Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Pagamento Processado.js
|
ASCII text, with very long lines (5429), with no line terminators
|
initial sample
|
 |
|
|
C:\Temp\WTRTRWFSHS.ps1
|
ASCII text, with very long lines (57417), with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\JXCJKXCJHKJHXCJHKXCXCJHK.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\JXCJKXCJHKJHXCJHKXCXCJHK.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\kent[1].ps1
|
ASCII text, with very long lines (57417), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\TmpUserData\Crashpad\throttle_store.dat
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\TmpUserData\Default\Network\Cookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\TmpUserData\Default\Secure Preferences
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\TmpUserData\Local State
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_o3bwejmo.52t.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wbf4kj5l.rod.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhv37EE.tmp
|
Extensible storage user DataBase, version 0x620, checksum 0x2a351544, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ufrigxexiotsicyjmedmitblhoqmmy
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
There are 5 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Pagamento Processado.js"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy RemoteSigned -File "C:\Temp\WTRTRWFSHS.ps1"
|
|
|
|
C:\Users\user\AppData\Local\Temp\JXCJKXCJHKJHXCJHKXCXCJHK.exe
|
"C:\Users\user\AppData\Local\Temp\JXCJKXCJHKJHXCJHKXCXCJHK.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\JXCJKXCJHKJHXCJHKXCXCJHK.exe
|
"C:\Users\user\AppData\Local\Temp\JXCJKXCJHKJHXCJHKXCXCJHK.exe"
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
--user-data-dir=C:\Users\user\AppData\Local\Temp\TmpUserData --headless --remote-debugging-port=9222 --profile-directory="Default"
|
|
|
|
C:\Windows\SysWOW64\recover.exe
|
C:\Windows\SysWOW64\recover.exe /stext "C:\Users\user\AppData\Local\Temp\ufrigxexiotsicyjmedmitblhoqmmy"
|
|
|
|
C:\Windows\SysWOW64\recover.exe
|
C:\Windows\SysWOW64\recover.exe /stext "C:\Users\user\AppData\Local\Temp\ehwagppqwwlwtqmnwopflynbivhvfjnzk"
|
|
|
|
C:\Windows\SysWOW64\recover.exe
|
C:\Windows\SysWOW64\recover.exe /stext "C:\Users\user\AppData\Local\Temp\pcjthi"
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\Chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --noerrdialogs --no-pre-read-main-dll --field-trial-handle=2068,i,10874666967590452469,2224900250606111256,262144
--disable-features=PaintHolding --variations-seed-version --mojo-platform-channel-handle=2616 /prefetch:3
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
--user-data-dir=C:\Users\user\AppData\Local\Temp\TmpUserData --headless --remote-debugging-port=9222 --profile-directory="Default"
|
||
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --use-angle=swiftshader-webgl --use-gl=angle --headless --mojo-platform-channel-handle=2132
--field-trial-handle=1572,i,5104455906519316198,7108619280464206914,262144 --disable-features=PaintHolding /prefetch:3
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.imvu.comr
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://safebrowsing.google.com/safebrowsing/clientreport/chrome-sct-auditing
|
unknown
|
||
|
https://support.google.com/chrome/answer/6098869
|
unknown
|
||
|
http://anglebug.com/4633
|
unknown
|
||
|
https://anglebug.com/7382
|
unknown
|
||
|
https://issuetracker.google.com/284462263
|
unknown
|
||
|
http://www.chambersign.org1
|
unknown
|
||
|
http://www.nirsoft.net
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingaotak
|
unknown
|
||
|
https://deff.nelreports.net/api/report?cat=msn
|
unknown
|
||
|
http://c.pki.goog/we2/64OUIVzpZV4.crl0
|
unknown
|
||
|
https://anglebug.com/7714
|
unknown
|
||
|
http://unisolated.invalid/
|
unknown
|
||
|
https://chromeenterprise.google/policies/#BrowserSwitcherExternalGreylistUrl
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://anglebug.com/6248
|
unknown
|
||
|
http://developer.chrome.com/docs/extensions/how-to/distribute/install-extensions)
|
unknown
|
||
|
http://anglebug.com/6929
|
unknown
|
||
|
http://anglebug.com/5281
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://issuetracker.google.com/255411748
|
unknown
|
||
|
https://anglebug.com/7246
|
unknown
|
||
|
https://anglebug.com/7369
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
https://anglebug.com/7489
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://chrome.google.com/webstore
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.ico
|
unknown
|
||
|
http://c.pki.goog/r/gsr1.crl0
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://issuetracker.google.com/161903006
|
unknown
|
||
|
http://i.pki.goog/we2.crt0
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://176.65.144.3/dev/kent.exeP
|
unknown
|
||
|
https://drive-daily-5.corp.google.com/
|
unknown
|
||
|
http://176.65.144.3/dev/kent.ps1llcaller
|
unknown
|
||
|
http://anglebug.com/3078
|
unknown
|
||
|
http://anglebug.com/7553
|
unknown
|
||
|
https://chromeenterprise.google/policies/#BrowserSwitcherExternalSitelistUrl
|
unknown
|
||
|
http://anglebug.com/5375
|
unknown
|
||
|
http://anglebug.com/5371
|
unknown
|
||
|
http://anglebug.com/4722
|
unknown
|
||
|
http://anglebug.com/7556
|
unknown
|
||
|
http://anglebug.com/3625E
|
unknown
|
||
|
https://chromewebstore.google.com/
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingrms
|
unknown
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
https://drive-preprod.corp.google.com/
|
unknown
|
||
|
https://gemini.google.com/app?q=
|
unknown
|
||
|
https://gemini.google.com/app?q=searchTerms
|
unknown
|
||
|
http://anglebug.com/6692
|
unknown
|
||
|
https://issuetracker.google.com/258207403
|
unknown
|
||
|
http://anglebug.com/3502
|
unknown
|
||
|
http://anglebug.com/3623
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtabv10
|
unknown
|
||
|
http://anglebug.com/3625
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingth
|
unknown
|
||
|
http://anglebug.com/3624
