Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SWIFT MO104978172_1301 EURO 9700.js
|
ASCII text, with very long lines (65536), with no line terminators
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_fdqkbs.exe_3b5310cef4636bfdd6ade66b7a63e113c499e9f_d2ed2369_0d427a15\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\fdqkbs.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\fdqkbs.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat
|
International EBCDIC text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_syhbwgs.exe_f4889ff7e22f232fc0b23411b3d2f693b1794092_282dfd12_0cfe7af0\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_syhbwgs.exe_f4889ff7e22f232fc0b23411b3d2f693b1794092_282dfd12_12f69936\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6FB5.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Feb 2 20:37:30 2023, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7246.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER72B4.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER72C2.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Feb 2 20:37:31 2023, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7478.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER74E7.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER932B.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Feb 2 20:37:39 2023, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER94E1.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9550.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\cdbnwuwdrt.r
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nse2F03.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\rkgnewnhq.v
|
data
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve.LOG1
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 13 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\SWIFT MO104978172_1301 EURO 9700.js"
|
|
|
|
C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe
|
"C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\fdqkbs.exe
|
"C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v
|
|
|
|
C:\Users\user\AppData\Local\Temp\fdqkbs.exe
|
C:\Users\user\AppData\Local\Temp\fdqkbs.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\fdqkbs.exe
|
"C:\Users\user\AppData\Local\Temp\fdqkbs.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe
|
"C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe" "C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppD
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 5316 -s 624
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 4612 -s 656
|
||
|
C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe
|
"C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe" "C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppD
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 1808 -s 628
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bition.duckdns.org
|
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{dba5fd69-e500-2eb7-0701-aa703196b261}\Root\InventoryApplicationFile\fdqkbs.exe|47585d80
|
ProgramId
|
|
|
|
\REGISTRY\A\{dba5fd69-e500-2eb7-0701-aa703196b261}\Root\InventoryApplicationFile\fdqkbs.exe|47585d80
|
FileId
|
|
|
|
\REGISTRY\A\{dba5fd69-e500-2eb7-0701-aa703196b261}\Root\InventoryApplicationFile\fdqkbs.exe|47585d80
|
LowerCaseLongPath
|
|
|
|
\REGISTRY\A\{dba5fd69-e500-2eb7-0701-aa703196b261}\Root\InventoryApplicationFile\fdqkbs.exe|47585d80
|
LongPathHash
|
|
|
|
\REGISTRY\A\{dba5fd69-e500-2eb7-0701-aa703196b261}\Root\InventoryApplicationFile\fdqkbs.exe|47585d80
|
Name
|
|
|
|
\REGISTRY\A\{dba5fd69-e500-2eb7-0701-aa703196b261}\Root\InventoryApplicationFile\fdqkbs.exe|47585d80
|
Publisher
|
|
|
|
\REGISTRY\A\{dba5fd69-e500-2eb7-0701-aa703196b261}\Root\InventoryApplicationFile\fdqkbs.exe|47585d80
|
Version
|
|
|
|
\REGISTRY\A\{dba5fd69-e500-2eb7-0701-aa703196b261}\Root\InventoryApplicationFile\fdqkbs.exe|47585d80
|
BinFileVersion
|
|
|
|
\REGISTRY\A\{dba5fd69-e500-2eb7-0701-aa703196b261}\Root\InventoryApplicationFile\fdqkbs.exe|47585d80
|
BinaryType
|
|
|
|
\REGISTRY\A\{dba5fd69-e500-2eb7-0701-aa703196b261}\Root\InventoryApplicationFile\fdqkbs.exe|47585d80
|
ProductName
|
|
|
|
\REGISTRY\A\{dba5fd69-e500-2eb7-0701-aa703196b261}\Root\InventoryApplicationFile\fdqkbs.exe|47585d80
|
ProductVersion
|
|
|
|
\REGISTRY\A\{dba5fd69-e500-2eb7-0701-aa703196b261}\Root\InventoryApplicationFile\fdqkbs.exe|47585d80
|
LinkDate
|
|
|
|
\REGISTRY\A\{dba5fd69-e500-2eb7-0701-aa703196b261}\Root\InventoryApplicationFile\fdqkbs.exe|47585d80
|
BinProductVersion
|
|
|
|
\REGISTRY\A\{dba5fd69-e500-2eb7-0701-aa703196b261}\Root\InventoryApplicationFile\fdqkbs.exe|47585d80
|
Size
|
|
|
|
\REGISTRY\A\{dba5fd69-e500-2eb7-0701-aa703196b261}\Root\InventoryApplicationFile\fdqkbs.exe|47585d80
|
Language
|
|
|
|
\REGISTRY\A\{dba5fd69-e500-2eb7-0701-aa703196b261}\Root\InventoryApplicationFile\fdqkbs.exe|47585d80
|
IsPeFile
|
|
|
|
\REGISTRY\A\{dba5fd69-e500-2eb7-0701-aa703196b261}\Root\InventoryApplicationFile\fdqkbs.exe|47585d80
|
IsOsComponent
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
|
aofpiisomve
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
|
AmiHivePermissionsCorrect
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
|
AmiHiveOwnerCorrect
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\Windows Error Reporting\Debug
|
ExceptionRecord
