Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
YWwcRHSpbw.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\twiufas
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\twiufas:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\YWwcRHSpbw.exe
|
"C:\Users\user\Desktop\YWwcRHSpbw.exe"
|
|
|
|
C:\Windows\explorer.exe
|
C:\Windows\Explorer.EXE
|
|
|
|
C:\Users\user\AppData\Roaming\twiufas
|
C:\Users\user\AppData\Roaming\twiufas
|
|
|
|
C:\Users\user\AppData\Roaming\twiufas
|
C:\Users\user\AppData\Roaming\twiufas
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://talesofpirates.net/tmp/index.php
|
|
||
|
http://sodez.ru/tmp/index.php
|
|
||
|
http://uama.com.ua/tmp/index.php
|
|
||
|
http://nidoe.org/tmp/index.php
|
187.211.208.213
|
|
|
|
https://www.msn.com/en-us/lifestyle/lifestyle-buzz/what-to-do-if-a-worst-case-nuclear-scenario-actua
|
unknown
|
||
|
https://www.msn.com/en-us/news/world/a-second-war-could-easily-erupt-in-europe-while-everyone-s-dist
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13f2DV
|
unknown
|
||
|
https://wns.windows.com/bat
|
unknown
|
||
|
https://www.stacker.com/arizona/phoenix
|
unknown
|
||
|
https://api.msn.com:443/v1/news/Feed/Windows?
|
unknown
|
||
|
https://www.msn.com/en-us/weather/topstories/first-map-of-earth-s-lost-continent-has-been-published/
|
unknown
|
||
|
https://www.starsinsider.com/n/154870?utm_source=msn.com&utm_medium=display&utm_campaign=referral_de
|
unknown
|
||
|
https://excel.office.com
|
unknown
|
||
|
http://schemas.micro
|
unknown
|
||
|
https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Teaser/recordhigh.svg
|
unknown
|
||
|
https://www.msn.com/en-us/news/crime/bar-fight-leaves-man-in-critical-condition-suspect-arrested-in-
|
unknown
|
||
|
https://activity.windows.com/UserActivity.ReadWrite.CreatedByApp(
|
unknown
|
||
|
https://www.msn.com/en-us/news/politics/how-donald-trump-helped-kari-lake-become-arizona-s-and-ameri
|
unknown
|
||
|
https://parade.com/61481/toriavey/where-did-hamburgers-originate
|
unknown
|
||
|
https://www.msn.com/en-us/news/technology/prehistoric-comet-impacted-earth-and-triggered-the-switch-
|
unknown
|
||
|
https://api.msn.com/~T
|
unknown
|
||
|
https://windows.msn.com:443/shellv2?osLocale=en-GB&chosenMarketReason=ImplicitNew
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gKhb
|
unknown
|
||
|
https://android.notify.windows.com/iOSp
|
unknown
|
||
|
https://upload.wikimedia.org/wikipedia/commons/thumb/8/84/Zealandia-Continent_map_en.svg/1870px-Zeal
|
unknown
|
||
|
https://api.msn.com/v1/news/Feed/Windows?activityId=A1668CA4549A443399161CE8D2237D12&timeOut=5000&oc
|
unknown
|
||
|
https://www.msn.com/en-us/foodanddrink/foodnews/the-best-burger-place-in-phoenix-plus-see-the-rest-o
|
unknown
|
||
|
https://api.msn.com/rT
|
unknown
|
||
|
https://www.msn.com/en-us/news/politics/here-s-what-house-rules-say-about-trump-serving-as-speaker-o
|
unknown
|
||
|
https://www.msn.com/en-us/weather/topstories/stop-planting-new-forests-scientists-say/ar-AA1hFI09
|
unknown
|
||
|
https://assets.msn.com/weathermapdata/1/static/weather/taskbar/animation/WeatherInsights/WeatherInsi
|
unknown
|
||
|
http://www.autoitscript.com/autoit3/J
|
unknown
|
||
|
https://www.msn.com/en-us/money/personalfinance/the-no-1-phrase-people-who-are-good-at-small-talk-al
|
unknown
|
||
|
https://word.office.com
|
unknown
|
||
|
https://assets.msn.com/weathermapdata/1/static/finance/1stparty/FinanceTaskbarIcons/Finance_Earnings
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gPfv
|
unknown
|
||
|
https://android.notify.windows.com/iOSJM
|
unknown
|
||
|
https://powerpoint.office.com
|
unknown
|
||
|
https://windows.msn.com:443/shell?osLocale=en-GB&chosenMarketReason=ImplicitNew
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gPi8-dark
|
unknown
|
||
|
http://schemas.micros1D
|
unknown
|
||
|
https://www.msn.com/en-us/news/world/england-considers-raising-smoking-age-until-cigarettes-are-bann
|
unknown
|
||
|
https://outlook.com
|
unknown
|
||
|
https://www.msn.com/en-us/money/personalfinance/money-matters-changing-institution-of-marriage/ar-AA
|
unknown
|
||
|
https://www.msn.com/en-us/news/us/biden-administration-waives-26-federal-laws-to-allow-border-wall-c
|
unknown
|
||
|
https://android.notify.windows.com/iOSZM
|
unknown
|
||
|
https://www.msn.com/en-us/news/politics/trump-whines-to-cameras-in-ny-fraud-case-before-fleeing-to-f
|
unknown
|
||
|
https://www.msn.com/en-us/money/companies/kaiser-permanente-and-unions-for-75-000-striking-health-wo
|
unknown
|
||
|
https://android.notify.windows.com/iOS
|
unknown
|
||
|
https://www.msn.com/en-us/news/technology/a-federal-emergency-alert-will-be-sent-to-us-phones-nation
|
unknown
|
||
|
https://www.yelp.com
|
unknown
|
||
|
https://www.msn.com/en-us/news/us/dumb-and-dumber-12-states-with-the-absolute-worst-education-in-the
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gPi8
|
unknown
|
||
|
https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/MostlyClearNight.svg
|
unknown
|
||
|
https://www.msn.com/en-us/news/politics/kevin-mccarthy-s-ouster-as-house-speaker-could-cost-gop-its-
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13f2DV-dark
|
unknown
|
||
|
https://www.msn.com:443/en-us/feed
|
unknown
|
||
|
https://www.msn.com/en-us/news/world/nobel-prize-in-literature-to-be-announced-in-stockholm/ar-AA1hI
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gKhb-dark
|
unknown
|
||
|
https://www.msn.com/en-us/weather/topstories/accuweather-el-ni
|
unknown
|
||
|
https://api.msn.com/v1/news/Feed/Windows?z$
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gPfv-dark
|
unknown
|
There are 52 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
nidoe.org
|
187.211.208.213
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
2.180.10.7
|
unknown
|
Iran (ISLAMIC Republic Of)
|
|
|
|
187.211.208.213
|
nidoe.org
|
Mexico
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
|
{5985FC23-2588-4D9A-B38B-7E7AFFAB3155} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
|
{A38B883C-1682-497E-97B0-0A3A9E801682} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1e\417C44EB
|
@explorerframe.dll,-13137
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1e\417C44EB
|
@explorerframe.dll,-13138
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.csv\OpenWithProgids
|
Excel.CSV
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\OpenWithProgids
|
Word.Document.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docm\OpenWithProgids
|
Word.DocumentMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithProgids
|
Word.Document.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dot\OpenWithProgids
|
Word.Template.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotm\OpenWithProgids
|
Word.TemplateMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotx\OpenWithProgids
|
Word.Template.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.msg\OpenWithProgids
|
Outlook.File.msg.15
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odp\OpenWithProgids
|
PowerPoint.OpenDocumentPresentation.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ods\OpenWithProgids
|
Excel.OpenDocumentSpreadsheet.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odt\OpenWithProgids
|
Word.OpenDocumentText.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pot\OpenWithProgids
|
PowerPoint.Template.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potm\OpenWithProgids
|
PowerPoint.TemplateMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potx\OpenWithProgids
