Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Y5FjBvytOL.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\tmp60DC.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\vKSqvdpkG.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_Y5FjBvytOL.exe_4a68dee481ed2133fa819029d44b83c8707bd158_d687f77a_f87a3a53-c5bb-4d36-af30-75d116a24fbf\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_vKSqvdpkG.exe_9acf8dc337b5bda9b25ef2e58fd802caf1db_05c0d69f_e3d019af-9f96-4238-b8ea-84087d186cc4\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER51B9.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sun Apr 28 10:10:05 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5331.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5361.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7A40.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sun Apr 28 10:10:15 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7C83.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7CB3.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Y5FjBvytOL.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\vKSqvdpkG.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3vsnmias.aub.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_arp1db4n.xpr.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bcb0tb3i.sd1.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cbshwwax.4bh.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cwekrrdy.34r.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_o3n3ryc1.5yg.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pq23e02k.phg.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uoabudby.i3a.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp86E2.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\vKSqvdpkG.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 15 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Y5FjBvytOL.exe
|
"C:\Users\user\Desktop\Y5FjBvytOL.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\Y5FjBvytOL.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\vKSqvdpkG.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\vKSqvdpkG" /XML "C:\Users\user\AppData\Local\Temp\tmp60DC.tmp"
|
|
|
|
C:\Users\user\Desktop\Y5FjBvytOL.exe
|
"C:\Users\user\Desktop\Y5FjBvytOL.exe"
|
|
|
|
C:\Users\user\Desktop\Y5FjBvytOL.exe
|
"C:\Users\user\Desktop\Y5FjBvytOL.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\vKSqvdpkG.exe
|
C:\Users\user\AppData\Roaming\vKSqvdpkG.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\vKSqvdpkG" /XML "C:\Users\user\AppData\Local\Temp\tmp86E2.tmp"
|
|
|
|
C:\Users\user\AppData\Roaming\vKSqvdpkG.exe
|
"C:\Users\user\AppData\Roaming\vKSqvdpkG.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 5088 -s 1708
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 4916 -s 1748
|
There are 6 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
91.92.252.220
|
|
||
|
41.199.23.195
|
|
||
|
127.0.0.1
|
|
||
|
http://upx.sf.net
|
unknown
|
||
|
https://api.telegram.org/bot
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
saveclinetsforme68465454711991.publicvm.com
|
|||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
||
|
http://ip-api.com
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ip-api.com
|
208.95.112.1
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.95.112.1
|
ip-api.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Y5FjBvytOL_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Y5FjBvytOL_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Y5FjBvytOL_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Y5FjBvytOL_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Y5FjBvytOL_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Y5FjBvytOL_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Y5FjBvytOL_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Y5FjBvytOL_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Y5FjBvytOL_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Y5FjBvytOL_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Y5FjBvytOL_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Y5FjBvytOL_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Y5FjBvytOL_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Y5FjBvytOL_RASMANCS
|
FileDirectory
|
||
|
\REGISTRY\A\{7b83696b-4489-f49d-4f12-0b1f421c6aa8}\Root\InventoryApplicationFile\y5fjbvytol.exe|334e7c939d586f6e
|
ProgramId
|
||
|
\REGISTRY\A\{7b83696b-4489-f49d-4f12-0b1f421c6aa8}\Root\InventoryApplicationFile\y5fjbvytol.exe|334e7c939d586f6e
|
FileId
|
||
|
\REGISTRY\A\{7b83696b-4489-f49d-4f12-0b1f421c6aa8}\Root\InventoryApplicationFile\y5fjbvytol.exe|334e7c939d586f6e
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{7b83696b-4489-f49d-4f12-0b1f421c6aa8}\Root\InventoryApplicationFile\y5fjbvytol.exe|334e7c939d586f6e
|
LongPathHash
|
||
|