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
001840064172BCE4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
001840064172BCE4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
There are 17 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
608000
|
heap
|
page read and write
|
|
|
|
415000
|
system
|
page execute and read and write
|
|
|
|
2480000
|
trusted library section
|
page read and write
|
|
|
|
351C000
|
trusted library allocation
|
page read and write
|
|
|
|
4912000
|
direct allocation
|
page execute and read and write
|
|
|
|
34E1000
|
trusted library allocation
|
page read and write
|
|
|
|
2C173343000
|
heap
|
page read and write
|
||
|
15705302000
|
heap
|
page read and write
|
||
|
15705267000
|
heap
|
page read and write
|
||
|
2C173E80000
|
heap
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
8BF000
|
stack
|
page read and write
|
||
|
1DE9C502000
|
unkown
|
page read and write
|
||
|
21D0000
|
direct allocation
|
page read and write
|
||
|
66A000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
5C5F000
|
stack
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
27843662000
|
heap
|
page read and write
|
||
|
1D7A33A0000
|
trusted library allocation
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
667000
|
heap
|
page read and write
|
||
|
22C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D7A2A90000
|
heap
|
page read and write
|
||
|
4980000
|
heap
|
page read and write
|
||
|
24D7000
|
heap
|
page read and write
|
||
|
6DF000
|
stack
|
page read and write
|
||
|
2784363A000
|
heap
|
page read and write
|
||
|
1A70F000
|
direct allocation
|
page read and write
|
||
|
1DE9C370000
|
heap
|
page read and write
|
||
|
2C17374F000
|
heap
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
848367B000
|
stack
|
page read and write
|
||
|
1D7A2C3D000
|
heap
|
page read and write
|
||
|
2C173985000
|
heap
|
page read and write
|
||
|
2725D813000
|
heap
|
page read and write
|
||
|
2C173337000
|
heap
|
page read and write
|
||
|
E10DE7B000
|
stack
|
page read and write
|
||
|
19A8D7B000
|
stack
|
page read and write
|
||
|
27843655000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
7FF56944B000
|
unkown
|
page readonly
|
||
|
2C173710000
|
heap
|
page read and write
|
||
|
20C3ED02000
|
heap
|
page read and write
|
||
|
2C17140C000
|
heap
|
page read and write
|
||
|
1A460000
|
direct allocation
|
page read and write
|
||
|
1A70B000
|
direct allocation
|
page read and write
|
||
|
2725D800000
|
heap
|
page read and write
|
||
|
2C1712F0000
|
heap
|
page read and write
|
||
|
8FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D7A352A000
|
heap
|
page read and write
|
||
|
1DE9CE02000
|
unkown
|
page read and write
|
||
|
5D9C000
|
stack
|
page read and write
|
||
|
27843679000
|
heap
|
page read and write
|
||
|
1A70F000
|
direct allocation
|
page read and write
|
||
|
5090000
|
trusted library allocation
|
page read and write
|
||
|
848367B000
|
stack
|
page read and write
|
||
|
2C173710000
|
heap
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
1D7A33C0000
|
trusted library allocation
|
page read and write
|
||
|
E10E2FF000
|
stack
|
page read and write
|
||
|
1DE9C380000
|
unkown
|
page readonly
|
||
|
7FF569448000
|
unkown
|
page readonly
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
7FF5693D5000
|
unkown
|
page readonly
|
||
|
1D7A3813000
|
heap
|
page read and write
|
||
|
27843613000
|
heap
|
page read and write
|
||
|
5090000
|
trusted library allocation
|
page read and write
|
||
|
425000
|
unkown
|
page read and write
|
||
|
7FF56942B000
|
unkown
|
page readonly
|
||
|
7FF569150000
|
unkown
|
page readonly
|
||
|
A14C7FE000
|
stack
|
page read and write
|
||
|
1BDF7F000
|
stack
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page read and write
|
||
|
27844002000
|
trusted library allocation
|
page read and write
|
||
|
5250000
|
trusted library allocation
|
page read and write
|
||
|
13375202000
|
trusted library allocation
|
page read and write
|
||
|
1A576000
|
direct allocation
|
page read and write
|
||
|
1D7A2C96000
|
heap
|
page read and write
|
||
|
2725D870000
|
heap
|
page read and write
|
||
|
916000
|
trusted library allocation
|
page execute and read and write
|
||
|
27843667000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
272E000
|
stack
|
page read and write
|
||
|
1D7A2C8C000
|
heap
|
page read and write
|
||
|
58DE000
|
stack
|
page read and write
|
||
|
2C173332000
|
heap
|
page read and write
|
||
|
5351000
|
trusted library allocation
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
2C173504000
|
heap
|
page read and write
|
||
|
2C17140B000
|
heap
|
page read and write
|
||
|
1D7A350A000
|
heap
|
page read and write
|
||
|
2C173356000
|
heap
|
page read and write
|
||
|
5250000
|
trusted library allocation
|
page read and write
|
||
|
2725D860000
|
heap
|
page read and write
|
||
|
1D7A2C2F000
|
heap
|
page read and write
|
||
|
5D5000
|
heap
|
page read and write
|
||
|
7FF56941B000
|
unkown
|
page readonly
|
||
|
2C17148C000
|
heap
|
page read and write
|
||
|
2C1715C0000
|
heap
|
page read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
1A576000
|
direct allocation
|
page read and write
|
||
|
2C173331000
|
heap
|
page read and write
|
||
|
49E000
|
stack
|
page read and write
|
||
|
7F8000
|
heap
|
page read and write
|
||
|
2C17333B000
