Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
ndp48-web.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\5478d9557b6298dc63ac5974e1\1025\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (433), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1025\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1025\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1028\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1028\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1028\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1029\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (447), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1029\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1029\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1030\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (418), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1030\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1030\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1031\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (509), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1031\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1031\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1032\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (565), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1032\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1032\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1033\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (412), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1033\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1033\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1035\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (450), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1035\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1035\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1036\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (466), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1036\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1036\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1037\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (368), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1037\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1037\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1038\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (490), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1038\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1038\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1040\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (465), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1040\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1040\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1041\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (323), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1041\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1041\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1042\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (336), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1042\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1042\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1043\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (465), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1043\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1043\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1044\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (402), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1044\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1044\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1045\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (469), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1045\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1045\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1046\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (426), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1046\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1046\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1049\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (463), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1049\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1049\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1053\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (433), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1053\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1053\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1055\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (452), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1055\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\1055\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\2052\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\2052\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\2052\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\2070\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (445), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\2070\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\2070\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\3082\LocalizedData.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (436), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\3082\SetupResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\3082\eula.rtf
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 1033
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\DHtmlHeader.html
|
HTML document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\DisplayIcon.ico
|
MS Windows icon resource - 13 icons, 16x16, 16 colors, 4 bits/pixel, 16x16, 8 bits/pixel
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\Graphics\Print.ico
|
MS Windows icon resource - 19 icons, 256x256, 16 colors with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced,
4 bits/pixel, 48x48, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\Graphics\Rotate1.ico
|
MS Windows icon resource - 19 icons, 256x256, 16 colors with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced,
4 bits/pixel, 48x48, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\Graphics\Rotate10.ico
|
MS Windows icon resource - 19 icons, 256x256, 16 colors with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced,
4 bits/pixel, 48x48, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\Graphics\Rotate2.ico
|
MS Windows icon resource - 19 icons, 256x256, 16 colors with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced,
4 bits/pixel, 48x48, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\Graphics\Rotate3.ico
|
MS Windows icon resource - 19 icons, 256x256, 16 colors with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced,
4 bits/pixel, 48x48, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\Graphics\Rotate4.ico
|
MS Windows icon resource - 19 icons, 256x256, 16 colors with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced,
4 bits/pixel, 48x48, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\Graphics\Rotate5.ico
|
MS Windows icon resource - 19 icons, 256x256, 16 colors with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced,
4 bits/pixel, 48x48, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\Graphics\Rotate6.ico
|
MS Windows icon resource - 19 icons, 256x256, 16 colors with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced,
4 bits/pixel, 48x48, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\Graphics\Rotate7.ico
|
MS Windows icon resource - 19 icons, 256x256, 16 colors with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced,
4 bits/pixel, 48x48, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\Graphics\Rotate8.ico
|
MS Windows icon resource - 19 icons, 256x256, 16 colors with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced,
4 bits/pixel, 48x48, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\Graphics\Rotate9.ico
|
MS Windows icon resource - 19 icons, 256x256, 16 colors with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced,
4 bits/pixel, 48x48, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\Graphics\Save.ico
|
MS Windows icon resource - 19 icons, 256x256, 16 colors with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced,
4 bits/pixel, 48x48, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\Graphics\Setup.ico
|
MS Windows icon resource - 19 icons, 256x256, 16 colors with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced,
4 bits/pixel, 48x48, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\Graphics\SysReqMet.ico
|
MS Windows icon resource - 19 icons, 256x256, 16 colors with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced,
4 bits/pixel, 48x48, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\Graphics\SysReqNotMet.ico
|
MS Windows icon resource - 19 icons, 256x256, 16 colors with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced,
4 bits/pixel, 48x48, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\Graphics\stop.ico
|
MS Windows icon resource - 36 icons, 256x256, 16 colors with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced,
4 bits/pixel, -128x-128, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\Graphics\warn.ico
|
MS Windows icon resource - 36 icons, 256x256, 16 colors with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced,
4 bits/pixel, -128x-128, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\ParameterInfo.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (614), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\Setup.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\SetupEngine.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\SetupUi.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\SetupUi.xsd
|
XML 1.0 document, ASCII text, with very long lines (335), with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\SetupUtility.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\SplashScreen.bmp
