Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SCAN COPY CV 310123.js
|
ASCII text, with very long lines (65536), with no line terminators
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_czkdqe.exe_edecdbe330d62627812ca3de941673a21cf89d_81d3edbc_120f58ca\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\czkdqe.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\czkdqe.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\jrwodjjaoqgx\vktp.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\vtvt.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_vktp.exe_f220d68fa7f9ede2a0543dab2aa8d083101aed6_c24664e9_075f69e1\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_vktp.exe_f220d68fa7f9ede2a0543dab2aa8d083101aed6_c24664e9_154359f3\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER485F.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Feb 1 15:39:46 2023, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER50BC.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Feb 1 15:39:47 2023, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5169.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER51C7.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5282.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER52F0.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6369.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Feb 1 15:39:51 2023, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER64A3.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6501.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bqehhpdje.pyv
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\chwzpb.c
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsg14BD.tmp
|
data
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve.LOG1
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 13 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\SCAN COPY CV 310123.js"
|
|
|
|
C:\Users\user\AppData\Roaming\vtvt.exe
|
"C:\Users\user\AppData\Roaming\vtvt.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\czkdqe.exe
|
"C:\Users\user\AppData\Local\Temp\czkdqe.exe" C:\Users\user\AppData\Local\Temp\chwzpb.c
|
|
|
|
C:\Users\user\AppData\Local\Temp\czkdqe.exe
|
C:\Users\user\AppData\Local\Temp\czkdqe.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\czkdqe.exe
|
"C:\Users\user\AppData\Local\Temp\czkdqe.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\jrwodjjaoqgx\vktp.exe
|
"C:\Users\user\AppData\Roaming\jrwodjjaoqgx\vktp.exe" "C:\Users\user\AppData\Local\Temp\czkdqe.exe" C:\Users\user\AppData\Local\
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 1372 -s 616
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 4936 -s 656
|
||
|
C:\Users\user\AppData\Roaming\jrwodjjaoqgx\vktp.exe
|
"C:\Users\user\AppData\Roaming\jrwodjjaoqgx\vktp.exe" "C:\Users\user\AppData\Local\Temp\czkdqe.exe" C:\Users\user\AppData\Local\
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 2160 -s 628
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bition.duckdns.org
|
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{8f4b0a41-3765-109c-ccd8-0b689df7d611}\Root\InventoryApplicationFile\czkdqe.exe|14a4864c
|
ProgramId
|
|
|
|
\REGISTRY\A\{8f4b0a41-3765-109c-ccd8-0b689df7d611}\Root\InventoryApplicationFile\czkdqe.exe|14a4864c
|
FileId
|
|
|
|
\REGISTRY\A\{8f4b0a41-3765-109c-ccd8-0b689df7d611}\Root\InventoryApplicationFile\czkdqe.exe|14a4864c
|
LowerCaseLongPath
|
|
|
|
\REGISTRY\A\{8f4b0a41-3765-109c-ccd8-0b689df7d611}\Root\InventoryApplicationFile\czkdqe.exe|14a4864c
|
LongPathHash
|
|
|
|
\REGISTRY\A\{8f4b0a41-3765-109c-ccd8-0b689df7d611}\Root\InventoryApplicationFile\czkdqe.exe|14a4864c
|
Name
|
|
|
|
\REGISTRY\A\{8f4b0a41-3765-109c-ccd8-0b689df7d611}\Root\InventoryApplicationFile\czkdqe.exe|14a4864c
|
Publisher
|
|
|
|
\REGISTRY\A\{8f4b0a41-3765-109c-ccd8-0b689df7d611}\Root\InventoryApplicationFile\czkdqe.exe|14a4864c
|
Version
|
|
|
|
\REGISTRY\A\{8f4b0a41-3765-109c-ccd8-0b689df7d611}\Root\InventoryApplicationFile\czkdqe.exe|14a4864c
|
BinFileVersion
|
|
|
|
\REGISTRY\A\{8f4b0a41-3765-109c-ccd8-0b689df7d611}\Root\InventoryApplicationFile\czkdqe.exe|14a4864c
|
BinaryType
|
|
|
|
\REGISTRY\A\{8f4b0a41-3765-109c-ccd8-0b689df7d611}\Root\InventoryApplicationFile\czkdqe.exe|14a4864c
|
ProductName
|
|
|
|
\REGISTRY\A\{8f4b0a41-3765-109c-ccd8-0b689df7d611}\Root\InventoryApplicationFile\czkdqe.exe|14a4864c
|
ProductVersion
|
|
|
|
\REGISTRY\A\{8f4b0a41-3765-109c-ccd8-0b689df7d611}\Root\InventoryApplicationFile\czkdqe.exe|14a4864c
|
LinkDate
|
|
|
|
\REGISTRY\A\{8f4b0a41-3765-109c-ccd8-0b689df7d611}\Root\InventoryApplicationFile\czkdqe.exe|14a4864c
|
BinProductVersion
|
|
|
|
\REGISTRY\A\{8f4b0a41-3765-109c-ccd8-0b689df7d611}\Root\InventoryApplicationFile\czkdqe.exe|14a4864c
|
Size
|
|
|
|
\REGISTRY\A\{8f4b0a41-3765-109c-ccd8-0b689df7d611}\Root\InventoryApplicationFile\czkdqe.exe|14a4864c
|
Language
|
|
|
|
\REGISTRY\A\{8f4b0a41-3765-109c-ccd8-0b689df7d611}\Root\InventoryApplicationFile\czkdqe.exe|14a4864c
|
IsPeFile
|
|
|
|