|
heap
|
page read and write
|
||
|
91A000
|
trusted library allocation
|
page execute and read and write
|
||
|
B7637D000
|
stack
|
page read and write
|
||
|
7FF5694CD000
|
unkown
|
page readonly
|
||
|
2C17148D000
|
heap
|
page read and write
|
||
|
45E000
|
stack
|
page read and write
|
||
|
4851000
|
trusted library allocation
|
page read and write
|
||
|
3FFFC79000
|
stack
|
page read and write
|
||
|
5200000
|
trusted library allocation
|
page read and write
|
||
|
D0A16FE000
|
stack
|
page read and write
|
||
|
5210000
|
trusted library allocation
|
page read and write
|
||
|
50C0000
|
trusted library allocation
|
page read and write
|
||
|
8EE000
|
stack
|
page read and write
|
||
|
4837000
|
trusted library allocation
|
page read and write
|
||
|
2725D829000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
2C173631000
|
heap
|
page read and write
|
||
|
27843674000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1D7A2AA0000
|
heap
|
page read and write
|
||
|
27843642000
|
heap
|
page read and write
|
||
|
15705040000
|
heap
|
page read and write
|
||
|
13374800000
|
heap
|
page read and write
|
||
|
1A576000
|
direct allocation
|
page read and write
|
||
|
133747D0000
|
remote allocation
|
page read and write
|
||
|
1A5F0000
|
direct allocation
|
page read and write
|
||
|
7FF5693F5000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1D7A2C93000
|
heap
|
page read and write
|
||
|
4F61000
|
trusted library allocation
|
page read and write
|
||
|
2C171412000
|
heap
|
page read and write
|
||
|
848357F000
|
stack
|
page read and write
|
||
|
A14C5FE000
|
stack
|
page read and write
|
||
|
157051A0000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page read and write
|
||
|
8F4000
|
trusted library allocation
|
page read and write
|
||
|
1DE9C370000
|
heap
|
page read and write
|
||
|
2C173703000
|
heap
|
page read and write
|
||
|
1DE9C3A0000
|
unkown
|
page read and write
|
||
|
19A8FFA000
|
stack
|
page read and write
|
||
|
1D7A35C1000
|
heap
|
page read and write
|
||
|
20C3EB70000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
675000
|
heap
|
page read and write
|
||
|
2C17141C000
|
heap
|
page read and write
|
||
|
27843656000
|
heap
|
page read and write
|
||
|
15705270000
|
heap
|
page read and write
|
||
|
2C173839000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2725D902000
|
heap
|
page read and write
|
||
|
15705269000
|
heap
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
90D000
|
trusted library allocation
|
page execute and read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
414000
|
unkown
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
1A5F0000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
667000
|
heap
|
page read and write
|
||
|
2C171401000
|
heap
|
page read and write
|
||
|
213E000
|
stack
|
page read and write
|
||
|
2194000
|
trusted library allocation
|
page read and write
|
||
|
2C173317000
|
heap
|
page read and write
|
||
|
E10E5FF000
|
stack
|
page read and write
|
||
|
A14C4FE000
|
stack
|
page read and write
|
||
|
66B000
|
heap
|
page read and write
|
||
|
4900000
|
trusted library allocation
|
page read and write
|
||
|
1D7A2C58000
|
heap
|
page read and write
|
||
|
20C3EC00000
|
heap
|
page read and write
|
||
|
52E000
|
stack
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
27843570000
|
heap
|
page read and write
|
||
|
A14C37E000
|
stack
|
page read and write
|
||
|
4845000
|
trusted library allocation
|
page read and write
|
||
|
5090000
|
trusted library allocation
|
page read and write
|
||
|
2C173EA0000
|
trusted library allocation
|
page read and write
|
||
|
2C173705000
|
heap
|
page read and write
|
||
|
1D7A2D13000
|
heap
|
page read and write
|
||
|
27843560000
|
heap
|
page read and write
|
||
|
2C173E90000
|
heap
|
page read and write
|
||
|
2784367A000
|
heap
|
page read and write
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
1DE9C310000
|
heap
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page read and write
|
||
|
3FFFE7F000
|
stack
|
page read and write
|
||
|
27843661000
|
heap
|
page read and write
|
||
|
67F000
|
heap
|
page read and write
|
||
|
2C171390000
|
heap
|
page read and write
|
||
|
E10E07B000
|
stack
|
page read and write
|
||
|
5070000
|
trusted library allocation
|
page execute and read and write
|
||
|
20C3EA70000
|
heap
|
page read and write
|
||
|
675000
|
heap
|
page read and write
|
||
|
7FF5693ED000
|
unkown
|
page readonly
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
1A70F000
|
direct allocation
|
page read and write
|
||
|
24D0000
|
heap
|
page read and write
|
||
|
2C17147C000
|
heap
|
page read and write
|
||
|
2C1713FE000
|
heap
|
page read and write
|
||
|
5090000
|
trusted library allocation
|
page read and write
|
||
|
4950000
|
trusted library allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
E10E6FF000
|
stack
|
page read and write
|
||
|
1BE07D000
|
stack
|
page read and write
|
||
|
1BD7FB000
|
stack
|
page read and write
|
||
|
5091000
|
trusted library allocation
|
page read and write
|
||
|
247D000
|
stack
|
page read and write
|
||
|
7B8000
|
heap
|
page read and write
|
||
|
5090000
|
trusted library allocation
|
page read and write
|
||
|
3FFFB7E000
|
stack
|
page read and write
|
||
|
7FF5693DA000
|
unkown
|
page readonly
|
||
|
7FF569418000
|
unkown
|
page readonly
|
||