|
PowerPoint.Template.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppam\OpenWithProgids
|
PowerPoint.Addin.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsm\OpenWithProgids
|
PowerPoint.SlideShowMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsx\OpenWithProgids
|
PowerPoint.SlideShow.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppt\OpenWithProgids
|
PowerPoint.Show.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptm\OpenWithProgids
|
PowerPoint.ShowMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptx\OpenWithProgids
|
PowerPoint.Show.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rtf\OpenWithProgids
|
Word.RTF.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldm\OpenWithProgids
|
PowerPoint.SlideMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldx\OpenWithProgids
|
PowerPoint.Slide.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vsto\OpenWithProgids
|
bootstrap.vsto.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlam\OpenWithProgids
|
Excel.AddInMacroEnabled
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xls\OpenWithProgids
|
Excel.Sheet.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsb\OpenWithProgids
|
Excel.SheetBinaryMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsm\OpenWithProgids
|
Excel.SheetMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsx\OpenWithProgids
|
Excel.Sheet.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlt\OpenWithProgids
|
Excel.Template.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltm\OpenWithProgids
|
Excel.TemplateMacroEnabled
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltx\OpenWithProgids
|
Excel.Template
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithProgids
|
Unpacker
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\GameDVR
|
KGLToGCSUpdatedRevision
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Shell\Bags\1\Desktop
|
IconLayouts
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
|
CheckSetting
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced
|
TaskbarStateLastRun
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories64\{00021492-0000-0000-C000-000000000046}\Enum
|
Implementing
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\OpenWithProgids
|
WMP11.AssocFile.3G2
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\OpenWithProgids
|
WMP11.AssocFile.3GP
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\OpenWithProgids
|
WMP11.AssocFile.ADTS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\OpenWithProgids
|
WMP11.AssocFile.AIFF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\OpenWithProgids
|
WMP11.AssocFile.ASF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\OpenWithProgids
|
WMP11.AssocFile.ASX
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\OpenWithProgids
|
WMP11.AssocFile.AU
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au3\OpenWithProgids
|
AutoIt3Script
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\OpenWithProgids
|
WMP11.AssocFile.AVI
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\OpenWithProgids
|
Paint.Picture
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cab\OpenWithProgids
|
CABFolder
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cdxml\OpenWithProgids
|
Microsoft.PowerShellCmdletDefinitionXML.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.css\OpenWithProgids
|
CSSfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dds\OpenWithProgids
|
ddsfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\OpenWithProgids
|
Paint.Picture
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\OpenWithProgids
|
dllfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\OpenWithProgids
|
emffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids
|
exefile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\OpenWithProgids
|
WMP11.AssocFile.FLAC
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fon\OpenWithProgids
|
fonfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithProgids
|
giffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids
|
htmlfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\OpenWithProgids
|
icofile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inf\OpenWithProgids
|
inffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\OpenWithProgids
|
inifile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\OpenWithProgids
|
pjpegfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\OpenWithProgids
|
jpegfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithProgids
|
jpegfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jxr\OpenWithProgids
|
wdpfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\OpenWithProgids
|
lnkfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2t\OpenWithProgids
|
WMP11.AssocFile.M2TS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\OpenWithProgids
|
WMP11.AssocFile.m3u
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\OpenWithProgids
|
WMP11.AssocFile.M4A
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\OpenWithProgids
|
WMP11.AssocFile.MP4
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\OpenWithProgids
|
mhtmlfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\OpenWithProgids
|
WMP11.AssocFile.MIDI
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mk3d\OpenWithProgids
|
WMP11.AssocFile.MK3D
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mka\OpenWithProgids
|
WMP11.AssocFile.MKA
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\OpenWithProgids
|
WMP11.AssocFile.MKV
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mod\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\OpenWithProgids
|
WMP11.AssocFile.MOV
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP2\OpenWithProgids
|
WMP11.AssocFile.MP3
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\OpenWithProgids
|
WMP11.AssocFile.MP4
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mts\OpenWithProgids
|
WMP11.AssocFile.M2TS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ocx\OpenWithProgids
|
ocxfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.otf\OpenWithProgids
|
otffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithProgids
|
pngfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1\OpenWithProgids
|
Microsoft.PowerShellScript.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1xml\OpenWithProgids
|
Microsoft.PowerShellXMLData.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd1\OpenWithProgids
|
Microsoft.PowerShellData.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psm1\OpenWithProgids
|
Microsoft.PowerShellModule.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pssc\OpenWithProgids
|
Microsoft.PowerShellSessionConfiguration.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\OpenWithProgids
|
rlefile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scf\OpenWithProgids
|
SHCmdFile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.search-ms\OpenWithProgids
|
SearchFolder
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\OpenWithProgids
|
shtmlfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\OpenWithProgids
|
WMP11.AssocFile.AU
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sys\OpenWithProgids
|
sysfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\OpenWithProgids
|
TIFImage.Document
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\OpenWithProgids
|
WMP11.AssocFile.TTS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\OpenWithProgids
|
ttcfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\OpenWithProgids