|
PC bitmap, Windows 3.x format, 200 x 200 x 24, image size 120002, resolution 11808 x 11808 px/m, cbSize 120056, bits offset
54
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\Strings.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\UiInfo.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\header.bmp
|
PC bitmap, Windows 3.x format, 49 x 49 x 32, image size 9606, resolution 11808 x 11808 px/m, cbSize 9660, bits offset 54
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\sqmapi.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\5478d9557b6298dc63ac5974e1\watermark.bmp
|
PC bitmap, Windows 3.x format, 164 x 628 x 8, image size 102994, resolution 3779 x 3779 px/m, cbSize 104072, bits offset 1078
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\FontCache\4\Catalog\ListAll.Json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\FontCache\4\PreviewFont\flat_officeFontsPreview_4_39.ttf
|
TrueType Font data, 10 tables, 1st "OS/2", 7 names, Microsoft, language 0x409, \251 2018 Microsoft Corporation. All Rights
Reserved.msofp_4_39RegularVersion 4.39;O365
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\089d66ba04a8cec4bdc5267f42f39cf84278bb67.tbres
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\56a61aeb75d8f5be186c26607f4bb213abe7c5ec.tbres
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Word\~WRS{2A6588E0-AFBF-4908-A1BC-871D735D026A}.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Word\~WRS{C03101DC-DE7C-4BC5-B6EA-ADD2937839D3}.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Word\~WRS{ED74DD25-E671-4FF2-8D67-F75C794FE621}.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\BlockersInfo1.rtf (copy)
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 2057
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\BlockersInfo2.rtf (copy)
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 2057
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Diagnostics\WINWORD\App1714047998000409300_DEFC2796-1969-4D82-9A6E-BDF1716E8B05.log
|
ASCII text, with very long lines (1338), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Diagnostics\WINWORD\App1714048002251334800_2456171E-DE2C-4FFA-9FE1-A08ACD6ABD24.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Diagnostics\WINWORD\App1714048002251967100_2456171E-DE2C-4FFA-9FE1-A08ACD6ABD24.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\HFI6F15.tmp.html
|
HTML document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Microsoft .NET Framework 4.8 Setup_20240425_142634789.html
|
HTML document, Unicode text, UTF-16, little-endian text, with very long lines (389), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Setup_20240425_142630461.html
|
HTML document, Unicode text, UTF-16, little-endian text, with very long lines (389), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\TFR854F.tmp
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 2057
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\TFR9B98.tmp
|
Rich Text Format data, version 1, ANSI, code page 1252, default language ID 2057
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\dd_ndp48-web_decompression_log.txt
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~$ockersInfo1.rtf
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~$ockersInfo2.rtf
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Office\MSO3072.acl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Templates.LNK
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Directory, ctime=Thu Apr 25 11:26:37
2024, mtime=Thu Apr 25 11:26:40 2024, atime=Thu Apr 25 11:26:40 2024, length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Templates\Normal.dotm (copy)
|
Microsoft Word 2007+
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Templates\~WRD0000.tmp
|
Microsoft Word 2007+
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\D3HZ3LTKKPLIUW81BSEJ.temp
|
data
|
modified
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\fb3b0dbfee58fac8.customDestinations-ms (copy)
|
data
|
dropped
|
There are 123 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\ndp48-web.exe
|
"C:\Users\user\Desktop\ndp48-web.exe"
|
||
|
C:\5478d9557b6298dc63ac5974e1\Setup.exe
|
C:\5478d9557b6298dc63ac5974e1\\Setup.exe /x86 /x64 /web
|
||
|
C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
|
"C:\Program Files (x86)\Microsoft Office\Root\Office16\WINWORD.EXE" /i "C:\Users\user\AppData\Local\Temp\BlockersInfo1.rtf"
|
||
|
C:\Windows\splwow64.exe
|
C:\Windows\splwow64.exe 12288
|
||
|
C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
|
"C:\Program Files (x86)\Microsoft Office\Root\Office16\WINWORD.EXE" /i "C:\Users\user\AppData\Local\Temp\BlockersInfo2.rtf"
|
||
|
C:\Windows\splwow64.exe
|
C:\Windows\splwow64.exe 12288
|
||
|
C:\Windows\splwow64.exe
|
C:\Windows\splwow64.exe 12288
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://go.mic
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\VSSetup
|
EventMessageFile
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\VSSetup
|
TypesSupported
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\Office16\WINWORD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\Office16\WINWORD.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\ClientTelemetry\Sampling
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Resiliency\StartupItems
|
y&
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Wizards
|
PageSize
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\MailSettings
|
Template
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Options
|
AutoRecoverySaveIntervalMetadata
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Experiment\word
|
Language
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Experiment\word
|
EcsRequestPending
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Experiment\word
|
SubscriptionCustomerLicenseInfo
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Options
|
FirstRun
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Options
|
ACUpdated
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Options
|
DefaultKerningLigatures
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\WEF
|
Word_RequireForceRefreshAtBoot
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Resiliency\StartupItems
|
/*
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ReviewCycle
|
ReviewToken
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\file mru
|
FOLDERID_Desktop
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\file mru
|
FOLDERID_Documents
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Place MRU
|
FOLDERID_Desktop
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Place MRU
|
FOLDERID_Documents
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Resiliency\DocumentRecovery\2A37A
|
2A37A
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Data
|
Toolbars
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Toolbars\Settings
|
Microsoft Word
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Word\Text
Converters\Import
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Word\Text
Converters\Import
|
Name
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Word\Text
Converters\Import
|
Path
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Word\Text
Converters\Import
|
Extensions
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Shared Tools\Panose
|
Calibri
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Shared Tools\Panose
|
Times New Roman
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Shared Tools\Panose
|
Calibri Light
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Shared Tools\Panose
|
Wingdings
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Data
|
Settings
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Options
|
VisiForceField
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Options
|
IgnoreFilenamesEmailAliases
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Options
|
AutoSpell
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Options
|
NoContextSpell
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Options
|
InsPic
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Options
|
SoundFeedback
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Options
|
BkgrndPag
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Options
|
ATUserAdded
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Options
|
AccentOnUpper
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Options
|
AppWindowPos
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Options
|
AppWindowPosKey
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Signals\Stats\Anonymous\Microsoft.Word.Document
|
ClicksData
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Roaming
|
RoamingLastSyncTimeWord
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Roaming
|
RoamingLastWriteTimeWord
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Security\FileBlock
|
FileTypeBlockList
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Security\FileBlock
|
OoxmlConverterBlockList
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\IdentityCRL\ClockData
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\IdentityCRL\ClockData
|
TickCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018C00DBB1CF46F
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
|
en-CH
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
|
en-GB
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
|
en-CH
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
|
en-GB
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Internet
|
msoridShouldUseReauthRequestProxy
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common
|
SessionId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--syslcid=8192&build=16.0.16827&crev=3\0
|
FilePath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--syslcid=8192&build=16.0.16827&crev=3\0
|
StartDate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--syslcid=8192&build=16.0.16827&crev=3\0
|