\REGISTRY\A\{8f4b0a41-3765-109c-ccd8-0b689df7d611}\Root\InventoryApplicationFile\czkdqe.exe|14a4864c
|
IsOsComponent
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
|
wyhcmkdbbhw
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
|
AmiHivePermissionsCorrect
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
|
AmiHiveOwnerCorrect
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\Windows Error Reporting\Debug
|
ExceptionRecord
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
0018800921810330
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
0018800921810330
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
There are 17 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
415000
|
system
|
page execute and read and write
|
|
|
|
361C000
|
trusted library allocation
|
page read and write
|
|
|
|
7E8000
|
heap
|
page read and write
|
|
|
|
35E1000
|
trusted library allocation
|
page read and write
|
|
|
|
23A0000
|
trusted library section
|
page read and write
|
|
|
|
4922000
|
direct allocation
|
page execute and read and write
|
|
|
|
400000
|
unkown
|
page readonly
|
||
|
1DD81720000
|
heap
|
page read and write
|
||
|
7FF524F4B000
|
unkown
|
page readonly
|
||
|
148347AB000
|
heap
|
page read and write
|
||
|
1DDFE405000
|
heap
|
page read and write
|
||
|
1A67F000
|
direct allocation
|
page read and write
|
||
|
14835660000
|
trusted library allocation
|
page read and write
|
||
|
7FF524E69000
|
unkown
|
page readonly
|
||
|
2C848802000
|
unkown
|
page read and write
|
||
|
2881D970000
|
trusted library allocation
|
page read and write
|
||
|
7FF524F2C000
|
unkown
|
page readonly
|
||
|
1DD809EC000
|
heap
|
page read and write
|
||
|
F878BFB000
|
stack
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
CB1BFF9000
|
stack
|
page read and write
|
||
|
7FF524F35000
|
unkown
|
page readonly
|
||
|
1DDFE3D8000
|
heap
|
page read and write
|
||
|
1A3D0000
|
direct allocation
|
page read and write
|
||
|
6BD97F7000
|
stack
|
page read and write
|
||
|
19517802000
|
trusted library allocation
|
page read and write
|
||
|
1DDFE3F4000
|
heap
|
page read and write
|
||
|
5100000
|
trusted library allocation
|
page read and write
|
||
|
635000
|
heap
|
page read and write
|
||
|
22EEB913000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page read and write
|
||
|
7FF524DE7000
|
unkown
|
page readonly
|
||
|
5050000
|
trusted library allocation
|
page read and write
|
||
|
148347A5000
|
heap
|
page read and write
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
1DDFE3E3000
|
heap
|
page read and write
|
||
|
85F000
|
heap
|
page read and write
|
||
|
F878FFF000
|
stack
|
page read and write
|
||
|
1DDFE383000
|
heap
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
1DD80346000
|
heap
|
page read and write
|
||
|
90F000
|
stack
|
page read and write
|
||
|
2C848013000
|
unkown
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
22BB0B15000
|
trusted library allocation
|
page read and write
|
||
|
1DD809EC000
|
heap
|
page read and write
|
||
|
6BD91FB000
|
stack
|
page read and write
|
||
|
1DDFE384000
|
heap
|
page read and write
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
7FF524EA4000
|
unkown
|
page readonly
|
||
|
22BB0A10000
|
unkown
|
page read and write
|
||
|
1DDFE3BF000
|
heap
|
page read and write
|
||
|
1DDFE3E5000
|
heap
|
page read and write
|
||
|
5351000
|
trusted library allocation
|
page read and write
|
||
|
846000
|
heap
|
page read and write
|
||
|
82D000
|
heap
|
page read and write
|
||
|
3C04D77000
|
stack
|
page read and write
|
||
|
1DDFE3C3000
|
heap
|
page read and write
|
||
|
1DD80E40000
|
heap
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
1A67B000
|
direct allocation
|
page read and write
|
||
|
2881DA60000
|
heap
|
page read and write
|
||
|
4A10000
|
trusted library allocation
|
page read and write
|
||
|
1A380000
|
direct allocation
|
page read and write
|
||
|
1DD80470000
|
heap
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
22EEB854000
|
heap
|
page read and write
|
||
|
2C848029000
|
unkown
|
page read and write
|
||
|
1DD8034B000
|
heap
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
625000
|
heap
|
page read and write
|
||
|
1DD80359000
|
heap
|
page read and write
|
||
|
1A4E6000
|
direct allocation
|
page read and write
|
||
|
22BB0E00000
|
heap
|
page read and write
|
||
|
14835380000
|
trusted library allocation
|
page read and write
|
||
|
1DDFE365000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1DD80550000
|
heap
|
page read and write
|
||
|
5050000
|
trusted library allocation
|
page read and write
|
||
|
848000
|
heap
|
page read and write
|
||
|
84F000
|
heap
|
page read and write
|
||
|
19517055000
|
heap
|
page read and write
|
||
|
2C848102000
|
unkown
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
1DDFE3EB000
|
heap
|
page read and write
|
||
|
86B000
|
heap
|
page read and write
|
||
|
172CE79000
|
stack
|
page read and write
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
1DD80551000
|
heap
|
page read and write
|
||
|
2881DA81000
|
heap
|
page read and write
