Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Quarantined Messages.zip
|
Zip archive data, at least v4.5 to extract, compression method=deflate
|
initial sample
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\1afc5eff-928a-48ab-9e1f-86b4c3ce8396.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\Acrobat\Eureka\AcroCoreSync\Adobe\CoreSync\EntitySync\80307f885d209ff3421f3adf000d6b1e.db
|
SQLite 3.x database, last written using SQLite version 3040000, writer version 2, read version 2, file counter 1, database
pages 1, cookie 0, schema 0, unknown 0 encoding, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\Acrobat\Eureka\AcroCoreSync\Adobe\CoreSync\EntitySync\80307f885d209ff3421f3adf000d6b1e.db-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\Acrobat\Eureka\AcroCoreSync\Adobe\CoreSync\EntitySync\80307f885d209ff3421f3adf000d6b1e.db-shm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\Acrobat\Eureka\AcroCoreSync\Adobe\CoreSync\EntitySync\80307f885d209ff3421f3adf000d6b1e.db-wal
|
SQLite Write-Ahead Log, version 3007000
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\Acrobat\Eureka\AcroCoreSync\CreativeCloud\CoreSync\EntitySync-2024-04-18.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\Acrobat\RFL\LocalMapping\RFLDB230
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 1, database pages 8, cookie 0x3, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\Acrobat\RFL\LocalMapping\RFLDB230-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 11, database pages 21, cookie 0x5, schema 4,
UTF-8, version-valid-for 11
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\Reader\Synchronizer\metadata\Synchronizer
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 1, database pages 23, cookie 0x11, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\Reader\Synchronizer\metadata\Synchronizer-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.5888
|
PostScript document text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt23.lst (copy)
|
PostScript document text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\IconCacheAcro65536.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 23, database pages 3, cookie 0x2, schema 4, UTF-8,
version-valid-for 23
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI210.LOG
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\A9d2gbjb_14asesj_4jk.tmp
|
PDF document, version 1.6, 0 pages
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-04-18 19-28-59-503.log
|
ASCII text, with very long lines (393)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
|
ASCII text, with very long lines (393), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\05fe1b59-7124-4cb4-9416-846d901cc2d8.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 160932
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\2636e2f5-b16f-48d9-b34b-5d3fda3baabe.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\6ae71c8a-da7c-426d-900a-f035440d57e2.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 160932