|
unknown
|
||
|
http://www.unicode.org/copyright.html
|
unknown
|
||
|
http://anglebug.com/5007
|
unknown
|
||
|
https://drive.google.com/drive/installwebapp?usp=chrome_default
|
unknown
|
||
|
https://clients2.googleusercontent.com/crx/blobs/Ad_brx23lef_cW590ESOTTAroOhZ9si0XFJIUC52j2ILHW1VLB5
|
unknown
|
||
|
http://anglebug.com/3862
|
unknown
|
||
|
https://chrome.google.com/webstoreLDDiscover
|
unknown
|
||
|
http://anglebug.com/4836
|
unknown
|
||
|
https://issuetracker.google.com/issues/166475273
|
unknown
|
||
|
http://176.65.144.3/dev/kent.ps1lcaller
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_alldp.ico
|
unknown
|
||
|
http://anglebug.com/4384
|
unknown
|
||
|
https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=EL
|
unknown
|
||
|
http://176.65.144.3/dev/kent.ps1S
|
unknown
|
||
|
https://www.google.com/chrome/privacy/eula_text.htmlH&elpManaged
|
unknown
|
||
|
http://anglebug.com/3970
|
unknown
|
||
|
https://chromeenterprise.google/policies/#BrowserSwitcherUrlList
|
unknown
|
||
|
https://policies.google.com/
|
unknown
|
||
|
https://google-ohttp-relay-query.fastly-edge.com/2P
|
unknown
|
||
|
https://ecs.nel.measure.office.net?TenantId=ODSP_Sync_Client&DestinationEndpoint=Edge-Prod-LAX31r5c&
|
unknown
|
||
|
https://anglebug.com/7604
|
unknown
|
||
|
http://anglebug.com/7761
|
unknown
|
||
|
http://anglebug.com/7760
|
unknown
|
||
|
https://chrome.google.com/webstore/category/extensions
|
unknown
|
||
|
https://www.ecosia.org/newtab/v10
|
unknown
|
||
|
http://anglebug.com/5901
|
unknown
|
||
|
http://www.imvu.compData
|
unknown
|
||
|
http://anglebug.com/3965
|
unknown
|
||
|
http://anglebug.com/6439
|
unknown
|
||
|
http://anglebug.com/7406
|
unknown
|
||
|
https://www.google.com/search
|
unknown
|
||
|
http://www.google.com/update2/response
|
unknown
|
||
|
https://anglebug.com/7161
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=wsb
|
unknown
|
||
|
https://anglebug.com/7162
|
unknown
|
||
|
http://anglebug.com/5906
|
unknown
|
||
|
http://anglebug.com/2517
|
unknown
|
||
|
http://anglebug.com/4937
|
unknown
|
||
|
https://support.google.com/chrome/a/?p=browser_profile_details
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
geoplugin.net
|
178.237.33.50
|
||
|
googlehosted.l.googleusercontent.com
|
142.250.184.193
|
||
|
clients2.googleusercontent.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
176.65.144.3
|
unknown
|
Germany
|
|
|
|
196.251.69.63
|
unknown
|
Seychelles
|
|
|
|
192.168.2.6
|
unknown
|
unknown
|
|
|
|
142.250.184.193
|
googlehosted.l.googleusercontent.com
|
United States
|
||
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-U6XQL5
|
exepath
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-U6XQL5
|
licence
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-U6XQL5
|
time
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-U6XQL5
|
UID
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
|
JScriptSetScriptStateStarted
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\JXCJKXCJHKJHXCJHKXCXCJHK_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
dr
|
There are 15 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3FC0000
|
unclassified section
|
page execute and read and write
|
|
|
|
B63000
|
heap
|
page read and write
|
|
|
|
3C59000
|
trusted library allocation
|
page read and write
|
|
|
|
B48000
|
heap
|
page read and write
|
|
|
|
3B79000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
7814033DC000
|
direct allocation
|
page read and write
|
||
|
14FC4515000
|
heap
|
page read and write
|
||
|
781000038000
|
direct allocation
|
page read and write
|
||
|
33AF000
|
stack
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
14FC44FD000
|
heap
|
page read and write
|
||
|
14FC4549000
|
heap
|
page read and write
|
||
|
14FC4543000
|
heap
|
page read and write
|
||
|
14FC4521000
|
heap
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
14FC453A000
|
heap
|
page read and write
|
||
|
14FC4537000
|
heap
|
page read and write
|
||
|
781402BF2000
|
direct allocation
|
page read and write
|
||
|
14FC4512000
|
heap
|
page read and write
|
||
|
14FC4521000
|
heap
|
page read and write
|
||
|
78140250C000
|
direct allocation
|
page read and write
|
||
|
14FC453D000
|
heap
|
page read and write
|
||
|
313E000
|
heap
|
page read and write
|
||
|
14FC452C000
|
heap
|
page read and write
|
||
|
A0291FE000
|
unkown
|
page readonly
|
||
|
3155000
|
heap
|
page read and write
|
||
|
14FC4545000
|
heap
|
page read and write
|
||
|
14FC454D000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
A84507E000
|
stack
|
page read and write
|
||
|
14FC44F5000
|
heap
|
page read and write
|
||
|
72A400294000
|
trusted library allocation
|
page read and write
|
||
|
14FC452F000
|
heap
|
page read and write
|
||
|
14FC44FD000
|
heap
|
page read and write
|
||
|
14FC452C000
|
heap
|
page read and write
|
||
|
14FC450B000
|
heap
|
page read and write
|
||
|
7810000C4000
|
direct allocation
|
page read and write
|
||
|
14FC450B000
|
heap
|
page read and write
|
||
|
14FC453C000
|
heap
|
page read and write
|
||
|
14FC451E000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
14FC452F000
|
heap
|
page read and write
|
||
|
14FC47C5000
|
heap
|
page read and write
|
||
|
14FC454A000
|
heap
|
page read and write
|
||
|
78140252A000
|
direct allocation
|
page read and write
|
||
|
5270000
|
trusted library allocation
|
page read and write
|
||
|
30F0000
|
unclassified section
|
page execute and read and write
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
14FC4512000
|
heap
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
7814028F9000
|
direct allocation
|
page read and write
|
||
|
14FC44B7000
|
heap
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
14FC4535000
|
heap
|
page read and write
|
||
|
6B893FE000
|
unkown
|
page readonly
|
||
|
14FC4542000
|
heap
|
page read and write
|
||
|
14522FE000
|
stack
|
page read and write
|
||
|
332800088000
|
direct allocation
|
page read and write
|
||
|
14FC451F000
|
heap
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
14FC4515000
|
heap
|