|
||
|
288B000
|
heap
|
page read and write
|
||
|
7FF524EB8000
|
unkown
|
page readonly
|
||
|
7FF524EA4000
|
unkown
|
page readonly
|
||
|
1DD804F0000
|
heap
|
page read and write
|
||
|
2881DA02000
|
heap
|
page read and write
|
||
|
1A62F000
|
direct allocation
|
page read and write
|
||
|
1DDFE42A000
|
heap
|
page read and write
|
||
|
1DD81020000
|
trusted library allocation
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
1A510000
|
direct allocation
|
page read and write
|
||
|
1DDFE3F0000
|
heap
|
page read and write
|
||
|
1A62B000
|
direct allocation
|
page read and write
|
||
|
2C848590000
|
unkown
|
page readonly
|
||
|
410000
|
unkown
|
page readonly
|
||
|
1DDFE394000
|
heap
|
page read and write
|
||
|
79E000
|
stack
|
page read and write
|
||
|
1DD806BA000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
1DDFE3FD000
|
heap
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
1483478F000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
1DD806AE000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7FF524F18000
|
unkown
|
page readonly
|
||
|
1DD80358000
|
heap
|
page read and write
|
||
|
1DD80AF5000
|
heap
|
page read and write
|
||
|
1DD8034F000
|
heap
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
6BD98FF000
|
stack
|
page read and write
|
||
|
F8788FE000
|
stack
|
page read and write
|
||
|
1DDFE3E5000
|
heap
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
86A000
|
heap
|
page read and write
|
||
|
1951704A000
|
heap
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page execute and read and write
|
||
|
866000
|
heap
|
page read and write
|
||
|
14834700000
|
heap
|
page read and write
|
||
|
287F000
|
stack
|
page read and write
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
1DDFE3BC000
|
heap
|
page read and write
|
||
|
4920000
|
direct allocation
|
page execute and read and write
|
||
|
7FF524F18000
|
unkown
|
page readonly
|
||
|
5FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2220000
|
direct allocation
|
page read and write
|
||
|
1DD81762000
|
heap
|
page read and write
|
||
|
4F70000
|
trusted library allocation
|
page read and write
|
||
|
5070000
|
trusted library allocation
|
page read and write
|
||
|
8CE000
|
stack
|
page read and write
|
||
|
6AF000
|
stack
|
page read and write
|
||
|
86E000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
19516E80000
|
heap
|
page read and write
|
||
|
E064BFF000
|
stack
|
page read and write
|
||
|
1DDFE3BC000
|
heap
|
page read and write
|
||
|
23E0000
|
heap
|
page read and write
|
||
|
F87887C000
|
stack
|
page read and write
|
||
|
22EEB6F0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
5A0E000
|
stack
|
page read and write
|
||
|
22EEB87D000
|
heap
|
page read and write
|
||
|
78E000
|
stack
|
page read and write
|
||
|
6BD95FB000
|
stack
|
page read and write
|
||
|
1DD808F0000
|
heap
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
1A510000
|
direct allocation
|
page read and write
|
||
|
6BD94FE000
|
stack
|
page read and write
|
||
|
2C847E20000
|
heap
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
1DD80342000
|
heap
|
page read and write
|
||
|
A5C000
|
trusted library allocation
|
page read and write
|
||
|
61B000
|
trusted library allocation
|
page execute and read and write
|
||
|
58CE000
|
stack
|
page read and write
|
||
|
AEF000
|
stack
|
page read and write
|
||
|
14834748000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page read and write
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
22EEB860000
|
heap
|
page read and write
|
||
|
845000
|
heap
|
page read and write
|
||
|
1DDFE3A4000
|
heap
|
page read and write
|
||
|
43B000
|
unkown
|
page readonly
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
855000
|
heap
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
24F0000
|
trusted library allocation
|
page read and write
|
||
|
148356B0000
|
trusted library allocation
|
page read and write
|
||
|
14834750000
|
heap
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page read and write
|
||
|
22BB0A69000
|
heap
|
page read and write
|
||
|
7FF524E69000
|
unkown
|
page readonly
|
||
|
19A000
|
stack
|
page read and write
|
||
|
1483478F000
|
heap
|
page read and write
|
||
|
1DD8070D000
|
heap
|
page read and write
|
||
|
862000
|
heap
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
1A510000
|
direct allocation
|
page read and write
|
||
|
2881DA3C000
|
heap
|
page read and write
|
||
|
7E044FE000
|
stack
|
page read and write
|
||
|
897000
|
heap
|
page read and write
|
||
|
1DDFE3BF000
|
heap
|
page read and write
|
||
|
22EEB858000
|
heap
|
page read and write
|
||
|
22EEB908000
|
heap
|
page read and write
|
||
|
1DDFE3C0000
|
heap
|
page read and write
|
||
|
1DD808F1000
|
heap
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page read and write
|
||
|
A70000
|
heap
|
page execute and read and write
|
||
|
1DDFE2F0000
|
heap
|
page read and write
|
||
|
6BD9AFC000
|
stack
|
page read and write
|
||
|
5DA3000
|
heap
|
page read and write
|
||
|