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\76c972c0-a88c-4bf1-9272-19d4afa9618c.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\c0fe07db-06c1-4862-b3ef-6d3ba5684b88.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\f6378d1e-6535-47e2-96ef-c3e415b0f89d.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 18 16:29:53 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 18 16:29:53 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 18 16:29:53 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 18 16:29:53 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 18 16:29:53 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
There are 61 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\rundll32.exe
|
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6}
-Embedding
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\AppData\Local\Temp\Temp1_Quarantined Messages.zip\Lockstep
Line Card (February 2024).pdf"
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0"
--lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2284
--field-trial-handle=1600,i,10284408637039516719,12554602483558215056,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.adobe.com/go/reader-upsell-edit?mv=in-product&mv2=reader&invc=mega-verbs&tl=EditPDFRdrAppFull&subtl=TouchUpAddTextbox&modern=true&SCAMode=Rdr&DTProd=Reader&DTServLvl=SignedOut&ttsrccat=RGS0263*ENU*Control
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" -c
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2224 --field-trial-handle=1864,i,3429994477363920611,11643239225916485483,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" -c --type=collab-renderer --proc=4076
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" -c
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" -c --type=collab-renderer --proc=4344
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" -c
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" -c --type=collab-renderer --proc=5756
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\RDCNotificationClient\FullTrustNotifier.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\RDCNotificationClient\FullTrustNotifier.exe" GetChannelUri
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://.V
|
unknown
|
||
|
https://wns.windows.com/
|
unknown
|
||
|
https://android.notify.windows.com/iOS
|
unknown
|
||
|
https://android.notify.windows.com/iOS7#
|
unknown
|
||
|
https://activity.windows.com/UserActivity.ReadWrite.CreatedByApp
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.google.com
|
64.233.176.105
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
23.46.201.17
|
unknown
|
United States
|
||
|
192.168.2.17
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
64.233.176.105
|
www.google.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Acrobat\DC\Privileged
|
syncFolderSetupDone
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Synchronizer\DC\WebSocketNotifInfra
|
bisWSExpEnabled
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Adobe\Adobe Synchronizer\DC\Acrobat.com
|
tUniqueIdForEureka
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
20BC7367000
|
heap
|
page read and write
|
||
|
29AB7F6000
|
stack
|
page read and write
|
||
|
1AAA4D10000
|
heap
|
page read and write
|
||
|
175C9F20000
|
heap
|
page read and write
|
||
|
16D03450000
|
heap
|
page read and write
|
||
|
1A575ADC000
|
heap
|
page read and write
|
||
|
20BC7388000
|
heap
|
page read and write
|
||
|
176B7FE000
|
stack
|
page read and write
|
||
|
175C9DC8000
|
heap
|
page read and write
|
||
|
1A575ADF000
|
heap
|
page read and write
|
||
|
27EF39E000
|
stack
|
page read and write
|
||