\REGISTRY\A\{7b83696b-4489-f49d-4f12-0b1f421c6aa8}\Root\InventoryApplicationFile\y5fjbvytol.exe|334e7c939d586f6e
|
Name
|
||
|
\REGISTRY\A\{7b83696b-4489-f49d-4f12-0b1f421c6aa8}\Root\InventoryApplicationFile\y5fjbvytol.exe|334e7c939d586f6e
|
OriginalFileName
|
||
|
\REGISTRY\A\{7b83696b-4489-f49d-4f12-0b1f421c6aa8}\Root\InventoryApplicationFile\y5fjbvytol.exe|334e7c939d586f6e
|
Publisher
|
||
|
\REGISTRY\A\{7b83696b-4489-f49d-4f12-0b1f421c6aa8}\Root\InventoryApplicationFile\y5fjbvytol.exe|334e7c939d586f6e
|
Version
|
||
|
\REGISTRY\A\{7b83696b-4489-f49d-4f12-0b1f421c6aa8}\Root\InventoryApplicationFile\y5fjbvytol.exe|334e7c939d586f6e
|
BinFileVersion
|
||
|
\REGISTRY\A\{7b83696b-4489-f49d-4f12-0b1f421c6aa8}\Root\InventoryApplicationFile\y5fjbvytol.exe|334e7c939d586f6e
|
BinaryType
|
||
|
\REGISTRY\A\{7b83696b-4489-f49d-4f12-0b1f421c6aa8}\Root\InventoryApplicationFile\y5fjbvytol.exe|334e7c939d586f6e
|
ProductName
|
||
|
\REGISTRY\A\{7b83696b-4489-f49d-4f12-0b1f421c6aa8}\Root\InventoryApplicationFile\y5fjbvytol.exe|334e7c939d586f6e
|
ProductVersion
|
||
|
\REGISTRY\A\{7b83696b-4489-f49d-4f12-0b1f421c6aa8}\Root\InventoryApplicationFile\y5fjbvytol.exe|334e7c939d586f6e
|
LinkDate
|
||
|
\REGISTRY\A\{7b83696b-4489-f49d-4f12-0b1f421c6aa8}\Root\InventoryApplicationFile\y5fjbvytol.exe|334e7c939d586f6e
|
BinProductVersion
|
||
|
\REGISTRY\A\{7b83696b-4489-f49d-4f12-0b1f421c6aa8}\Root\InventoryApplicationFile\y5fjbvytol.exe|334e7c939d586f6e
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{7b83696b-4489-f49d-4f12-0b1f421c6aa8}\Root\InventoryApplicationFile\y5fjbvytol.exe|334e7c939d586f6e
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{7b83696b-4489-f49d-4f12-0b1f421c6aa8}\Root\InventoryApplicationFile\y5fjbvytol.exe|334e7c939d586f6e
|
Size
|
||
|
\REGISTRY\A\{7b83696b-4489-f49d-4f12-0b1f421c6aa8}\Root\InventoryApplicationFile\y5fjbvytol.exe|334e7c939d586f6e
|
Language
|
||
|
\REGISTRY\A\{7b83696b-4489-f49d-4f12-0b1f421c6aa8}\Root\InventoryApplicationFile\y5fjbvytol.exe|334e7c939d586f6e
|
Usn
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018000DDABBE6B3
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\vKSqvdpkG_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\vKSqvdpkG_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\vKSqvdpkG_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\vKSqvdpkG_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\vKSqvdpkG_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\vKSqvdpkG_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\vKSqvdpkG_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\vKSqvdpkG_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\vKSqvdpkG_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\vKSqvdpkG_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\vKSqvdpkG_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\vKSqvdpkG_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\vKSqvdpkG_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\vKSqvdpkG_RASMANCS
|
FileDirectory
|
There are 42 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3F21000
|
trusted library allocation
|
page read and write
|
|
|
|
4C6F000
|
trusted library allocation
|
page read and write
|
|
|
|
38B3000
|
trusted library allocation
|
page read and write
|
|
|
|
32B0000
|
trusted library section
|
page read and write
|
|
|
|
2B21000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2C6C000
|
trusted library allocation
|
page read and write
|
||
|
296E000
|
trusted library allocation
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
544C000
|
stack
|
page read and write
|
||
|
F5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
390C000
|
trusted library allocation
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
1152C000
|
stack
|
page read and write
|
||
|
10B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
676000
|
heap
|
page read and write
|
||
|
3934000
|
trusted library allocation
|
page read and write
|
||
|
753F000
|
trusted library allocation
|
page read and write
|
||
|
7711000
|
trusted library allocation
|
page read and write
|
||
|
4BFE000
|
stack
|
page read and write
|
||
|
3910000
|
trusted library allocation
|
page read and write
|
||
|
7EEB000
|
trusted library allocation
|
page read and write
|
||
|
5240000
|
heap
|
page read and write
|
||
|
2470000
|
trusted library allocation
|
page read and write
|
||
|
E08000
|
heap
|
page read and write
|
||
|
2BCE000
|
trusted library allocation
|
page read and write
|
||
|
7EFE000
|
trusted library allocation
|
page read and write
|
||
|
24A0000
|
trusted library allocation
|
page read and write
|
||
|
2BE6000
|
trusted library allocation
|
page read and write
|
||
|
1128E000
|
stack
|
page read and write
|
||
|
C6B000
|
stack
|
page read and write
|
||
|
6080000
|
heap
|
page read and write
|
||
|
5410000
|
heap
|
page execute and read and write
|
||