page read and write
|
||
|
14FC451A000
|
heap
|
page read and write
|
||
|
14FC4547000
|
heap
|
page read and write
|
||
|
14FC4541000
|
heap
|
page read and write
|
||
|
781402BED000
|
direct allocation
|
page read and write
|
||
|
6B943FE000
|
unkown
|
page readonly
|
||
|
781400601000
|
direct allocation
|
page read and write
|
||
|
14FC4515000
|
heap
|
page read and write
|
||
|
14FC4535000
|
heap
|
page read and write
|
||
|
14FC450B000
|
heap
|
page read and write
|
||
|
14FC453B000
|
heap
|
page read and write
|
||
|
313C000
|
heap
|
page read and write
|
||
|
14FC454C000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
A02C1FE000
|
unkown
|
page readonly
|
||
|
781402866000
|
direct allocation
|
page read and write
|
||
|
14FC264B000
|
heap
|
page read and write
|
||
|
14FC4535000
|
heap
|
page read and write
|
||
|
26A29640000
|
heap
|
page read and write
|
||
|
781403C2C000
|
direct allocation
|
page read and write
|
||
|
26A2965E000
|
heap
|
page read and write
|
||
|
781403748000
|
direct allocation
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
26A2CD93000
|
heap
|
page read and write
|
||
|
78140253C000
|
direct allocation
|
page read and write
|
||
|
7814032D4000
|
direct allocation
|
page read and write
|
||
|
26A29A10000
|
heap
|
page read and write
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
14FC4515000
|
heap
|
page read and write
|
||
|
14FC451E000
|
heap
|
page read and write
|
||
|
14FC44F5000
|
heap
|
page read and write
|
||
|
14FC4543000
|
heap
|
page read and write
|
||
|
14FC450C000
|
heap
|
page read and write
|
||
|
14FC4542000
|
heap
|
page read and write
|
||
|
14FC450F000
|
heap
|
page read and write
|
||
|
14FC44FD000
|
heap
|
page read and write
|
||
|
26A26489000
|
heap
|
page read and write
|
||
|
14FC451C000
|
heap
|
page read and write
|
||
|
14FC452E000
|
heap
|
page read and write
|
||
|
14FC4540000
|
heap
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
14FC453D000
|
heap
|
page read and write
|
||
|
49C5000
|
trusted library allocation
|
page read and write
|
||
|
781000128000
|
direct allocation
|
page read and write
|
||
|
26A26370000
|
trusted library allocation
|
page read and write
|
||
|
14FC4556000
|
heap
|
page read and write
|
||
|
14FC451B000
|
heap
|
page read and write
|
||
|
781402DD3000
|
direct allocation
|
page read and write
|
||
|
14FC2699000
|
heap
|
page read and write
|
||
|
14FC4790000
|
heap
|
page read and write
|
||
|
7814035B0000
|
direct allocation
|
page read and write
|
||
|
26A28D03000
|
heap
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
14FC4530000
|
heap
|
page read and write
|
||
|
14FC44FD000
|
heap
|
page read and write
|
||
|
14FC450D000
|
heap
|
page read and write
|
||
|
7814036D8000
|
direct allocation
|
page read and write
|
||
|
14FC4507000
|
heap
|
page read and write
|
||
|
14FC452C000
|
heap
|
page read and write
|
||
|
A0339FB000
|
stack
|
page read and write
|
||
|
14FC4804000
|
heap
|
page read and write
|
||
|
7FF88B050000
|
trusted library allocation
|
page read and write
|
||
|
26A2CDA4000
|
heap
|
page read and write
|
||
|
A0101FE000
|
unkown
|
page readonly
|
||
|
14FC4508000
|
heap
|
page read and write
|
||
|
D74000
|
heap
|
page read and write
|
||
|
14FC44FD000
|
heap
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
781000068000
|
direct allocation
|
page read and write
|
||
|
14FC451B000
|
heap
|
page read and write
|
||
|
313C000
|
heap
|
page read and write
|
||
|
545000
|
heap
|
page read and write
|
||
|
14FC4549000
|
heap
|
page read and write
|
||
|
18482D09000
|
unclassified section
|
page read and write
|
||
|
14FC451B000
|
heap
|
page read and write
|
||
|
78140303B000
|
direct allocation
|
page read and write
|
||
|
7AB80021C000
|
direct allocation
|
page read and write
|
||
|
14FC453D000
|
heap
|
page read and write
|
||
|
7FF88AF32000
|
trusted library allocation
|
page read and write
|
||
|
26A2CCCC000
|
heap
|
page read and write
|
||
|
3144000
|
heap
|
page read and write
|
||
|
14FC2698000
|
heap
|
page read and write
|
||
|
6B8C3FE000
|
unkown
|
page readonly
|
||
|
7810004D0000
|
direct allocation
|
page read and write
|
||
|
14FC453C000
|
heap
|
page read and write
|
||
|
14FC450C000
|
heap
|
page read and write
|
||
|
26A2CD91000
|
heap
|
page read and write
|
||
|
7814033F8000
|
direct allocation
|
page read and write
|
||
|
22E0000
|
trusted library allocation
|
page read and write
|
||
|
26A26491000
|
heap
|
page read and write
|
||
|
781403440000
|
direct allocation
|
page read and write
|
||
|
14FC4547000
|
heap
|
page read and write
|
||
|
14FC44FF000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
A0249FC000
|
stack
|
page read and write
|
||
|
14FC4532000
|
heap
|
page read and write
|
||
|
26A29A32000
|
heap
|
page read and write
|
||
|
478000
|
remote allocation
|
page execute and read and write
|
||
|
37DE000
|
stack
|
page read and write
|
||
|
781403700000
|
direct allocation
|
page read and write
|
||
|
781403CE4000
|
direct allocation
|
page read and write
|
||
|
A8455FB000
|
stack
|
page read and write
|
||
|
14FC452C000
|
heap
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
327E000
|
heap
|
page read and write
|
||
|
14FC44F6000
|
heap
|
page read and write
|
||
|
3143000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
14FC26C9000
|
heap
|
page read and write
|
||
|
14FC452B000
|
heap
|
page read and write
|
||
|
CFE000
|
stack
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
14FC4538000
|
heap
|
page read and write
|
||
|
14FC4547000
|
heap
|
page read and write
|
||
|
781402948000
|
direct allocation
|
page read and write
|
||
|
14FC454A000
|
heap
|
page read and write
|
||
|
241A000
|
trusted library allocation
|
page read and write
|
||
|
781403EC0000
|
direct allocation
|
page read and write
|
||
|
14FC452D000
|
heap
|
page read and write
|
||
|
315A000
|
heap
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
781403F4C000
|
direct allocation
|
page read and write
|
||
|
184F8F50000
|
heap
|
page read and write
|
||
|
14FC452E000
|
heap
|
page read and write
|
||
|
14FC4538000
|
heap
|