|
22F6DD8E000
|
heap
|
page read and write
|
||
|
20561BB9000
|
heap
|
page read and write
|
||
|
1A573DC0000
|
heap
|
page read and write
|
||
|
22F6DCB0000
|
heap
|
page read and write
|
||
|
1A573C79000
|
heap
|
page read and write
|
||
|
16D03226000
|
heap
|
page read and write
|
||
|
22F6DD52000
|
heap
|
page read and write
|
||
|
20561B20000
|
heap
|
page read and write
|
||
|
22F6DD77000
|
heap
|
page read and write
|
||
|
20BC7345000
|
heap
|
page read and write
|
||
|
1A573F70000
|
heap
|
page read and write
|
||
|
22F6DCD7000
|
heap
|
page read and write
|
||
|
1ECA3FF000
|
stack
|
page read and write
|
||
|
16D03233000
|
heap
|
page read and write
|
||
|
20BC736F000
|
heap
|
page read and write
|
||
|
6D405FD000
|
stack
|
page read and write
|
||
|
29AB2FE000
|
stack
|
page read and write
|
||
|
22F6DD5A000
|
heap
|
page read and write
|
||
|
22F6DD55000
|
heap
|
page read and write
|
||
|
175CBB90000
|
heap
|
page read and write
|
||
|
1A575B39000
|
heap
|
page read and write
|
||
|
1A575B02000
|
heap
|
page read and write
|
||
|
1AAA4EE0000
|
heap
|
page read and write
|
||
|
20BC7332000
|
heap
|
page read and write
|
||
|
16D03254000
|
heap
|
page read and write
|
||
|
20BC7383000
|
heap
|
page read and write
|
||
|
20BC733A000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
16D0320C000
|
heap
|
page read and write
|
||
|
1A575A6C000
|
heap
|
page read and write
|
||
|
1ECA6FD000
|
stack
|
page read and write
|
||
|
175C9E40000
|
heap
|
page read and write
|
||
|
1A575AE1000
|
heap
|
page read and write
|
||
|
20BC7397000
|
heap
|
page read and write
|
||
|
1A575DE0000
|
heap
|
page read and write
|
||
|
16D03234000
|
heap
|
page read and write
|
||
|
20BC7398000
|
heap
|
page read and write
|
||
|
175C9DD8000
|
heap
|
page read and write
|
||
|
175C9E03000
|
heap
|
page read and write
|
||
|
16D03244000
|
heap
|
page read and write
|
||
|
16D031D6000
|
heap
|
page read and write
|
||
|
DB34CFD000
|
stack
|
page read and write
|
||
|
1A575B22000
|
heap
|
page read and write
|
||
|
1AAA4E30000
|
heap
|
page read and write
|
||
|
305E000
|
stack
|
page read and write
|
||
|
22F6DD63000
|
heap
|
page read and write
|
||
|
6D401FD000
|
stack
|
page read and write
|
||
|
6D40BFE000
|
stack
|
page read and write
|
||
|
15EE000
|
stack
|
page read and write
|
||
|
176B2FF000
|
stack
|
page read and write
|
||
|
22F6DD3F000
|
heap
|
page read and write
|
||
|
175C9D9D000
|
heap
|
page read and write
|
||
|
1ECA4FE000
|
stack
|
page read and write
|
||
|
20BC7342000
|
heap
|
page read and write
|
||
|
16D031C3000
|
heap
|
page read and write
|
||
|
16D03234000
|
heap
|
page read and write
|
||
|
1A575B01000
|
heap
|
page read and write
|
||
|
1A575A7F000
|
heap
|
page read and write
|
||
|
32FE000
|
stack
|
page read and write
|
||
|
175C9DBC000
|
heap
|
page read and write
|
||
|
20BC7362000
|
heap
|
page read and write
|
||
|
1A575B06000
|
heap
|
page read and write
|
||
|
22F6DD50000
|
heap
|
page read and write
|
||
|
20BC734F000
|
heap
|
page read and write
|
||
|
22F6DC90000
|
heap
|
page read and write
|
||
|
175C9E02000
|
heap
|
page read and write
|
||
|
16D0322C000
|
heap
|
page read and write
|
||
|
20561B30000
|
heap
|
page read and write
|
||
|
29AB4FA000
|
stack
|
page read and write
|
||
|
DB345FE000
|
stack
|
page read and write
|
||
|
16D031E7000
|