9DE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7FF524DE7000
|
unkown
|
page readonly
|
||
|
7E040FF000
|
stack
|
page read and write
|
||
|
9AF000
|
stack
|
page read and write
|
||
|
1DDFFEE0000
|
heap
|
page read and write
|
||
|
14834740000
|
heap
|
page read and write
|
||
|
50A0000
|
trusted library allocation
|
page read and write
|
||
|
84F000
|
heap
|
page read and write
|
||
|
24FB000
|
trusted library allocation
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
1483478F000
|
heap
|
page read and write
|
||
|
5E8000
|
heap
|
page read and write
|
||
|
19517100000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
2881DA8C000
|
heap
|
page read and write
|
||
|
2C848000000
|
unkown
|
page read and write
|
||
|
7FF524C58000
|
unkown
|
page readonly
|
||
|
1DDFFEE1000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
22BB0F17000
|
heap
|
page read and write
|
||
|
1DD8173D000
|
heap
|
page read and write
|
||
|
1DDFE3BF000
|
heap
|
page read and write
|
||
|
2C848102000
|
unkown
|
page read and write
|
||
|
19516E20000
|
heap
|
page read and write
|
||
|
5081000
|
trusted library allocation
|
page read and write
|
||
|
19517108000
|
heap
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
22BB0F00000
|
heap
|
page read and write
|
||
|
1DD80345000
|
heap
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
606000
|
trusted library allocation
|
page execute and read and write
|
||
|
1DD80345000
|
heap
|
page read and write
|
||
|
5050000
|
trusted library allocation
|
page read and write
|
||
|
5240000
|
trusted library allocation
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
5081000
|
trusted library allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
3C04C7B000
|
stack
|
page read and write
|
||
|
19517013000
|
heap
|
page read and write
|
||
|
2881DA5E000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
22BB0A02000
|
unkown
|
page read and write
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
2881DA5F000
|
heap
|
page read and write
|
||
|
82D000
|
heap
|
page read and write
|
||
|
A60000
|
trusted library allocation
|
page execute and read and write
|
||
|
1DD80346000
|
heap
|
page read and write
|
||
|
1DDFE3C5000
|
heap
|
page read and write
|
||
|
1DDFE310000
|
heap
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
2881D8E0000
|
heap
|
page read and write
|
||
|
22BB09E0000
|
heap
|
page read and write
|
||
|
1DDFE396000
|
heap
|
page read and write
|
||
|
E064CFB000
|
stack
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1DDFE3E8000
|
heap
|
page read and write
|
||
|
1DDFE3DD000
|
heap
|
page read and write
|
||
|
148349F9000
|
heap
|
page read and write
|
||
|
5ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
836000
|
heap
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
14835630000
|
trusted library allocation
|
page read and write
|
||
|
79E000
|
stack
|
page read and write
|
||
|
852000
|
heap
|
page read and write
|
||
|
1DD80347000
|
heap
|
page read and write
|
||
|
1DDFE367000
|
heap
|
page read and write
|
||
|
19517113000
|
heap
|
page read and write
|
||
|
2C848000000
|
unkown
|
page read and write
|
||
|
2881DB00000
|
heap
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
2881DA5C000
|
heap
|
page read and write
|
||
|
1DDFE3CB000
|
heap
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
172CD79000
|
stack
|
page read and write
|
||
|
5250000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
40D000
|
unkown
|
page read and write
|
||
|
1DDFE3EC000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
6BD96FB000
|
stack
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
43B000
|
unkown
|
page readonly
|
||
|
2881DA62000
|
heap
|
page read and write
|
||
|
1DD81520000
|
heap
|
page read and write
|
||
|
24ED000
|
stack
|
page read and write
|
||
|
5D0000
|
trusted library allocation
|
page read and write
|
||
|
7A0000
|
trusted library allocation
|
page read and write
|
||
|
448000
|
heap
|
page read and write
|
||
|
1DD80340000
|
heap
|
page read and write
|
||
|
1DD8034F000
|
heap
|
page read and write
|
||
|
2C847F70000
|
unkown
|
page readonly
|
||
|
5050000
|
trusted library allocation
|
page read and write
|
||
|
1DD80551000
|
heap
|
page read and write
|
||
|
172CCF9000
|
stack
|
page read and write
|
||
|
7FF524E7B000
|
unkown
|
page readonly
|
||
|
1DDFE394000
|
heap
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
1DDFE396000
|
heap
|
page read and write
|
||
|
790000
|
trusted library allocation
|
page read and write
|
||
|
CB1BE7D000
|
stack
|
page read and write
|
||
|
1DDFE394000
|
heap
|
page read and write
|
||
|
5E4000
|
trusted library allocation
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
7FF524E72000
|
unkown
|
page readonly
|
||
|
7FF524EB5000
|
unkown
|
page readonly
|
||
|
22BB0F02000
|
heap
|
page read and write
|
||
|
7FF524E55000
|
unkown
|
page readonly
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
588F000
|
stack
|
page read and write
|
||
|
2C848802000
|
unkown
|
page read and write
|
||
|
7FF524F0F000
|
unkown
|