|
F85000
|
heap
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
2CDE000
|
trusted library allocation
|
page read and write
|
||
|
89B000
|
heap
|
page read and write
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
75E000
|
stack
|
page read and write
|
||
|
6F80000
|
heap
|
page read and write
|
||
|
7F70000
|
trusted library allocation
|
page read and write
|
||
|
2D80000
|
trusted library allocation
|
page read and write
|
||
|
1060000
|
trusted library allocation
|
page read and write
|
||
|
3922000
|
trusted library allocation
|
page read and write
|
||
|
8420000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
3912000
|
trusted library allocation
|
page read and write
|
||
|
318D000
|
trusted library allocation
|
page execute and read and write
|
||
|
319D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5E3E000
|
stack
|
page read and write
|
||
|
71B0000
|
trusted library allocation
|
page read and write
|
||
|
2C0E000
|
stack
|
page read and write
|
||
|
3908000
|
trusted library allocation
|
page read and write
|
||
|
5B7E000
|
stack
|
page read and write
|
||
|
2472000
|
trusted library allocation
|
page read and write
|
||
|
EB5000
|
heap
|
page read and write
|
||
|
551F000
|
stack
|
page read and write
|
||
|
3280000
|
trusted library allocation
|
page read and write
|
||
|
7430000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
10A0000
|
trusted library allocation
|
page read and write
|
||
|
590E000
|
stack
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
7090000
|
trusted library allocation
|
page read and write
|
||
|
4112000
|
trusted library allocation
|
page read and write
|
||
|
2CE5000
|
trusted library allocation
|
page read and write
|
||
|
5B3E000
|
stack
|
page read and write
|
||
|
390A000
|
trusted library allocation
|
page read and write
|
||
|
10F4E000
|
stack
|
page read and write
|
||
|
129DF000
|
stack
|
page read and write
|
||
|
2BB8000
|
trusted library allocation
|
page read and write
|
||
|
5480000
|
heap
|
page execute and read and write
|
||
|
26B0000
|
heap
|
page execute and read and write
|
||
|
4D4D000
|
stack
|
page read and write
|
||
|
128DE000
|
stack
|
page read and write
|
||
|
6B7E000
|
stack
|
page read and write
|
||
|
23F0000
|
trusted library allocation
|
page read and write
|
||
|
5DFE000
|
stack
|
page read and write
|
||
|
B3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
65E000
|
heap
|
page read and write
|
||
|
71DD000
|
trusted library allocation
|
page read and write
|
||
|
106E000
|
heap
|
page read and write
|
||
|
13DF000
|
heap
|
page read and write
|
||
|
113CE000
|
stack
|
page read and write
|
||
|
32A000
|
stack
|
page read and write
|
||
|
E35000
|
heap
|
page read and write
|
||
|
569E000
|
stack
|
page read and write
|
||
|
579F000
|
stack
|
page read and write
|
||
|
1465000
|
heap
|
page read and write
|
||
|
4411000
|
trusted library allocation
|
page read and write
|
||
|
8AE000
|
stack
|
page read and write
|
||
|
70A0000
|
heap
|
page execute and read and write
|
||
|
1090000
|
trusted library allocation
|
page read and write
|
||
|
760C000
|
heap
|
page read and write
|
||
|
125FE000
|
stack
|
page read and write
|
||
|
3C51000
|
trusted library allocation
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page read and write
|
||
|
3914000
|
trusted library allocation
|
page read and write
|
||
|
25BE000
|
stack
|
page read and write
|
||
|
2CCD000
|
trusted library allocation
|
page read and write
|
||
|
31B2000
|
trusted library allocation
|
page read and write
|
||
|
2BCD000
|
stack
|
page read and write
|
||
|
B1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BCA000
|
trusted library allocation
|
page read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
7435000
|
heap
|
page read and write
|
||
|
17B0000
|
trusted library allocation
|
page read and write
|
||
|
8D35000
|
heap
|
page read and write
|
||
|
7730000
|
trusted library allocation
|
page execute and read and write
|
||
|
5E3E000
|
stack
|
page read and write
|
||
|
3823000
|
trusted library allocation
|
page read and write
|
||
|
106B000
|
heap
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
F40000
|
trusted library allocation
|
page read and write
|
||
|
3411000
|
trusted library allocation
|
page read and write
|
||
|
107D000
|
trusted library allocation
|
page execute and read and write
|
||
|
F5F000
|
stack
|
page read and write
|
||
|
2BDE000
|
trusted library allocation
|
page read and write
|
||
|
83FD000
|
stack
|
page read and write
|
||
|
31D0000
|
trusted library allocation
|
page read and write
|
||
|
B26000
|
trusted library allocation
|
page execute and read and write
|
||
|
3926000
|
trusted library allocation
|
page read and write
|
||
|
5CBE000
|
stack
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
2D91000
|
trusted library allocation
