 0
|
|
|
|
C:\Windows\SysWOW64\powercfg.exe
|
powercfg /hibernate off
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"cmd.exe" /c SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "dllhost" /TR "C:\ProgramData\Dllhost\dllhost.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"cmd.exe" /c SCHTASKS /CREATE /SC HOURLY /TN "NvStray\NvStrayService_bk4422" /TR "C:\ProgramData\Dllhost\dllhost.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "dllhost" /TR "C:\ProgramData\Dllhost\dllhost.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
SCHTASKS /CREATE /SC HOURLY /TN "NvStray\NvStrayService_bk4422" /TR "C:\ProgramData\Dllhost\dllhost.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 6684 -s 392
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 10 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://185.215.113.51/WatchDog.exe
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696506299400400001.1&ci=1696506299033.12791&cta
|
unknown
|
||
|
https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_cd61a4703a8613be887576f2bd084bcc6f4756dccdbe5062
|
unknown
|
||
|
bugildbett.top/bAuz
|
|||
|
https://citydisco.bet/gdJISHm
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://aka.ms/pscore6
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://185.215.113.51/WatchDog.exeEhttp://185.215.113.51/lolMiner.exe?http://185.215.113.51/xmrig.ex
|
unknown
|
||
|
citydisco.bet/gdJIS
|
|||
|
https://www.google.com/images/branding/product/ico/googleg_alldp.ico
|
unknown
|
||
|
https://citydisco.bet/gdJISl
|
unknown
|
||
|
https://citydisco.bet/
|
unknown
|
||
|
http://185.215.113.51/52
|
unknown
|
||
|
http://x1.c.lencr.org/0
|
unknown
|
||
|
http://x1.i.lencr.org/0
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://185.215.113.51/WinRing0x64.sys
|
185.215.113.51
|
||
|
http://www.microsoft.cE
|
unknown
|
||
|
https://support.mozilla.org/products/firefoxgro.all
|
unknown
|
||
|
https://pastebin.com/raw/YpJeSRBC
|
172.67.19.24
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://185.215.113.51/lolMiner.exe
|
unknown
|
||
|
cjlaspcorne.icu/DbIps
|
|||
|
http://185.215.113.51/conhost.exeY
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696506299400400001.2&ci=1696506299033.
|
unknown
|
||
|
mrodularmall.top/aNzS
|
|||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://185.215.113.51/
|
unknown
|
||
|
http://185.215.113.51/conhost.exe
|
unknown
|
||
|
http://185.215.113.51/conhost.exeP
|
unknown
|
||
|
http://pastebin.coml
|
unknown
|
||
|
http://185.215.113.51/e
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://crl.rootca1.amazontrust.com/rootca1.crl0
|
unknown
|
||
|
https://ac.ecosia.org?q=
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://ocsp.rootca1.amazontrust.com0:
|
unknown
|
||
|
jowinjoinery.icu/bdWUa
|
|||
|
legenassedk.top/bdpWO
|
|||
|
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://185.215.113.51
|
unknown
|
||
|
https://citydisco.bet/gdJISPrZo
|
unknown
|
||
|
http://185.215.113.51/xmrig.exe
|
185.215.113.51
|
||
|
featureccus.shop/bdMAn
|
|||
|
http://185.215.113.51H
|
unknown
|
||
|
https://www.ecosia.org/newtab/v20
|
unknown
|
||
|
https://citydisco.bet/gdJIS-
|
unknown
|
||
|
htardwarehu.icu/Sbdsa
|
|||
|
https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
|
unknown
|
||
|
https://citydisco.bet/gdJISX$
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtabv20R
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
http://crt.rootca1.amazontrust.com/rootca1.cer0?
|
unknown
|
||
|
https://www.invisalign.com/?utm_source=admarketplace&utm_medium=paidsearch&utm_campaign=Invisalign&u
|
unknown
|
||
|
https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4CbmfQq%2B4pbW4pbWfpbX7ReNxR3UIG8zInwYIFIVs9e
|
unknown
|
||
|
https://contile-images.services.mozilla.com/CuERQnIs4CzqjKBh9os6_h9d4CUDCHO3oiqmAQO6VLM.25122.jpg
|
unknown
|
||
|
https://citydisco.bet/gdJIS
|
188.114.96.3
|
||
|
http://185.215.113.51/conhost.exem
|
unknown
|
||
|
http://pastebin.com
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
https://pastebin.com
|
unknown
|
||
|
https://gemini.google.com/app?q=
|
unknown
|
||
|
http://185.215.113.51/WinRing0x64.sysChttps://pastebin.com/raw/YpJeSRBC
|
unknown
|
||
|
http://crl.microsoft.p
|
unknown
|
There are 63 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
citydisco.bet
|
188.114.96.3
|
||
|
pastebin.com
|
172.67.19.24
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.19.24
|
pastebin.com
|
United States
|
||
|
188.114.96.3
|
citydisco.bet
|
European Union
|
||
|
185.215.113.51
|
unknown
|
Portugal
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{167ff8de-966e-58ad-de99-9bdc013c5b9a}\Root\InventoryApplicationFile\fortnitehack.exe|41a92161ab57a8
|
ProgramId
|
||
|
\REGISTRY\A\{167ff8de-966e-58ad-de99-9bdc013c5b9a}\Root\InventoryApplicationFile\fortnitehack.exe|41a92161ab57a8
|
FileId
|
||
|
\REGISTRY\A\{167ff8de-966e-58ad-de99-9bdc013c5b9a}\Root\InventoryApplicationFile\fortnitehack.exe|41a92161ab57a8
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{167ff8de-966e-58ad-de99-9bdc013c5b9a}\Root\InventoryApplicationFile\fortnitehack.exe|41a92161ab57a8
|
LongPathHash
|
||
|
\REGISTRY\A\{167ff8de-966e-58ad-de99-9bdc013c5b9a}\Root\InventoryApplicationFile\fortnitehack.exe|41a92161ab57a8
|
Name
|
||
|
\REGISTRY\A\{167ff8de-966e-58ad-de99-9bdc013c5b9a}\Root\InventoryApplicationFile\fortnitehack.exe|41a92161ab57a8
|
OriginalFileName
|
||
|
\REGISTRY\A\{167ff8de-966e-58ad-de99-9bdc013c5b9a}\Root\InventoryApplicationFile\fortnitehack.exe|41a92161ab57a8