|
4840000
|
trusted library allocation
|
page read and write
|
||
|
2C17374F000
|
heap
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
685000
|
heap
|
page read and write
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
1D7A2C5C000
|
heap
|
page read and write
|
||
|
1BDCFC000
|
stack
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page read and write
|
||
|
484C000
|
trusted library allocation
|
page read and write
|
||
|
27843631000
|
heap
|
page read and write
|
||
|
15705313000
|
heap
|
page read and write
|
||
|
2C173773000
|
heap
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
1DE9C402000
|
unkown
|
page read and write
|
||
|
26EF000
|
stack
|
page read and write
|
||
|
133747A0000
|
trusted library allocation
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
B7627B000
|
stack
|
page read and write
|
||
|
848327B000
|
stack
|
page read and write
|
||
|
1DE9C413000
|
unkown
|
page read and write
|
||
|
2C173230000
|
heap
|
page read and write
|
||
|
5360000
|
trusted library allocation
|
page read and write
|
||
|
4970000
|
trusted library allocation
|
page read and write
|
||
|
2C173630000
|
heap
|
page read and write
|
||
|
54E000
|
stack
|
page read and write
|
||
|
1570528A000
|
heap
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
228E000
|
stack
|
page read and write
|
||
|
68B000
|
heap
|
page read and write
|
||
|
2725D85A000
|
heap
|
page read and write
|
||
|
D0A0F99000
|
stack
|
page read and write
|
||
|
19A8EFE000
|
stack
|
page read and write
|
||
|
7FF5693E6000
|
unkown
|
page readonly
|
||
|
A14C2FE000
|
stack
|
page read and write
|
||
|
683000
|
heap
|
page read and write
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
7CF000
|
stack
|
page read and write
|
||
|
2725D6F0000
|
heap
|
page read and write
|
||
|
27843682000
|
heap
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page read and write
|
||
|
2C173C90000
|
heap
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
7FF569453000
|
unkown
|
page readonly
|
||
|
922000
|
trusted library allocation
|
page read and write
|
||
|
2C173988000
|
heap
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
19C000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2C17141A000
|
heap
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
5220000
|
trusted library allocation
|
page read and write
|
||
|
662000
|
heap
|
page read and write
|
||
|
2C17146C000
|
heap
|
page read and write
|
||
|
1A460000
|
direct allocation
|
page read and write
|
||
|
2725E202000
|
trusted library allocation
|
page read and write
|
||
|
22A0000
|
heap
|
page read and write
|
||
|
21A0000
|
heap
|
page execute and read and write
|
||
|
2C173431000
|
heap
|
page read and write
|
||
|
43B000
|
unkown
|
page readonly
|
||
|
414000
|
unkown
|
page write copy
|
||
|
59DF000
|
stack
|
page read and write
|
||
|
2784367D000
|
heap
|
page read and write
|
||
|
7FF5694AE000
|
unkown
|
page readonly
|
||
|
7FF569418000
|
unkown
|
page readonly
|
||
|
13374854000
|
heap
|
page read and write
|
||
|
5070000
|
trusted library allocation
|
page read and write
|
||
|
681000
|
heap
|
page read and write
|
||
|
198000
|
stack
|
page read and write
|
||
|
2C171407000
|
heap
|
page read and write
|
||
|
27843640000
|
heap
|
page read and write
|
||
|
19A90FF000
|
stack
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
2C171401000
|
heap
|
page read and write
|
||
|
2C171482000
|
heap
|
page read and write
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
27843600000
|
heap
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page read and write
|
||
|
1A70B000
|
direct allocation
|
page read and write
|
||
|
2C1713F8000
|
heap
|
page read and write
|
||
|
1A70F000
|
direct allocation
|
page read and write
|
||
|
27843646000
|
heap
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
13374829000
|
heap
|
page read and write
|
||
|
2725D700000
|
heap
|
page read and write
|
||
|
589F000
|
stack
|
page read and write
|
||
|
2C173303000
|
heap
|
page read and write
|
||
|
2C17147B000
|
heap
|
page read and write
|
||
|
7FF56942B000
|
unkown
|
page readonly
|
||
|
1BDC7E000
|
stack
|
page read and write
|
||
|
19A917F000
|
stack
|
page read and write
|
||
|
7FF5694C6000
|
unkown
|
page readonly
|
||
|
157052E2000
|
heap
|
page read and write
|
||
|
1A5F0000
|
direct allocation
|
page read and write
|
||
|
66D000
|
heap
|
page read and write
|
||
|
15705A02000
|
heap
|
page read and write
|
||
|
1A70F000
|
direct allocation
|
page read and write
|
||
|
5EA0000
|
heap
|
page read and write
|
||
|
495000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
D0A19FF000
|
stack
|
page read and write
|
||
|
217D000
|
stack
|
page read and write
|
||
|
1D7A352A000
|
heap
|
page read and write
|
||
|
427000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
675000
|
heap
|
page read and write
|
||
|
2C173317000
|
heap
|
page read and write
|
||
|
50C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF56941E000
|
unkown
|
page readonly
|
||
|
1DE9C300000
|
heap
|
page read and write
|
||
|
2C1743A0000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
2C17379B000
|
heap
|
page read and write
|
||
|
5C9E000
|
stack
|
page read and write
|
||
|
1A70B000
|
direct allocation
|
page read and write
|
||
|
1DE9C300000
|
heap
|
page read and write
|
||
|
1D7A2C45000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