|
page read and write
|
||
|
EFE000
|
stack
|
page read and write
|
||
|
D67000
|
stack
|
page read and write
|
||
|
6D50000
|
trusted library allocation
|
page read and write
|
||
|
26A0000
|
trusted library allocation
|
page read and write
|
||
|
58F0000
|
trusted library allocation
|
page read and write
|
||
|
F54000
|
trusted library allocation
|
page read and write
|
||
|
8CA0000
|
heap
|
page read and write
|
||
|
D67000
|
stack
|
page read and write
|
||
|
38FE000
|
trusted library allocation
|
page read and write
|
||
|
5CFE000
|
stack
|
page read and write
|
||
|
2D32000
|
trusted library allocation
|
page read and write
|
||
|
3190000
|
trusted library allocation
|
page read and write
|
||
|
2D2C000
|
trusted library allocation
|
page read and write
|
||
|
4C35000
|
trusted library allocation
|
page read and write
|
||
|
1237E000
|
stack
|
page read and write
|
||
|
8460000
|
heap
|
page read and write
|
||
|
2480000
|
trusted library allocation
|
page execute and read and write
|
||
|
8574000
|
heap
|
page read and write
|
||
|
7F80000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
568E000
|
stack
|
page read and write
|
||
|
391E000
|
trusted library allocation
|
page read and write
|
||
|
FBC000
|
unkown
|
page readonly
|
||
|
7BF000
|
stack
|
page read and write
|
||
|
F3E000
|
stack
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
8564000
|
heap
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
5BBD000
|
stack
|
page read and write
|
||
|
7FBC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
31AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BD8000
|
trusted library allocation
|
page read and write
|
||
|
696000
|
heap
|
page read and write
|
||
|
1358000
|
stack
|
page read and write
|
||
|
31E0000
|
heap
|
page read and write
|
||
|
38F0000
|
trusted library allocation
|
page read and write
|
||
|
1073000
|
trusted library allocation
|
page execute and read and write
|
||
|
134E000
|
stack
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
71D6000
|
trusted library allocation
|
page read and write
|
||
|
724B000
|
stack
|
page read and write
|
||
|
542B000
|
stack
|
page read and write
|
||
|
5A0D000
|
stack
|
page read and write
|
||
|
8FB0000
|
heap
|
page read and write
|
||
|
F22000
|
unkown
|
page readonly
|
||
|
51CC000
|
stack
|
page read and write
|
||
|
3936000
|
trusted library allocation
|
page read and write
|
||
|
7642000
|
heap
|
page read and write
|
||
|
7D6E000
|
stack
|
page read and write
|
||
|
85EF000
|
heap
|
page read and write
|
||
|
CDF000
|
unkown
|
page read and write
|
||
|
1176F000
|
stack
|
page read and write
|
||
|
174E000
|
stack
|
page read and write
|
||
|
D1E000
|
stack
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page read and write
|
||
|
10C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
546E000
|
stack
|
page read and write
|
||
|
392C000
|
trusted library allocation
|
page read and write
|
||
|
326C000
|
trusted library allocation
|
page read and write
|
||
|
4D76000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
unkown
|
page readonly
|
||
|
38F6000
|
trusted library allocation
|
page read and write
|
||
|
921E000
|
stack
|
page read and write
|
||
|
785E000
|
stack
|
page read and write
|
||
|
3920000
|
trusted library allocation
|
page read and write
|
||
|
5F3E000
|
stack
|
page read and write
|
||
|
10A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
38EE000
|
trusted library allocation
|
page read and write
|
||
|
2B9E000
|
trusted library allocation
|
page read and write
|
||
|
2BE8000
|
trusted library allocation
|
page read and write
|
||
|
71D1000
|
trusted library allocation
|
page read and write
|
||
|
28FE000
|
trusted library allocation
|
page read and write
|
||
|
2BA8000
|
trusted library allocation
|
page read and write
|
||
|
1104F000
|
stack
|
page read and write
|
||
|
2BD2000
|
trusted library allocation
|
page read and write
|
||
|
7F60000
|
trusted library allocation
|
page read and write
|
||
|
5990000
|
trusted library allocation
|
page read and write
|
||
|
3904000
|
trusted library allocation
|
page read and write
|
||
|
3928000
|
trusted library allocation
|
page read and write
|
||
|
32F0000
|
trusted library section
|
page read and write
|
||
|
A400000
|
trusted library allocation
|
page execute and read and write
|
||
|
10AE000
|
stack
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
7550000
|
trusted library allocation
|
page read and write
|
||
|
8240000
|
trusted library allocation
|
page read and write
|
||
|
12A1C000
|
stack
|
page read and write
|
||
|
1263E000
|
stack
|
page read and write
|
||
|
249D000
|
trusted library allocation
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
124BD000
|
stack
|
page read and write
|
||
|
C50000
|
heap
|
page read and write
|
||
|
2D34000
|
trusted library allocation