|
Publisher
|
||
|
\REGISTRY\A\{167ff8de-966e-58ad-de99-9bdc013c5b9a}\Root\InventoryApplicationFile\fortnitehack.exe|41a92161ab57a8
|
Version
|
||
|
\REGISTRY\A\{167ff8de-966e-58ad-de99-9bdc013c5b9a}\Root\InventoryApplicationFile\fortnitehack.exe|41a92161ab57a8
|
BinFileVersion
|
||
|
\REGISTRY\A\{167ff8de-966e-58ad-de99-9bdc013c5b9a}\Root\InventoryApplicationFile\fortnitehack.exe|41a92161ab57a8
|
BinaryType
|
||
|
\REGISTRY\A\{167ff8de-966e-58ad-de99-9bdc013c5b9a}\Root\InventoryApplicationFile\fortnitehack.exe|41a92161ab57a8
|
ProductName
|
||
|
\REGISTRY\A\{167ff8de-966e-58ad-de99-9bdc013c5b9a}\Root\InventoryApplicationFile\fortnitehack.exe|41a92161ab57a8
|
ProductVersion
|
||
|
\REGISTRY\A\{167ff8de-966e-58ad-de99-9bdc013c5b9a}\Root\InventoryApplicationFile\fortnitehack.exe|41a92161ab57a8
|
LinkDate
|
||
|
\REGISTRY\A\{167ff8de-966e-58ad-de99-9bdc013c5b9a}\Root\InventoryApplicationFile\fortnitehack.exe|41a92161ab57a8
|
BinProductVersion
|
||
|
\REGISTRY\A\{167ff8de-966e-58ad-de99-9bdc013c5b9a}\Root\InventoryApplicationFile\fortnitehack.exe|41a92161ab57a8
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{167ff8de-966e-58ad-de99-9bdc013c5b9a}\Root\InventoryApplicationFile\fortnitehack.exe|41a92161ab57a8
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{167ff8de-966e-58ad-de99-9bdc013c5b9a}\Root\InventoryApplicationFile\fortnitehack.exe|41a92161ab57a8
|
Size
|
||
|
\REGISTRY\A\{167ff8de-966e-58ad-de99-9bdc013c5b9a}\Root\InventoryApplicationFile\fortnitehack.exe|41a92161ab57a8
|
Language
|
||
|
\REGISTRY\A\{167ff8de-966e-58ad-de99-9bdc013c5b9a}\Root\InventoryApplicationFile\fortnitehack.exe|41a92161ab57a8
|
Usn
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\6Y9CVTAOHZQ67PGGTWC454FW0_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\6Y9CVTAOHZQ67PGGTWC454FW0_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\6Y9CVTAOHZQ67PGGTWC454FW0_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\6Y9CVTAOHZQ67PGGTWC454FW0_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\6Y9CVTAOHZQ67PGGTWC454FW0_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\6Y9CVTAOHZQ67PGGTWC454FW0_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\6Y9CVTAOHZQ67PGGTWC454FW0_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\6Y9CVTAOHZQ67PGGTWC454FW0_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\6Y9CVTAOHZQ67PGGTWC454FW0_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\6Y9CVTAOHZQ67PGGTWC454FW0_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\6Y9CVTAOHZQ67PGGTWC454FW0_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\6Y9CVTAOHZQ67PGGTWC454FW0_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\6Y9CVTAOHZQ67PGGTWC454FW0_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\6Y9CVTAOHZQ67PGGTWC454FW0_RASMANCS
|
FileDirectory
|
There are 24 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
347E000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
278D000
|
heap
|
page read and write
|
|
|
|
4A8000
|
heap
|
page read and write
|
||
|
C7C000
|
heap
|
page read and write
|
||
|
28BD000
|
stack
|
page read and write
|
||
|
7520000
|
heap
|
page read and write
|
||
|
7DB0000
|
trusted library allocation
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
544E000
|
stack
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
35AD000
|
trusted library allocation
|
page read and write
|
||
|
34A4000
|
trusted library allocation
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
391B000
|
trusted library allocation
|
page read and write
|
||
|
348C000
|
stack
|
page read and write
|
||
|
35FF000
|
trusted library allocation
|
page read and write
|
||
|
6C4E000
|
stack
|
page read and write
|
||
|
3FD000
|
stack
|
page read and write
|
||
|
C8D000
|
heap
|
page read and write
|
||
|
3652000
|
trusted library allocation
|
page read and write
|
||
|
C79000
|
heap
|
page read and write
|
||
|
35E9000
|
trusted library allocation
|
page read and write
|
||
|
35E0000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
F26000
|
unkown
|
page write copy
|
||
|
7310000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
C8B000
|
heap
|
page read and write
|
||
|
78F000
|
stack
|
page read and write
|
||
|
5EDD000
|
stack
|
page read and write
|
||
|
3580000
|
heap
|
page read and write
|
||
|
7EE0000
|
trusted library allocation
|
page read and write
|
||
|
7F050000
|
trusted library allocation
|
page execute and read and write
|
||
|
6CCE000
|
stack
|
page read and write
|
||
|
E91000
|
unkown
|
page execute read
|
||
|
75AF000
|
stack
|
page read and write
|
||
|
E90000
|
unkown
|
page readonly
|
||
|
C60000
|
heap
|
page read and write
|
||
|
E5D000
|
stack
|
page read and write
|
||
|
ED2000
|
unkown
|
page readonly
|
||
|
140D000
|
stack
|
page read and write
|
||
|
35D9000
|
trusted library allocation
|
page read and write
|
||
|
35A1000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
35B1000
|
trusted library allocation
|
page read and write
|
||
|
14D2000
|
trusted library allocation
|
page read and write
|
||
|
35B0000
|
trusted library allocation
|
page read and write
|
||
|
65CE000
|
stack
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
344E000
|
stack
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
2C1A000
|
heap
|
page read and write
|
||
|
35C1000
|
trusted library allocation
|
page read and write
|
||
|
C4E000
|
stack
|
page read and write
|
||
|
7E20000
|
heap
|
page read and write
|
||
|
BEA000
|
heap
|
page read and write
|
||
|