page readonly
|
||
|
1DDFE382000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
2C847F90000
|
unkown
|
page read and write
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
1A496000
|
direct allocation
|
page read and write
|
||
|
22EEB867000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2881D8D0000
|
heap
|
page read and write
|
||
|
5F0000
|
trusted library allocation
|
page read and write
|
||
|
59E000
|
stack
|
page read and write
|
||
|
22EEB83C000
|
heap
|
page read and write
|
||
|
7FF524E5B000
|
unkown
|
page readonly
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
14834787000
|
heap
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
1DDFE42A000
|
heap
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
1DD8070D000
|
heap
|
page read and write
|
||
|
148349F0000
|
heap
|
page read and write
|
||
|
612000
|
trusted library allocation
|
page read and write
|
||
|
427000
|
unkown
|
page read and write
|
||
|
1DDFE6F5000
|
heap
|
page read and write
|
||
|
847000
|
heap
|
page read and write
|
||
|
1A62F000
|
direct allocation
|
page read and write
|
||
|
21D0000
|
direct allocation
|
page read and write
|
||
|
5050000
|
trusted library allocation
|
page read and write
|
||
|
19517080000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
86B000
|
heap
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
5250000
|
trusted library allocation
|
page read and write
|
||
|
8DE000
|
stack
|
page read and write
|
||
|
7FF524E7B000
|
unkown
|
page readonly
|
||
|
85B000
|
heap
|
page read and write
|
||
|
5050000
|
trusted library allocation
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
25D7000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
22BB0A3B000
|
heap
|
page read and write
|
||
|
2881DA00000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
14835650000
|
trusted library allocation
|
page read and write
|
||
|
22BB0A3B000
|
heap
|
page read and write
|
||
|
5E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
50A0000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
22EEB800000
|
heap
|
page read and write
|
||
|
2C84803C000
|
unkown
|
page read and write
|
||
|
7FF524F4B000
|
unkown
|
page readonly
|
||
|
5360000
|
trusted library allocation
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
6EE000
|
stack
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
5240000
|
trusted library allocation
|
page execute and read and write
|
||
|
1951703C000
|
heap
|
page read and write
|
||
|
52E000
|
stack
|
page read and write
|
||
|
2C848052000
|
unkown
|
page read and write
|
||
|
4965000
|
trusted library allocation
|
page read and write
|
||
|
F878A7C000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1DD80341000
|
heap
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
1DDFE3BC000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
1DD806AF000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1A560000
|
direct allocation
|
page read and write
|
||
|
2881E402000
|
trusted library allocation
|
page read and write
|
||
|
5260000
|
trusted library allocation
|
page read and write
|
||
|
5050000
|
trusted library allocation
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
251C000
|
trusted library allocation
|
page read and write
|
||
|
78E000
|
stack
|
page read and write
|
||
|
57E000
|
stack
|
page read and write
|
||
|
1A560000
|
direct allocation
|
page read and write
|
||
|
CB1C379000
|
stack
|
page read and write
|
||
|
E064BFF000
|
stack
|
page read and write
|
||
|
1DD80DE0000
|
heap
|
page read and write
|
||
|
89F000
|
stack
|
page read and write
|
||
|
1DDFE3BF000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
7E049FF000
|
stack
|
page read and write
|
||
|
2881DA2E000
|
heap
|
page read and write
|
||
|
3C04F7C000
|
stack
|
page read and write
|
||
|
1DDFE3D4000
|
heap
|
page read and write
|
||
|
22EEB900000
|
heap
|
page read and write
|
||
|
22EEB813000
|
heap
|
page read and write
|
||
|
22BB0B02000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1A62F000
|
direct allocation
|
page read and write
|
||
|
19517050000
|
heap
|
page read and write
|
||
|
4A20000
|
heap
|
page execute and read and write
|
||
|
1A62B000
|
direct allocation
|
page read and write
|
||
|
2C848013000
|
unkown
|
page read and write
|
||
|
1A62F000
|
direct allocation
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
2290000
|
heap
|
page read and write
|
||
|
7FF524E55000
|
unkown
|
page readonly
|
||
|
425000
|
unkown
|
page read and write
|
||
|
2881DA83000
|
heap
|
page read and write
|
||
|
7FE50000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A3D0000
|
direct allocation
|
page read and write
|
||
|
250D000
|
trusted library allocation
|
page read and write
|
||
|
4F61000
|
trusted library allocation
|
page read and write
|
||
|
22EEC202000
|
trusted library allocation
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
5250000
|
trusted library allocation
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
AC0000
|
trusted library allocation
|
page read and write
|
||
|