|
page read and write
|
||
|
7720000
|
trusted library allocation
|
page read and write
|
||
|
2C30000
|
trusted library allocation
|
page read and write
|
||
|
2BD4000
|
trusted library allocation
|
page read and write
|
||
|
28E8000
|
trusted library allocation
|
page read and write
|
||
|
3906000
|
trusted library allocation
|
page read and write
|
||
|
2BBE000
|
trusted library allocation
|
page read and write
|
||
|
7FA0000
|
trusted library allocation
|
page read and write
|
||
|
5890000
|
heap
|
page read and write
|
||
|
263D000
|
stack
|
page read and write
|
||
|
5A2D000
|
stack
|
page read and write
|
||
|
607F000
|
stack
|
page read and write
|
||
|
B10000
|
trusted library allocation
|
page read and write
|
||
|
51CC000
|
stack
|
page read and write
|
||
|
8CB0000
|
heap
|
page read and write
|
||
|
2C74000
|
trusted library allocation
|
page read and write
|
||
|
47BC000
|
stack
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
1535000
|
heap
|
page read and write
|
||
|
8450000
|
trusted library allocation
|
page read and write
|
||
|
38F8000
|
trusted library allocation
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
38F2000
|
trusted library allocation
|
page read and write
|
||
|
1162C000
|
stack
|
page read and write
|
||
|
3183000
|
trusted library allocation
|
page execute and read and write
|
||
|
71B4000
|
trusted library allocation
|
page read and write
|
||
|
A410000
|
trusted library allocation
|
page read and write
|
||
|
109A000
|
trusted library allocation
|
page execute and read and write
|
||
|
71BB000
|
trusted library allocation
|
page read and write
|
||
|
768D000
|
heap
|
page read and write
|
||
|
2D11000
|
trusted library allocation
|
page read and write
|
||
|
A572000
|
trusted library allocation
|
page read and write
|
||
|
240F000
|
trusted library allocation
|
page read and write
|
||
|
5DFF000
|
stack
|
page read and write
|
||
|
8CD1000
|
trusted library allocation
|
page read and write
|
||
|
9AD000
|
stack
|
page read and write
|
||
|
ACF000
|
stack
|
page read and write
|
||
|
7F06000
|
trusted library allocation
|
page read and write
|
||
|
112E000
|
stack
|
page read and write
|
||
|
1259000
|
stack
|
page read and write
|
||
|
7E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
36C1000
|
trusted library allocation
|
page read and write
|
||
|
75B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2494000
|
trusted library allocation
|
page read and write
|
||
|
B04000
|
trusted library allocation
|
page read and write
|
||
|
5A30000
|
heap
|
page read and write
|
||
|
2BBA000
|
trusted library allocation
|
page read and write
|
||
|
24B0000
|
heap
|
page read and write
|
||
|
EEF000
|
heap
|
page read and write
|
||
|
1037000
|
heap
|
page read and write
|
||
|
2BAA000
|
trusted library allocation
|
page read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
36BF000
|
trusted library allocation
|
page read and write
|
||
|
86E000
|
stack
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
267D000
|
stack
|
page read and write
|
||
|
17D0000
|
heap
|
page read and write
|
||
|
5F7E000
|
stack
|
page read and write
|
||
|
25FE000
|
stack
|
page read and write
|
||
|
3938000
|
trusted library allocation
|
page read and write
|
||
|
58DC000
|
stack
|
page read and write
|
||
|
F60000
|
trusted library allocation
|
page read and write
|
||
|
390E000
|
trusted library allocation
|
page read and write
|
||
|
BDEE000
|
stack
|
page read and write
|
||
|
7618000
|
heap
|
page read and write
|
||
|
2C40000
|
heap
|
page execute and read and write
|
||
|
7F12000
|
trusted library allocation
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
2BE0000
|
trusted library allocation
|
page read and write
|
||
|
391C000
|
trusted library allocation
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
5BBE000
|
stack
|
page read and write
|
||
|
6EB000
|
heap
|
page read and write
|
||
|
1350000
|
trusted library allocation
|
page execute and read and write
|
||
|
120FE000
|
stack
|
page read and write
|
||
|
694000
|
heap
|
page read and write
|
||
|
2BB4000
|
trusted library allocation
|
page read and write
|
||
|
7E40000
|
heap
|
page read and write
|
||
|
1096000
|
trusted library allocation
|
page execute and read and write
|
||
|
32E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
5A30000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
2BB2000
|
trusted library allocation
|
page read and write
|
||
|
2BE2000
|
trusted library allocation
|
page read and write
|
||
|
26C1000
|
trusted library allocation
|
page read and write
|
||
|
170E000
|
stack
|
page read and write
|
||
|
124FE000
|
stack
|
page read and write
|
||
|
8568000
|
heap
|
page read and write
|
||
|
6B80000
|
trusted library allocation
|
page execute and read and write
|
||
|
9E00000
|
heap
|
page read and write
|
||
|