EndDate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs
|
LicenseCategoryInfo
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs
|
LicenseSKUInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Word\Text
Converters\Import
|
Name
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Word\Text
Converters\Import
|
Path
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Word\Text
Converters\Import
|
Extensions
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Word\Text
Converters\Import
|
Name
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Word\Text
Converters\Import
|
Path
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Word\Text
Converters\Import
|
Extensions
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Roaming
|
RoamingConfigurableSettings
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Roaming
|
RoamingConfigurableSettings
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Internet\WebServiceCache
|
LastClean
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{2B379600-B42B-4FE9-A59C-A312FB934935}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{2B379600-B42B-4FE9-A59C-A312FB934935}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\7652
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\splwow64.exe
|
JScriptSetScriptStateStarted
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\3484
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Resiliency\StartupItems
|
nc9
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Resiliency\StartupItems
|
qe9
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Resiliency\StartupItems
|
'g9
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Resiliency\DocumentRecovery\2B482
|
2B482
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Experiment\word
|
BuildNumber
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word
|
Expires
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
ChunkCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.2
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.3
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.4
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.5
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.6
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.7
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.9
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.10
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.11
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.13
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.14
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.15
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.16
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.17
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.18
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.19
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.20
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.21
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.22
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.23
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.24
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.25
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.26
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.27
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
1.28
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
VersionId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word
|
ETag
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word
|
DeferredConfigs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word
|
ConfigIds
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedPidlMRU
|
MRUListEx
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\ClientTelemetry\Volatile
|
MsaDevice
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Security\Trusted Documents
|
LastPurgeTime
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\ClientTelemetry\Sampling
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
|
en-CH
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
|
en-GB
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
|
en-CH
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
|
en-GB
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\3484
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\3484
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\3484
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=8192&uilcid=1033&build=16.0.16827&crev=3\0
|
FilePath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=8192&uilcid=1033&build=16.0.16827&crev=3\0
|
StartDate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=8192&uilcid=1033&build=16.0.16827&crev=3\0
|
EndDate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
ChunkCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
ChunkCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
ChunkCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
ChunkCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
ChunkCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
ChunkCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
ChunkCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
ChunkCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
ChunkCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
ChunkCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
ChunkCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
ChunkCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
ChunkCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
ChunkCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word\ConfigContextData
|
ChunkCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\word
|
Expires
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\3484
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\WINWORD\3484
|
0
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU
|
MRUListEx
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\3
|
MRUListEx
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\splwow64.exe
|
JScriptSetScriptStateStarted
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\splwow64.exe
|
JScriptSetScriptStateStarted
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\splwow64.exe
|
JScriptSetScriptStateStarted
|
There are 170 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
CC2000
|
heap
|
page read and write
|
||
|
765F000
|
trusted library allocation
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
6C67D000
|
unkown
|
page readonly
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
581000
|
heap
|
page read and write
|
||
|
45D6000
|
heap
|
page read and write
|
||
|
6C3C000
|
heap
|
page read and write
|
||
|
7678000
|
trusted library allocation
|
page read and write
|
||
|
D1F000
|
heap
|
page read and write
|
||
|
75D7000
|
trusted library allocation
|
page read and write
|
||
|
6CA4000
|
heap
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
7655000
|
trusted library allocation
|
page read and write
|
||
|
75CB000
|
trusted library allocation
|
page read and write
|
||
|
71B0000
|
trusted library allocation
|
page read and write
|
||
|
5AA000
|
heap
|
page read and write
|
||
|
7615000
|
trusted library allocation
|
page read and write
|
||
|
780A000
|
trusted library allocation
|
page read and write
|
||
|
780F000
|
trusted library allocation
|
page read and write
|
||
|
7E5000
|
heap
|
page read and write
|
||
|
7644000
|
trusted library allocation
|
page read and write
|
||
|
75D1000
|
trusted library allocation
|
page read and write
|
||
|
75D4000
|
trusted library allocation
|
page read and write
|
||
|
75EB000
|
trusted library allocation
|
page read and write
|
||
|
75CB000
|
trusted library allocation
|
page read and write
|
||
|
6A06000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
75C7000
|
trusted library allocation
|
page read and write
|
||
|
75CD000
|
trusted library allocation
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
5F42000
|
heap
|
page read and write
|
||
|
7230000
|
heap
|
page read and write
|
||
|
75D7000
|
trusted library allocation
|
page read and write
|
||
|
75C8000
|
trusted library allocation
|
page read and write
|
||
|
75CD000
|
trusted library allocation
|
page read and write
|
||
|
6CA1000
|
heap
|
page read and write
|
||
|
75C9000
|
trusted library allocation
|
page read and write
|
||
|
75CF000
|
trusted library allocation
|
page read and write
|
||
|
762A000
|
trusted library allocation
|
page read and write
|
||
|
81C3000
|
heap
|
page read and write
|
||
|
7614000
|
trusted library allocation
|
page read and write
|
||
|
75CF000
|
trusted library allocation
|
page read and write
|
||
|
7666000
|
trusted library allocation
|
page read and write
|
||
|
6C91000
|
heap
|
page read and write
|
||
|
474000
|
heap
|
page read and write
|
||
|
75C9000
|
trusted library allocation
|
page read and write
|
||
|
7625000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
771B000
|
trusted library allocation
|
page read and write
|
||
|
6C6F000
|
heap
|
page read and write
|
||
|
8480000
|
heap
|
page read and write
|
||
|
7665000
|
trusted library allocation
|
page read and write
|
||
|
75CD000
|
trusted library allocation
|
page read and write
|
||
|
6A09000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
6C98000
|
heap
|
page read and write
|
||
|
75D2000
|
trusted library allocation
|
page read and write
|
||
|
763A000
|
trusted library allocation
|
page read and write
|
||
|
6E324000
|
unkown
|
page readonly
|
||
|
75EE000
|
trusted library allocation
|
page read and write
|
||
|
6CAA000
|
heap
|
page read and write
|
||
|
760E000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
2850000
|
heap
|
page read and write
|
||
|
75D2000
|
trusted library allocation
|
page read and write
|
||
|
7644000
|
trusted library allocation
|
page read and write
|
||
|
EE0000
|
unkown
|
page readonly
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
762C000
|
trusted library allocation
|
page read and write
|
||
|
7604000
|
trusted library allocation
|
page read and write
|
||
|
