Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
MKBOY.ps1
|
ASCII text, with very long lines (65458), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\JXCJKXCJHKJHXCJHKXCXCJHK.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\RUNPEE.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0xfd41dfbc, page size 16384, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\JXCJKXCJHKJHXCJHKXCXCJHK.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_j04rlqnn.1hw.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rbsijdtq.lbz.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDesusertions\1EGCU2523226VZY8MLZ9.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDesusertions\d93f411851d7c929.customDesusertions-ms (copy)
|
data
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
There are 5 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noLogo -ExecutionPolicy unrestricted -file "C:\Users\user\Desktop\MKBOY.ps1"
|
|
|
|
C:\Users\user\AppData\Local\Temp\JXCJKXCJHKJHXCJHKXCXCJHK.exe
|
"C:\Users\user\AppData\Local\Temp\JXCJKXCJHKJHXCJHKXCXCJHK.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\JXCJKXCJHKJHXCJHKXCXCJHK.exe
|
"C:\Users\user\AppData\Local\Temp\JXCJKXCJHKJHXCJHKXCXCJHK.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\JXCJKXCJHKJHXCJHKXCXCJHK.exe
|
"C:\Users\user\AppData\Local\Temp\JXCJKXCJHKJHXCJHKXCXCJHK.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\notepad.exe
|
"C:\Windows\System32\notepad.exe" "C:\Users\user\Desktop\MKBOY.ps1"
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://geoplugin.net/json.gpWN
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://crl.micro7T
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://176.65.144.3
|
unknown
|
||
|
http://geoplugin.net/k
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://176.65.144.3/dev/muk.exeP
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
http://176.65.144.3/dev/muk.exe
|
176.65.144.3
|
||
|
http://geoplugin.net/json.gp9
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://geoplugin.net/json.gpSystem32
|
unknown
|
||
|
http://geoplugin.net/json.gplm
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
https://aka.ms/pscore6lBAr
|
unknown
|
||
|
http://geoplugin.net/
|
unknown
|
||
|
https://g.live.com/odclientsettings/Prod-C:
|
unknown
|
||
|
http://geoplugin.net/json.gp/C
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2-C:
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
There are 15 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
geoplugin.net
|
178.237.33.50
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
198.23.227.212
|
unknown
|
United States
|
|
|
|
176.65.144.3
|
unknown
|
Germany
|
||
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-DJTZHJ
|
exepath
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-DJTZHJ
|
licence
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-DJTZHJ
|
time
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-DJTZHJ
|
UID
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad
|
fWindowsOnlyEOL
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad
|
fPasteOriginalEOL
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad
|
fReverse
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad
|
fWrapAround
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Notepad
|
fMatchCase
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
There are 15 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
12D8000
|
heap
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
76EF000
|
stack
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
77DE000
|
stack
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
23A0000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
7E2E000
|
stack
|
page read and write
|
||
|
28EB5430000
|
trusted library allocation
|
page read and write
|
||
|
35C0000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
74BE000
|
stack
|
page read and write
|
||
|
28EB5662000
|
heap
|
page read and write
|
||
|
7DA0000
|
trusted library allocation
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
2380000
|
trusted library allocation
|
page execute and read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
F68297E000
|
unkown
|
page readonly
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
28EB0F80000
|
trusted library allocation
|
page read and write
|
||
|
28EB5410000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
4DB0000
|
trusted library allocation
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
529C000
|
stack
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A6850000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
7CF0000
|
trusted library allocation
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
282A4DDE000
|
heap
|
page read and write
|
||
|
7CBD000
|
stack
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
28EB5560000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
28EB5412000
|
trusted library allocation
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
28EB0092000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
F68267E000
|
stack
|
page readonly
|
||
|
30B9000
|
stack
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
7AD9000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
7AB6000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
4B6E000
|
stack
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
8870000
|
trusted library allocation
|
page execute and read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
7D80000
|
trusted library allocation
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