heap
|
page read and write
|
||
|
175CA120000
|
heap
|
page read and write
|
||
|
ECE52FE000
|
stack
|
page read and write
|
||
|
16D031C8000
|
heap
|
page read and write
|
||
|
16D031FF000
|
heap
|
page read and write
|
||
|
1A575B23000
|
heap
|
page read and write
|
||
|
16D03204000
|
heap
|
page read and write
|
||
|
175C9DCA000
|
heap
|
page read and write
|
||
|
1A573BD9000
|
heap
|
page read and write
|
||
|
1A573CE0000
|
heap
|
page read and write
|
||
|
16D03226000
|
heap
|
page read and write
|
||
|
1A575B0D000
|
heap
|
page read and write
|
||
|
1A575B02000
|
heap
|
page read and write
|
||
|
20BC7363000
|
heap
|
page read and write
|
||
|
1A575B01000
|
heap
|
page read and write
|
||
|
1AAA4E21000
|
heap
|
page read and write
|
||
|
20BC7240000
|
heap
|
page read and write
|
||
|
175C9D37000
|
heap
|
page read and write
|
||
|
16D031EE000
|
heap
|
page read and write
|
||
|
1A575B05000
|
heap
|
page read and write
|
||
|
20BC7324000
|
heap
|
page read and write
|
||
|
300B000
|
stack
|
page read and write
|
||
|
16D031E8000
|
heap
|
page read and write
|
||
|
22F6DD6F000
|
heap
|
page read and write
|
||
|
16D03330000
|
heap
|
page read and write
|
||
|
29AAFFE000
|
stack
|
page read and write
|
||
|
369D000
|
stack
|
page read and write
|
||
|
DB348FF000
|
stack
|
page read and write
|
||
|
6D407FF000
|
stack
|
page read and write
|
||
|
1A575C90000
|
heap
|
page read and write
|
||
|
32BF000
|
stack
|
page read and write
|
||
|
20BC734A000
|
heap
|
page read and write
|
||
|
1A575A8D000
|
heap
|
page read and write
|
||
|
1A575A88000
|
heap
|
page read and write
|
||
|
22F6DD50000
|
heap
|
page read and write
|
||
|
20BC733E000
|
heap
|
page read and write
|
||
|
14EE000
|
stack
|
page read and write
|
||
|
DB346FE000
|
stack
|
page read and write
|
||
|
20BC7333000
|
heap
|
page read and write
|
||
|
1A575A8C000
|
heap
|
page read and write
|
||
|
1A575B0D000
|
heap
|
page read and write
|
||
|
1A575ADC000
|
heap
|
page read and write
|
||
|
20BC7384000
|
heap
|
page read and write
|
||
|
29AB1FF000
|
stack
|
page read and write
|
||
|
1AAA6A50000
|
heap
|
page read and write
|
||
|
16D031CD000
|
heap
|
page read and write
|
||
|
1A575A65000
|
heap
|
page read and write
|
||
|
317F000
|
stack
|
page read and write
|
||
|
1A575B09000
|
heap
|
page read and write
|
||
|
22F6DD99000
|
heap
|
page read and write
|
||
|
22F6DD67000
|
heap
|
page read and write
|
||
|
DB34BFF000
|
stack
|
page read and write
|
||
|
20BC734B000
|
heap
|
page read and write
|
||
|
20BC732B000
|
heap
|
page read and write
|
||
|
22F6DD68000
|
heap
|
page read and write
|
||
|
33FD000
|
stack
|
page read and write
|
||
|
175C9F40000
|
heap
|
page read and write
|
||
|
176B6FD000
|
stack
|
page read and write
|
||
|
16D031F3000
|
heap
|
page read and write
|
||
|
20BC73A7000
|
heap
|
page read and write
|
||
|
1A575A60000
|
heap
|
page read and write
|
||
|
16D031DB000
|
heap
|
page read and write
|
||
|
16D031FF000
|
heap
|
page read and write
|
||
|
22F6DEE0000
|
heap
|
page read and write
|
||
|
ECE53FE000
|
stack
|
page read and write
|
||
|
175C9E02000
|
heap
|
page read and write
|
||
|
175C9DEC000
|
heap
|
page read and write
|
||
|
175C9DF7000
|
heap
|
page read and write
|
||
|
176B5FF000
|
stack
|
page read and write
|
||
|
22F6DD48000
|
heap
|
page read and write
|
||
|
20BC736D000