7605000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
75CC000
|
trusted library allocation
|
page read and write
|
||
|
75D3000
|
trusted library allocation
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
7663000
|
trusted library allocation
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
DC0000
|
trusted library allocation
|
page read and write
|
||
|
591000
|
heap
|
page read and write
|
||
|
6CAB2000
|
unkown
|
page read and write
|
||
|
5F09000
|
heap
|
page read and write
|
||
|
75D4000
|
trusted library allocation
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
75FF000
|
trusted library allocation
|
page read and write
|
||
|
75F2000
|
trusted library allocation
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
7601000
|
trusted library allocation
|
page read and write
|
||
|
75C7000
|
trusted library allocation
|
page read and write
|
||
|
75D2000
|
trusted library allocation
|
page read and write
|
||
|
2970000
|
heap
|
page read and write
|
||
|
410000
|
heap
|
page readonly
|
||
|
75D2000
|
trusted library allocation
|
page read and write
|
||
|
763E000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
75CC000
|
trusted library allocation
|
page read and write
|
||
|
7619000
|
trusted library allocation
|
page read and write
|
||
|
5BF000
|
heap
|
page read and write
|
||
|
DC0000
|
trusted library allocation
|
page read and write
|
||
|
75D1000
|
trusted library allocation
|
page read and write
|
||
|
75D4000
|
trusted library allocation
|
page read and write
|
||
|
762B000
|
trusted library allocation
|
page read and write
|
||
|
5D9000
|
heap
|
page read and write
|
||
|
7653000
|
trusted library allocation
|
page read and write
|
||
|
7626000
|
trusted library allocation
|
page read and write
|
||
|
5B3000
|
heap
|
page read and write
|
||
|
75F5000
|
trusted library allocation
|
page read and write
|
||
|
75D2000
|
trusted library allocation
|
page read and write
|
||
|
7241000
|
heap
|
page read and write
|
||
|
7643000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
5CE000
|
heap
|
page read and write
|
||
|
7807000
|
trusted library allocation
|
page read and write
|
||
|
6C91000
|
heap
|
page read and write
|
||
|
5B7000
|
heap
|
page read and write
|
||
|
7803000
|
trusted library allocation
|
page read and write
|
||
|
764C000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
75E1000
|
trusted library allocation
|
page read and write
|
||
|
BBF000
|
stack
|
page read and write
|
||
|
7610000
|
trusted library allocation
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
760E000
|
trusted library allocation
|
page read and write
|
||
|
75D6000
|
trusted library allocation
|
page read and write
|
||
|
763E000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
474000
|
heap
|
page read and write
|
||
|
769F000
|
trusted library allocation
|
page read and write
|
||
|
6A0B000
|
trusted library allocation
|
page read and write
|
||
|
75E8000
|
trusted library allocation
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
75D7000
|
trusted library allocation
|
page read and write
|
||
|
8607000
|
heap
|
page read and write
|
||
|
75D4000
|
trusted library allocation
|
page read and write
|
||
|
75D1000
|
trusted library allocation
|
page read and write
|
||
|
6A0A000
|
trusted library allocation
|
page read and write
|
||
|
7809000
|
trusted library allocation
|
page read and write
|
||
|
75D4000
|
trusted library allocation
|
page read and write
|
||
|
75E6000
|
trusted library allocation
|
page read and write
|
||
|
6C8A000
|
heap
|
page read and write
|
||
|
75D7000
|
trusted library allocation
|
page read and write
|
||
|
75ED000
|
trusted library allocation
|
page read and write
|
||
|
761F000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
7630000
|
trusted library allocation
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
75F4000
|
trusted library allocation
|
page read and write
|
||
|
75F1000
|
trusted library allocation
|
page read and write
|
||
|
766E000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
75D2000
|
trusted library allocation
|
page read and write
|
||
|
768B000
|
trusted library allocation
|
page read and write
|
||
|
6CA3000
|
heap
|
page read and write
|
||
|
6C37000
|
heap
|
page read and write
|
||
|
75CF000
|
trusted library allocation
|
page read and write
|
||
|
75C9000
|
trusted library allocation
|
page read and write
|
||
|
75CB000
|
trusted library allocation
|
page read and write
|
||
|
464000
|
heap
|
page read and write
|
||
|
597000
|
heap
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
5B7000
|
heap
|
page read and write
|
||
|
75CC000
|
trusted library allocation
|
page read and write
|
||
|
9E02000
|
heap
|
page read and write
|
||
|
D1F000
|
heap
|
page read and write
|
||
|
7658000
|
trusted library allocation
|
page read and write
|
||
|
7618000
|
trusted library allocation
|
page read and write
|
||
|
780B000
|
trusted library allocation
|
page read and write
|
||
|
7657000
|
trusted library allocation
|
page read and write
|
||
|
75CB000
|
trusted library allocation
|
page read and write
|
||
|
C6D000
|
heap
|
page read and write
|
||
|
6C47000
|
heap
|
page read and write
|
||
|
761E000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
75CC000
|
trusted library allocation
|
page read and write
|
||
|
75D6000
|
trusted library allocation
|
page read and write
|
||
|
75C8000
|
trusted library allocation
|
page read and write
|
||
|
75D8000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
75E9000
|
trusted library allocation
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
5AA000
|
heap
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
76A3000
|
trusted library allocation
|
page read and write
|
||
|
75C6000
|
trusted library allocation
|
page read and write
|
||
|
7600000
|
trusted library allocation
|
page read and write
|
||
|
75D4000
|
trusted library allocation
|
page read and write
|
||
|
D0000
|
unkown
|
page readonly
|
||
|
75D2000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
6F60000
|
heap
|
page read and write
|
||
|
765C000
|
trusted library allocation
|
page read and write
|
||
|
76A6000
|
trusted library allocation
|
page read and write
|
||
|
7611000
|
trusted library allocation
|
page read and write
|
||
|
6C79000
|
heap
|
page read and write
|
||
|
7607000
|
trusted library allocation
|
page read and write
|
||
|
75CD000
|
trusted library allocation
|
page read and write
|
||
|
75CA000
|
trusted library allocation
|
page read and write
|
||
|
5B7000
|
heap
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
780A000
|
trusted library allocation
|
page read and write
|
||
|
761D000
|
trusted library allocation
|
page read and write
|
||
|
75C7000
|
trusted library allocation
|
page read and write
|
||
|
5BA000
|
heap
|
page read and write
|
||
|
7402000
|
heap
|
page read and write
|
||
|
75CB000
|
trusted library allocation
|
page read and write
|
||
|
75F6000
|
trusted library allocation
|
page read and write
|
||
|
75EC000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
75C5000
|
trusted library allocation
|
page read and write
|
||
|
C95000
|
heap
|
page read and write
|
||
|
76B7000
|
trusted library allocation
|
page read and write
|
||
|
7669000
|
trusted library allocation
|
page read and write
|
||
|
60EA000
|
heap
|
page read and write
|
||
|
569000
|
heap
|
page read and write
|
||
|
75F9000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
75D8000
|
trusted library allocation
|
page read and write
|
||
|
6C4F000
|
heap
|
page read and write
|
||
|
75D6000
|
trusted library allocation
|
page read and write
|
||
|
6C4C000
|
heap
|
page read and write
|
||
|
7660000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
75F1000
|
trusted library allocation
|
page read and write
|
||
|
75C7000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
75CF000
|
trusted library allocation
|
page read and write
|
||
|
75D1000
|
trusted library allocation
|
page read and write
|
||
|
75CA000
|
trusted library allocation
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
75CC000
|
trusted library allocation
|
page read and write
|
||
|
76A8000
|
trusted library allocation
|
page read and write
|
||
|
75E5000
|
trusted library allocation
|
page read and write
|
||
|
6C5E000
|
heap
|
page read and write
|
||
|
75CC000
|
trusted library allocation
|
page read and write
|
||
|
6E10000
|
trusted library allocation
|
page read and write
|
||
|
7607000
|
trusted library allocation
|
page read and write
|
||
|
6C39000
|
heap
|
page read and write
|
||
|
75CF000
|
trusted library allocation
|
page read and write
|
||
|
5CA000
|
heap
|
page read and write
|
||
|
DE0000
|
trusted library allocation
|
page read and write
|
||
|
75CA000
|
trusted library allocation
|
page read and write
|
||
|
75C9000
|
trusted library allocation
|
page read and write
|
||
|
5AF000
|
heap
|
page read and write
|
||
|
7628000
|
trusted library allocation
|
page read and write
|
||
|
7349000
|
heap
|
page read and write
|
||
|
7603000
|
trusted library allocation
|
page read and write
|
||
|
6CB85000
|
unkown
|
page read and write
|
||
|
6F10000
|
trusted library allocation
|
page read and write
|
||
|
6C630000
|
unkown
|
page readonly
|
||
|
7666000
|
trusted library allocation
|
page read and write
|
||
|
6C35000
|
heap
|
page read and write
|
||
|
75CE000
|
trusted library allocation
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
7240000
|
heap
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
6A0F000
|
trusted library allocation
|
page read and write
|
||
|
768C000
|
trusted library allocation
|
page read and write
|
||
|
766D000
|
trusted library allocation
|
page read and write
|
||
|
7668000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
6C2D000
|
heap
|
page read and write
|
||
|
7807000
|
trusted library allocation
|
page read and write
|
||
|
75CF000
|
trusted library allocation
|
page read and write
|
||
|
75CC000
|
trusted library allocation
|
page read and write
|
||
|
75E9000
|
trusted library allocation
|
page read and write