page read and write
|
||
|
14FC4515000
|
heap
|
page read and write
|
||
|
14FC44F5000
|
heap
|
page read and write
|
||
|
14FC453D000
|
heap
|
page read and write
|
||
|
7814037D4000
|
direct allocation
|
page read and write
|
||
|
14FC4536000
|
heap
|
page read and write
|
||
|
14FC44FD000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
1CD5F606000
|
heap
|
page read and write
|
||
|
14FC452C000
|
heap
|
page read and write
|
||
|
1CD614F0000
|
heap
|
page read and write
|
||
|
A0149FC000
|
stack
|
page read and write
|
||
|
14FC452C000
|
heap
|
page read and write
|
||
|
14FC26C7000
|
heap
|
page read and write
|
||
|
14FC44E7000
|
heap
|
page read and write
|
||
|
781403060000
|
direct allocation
|
page read and write
|
||
|
14FC4551000
|
heap
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
26A29DE0000
|
unclassified section
|
page read and write
|
||
|
14FC453A000
|
heap
|
page read and write
|
||
|
14FC451F000
|
heap
|
page read and write
|
||
|
3B3B000
|
heap
|
page read and write
|
||
|
7814039B4000
|
direct allocation
|
page read and write
|
||
|
14FC4523000
|
heap
|
page read and write
|
||
|
14FC451F000
|
heap
|
page read and write
|
||
|
1CD61501000
|
trusted library allocation
|
page read and write
|
||
|
14FC4519000
|
heap
|
page read and write
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
14FC4503000
|
heap
|
page read and write
|
||
|
14FC454A000
|
heap
|
page read and write
|
||
|
7AB8002EC000
|
direct allocation
|
page read and write
|
||
|
1CD618CE000
|
trusted library allocation
|
page read and write
|
||
|
14FC451A000
|
heap
|
page read and write
|
||
|
26A29A04000
|
heap
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
14FC26FD000
|
heap
|
page read and write
|
||
|
14FC4523000
|
heap
|
page read and write
|
||
|
781403D50000
|
direct allocation
|
page read and write
|
||
|
14FC4522000
|
heap
|
page read and write
|
||
|
781403E2C000
|
direct allocation
|
page read and write
|
||
|
14FC452C000
|
heap
|
page read and write
|
||
|
7814032BC000
|
direct allocation
|
page read and write
|
||
|
14FC4537000
|
heap
|
page read and write
|
||
|
14FC452C000
|
heap
|
page read and write
|
||
|
78100011C000
|
direct allocation
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
7AB80031A000
|
direct allocation
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
1CD71501000
|
trusted library allocation
|
page read and write
|
||
|
14FC44B0000
|
heap
|
page read and write
|
||
|
14523FE000
|
stack
|
page read and write
|
||
|
26A2CD91000
|
heap
|
page read and write
|
||
|
A02A1FE000
|
unkown
|
page readonly
|
||
|
14FC4543000
|
heap
|
page read and write
|
||
|
14FC44FD000
|
heap
|
page read and write
|
||
|
78100041C000
|
direct allocation
|
page read and write
|
||
|
332800078000
|
direct allocation
|
page read and write
|
||
|
14FC4545000
|
heap
|
page read and write
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
26A26435000
|
heap
|
page read and write
|
||
|
14FC452B000
|
heap
|
page read and write
|
||
|
78140223C000
|
direct allocation
|
page read and write
|
||
|
3140000
|
heap
|
page read and write
|
||
|
450C00138000
|
trusted library allocation
|
page read and write
|
||
|
450C0018C000
|
trusted library allocation
|
page read and write
|
||
|
14FC450E000
|
heap
|
page read and write
|
||
|
781000248000
|
direct allocation
|
page read and write
|
||
|
14FC451B000
|
heap
|
page read and write
|
||
|
14FC454A000
|
heap
|
page read and write
|
||
|
7AB8002D0000
|
direct allocation
|
page read and write
|
||
|
518800278000
|
trusted library allocation
|
page read and write
|
||
|
72A40028C000
|
trusted library allocation
|
page read and write
|
||
|
14FC4560000
|
heap
|
page read and write
|
||
|
14FC4554000
|
heap
|
page read and write
|
||
|
14FC44FD000
|
heap
|
page read and write
|
||
|
14FC44FE000
|
heap
|
page read and write
|
||
|
D74000
|
heap
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
5270000
|
trusted library allocation
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
14FC452E000
|
heap
|
page read and write
|
||
|
14FC4532000
|
heap
|
page read and write
|
||
|
14FC4547000
|
heap
|
page read and write
|
||
|
14FC452D000
|
heap
|
page read and write
|
||
|
14FC44CD000
|
heap
|
page read and write
|
||
|
6EBD000
|
stack
|
page read and write
|
||
|
23CE000
|
trusted library allocation
|
page read and write
|
||
|
781403B11000
|
direct allocation
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
26A29A23000
|
heap
|
page read and write
|
||
|
1CD60F60000
|
heap
|
page execute and read and write
|
||
|
14FC44E7000
|
heap
|
page read and write
|
||
|
7AB800308000
|
direct allocation
|
page read and write
|
||
|
14FC450D000
|
heap
|
page read and write
|
||
|
6B903FE000
|
unkown
|
page readonly
|
||
|
5D2800044000
|
direct allocation
|
page read and write
|
||
|
14FC453B000
|
heap
|
page read and write
|
||
|
26A26414000
|
heap
|
page read and write
|
||
|
14FC44E7000
|
heap
|
page read and write
|
||
|
14FC4535000
|
heap
|
page read and write
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
781000208000
|
direct allocation
|
page read and write
|
||
|
A0159FD000
|
stack
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
723F000
|
stack
|
page read and write
|
||
|
314C000
|
heap
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
26A2D589000
|
heap
|
page read and write
|
||
|
14FC452B000
|
heap
|
page read and write
|
||
|
14525FF000
|
stack
|
page read and write
|
||
|
26A264A5000
|
heap
|
page read and write
|
||
|
781403F70000
|
direct allocation
|
page read and write
|
||
|
C16000
|
stack
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
14FC453B000
|
heap
|
page read and write
|
||
|
7D5E000
|
stack
|
page read and write
|
||
|
1CD79970000
|
heap
|
page read and write
|
||
|
26A29A06000
|
heap
|
page read and write
|
||
|
14FC4502000
|
heap
|
page read and write
|
||
|
14FC451B000
|
heap
|
page read and write
|
||
|
14FC44EE000
|
heap
|
page read and write
|
||
|
781403CBC000
|
direct allocation
|
page read and write
|
||
|
7810004BC000
|
direct allocation
|
page read and write
|
||
|