2881DA5B000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
148346E0000
|
heap
|
page read and write
|
||
|
1A67B000
|
direct allocation
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
1A380000
|
direct allocation
|
page read and write
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
F878AFF000
|
stack
|
page read and write
|
||
|
1DD80365000
|
heap
|
page read and write
|
||
|
2507000
|
trusted library allocation
|
page read and write
|
||
|
1DD8064E000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
5040000
|
heap
|
page read and write
|
||
|
72F000
|
stack
|
page read and write
|
||
|
2C847E30000
|
heap
|
page read and write
|
||
|
5110000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
7FF524E5B000
|
unkown
|
page readonly
|
||
|
862000
|
heap
|
page read and write
|
||
|
AC5000
|
trusted library allocation
|
page read and write
|
||
|
7FF524E72000
|
unkown
|
page readonly
|
||
|
2C848052000
|
unkown
|
page read and write
|
||
|
1DDFE3C8000
|
heap
|
page read and write
|
||
|
74E000
|
stack
|
page read and write
|
||
|
5EA0000
|
heap
|
page read and write
|
||
|
5E0000
|
trusted library allocation
|
page read and write
|
||
|
1951706F000
|
heap
|
page read and write
|
||
|
7F7000
|
heap
|
page read and write
|
||
|
1DDFE3E5000
|
heap
|
page read and write
|
||
|
F878DFE000
|
stack
|
page read and write
|
||
|
1A496000
|
direct allocation
|
page read and write
|
||
|
2881DA13000
|
heap
|
page read and write
|
||
|
14834A00000
|
trusted library allocation
|
page read and write
|
||
|
1DDFE3BC000
|
heap
|
page read and write
|
||
|
1A4E6000
|
direct allocation
|
page read and write
|
||
|
21F0000
|
heap
|
page read and write
|
||
|
22BB0E02000
|
heap
|
page read and write
|
||
|
1DDFE384000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
148349F5000
|
heap
|
page read and write
|
||
|
617000
|
trusted library allocation
|
page execute and read and write
|
||
|
1951708A000
|
heap
|
page read and write
|
||
|
2C847F90000
|
unkown
|
page read and write
|
||
|
2C848590000
|
unkown
|
page readonly
|
||
|
1DD81420000
|
heap
|
page read and write
|
||
|
1DDFE396000
|
heap
|
page read and write
|
||
|
14835640000
|
heap
|
page readonly
|
||
|
1DD8076A000
|
heap
|
page read and write
|
||
|
14835370000
|
trusted library allocation
|
page read and write
|
||
|
5050000
|
trusted library allocation
|
page read and write
|
||
|
1DDFE3C8000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page read and write
|
||
|
7FF524F35000
|
unkown
|
page readonly
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
1DDFE369000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
5D8C000
|
stack
|
page read and write
|
||
|
22BB0E13000
|
heap
|
page read and write
|
||
|
54E000
|
stack
|
page read and write
|
||
|
2430000
|
heap
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
19517000000
|
heap
|
page read and write
|
||
|
1A3D0000
|
direct allocation
|
page read and write
|
||
|
19516E10000
|
heap
|
page read and write
|
||
|
1A67F000
|
direct allocation
|
page read and write
|
||
|
59CF000
|
stack
|
page read and write
|
||
|
23F0000
|
heap
|
page read and write
|
||
|
238F000
|
stack
|
page read and write
|
||
|
7FF524EA1000
|
unkown
|
page readonly
|
||
|
22EEB85C000
|
heap
|
page read and write
|
||
|
2C848200000
|
unkown
|
page readonly
|
||
|
1A67F000
|
direct allocation
|
page read and write
|
||
|
22BB0A28000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
E06469B000
|
stack
|
page read and write
|
||
|
2881DB02000
|
heap
|
page read and write
|
||
|
574F000
|
stack
|
page read and write
|
||
|
2630000
|
trusted library allocation
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
3C047AE000
|
stack
|
page read and write
|
||
|
1DDFE3D3000
|
heap
|
page read and write
|
||
|
E06469B000
|
stack
|
page read and write
|
||
|
F878EFD000
|
stack
|
page read and write
|
||
|
1DDFE369000
|
heap
|
page read and write
|
||
|
1DDFE3A4000
|
heap
|
page read and write
|
||
|
5355000
|
trusted library allocation
|
page read and write
|
||
|
65E000
|
stack
|
page read and write
|
||
|
868000
|
heap
|
page read and write
|
||
|
1A67B000
|
direct allocation
|
page read and write
|
||
|
22EEB700000
|
heap
|
page read and write
|
||
|
1DDFE34E000
|
heap
|
page read and write
|
||
|
2C848002000
|
unkown
|
page read and write
|
||
|
239F000
|
stack
|
page read and write
|
||
|
25D0000
|
heap
|
page read and write
|
||
|
19517102000
|
heap
|
page read and write
|
||
|
7B8000
|
heap
|
page read and write
|
||
|
1DDFE3E0000
|
heap
|
page read and write
|
||
|
5270000
|
trusted library allocation
|
page read and write
|
||
|
22EEB888000
|
heap
|
page read and write
|
||
|
148353F0000
|
trusted library allocation
|
page read and write
|
||
|
A50000
|
trusted library allocation
|
page read and write
|
||
|
22BB0F13000
|
heap
|
page read and write
|
||
|
22EEB902000
|
heap
|
page read and write
|
||
|
7FF524F0F000
|
unkown
|
page readonly
|
||
|
22BB0B23000
|
heap
|
page read and write
|
||
|
2515000
|
trusted library allocation