|
heap
|
page read and write
|
||
|
175C9DF2000
|
heap
|
page read and write
|
||
|
175C9DA9000
|
heap
|
page read and write
|
||
|
175C9DC5000
|
heap
|
page read and write
|
||
|
1A575A90000
|
heap
|
page read and write
|
||
|
1AAA4E3C000
|
heap
|
page read and write
|
||
|
345C000
|
stack
|
page read and write
|
||
|
16D031D0000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
1AAA6B50000
|
heap
|
page read and write
|
||
|
20561B50000
|
heap
|
page read and write
|
||
|
1EC9EF9000
|
stack
|
page read and write
|
||
|
175C9DB5000
|
heap
|
page read and write
|
||
|
175C9DCE000
|
heap
|
page read and write
|
||
|
6D3FCFE000
|
stack
|
page read and write
|
||
|
1A575AAD000
|
heap
|
page read and write
|
||
|
175C9DF2000
|
heap
|
page read and write
|
||
|
1A575AB9000
|
heap
|
page read and write
|
||
|
20BC7330000
|
heap
|
page read and write
|
||
|
1A575ABD000
|
heap
|
page read and write
|
||
|
22F6DCD0000
|
heap
|
page read and write
|
||
|
1290000
|
heap
|
page read and write
|
||
|
16D031DF000
|
heap
|
page read and write
|
||
|
6D40CFC000
|
stack
|
page read and write
|
||
|
27EF6FE000
|
stack
|
page read and write
|
||
|
6D3FFFE000
|
stack
|
page read and write
|
||
|
1A575AC3000
|
heap
|
page read and write
|
||
|
22F6DD57000
|
heap
|
page read and write
|
||
|
16D03254000
|
heap
|
page read and write
|
||
|
1A575AE1000
|
heap
|
page read and write
|
||
|
359D000
|
stack
|
page read and write
|
||
|
1A575A8E000
|
heap
|
page read and write
|
||
|
16D03235000
|
heap
|
page read and write
|
||
|
16D03160000
|
heap
|
page read and write
|
||
|
175C9DFF000
|
heap
|
page read and write
|
||
|
22F6DD4A000
|
heap
|
page read and write
|
||
|
6D40EFE000
|
stack
|
page read and write
|
||
|
115E000
|
heap
|
page read and write
|
||
|
1A575AEC000
|
heap
|
page read and write
|
||
|
22F6DEE5000
|
heap
|
page read and write
|
||
|
20BC7356000
|
heap
|
page read and write
|
||
|
2F0C000
|
stack
|
page read and write
|
||
|
ECE54FE000
|
stack
|
page read and write
|
||
|
16D03168000
|
heap
|
page read and write
|
||
|
6D404FF000
|
stack
|
page read and write
|
||
|
175C9DB8000
|
heap
|
page read and write
|
||
|
6D40AFF000
|
stack
|
page read and write
|
||
|
ECE50FE000
|
stack
|
page read and write
|
||
|
29AAEFE000
|
stack
|
page read and write
|
||
|
22F6DDA1000
|
heap
|
page read and write
|
||
|
DB34DFE000
|
stack
|
page read and write
|
||
|
1ECA0FE000
|
stack
|
page read and write
|
||
|
22F6DD49000
|
heap
|
page read and write
|
||
|
20BC7333000
|
heap
|
page read and write
|
||
|
1A573C26000
|
heap
|
page read and write
|
||
|
1AAA4C10000
|
heap
|
page read and write
|
||
|
20561E10000
|
heap
|
page read and write
|
||
|
1A575B22000
|
heap
|
page read and write
|
||
|
22F6DD64000
|
heap
|
page read and write
|
||
|
175C9DFE000
|
heap
|
page read and write
|
||
|
175C9DCE000
|
heap
|
page read and write
|
||
|
1A573DE0000
|
heap
|
page read and write
|
||
|
22F6FA50000
|
heap
|
page read and write
|
||
|
22F6DD5F000
|
heap
|
page read and write
|
||
|
DB34AFE000
|
stack
|
page read and write
|
||
|
1A575B1B000
|
heap
|
page read and write
|
||
|
6D3F7CC000
|
stack
|
page read and write
|
||
|
20BC7358000
|
heap
|
page read and write
|
||
|
ECE56FF000
|
stack
|
page read and write
|
||
|
20561E15000
|
heap
|
page read and write
|
||
|
ECE58FE000
|
stack
|
page read and write