2BDA000
|
trusted library allocation
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
2BA4000
|
trusted library allocation
|
page read and write
|
||
|
7750000
|
trusted library allocation
|
page read and write
|
||
|
7EE0000
|
trusted library allocation
|
page read and write
|
||
|
2683000
|
heap
|
page read and write
|
||
|
2AC6000
|
trusted library allocation
|
page read and write
|
||
|
1074000
|
trusted library allocation
|
page read and write
|
||
|
7580000
|
trusted library section
|
page readonly
|
||
|
32D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ED000
|
stack
|
page read and write
|
||
|
565E000
|
stack
|
page read and write
|
||
|
2BD6000
|
trusted library allocation
|
page read and write
|
||
|
151E000
|
stack
|
page read and write
|
||
|
123BD000
|
stack
|
page read and write
|
||
|
2D8E000
|
trusted library allocation
|
page read and write
|
||
|
521E000
|
stack
|
page read and write
|
||
|
31B0000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
trusted library allocation
|
page read and write
|
||
|
2B9C000
|
trusted library allocation
|
page read and write
|
||
|
391A000
|
trusted library allocation
|
page read and write
|
||
|
AF0000
|
trusted library allocation
|
page read and write
|
||
|
FA7000
|
heap
|
page read and write
|
||
|
10AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
392A000
|
trusted library allocation
|
page read and write
|
||
|
2BA6000
|
trusted library allocation
|
page read and write
|
||
|
8430000
|
trusted library allocation
|
page read and write
|
||
|
3668000
|
trusted library allocation
|
page read and write
|
||
|
38FA000
|
trusted library allocation
|
page read and write
|
||
|
2D9E000
|
trusted library allocation
|
page read and write
|
||
|
3932000
|
trusted library allocation
|
page read and write
|
||
|
7ED0000
|
trusted library allocation
|
page read and write
|
||
|
117AE000
|
stack
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
7E30000
|
heap
|
page read and write
|
||
|
2405000
|
trusted library allocation
|
page read and write
|
||
|
2BA2000
|
trusted library allocation
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
23DC000
|
trusted library allocation
|
page read and write
|
||
|
615000
|
heap
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
31A2000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
unkown
|
page execute and read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
75E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
E29000
|
heap
|
page read and write
|
||
|
821B000
|
stack
|
page read and write
|
||
|
13D4000
|
heap
|
page read and write
|
||
|
13AE000
|
heap
|
page read and write
|
||
|
4FE5000
|
trusted library allocation
|
page read and write
|
||
|
59EE000
|
stack
|
page read and write
|
||
|
B22000
|
trusted library allocation
|
page read and write
|
||
|
1227E000
|
stack
|
page read and write
|
||
|
3EE5000
|
trusted library allocation
|
page read and write
|
||
|
5F40000
|
heap
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
2B98000
|
trusted library allocation
|
page read and write
|
||
|
75F0000
|
heap
|
page read and write
|
||
|
C9E000
|
unkown
|
page read and write
|
||
|
38F4000
|
trusted library allocation
|
page read and write
|
||
|
9FB0000
|
trusted library allocation
|
page read and write
|
||
|
2BC8000
|
trusted library allocation
|
page read and write
|
||
|
3900000
|
trusted library allocation
|
page read and write
|
||
|
B20000
|
trusted library allocation
|
page read and write
|
||
|
11EF000
|
stack
|
page read and write
|
||
|
10BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E61000
|
trusted library allocation
|
page read and write
|
||
|
2BB0000
|
trusted library allocation
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
2D00000
|
heap
|
page execute and read and write
|
||
|
100C000
|
heap
|
page read and write
|
||
|
2C10000
|
trusted library allocation
|
page read and write
|
||
|
81BE000
|
stack
|
page read and write
|
||
|
F53000
|
trusted library allocation
|
page execute and read and write
|
||
|
71CE000
|
trusted library allocation
|
page read and write
|
||
|
E98000
|
heap
|
page read and write
|
||
|
17C0000
|
heap
|
page read and write
|
||
|
B32000
|
trusted library allocation
|
page read and write
|
||
|
2C72000
|
trusted library allocation
|
page read and write
|
||
|
2DA5000
|
trusted library allocation
|
page read and write
|
||
|
3918000
|
trusted library allocation
|
page read and write
|
||
|
4D4E000
|
stack
|
page read and write
|
||
|
325E000
|
stack
|
page read and write
|
||
|
2680000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
8660000
|
trusted library section
|
page readonly
|
||
|
85BF000
|
heap
|
page read and write
|
||
|
51E0000
|
heap
|
page read and write
|
||
|
5CFD000
|
stack
|
page read and write
|
||
|
2BC4000
|
trusted library allocation
|