3195000
|
trusted library allocation
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
35E9000
|
trusted library allocation
|
page read and write
|
||
|
35BD000
|
trusted library allocation
|
page read and write
|
||
|
C8D000
|
heap
|
page read and write
|
||
|
5DC000
|
stack
|
page read and write
|
||
|
C7B000
|
heap
|
page read and write
|
||
|
7FDB000
|
heap
|
page read and write
|
||
|
44EE000
|
stack
|
page read and write
|
||
|
72D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
35E9000
|
trusted library allocation
|
page read and write
|
||
|
724F000
|
stack
|
page read and write
|
||
|
15D000
|
stack
|
page read and write
|
||
|
3340000
|
heap
|
page execute and read and write
|
||
|
C8C000
|
heap
|
page read and write
|
||
|
35B9000
|
trusted library allocation
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
7E1D000
|
stack
|
page read and write
|
||
|
C8B000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
962000
|
heap
|
page read and write
|
||
|
91E000
|
stack
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
458D000
|
stack
|
page read and write
|
||
|
2C6F000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
49E000
|
stack
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
35A8000
|
trusted library allocation
|
page read and write
|
||
|
C6F000
|
stack
|
page read and write
|
||
|
C67000
|
heap
|
page read and write
|
||
|
2B31000
|
trusted library allocation
|
page execute read
|
||
|
718E000
|
stack
|
page read and write
|
||
|
C7D000
|
heap
|
page read and write
|
||
|
5AED000
|
trusted library allocation
|
page read and write
|
||
|
4B8000
|
heap
|
page read and write
|
||
|
69BE000
|
stack
|
page read and write
|
||
|
8206000
|
trusted library allocation
|
page read and write
|
||
|
35FE000
|
trusted library allocation
|
page read and write
|
||
|
2B00000
|
trusted library allocation
|
page read and write
|
||
|
3448000
|
trusted library allocation
|
page read and write
|
||
|
35A2000
|
trusted library allocation
|
page read and write
|
||
|
71B0000
|
trusted library allocation
|
page read and write
|
||
|
81EF000
|
stack
|
page read and write
|
||
|
4545000
|
heap
|
page execute and read and write
|
||
|
4351000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
648000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
C66000
|
heap
|
page read and write
|
||
|
2ECD000
|
stack
|
page read and write
|
||
|
35B1000
|
trusted library allocation
|
page read and write
|
||
|
35C1000
|
trusted library allocation
|
page read and write
|
||
|
35D9000
|
trusted library allocation
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
856D000
|
stack
|
page read and write
|
||
|
35DA000
|
trusted library allocation
|
page read and write
|
||
|
35A1000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
FFC60000
|
trusted library allocation
|
page execute and read and write
|
||
|
C8C000
|
heap
|
page read and write
|
||
|
6B0E000
|
stack
|
page read and write
|
||
|
35B8000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
35D8000
|
trusted library allocation
|
page read and write
|
||
|
17AE000
|
stack
|
page read and write
|
||
|
35B1000
|
trusted library allocation
|
page read and write
|
||
|
756E000
|
stack
|
page read and write
|
||
|
786E000
|
stack
|
page read and write
|
||
|
35B4000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
2A1E000
|
stack
|
page read and write
|
||
|
7F068000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A4E000
|
stack
|
page read and write
|
||
|
314E000
|
stack
|
page read and write
|
||
|
5AE8000
|
trusted library allocation
|
page read and write
|
||
|
3B7E000
|
stack
|
page read and write
|
||
|
7380000
|
trusted library allocation
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
C8C000
|
heap
|
page read and write
|
||
|
1490000
|
trusted library allocation
|
page read and write
|
||
|
C5B000
|
heap
|
page read and write
|
||
|
C99000
|
heap
|
page read and write
|
||
|
14E2000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
7E97000
|
trusted library allocation
|
page read and write
|
||
|
35E1000
|
trusted library allocation
|
page read and write
|
||
|
7091000
|
heap
|
page read and write
|
||
|
35DF000
|
trusted library allocation
|
page read and write
|
||
|
977000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
314F000
|
stack
|
page read and write
|
||
|
F2F000
|
unkown
|
page write copy
|
||
|
C77000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
2BBB000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
C95000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
8FD000
|
stack
|
page read and write
|
||
|
4999000
|
trusted library allocation
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
3190000
|
trusted library allocation
|
page read and write
|
||
|
C8F000
|
heap
|
page read and write
|
||
|
315E000
|
unkown
|
page read and write
|
||
|
BD2000
|
heap
|
page read and write
|
||
|
BEE000
|
heap
|
page read and write
|
||
|
C7D000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
C8B000
|
heap
|
page read and write
|
||
|
3953000
|
trusted library allocation
|
page read and write
|
||
|
35DB000
|
trusted library allocation
|
page read and write
|
||
|
6CEF000
|
heap
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
35AB000
|
trusted library allocation
|
page read and write
|
||
|
B3F000
|
unkown
|
page read and write
|
||
|
C4B000
|
heap
|
page read and write
|
||
|
997000
|
heap
|
page read and write
|
||
|
387A000
|
trusted library allocation
|
page read and write
|
||
|