8883000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
718E000
|
stack
|
page read and write
|
||
|
282A86B0000
|
trusted library allocation
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4DA8000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
12B5000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
8860000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
22F0000
|
trusted library allocation
|
page read and write
|
||
|
7D90000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
80C000
|
heap
|
page read and write
|
||
|
2390000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
5401000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
28EB53F0000
|
trusted library allocation
|
page read and write
|
||
|
53ED000
|
stack
|
page read and write
|
||
|
E9C000
|
stack
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
1362000
|
heap
|
page read and write
|
||
|
4558000
|
trusted library allocation
|
page read and write
|
||
|
785E000
|
stack
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
9EE000
|
stack
|
page read and write
|
||
|
169F000
|
stack
|
page read and write
|
||
|
1351000
|
heap
|
page read and write
|
||
|
7CC0000
|
trusted library allocation
|
page read and write
|
||
|
7D30000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
881D000
|
stack
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
4DE2000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
4E80000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
28EB095A000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
7BFE000
|
stack
|
page read and write
|
||
|
6401000
|
trusted library allocation
|
page read and write
|
||
|
28EB0A90000
|
trusted library allocation
|
page read and write
|
||
|
2FAF000
|
stack
|
page read and write
|
||
|
7ACE000
|
heap
|
page read and write
|
||
|
5851000
|
trusted library allocation
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
328E000
|
stack
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
1311000
|
heap
|
page read and write
|
||
|
28EB0128000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4DD9000
|
heap
|
page read and write
|
||
|
28EB0102000
|
heap
|
page read and write
|
||
|
F682879000
|
stack
|
page read and write
|
||
|
28EB0013000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
83A000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
28EB0000000
|
heap
|
page read and write
|
||
|
307B000
|
stack
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
4E50000
|
heap
|
page readonly
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
71A4000
|
trusted library allocation
|
page read and write
|
||
|
7A20000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
481000
|
remote allocation
|
page execute and read and write
|
||
|
76EB000
|
stack
|
page read and write
|
||
|
78DE000
|
stack
|
page read and write
|
||
|
87D0000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
3551000
|
trusted library allocation
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
28EB5443000
|
trusted library allocation
|
page read and write
|
||
|
9AF000
|
stack
|
page read and write
|
||
|
28EB008B000
|
heap
|
page read and write
|
||
|
28EB0902000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
805000
|
heap
|
page read and write
|
||
|
28EB5454000
|
trusted library allocation
|
page read and write
|
||
|
75AF000
|
stack
|
page read and write
|
||
|
4BC0000
|
heap
|
page execute and read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
77A000
|
heap
|
page read and write
|
||
|
F683D7E000
|
unkown
|
page readonly
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
F68437E000
|
unkown
|
page readonly
|
||
|
789E000
|
stack
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
28EB00FE000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
753A000
|
stack
|
page read and write
|
||
|
28EB5AB0000
|
trusted library allocation
|
page read and write
|
||
|
7DEE000
|
stack
|
page read and write
|
||
|
28EB091A000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
F681CFB000
|
stack
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
2510000
|
trusted library allocation
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E44000
|
heap
|
page read and write
|
||
|
28EB6000000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4DD6000
|
heap
|
page read and write
|
||
|
28EAFF30000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
230A000
|
trusted library allocation
|
page execute and read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
3555000
|
trusted library allocation
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
75EE000
|
stack
|
page read and write
|
||
|
28EB0113000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
28EB5540000
|
trusted library allocation
|
page read and write
|
||
|
28EB13A0000
|
trusted library allocation
|
page read and write
|
||
|
7CD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
F68237E000
|
unkown
|
page readonly
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
4DC9000
|
trusted library allocation
|
page read and write
|
||
|
F68257E000
|
unkown
|
page readonly
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
35CE000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
4E60000
|
trusted library allocation
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
53F0000
|
heap
|
page execute and read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
28EB5500000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
28EB00FE000
|
heap
|
page read and write
|
||
|
7AFB000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
1357000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4DD9000