|
ttffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\OpenWithProgids
|
WMP11.AssocFile.TTS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithProgids
|
txtfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\OpenWithProgids
|
WMP11.AssocFile.WAV
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\OpenWithProgids
|
WMP11.AssocFile.WAX
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdp\OpenWithProgids
|
wdpfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\OpenWithProgids
|
WMP11.AssocFile.ASF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\OpenWithProgids
|
WMP11.AssocFile.WMA
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\OpenWithProgids
|
wmffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\OpenWithProgids
|
WMP11.AssocFile.WMV
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\OpenWithProgids
|
WMP11.AssocFile.ASX
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WPL\OpenWithProgids
|
WMP11.AssocFile.WPL
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\OpenWithProgids
|
WMP11.AssocFile.WVX
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\OpenWithProgids
|
xmlfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xsl\OpenWithProgids
|
xslfile
|
There are 167 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2761000
|
unclassified section
|
page read and write
|
|
|
|
C80000
|
direct allocation
|
page read and write
|
|
|
|
2730000
|
direct allocation
|
page read and write
|
|
|
|
2751000
|
unclassified section
|
page read and write
|
|
|
|
DB1000
|
unclassified section
|
page read and write
|
|
|
|
2630000
|
direct allocation
|
page read and write
|
|
|
|
B30000
|
unkown
|
page read and write
|
||
|
7FF4F2FA3000
|
unkown
|
page readonly
|
||
|
BB4B000
|
stack
|
page read and write
|
||
|
EC20000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
AE4000
|
unkown
|
page readonly
|
||
|
6FDC000
|
unkown
|
page read and write
|
||
|
7FF4F325F000
|
unkown
|
page readonly
|
||
|
7FF4F3336000
|
unkown
|
page readonly
|
||
|
B0D0000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F3343000
|
unkown
|
page readonly
|
||
|
2620000
|
direct allocation
|
page execute and read and write
|
||
|
7FF4F32F4000
|
unkown
|
page readonly
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
A301000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4E7E46000
|
unkown
|
page readonly
|
||
|
7FF4F327C000
|
unkown
|
page readonly
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
9B65000
|
unkown
|
page read and write
|
||
|
982C000
|
stack
|
page read and write
|
||
|
7FF4F312A000
|
unkown
|
page readonly
|
||
|
4E63000
|
unkown
|
page read and write
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
2F58000
|
unkown
|
page read and write
|
||
|
446A000
|
unkown
|
page read and write
|
||
|
92B0000
|
unkown
|
page read and write
|
||
|
2613000
|
heap
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
FFD4000
|
unkown
|
page read and write
|
||
|
EC12000
|
heap
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
7FF4F32A4000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
7FF4F2BA0000
|
unkown
|
page readonly
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
7FF4F31B1000
|
unkown
|
page readonly
|
||
|
7FF4F2DE8000
|
unkown
|
page readonly
|
||
|
6FD4000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
C19E000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
92F7000
|
stack
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
AF10000
|
stack
|
page read and write
|
||
|
7FF4F2C98000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
419000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
8F90000
|
unkown
|
page read and write
|
||
|
AAD0000
|
unkown
|
page read and write
|
||
|
A355000
|
unkown
|
page read and write
|
||
|
9B53000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
7FF4F32BC000
|
unkown
|
page readonly
|
||
|
9BD6000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
7FF4F329F000
|
unkown
|
page readonly
|
||
|
AF10000
|
unkown
|
page read and write
|
||
|
7DF40CFC0000
|
unkown
|
page readonly
|
||
|
8A70000
|
unkown
|
page read and write
|
||
|
9D08000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
7FF4F2E6B000
|
unkown
|
page readonly
|
||
|
A44000
|
heap
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
B0CB000
|
stack
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
7FF4F2EB2000
|
unkown
|
page readonly
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F3178000
|
unkown
|
page readonly
|
||
|
E17000
|
heap
|
page read and write
|
||
|
7FF4F2C35000
|
unkown
|
page readonly
|
||
|
7FF4F2D82000
|
unkown
|
page readonly
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
7FF4F2E56000
|
unkown
|
page readonly
|
||
|
2F6F000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
7FF4F2F68000
|
unkown
|
page readonly
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
7FF4F3149000
|
unkown
|
page readonly
|
||
|
8A60000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
8780000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F2D29000
|
unkown
|
page readonly
|
||
|
FF96000
|
unkown
|
page read and write
|
||
|
41E000
|
unkown
|
page write copy
|
||
|
7440000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F321E000
|
unkown
|
page readonly
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
A819000
|
stack
|
page read and write
|
||
|
7FF4F3103000
|
unkown
|
page readonly
|
||
|
7DF40CFB1000
|
unkown
|
page execute read
|
||
|
7FF4F2DCB000
|
unkown
|
page readonly
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
900C000
|
stack
|
page read and write
|
||
|
6FE1000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
8A60000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F2C8F000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
EC10000
|
heap
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
C0B9000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
E5CB000
|
stack
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F3303000
|
unkown
|
page readonly
|
||
|
7FF4F2F72000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
841F000
|
stack
|
page read and write
|
||
|
2EFD000
|
unkown
|
page read and write
|
||
|
7FF4F3238000
|
unkown
|
page readonly
|
||
|
410000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
2D50000
|
unkown
|
page read and write
|
||
|
7490000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
AF10000
|
unkown
|
page read and write
|
||
|
B90000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
B9B000
|
stack
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
B90000
|
unkown
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
C07F000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
6E35000
|
stack
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
B0D0000
|
unkown
|
page read and write
|
||
|
9C83000
|
unkown
|
page read and write
|
||
|
8F90000
|
unkown
|
page read and write
|
||
|
7FF4F31A5000
|
unkown
|
page readonly
|
||
|
BC4B000
|
stack
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
8759000
|
unkown
|
page read and write
|
||
|
2D10000
|
unkown
|
page readonly
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
7FF4F2709000
|
unkown
|
page readonly
|
||
|
899E000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F30E3000
|
unkown
|
page readonly
|
||
|
6FC7000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
2800000
|
heap
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
7EF0000
|
unkown
|
page readonly
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