144E000
|
stack
|
page read and write
|
||
|
70F7000
|
heap
|
page read and write
|
||
|
35D0000
|
trusted library allocation
|
page read and write
|
||
|
35B7000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
3874000
|
trusted library allocation
|
page read and write
|
||
|
F1B000
|
unkown
|
page readonly
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
35C9000
|
trusted library allocation
|
page read and write
|
||
|
84E9000
|
stack
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
F27000
|
unkown
|
page read and write
|
||
|
C83000
|
heap
|
page read and write
|
||
|
83EE000
|
stack
|
page read and write
|
||
|
1661000
|
heap
|
page read and write
|
||
|
6ACE000
|
stack
|
page read and write
|
||
|
446C000
|
stack
|
page read and write
|
||
|
6D69000
|
heap
|
page read and write
|
||
|
BBC000
|
heap
|
page read and write
|
||
|
3180000
|
trusted library allocation
|
page read and write
|
||
|
35E1000
|
trusted library allocation
|
page read and write
|
||
|
5AD4000
|
trusted library allocation
|
page read and write
|
||
|
2A58000
|
heap
|
page read and write
|
||
|
59A9000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
C81000
|
heap
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
35B0000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
35B8000
|
trusted library allocation
|
page read and write
|
||
|
35B0000
|
trusted library allocation
|
page read and write
|
||
|
76B000
|
stack
|
page read and write
|
||
|
35B1000
|
trusted library allocation
|
page read and write
|
||
|
3870000
|
trusted library allocation
|
page read and write
|
||
|
35CE000
|
trusted library allocation
|
page read and write
|
||
|
3188000
|
trusted library allocation
|
page read and write
|
||
|
310F000
|
stack
|
page read and write
|
||
|
149D000
|
trusted library allocation
|
page execute and read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
5AF5000
|
trusted library allocation
|
page read and write
|
||
|
C8E000
|
heap
|
page read and write
|
||
|
7F8E000
|
heap
|
page read and write
|
||
|
6D64000
|
heap
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
5C1E000
|
stack
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
158E000
|
stack
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
2FCD000
|
stack
|
page read and write
|
||
|
35A8000
|
trusted library allocation
|
page read and write
|
||
|
85EC000
|
stack
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
3405000
|
trusted library allocation
|
page read and write
|
||
|
8142000
|
trusted library allocation
|
page read and write
|
||
|
35C1000
|
trusted library allocation
|
page read and write
|
||
|
2A88000
|
trusted library allocation
|
page read and write
|
||
|
44AC000
|
stack
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
35CA000
|
trusted library allocation
|
page read and write
|
||
|
35A8000
|
trusted library allocation
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
C7C000
|
heap
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
32DE000
|
stack
|
page read and write
|
||
|
C8B000
|
heap
|
page read and write
|
||
|
505D000
|
trusted library allocation
|
page read and write
|
||
|
300E000
|
stack
|
page read and write
|
||
|
C81000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
7084000
|
heap
|
page read and write
|
||
|
2B98000
|
heap
|
page read and write
|
||
|
361F000
|
trusted library allocation
|
page read and write
|
||
|
C7B000
|
heap
|
page read and write
|
||
|
36A1000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
7F40000
|
heap
|
page read and write
|
||
|
35DE000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
6A4D000
|
stack
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
5C5E000
|
stack
|
page read and write
|
||
|
35C7000
|
trusted library allocation
|
page read and write
|
||
|
94C000
|
heap
|
page read and write
|
||
|
C81000
|
heap
|
page read and write
|
||
|
C7F000
|
heap
|
page read and write
|
||
|
15E4000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
35A8000
|
trusted library allocation
|
page read and write
|
||
|
8DE000
|
stack
|
page read and write
|
||
|
F26000
|
unkown
|
page write copy
|
||
|
44E000
|
stack
|
page read and write
|
||
|
3538000
|
trusted library allocation
|
page read and write
|
||
|
14D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
35AE000
|
trusted library allocation
|
page read and write
|
||
|
3341000
|
heap
|
page read and write
|
||
|
5AE5000
|
trusted library allocation
|
page read and write
|
||
|
7099000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
751E000
|
stack
|
page read and write
|
||
|
2E7F000
|
stack
|
page read and write
|
||
|
BEC000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
33DE000
|
stack
|
page read and write
|
||
|
35C1000
|
trusted library allocation
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
C7B000
|
heap
|
page read and write
|
||
|
8373000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
72E0000
|
trusted library allocation
|
page read and write
|
||
|
C75000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
F1B000
|
unkown
|
page readonly
|
||
|
35C1000
|
trusted library allocation
|
page read and write
|
||
|
C8F000
|
heap
|
page read and write
|
||
|
988000
|
heap
|
page read and write
|
||
|
6A8B000
|
stack
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
35A5000
|
trusted library allocation
|
page read and write
|
||
|
6FD000
|
stack
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
2AF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
35A7000