|
heap
|
page read and write
|
||
|
22E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
22E4000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
F683C7B000
|
stack
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
885E000
|
stack
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
28EB0815000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
F682277000
|
stack
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
75B0000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
472000
|
remote allocation
|
page execute and read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
28EB07E0000
|
trusted library allocation
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
28EB5700000
|
heap
|
page read and write
|
||
|
28EB5600000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
28EB5655000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
28EB002B000
|
heap
|
page read and write
|
||
|
3D55000
|
trusted library allocation
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
232000
|
unkown
|
page readonly
|
||
|
33A7000
|
heap
|
page read and write
|
||
|
282A66CC000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
3456000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
28EB55B0000
|
remote allocation
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
2520000
|
trusted library allocation
|
page read and write
|
||
|
4DAE000
|
stack
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
28EB0076000
|
heap
|
page read and write
|
||
|
2300000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
28EB0913000
|
heap
|
page read and write
|
||
|
351E000
|
stack
|
page read and write
|
||
|
28EB00BC000
|
heap
|
page read and write
|
||
|
28EB55B0000
|
remote allocation
|
page read and write
|
||
|
615000
|
heap
|
page read and write
|
||
|
3D59000
|
trusted library allocation
|
page read and write
|
||
|
340F000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
28EB54E0000
|
trusted library allocation
|
page read and write
|
||
|
4BAE000
|
stack
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
282A4C00000
|
heap
|
page read and write
|
||
|
3D9000
|
stack
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4CE0000
|
heap
|
page read and write
|
||
|
7D20000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
2DC000
|
stack
|
page read and write
|
||
|
2516000
|
trusted library allocation
|
page read and write
|
||
|
28EB0071000
|
heap
|
page read and write
|
||
|
7A5000
|
heap
|
page read and write
|
||
|
28EB5500000
|
trusted library allocation
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
7194000
|
trusted library allocation
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
806E000
|
stack
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
7D00000
|
trusted library allocation
|
page read and write
|
||
|
28EB5440000
|
trusted library allocation
|
page read and write
|
||
|
71C5000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
75A0000
|
heap
|
page execute and read and write
|
||
|
7AA6000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
28EB07F0000
|
trusted library allocation
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
24AF000
|
stack
|
page read and write
|
||
|
746F000
|
stack
|
page read and write
|
||
|
334E000
|
stack
|
page read and write
|
||
|
255B000
|
trusted library allocation
|
page read and write
|
||
|
282A4D20000
|
heap
|
page read and write
|
||
|
7A78000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
8CFC000
|
stack
|
page read and write
|
||
|
35C6000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
28EB5440000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
7D60000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
3AAF000
|
stack
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
7B69000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
531E000
|
stack
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
4F17000
|
heap
|
page read and write
|
||
|
1366000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
74AD000
|
stack
|
page read and write
|
||
|
74FD000
|
stack
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
28EB5630000
|
heap
|
page read and write
|
||
|
80E0000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
7911000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
231B000
|
trusted library allocation
|
page execute and read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
230000
|
unkown
|
page readonly
|
||
|
3245000
|
heap
|
page read and write
|
||
|
28EB0117000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
3DB9000
|
trusted library allocation
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
28EB568B000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
30EF000
|
stack
|
page read and write
|
||
|
4BB8000
|
unkown
|
page readonly
|
||
|
282A4DD0000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
28EB007B000
|
heap
|
page read and write
|
||
|
4A6E000
|
stack
|
page read and write
|
||
|
7B70000
|
trusted library allocation
|
page read and write
|
||
|
282A6853000
|
heap
|
page read and write
|
||
|
7AC0000
|
heap
|
page read and write
|
||
|
22D0000
|
trusted library allocation
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
4DE5000
|
trusted library allocation
|
page execute and read and write
|
||
|
7A9F000
|
heap
|
page read and write
|
||
|
4DC0000
|
trusted library allocation
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
28EB000B000
|
heap
|
page read and write
|
||
|
4E00000
|
trusted library allocation
|
page read and write
|
||
|
16DD000
|
stack
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
32CD000