B0D0000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9008000
|
stack
|
page read and write
|
||
|
6FC0000
|
unkown
|
page read and write
|
||
|
7FF4F3142000
|
unkown
|
page readonly
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
7FF4F30F3000
|
unkown
|
page readonly
|
||
|
2D60000
|
unkown
|
page read and write
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
B50000
|
unkown
|
page read and write
|
||
|
2720000
|
direct allocation
|
page execute and read and write
|
||
|
7FF4F2F05000
|
unkown
|
page readonly
|
||
|
7FF4F3273000
|
unkown
|
page readonly
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
AC21000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F331B000
|
unkown
|
page readonly
|
||
|
B0D0000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
4328000
|
unkown
|
page read and write
|
||
|
4D78000
|
stack
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
7FF4F2FB4000
|
unkown
|
page readonly
|
||
|
7FF4F2DA8000
|
unkown
|
page readonly
|
||
|
7FF4F2B72000
|
unkown
|
page readonly
|
||
|
9A2F000
|
stack
|
page read and write
|
||
|
4340000
|
unkown
|
page read and write
|
||
|
25F7000
|
stack
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F30B2000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
29C1000
|
heap
|
page read and write
|
||
|
B50000
|
unkown
|
page read and write
|
||
|
7FF4F30AD000
|
unkown
|
page readonly
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
AE2000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F2701000
|
unkown
|
page readonly
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
766E000
|
stack
|
page read and write
|
||
|
9B33000
|
unkown
|
page read and write
|
||
|
C70000
|
direct allocation
|
page execute and read and write
|
||
|
88E6000
|
unkown
|
page read and write
|
||
|
7FF4F3284000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page execute and read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
839E000
|
stack
|
page read and write
|
||
|
7FF4F2CBF000
|
unkown
|
page readonly
|
||
|
7FF4F2CC6000
|
unkown
|
page readonly
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
7FF4F2EAA000
|
unkown
|
page readonly
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
C80000
|
direct allocation
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
88BB000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
7FF4F30FF000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F2DC6000
|
unkown
|
page readonly
|
||
|
EC62000
|
unkown
|
page read and write
|
||
|
9B88000
|
unkown
|
page read and write
|
||
|
AE40000
|
unkown
|
page read and write
|
||
|
6FF5000
|
unkown
|
page read and write
|
||
|
82C0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
BD75000
|
unkown
|
page read and write
|
||
|
2FB0000
|
unkown
|
page readonly
|
||
|
2D30000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
7FF4F2DE0000
|
unkown
|
page readonly
|
||
|
85F0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
7027000
|
unkown
|
page read and write
|
||
|
2AD6000
|
stack
|
page read and write
|
||
|
7FF4F30FB000
|
unkown
|
page readonly
|
||
|
C1D4000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B2BB000
|
stack
|
page read and write
|
||
|
2C60000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F2298000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
6FF3000
|
unkown
|
page read and write
|
||
|
A799000
|
stack
|
page read and write
|
||
|
261E000
|
stack
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
7FF4F3205000
|
unkown
|
page readonly
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
DECF000
|
stack
|
page read and write
|
||
|
896A000
|
unkown
|
page read and write
|
||
|
7DF40CFD1000
|
unkown
|
page execute read
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
82C0000
|
unkown
|
page read and write
|
||
|
DDCD000
|
stack
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
CE0000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
2F8A000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
BCD0000
|
unkown
|
page read and write
|
||
|
A93B000
|
stack
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
7FF4F307B000
|
unkown
|
page readonly
|
||
|
8A50000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
8A60000
|
unkown
|
page read and write
|
||
|
7FF4F3144000
|
unkown
|
page readonly
|
||
|
DFCE000
|
stack
|
page read and write
|
||
|
7FF4F2C8C000
|
unkown
|
page readonly
|
||
|
24FA000
|
stack
|
page read and write
|
||
|
7FF4F2D9B000
|
unkown
|
page readonly
|
||
|
7FF4F319E000
|
unkown
|
page readonly
|
||
|
A2E3000
|
unkown
|
page read and write
|
||
|
7FF4F2FE3000
|
unkown
|
page readonly
|
||
|
29C0000
|
heap
|
page read and write
|
||
|
2F38000
|
unkown
|
page read and write
|
||
|
7FF4F2EA2000
|
unkown
|
page readonly
|
||
|
DF4E000
|
stack
|
page read and write
|
||
|
BACE000
|
stack
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
7FF4F2D2D000
|
unkown
|
page readonly
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
B40000
|
unkown
|
page read and write
|
||
|
78C0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
BD69000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
27D0000
|
heap
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
C1EB000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
4DE1000
|
unkown
|
page read and write
|
||
|
888E000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
40B000
|
unkown
|
page execute read
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
7460000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
97AE000
|
stack
|
page read and write
|
||
|
EC1A000
|
heap
|
page read and write
|
||
|
2F45000
|
unkown
|
page read and write
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
85F4000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8210000
|
unkown
|
page read and write
|
||
|
8AC0000
|
unkown
|
page read and write
|
||
|
8F90000
|
unkown
|
page read and write
|
||
|
AE2000
|
unkown
|
page read and write
|
||
|
85A0000
|
unkown
|
page readonly
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
41A000
|
unkown
|
page write copy
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
9C9E000
|
unkown
|
page read and write
|
||
|
826F000
|
unkown
|
page read and write
|
||
|
7FF4F32ED000
|
unkown
|
page readonly
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
B0D0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
C045000
|
unkown
|
page read and write
|
||
|
29F0000
|
unkown
|
page readonly
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
4410000
|
unkown
|
page read and write
|
||
|
8AB0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F2FAF000
|
unkown
|
page readonly
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
7FF4F320C000
|
unkown
|
page readonly
|
||
|
8F90000
|
unkown
|
page read and write
|
||
|
7FF4F30C2000
|
unkown
|
page readonly
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
7FF4F2DE3000
|
unkown
|
page readonly
|
||
|
82C0000
|
unkown
|
page read and write
|
||
|
A2FA000
|
unkown
|
page read and write
|
||
|
8A70000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
7FF4F32F0000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7007000
|
unkown
|
page read and write
|
||
|
B180000
|
unkown
|
page readonly
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
C00000
|
unkown
|
page readonly
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
7065000
|
unkown
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
C5E000
|
stack
|
page read and write
|
||
|
9BD8000
|
unkown
|
page read and write
|
||
|
2A50000
|