803000
|
trusted library allocation
|
page execute and read and write
|
||
|
14FC451E000
|
heap
|
page read and write
|
||
|
14FC4521000
|
heap
|
page read and write
|
||
|
14FC4522000
|
heap
|
page read and write
|
||
|
14FC44E7000
|
heap
|
page read and write
|
||
|
14FC453A000
|
heap
|
page read and write
|
||
|
6B8EBFD000
|
stack
|
page read and write
|
||
|
14FC44F5000
|
heap
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
14FC44FE000
|
heap
|
page read and write
|
||
|
14FC44E7000
|
heap
|
page read and write
|
||
|
7814027A4000
|
direct allocation
|
page read and write
|
||
|
14FC4541000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
14FC4503000
|
heap
|
page read and write
|
||
|
7FF8FF4F1000
|
unkown
|
page execute read
|
||
|
72A400294000
|
trusted library allocation
|
page read and write
|
||
|
14FC453F000
|
heap
|
page read and write
|
||
|
14FC451A000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
26A2CDAC000
|
heap
|
page read and write
|
||
|
14FC4542000
|
heap
|
page read and write
|
||
|
781403E04000
|
direct allocation
|
page read and write
|
||
|
14FC452F000
|
heap
|
page read and write
|
||
|
14FC454A000
|
heap
|
page read and write
|
||
|
14FC44E7000
|
heap
|
page read and write
|
||
|
14FC4543000
|
heap
|
page read and write
|
||
|
A0329FD000
|
stack
|
page read and write
|
||
|
781402578000
|
direct allocation
|
page read and write
|
||
|
26A2CD81000
|
heap
|
page read and write
|
||
|
51880033C000
|
trusted library allocation
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
26A2CCCC000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
14FC4543000
|
heap
|
page read and write
|
||
|
14FC4513000
|
heap
|
page read and write
|
||
|
14FC4547000
|
heap
|
page read and write
|
||
|
184F9059000
|
heap
|
page read and write
|
||
|
2EB4000
|
heap
|
page read and write
|
||
|
14FC44FD000
|
heap
|
page read and write
|
||
|
14FC4547000
|
heap
|
page read and write
|
||
|
A0261FE000
|
unkown
|
page readonly
|
||
|
7814024B4000
|
direct allocation
|
page read and write
|
||
|
14FC450C000
|
heap
|
page read and write
|
||
|
7810000DC000
|
direct allocation
|
page read and write
|
||
|
14FC454C000
|
heap
|
page read and write
|
||
|
781402C70000
|
direct allocation
|
page read and write
|
||
|
14FC44E7000
|
heap
|
page read and write
|
||
|
781402BCB000
|
direct allocation
|
page read and write
|
||
|
450C0009C000
|
trusted library allocation
|
page read and write
|
||
|
14FC44F5000
|
heap
|
page read and write
|
||
|
7814031CC000
|
direct allocation
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
3143000
|
heap
|
page read and write
|
||
|
14FC4515000
|
heap
|
page read and write
|
||
|
40C6000
|
direct allocation
|
page execute and read and write
|
||
|
7810004E8000
|
direct allocation
|
page read and write
|
||
|
450C000EC000
|
trusted library allocation
|
page read and write
|
||
|
14FC450B000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
14FC4546000
|
heap
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
450C00108000
|
trusted library allocation
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
3375000
|
trusted library allocation
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
14FC4523000
|
heap
|
page read and write
|
||
|
14FC4539000
|
heap
|
page read and write
|
||
|
14FC4520000
|
heap
|
page read and write
|
||
|
14FC450C000
|
heap
|
page read and write
|
||
|
3328000B4000
|
direct allocation
|
page read and write
|
||
|
14FC4522000
|
heap
|
page read and write
|
||
|
14FC453A000
|
heap
|
page read and write
|
||
|
14FC451B000
|
heap
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
781403160000
|
direct allocation
|
page read and write
|
||
|
3143000
|
heap
|
page read and write
|
||
|
78140252C000
|
direct allocation
|
page read and write
|
||
|
14FC4521000
|
heap
|
page read and write
|
||
|
14FC450B000
|
heap
|
page read and write
|
||
|
14FC4521000
|
heap
|
page read and write
|
||
|
14FC452E000
|
heap
|
page read and write
|
||
|
14FC451E000
|
heap
|
page read and write
|
||
|
14FC4546000
|
heap
|
page read and write
|
||
|
14FC44E7000
|
heap
|
page read and write
|
||
|
14FC452C000
|
heap
|
page read and write
|
||
|
14FC453B000
|
heap
|
page read and write
|
||
|
14FC44E7000
|
heap
|
page read and write
|
||
|
A0221FE000
|
unkown
|
page readonly
|
||
|
14FC4544000
|
heap
|
page read and write
|
||
|
14FC4532000
|
heap
|
page read and write
|
||
|
781402DCC000
|
direct allocation
|
page read and write
|
||
|
14FC4530000
|
heap
|
page read and write
|
||
|
72A4002B4000
|
trusted library allocation
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
14FC4515000
|
heap
|
page read and write
|
||
|
14FC453A000
|
heap
|
page read and write
|
||
|
14FC44FD000
|
heap
|
page read and write
|
||
|
14FC4520000
|
heap
|
page read and write
|
||
|
14FC4547000
|
heap
|
page read and write
|
||
|
7FF88AE36000
|
trusted library allocation
|
page execute and read and write
|
||
|
14FC44F5000
|
heap
|
page read and write
|
||
|
14FC451B000
|
heap
|
page read and write
|
||
|
781402B18000
|
direct allocation
|
page read and write
|
||
|
14FC44EA000
|
heap
|
page read and write
|
||
|
14FC4521000
|
heap
|
page read and write
|
||
|
14FC451B000
|
heap
|
page read and write
|
||
|
14FC4521000
|
heap
|
page read and write
|
||
|
14FC452C000
|
heap
|
page read and write
|
||
|
26A2CCF4000
|
heap
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
14FC4508000
|
heap
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
14FC452C000
|
heap
|
page read and write
|
||
|
26A26444000
|
heap
|
page read and write
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
26A2CCA4000
|
heap
|
page read and write
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
14FC450B000
|
heap
|
page read and write
|
||
|
14FC4515000
|
heap
|
page read and write
|
||
|
14FC452F000
|
heap
|
page read and write
|
||
|
14FC4550000
|
heap
|
page read and write
|
||
|
14FC452B000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
14FC4518000
|
heap
|
page read and write
|
||
|
72A400268000
|
trusted library allocation
|
page read and write
|
||
|