|
||
|
698A000
|
heap
|
page read and write
|
||
|
7648000
|
trusted library allocation
|
page read and write
|
||
|
6986000
|
heap
|
page read and write
|
||
|
6EF0000
|
trusted library allocation
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
2857000
|
heap
|
page read and write
|
||
|
75D7000
|
trusted library allocation
|
page read and write
|
||
|
75D8000
|
trusted library allocation
|
page read and write
|
||
|
6C32000
|
heap
|
page read and write
|
||
|
6C9B000
|
heap
|
page read and write
|
||
|
780B000
|
trusted library allocation
|
page read and write
|
||
|
75C5000
|
trusted library allocation
|
page read and write
|
||
|
7040000
|
trusted library allocation
|
page read and write
|
||
|
6C91000
|
heap
|
page read and write
|
||
|
591000
|
heap
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
5A7000
|
heap
|
page read and write
|
||
|
75D3000
|
trusted library allocation
|
page read and write
|
||
|
75FD000
|
trusted library allocation
|
page read and write
|
||
|
7241000
|
heap
|
page read and write
|
||
|
726C000
|
heap
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
2A34000
|
heap
|
page read and write
|
||
|
6CAC1000
|
unkown
|
page execute read
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
75C7000
|
trusted library allocation
|
page read and write
|
||
|
7800000
|
trusted library allocation
|
page read and write
|
||
|
75CE000
|
trusted library allocation
|
page read and write
|
||
|
75D2000
|
trusted library allocation
|
page read and write
|
||
|
6B00000
|
heap
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
6C73000
|
heap
|
page read and write
|
||
|
7662000
|
trusted library allocation
|
page read and write
|
||
|
75C6000
|
trusted library allocation
|
page read and write
|
||
|
75C7000
|
trusted library allocation
|
page read and write
|
||
|
7613000
|
trusted library allocation
|
page read and write
|
||
|
5AF000
|
heap
|
page read and write
|
||
|
7606000
|
trusted library allocation
|
page read and write
|
||
|
EB0000
|
trusted library allocation
|
page read and write
|
||
|
77FA000
|
trusted library allocation
|
page read and write
|
||
|
7000000
|
trusted library allocation
|
page read and write
|
||
|
D1000
|
unkown
|
page execute read
|
||
|
75CD000
|
trusted library allocation
|
page read and write
|
||
|
75CA000
|
trusted library allocation
|
page read and write
|
||
|
75CB000
|
trusted library allocation
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
7601000
|
trusted library allocation
|
page read and write
|
||
|
6CB8E000
|
unkown
|
page read and write
|
||
|
75CD000
|
trusted library allocation
|
page read and write
|
||
|
C98000
|
heap
|
page read and write
|
||
|
75DC000
|
trusted library allocation
|
page read and write
|
||
|
7659000
|
trusted library allocation
|
page read and write
|
||
|
7612000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
7634000
|
trusted library allocation
|
page read and write
|
||
|
75D5000
|
trusted library allocation
|
page read and write
|
||
|
75C8000
|
trusted library allocation
|
page read and write
|
||
|
75DB000
|
trusted library allocation
|
page read and write
|
||
|
762D000
|
trusted library allocation
|
page read and write
|
||
|
69F0000
|
heap
|
page read and write
|
||
|
75E3000
|
trusted library allocation
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
75CE000
|
trusted library allocation
|
page read and write
|
||
|
81C7000
|
heap
|
page read and write
|
||
|
760B000
|
trusted library allocation
|
page read and write
|
||
|
67B0000
|
heap
|
page read and write
|
||
|
75DC000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
6C47000
|
heap
|
page read and write
|
||
|
58E000
|
heap
|
page read and write
|
||
|
7020000
|
trusted library allocation
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
9DE0000
|
heap
|
page read and write
|
||
|
75C7000
|
trusted library allocation
|
page read and write
|
||
|
762D000
|
trusted library allocation
|
page read and write
|
||
|
8656000
|
heap
|
page read and write
|
||
|
75C9000
|
trusted library allocation
|
page read and write
|
||
|
766B000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
75CA000
|
trusted library allocation
|
page read and write
|
||
|
75C9000
|
trusted library allocation
|
page read and write
|
||
|
6F40000
|
trusted library allocation
|
page read and write
|
||
|
6C13000
|
heap
|
page read and write
|
||
|
C50000
|
heap
|
page read and write
|
||
|
6650000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
6C9E000
|
heap
|
page read and write
|
||
|
75FC000
|
trusted library allocation
|
page read and write
|
||
|
EE1000
|
unkown
|
page execute read
|
||
|
6E0C000
|
stack
|
page read and write
|
||
|
6650000
|
trusted library allocation
|
page read and write
|
||
|
75CB000
|
trusted library allocation
|
page read and write
|
||
|
6C96000
|
heap
|
page read and write
|
||
|
75FC000
|
trusted library allocation
|
page read and write
|
||
|
8647000
|
heap
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
698D000
|
heap
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
766A000
|
trusted library allocation
|
page read and write
|
||
|
7633000
|
trusted library allocation
|
page read and write
|
||
|
75F2000
|
trusted library allocation
|
page read and write
|
||
|
7722000
|
trusted library allocation
|
page read and write
|
||
|
578000
|
heap
|
page read and write
|
||
|
75C5000
|
trusted library allocation
|
page read and write
|
||
|
7804000
|
trusted library allocation
|
page read and write
|
||
|
2E7E000
|
heap
|
page read and write
|
||
|
45D1000
|
heap
|
page read and write
|
||
|
75E7000
|
trusted library allocation
|
page read and write
|
||
|
75D5000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
57F000
|
heap
|
page read and write
|
||
|
6CA7000
|
heap
|
page read and write
|
||
|
75C6000
|
trusted library allocation
|
page read and write
|
||
|
75E7000
|
trusted library allocation
|
page read and write
|
||
|
7720000
|
trusted library allocation
|
page read and write
|
||
|
763B000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
7626000
|
trusted library allocation
|
page read and write
|
||
|
5B7000
|
heap
|
page read and write
|
||
|
9E19000
|
heap
|
page read and write
|
||
|
77FF000
|
trusted library allocation
|
page read and write
|
||
|
EE1000
|
unkown
|
page execute read
|
||
|
C58000
|
heap
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
581000
|
heap
|
page read and write
|
||
|
6C67A000
|
unkown
|
page write copy
|
||
|
75C6000
|
trusted library allocation
|
page read and write
|
||
|
75D5000
|
trusted library allocation
|
page read and write
|
||
|
75C5000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
6C30000
|
heap
|
page read and write
|
||
|
75DE000
|
trusted library allocation
|
page read and write
|
||
|
FD000
|
unkown
|
page readonly
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
7719000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
75CD000
|
trusted library allocation
|
page read and write
|
||
|
75E0000
|
trusted library allocation
|
page read and write
|
||
|
75CE000
|
trusted library allocation
|
page read and write
|
||
|
E4F000
|
stack
|
page read and write
|
||
|
75D3000
|
trusted library allocation
|
page read and write
|
||
|
75E5000
|
trusted library allocation
|
page read and write
|
||
|
6C40000
|
heap
|
page read and write
|
||
|
75C8000
|
trusted library allocation
|
page read and write
|
||
|
75CB000
|
trusted library allocation
|
page read and write
|
||
|
75D7000
|
trusted library allocation
|
page read and write
|
||
|
52F4000
|
heap
|
page read and write
|
||
|
75D3000
|
trusted library allocation
|
page read and write
|
||
|
75D3000
|
trusted library allocation
|
page read and write
|
||
|
6CA5000
|
heap
|
page read and write
|
||
|
7804000
|
trusted library allocation
|
page read and write
|
||
|
75EA000
|
trusted library allocation
|
page read and write
|
||
|
75D7000
|
trusted library allocation
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
75EF000
|
trusted library allocation
|
page read and write
|
||
|
77FC000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
7725000
|
trusted library allocation
|
page read and write
|
||
|
765D000
|
trusted library allocation
|
page read and write
|
||
|
6A02000
|
trusted library allocation
|
page read and write
|
||
|
75DA000
|
trusted library allocation
|
page read and write
|
||
|
6C62000
|
heap
|
page read and write
|
||
|
75DB000
|
trusted library allocation
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
7628000
|
trusted library allocation
|
page read and write
|
||
|
75C5000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
trusted library allocation
|
page read and write
|
||
|
75CD000
|
trusted library allocation
|
page read and write
|
||
|
CBF000
|
stack
|
page read and write
|
||
|
66D0000
|
heap
|
page read and write
|
||
|
75C9000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
765E000
|
trusted library allocation
|
page read and write
|
||
|
6CAC0000
|
unkown
|
page readonly
|
||
|
764F000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
75C9000
|
trusted library allocation
|
page read and write
|
||
|
6C85000
|
heap
|
page read and write
|
||
|
75FB000
|
trusted library allocation
|
page read and write
|
||
|
761E000
|
trusted library allocation
|
page read and write
|
||
|
5B7000
|
heap
|
page read and write
|
||
|
6C8C000
|
heap
|
page read and write
|
||
|
6A08000
|
trusted library allocation
|
page read and write
|
||
|
75C5000
|
trusted library allocation
|
page read and write
|
||
|
567000
|
heap
|
page read and write
|
||
|
7805000
|
trusted library allocation
|
page read and write
|
||
|
75DA000
|
trusted library allocation
|
page read and write
|
||
|
75C7000
|
trusted library allocation
|
page read and write
|
||
|
75DE000
|
trusted library allocation
|
page read and write
|
||
|
5B2000
|
heap
|
page read and write
|
||
|
75C9000
|
trusted library allocation
|
page read and write
|
||
|
6CAB000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
75E2000
|
trusted library allocation