unkown
|
page readonly
|
||
|
7FF4F23D0000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
702C000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
B190000
|
unkown
|
page read and write
|
||
|
9B8C000
|
unkown
|
page read and write
|
||
|
7FF4F2B63000
|
unkown
|
page readonly
|
||
|
8A70000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
7FF4F30F1000
|
unkown
|
page readonly
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
7FF4F3254000
|
unkown
|
page readonly
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
9B8F000
|
unkown
|
page read and write
|
||
|
B90000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page execute and read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F30EF000
|
unkown
|
page readonly
|
||
|
E44D000
|
stack
|
page read and write
|
||
|
7FF4F30CC000
|
unkown
|
page readonly
|
||
|
AC30000
|
unkown
|
page read and write
|
||
|
7FF4F316E000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
433C000
|
unkown
|
page read and write
|
||
|
B83C000
|
stack
|
page read and write
|
||
|
7477000
|
unkown
|
page read and write
|
||
|
CA4000
|
heap
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
DAF000
|
stack
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
A9BD000
|
stack
|
page read and write
|
||
|
85FC000
|
unkown
|
page read and write
|
||
|
7FF4F317B000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
92B0000
|
unkown
|
page read and write
|
||
|
7FF4F2E50000
|
unkown
|
page readonly
|
||
|
82C0000
|
unkown
|
page read and write
|
||
|
7FF4F2FEB000
|
unkown
|
page readonly
|
||
|
8220000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
8979000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
A2FE000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
9F0000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
2F7B000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F30AB000
|
unkown
|
page readonly
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
82C0000
|
unkown
|
page read and write
|
||
|
D2E000
|
stack
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
96FC000
|
stack
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
A01000
|
unkown
|
page readonly
|
||
|
B40000
|
unkown
|
page read and write
|
||
|
2F0E000
|
unkown
|
page read and write
|
||
|
82C0000
|
unkown
|
page read and write
|
||
|
B90000
|
unkown
|
page read and write
|
||
|
2D20000
|
unkown
|
page read and write
|
||
|
7FF4F2CEC000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
BD22000
|
unkown
|
page read and write
|
||
|
7839000
|
stack
|
page read and write
|
||
|
9CAB000
|
unkown
|
page read and write
|
||
|
29DA000
|
stack
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
876D000
|
unkown
|
page read and write
|
||
|
CC0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
E4A0000
|
heap
|
page read and write
|
||
|
A306000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
7FF4F30B7000
|
unkown
|
page readonly
|
||
|
DE49000
|
stack
|
page read and write
|
||
|
9C3D000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
E64E000
|
stack
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
7FF4F32C8000
|
unkown
|
page readonly
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
7FF4F2FB1000
|
unkown
|
page readonly
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
4344000
|
unkown
|
page read and write
|
||
|
7FF4F31BE000
|
unkown
|
page readonly
|
||
|
7FF4F2F8B000
|
unkown
|
page readonly
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
B939000
|
stack
|
page read and write
|
||
|
B0D0000
|
unkown
|
page read and write
|
||
|
8E89000
|
stack
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B40000
|
unkown
|
page read and write
|
||
|
419000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
6FE9000
|
unkown
|
page read and write
|
||
|
87BB000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
7FF4F2D68000
|
unkown
|
page readonly
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
B2C0000
|
unkown
|
page readonly
|
||
|
2990000
|
heap
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
BFB3000
|
unkown
|
page read and write
|
||
|
8A70000
|
unkown
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7DF40CFF1000
|
unkown
|
page execute read
|
||
|
41E000
|
unkown
|
page write copy
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F2B94000
|
unkown
|
page readonly
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
78B9000
|
stack
|
page read and write
|
||
|
A8BF000
|
stack
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B90000
|
unkown
|
page read and write
|
||
|
7FF4F3196000
|
unkown
|
page readonly
|
||
|
7FF4F30C5000
|
unkown
|
page readonly
|
||
|
8A60000
|
unkown
|
page read and write
|
||
|
43F6000
|
unkown
|
page read and write
|
||
|
7FF4F2F13000
|
unkown
|
page readonly
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
6FCC000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B1D0000
|
unkown
|
page read and write
|
||
|
9D0D000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
F6F000
|
stack
|
page read and write
|
||
|
B14C000
|
stack
|
page read and write
|
||
|
9B92000
|
unkown
|
page read and write
|
||
|
BDA7000
|
unkown
|
page read and write
|
||
|
862F000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
8FC0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
4400000
|
unkown
|
page read and write
|
||
|
B0D0000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
74D0000
|
unkown
|
page readonly
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
8685000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
EE50000
|
unkown
|
page read and write
|
||
|
8796000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
40B000
|
unkown
|
page execute read
|
||
|
AFCC000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page execute and read and write
|
||
|
7FF4F2CE7000
|
unkown
|
page readonly
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
7FF4F2C32000
|
unkown
|
page readonly
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
7FF4F3111000
|
unkown
|
page readonly
|
||
|
9B20000
|
unkown
|
page read and write
|
||
|
7FF4F2EDB000
|
unkown
|
page readonly
|
||
|
7FF4F2F89000
|
unkown
|
page readonly
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
7FF4F3374000
|
unkown
|
page readonly
|
||
|
2EF1000
|
unkown
|
page read and write
|
||
|
7FBE000
|
stack
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
4379000
|
unkown
|
page read and write
|
||
|
E54C000
|
stack
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
8FC0000
|
unkown
|
page read and write
|
||
|
BFF8000
|
unkown
|
page read and write
|
||
|
7FF4F3367000
|
unkown
|
page readonly
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
B40000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
AAC0000
|
unkown
|
page read and write
|
||
|
A2A0000
|
unkown
|
page read and write
|
||
|
82C0000
|
unkown
|
page read and write
|
||
|
B787000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F3051000
|
unkown
|
page readonly
|
||
|
7FF4F3240000
|
unkown
|
page readonly
|
||
|
9B75000
|
unkown
|
page read and write
|
||
|
BD6D000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
AF10000
|
unkown
|
page read and write
|
||
|
419000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
7FF4F3307000
|
unkown
|
page readonly
|
||
|
C29A000
|
unkown
|
page read and write
|
||
|
7FF4F313F000
|
unkown
|
page readonly
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
7FF4F30F6000
|
unkown
|
page readonly
|
||
|
B74F000
|
stack
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F316B000