14FC4553000
|
heap
|
page read and write
|
||
|
14FC450B000
|
heap
|
page read and write
|
||
|
781403A01000
|
direct allocation
|
page read and write
|
||
|
5070000
|
heap
|
page read and write
|
||
|
A0179FB000
|
stack
|
page read and write
|
||
|
33280002C000
|
direct allocation
|
page read and write
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
C36000
|
heap
|
page read and write
|
||
|
10000
|
unkown
|
page readonly
|
||
|
2EAE000
|
stack
|
page read and write
|
||
|
781403838000
|
direct allocation
|
page read and write
|
||
|
14FC4503000
|
heap
|
page read and write
|
||
|
14FC452D000
|
heap
|
page read and write
|
||
|
14FC4543000
|
heap
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
14FC44F2000
|
heap
|
page read and write
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
14FC4515000
|
heap
|
page read and write
|
||
|
14FC4547000
|
heap
|
page read and write
|
||
|
38DB000
|
stack
|
page read and write
|
||
|
14FC451E000
|
heap
|
page read and write
|
||
|
14FC4518000
|
heap
|
page read and write
|
||
|
A01F1FE000
|
unkown
|
page readonly
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
23F5000
|
trusted library allocation
|
page read and write
|
||
|
781000218000
|
direct allocation
|
page read and write
|
||
|
14FC452D000
|
heap
|
page read and write
|
||
|
14FC25B0000
|
heap
|
page read and write
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
313E000
|
heap
|
page read and write
|
||
|
2EB4000
|
heap
|
page read and write
|
||
|
781403B5C000
|
direct allocation
|
page read and write
|
||
|
14FC452D000
|
heap
|
page read and write
|
||
|
14FC4547000
|
heap
|
page read and write
|
||
|
14FC44E7000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
14FC4550000
|
heap
|
page read and write
|
||
|
14FC44F6000
|
heap
|
page read and write
|
||
|
14FC454F000
|
heap
|
page read and write
|
||
|
314D000
|
heap
|
page read and write
|
||
|
14FC44FE000
|
heap
|
page read and write
|
||
|
14FC451B000
|
heap
|
page read and write
|
||
|
14FC452F000
|
heap
|
page read and write
|
||
|
14FC44E7000
|
heap
|
page read and write
|
||
|
14FC44F9000
|
heap
|
page read and write
|
||
|
14FC4530000
|
heap
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
14FC2702000
|
heap
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
781402801000
|
direct allocation
|
page read and write
|
||
|
781402AFB000
|
direct allocation
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
14FC4530000
|
heap
|
page read and write
|
||
|
14FC452F000
|
heap
|
page read and write
|
||
|
2EB4000
|
heap
|
page read and write
|
||
|
14FC44FF000
|
heap
|
page read and write
|
||
|
781000404000
|
direct allocation
|
page read and write
|
||
|
14FC450C000
|
heap
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
14FC453B000
|
heap
|
page read and write
|
||
|
14FC4535000
|
heap
|
page read and write
|
||
|
78100052C000
|
direct allocation
|
page read and write
|
||
|
26A2CCCC000
|
heap
|
page read and write
|
||
|
26A2CCF4000
|
heap
|
page read and write
|
||
|
1452DFB000
|
stack
|
page read and write
|
||
|
781403DAC000
|
direct allocation
|
page read and write
|
||
|
14FC452F000
|
heap
|
page read and write
|
||
|
14FC4547000
|
heap
|
page read and write
|
||
|
14FC451B000
|
heap
|
page read and write
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
14FC4505000
|
heap
|
page read and write
|
||
|
14FC44B1000
|
heap
|
page read and write
|
||
|
450C000E0000
|
trusted library allocation
|
page read and write
|
||
|
781403074000
|
direct allocation
|
page read and write
|
||
|
14FC4550000
|
heap
|
page read and write
|
||
|
5D2800028000
|
direct allocation
|
page read and write
|
||
|
1452BFE000
|
stack
|
page read and write
|
||
|
781403864000
|
direct allocation
|
page read and write
|
||
|
7FF8FF506000
|
unkown
|
page readonly
|
||
|
55F000
|
heap
|
page read and write
|
||
|
40B1000
|
direct allocation
|
page execute and read and write
|
||
|
14FC452A000
|
heap
|
page read and write
|
||
|
78140295C000
|
direct allocation
|
page read and write
|
||
|
14FC450B000
|
heap
|
page read and write
|
||
|
26A2CCD7000
|
heap
|
page read and write
|
||
|
14FC453D000
|
heap
|
page read and write
|
||
|
781000140000
|
direct allocation
|
page read and write
|
||
|
4BBF000
|
stack
|
page read and write
|
||
|
14FC4547000
|
heap
|
page read and write
|
||
|
14FC44FD000
|
heap
|
page read and write
|
||
|
781402334000
|
direct allocation
|
page read and write
|
||
|
781402DEC000
|
direct allocation
|
page read and write
|
||
|
7DF413DD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
14FC4521000
|
heap
|
page read and write
|
||
|
14FC4539000
|
heap
|
page read and write
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
14FC453C000
|
heap
|
page read and write
|
||
|
367C000
|
heap
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
14FC451A000
|
heap
|
page read and write
|
||
|
781402F28000
|
direct allocation
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
14FC4521000
|
heap
|
page read and write
|
||
|
7FF88AF01000
|
trusted library allocation
|
page read and write
|
||
|
14FC4519000
|
heap
|
page read and write
|
||
|
14FC44FD000
|
heap
|
page read and write
|
||
|
14FC453A000
|
heap
|
page read and write
|
||
|
14FC453D000
|
heap
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
14FC268C000
|
heap
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
14FC4547000
|
heap
|
page read and write
|
||
|
4E30000
|
heap
|
page read and write
|
||
|
3328000B8000
|
direct allocation
|
page read and write
|
||
|
14FC4547000
|
heap
|
page read and write
|
||
|
7AB80025C000
|
direct allocation
|
page read and write
|
||
|
14FC4538000
|
heap
|
page read and write
|
||
|
3328000B8000
|
direct allocation
|
page read and write
|
||
|
14FC44E7000
|
heap
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
14FC4543000
|
heap
|
page read and write
|
||
|
14FC44F6000
|
heap
|
page read and write
|
||
|
4040000
|
unclassified section
|
page execute and read and write
|
||
|
78100047C000
|
direct allocation
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
781403488000
|