page read and write
|
||
|
2BE4000
|
trusted library allocation
|
page read and write
|
||
|
3D11000
|
trusted library allocation
|
page read and write
|
||
|
2CC0000
|
trusted library allocation
|
page read and write
|
||
|
FA8000
|
unkown
|
page execute and read and write
|
||
|
65A000
|
heap
|
page read and write
|
||
|
1114D000
|
stack
|
page read and write
|
||
|
3480000
|
trusted library allocation
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
742E000
|
stack
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
2BBC000
|
trusted library allocation
|
page read and write
|
||
|
3260000
|
trusted library allocation
|
page read and write
|
||
|
112CE000
|
stack
|
page read and write
|
||
|
3902000
|
trusted library allocation
|
page read and write
|
||
|
118AE000
|
stack
|
page read and write
|
||
|
13E1000
|
heap
|
page read and write
|
||
|
A450000
|
trusted library allocation
|
page read and write
|
||
|
1213E000
|
stack
|
page read and write
|
||
|
2BB6000
|
trusted library allocation
|
page read and write
|
||
|
7EC0000
|
trusted library allocation
|
page read and write
|
||
|
8D10000
|
heap
|
page read and write
|
||
|
57DD000
|
stack
|
page read and write
|
||
|
57CE000
|
stack
|
page read and write
|
||
|
75A0000
|
heap
|
page read and write
|
||
|
71E2000
|
trusted library allocation
|
page read and write
|
||
|
2CA000
|
stack
|
page read and write
|
||
|
2C51000
|
trusted library allocation
|
page read and write
|
||
|
5CBF000
|
stack
|
page read and write
|
||
|
8D00000
|
heap
|
page read and write
|
||
|
7FB0000
|
heap
|
page execute and read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
2C59000
|
trusted library allocation
|
page read and write
|
||
|
8CC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
10CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1273E000
|
stack
|
page read and write
|
||
|
578E000
|
stack
|
page read and write
|
||
|
18DF000
|
stack
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
A8BE000
|
stack
|
page read and write
|
||
|
B2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
124F000
|
stack
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
3270000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A33000
|
heap
|
page read and write
|
||
|
526E000
|
stack
|
page read and write
|
||
|
2B8E000
|
stack
|
page read and write
|
||
|
3DE000
|
unkown
|
page read and write
|
||
|
31A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
38EC000
|
trusted library allocation
|
page read and write
|
||
|
7604000
|
heap
|
page read and write
|
||
|
7718000
|
trusted library allocation
|
page read and write
|
||
|
122E000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
23D0000
|
trusted library allocation
|
page read and write
|
||
|
2BDC000
|
trusted library allocation
|
page read and write
|
||
|
178E000
|
stack
|
page read and write
|
||
|
23E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
245E000
|
stack
|
page read and write
|
||
|
8CE0000
|
trusted library allocation
|
page read and write
|
||
|
8570000
|
heap
|
page read and write
|
||
|
2690000
|
trusted library allocation
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
7F5D000
|
stack
|
page read and write
|
||
|
554C000
|
stack
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
17C8000
|
heap
|
page read and write
|
||
|
12B20000
|
heap
|
page read and write
|
||
|
2BA0000
|
trusted library allocation
|
page read and write
|
||
|
94AE000
|
stack
|
page read and write
|
||
|
F78000
|
heap
|
page read and write
|
||
|
BBEE000
|
stack
|
page read and write
|
||
|
C27000
|
heap
|
page read and write
|
||
|
766D000
|
heap
|
page read and write
|
||
|
3916000
|
trusted library allocation
|
page read and write
|
||
|
12B1C000
|
stack
|
page read and write
|
||
|
A8FE000
|
stack
|
page read and write
|
||
|
3871000
|
trusted library allocation
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
70F000
|
unkown
|
page read and write
|
||
|
E22000
|
heap
|
page read and write
|
||
|
BEEF000
|
stack
|
page read and write
|
||
|
4E4E000
|
stack
|
page read and write
|
||
|
C6B000
|
stack
|
page read and write
|
||
|
1223E000
|
stack
|
page read and write
|
||
|
2B9A000
|
trusted library allocation
|
page read and write
|
||
|
3200000
|
trusted library allocation
|
page execute and read and write
|
||
|
59A0000
|
trusted library allocation
|
page read and write
|
||
|
8CF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1118D000
|
stack
|
page read and write
|
||
|
B0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
518F000
|
stack
|
page read and write
|
||
|
EE1000
|
heap
|
page read and write
|
||
|
2CD0000
|
trusted library allocation
|
page read and write
|
||
|
36A6000
|
trusted library allocation
|
page read and write
|
||
|
2BC0000
|
trusted library allocation
|
page read and write
|
||
|
2BAE000
|