|
stack
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
35B0000
|
trusted library allocation
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
7D40000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
28EB5410000
|
trusted library allocation
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
6429000
|
trusted library allocation
|
page read and write
|
||
|
2310000
|
trusted library allocation
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
7C3E000
|
stack
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
28EB56DA000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
5555000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
7A62000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
4DBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
28EB009D000
|
heap
|
page read and write
|
||
|
7BB0000
|
heap
|
page execute and read and write
|
||
|
28EB5643000
|
heap
|
page read and write
|
||
|
2330000
|
trusted library allocation
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
F9C000
|
stack
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
8AE000
|
stack
|
page read and write
|
||
|
759D000
|
stack
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
7A46000
|
heap
|
page read and write
|
||
|
708E000
|
stack
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A67C0000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A66C5000
|
heap
|
page read and write
|
||
|
7ADF000
|
heap
|
page read and write
|
||
|
28EB55B0000
|
remote allocation
|
page read and write
|
||
|
25D5000
|
trusted library allocation
|
page read and write
|
||
|
7AF4000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
344F000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
28EB54F0000
|
trusted library allocation
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
47C000
|
remote allocation
|
page execute and read and write
|
||
|
7A00000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
28EB07C1000
|
trusted library allocation
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
4EF0000
|
trusted library allocation
|
page read and write
|
||
|
28EB56D2000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
F682C7B000
|
stack
|
page read and write
|
||
|
8AB5000
|
trusted library allocation
|
page read and write
|
||
|
2551000
|
trusted library allocation
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
28EB5550000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
4DB3000
|
trusted library allocation
|
page execute and read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
F6820FE000
|
stack
|
page read and write
|
||
|
134C000
|
heap
|
page read and write
|
||
|
282A4E35000
|
heap
|
page read and write
|
||
|
28EB0106000
|
heap
|
page read and write
|
||
|
743B000
|
stack
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
16E0000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
255F000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
25B6000
|
trusted library allocation
|
page read and write
|
||
|
28EB0802000
|
heap
|
page read and write
|
||
|
87C0000
|
trusted library allocation
|
page read and write
|
||
|
28EB5650000
|
heap
|
page read and write
|
||
|
28EB54E0000
|
trusted library allocation
|
page read and write
|
||
|
4F10000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
28EB091A000
|
heap
|
page read and write
|
||
|
28EB56F9000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
330E000
|
stack
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
7D10000
|
trusted library allocation
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
124E000
|
stack
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
7B51000
|
trusted library allocation
|
page read and write
|
||
|
28EB56C7000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
71B6000
|
trusted library allocation
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
7945000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
28EB5AB0000
|
trusted library allocation
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
4EDE000
|
stack
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A66A0000
|
trusted library allocation
|
page read and write
|
||
|
282A4DA0000
|
heap
|
page read and write
|
||
|
282A66C0000
|
heap
|
page read and write
|
||
|
28EAFE50000
|
heap
|
page read and write
|
||
|
4BB2000
|
unkown
|
page execute and read and write
|
||
|
9BD967E000
|
stack
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
24ED000
|
stack
|
page read and write
|
||
|
7D50000
|
trusted library allocation
|
page read and write
|
||
|
7C7E000
|
stack
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
4E68000
|
trusted library allocation
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
2307000
|
trusted library allocation
|
page execute and read and write
|
||
|
28EB565B000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
28EB5510000
|
trusted library allocation
|
page read and write
|
||
|
282A4DDD000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
4BB0000
|
unkown
|
page readonly
|
||
|
77E000
|
heap
|
page read and write
|
||
|
4E90000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
779E000
|
stack
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
28EB0D40000
|
trusted library allocation
|
page read and write
|
||
|
7B30000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
28EB5400000
|
trusted library allocation
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
28EB005D000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
7F2E000
|
stack
|
page read and write
|
||
|
28EB5623000
|
heap
|
page read and write
|
||
|
F6842FE000
|
stack
|
page read and write