direct allocation
|
page read and write
|
||
|
26A2CD9A000
|
heap
|
page read and write
|
||
|
89E000
|
stack
|
page read and write
|
||
|
22D0000
|
trusted library allocation
|
page read and write
|
||
|
450C000C4000
|
trusted library allocation
|
page read and write
|
||
|
14FC451A000
|
heap
|
page read and write
|
||
|
781402B1C000
|
direct allocation
|
page read and write
|
||
|
78140254C000
|
direct allocation
|
page read and write
|
||
|
313F000
|
heap
|
page read and write
|
||
|
781403A4F000
|
direct allocation
|
page read and write
|
||
|
26A2CC98000
|
heap
|
page read and write
|
||
|
1CD715D0000
|
trusted library allocation
|
page read and write
|
||
|
14FC450C000
|
heap
|
page read and write
|
||
|
14FC4515000
|
heap
|
page read and write
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
14FC451A000
|
heap
|
page read and write
|
||
|
14FC451C000
|
heap
|
page read and write
|
||
|
14FC4541000
|
heap
|
page read and write
|
||
|
72A40026C000
|
trusted library allocation
|
page read and write
|
||
|
3328000B4000
|
direct allocation
|
page read and write
|
||
|
26A2CD8A000
|
heap
|
page read and write
|
||
|
184F9075000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
14FC44FD000
|
heap
|
page read and write
|
||
|
781402FA4000
|
direct allocation
|
page read and write
|
||
|
5D28000D4000
|
direct allocation
|
page read and write
|
||
|
14FC264A000
|
heap
|
page read and write
|
||
|
14FC4520000
|
heap
|
page read and write
|
||
|
781403D60000
|
direct allocation
|
page read and write
|
||
|
781000438000
|
direct allocation
|
page read and write
|
||
|
14FC4533000
|
heap
|
page read and write
|
||
|
14FC4525000
|
heap
|
page read and write
|
||
|
14FC4509000
|
heap
|
page read and write
|
||
|
14FC452D000
|
heap
|
page read and write
|
||
|
14FC4523000
|
heap
|
page read and write
|
||
|
14FC44C7000
|
heap
|
page read and write
|
||
|
237F000
|
trusted library allocation
|
page read and write
|
||
|
14FC44E7000
|
heap
|
page read and write
|
||
|
14FC4515000
|
heap
|
page read and write
|
||
|
14FC4523000
|
heap
|
page read and write
|
||
|
450C002B0000
|
trusted library allocation
|
page read and write
|
||
|
781402B88000
|
direct allocation
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
14FC44E7000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
14FC451F000
|
heap
|
page read and write
|
||
|
316E000
|
heap
|
page read and write
|
||
|
14FC4515000
|
heap
|
page read and write
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
781403C01000
|
direct allocation
|
page read and write
|
||
|
7FF8FF515000
|
unkown
|
page readonly
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
14FC4547000
|
heap
|
page read and write
|
||
|
14FC450C000
|
heap
|
page read and write
|
||
|
781403DD0000
|
direct allocation
|
page read and write
|
||
|
781402F00000
|
direct allocation
|
page read and write
|
||
|
14FC44FD000
|
heap
|
page read and write
|
||
|
26A2CCCC000
|
heap
|
page read and write
|
||
|
14FC4521000
|
heap
|
page read and write
|
||
|
D75000
|
heap
|
page read and write
|
||
|
14FC453B000
|
heap
|
page read and write
|
||
|
14FC450A000
|
heap
|
page read and write
|
||
|
27AD000
|
stack
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
14FC452D000
|
heap
|
page read and write
|
||
|
26A2CC72000
|
heap
|
page read and write
|
||
|
14FC4542000
|
heap
|
page read and write
|
||
|
14FC452F000
|
heap
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
26A2CE12000
|
heap
|
page read and write
|
||
|
14FC4506000
|
heap
|
page read and write
|
||
|
14FC452D000
|
heap
|
page read and write
|
||
|
14FC44F6000
|
heap
|
page read and write
|
||
|
14FC4557000
|
heap
|
page read and write
|
||
|
5D2800004000
|
direct allocation
|
page read and write
|
||
|
14FC4523000
|
heap
|
page read and write
|
||
|
14FC4520000
|
heap
|
page read and write
|
||
|
14FC451A000
|
heap
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
781403578000
|
direct allocation
|
page read and write
|
||
|
14FC4509000
|
heap
|
page read and write
|
||
|
C9C000
|
stack
|
page read and write
|
||
|
14FC4547000
|
heap
|
page read and write
|
||
|
14FC4551000
|
heap
|
page read and write
|
||
|
781403601000
|
direct allocation
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
14FC453D000
|
heap
|
page read and write
|
||
|
14FC44E7000
|
heap
|
page read and write
|
||
|
14FC44F2000
|
heap
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
14FC25FB000
|
heap
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
14FC4534000
|
heap
|
page read and write
|
||
|
14FC44FD000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
14FC453B000
|
heap
|
page read and write
|
||
|
7814039E8000
|
direct allocation
|
page read and write
|
||
|
14FC4547000
|
heap
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
14FC453C000
|
heap
|
page read and write
|
||
|
14FC451E000
|
heap
|
page read and write
|
||
|
14FC25FA000
|
heap
|
page read and write
|
||
|
14FC4514000
|
heap
|
page read and write
|
||
|
14FC4522000
|
heap
|
page read and write
|
||
|
14FC4538000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
78100059C000
|
direct allocation
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
14FC4556000
|
heap
|
page read and write
|
||
|
14FC4519000
|
heap
|
page read and write
|
||
|
781402724000
|
direct allocation
|
page read and write
|
||
|
781403AD8000
|
direct allocation
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
14FC453B000
|
heap
|
page read and write
|
||
|
14FC4507000
|
heap
|
page read and write
|
||
|
781402DCF000
|
direct allocation
|
page read and write
|
||
|
14FC4545000
|
heap
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
1CD795C1000
|
heap
|
page read and write
|
||
|
14FC4520000
|
heap
|
page read and write
|
||
|
781402AC4000
|
direct allocation
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
14FC44E7000
|
heap
|
page read and write
|
||
|
781403A04000
|
direct allocation
|
page read and write
|
||
|
14FC4532000
|
heap
|
page read and write
|
||
|
800000
|
trusted library allocation
|
page read and write
|
||
|
14FC4518000
|
heap
|
page read and write