|
page read and write
|
||
|
75CD000
|
trusted library allocation
|
page read and write
|
||
|
75C7000
|
trusted library allocation
|
page read and write
|
||
|
8669000
|
heap
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
75C7000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
6CA8000
|
heap
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
6C97000
|
heap
|
page read and write
|
||
|
75D4000
|
trusted library allocation
|
page read and write
|
||
|
75E8000
|
trusted library allocation
|
page read and write
|
||
|
EF1000
|
unkown
|
page read and write
|
||
|
762A000
|
trusted library allocation
|
page read and write
|
||
|
764F000
|
trusted library allocation
|
page read and write
|
||
|
5B7000
|
heap
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
7656000
|
trusted library allocation
|
page read and write
|
||
|
75EF000
|
trusted library allocation
|
page read and write
|
||
|
75C8000
|
trusted library allocation
|
page read and write
|
||
|
77EA000
|
trusted library allocation
|
page read and write
|
||
|
75C5000
|
trusted library allocation
|
page read and write
|
||
|
75C8000
|
trusted library allocation
|
page read and write
|
||
|
7808000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
8B5000
|
heap
|
page read and write
|
||
|
6CAB3000
|
unkown
|
page readonly
|
||
|
75C5000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
75D5000
|
trusted library allocation
|
page read and write
|
||
|
75C8000
|
trusted library allocation
|
page read and write
|
||
|
75CF000
|
trusted library allocation
|
page read and write
|
||
|
75D1000
|
trusted library allocation
|
page read and write
|
||
|
75CE000
|
trusted library allocation
|
page read and write
|
||
|
75CC000
|
trusted library allocation
|
page read and write
|
||
|
CA6000
|
heap
|
page read and write
|
||
|
75E3000
|
trusted library allocation
|
page read and write
|
||
|
7631000
|
trusted library allocation
|
page read and write
|
||
|
75DC000
|
trusted library allocation
|
page read and write
|
||
|
6B14000
|
heap
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
7669000
|
trusted library allocation
|
page read and write
|
||
|
75CA000
|
trusted library allocation
|
page read and write
|
||
|
75D5000
|
trusted library allocation
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
6980000
|
direct allocation
|
page read and write
|
||
|
77F3000
|
trusted library allocation
|
page read and write
|
||
|
5BA000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
75D3000
|
trusted library allocation
|
page read and write
|
||
|
75C5000
|
trusted library allocation
|
page read and write
|
||
|
6C6A000
|
heap
|
page read and write
|
||
|
4FE000
|
stack
|
page read and write
|
||
|
7611000
|
trusted library allocation
|
page read and write
|
||
|
75DC000
|
trusted library allocation
|
page read and write
|
||
|
762E000
|
trusted library allocation
|
page read and write
|
||
|
75EE000
|
trusted library allocation
|
page read and write
|
||
|
6C5C000
|
heap
|
page read and write
|
||
|
5F6C000
|
heap
|
page read and write
|
||
|
6C67000
|
heap
|
page read and write
|
||
|
8BB000
|
heap
|
page read and write
|
||
|
7661000
|
trusted library allocation
|
page read and write
|
||
|
6C9B000
|
heap
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
75CB000
|
trusted library allocation
|
page read and write
|
||
|
761A000
|
trusted library allocation
|
page read and write
|
||
|
75D6000
|
trusted library allocation
|
page read and write
|
||
|
75D5000
|
trusted library allocation
|
page read and write
|
||
|
6C4B000
|
heap
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
77E7000
|
trusted library allocation
|
page read and write
|
||
|
75CA000
|
trusted library allocation
|
page read and write
|
||
|
7600000
|
trusted library allocation
|
page read and write
|
||
|
764E000
|
trusted library allocation
|
page read and write
|
||
|
7623000
|
trusted library allocation
|
page read and write
|
||
|
75D1000
|
trusted library allocation
|
page read and write
|
||
|
75D9000
|
trusted library allocation
|
page read and write
|
||
|
75D5000
|
trusted library allocation
|
page read and write
|
||
|
75CC000
|
trusted library allocation
|
page read and write
|
||
|
75D1000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
75C8000
|
trusted library allocation
|
page read and write
|
||
|
6C679000
|
unkown
|
page read and write
|
||
|
6C680000
|
unkown
|
page readonly
|
||
|
7805000
|
trusted library allocation
|
page read and write
|
||
|
6F20000
|
trusted library allocation
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
75D9000
|
trusted library allocation
|
page read and write
|
||
|
7806000
|
trusted library allocation
|
page read and write
|
||
|
75CF000
|
trusted library allocation
|
page read and write
|
||
|
75CB000
|
trusted library allocation
|
page read and write
|
||
|
7625000
|
trusted library allocation
|
page read and write
|
||
|
75C8000
|
trusted library allocation
|
page read and write
|
||
|
860B000
|
heap
|
page read and write
|
||
|
75C7000
|
trusted library allocation
|
page read and write
|
||
|
75CF000
|
trusted library allocation
|
page read and write
|
||
|
7623000
|
trusted library allocation
|
page read and write
|
||
|
8679000
|
heap
|
page read and write
|
||
|
7695000
|
trusted library allocation
|
page read and write
|
||
|
75F4000
|
trusted library allocation
|
page read and write
|
||
|
75D9000
|
trusted library allocation
|
page read and write
|
||
|
6988000
|
heap
|
page read and write
|
||
|
75D3000
|
trusted library allocation
|
page read and write
|
||
|
7654000
|
trusted library allocation
|
page read and write
|
||
|
75D4000
|
trusted library allocation
|
page read and write
|
||
|
75CD000
|
trusted library allocation
|
page read and write
|
||
|
75C7000
|
trusted library allocation
|
page read and write
|
||
|
8321000
|
heap
|
page read and write
|
||
|
75CD000
|
trusted library allocation
|
page read and write
|
||
|
D2F000
|
heap
|
page read and write
|
||
|
7632000
|
trusted library allocation
|
page read and write
|
||
|
6F00000
|
trusted library allocation
|
page read and write
|
||
|
7640000
|
trusted library allocation
|
page read and write
|
||
|
7667000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
57F000
|
heap
|
page read and write
|
||
|
75CD000
|
trusted library allocation
|
page read and write
|
||
|
765B000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
75D3000
|
trusted library allocation
|
page read and write
|
||
|
6B10000
|
heap
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
75F9000
|
trusted library allocation
|
page read and write
|
||
|
F9000
|
unkown
|
page read and write
|
||
|
76A0000
|
trusted library allocation
|
page read and write
|
||
|
75E4000
|
trusted library allocation
|
page read and write
|
||
|
75CC000
|
trusted library allocation
|
page read and write
|
||
|
FD5000
|
heap
|
page read and write
|
||
|
75D4000
|
trusted library allocation
|
page read and write
|
||
|
75DC000
|
trusted library allocation
|
page read and write
|
||
|
7809000
|
trusted library allocation
|
page read and write
|
||
|
75CE000
|
trusted library allocation
|
page read and write
|
||
|
7632000
|
trusted library allocation
|
page read and write
|
||
|
7624000
|
trusted library allocation
|
page read and write
|
||
|
75DF000
|
trusted library allocation
|
page read and write
|
||
|
6C6D000
|
heap
|
page read and write
|
||
|
7609000
|
trusted library allocation
|
page read and write
|
||
|
7614000
|
trusted library allocation
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
7808000
|
trusted library allocation
|
page read and write
|
||
|
6A0D000
|
trusted library allocation
|
page read and write
|
||
|
761C000
|
trusted library allocation
|
page read and write
|
||
|
4BE000
|
stack
|
page read and write
|
||
|
764D000
|
trusted library allocation
|
page read and write
|
||
|
7801000
|
trusted library allocation
|
page read and write
|
||
|
75D7000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
75CE000
|
trusted library allocation
|
page read and write
|
||
|
7020000
|
trusted library allocation
|
page read and write
|
||
|
75E4000
|
trusted library allocation
|
page read and write
|
||
|
6C51000
|
heap
|
page read and write
|
||
|
6A0C000
|
trusted library allocation
|
page read and write
|
||
|
762C000
|
trusted library allocation
|
page read and write
|
||
|
75C8000
|
trusted library allocation
|
page read and write
|
||
|
7609000
|
trusted library allocation
|
page read and write
|
||
|
75CB000
|
trusted library allocation
|
page read and write
|
||
|
7642000
|
trusted library allocation
|
page read and write
|
||
|
6A00000
|
trusted library allocation
|
page read and write
|
||
|
75C8000
|
trusted library allocation
|
page read and write
|
||
|
7803000
|
trusted library allocation
|
page read and write
|
||
|
75F7000
|
trusted library allocation
|
page read and write
|
||
|
7615000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
71B0000
|
trusted library allocation
|
page read and write
|
||
|
6CA81000
|
unkown
|
page execute read
|
||
|
75D1000
|
trusted library allocation
|
page read and write
|
||
|
597000
|
heap
|
page read and write
|
||
|
75CC000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
7655000
|
trusted library allocation
|
page read and write
|
||
|
75CD000
|
trusted library allocation
|
page read and write
|
||
|
6CB93000
|
unkown
|
page readonly
|
||
|
75D5000
|
trusted library allocation
|
page read and write
|
||
|
7638000
|
trusted library allocation
|
page read and write
|
||
|
75D7000
|
trusted library allocation
|
page read and write
|
||
|
70A0000
|
heap
|
page read and write
|
||
|
75C5000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
6C4A000
|
heap
|
page read and write
|
||
|
75DD000
|
trusted library allocation
|
page read and write
|
||
|
75CB000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
761F000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
760A000
|
trusted library allocation
|
page read and write
|
||
|
75D6000
|
trusted library allocation