|
||
|
8CBC000
|
stack
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
8780000
|
trusted library allocation
|
page execute and read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
28EB0041000
|
heap
|
page read and write
|
||
|
52DE000
|
stack
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
772E000
|
stack
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
7A8F000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
475000
|
remote allocation
|
page execute and read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
781E000
|
stack
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
8890000
|
heap
|
page read and write
|
||
|
2394000
|
trusted library allocation
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
5463000
|
trusted library allocation
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
7B40000
|
trusted library allocation
|
page read and write
|
||
|
28EB0102000
|
heap
|
page read and write
|
||
|
28EB56F3000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
22ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
28EB0078000
|
heap
|
page read and write
|
||
|
F682D7E000
|
unkown
|
page readonly
|
||
|
7AC8000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
28EB0800000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
132F000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
4E4E000
|
stack
|
page read and write
|
||
|
28EB0900000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
5D2D000
|
trusted library allocation
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
28EB5450000
|
trusted library allocation
|
page read and write
|
||
|
747E000
|
stack
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
2540000
|
heap
|
page execute and read and write
|
||
|
7CE0000
|
trusted library allocation
|
page read and write
|
||
|
736D000
|
stack
|
page read and write
|
||
|
8880000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
28EB005F000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
9BD93B9000
|
stack
|
page read and write
|
||
|
28EB0904000
|
heap
|
page read and write
|
||
|
75A5000
|
heap
|
page execute and read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
81E0000
|
heap
|
page read and write
|
||
|
25BF000
|
trusted library allocation
|
page read and write
|
||
|
4DE0000
|
trusted library allocation
|
page read and write
|
||
|
3451000
|
heap
|
page read and write
|
||
|
282A8EB0000
|
heap
|
page read and write
|
||
|
704D000
|
stack
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
5ED2000
|
trusted library allocation
|
page read and write
|
||
|
71B9000
|
trusted library allocation
|
page read and write
|
||
|
282A4E44000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
28EB5411000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
646A000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
F68247E000
|
stack
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
28EB5500000
|
trusted library allocation
|
page read and write
|
||
|
237E000
|
stack
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
3403000
|
heap
|
page read and write
|
||
|
2317000
|
trusted library allocation
|
page execute and read and write
|
||
|
28EB59F0000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
232000
|
unkown
|
page execute and read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
7AD1000
|
heap
|
page read and write
|
||
|
28EAFE30000
|
heap
|
page read and write
|
||
|
28EB56E8000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
355E000
|
stack
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
25CC000
|
trusted library allocation
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
39AE000
|
stack
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
34C0000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E44000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
7B6000
|
heap
|
page read and write
|
||
|
4EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7D70000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
1700000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
46EE000
|
stack
|
page read and write
|
||
|
359E000
|
stack
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
28EB00B5000
|
heap
|
page read and write
|
||
|
2500000
|
trusted library allocation
|
page read and write
|
||
|
22E0000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
4BB4000
|
unkown
|
page readonly
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
7F6E000
|
stack
|
page read and write
|
||
|
28EAFF60000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
4DB4000
|
trusted library allocation
|
page read and write
|
||
|
28EB570B000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
28EB5560000
|
trusted library allocation
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
28EB5713000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
2FEE000
|
stack
|
page read and write
|
||
|
7A66000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
7B60000
|
trusted library allocation
|
page read and write
|
||
|
7AAA000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
28EB5702000
|
heap
|
page read and write
|
||
|
AEF000
|
stack
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E4A000
|
heap
|
page read and write
|
||
|
282A4E3D000
|
heap
|
page read and write
|
||
|
7AED000
|
heap
|
page read and write
|
||
|
282A4E43000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
282A4E3F000
|
heap
|
page read and write
|
||
|
85F000
|
heap
|
page read and write
|
||
|
28EB5570000
|
trusted library allocation
|
page read and write
|
There are 878 hidden memdumps, click here to show them.