|
unkown
|
page readonly
|
||
|
B40000
|
unkown
|
page read and write
|
||
|
7FF4F2F81000
|
unkown
|
page readonly
|
||
|
7FF4F3058000
|
unkown
|
page readonly
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
2F67000
|
unkown
|
page read and write
|
||
|
419000
|
unkown
|
page write copy
|
||
|
6E60000
|
unkown
|
page read and write
|
||
|
7FF4F3020000
|
unkown
|
page readonly
|
||
|
8755000
|
unkown
|
page read and write
|
||
|
BE32000
|
unkown
|
page read and write
|
||
|
BCCF000
|
stack
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
C105000
|
unkown
|
page read and write
|
||
|
BD80000
|
unkown
|
page read and write
|
||
|
8FC0000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
7FF4F335A000
|
unkown
|
page readonly
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F3231000
|
unkown
|
page readonly
|
||
|
4391000
|
unkown
|
page read and write
|
||
|
82C0000
|
unkown
|
page read and write
|
||
|
7FF4F3361000
|
unkown
|
page readonly
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B90000
|
unkown
|
page read and write
|
||
|
EE20000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
2750000
|
unclassified section
|
page read and write
|
||
|
43C4000
|
unkown
|
page read and write
|
||
|
FF14000
|
unkown
|
page read and write
|
||
|
7FF4F2DD5000
|
unkown
|
page readonly
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
8A70000
|
unkown
|
page read and write
|
||
|
FF53000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
27D0000
|
heap
|
page read and write
|
||
|
7FF4F30D4000
|
unkown
|
page readonly
|
||
|
B0D0000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
772D000
|
stack
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
9E0000
|
unkown
|
page read and write
|
||
|
7FF4F2F19000
|
unkown
|
page readonly
|
||
|
876F000
|
unkown
|
page read and write
|
||
|
B0D0000
|
unkown
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
9C9B000
|
unkown
|
page read and write
|
||
|
BEF6000
|
unkown
|
page read and write
|
||
|
7FF4F2E01000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F3133000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
C3A000
|
heap
|
page read and write
|
||
|
7FF4F2EA4000
|
unkown
|
page readonly
|
||
|
E22000
|
heap
|
page execute and read and write
|
||
|
7FF4F2DDD000
|
unkown
|
page readonly
|
||
|
B90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7DF40CFE1000
|
unkown
|
page execute read
|
||
|
7FF4F302B000
|
unkown
|
page readonly
|
||
|
DD4C000
|
stack
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
992F000
|
stack
|
page read and write
|
||
|
7FF4F2D0A000
|
unkown
|
page readonly
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
8AB0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
2F10000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
B04A000
|
stack
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
74E0000
|
unkown
|
page readonly
|
||
|
B1E000
|
heap
|
page execute and read and write
|
||
|
7FF4F2FAB000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7150000
|
unkown
|
page read and write
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
7FF4F2CF7000
|
unkown
|
page readonly
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
B0D0000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
BDC8000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
AB00000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
2A20000
|
unkown
|
page readonly
|
||
|
FEDB000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
8F90000
|
unkown
|
page read and write
|
||
|
BD60000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7E3E000
|
stack
|
page read and write
|
||
|
82C0000
|
unkown
|
page read and write
|
||
|
85F2000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
2630000
|
direct allocation
|
page read and write
|
||
|
AE40000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
BD5C000
|
unkown
|
page read and write
|
||
|
7FF4F2E5F000
|
unkown
|
page readonly
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
E2F000
|
stack
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
E38000
|
heap
|
page read and write
|
||
|
BF0A000
|
unkown
|
page read and write
|
||
|
8556000
|
unkown
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
AE2000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
7FF4F3245000
|
unkown
|
page readonly
|
||
|
8765000
|
unkown
|
page read and write
|
||
|
BD99000
|
unkown
|
page read and write
|
||
|
7DF40CFB0000
|
unkown
|
page readonly
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
AAF0000
|
unkown
|
page readonly
|
||
|
8971000
|
unkown
|
page read and write
|
||
|
7164000
|
unkown
|
page read and write
|
||
|
7FF4F3039000
|
unkown
|
page readonly
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
7FF4F2D1F000
|
unkown
|
page readonly
|
||
|
8290000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F2D4C000
|
unkown
|
page readonly
|
||
|
EC81000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
AE40000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
BFAB000
|
unkown
|
page read and write
|
||
|
41E000
|
unkown
|
page write copy
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
4356000
|
unkown
|
page read and write
|
||
|
7320000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
C90000
|
unclassified section
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
C0B3000
|
unkown
|
page read and write
|
||
|
8921000
|
unkown
|
page read and write
|
||
|
7FF4F2EFD000
|
unkown
|
page readonly
|
||
|
7FF4F2D74000
|
unkown
|
page readonly
|
||
|
81E0000
|
unkown
|
page read and write
|
||
|
87C0000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
AE4000
|
unkown
|
page readonly
|
||
|
C3E000
|
heap
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B80000
|
unkown
|
page read and write
|
||
|
7FF4F30DB000
|
unkown
|
page readonly
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
E2F000
|
stack
|
page read and write
|
||
|
82C0000
|
unkown
|
page read and write
|
||
|
2F52000
|
unkown
|
page read and write
|
||
|
5F0000
|
unkown
|
page readonly
|
||
|
75C0000
|
unkown
|
page readonly
|
||
|
7FF4F2DEA000
|
unkown
|
page readonly
|
||
|
7FF4F2F0F000
|
unkown
|
page readonly
|
||
|
445A000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
6FBA000
|
unkown
|
page read and write
|
||
|
7FF4F2CB6000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8AC0000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
41A000
|
unkown
|
page write copy
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
C123000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
7FF4F2B75000
|
unkown
|
page readonly
|
||
|
B90000
|
unkown
|
page read and write
|
||
|
4E79000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
82C0000
|
unkown
|
page read and write
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
7058000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
7DF40CFC1000
|
unkown
|
page execute read
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
74F0000
|
unkown
|
page readonly
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
7DF40CFD0000
|
unkown
|
page readonly
|
||
|
7FF4F328E000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
BEDC000
|
unkown
|
page read and write
|
||
|
BEC0000
|
unkown
|
page read and write
|
||
|
98AC000
|
stack
|
page read and write
|
||
|
B8B8000
|
stack
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
8F90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
444A000
|
unkown
|
page read and write
|
||
|
419000
|
unkown
|
page write copy
|
||
|