|
||
|
26A26483000
|
heap
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
14FC4547000
|
heap
|
page read and write
|
||
|
14FC44F5000
|
heap
|
page read and write
|
||
|
14FC44E7000
|
heap
|
page read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
518800304000
|
trusted library allocation
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
7810000BC000
|
direct allocation
|
page read and write
|
||
|
14FC4537000
|
heap
|
page read and write
|
||
|
14FC4541000
|
heap
|
page read and write
|
||
|
7AB800212000
|
direct allocation
|
page read and write
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
14FC4503000
|
heap
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
14FC4525000
|
heap
|
page read and write
|
||
|
14FC4530000
|
heap
|
page read and write
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
14FC4523000
|
heap
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
14FC4515000
|
heap
|
page read and write
|
||
|
332800088000
|
direct allocation
|
page read and write
|
||
|
14FC4520000
|
heap
|
page read and write
|
||
|
14FC4530000
|
heap
|
page read and write
|
||
|
781402A70000
|
direct allocation
|
page read and write
|
||
|
14FC44FD000
|
heap
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
14FC453B000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
781403684000
|
direct allocation
|
page read and write
|
||
|
14FC455B000
|
heap
|
page read and write
|
||
|
14FC4547000
|
heap
|
page read and write
|
||
|
14FC452D000
|
heap
|
page read and write
|
||
|
781403F44000
|
direct allocation
|
page read and write
|
||
|
313F000
|
heap
|
page read and write
|
||
|
26A264B7000
|
heap
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
14FC4520000
|
heap
|
page read and write
|
||
|
14FC4547000
|
heap
|
page read and write
|
||
|
14FC4523000
|
heap
|
page read and write
|
||
|
14FC451A000
|
heap
|
page read and write
|
||
|
14FC4515000
|
heap
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
14FC451C000
|
heap
|
page read and write
|
||
|
14FC452A000
|
heap
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
14FC452F000
|
heap
|
page read and write
|
||
|
14FC4517000
|
heap
|
page read and write
|
||
|
7810004A0000
|
direct allocation
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
7814025E3000
|
direct allocation
|
page read and write
|
||
|
3148000
|
heap
|
page read and write
|
||
|
14FC451F000
|
heap
|
page read and write
|
||
|
14FC44EA000
|
heap
|
page read and write
|
||
|
14FC4550000
|
heap
|
page read and write
|
||
|
14FC4511000
|
heap
|
page read and write
|
||
|
7FF8FF4F0000
|
unkown
|
page readonly
|
||
|
3155000
|
heap
|
page read and write
|
||
|
14FC44FD000
|
heap
|
page read and write
|
||
|
506F000
|
stack
|
page read and write
|
||
|
14FC4538000
|
heap
|
page read and write
|
||
|
781403D88000
|
direct allocation
|
page read and write
|
||
|
3328000D0000
|
direct allocation
|
page read and write
|
||
|
14FC4547000
|
heap
|
page read and write
|
||
|
14FC4515000
|
heap
|
page read and write
|
||
|
7FF88AF60000
|
trusted library allocation
|
page read and write
|
||
|
14FC451C000
|
heap
|
page read and write
|
||
|
14FC452B000
|
heap
|
page read and write
|
||
|
781403A2C000
|
direct allocation
|
page read and write
|
||
|
14FC454C000
|
heap
|
page read and write
|
||
|
CD9000
|
stack
|
page read and write
|
||
|
14FC44E7000
|
heap
|
page read and write
|
||
|
14FC4547000
|
heap
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
14FC4780000
|
heap
|
page read and write
|
||
|
14FC451D000
|
heap
|
page read and write
|
||
|
781402BBD000
|
direct allocation
|
page read and write
|
||
|
14FC4527000
|
heap
|
page read and write
|
||
|
781403CB4000
|
direct allocation
|
page read and write
|
||
|
14FC4549000
|
heap
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
184F8F60000
|
heap
|
page readonly
|
||
|
51E000
|
heap
|
page read and write
|
||
|
606000
|
heap
|
page read and write
|
||
|
26A2CDF8000
|
heap
|
page read and write
|
||
|
14FC44F9000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
781403D9C000
|
direct allocation
|
page read and write
|
||
|
14FC4512000
|
heap
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
781402BF8000
|
direct allocation
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
26A2CCCC000
|
heap
|
page read and write
|
||
|
14FC451C000
|
heap
|
page read and write
|
||
|
14FC4540000
|
heap
|
page read and write
|
||
|
BA4000
|
heap
|
page read and write
|
||
|
781000498000
|
direct allocation
|
page read and write
|
||
|
518800254000
|
trusted library allocation
|
page read and write
|
||
|
781000490000
|
direct allocation
|
page read and write
|
||
|
14FC4515000
|
heap
|
page read and write
|
||
|
14FC452B000
|
heap
|
page read and write
|
||
|
7814027E0000
|
direct allocation
|
page read and write
|
||
|
6B8B3FE000
|
unkown
|
page readonly
|
||
|
14FC4515000
|
heap
|
page read and write
|
||
|
14FC4507000
|
heap
|
page read and write
|
||
|
14FC4521000
|
heap
|
page read and write
|
||
|
14FC4525000
|
heap
|
page read and write
|
||
|
14527FF000
|
stack
|
page read and write
|
||
|
14FC4562000
|
heap
|
page read and write
|
||
|
14FC4515000
|
heap
|
page read and write
|
||
|
14FC451A000
|
heap
|
page read and write
|
||
|
14FC4535000
|
heap
|
page read and write
|
||
|
14FC4529000
|
heap
|
page read and write
|
||
|
14FC4524000
|
heap
|
page read and write
|
||
|
14FC451A000
|
heap
|
page read and write
|
||
|
14FC4504000
|
heap
|
page read and write
|
||
|
14FC4549000
|
heap
|
page read and write
|
||
|
14FC453B000
|
heap
|
page read and write
|
||
|
781403870000
|
direct allocation
|
page read and write
|
||
|
A01B9FC000
|
stack
|
page read and write
|
||
|
9DF000
|
stack
|
page read and write
|
||
|
14FC453C000
|
heap
|
page read and write
|
||
|
7814037B4000
|
direct allocation
|
page read and write
|
||
|
14FC4521000
|
heap
|
page read and write
|
||
|
14FC453F000
|
heap
|
page read and write
|
||
|
14FC4506000
|
heap
|
page read and write
|
||
|
14FC453B000
|
heap
|
page read and write
|
||
|
450C00255000
|
trusted library allocation
|
page read and write
|