|
trusted library allocation
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
3455000
|
trusted library allocation
|
page read and write
|
||
|
7F48000
|
heap
|
page read and write
|
||
|
714E000
|
stack
|
page read and write
|
||
|
341B000
|
trusted library allocation
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
3659000
|
trusted library allocation
|
page read and write
|
||
|
6C8E000
|
stack
|
page read and write
|
||
|
3302000
|
trusted library allocation
|
page read and write
|
||
|
5949000
|
trusted library allocation
|
page read and write
|
||
|
35C1000
|
trusted library allocation
|
page read and write
|
||
|
458000
|
heap
|
page read and write
|
||
|
2E3E000
|
stack
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
2AA0000
|
heap
|
page read and write
|
||
|
35C1000
|
trusted library allocation
|
page read and write
|
||
|
7F4C000
|
heap
|
page read and write
|
||
|
BEA000
|
heap
|
page read and write
|
||
|
1590000
|
heap
|
page read and write
|
||
|
34A8000
|
trusted library allocation
|
page read and write
|
||
|
428A000
|
trusted library allocation
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
35A3000
|
trusted library allocation
|
page read and write
|
||
|
47F000
|
stack
|
page read and write
|
||
|
14EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
35B8000
|
trusted library allocation
|
page read and write
|
||
|
7101000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
C8E000
|
heap
|
page read and write
|
||
|
394B000
|
trusted library allocation
|
page read and write
|
||
|
8DE000
|
stack
|
page read and write
|
||
|
C76000
|
heap
|
page read and write
|
||
|
C9E000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
2A04000
|
trusted library allocation
|
page read and write
|
||
|
C81000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
C4E000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
35C0000
|
trusted library allocation
|
page read and write
|
||
|
4DF000
|
stack
|
page read and write
|
||
|
6CD0000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
8160000
|
trusted library allocation
|
page execute and read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
F69000
|
stack
|
page read and write
|
||
|
C7B000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
3438000
|
trusted library allocation
|
page read and write
|
||
|
786000
|
heap
|
page read and write
|
||
|
15BA000
|
heap
|
page read and write
|
||
|
C7F000
|
heap
|
page read and write
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
3611000
|
trusted library allocation
|
page read and write
|
||
|
C84000
|
heap
|
page read and write
|
||
|
2A0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3160000
|
trusted library allocation
|
page read and write
|
||
|
35B1000
|
trusted library allocation
|
page read and write
|
||
|
E80000
|
remote allocation
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
35C1000
|
trusted library allocation
|
page read and write
|
||
|
C79000
|
heap
|
page read and write
|
||
|
F2F000
|
unkown
|
page write copy
|
||
|
70E5000
|
heap
|
page read and write
|
||
|
3609000
|
trusted library allocation
|
page read and write
|
||
|
C0B000
|
heap
|
page read and write
|
||
|
E91000
|
unkown
|
page execute read
|
||
|
704E000
|
stack
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
14E0000
|
trusted library allocation
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
C8D000
|
heap
|
page read and write
|
||
|
C9B000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
C75000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
35A1000
|
trusted library allocation
|
page read and write
|
||
|
3601000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
3426000
|
trusted library allocation
|
page read and write
|
||
|
D41000
|
heap
|
page read and write
|
||
|
35C1000
|
trusted library allocation
|
page read and write
|
||
|
796E000
|
stack
|
page read and write
|
||
|
35A6000
|
trusted library allocation
|
page read and write
|
||
|
7FF2000
|
heap
|
page read and write
|
||
|
5923000
|
heap
|
page read and write
|
||
|
C83000
|
heap
|
page read and write
|
||
|
35DF000
|
trusted library allocation
|
page read and write
|
||
|
363A000
|
trusted library allocation
|
page read and write
|
||
|
327D000
|
trusted library allocation
|
page read and write
|
||
|
3290000
|
trusted library allocation
|
page read and write
|
||
|
C8E000
|
heap
|
page read and write
|
||
|
89E000
|
stack
|
page read and write
|
||
|
35C1000
|
trusted library allocation
|
page read and write
|
||
|
35EC000
|
trusted library allocation
|
page read and write
|
||
|
C8B000
|
heap
|
page read and write
|
||
|
7105000
|
heap
|
page read and write
|
||
|
6F12000
|
heap
|
page read and write
|
||
|
35B0000
|
trusted library allocation
|
page read and write
|
||
|
33AE000
|
trusted library allocation
|
page read and write
|
||
|
15D8000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
6E3E000
|
stack
|
page read and write
|
||
|
98E000
|
stack
|
page read and write
|
||
|
4379000
|
trusted library allocation
|
page read and write
|
||
|
C8B000
|
heap
|
page read and write
|
||
|
7E6E000
|
stack
|
page read and write
|
||
|
35D9000
|
trusted library allocation
|
page read and write
|
||
|
3256000
|
trusted library allocation
|
page read and write
|
||
|
35B2000
|
trusted library allocation
|
page read and write
|
||
|
F2A000
|
unkown
|
page readonly
|
||
|
B84000
|
heap
|
page read and write
|
||
|
3943000
|
trusted library allocation
|
page read and write
|
||
|
60E000