10050000
|
unkown
|
page read and write
|
||
|
9CB8000
|
unkown
|
page read and write
|
||
|
8AB0000
|
unkown
|
page read and write
|
||
|
7FF4F32D1000
|
unkown
|
page readonly
|
||
|
2610000
|
heap
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B0D0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
AECF000
|
stack
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
B1D0000
|
stack
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
BF36000
|
unkown
|
page read and write
|
||
|
A9E0000
|
unkown
|
page readonly
|
||
|
7670000
|
unkown
|
page readonly
|
||
|
7FF4F318C000
|
unkown
|
page readonly
|
||
|
EC66000
|
unkown
|
page read and write
|
||
|
703A000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
85D0000
|
unkown
|
page read and write
|
||
|
6FD0000
|
unkown
|
page read and write
|
||
|
7FF4F2714000
|
unkown
|
page readonly
|
||
|
7FF4F2D26000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F2D01000
|
unkown
|
page readonly
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
C079000
|
unkown
|
page read and write
|
||
|
BF16000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F323C000
|
unkown
|
page readonly
|
||
|
8A70000
|
unkown
|
page read and write
|
||
|
82C0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
7FF4F32B6000
|
unkown
|
page readonly
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
27B1000
|
heap
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
FEE9000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F31CB000
|
unkown
|
page readonly
|
||
|
4306000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
40B000
|
unkown
|
page execute read
|
||
|
8AB0000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
7F00000
|
unkown
|
page read and write
|
||
|
B90000
|
unkown
|
page read and write
|
||
|
A71D000
|
stack
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
2E90000
|
unkown
|
page readonly
|
||
|
B0A000
|
heap
|
page read and write
|
||
|
7FF4F2B86000
|
unkown
|
page readonly
|
||
|
410000
|
unkown
|
page readonly
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
9CC2000
|
unkown
|
page read and write
|
||
|
875000
|
stack
|
page read and write
|
||
|
2F56000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
AA8C000
|
stack
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
7730000
|
unkown
|
page read and write
|
||
|
AF80000
|
unkown
|
page read and write
|
||
|
BDAF000
|
unkown
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
A30D000
|
unkown
|
page read and write
|
||
|
B1D0000
|
unkown
|
page read and write
|
||
|
C1CE000
|
unkown
|
page read and write
|
||
|
8580000
|
unkown
|
page readonly
|
||
|
9DB000
|
stack
|
page read and write
|
||
|
2EA0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
2991000
|
heap
|
page read and write
|
||
|
6FB6000
|
unkown
|
page read and write
|
||
|
7FF4F2CFB000
|
unkown
|
page readonly
|
||
|
4420000
|
unkown
|
page read and write
|
||
|
27B0000
|
heap
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
2E70000
|
stack
|
page read and write
|
||
|
2F60000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
7FF4F2D93000
|
unkown
|
page readonly
|
||
|
AE40000
|
unkown
|
page read and write
|
||
|
B0D0000
|
unkown
|
page read and write
|
||
|
7FF4F2CFE000
|
unkown
|
page readonly
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
8E09000
|
stack
|
page read and write
|
||
|
9830000
|
unkown
|
page read and write
|
||
|
7FF4F31C3000
|
unkown
|
page readonly
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
41E000
|
unkown
|
page write copy
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
9AAE000
|
stack
|
page read and write
|
||
|
8AC0000
|
unkown
|
page read and write
|
||
|
9B3A000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
7FF4F333D000
|
unkown
|
page readonly
|
||
|
82C0000
|
unkown
|
page read and write
|
||
|
B0D0000
|
unkown
|
page read and write
|
||
|
B0D0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7420000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
A2E0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
7FF4F32FC000
|
unkown
|
page readonly
|
||
|
6FB0000
|
unkown
|
page read and write
|
||
|
74A0000
|
unkown
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
7FF4F32D8000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
7FF4F2B8F000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B40000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
6FEF000
|
unkown
|
page read and write
|
||
|
AE4000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B0D0000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
8996000
|
unkown
|
page read and write
|
||
|
AF80000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
B20000
|
unkown
|
page read and write
|
||
|
7FF4F2E8F000
|
unkown
|
page readonly
|
||
|
7FF4F2FD4000
|
unkown
|
page readonly
|
||
|
B50000
|
unkown
|
page read and write
|
||
|
CD5000
|
heap
|
page read and write
|
||
|
7FF4F2D79000
|
unkown
|
page readonly
|
||
|
B0E000
|
heap
|
page read and write
|
||
|
B90000
|
unkown
|
page read and write
|
||
|
FED2000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
7FF4F32C4000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
AF80000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A70000
|
unkown
|
page read and write
|
||
|
7FF4F30CA000
|
unkown
|
page readonly
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
E6E000
|
stack
|
page read and write
|
||
|
92B0000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
8761000
|
unkown
|
page read and write
|
||
|
7FF4F31DE000
|
unkown
|
page readonly
|
||
|
B20000
|
stack
|
page read and write
|
||
|
7FF4F2DF3000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
887F000
|
unkown
|
page read and write
|
||
|
B0D0000
|
unkown
|
page read and write
|
||
|
7FF4F321A000
|
unkown
|
page readonly
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
100F000
|
stack
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F3181000
|
unkown
|
page readonly
|
||
|
AF4C000
|
stack
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B90000
|
unkown
|
page read and write
|
||
|
BD1C000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
9B9F000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F32CA000
|
unkown
|
page readonly
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
274F000
|
stack
|
page read and write
|
||
|
7FF4F3314000
|
unkown
|
page readonly
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
7F20000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7FF4F2CF1000
|
unkown
|
page readonly
|
||
|
7FF4F2F91000
|
unkown
|
page readonly
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
7FF4F32C6000
|
unkown
|
page readonly
|
||
|
7FF4F2D11000
|
unkown
|
page readonly
|
||
|
FF9B000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
B90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
C4D000
|
heap
|
page execute and read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
7FF4F2FC7000
|
unkown
|
page readonly
|
||
|
8B49000
|
stack
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
7052000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
898F000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
B50000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
7FF4F31E7000
|
unkown
|
page readonly
|
||
|
8AC0000
|
unkown
|
page read and write
|
||
|
AE4000
|
unkown
|
page readonly
|
||
|
7112000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
41A000
|
unkown
|
page write copy
|
||
|
BE4000
|
heap
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