|
page read and write
|
||
|
6C64000
|
heap
|
page read and write
|
||
|
75F0000
|
trusted library allocation
|
page read and write
|
||
|
75CA000
|
trusted library allocation
|
page read and write
|
||
|
EF3000
|
unkown
|
page readonly
|
||
|
75E2000
|
trusted library allocation
|
page read and write
|
||
|
75D3000
|
trusted library allocation
|
page read and write
|
||
|
7608000
|
trusted library allocation
|
page read and write
|
||
|
75D4000
|
trusted library allocation
|
page read and write
|
||
|
7636000
|
trusted library allocation
|
page read and write
|
||
|
6C9C000
|
heap
|
page read and write
|
||
|
75FE000
|
trusted library allocation
|
page read and write
|
||
|
6E00000
|
heap
|
page read and write
|
||
|
764E000
|
trusted library allocation
|
page read and write
|
||
|
6ABA000
|
stack
|
page read and write
|
||
|
70B0000
|
heap
|
page read and write
|
||
|
5B3000
|
heap
|
page read and write
|
||
|
75C7000
|
trusted library allocation
|
page read and write
|
||
|
75CA000
|
trusted library allocation
|
page read and write
|
||
|
7617000
|
trusted library allocation
|
page read and write
|
||
|
75D3000
|
trusted library allocation
|
page read and write
|
||
|
7659000
|
trusted library allocation
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
75D5000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
75CF000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
EB0000
|
trusted library allocation
|
page read and write
|
||
|
75DA000
|
trusted library allocation
|
page read and write
|
||
|
75C6000
|
trusted library allocation
|
page read and write
|
||
|
5CA000
|
heap
|
page read and write
|
||
|
D2F000
|
heap
|
page read and write
|
||
|
6C91000
|
heap
|
page read and write
|
||
|
75F3000
|
trusted library allocation
|
page read and write
|
||
|
D2F000
|
heap
|
page read and write
|
||
|
75EB000
|
trusted library allocation
|
page read and write
|
||
|
75C6000
|
trusted library allocation
|
page read and write
|
||
|
75CB000
|
trusted library allocation
|
page read and write
|
||
|
75D8000
|
trusted library allocation
|
page read and write
|
||
|
6C7D000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
7806000
|
trusted library allocation
|
page read and write
|
||
|
7608000
|
trusted library allocation
|
page read and write
|
||
|
6C36000
|
heap
|
page read and write
|
||
|
474000
|
heap
|
page read and write
|
||
|
EE0000
|
unkown
|
page readonly
|
||
|
6C86000
|
heap
|
page read and write
|
||
|
CD1000
|
heap
|
page read and write
|
||
|
75C6000
|
trusted library allocation
|
page read and write
|
||
|
75C8000
|
trusted library allocation
|
page read and write
|
||
|
75CE000
|
trusted library allocation
|
page read and write
|
||
|
5B3000
|
heap
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
75D1000
|
trusted library allocation
|
page read and write
|
||
|
760F000
|
trusted library allocation
|
page read and write
|
||
|
7634000
|
trusted library allocation
|
page read and write
|
||
|
75CD000
|
trusted library allocation
|
page read and write
|
||
|
75D8000
|
trusted library allocation
|
page read and write
|
||
|
75C7000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
75D4000
|
trusted library allocation
|
page read and write
|
||
|
75DF000
|
trusted library allocation
|
page read and write
|
||
|
75C9000
|
trusted library allocation
|
page read and write
|
||
|
75C7000
|
trusted library allocation
|
page read and write
|
||
|
7617000
|
trusted library allocation
|
page read and write
|
||
|
75D3000
|
trusted library allocation
|
page read and write
|
||
|
5AF000
|
heap
|
page read and write
|
||
|
5B3000
|
heap
|
page read and write
|
||
|
D1000
|
unkown
|
page execute read
|
||
|
7633000
|
trusted library allocation
|
page read and write
|
||
|
75D6000
|
trusted library allocation
|
page read and write
|
||
|
76A5000
|
trusted library allocation
|
page read and write
|
||
|
5D9000
|
heap
|
page read and write
|
||
|
780C000
|
trusted library allocation
|
page read and write
|
||
|
73F0000
|
heap
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
7000000
|
trusted library allocation
|
page read and write
|
||
|
5CE000
|
heap
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
765D000
|
trusted library allocation
|
page read and write
|
||
|
EF3000
|
unkown
|
page readonly
|
||
|
75D6000
|
trusted library allocation
|
page read and write
|
||
|
D35000
|
heap
|
page read and write
|
||
|
7664000
|
trusted library allocation
|
page read and write
|
||
|
75CA000
|
trusted library allocation
|
page read and write
|
||
|
75CE000
|
trusted library allocation
|
page read and write
|
||
|
6A03000
|
trusted library allocation
|
page read and write
|
||
|
6C87000
|
heap
|
page read and write
|
||
|
764D000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
75D2000
|
trusted library allocation
|
page read and write
|
||
|
6C19000
|
heap
|
page read and write
|
||
|
6770000
|
heap
|
page read and write
|
||
|
75D6000
|
trusted library allocation
|
page read and write
|
||
|
75C7000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
7622000
|
trusted library allocation
|
page read and write
|
||
|
75F6000
|
trusted library allocation
|
page read and write
|
||
|
6E320000
|
unkown
|
page readonly
|
||
|
6D25000
|
heap
|
page read and write
|
||
|
6CAB000
|
heap
|
page read and write
|
||
|
75ED000
|
trusted library allocation
|
page read and write
|
||
|
75C6000
|
trusted library allocation
|
page read and write
|
||
|
75D2000
|
trusted library allocation
|
page read and write
|
||
|
5B2000
|
heap
|
page read and write
|
||
|
7040000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
53A000
|
heap
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
75EA000
|
trusted library allocation
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
6C44000
|
heap
|
page read and write
|
||
|
8641000
|
heap
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
58E000
|
heap
|
page read and write
|
||
|
7810000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
75CA000
|
trusted library allocation
|
page read and write
|
||
|
7610000
|
trusted library allocation
|
page read and write
|
||
|
761C000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
75D1000
|
trusted library allocation
|
page read and write
|
||
|
5B7000
|
heap
|
page read and write
|
||
|
5B7000
|
heap
|
page read and write
|
||
|
E9A000
|
trusted library allocation
|
page read and write
|
||
|
75CE000
|
trusted library allocation
|
page read and write
|
||
|
75D6000
|
trusted library allocation
|
page read and write
|
||
|
75E6000
|
trusted library allocation
|
page read and write
|
||
|
75F7000
|
trusted library allocation
|
page read and write
|
||
|
75CB000
|
trusted library allocation
|
page read and write
|
||
|
77FB000
|
trusted library allocation
|
page read and write
|
||
|
77F4000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
7602000
|
trusted library allocation
|
page read and write
|
||
|
75CB000
|
trusted library allocation
|
page read and write
|
||
|
7602000
|
trusted library allocation
|
page read and write
|
||
|
75C8000
|
trusted library allocation
|
page read and write
|
||
|
765C000
|
trusted library allocation
|
page read and write
|
||
|
C86000
|
heap
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
7656000
|
trusted library allocation
|
page read and write
|
||
|
7622000
|
trusted library allocation
|
page read and write
|
||
|
765F000
|
trusted library allocation
|
page read and write
|
||
|
75CC000
|
trusted library allocation
|
page read and write
|
||
|
75CE000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
75D4000
|
trusted library allocation
|
page read and write
|
||
|
6C67B000
|
unkown
|
page read and write
|
||
|
6C631000
|
unkown
|
page execute read
|
||
|
75CA000
|
trusted library allocation
|
page read and write
|
||
|
6C4E000
|
heap
|
page read and write
|
||
|
7618000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
C7B000
|
heap
|
page read and write
|
||
|
6C32000
|
heap
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
75C6000
|
trusted library allocation
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
763D000
|
trusted library allocation
|
page read and write
|
||
|
75C9000
|
trusted library allocation
|
page read and write
|
||
|
75D3000
|
trusted library allocation
|
page read and write
|
||
|
75CC000
|
trusted library allocation
|
page read and write
|
||
|
75D1000
|
trusted library allocation
|
page read and write
|
||
|
75D8000
|
trusted library allocation
|
page read and write
|
||
|
C92000
|
heap
|
page read and write
|
||
|
77FE000
|
trusted library allocation
|
page read and write
|
||
|
75FA000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
7801000
|
trusted library allocation
|
page read and write
|
||
|
75D9000
|
trusted library allocation
|
page read and write
|
||
|
7802000
|
trusted library allocation
|
page read and write
|
||
|
75CA000
|
trusted library allocation
|
page read and write
|
||
|
75CA000
|
trusted library allocation
|
page read and write
|
||
|
EF1000
|
unkown
|
page write copy
|
||
|
D0000
|
unkown
|
page readonly
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
75D2000
|
trusted library allocation
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
6C6C000
|
heap
|
page read and write
|
||
|
6C3B000
|
heap
|
page read and write
|
||
|
75D7000
|
trusted library allocation
|
page read and write
|
||
|
75C6000
|
trusted library allocation
|
page read and write
|
||
|
7679000
|
trusted library allocation
|
page read and write
|
||
|
75CE000
|
trusted library allocation
|
page read and write
|
||
|
6A04000
|
trusted library allocation
|
page read and write
|
||
|
8529000
|
heap
|
page read and write
|
||
|
760C000
|
trusted library allocation
|
page read and write
|
||
|
760F000
|
trusted library allocation
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
761D000
|
trusted library allocation
|
page read and write
|
||
|
763B000
|
trusted library allocation
|
page read and write
|
||
|
6A0E000
|
trusted library allocation
|
page read and write
|
||
|
6C3F000