27843658000
|
heap
|
page read and write
|
||
|
2C171680000
|
heap
|
page read and write
|
||
|
5220000
|
trusted library allocation
|
page read and write
|
||
|
1D7A2DB9000
|
heap
|
page read and write
|
||
|
7FF569448000
|
unkown
|
page readonly
|
||
|
2C173333000
|
heap
|
page read and write
|
||
|
27843663000
|
heap
|
page read and write
|
||
|
66D000
|
heap
|
page read and write
|
||
|
5250000
|
heap
|
page read and write
|
||
|
D0A13FD000
|
stack
|
page read and write
|
||
|
67D000
|
heap
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
5AE000
|
stack
|
page read and write
|
||
|
2C173742000
|
heap
|
page read and write
|
||
|
900000
|
trusted library allocation
|
page read and write
|
||
|
7EE000
|
heap
|
page read and write
|
||
|
D0A1BFB000
|
stack
|
page read and write
|
||
|
22BF000
|
trusted library allocation
|
page read and write
|
||
|
1A70B000
|
direct allocation
|
page read and write
|
||
|
2C173430000
|
heap
|
page read and write
|
||
|
1DE9CA60000
|
unkown
|
page readonly
|
||
|
410000
|
unkown
|
page readonly
|
||
|
48E000
|
stack
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
2C171280000
|
heap
|
page read and write
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
490000
|
heap
|
page read and write
|
||
|
1DE9C380000
|
unkown
|
page readonly
|
||
|
414000
|
unkown
|
page read and write
|
||
|
5090000
|
trusted library allocation
|
page read and write
|
||
|
1D7A355C000
|
heap
|
page read and write
|
||
|
2784366B000
|
heap
|
page read and write
|
||
|
1DE9C441000
|
unkown
|
page read and write
|
||
|
1BDEFD000
|
stack
|
page read and write
|
||
|
927000
|
trusted library allocation
|
page execute and read and write
|
||
|
D0A15FF000
|
stack
|
page read and write
|
||
|
9EF000
|
stack
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
1DE9C43B000
|
unkown
|
page read and write
|
||
|
15705243000
|
heap
|
page read and write
|
||
|
2C171417000
|
heap
|
page read and write
|
||
|
4F70000
|
trusted library allocation
|
page read and write
|
||
|
5250000
|
trusted library allocation
|
page read and write
|
||
|
4F90000
|
heap
|
page read and write
|
||
|
2C171310000
|
heap
|
page read and write
|
||
|
50A0000
|
trusted library allocation
|
page read and write
|
||
|
2C173753000
|
heap
|
page read and write
|
||
|
5355000
|
trusted library allocation
|
page read and write
|
||
|
7FF56944B000
|
unkown
|
page readonly
|
||
|
1D7A354B000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
7FF5694C6000
|
unkown
|
page readonly
|
||
|
7FF5693F9000
|
unkown
|
page readonly
|
||
|
2C173320000
|
heap
|
page read and write
|
||
|
1DE9C441000
|
unkown
|
page read and write
|
||
|
414000
|
unkown
|
page read and write
|
||
|
24CA000
|
trusted library allocation
|
page read and write
|
||
|
57A000
|
heap
|
page read and write
|
||
|
2784365D000
|
heap
|
page read and write
|
||
|
2725D913000
|
heap
|
page read and write
|
||
|
1DE9C3A0000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
27843659000
|
heap
|
page read and write
|
||
|
282F000
|
stack
|
page read and write
|
||
|
1A576000
|
direct allocation
|
page read and write
|
||
|
50D0000
|
trusted library allocation
|
page read and write
|
||
|
5DB5000
|
heap
|
page read and write
|
||
|
1D7A3402000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
68D000
|
heap
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
D0A12FE000
|
stack
|
page read and write
|
||
|
23D0000
|
heap
|
page read and write
|
||
|
2C1713B5000
|
heap
|
page read and write
|
||
|
20C3EC2E000
|
heap
|
page read and write
|
||
|
92B000
|
trusted library allocation
|
page execute and read and write
|
||
|
157050A0000
|
heap
|
page read and write
|
||
|
27843673000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
1A5F0000
|
direct allocation
|
page read and write
|
||
|
483A000
|
trusted library allocation
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page read and write
|
||
|
157052C7000
|
heap
|
page read and write
|
||
|
E10E7FE000
|
stack
|
page read and write
|
||
|
2C17379B000
|
heap
|
page read and write
|
||
|
2C171404000
|
heap
|
page read and write
|
||
|
3FFF74C000
|
stack
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
2784364D000
|
heap
|
page read and write
|
||
|
2725D83F000
|
heap
|
page read and write
|
||
|
15705229000
|
heap
|
page read and write
|
||
|
2C173C00000
|
heap
|
page read and write
|
||
|
7FF56912B000
|
unkown
|
page readonly
|
||
|
13374802000
|
heap
|
page read and write
|
||
|
2784365A000
|
heap
|
page read and write
|
||
|
7FF5694CD000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7FF5694C1000
|
unkown
|
page readonly
|
||
|
1A576000
|
direct allocation
|
page read and write
|
||
|
5090000
|
trusted library allocation
|
page read and write
|
||
|
D0A17FE000
|
stack
|
page read and write
|
||
|
2C17139E000
|
heap
|
page read and write
|
||
|
1DE9C6D0000
|
unkown
|
page readonly
|
||
|
2C1713F9000
|
heap
|
page read and write
|
||
|
7FF569432000
|
unkown
|
page readonly
|
||
|
5DA0000
|
heap
|
page read and write
|
||
|
7FF56941E000
|
unkown
|
page readonly
|
||
|
A14C6FE000
|
stack
|
page read and write
|
||
|
1D7A2C7B000
|
heap
|
page read and write
|
||
|
2C17331D000
|
heap
|
page read and write
|
||
|
4820000
|
trusted library allocation
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
848327B000
|
stack
|
page read and write