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
590000
|
direct allocation
|
page execute and read and write
|
||
|
5DA8000
|
heap
|
page read and write
|
||
|
2C847E20000
|
heap
|
page read and write
|
||
|
525D000
|
trusted library allocation
|
page read and write
|
||
|
2C848002000
|
unkown
|
page read and write
|
||
|
22BB0970000
|
heap
|
page read and write
|
||
|
1DDFFE50000
|
heap
|
page read and write
|
||
|
ACA000
|
trusted library allocation
|
page read and write
|
||
|
7A4000
|
trusted library allocation
|
page read and write
|
||
|
A5F000
|
trusted library allocation
|
page read and write
|
||
|
1DD806F5000
|
heap
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
22BB0A00000
|
unkown
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
5DA0000
|
heap
|
page read and write
|
||
|
1DDFE3A4000
|
heap
|
page read and write
|
||
|
2881DA29000
|
heap
|
page read and write
|
||
|
1A496000
|
direct allocation
|
page read and write
|
||
|
22EEB890000
|
heap
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
60A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A62B000
|
direct allocation
|
page read and write
|
||
|
1DD81742000
|
heap
|
page read and write
|
||
|
1DDFE3E5000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6BD99FB000
|
stack
|
page read and write
|
||
|
1A510000
|
direct allocation
|
page read and write
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
5130000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
2C847E30000
|
heap
|
page read and write
|
||
|
2881D940000
|
heap
|
page read and write
|
||
|
1DD806BA000
|
heap
|
page read and write
|
||
|
22BB0B00000
|
trusted library allocation
|
page read and write
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
7E046FE000
|
stack
|
page read and write
|
||
|
F878CF7000
|
stack
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
2C847F70000
|
unkown
|
page readonly
|
||
|
1A560000
|
direct allocation
|
page read and write
|
||
|
1A62B000
|
direct allocation
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
1DD80350000
|
heap
|
page read and write
|
||
|
1DD8070D000
|
heap
|
page read and write
|
||
|
AE0000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
844000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
858000
|
heap
|
page read and write
|
||
|
5050000
|
trusted library allocation
|
page read and write
|
||
|
7FF524F2C000
|
unkown
|
page readonly
|
||
|
414000
|
unkown
|
page read and write
|
||
|
7FF524F24000
|
unkown
|
page readonly
|
||
|
5050000
|
trusted library allocation
|
page read and write
|
||
|
3C04A7E000
|
stack
|
page read and write
|
||
|
19517029000
|
heap
|
page read and write
|
||
|
22EEB829000
|
heap
|
page read and write
|
||
|
1DD80347000
|
heap
|
page read and write
|
||
|
564E000
|
stack
|
page read and write
|
||
|
148347B0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
5DAD000
|
heap
|
page read and write
|
||
|
1951704D000
|
heap
|
page read and write
|
||
|
22BB0F02000
|
heap
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
9D000
|
stack
|
page read and write
|
||
|
7E047FE000
|
stack
|
page read and write
|
||
|
1DD804E0000
|
heap
|
page read and write
|
||
|
22BB0F13000
|
heap
|
page read and write
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
5250000
|
heap
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
2C848200000
|
unkown
|
page readonly
|
||
|
3C0472B000
|
stack
|
page read and write
|
||
|
5070000
|
trusted library allocation
|
page read and write
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
7FF524EB8000
|
unkown
|
page readonly
|
||
|
148345B0000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1A380000
|
direct allocation
|
page read and write
|
||
|
4942000
|
direct allocation
|
page execute and read and write
|
||
|
80E000
|
heap
|
page read and write
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
437000
|
unkown
|
page read and write
|
||
|
811000
|
heap
|
page read and write
|
||
|
198000
|
stack
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
7FF524EA1000
|
unkown
|
page readonly
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
E064CFB000
|
stack
|
page read and write
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
22BB0A13000
|
unkown
|
page read and write
|
||
|
2510000
|
trusted library allocation
|
page read and write
|
||
|
1A4E6000
|
direct allocation
|
page read and write
|
||
|
1DD806AF000
|
heap
|
page read and write
|
||
|
1DDFE396000
|
heap
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
2C847E90000
|
heap
|
page read and write
|
||
|
1DDFE381000
|
heap
|
page read and write
|
||
|
857000
|
heap
|
page read and write
|
||
|
19516F80000
|
trusted library allocation
|
page read and write
|
||
|
2881DB13000
|
heap
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
5C4F000
|
stack
|
page read and write
|
||
|
600000
|
trusted library allocation
|
page read and write
|
||
|
22BB0980000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
22BB0A68000
|
heap
|
page read and write
|
||
|
2410000
|
heap
|
page read and write
|
||
|
1DD80444000
|