|
||
|
20BC7353000
|
heap
|
page read and write
|
||
|
1A575B10000
|
heap
|
page read and write
|
||
|
20BC7339000
|
heap
|
page read and write
|
||
|
DB344F9000
|
stack
|
page read and write
|
||
|
16D03217000
|
heap
|
page read and write
|
||
|
22F6DD46000
|
heap
|
page read and write
|
||
|
115A000
|
heap
|
page read and write
|
||
|
1A575AB8000
|
heap
|
page read and write
|
||
|
20BC736A000
|
heap
|
page read and write
|
||
|
176B1FE000
|
stack
|
page read and write
|
||
|
DB347FE000
|
stack
|
page read and write
|
||
|
16D031F5000
|
heap
|
page read and write
|
||
|
1A575B0A000
|
heap
|
page read and write
|
||
|
1A575B01000
|
heap
|
page read and write
|
||
|
1AAA4EE5000
|
heap
|
page read and write
|
||
|
1A573EF0000
|
unkown
|
page read and write
|
||
|
14AE000
|
stack
|
page read and write
|
||
|
1A575B22000
|
heap
|
page read and write
|
||
|
20BC7360000
|
heap
|
page read and write
|
||
|
20BC7334000
|
heap
|
page read and write
|
||
|
20BC7396000
|
heap
|
page read and write
|
||
|
22F6DDA6000
|
heap
|
page read and write
|
||
|
20BC7580000
|
heap
|
page read and write
|
||
|
6D3FEFF000
|
stack
|
page read and write
|
||
|
1A575A8C000
|
heap
|
page read and write
|
||
|
1A575AEC000
|
heap
|
page read and write
|
||
|
13AE000
|
stack
|
page read and write
|
||
|
16D03219000
|
heap
|
page read and write
|
||
|
29AB6FE000
|
stack
|
page read and write
|
||
|
20561BB0000
|
heap
|
page read and write
|
||
|
20BC7356000
|
heap
|
page read and write
|
||
|
29AACF9000
|
stack
|
page read and write
|
||
|
1A575ABD000
|
heap
|
page read and write
|
||
|
16D031D8000
|
heap
|
page read and write
|
||
|
20BC7378000
|
heap
|
page read and write
|
||
|
1A575ADC000
|
heap
|
page read and write
|
||
|
6D3FAFE000
|
stack
|
page read and write
|
||
|
20BC7351000
|
heap
|
page read and write
|
||
|
20BC737C000
|
heap
|
page read and write
|
||
|
175C9DDC000
|
heap
|
page read and write
|
||
|
1A575DF1000
|
heap
|
page read and write
|
||
|
1A575A8D000
|
heap
|
page read and write
|
||
|
22F6DDA0000
|
heap
|
page read and write
|
||
|
6D406FE000
|
stack
|
page read and write
|
||
|
16D031FF000
|
heap
|
page read and write
|
||
|
22F6DD40000
|
heap
|
page read and write
|
||
|
16D031F9000
|
heap
|
page read and write
|
||
|
175C9DD3000
|
heap
|
page read and write
|
||
|
1A575B0C000
|
heap
|
page read and write
|
||
|
22F6DD5F000
|
heap
|
page read and write
|
||
|
20BC7342000
|
heap
|
page read and write
|
||
|
29AB0FF000
|
stack
|
page read and write
|
||
|
20BC7360000
|
heap
|
page read and write
|
||
|
6D408FE000
|
stack
|
page read and write
|
||
|
1AAA4D40000
|
heap
|
page read and write
|
||
|
16D0321F000
|
heap
|
page read and write
|
||
|
1A575AC5000
|
heap
|
page read and write
|
||
|
1AAA4DA7000
|
heap
|
page read and write
|
||
|
176AEF9000
|
stack
|
page read and write
|
||
|
175C9E06000
|
heap
|
page read and write
|
||
|
1EC9FFE000
|
stack
|
page read and write
|
||
|
22F6DDA3000
|
heap
|
page read and write
|
||
|
175C9DE0000
|
heap
|
page read and write
|
||
|
1A575B01000
|
heap
|
page read and write
|
||
|
175C9DAE000
|
heap
|
page read and write
|
||
|
1A575AE8000
|
heap
|
page read and write
|
||
|
176B4FE000
|
stack
|
page read and write
|
||
|
16D031DF000
|
heap
|
page read and write
|
||
|
175C9DBE000
|
heap
|
page read and write
|
||
|
ECE57FD000
|
stack