|
||
|
4F80000
|
heap
|
page read and write
|
||
|
7BA000
|
heap
|
page read and write
|
||
|
1A70F000
|
direct allocation
|
page read and write
|
||
|
482B000
|
trusted library allocation
|
page read and write
|
||
|
133747D0000
|
remote allocation
|
page read and write
|
||
|
1D7A2CB7000
|
heap
|
page read and write
|
||
|
15705200000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1A460000
|
direct allocation
|
page read and write
|
||
|
2200000
|
heap
|
page read and write
|
||
|
7FF5693ED000
|
unkown
|
page readonly
|
||
|
414000
|
unkown
|
page write copy
|
||
|
570000
|
heap
|
page read and write
|
||
|
B7667E000
|
stack
|
page read and write
|
||
|
50A0000
|
trusted library allocation
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
15705B00000
|
heap
|
page read and write
|
||
|
9AF000
|
stack
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
2C1713B9000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5200000
|
trusted library allocation
|
page read and write
|
||
|
579E000
|
stack
|
page read and write
|
||
|
2C1713B7000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
157052BF000
|
heap
|
page read and write
|
||
|
2C173504000
|
heap
|
page read and write
|
||
|
1D7A3830000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
414000
|
unkown
|
page write copy
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
2725D867000
|
heap
|
page read and write
|
||
|
B75F7F000
|
stack
|
page read and write
|
||
|
7FF5693DC000
|
unkown
|
page readonly
|
||
|
20C3EC45000
|
heap
|
page read and write
|
||
|
9EF000
|
stack
|
page read and write
|
||
|
2180000
|
trusted library allocation
|
page read and write
|
||
|
2C17331C000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
9D000
|
stack
|
page read and write
|
||
|
2C173338000
|
heap
|
page read and write
|
||
|
2C171472000
|
heap
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
683000
|
heap
|
page read and write
|
||
|
5220000
|
trusted library allocation
|
page read and write
|
||
|
2C17332D000
|
heap
|
page read and write
|
||
|
2C1713F8000
|
heap
|
page read and write
|
||
|
133747D0000
|
remote allocation
|
page read and write
|
||
|
8CF000
|
stack
|
page read and write
|
||
|
1D7A3823000
|
heap
|
page read and write
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
1D7A2C6F000
|
heap
|
page read and write
|
||
|
2C171483000
|
heap
|
page read and write
|
||
|
2C1715A0000
|
heap
|
page read and write
|
||
|
2C173231000
|
heap
|
page read and write
|
||
|
2C173335000
|
heap
|
page read and write
|
||
|
8EE000
|
stack
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
E10E4FD000
|
stack
|
page read and write
|
||
|
5090000
|
trusted library allocation
|
page read and write
|
||
|
7FF5693F9000
|
unkown
|
page readonly
|
||
|
483D000
|
trusted library allocation
|
page read and write
|
||
|
1A576000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2C171407000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
5240000
|
trusted library allocation
|
page read and write
|
||
|
157052D0000
|
heap
|
page read and write
|
||
|
D0A18FE000
|
stack
|
page read and write
|
||
|
2C17148D000
|
heap
|
page read and write
|
||
|
2C171685000
|
heap
|
page read and write
|
||
|
2C17146C000
|
heap
|
page read and write
|
||
|
22B0000
|
trusted library allocation
|
page read and write
|
||
|
B761FD000
|
stack
|
page read and write
|
||
|
1D7A3827000
|
heap
|
page read and write
|
||
|
1D7A3802000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5070000
|
trusted library allocation
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
674000
|
heap
|
page read and write
|
||
|
525D000
|
trusted library allocation
|
page read and write
|
||
|
480000
|
direct allocation
|
page execute and read and write
|
||
|
13374700000
|
heap
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page read and write
|
||
|
27843660000
|
heap
|
page read and write
|
||
|
71E000
|
stack
|
page read and write
|
||
|
4932000
|
direct allocation
|
page execute and read and write
|
||
|
2C17332D000
|
heap
|
page read and write
|
||
|
1BE1FC000
|
stack
|
page read and write
|
||
|
4EE000
|
stack
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
2C17334A000
|
heap
|
page read and write
|
||
|
2725D790000
|
trusted library allocation
|
page read and write
|
||
|
2C173C60000
|
heap
|
page read and write
|
||
|
2C17331F000
|
heap
|
page read and write
|
||
|
2C1737D5000
|
heap
|
page read and write
|
||
|
2390000
|
heap
|
page read and write
|
||
|
2C171398000
|
heap
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
7FF5693DC000
|
unkown
|
page readonly
|
||
|
1A460000
|
direct allocation
|
page read and write
|
||
|
7FF569415000
|
unkown
|
page readonly
|
||
|
550000
|
heap
|
page read and write
|
||
|
1D7A2C89000
|
heap
|
page read and write
|
||
|
2530000
|
trusted library allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
13374710000
|
heap
|
page read and write
|
||
|
7FF56941B000
|
unkown
|
page readonly
|
||
|
2C17141E000
|
heap
|
page read and write
|
||
|
7FF5693DA000
|
unkown
|
page readonly
|
||
|
1337483D000
|
heap
|
page read and write
|
||
|
1A460000
|
direct allocation
|
page read and write
|
||
|
19A8AFA000
|
stack
|
page read and write
|
||
|
1A70B000
|
direct allocation
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
22BC000
|
trusted library allocation
|
page read and write