heap
|
page read and write
|
||
|
7FF524C58000
|
unkown
|
page readonly
|
||
|
2881DA81000
|
heap
|
page read and write
|
||
|
5B4E000
|
stack
|
page read and write
|
||
|
836000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1DD8070D000
|
heap
|
page read and write
|
||
|
7FF524EB5000
|
unkown
|
page readonly
|
||
|
5050000
|
trusted library allocation
|
page read and write
|
||
|
858000
|
heap
|
page read and write
|
||
|
ABD000
|
stack
|
page read and write
|
||
|
73F000
|
stack
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
1DDFE280000
|
heap
|
page read and write
|
||
|
1DD80650000
|
heap
|
page read and write
|
||
|
2881DA51000
|
heap
|
page read and write
|
||
|
858000
|
heap
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
7E045FE000
|
stack
|
page read and write
|
||
|
1DDFE348000
|
heap
|
page read and write
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
2C848029000
|
unkown
|
page read and write
|
||
|
49E000
|
stack
|
page read and write
|
||
|
1DD806BA000
|
heap
|
page read and write
|
||
|
511A000
|
trusted library allocation
|
page read and write
|
||
|
F87897E000
|
stack
|
page read and write
|
||
|
1DDFE6F0000
|
heap
|
page read and write
|
||
|
1DDFE387000
|
heap
|
page read and write
|
||
|
1DDFE3F6000
|
heap
|
page read and write
|
||
|
1DDFE3A4000
|
heap
|
page read and write
|
||
|
2504000
|
trusted library allocation
|
page read and write
|
||
|
45E000
|
stack
|
page read and write
|
||
|
5B0F000
|
stack
|
page read and write
|
||
|
1DD80460000
|
heap
|
page read and write
|
||
|
1DDFE388000
|
heap
|
page read and write
|
||
|
7E043FE000
|
stack
|
page read and write
|
||
|
22EEB760000
|
heap
|
page read and write
|
||
|
5C8E000
|
stack
|
page read and write
|
||
|
50F0000
|
trusted library allocation
|
page read and write
|
||
|
172C91B000
|
stack
|
page read and write
|
||
|
7FF524F24000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2C847E90000
|
heap
|
page read and write
|
||
|
7E04AFB000
|
stack
|
page read and write
|
||
|
1A380000
|
direct allocation
|
page read and write
|
||
|
1DD80343000
|
heap
|
page read and write
|
||
|
22BB0A69000
|
heap
|
page read and write
|
||
|
22EEB862000
|
heap
|
page read and write
|
||
|
858000
|
heap
|
page read and write
|
||
|
22BB0A3B000
|
heap
|
page read and write
|
||
|
22B0000
|
heap
|
page read and write
|
||
|
89C000
|
heap
|
page read and write
|
||
|
7E041FE000
|
stack
|
page read and write
|
||
|
25E1000
|
trusted library allocation
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
1A496000
|
direct allocation
|
page read and write
|
||
|
148353E0000
|
trusted library allocation
|
page read and write
|
||
|
84F000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
A0F000
|
stack
|
page read and write
|
||
|
2881DB08000
|
heap
|
page read and write
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
1DD809EC000
|
heap
|
page read and write
|
||
|
3C04E7E000
|
stack
|
page read and write
|
||
|
50C0000
|
trusted library allocation
|
page read and write
|
||
|
2881DA5A000
|
heap
|
page read and write
|
||
|
2521000
|
trusted library allocation
|
page read and write
|
||
|
83F000
|
heap
|
page read and write
|
||
|
1DDFE340000
|
heap
|
page read and write
|
||
|
1DDFFFDE000
|
heap
|
page read and write
|
||
|
172CEFE000
|
stack
|
page read and write
|
||
|
1DD806B0000
|
heap
|
page read and write
|
||
|
1DD81010000
|
heap
|
page read and write
|
||
|
1DDFE3CD000
|
heap
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
2450000
|
heap
|
page read and write
|
||
|
6BD947E000
|
stack
|
page read and write
|
||
|
2C848036000
|
unkown
|
page read and write
|
||
|
71A000
|
heap
|
page read and write
|
||
|
148345A0000
|
heap
|
page read and write
|
||
|
5133000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
9CF000
|
stack
|
page read and write
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
4F60000
|
trusted library allocation
|
page read and write
|
||
|
435000
|
unkown
|
page read and write
|
||
|
1DD80AFB000
|
heap
|
page read and write
|
||
|
AD0000
|
trusted library allocation
|
page read and write
|
||
|
5050000
|
trusted library allocation
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
7E03D28000
|
stack
|
page read and write
|
||
|
1DDFE394000
|
heap
|
page read and write
|
||
|
1DD808F1000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
55A000
|
heap
|
page read and write
|
||
|
1DDFE42A000
|
heap
|
page read and write
|
||
|
172CDFF000
|
stack
|
page read and write
|
||
|
22EEB790000
|
trusted library allocation
|
page read and write
|
||
|
50F0000
|
trusted library allocation
|
page read and write
|
||
|
578E000
|
stack
|
page read and write
|
||
|
9EF000
|
stack
|
page read and write
|
||
|
88E000
|
stack
|
page read and write
|
||
|
4F30000
|
heap
|
page read and write
|
||
|
55E000
|
stack
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
1DD80342000
|
heap
|
page read and write
|
||
|
75F000
|
stack
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
There are 760 hidden memdumps, click here to show them.