|
page read and write
|
||
|
20BC7585000
|
heap
|
page read and write
|
||
|
1AAA4D4C000
|
heap
|
page read and write
|
||
|
1A575ADB000
|
heap
|
page read and write
|
||
|
22F6DD53000
|
heap
|
page read and write
|
||
|
20BC7358000
|
heap
|
page read and write
|
||
|
20BC7358000
|
heap
|
page read and write
|
||
|
22F6DD99000
|
heap
|
page read and write
|
||
|
16D031ED000
|
heap
|
page read and write
|
||
|
16D031D9000
|
heap
|
page read and write
|
||
|
20BC7220000
|
heap
|
page read and write
|
||
|
1A573C92000
|
heap
|
page read and write
|
||
|
16D03226000
|
heap
|
page read and write
|
||
|
31BE000
|
stack
|
page read and write
|
||
|
1A575ADC000
|
heap
|
page read and write
|
||
|
1A575AC9000
|
heap
|
page read and write
|
||
|
176B0FE000
|
stack
|
page read and write
|
||
|
16D031FD000
|
heap
|
page read and write
|
||
|
1A575A99000
|
heap
|
page read and write
|
||
|
16D03455000
|
heap
|
page read and write
|
||
|
1AAA4CF0000
|
heap
|
page read and write
|
||
|
1A573BD0000
|
heap
|
page read and write
|
||
|
20BC733A000
|
heap
|
page read and write
|
||
|
22F6DD41000
|
heap
|
page read and write
|
||
|
16D03350000
|
heap
|
page read and write
|
||
|
175C9DA3000
|
heap
|
page read and write
|
||
|
6D3F7DB000
|
stack
|
page read and write
|
||
|
1ECA2FF000
|
stack
|
page read and write
|
||
|
22F6DD6D000
|
heap
|
page read and write
|
||
|
1A573F75000
|
heap
|
page read and write
|
||
|
175C9DB1000
|
heap
|
page read and write
|
||
|
16D0321C000
|
heap
|
page read and write
|
||
|
16D03206000
|
heap
|
page read and write
|
||
|
172E000
|
stack
|
page read and write
|
||
|
3075000
|
heap
|
page read and write
|
||
|
175C9D99000
|
heap
|
page read and write
|
||
|
16D031D3000
|
heap
|
page read and write
|
||
|
16D03234000
|
heap
|
page read and write
|
||
|
20BC72C0000
|
heap
|
page read and write
|
||
|
1A575B0A000
|
heap
|
page read and write
|
||
|
175C9DE5000
|
heap
|
page read and write
|
||
|
22F6DD5A000
|
heap
|
page read and write
|
||
|
1A575AE8000
|
heap
|
page read and write
|
||
|
1A575AC9000
|
heap
|
page read and write
|
||
|
16D03210000
|
heap
|
page read and write
|
||
|
22F6DD81000
|
heap
|
page read and write
|
||
|
1A575B1C000
|
heap
|
page read and write
|
||
|
162D000
|
stack
|
page read and write
|
||
|
22F6DD40000
|
heap
|
page read and write
|
||
|
20BC738A000
|
heap
|
page read and write
|
||
|
6D40CED000
|
stack
|
page read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
1A573C39000
|
heap
|
page read and write
|
||
|
20BC7210000
|
heap
|
page read and write
|
||
|
1A573CC3000
|
heap
|
page read and write
|
||
|
1A573C16000
|
heap
|
page read and write
|
||
|
10FD000
|
stack
|
page read and write
|
||
|
175C9DC1000
|
heap
|
page read and write
|
||
|
22F6DD5B000
|
heap
|
page read and write
|
||
|
22F6DD37000
|
heap
|
page read and write
|
||
|
6D40DFD000
|
stack
|
page read and write
|
||
|
6D402FE000
|
stack
|
page read and write
|
||
|
20BC7373000
|
heap
|
page read and write
|
||
|
20BC7360000
|
heap
|
page read and write
|
||
|
27EF31C000
|
stack
|
page read and write
|
||
|
176AFFE000
|
stack
|
page read and write
|
||
|
16D031F7000
|
heap
|
page read and write
|
||
|
1A575B46000
|
heap
|
page read and write
|
||
|
29AB5FE000
|
stack
|
page read and write
|
||
|
1A575B09000
|
heap
|
page read and write
|
||
|
6D403FE000
|
stack
|