|
stack
|
page read and write
|
||
|
66CD000
|
stack
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
728E000
|
stack
|
page read and write
|
||
|
35A2000
|
trusted library allocation
|
page read and write
|
||
|
2A35000
|
trusted library allocation
|
page execute and read and write
|
||
|
4EA8000
|
trusted library allocation
|
page read and write
|
||
|
3A7E000
|
stack
|
page read and write
|
||
|
351F000
|
stack
|
page read and write
|
||
|
715E000
|
stack
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
694E000
|
stack
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
7EA0000
|
trusted library allocation
|
page read and write
|
||
|
14CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F5C000
|
heap
|
page read and write
|
||
|
35D8000
|
trusted library allocation
|
page read and write
|
||
|
326E000
|
trusted library allocation
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
71C0000
|
heap
|
page execute and read and write
|
||
|
C7F000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
3631000
|
trusted library allocation
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
278D000
|
trusted library allocation
|
page read and write
|
||
|
697E000
|
stack
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
35B0000
|
trusted library allocation
|
page read and write
|
||
|
8204000
|
trusted library allocation
|
page read and write
|
||
|
8029000
|
heap
|
page read and write
|
||
|
325B000
|
trusted library allocation
|
page read and write
|
||
|
38CB000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
AFB000
|
stack
|
page read and write
|
||
|
F2A000
|
unkown
|
page readonly
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
C0A000
|
heap
|
page read and write
|
||
|
3771000
|
heap
|
page read and write
|
||
|
35C9000
|
trusted library allocation
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
505B000
|
trusted library allocation
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
66D0000
|
heap
|
page read and write
|
||
|
58F0000
|
heap
|
page read and write
|
||
|
2A03000
|
trusted library allocation
|
page execute and read and write
|
||
|
35D7000
|
trusted library allocation
|
page read and write
|
||
|
45E000
|
remote allocation
|
page execute and read and write
|
||
|
14A7000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
35A3000
|
trusted library allocation
|
page read and write
|
||
|
708A000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
167B000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
3300000
|
trusted library allocation
|
page read and write
|
||
|
14C3000
|
trusted library allocation
|
page read and write
|
||
|
4941000
|
trusted library allocation
|
page read and write
|
||
|
35BE000
|
trusted library allocation
|
page read and write
|
||
|
43D000
|
stack
|
page read and write
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
328E000
|
stack
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
3476000
|
trusted library allocation
|
page read and write
|
||
|
3150000
|
trusted library allocation
|
page execute and read and write
|
||
|
C79000
|
heap
|
page read and write
|
||
|
35D9000
|
trusted library allocation
|
page read and write
|
||
|
35B8000
|
trusted library allocation
|
page read and write
|
||
|
35C3000
|
trusted library allocation
|
page read and write
|
||
|
966000
|
heap
|
page read and write
|
||
|
C41000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
C76000
|
heap
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
35A1000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
35B1000
|
trusted library allocation
|
page read and write
|
||
|
6C90000
|
heap
|
page read and write
|
||
|
7F88000
|
heap
|
page read and write
|
||
|
711E000
|
stack
|
page read and write
|
||
|
14E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
35F6000
|
trusted library allocation
|
page read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
7F44000
|
heap
|
page read and write
|
||
|
3770000
|
heap
|
page read and write
|
||
|
2AEE000
|
stack
|
page read and write
|
||
|
7FD3000
|
heap
|
page read and write
|
||
|
35D3000
|
trusted library allocation
|
page read and write
|
||
|
45F0000
|
heap
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
772C000
|
stack
|
page read and write
|
||
|
709F000
|
heap
|
page read and write
|
||
|
BF3000
|
heap
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
35F8000
|
trusted library allocation
|
page read and write
|
||
|
2A60000
|
trusted library allocation
|
page read and write
|
||
|
7320000
|
trusted library allocation
|
page read and write
|
||
|
52F4000
|
trusted library allocation
|
page read and write
|
||
|
35B1000
|
trusted library allocation
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
6F0E000
|
stack
|
page read and write
|
||
|
3601000
|
trusted library allocation
|
page read and write
|
||
|
3893000
|
trusted library allocation
|
page read and write
|
||
|
DAF000
|
stack
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
F1B000
|
unkown
|
page readonly
|
||
|
15B0000
|
heap
|
page read and write
|
||
|
6EBE000
|
stack
|
page read and write
|
||
|
852E000
|
stack
|
page read and write
|
||
|
C8B000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
35A7000
|
trusted library allocation
|
page read and write
|
||
|
35B9000
|
trusted library allocation
|
page read and write
|
||
|
324F000
|
stack
|
page read and write
|
||
|
33FA000
|
trusted library allocation
|
page read and write
|
||
|
6FE000
|
stack
|
page read and write
|
||
|
6BE000
|
stack