|
||
|
528000
|
heap
|
page read and write
|
||
|
20C3EC29000
|
heap
|
page read and write
|
||
|
20C3EC3C000
|
heap
|
page read and write
|
||
|
848357F000
|
stack
|
page read and write
|
||
|
2725D881000
|
heap
|
page read and write
|
||
|
20C3EC48000
|
heap
|
page read and write
|
||
|
B759FB000
|
stack
|
page read and write
|
||
|
2C171660000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
B7657D000
|
stack
|
page read and write
|
||
|
7FF569415000
|
unkown
|
page readonly
|
||
|
2725D860000
|
heap
|
page read and write
|
||
|
2C173504000
|
heap
|
page read and write
|
||
|
20C3EC53000
|
heap
|
page read and write
|
||
|
A14C27B000
|
stack
|
page read and write
|
||
|
2C171407000
|
heap
|
page read and write
|
||
|
70F000
|
stack
|
page read and write
|
||
|
2784365C000
|
heap
|
page read and write
|
||
|
B760FC000
|
stack
|
page read and write
|
||
|
2C173431000
|
heap
|
page read and write
|
||
|
683000
|
heap
|
page read and write
|
||
|
B75DFC000
|
stack
|
page read and write
|
||
|
27843702000
|
heap
|
page read and write
|
||
|
7F6000
|
heap
|
page read and write
|
||
|
414000
|
unkown
|
page read and write
|
||
|
50B0000
|
heap
|
page read and write
|
||
|
19A8C7F000
|
stack
|
page read and write
|
||
|
B7607E000
|
stack
|
page read and write
|
||
|
20C3F402000
|
trusted library allocation
|
page read and write
|
||
|
7FF569425000
|
unkown
|
page readonly
|
||
|
59E000
|
stack
|
page read and write
|
||
|
1D7A2C78000
|
heap
|
page read and write
|
||
|
7FF569150000
|
unkown
|
page readonly
|
||
|
5260000
|
trusted library allocation
|
page read and write
|
||
|
1D7A35B3000
|
heap
|
page read and write
|
||
|
22D0000
|
heap
|
page read and write
|
||
|
68A000
|
heap
|
page read and write
|
||
|
2C1737D7000
|
heap
|
page read and write
|
||
|
21C0000
|
heap
|
page read and write
|
||
|
675000
|
heap
|
page read and write
|
||
|
565E000
|
stack
|
page read and write
|
||
|
5250000
|
trusted library allocation
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
681000
|
heap
|
page read and write
|
||
|
2190000
|
trusted library allocation
|
page read and write
|
||
|
7EE000
|
heap
|
page read and write
|
||
|
688000
|
heap
|
page read and write
|
||
|
5B1F000
|
stack
|
page read and write
|
||
|
1A460000
|
direct allocation
|
page read and write
|
||
|
24E1000
|
trusted library allocation
|
page read and write
|
||
|
2784363C000
|
heap
|
page read and write
|
||
|
19A91FF000
|
stack
|
page read and write
|
||
|
2C173338000
|
heap
|
page read and write
|
||
|
1DE9C502000
|
unkown
|
page read and write
|
||
|
7F6000
|
heap
|
page read and write
|
||
|
2C1713FC000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
1A5F0000
|
direct allocation
|
page read and write
|
||
|
1D7A3598000
|
heap
|
page read and write
|
||
|
8E0000
|
trusted library allocation
|
page read and write
|
||
|
24C0000
|
trusted library allocation
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
7FF5694AE000
|
unkown
|
page readonly
|
||
|
7F9000
|
heap
|
page read and write
|
||
|
50C0000
|
trusted library allocation
|
page read and write
|
||
|
2220000
|
direct allocation
|
page read and write
|
||
|
1DE9C310000
|
heap
|
page read and write
|
||
|
1DE9C400000
|
unkown
|
page read and write
|
||
|
20F0000
|
trusted library allocation
|
page read and write
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
27843657000
|
heap
|
page read and write
|
||
|
7FF56912B000
|
unkown
|
page readonly
|
||
|
2C173336000
|
heap
|
page read and write
|
||
|
B7647E000
|
stack
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
7FF5694C1000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
5090000
|
trusted library allocation
|
page read and write
|
||
|
5220000
|
trusted library allocation
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
2C17332D000
|
heap
|
page read and write
|
||
|
678000
|
heap
|
page read and write
|
||
|
5220000
|
trusted library allocation
|
page read and write
|
||
|
910000
|
trusted library allocation
|
page read and write
|
||
|
1DE9C429000
|
unkown
|
page read and write
|
||
|
52E000
|
stack
|
page read and write
|
||
|
20C3EC02000
|
heap
|
page read and write
|
||
|
5250000
|
trusted library allocation
|
page read and write
|
||
|
7FF569432000
|
unkown
|
page readonly
|
||
|
66A000
|
heap
|
page read and write
|
||
|
27843641000
|
heap
|
page read and write
|
||
|
2C171487000
|
heap
|
page read and write
|
||
|
43B000
|
unkown
|
page readonly
|
||
|
7FF569367000
|
unkown
|
page readonly
|
||
|
E10E1FB000
|
stack
|
page read and write
|
||
|
2C173348000
|
heap
|
page read and write
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
20C3EA20000
|
heap
|
page read and write
|
||
|
E10E8FE000
|
stack
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
15705213000
|
heap
|
page read and write
|
||
|
E10E9FF000
|
stack
|
page read and write
|
||
|
7FF569453000
|
unkown
|
page readonly
|
||
|
5090000
|
trusted library allocation
|
page read and write
|
||
|
5220000
|
heap
|
page read and write
|
||
|
22AF000
|
stack
|
page read and write
|
||
|
9AF000
|
stack
|
page read and write
|
||
|
27843676000
|
heap
|
page read and write
|
||
|
1D7A2DE5000
|
heap
|
page read and write
|
||
|
1D7A3800000
|
heap
|
page read and write
|
||
|
2C173340000
|
heap
|
page read and write
|
||
|
13374813000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
40C000