page read and write
|
||
|
1AAA4D46000
|
heap
|
page read and write
|
||
|
16D03223000
|
heap
|
page read and write
|
||
|
ECE51FE000
|
stack
|
page read and write
|
||
|
20BC737F000
|
heap
|
page read and write
|
||
|
176B3FE000
|
stack
|
page read and write
|
||
|
20BC735C000
|
heap
|
page read and write
|
||
|
20BC738A000
|
heap
|
page read and write
|
||
|
DDC000
|
stack
|
page read and write
|
||
|
1A575A71000
|
heap
|
page read and write
|
||
|
1A575AE1000
|
heap
|
page read and write
|
||
|
1A575AE1000
|
heap
|
page read and write
|
||
|
22F6DC80000
|
heap
|
page read and write
|
||
|
20BC7350000
|
heap
|
page read and write
|
||
|
175C9DAE000
|
heap
|
page read and write
|
||
|
355C000
|
stack
|
page read and write
|
||
|
20BC7362000
|
heap
|
page read and write
|
||
|
175C9DD3000
|
heap
|
page read and write
|
||
|
1ECA7FE000
|
stack
|
page read and write
|
||
|
175C9DB4000
|
heap
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
1A575B0A000
|
heap
|
page read and write
|
||
|
22F6DD89000
|
heap
|
page read and write
|
||
|
175C9DD8000
|
heap
|
page read and write
|
||
|
1A575AE8000
|
heap
|
page read and write
|
||
|
20BC735A000
|
heap
|
page read and write
|
||
|
16D031EB000
|
heap
|
page read and write
|
||
|
29AB8FD000
|
stack
|
page read and write
|
||
|
16D031FD000
|
heap
|
page read and write
|
||
|
1ECA1FE000
|
stack
|
page read and write
|
||
|
6D40DED000
|
stack
|
page read and write
|
||
|
6D3FBFE000
|
stack
|
page read and write
|
||
|
175CA125000
|
heap
|
page read and write
|
||
|
6D400FE000
|
stack
|
page read and write
|
||
|
6D409FE000
|
stack
|
page read and write
|
||
|
DB349FE000
|
stack
|
page read and write
|
||
|
20BC7387000
|
heap
|
page read and write
|
||
|
175C9D84000
|
heap
|
page read and write
|
||
|
16D031F5000
|
heap
|
page read and write
|
||
|
1A575B0E000
|
heap
|
page read and write
|
||
|
1A575AB5000
|
heap
|
page read and write
|
||
|
175C9D82000
|
heap
|
page read and write
|
||
|
16D03254000
|
heap
|
page read and write
|
||
|
175C9DE9000
|
heap
|
page read and write
|
||
|
16D031E2000
|
heap
|
page read and write
|
||
|
22F6DD3C000
|
heap
|
page read and write
|
||
|
6D3FDFF000
|
stack
|
page read and write
|
||
|
1A575B0D000
|
heap
|
page read and write
|
||
|
16D031F3000
|
heap
|
page read and write
|
||
|
175C9D30000
|
heap
|
page read and write
|
||
|
175C9DA1000
|
heap
|
page read and write
|
||
|
175C9DB4000
|
heap
|
page read and write
|
||
|
6D40FFF000
|
stack
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
16D03204000
|
heap
|
page read and write
|
||
|
20BC736F000
|
heap
|
page read and write
|
||
|
1A575B22000
|
heap
|
page read and write
|
||
|
16D031F5000
|
heap
|
page read and write
|
||
|
27EF67F000
|
stack
|
page read and write
|
||
|
1A575B20000
|
heap
|
page read and write
|
||
|
20563760000
|
heap
|
page read and write
|
||
|
29AB3FF000
|
stack
|
page read and write
|
||
|
ECE55FE000
|
stack
|
page read and write
|
||
|
1ECA5FF000
|
stack
|
page read and write
|
||
|
22F6DD74000
|
heap
|
page read and write
|
||
|
16D031F0000
|
heap
|
page read and write
|
||
|
20BC736F000
|
heap
|
page read and write
|
||
|
ECE4D59000
|
stack
|
page read and write
|
||
|
16D03150000
|
heap
|
page read and write
|
||
|
29AADFE000
|
stack
|
page read and write
|
There are 421 hidden memdumps, click here to show them.