|
page read and write
|
||
|
35CE000
|
trusted library allocation
|
page read and write
|
||
|
C8B000
|
heap
|
page read and write
|
||
|
1EE000
|
stack
|
page read and write
|
||
|
8200000
|
trusted library allocation
|
page read and write
|
||
|
35E9000
|
trusted library allocation
|
page read and write
|
||
|
77D000
|
stack
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
43D000
|
stack
|
page read and write
|
||
|
6B8A000
|
stack
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
2A2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7E90000
|
trusted library allocation
|
page read and write
|
||
|
338E000
|
stack
|
page read and write
|
||
|
720E000
|
stack
|
page read and write
|
||
|
BCB000
|
heap
|
page read and write
|
||
|
4E9E000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
8017000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
35FD000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
BEC000
|
heap
|
page read and write
|
||
|
76ED000
|
stack
|
page read and write
|
||
|
81F0000
|
trusted library allocation
|
page read and write
|
||
|
7078000
|
heap
|
page read and write
|
||
|
C7F000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
E80000
|
remote allocation
|
page read and write
|
||
|
7FCF000
|
heap
|
page read and write
|
||
|
5E9E000
|
stack
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
C8B000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
8370000
|
trusted library allocation
|
page read and write
|
||
|
35B1000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
400000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
77E000
|
stack
|
page read and write
|
||
|
741E000
|
stack
|
page read and write
|
||
|
C3E000
|
stack
|
page read and write
|
||
|
7FEF000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
2B1F000
|
stack
|
page read and write
|
||
|
C7F000
|
heap
|
page read and write
|
||
|
8DD000
|
stack
|
page read and write
|
||
|
35C1000
|
trusted library allocation
|
page read and write
|
||
|
72F0000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
3416000
|
trusted library allocation
|
page read and write
|
||
|
39E3000
|
trusted library allocation
|
page read and write
|
||
|
3170000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
35C1000
|
trusted library allocation
|
page read and write
|
||
|
7FB6000
|
heap
|
page read and write
|
||
|
14C0000
|
trusted library allocation
|
page read and write
|
||
|
6D19000
|
heap
|
page read and write
|
||
|
14D0000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
35B0000
|
trusted library allocation
|
page read and write
|
||
|
C8F000
|
heap
|
page read and write
|
||
|
C9E000
|
heap
|
page read and write
|
||
|
6F4E000
|
stack
|
page read and write
|
||
|
35B1000
|
trusted library allocation
|
page read and write
|
||
|
45F7000
|
heap
|
page read and write
|
||
|
74E000
|
stack
|
page read and write
|
||
|
C77000
|
heap
|
page read and write
|
||
|
CAE000
|
stack
|
page read and write
|
||
|
35A1000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
BD2000
|
heap
|
page read and write
|
||
|
7300000
|
trusted library allocation
|
page read and write
|
||
|
362A000
|
trusted library allocation
|
page read and write
|
||
|
978000
|
heap
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
35C1000
|
trusted library allocation
|
page read and write
|
||
|
3276000
|
trusted library allocation
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
7AE000
|
unkown
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
35B1000
|
trusted library allocation
|
page read and write
|
||
|
35BD000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
1457000
|
heap
|
page read and write
|
||
|
35C1000
|
trusted library allocation
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
329F000
|
unkown
|
page read and write
|
||
|
7FDF000
|
heap
|
page read and write
|
||
|
987000
|
heap
|
page read and write
|
||
|
C8E000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
9A8000
|
heap
|
page read and write
|
||
|
4540000
|
heap
|
page execute and read and write
|
||
|
3271000
|
trusted library allocation
|
page read and write
|
||
|
1493000
|
trusted library allocation
|
page execute and read and write
|
||
|
C7F000
|
heap
|
page read and write
|
||
|
2A00000
|
trusted library allocation
|
page read and write
|
||
|
782E000
|
stack
|
page read and write
|
||
|
5D5F000
|
stack
|
page read and write
|
||
|
F1B000
|
unkown
|
page readonly
|
||
|
14B9000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
1494000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
ED8000
|
unkown
|
page readonly
|
||
|
C94000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
ED0000
|
unkown
|
page readonly
|
||
|
586C000
|
stack
|
page read and write
|
||
|
F2A000
|
unkown
|
page readonly
|
||
|
C7B000
|
heap
|
page read and write
|
||
|
2B6E000
|
stack
|
page read and write
|
||
|
1480000
|
trusted library allocation
|
page read and write
|
||
|
5969000
|
trusted library allocation
|
page read and write
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
7350000
|
trusted library allocation
|
page read and write
|
||
|
35D8000
|
trusted library allocation
|
page read and write
|
||
|
346D000
|
trusted library allocation
|
page read and write
|
||
|
C8B000
|
heap
|
page read and write
|
||
|
2A32000
|
trusted library allocation
|
page read and write
|
||
|
7390000
|
trusted library allocation
|
page read and write
|
||
|
58BE000
|
stack
|
page read and write
|
||
|
A6E000
|
stack
|
page read and write
|