BFA7000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
C50000
|
unkown
|
page readonly
|
||
|
76A0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
B90000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
C2E000
|
stack
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F3137000
|
unkown
|
page readonly
|
||
|
7FF4F3294000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
82C0000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
C63000
|
heap
|
page read and write
|
||
|
82C0000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
B190000
|
stack
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
7FF4F2B98000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F2DA4000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
C0C3000
|
unkown
|
page read and write
|
||
|
8773000
|
unkown
|
page read and write
|
||
|
AED0000
|
unkown
|
page read and write
|
||
|
7FF4F32F6000
|
unkown
|
page readonly
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
41E000
|
unkown
|
page write copy
|
||
|
B50000
|
unkown
|
page read and write
|
||
|
8200000
|
unkown
|
page read and write
|
||
|
7FF4F31FE000
|
unkown
|
page readonly
|
||
|
A20000
|
heap
|
page read and write
|
||
|
BEFF000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
BCD4000
|
unkown
|
page read and write
|
||
|
7FF4F2D1C000
|
unkown
|
page readonly
|
||
|
2DFC000
|
stack
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
BB0000
|
unkown
|
page readonly
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
7FF4F32DE000
|
unkown
|
page readonly
|
||
|
7FF4F2F78000
|
unkown
|
page readonly
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
2640000
|
heap
|
page read and write
|
||
|
28B0000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
7FF4F31C5000
|
unkown
|
page readonly
|
||
|
4430000
|
unkown
|
page read and write
|
||
|
7FF4E7E40000
|
unkown
|
page readonly
|
||
|
B206000
|
stack
|
page read and write
|
||
|
7FF4F2FBD000
|
unkown
|
page readonly
|
||
|
4480000
|
unkown
|
page read and write
|
||
|
438D000
|
unkown
|
page read and write
|
||
|
257E000
|
stack
|
page read and write
|
||
|
82C0000
|
unkown
|
page read and write
|
||
|
6E40000
|
unkown
|
page read and write
|
||
|
AE4000
|
unkown
|
page readonly
|
||
|
8A70000
|
unkown
|
page read and write
|
||
|
8A60000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
BF2E000
|
unkown
|
page read and write
|
||
|
B90000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
43C0000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
7FF4F2F01000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
AF10000
|
unkown
|
page read and write
|
||
|
B50000
|
unkown
|
page read and write
|
||
|
7FF4F3016000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
EC51000
|
unkown
|
page read and write
|
||
|
B190000
|
unkown
|
page read and write
|
||
|
EC5D000
|
unkown
|
page read and write
|
||
|
8602000
|
unkown
|
page read and write
|
||
|
7FF4F2FC4000
|
unkown
|
page readonly
|
||
|
8F90000
|
unkown
|
page read and write
|
||
|
7FF4F32AC000
|
unkown
|
page readonly
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
99AF000
|
stack
|
page read and write
|
||
|
C145000
|
unkown
|
page read and write
|
||
|
7FF4F2D95000
|
unkown
|
page readonly
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
2730000
|
direct allocation
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
C1C0000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
74C0000
|
unkown
|
page readonly
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
8C80000
|
unkown
|
page readonly
|
||
|
2BDA000
|
stack
|
page read and write
|
||
|
7FF4F2C29000
|
unkown
|
page readonly
|
||
|
10014000
|
unkown
|
page read and write
|
||
|
7FF4F2FA7000
|
unkown
|
page readonly
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
4300000
|
unkown
|
page read and write
|
||
|
4CB0000
|
unkown
|
page write copy
|
||
|
2B59000
|
stack
|
page read and write
|
||
|
BBCE000
|
stack
|
page read and write
|
||
|
C30000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
2C59000
|
stack
|
page read and write
|
||
|
B9BA000
|
stack
|
page read and write
|
||
|
1071000
|
unkown
|
page readonly
|
||
|
8AB0000
|
unkown
|
page read and write
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
B80000
|
unkown
|
page read and write
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
590000
|
unkown
|
page readonly
|
||
|
B0D0000
|
unkown
|
page read and write
|
||
|
8A60000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F2FD2000
|
unkown
|
page readonly
|
||
|
6FF1000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
419000
|
unkown
|
page write copy
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B33000
|
heap
|
page read and write
|
||
|
7FF4F3121000
|
unkown
|
page readonly
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
7FF4F2FD0000
|
unkown
|
page readonly
|
||
|
7FF4F313B000
|
unkown
|
page readonly
|
||
|
7FF4F3278000
|
unkown
|
page readonly
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
EC09000
|
stack
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
82C0000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
81F0000
|
heap
|
page read and write
|
||
|
7FF4F2D48000
|
unkown
|
page readonly
|
||
|
2740000
|
unclassified section
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
957D000
|
stack
|
page read and write
|
||
|
B90000
|
unkown
|
page read and write
|
||
|
7FF4F30DD000
|
unkown
|
page readonly
|
||
|
2F1A000
|
unkown
|
page read and write
|
||
|
9B37000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
580000
|
unkown
|
page readonly
|
||
|
82C0000
|
unkown
|
page read and write
|
||
|
AAE0000
|
unkown
|
page read and write
|
||
|
7EBB000
|
stack
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
E450000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
4395000
|
unkown
|
page read and write
|
||
|
410000
|
unkown
|
page readonly
|
||
|
9BB3000
|
unkown
|
page read and write
|
||
|
9274000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7541000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
AF50000
|
unkown
|
page read and write
|
||
|
7FF4F3068000
|
unkown
|
page readonly
|
||
|
7430000
|
unkown
|
page read and write
|
||
|
BEF2000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
AE4000
|
unkown
|
page readonly
|
||
|
BF1B000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
AED0000
|
stack
|
page read and write
|
||
|
9CB5000
|
unkown
|
page read and write
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
2A10000
|
unkown
|
page readonly
|
||
|
82C0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
CD4000
|
heap
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
41E000
|
unkown
|
page write copy
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
7FF4F2D50000
|
unkown
|
page readonly
|
||
|
9CA8000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8430000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
87B2000
|
unkown
|
page read and write
|
||
|
B0D0000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
4393000
|
unkown
|
page read and write
|
||
|
8AA0000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
||
|
89B9000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
9D15000
|
unkown
|
page read and write
|
||
|
82D0000
|
unkown
|
page readonly
|
||
|
8A70000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7480000
|
unkown
|
page read and write
|
||
|
8A90000
|
unkown
|
page read and write
|
||
|
B30000
|
unkown
|
page read and write
|
There are 1370 hidden memdumps, click here to show them.