|
unkown
|
page read and write
|
||
|
67F000
|
heap
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page read and write
|
||
|
1DE9CA60000
|
unkown
|
page readonly
|
||
|
66A000
|
heap
|
page read and write
|
||
|
7FE50000
|
trusted library allocation
|
page execute and read and write
|
||
|
2725D760000
|
heap
|
page read and write
|
||
|
7FF569367000
|
unkown
|
page readonly
|
||
|
3FFFD7F000
|
stack
|
page read and write
|
||
|
1A5F0000
|
direct allocation
|
page read and write
|
||
|
2C17379B000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
1DE9C402000
|
unkown
|
page read and write
|
||
|
1A576000
|
direct allocation
|
page read and write
|
||
|
2725D887000
|
heap
|
page read and write
|
||
|
27843664000
|
heap
|
page read and write
|
||
|
4F93000
|
heap
|
page read and write
|
||
|
4834000
|
trusted library allocation
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page read and write
|
||
|
7FF5693E6000
|
unkown
|
page readonly
|
||
|
2C1742A0000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
1DE9C6D0000
|
unkown
|
page readonly
|
||
|
410000
|
unkown
|
page readonly
|
||
|
1337485C000
|
heap
|
page read and write
|
||
|
5090000
|
trusted library allocation
|
page read and write
|
||
|
5270000
|
trusted library allocation
|
page read and write
|
||
|
66A000
|
heap
|
page read and write
|
||
|
7FF5693D5000
|
unkown
|
page readonly
|
||
|
2C173332000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1DE9C400000
|
unkown
|
page read and write
|
||
|
1DE9C444000
|
unkown
|
page read and write
|
||
|
27843E70000
|
trusted library allocation
|
page read and write
|
||
|
4F60000
|
trusted library allocation
|
page read and write
|
||
|
13374902000
|
heap
|
page read and write
|
||
|
1A70B000
|
direct allocation
|
page read and write
|
||
|
2C17146C000
|
heap
|
page read and write
|
||
|
5240000
|
trusted library allocation
|
page execute and read and write
|
||
|
4965000
|
trusted library allocation
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
681000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
7CD000
|
heap
|
page read and write
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
20C3EA10000
|
heap
|
page read and write
|
||
|
8F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
20C3EC13000
|
heap
|
page read and write
|
||
|
45E000
|
stack
|
page read and write
|
||
|
49B0000
|
heap
|
page execute and read and write
|
||
|
5B5E000
|
stack
|
page read and write
|
||
|
1DE9C43B000
|
unkown
|
page read and write
|
||
|
50C0000
|
trusted library allocation
|
page read and write
|
||
|
19A86CC000
|
stack
|
page read and write
|
||
|
575F000
|
stack
|
page read and write
|
||
|
5D8000
|
heap
|
page read and write
|
||
|
1A70B000
|
direct allocation
|
page read and write
|
||
|
7FF569425000
|
unkown
|
page readonly
|
||
|
1A70F000
|
direct allocation
|
page read and write
|
||
|
8F0000
|
trusted library allocation
|
page read and write
|
||
|
2C173333000
|
heap
|
page read and write
|
||
|
278435D0000
|
heap
|
page read and write
|
||
|
1D7A3575000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
2C1737DA000
|
heap
|
page read and write
|
||
|
5220000
|
trusted library allocation
|
page read and write
|
||
|
1D7A2C13000
|
heap
|
page read and write
|
||
|
AAF000
|
stack
|
page read and write
|
||
|
4910000
|
direct allocation
|
page execute and read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
7AE000
|
stack
|
page read and write
|
||
|
1D7A35CD000
|
heap
|
page read and write
|
||
|
1DE9CE02000
|
unkown
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page read and write
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
1D7A2D8E000
|
heap
|
page read and write
|
||
|
1D7A2C29000
|
heap
|
page read and write
|
||
|
5090000
|
trusted library allocation
|
page read and write
|
||
|
13374770000
|
heap
|
page read and write
|
||
|
5250000
|
trusted library allocation
|
page read and write
|
||
|
19A8DF9000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
15705030000
|
heap
|
page read and write
|
||
|
688000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
1D7A2B00000
|
heap
|
page read and write
|
||
|
2C173333000
|
heap
|
page read and write
|
||
|
7FF5693F5000
|
unkown
|
page readonly
|
||
|
9D000
|
stack
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
1D7A3500000
|
heap
|
page read and write
|
||
|
2C1734B1000
|
heap
|
page read and write
|
||
|
2C171470000
|
heap
|
page read and write
|
||
|
2C171406000
|
heap
|
page read and write
|
||
|
1DE9C413000
|
unkown
|
page read and write
|
||
|
522A000
|
trusted library allocation
|
page read and write
|
||
|
2C173336000
|
heap
|
page read and write
|
||
|
1D7A2C00000
|
heap
|
page read and write
|
||
|
7EE000
|
stack
|
page read and write
|
||
|
5A1E000
|
stack
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
283E000
|
heap
|
page read and write
|
||
|
1A460000
|
direct allocation
|
page read and write
|
||
|
2C17148D000
|
heap
|
page read and write
|
||
|
2C173330000
|
heap
|
page read and write
|
||
|
1DE9C429000
|
unkown
|
page read and write
|
||
|
49A0000
|
trusted library allocation
|
page read and write
|
||
|
1A5F0000
|
direct allocation
|
page read and write
|
||
|
27843629000
|
heap
|
page read and write
|
||
|
5230000
|
trusted library allocation
|
page read and write
|
There are 798 hidden memdumps, click here to show them.