||
|
5920000
|
heap
|
page read and write
|
||
|
3607000
|
trusted library allocation
|
page read and write
|
||
|
35D4000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
6BCE000
|
stack
|
page read and write
|
||
|
7029000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
6FF000
|
stack
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
14DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
35F0000
|
trusted library allocation
|
page read and write
|
||
|
C7B000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
3310000
|
trusted library allocation
|
page execute and read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
35B1000
|
trusted library allocation
|
page read and write
|
||
|
3282000
|
trusted library allocation
|
page read and write
|
||
|
75EC000
|
stack
|
page read and write
|
||
|
360F000
|
trusted library allocation
|
page read and write
|
||
|
2A10000
|
trusted library allocation
|
page read and write
|
||
|
C9E000
|
heap
|
page read and write
|
||
|
18AE000
|
stack
|
page read and write
|
||
|
32C0000
|
trusted library allocation
|
page read and write
|
||
|
C8F000
|
heap
|
page read and write
|
||
|
7042000
|
heap
|
page read and write
|
||
|
7EF0000
|
trusted library allocation
|
page read and write
|
||
|
F26000
|
unkown
|
page execute and read and write
|
||
|
C0E000
|
unkown
|
page read and write
|
||
|
45CB000
|
stack
|
page read and write
|
||
|
3343000
|
heap
|
page read and write
|
||
|
35B7000
|
trusted library allocation
|
page read and write
|
||
|
35FE000
|
trusted library allocation
|
page read and write
|
||
|
8150000
|
trusted library allocation
|
page read and write
|
||
|
F2A000
|
unkown
|
page readonly
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
E80000
|
remote allocation
|
page read and write
|
||
|
C7B000
|
heap
|
page read and write
|
||
|
C9E000
|
heap
|
page read and write
|
||
|
6E0E000
|
stack
|
page read and write
|
||
|
89D000
|
stack
|
page read and write
|
||
|
35E8000
|
trusted library allocation
|
page read and write
|
||
|
7F50000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
360D000
|
trusted library allocation
|
page read and write
|
||
|
35C1000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
E90000
|
unkown
|
page readonly
|
||
|
8380000
|
trusted library allocation
|
page read and write
|
||
|
15F3000
|
heap
|
page read and write
|
||
|
E90000
|
unkown
|
page readonly
|
||
|
9A7000
|
heap
|
page read and write
|
||
|
361D000
|
trusted library allocation
|
page read and write
|
||
|
363A000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
85AE000
|
stack
|
page read and write
|
||
|
35B1000
|
trusted library allocation
|
page read and write
|
||
|
35D4000
|
trusted library allocation
|
page read and write
|
||
|
4A96000
|
trusted library allocation
|
page read and write
|
||
|
7010000
|
heap
|
page read and write
|
||
|
E91000
|
unkown
|
page execute read
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
35CF000
|
trusted library allocation
|
page read and write
|
||
|
3490000
|
heap
|
page read and write
|
||
|
2B40000
|
heap
|
page read and write
|
||
|
E91000
|
unkown
|
page execute read
|
||
|
6C0B000
|
stack
|
page read and write
|
||
|
38AB000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
F1F000
|
unkown
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
35D1000
|
trusted library allocation
|
page read and write
|
||
|
F2F000
|
unkown
|
page write copy
|
||
|
81AE000
|
stack
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
E90000
|
unkown
|
page readonly
|
||
|
35C1000
|
trusted library allocation
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
5910000
|
heap
|
page execute and read and write
|
||
|
6EFF000
|
stack
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
2F50000
|
heap
|
page read and write
|
||
|
3345000
|
heap
|
page read and write
|
||
|
6B8F000
|
stack
|
page read and write
|
||
|
C83000
|
heap
|
page read and write
|
||
|
72DE000
|
stack
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
719E000
|
stack
|
page read and write
|
||
|
35C1000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
B84000
|
heap
|
page read and write
|
||
|
709D000
|
stack
|
page read and write
|
||
|
7F82000
|
heap
|
page read and write
|
||
|
6E7E000
|
stack
|
page read and write
|
||
|
4F36000
|
trusted library allocation
|
page read and write
|
||
|
35B9000
|
trusted library allocation
|
page read and write
|
||
|
1AD000
|
stack
|
page read and write
|
||
|
70A2000
|
heap
|
page read and write
|
||
|
12F8000
|
stack
|
page read and write
|
||
|
C8C000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
362F000
|
trusted library allocation
|
page read and write
|
||
|
363A000
|
trusted library allocation
|
page read and write
|
||
|
C8E000
|
heap
|
page read and write
|
||
|
D2B000
|
heap
|
page read and write
|
||
|
7340000
|
trusted library allocation
|
page read and write
|
||
|
58F000
|
stack
|
page read and write
|
||
|
3459000
|
trusted library allocation
|
page read and write
|
||
|
8210000
|
trusted library allocation
|
page read and write
|
||
|
5D9E000
|
stack
|
page read and write
|
||
|
A08000
|
heap
|
page read and write
|
||
|
7E70000
|
heap
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
C77000
|
heap
|
page read and write
|
||
|
3771000
|
heap
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
3351000
|
trusted library allocation
|
page read and write
|
||
|
14B5000
|
heap
|
page read and write
|
||
|
9B7000
|
heap
|
page read and write
|
||
|
35CB000
|
t |