trusted library allocation
|
page read and write
|
||
|
1166D000
|
stack
|
page read and write
|
||
|
E2B000
|
heap
|
page read and write
|
||
|
7570000
|
trusted library allocation
|
page read and write
|
||
|
B37000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F0D000
|
trusted library allocation
|
page read and write
|
||
|
3639000
|
trusted library allocation
|
page read and write
|
||
|
71AE000
|
stack
|
page read and write
|
||
|
BDC000
|
stack
|
page read and write
|
||
|
2490000
|
trusted library allocation
|
page read and write
|
||
|
95EE000
|
stack
|
page read and write
|
||
|
8410000
|
trusted library allocation
|
page read and write
|
||
|
3C8000
|
stack
|
page read and write
|
||
|
5F3E000
|
stack
|
page read and write
|
||
|
7740000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
trusted library allocation
|
page read and write
|
||
|
B9E000
|
stack
|
page read and write
|
||
|
38EA000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
6090000
|
heap
|
page read and write
|
||
|
3290000
|
trusted library allocation
|
page read and write
|
||
|
7F01000
|
trusted library allocation
|
page read and write
|
||
|
19DF000
|
stack
|
page read and write
|
||
|
95AE000
|
stack
|
page read and write
|
||
|
2D19000
|
trusted library allocation
|
page read and write
|
||
|
85A2000
|
heap
|
page read and write
|
||
|
555E000
|
stack
|
page read and write
|
||
|
8225000
|
heap
|
page read and write
|
||
|
3924000
|
trusted library allocation
|
page read and write
|
||
|
38E8000
|
trusted library allocation
|
page read and write
|
||
|
31B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
347E000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
2AD4000
|
trusted library allocation
|
page read and write
|
||
|
684000
|
heap
|
page read and write
|
||
|
EA6000
|
heap
|
page read and write
|
||
|
7610000
|
heap
|
page read and write
|
||
|
5270000
|
trusted library allocation
|
page read and write
|
||
|
9E9000
|
stack
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
3300000
|
heap
|
page execute and read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
8400000
|
heap
|
page read and write
|
||
|
758F000
|
trusted library section
|
page readonly
|
||
|
3184000
|
trusted library allocation
|
page read and write
|
||
|
4028000
|
trusted library allocation
|
page read and write
|
||
|
340E000
|
stack
|
page read and write
|
||
|
7FA30000
|
trusted library allocation
|
page execute and read and write
|
||
|
7530000
|
trusted library allocation
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
3180000
|
trusted library allocation
|
page read and write
|
||
|
B03000
|
trusted library allocation
|
page execute and read and write
|
||
|
5220000
|
trusted library allocation
|
page read and write
|
||
|
7654000
|
heap
|
page read and write
|
||
|
2BC6000
|
trusted library allocation
|
page read and write
|
||
|
31BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
7260000
|
trusted library allocation
|
page read and write
|
||
|
7280000
|
heap
|
page read and write
|
||
|
1452000
|
heap
|
page read and write
|
||
|
7540000
|
trusted library allocation
|
page execute and read and write
|
||
|
58CC000
|
stack
|
page read and write
|
||
|
EFB0000
|
trusted library section
|
page read and write
|
||
|
F22000
|
unkown
|
page execute and read and write
|
||
|
3930000
|
trusted library allocation
|
page read and write
|
||
|
38FC000
|
trusted library allocation
|
page read and write
|
||
|
7590000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
B50000
|
trusted library allocation
|
page read and write
|
||
|
1068000
|
heap
|
page read and write
|
||
|
14D0000
|
heap
|
page read and write
|
||
|
2D88000
|
trusted library allocation
|
page read and write
|
||
|
80BD000
|
stack
|
page read and write
|
||
|
901A000
|
heap
|
page read and write
|
||
|
392E000
|
trusted library allocation
|
page read and write
|
||
|
2BC2000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
2BCC000
|
trusted library allocation
|
page read and write
|
||
|
8220000
|
heap
|
page read and write
|
||
|
93F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
53EC000
|
stack
|
page read and write
|
||
|
1468000
|
heap
|
page read and write
|
||
|
2C2E000
|
stack
|
page read and write
|
||
|
2CC8000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page execute and read and write
|
||
|
558E000
|
stack
|
page read and write
|
||
|
C00000
|
trusted library allocation
|
page execute and read and write
|
||
|
2955000
|
trusted library allocation
|
page read and write
|
||
|
FBA000
|
unkown
|
page execute and read and write
|
||
|
E1D000
|
heap
|
page read and write
|
||
|
2BAC000
|
trusted library allocation
|
page read and write
|
||
|
5A7E000
|
stack
|
page read and write
|
||
|
522E000
|
stack
|
page read and write
|
There are 578 hidden memdumps, click here to show them.