|
heap
|
page read and write
|
||
|
6830000
|
heap
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
75E1000
|
trusted library allocation
|
page read and write
|
||
|
7657000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
75D7000
|
trusted library allocation
|
page read and write
|
||
|
7CE000
|
stack
|
page read and write
|
||
|
763C000
|
trusted library allocation
|
page read and write
|
||
|
6C89000
|
heap
|
page read and write
|
||
|
75C8000
|
trusted library allocation
|
page read and write
|
||
|
7624000
|
trusted library allocation
|
page read and write
|
||
|
75D8000
|
trusted library allocation
|
page read and write
|
||
|
6C18000
|
heap
|
page read and write
|
||
|
75D2000
|
trusted library allocation
|
page read and write
|
||
|
75D6000
|
trusted library allocation
|
page read and write
|
||
|
761A000
|
trusted library allocation
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
7723000
|
trusted library allocation
|
page read and write
|
||
|
7638000
|
trusted library allocation
|
page read and write
|
||
|
5B3000
|
heap
|
page read and write
|
||
|
6A01000
|
trusted library allocation
|
page read and write
|
||
|
75D6000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
75D1000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
6C10000
|
heap
|
page read and write
|
||
|
75C8000
|
trusted library allocation
|
page read and write
|
||
|
75CF000
|
trusted library allocation
|
page read and write
|
||
|
6102000
|
heap
|
page read and write
|
||
|
7603000
|
trusted library allocation
|
page read and write
|
||
|
6E321000
|
unkown
|
page execute read
|
||
|
57F000
|
heap
|
page read and write
|
||
|
75D2000
|
trusted library allocation
|
page read and write
|
||
|
762B000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
75CE000
|
trusted library allocation
|
page read and write
|
||
|
75CD000
|
trusted library allocation
|
page read and write
|
||
|
75D2000
|
trusted library allocation
|
page read and write
|
||
|
6CA1000
|
heap
|
page read and write
|
||
|
6CA7000
|
heap
|
page read and write
|
||
|
75CF000
|
trusted library allocation
|
page read and write
|
||
|
75D6000
|
trusted library allocation
|
page read and write
|
||
|
780D000
|
trusted library allocation
|
page read and write
|
||
|
76AA000
|
trusted library allocation
|
page read and write
|
||
|
765E000
|
trusted library allocation
|
page read and write
|
||
|
75D2000
|
trusted library allocation
|
page read and write
|
||
|
761B000
|
trusted library allocation
|
page read and write
|
||
|
75C9000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
75CB000
|
trusted library allocation
|
page read and write
|
||
|
7604000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
75C9000
|
trusted library allocation
|
page read and write
|
||
|
6A10000
|
trusted library allocation
|
page read and write
|
||
|
766B000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
CC3000
|
heap
|
page read and write
|
||
|
75CE000
|
trusted library allocation
|
page read and write
|
||
|
6C2B000
|
heap
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
75CB000
|
trusted library allocation
|
page read and write
|
||
|
75CF000
|
trusted library allocation
|
page read and write
|
||
|
7612000
|
trusted library allocation
|
page read and write
|
||
|
75D5000
|
trusted library allocation
|
page read and write
|
||
|
75DB000
|
trusted library allocation
|
page read and write
|
||
|
75FE000
|
trusted library allocation
|
page read and write
|
||
|
7606000
|
trusted library allocation
|
page read and write
|
||
|
75CE000
|
trusted library allocation
|
page read and write
|
||
|
7619000
|
trusted library allocation
|
page read and write
|
||
|
6C72000
|
heap
|
page read and write
|
||
|
75C6000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
75C9000
|
trusted library allocation
|
page read and write
|
||
|
75B0000
|
heap
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
FD000
|
unkown
|
page readonly
|
||
|
75C8000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
75F8000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
75D2000
|
trusted library allocation
|
page read and write
|
||
|
578000
|
heap
|
page read and write
|
||
|
5B7000
|
heap
|
page read and write
|
||
|
75CA000
|
trusted library allocation
|
page read and write
|
||
|
763A000
|
trusted library allocation
|
page read and write
|
||
|
75FF000
|
trusted library allocation
|
page read and write
|
||
|
76B3000
|
trusted library allocation
|
page read and write
|
||
|
865A000
|
heap
|
page read and write
|
||
|
75C6000
|
trusted library allocation
|
page read and write
|
||
|
75C6000
|
trusted library allocation
|
page read and write
|
||
|
75F5000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
heap
|
page read and write
|
||
|
7629000
|
trusted library allocation
|
page read and write
|
||
|
6AFE000
|
stack
|
page read and write
|
||
|
51EB000
|
heap
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
5BA000
|
heap
|
page read and write
|
||
|
75F8000
|
trusted library allocation
|
page read and write
|
||
|
6C9A000
|
heap
|
page read and write
|
||
|
771D000
|
trusted library allocation
|
page read and write
|
||
|
75D6000
|
trusted library allocation
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
75CF000
|
trusted library allocation
|
page read and write
|
||
|
75D5000
|
trusted library allocation
|
page read and write
|
||
|
75CE000
|
trusted library allocation
|
page read and write
|
||
|
57D000
|
heap
|
page read and write
|
||
|
6CA80000
|
unkown
|
page readonly
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
7627000
|
trusted library allocation
|
page read and write
|
||
|
6C97000
|
heap
|
page read and write
|
||
|
7721000
|
trusted library allocation
|
page read and write
|
||
|
75DA000
|
trusted library allocation
|
page read and write
|
||
|
75D1000
|
trusted library allocation
|
page read and write
|
||
|
C77000
|
heap
|
page read and write
|
||
|
75CC000
|
trusted library allocation
|
page read and write
|
||
|
7802000
|
trusted library allocation
|
page read and write
|
||
|
6F30000
|
trusted library allocation
|
page read and write
|
||
|
762E000
|
trusted library allocation
|
page read and write
|
||
|
7627000
|
trusted library allocation
|
page read and write
|
||
|
6A07000
|
trusted library allocation
|
page read and write
|
||
|
75CA000
|
trusted library allocation
|
page read and write
|
||
|
75CA000
|
trusted library allocation
|
page read and write
|
||
|
7631000
|
trusted library allocation
|
page read and write
|
||
|
6A05000
|
trusted library allocation
|
page read and write
|
||
|
75FB000
|
trusted library allocation
|
page read and write
|
||
|
75FA000
|
trusted library allocation
|
page read and write
|
||
|
75CE000
|
trusted library allocation
|
page read and write
|
||
|
7070000
|
heap
|
page read and write
|
||
|
AFC000
|
stack
|
page read and write
|
||
|
780C000
|
trusted library allocation
|
page read and write
|
||
|
7800000
|
trusted library allocation
|
page read and write
|
||
|
75F0000
|
trusted library allocation
|
page read and write
|
||
|
764C000
|
trusted library allocation
|
page read and write
|
||
|
5C9000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
75D5000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
75D1000
|
trusted library allocation
|
page read and write
|
||
|
6CB8F000
|
unkown
|
page readonly
|
||
|
F9000
|
unkown
|
page write copy
|
||
|
75CD000
|
trusted library allocation
|
page read and write
|
||
|
6F70000
|
heap
|
page read and write
|
||
|
CC1000
|
heap
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
75C8000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
75C6000
|
trusted library allocation
|
page read and write
|
||
|
75CD000
|
trusted library allocation
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
75C6000
|
trusted library allocation
|
page read and write
|
||
|
75E0000
|
trusted library allocation
|
page read and write
|
||
|
75CC000
|
trusted library allocation
|
page read and write
|
||
|
5B3000
|
heap
|
page read and write
|
||
|
CFF000
|
heap
|
page read and write
|
||
|
6C76000
|
heap
|
page read and write
|
||
|
75C9000
|
trusted library allocation
|
page read and write
|
||
|
75FD000
|
trusted library allocation
|
page read and write
|
||
|
77FD000
|
trusted library allocation
|
page read and write
|
||
|
591000
|
heap
|
page read and write
|
||
|
6CB86000
|
unkown
|
page write copy
|
||
|
75D5000
|
trusted library allocation
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
79C0000
|
trusted library allocation
|
page read and write
|
||
|
76A9000
|
trusted library allocation
|
page read and write
|
||
|
75C7000
|
trusted library allocation
|
page read and write
|
||
|
75D3000
|
trusted library allocation
|
page read and write
|
||
|
7654000
|
trusted library allocation
|
page read and write
|
||
|
5AA000
|
heap
|
page read and write
|
||
|
7605000
|
trusted library allocation
|
page read and write
|
||
|
75CC000
|
trusted library allocation
|
page read and write
|
||
|
760B000
|
trusted library allocation
|
page read and write
|
||
|
75C9000
|
trusted library allocation
|
page read and write
|
||
|
771E000
|
trusted library allocation
|
page read and write
|
||
|
75C0000
|
trusted library allocation
|
page read and write
|
||
|
7613000
|
trusted library allocation
|
page read and write
|
||
|
763C000
|
trusted library allocation
|
page read and write
|
||
|
763D000
|
trusted library allocation
|
page read and write
|
||
|
6F0E000
|
stack
|
page read and write
|
||
|
75DD000
|
trusted library allocation
|
page read and write
|
||
|
6C41000
|
heap
|
page read and write
|
||
|
75D5000
|
trusted library allocation
|
page read and write
|
||
|
765A000
|
trusted library allocation
|
page read and write
|
||
|
7658000
|
trusted library allocation
|
page read and write
|
||
|
71C000
|
stack
|
page read and write
|
||
|
75F3000
|
trusted library allocation
|
page read and write
|
||
|
75CD000
|
trusted library allocation
|
page read and write
|
||
|
C8C000
|
heap
|
page read and write
|
||
|
CC2000
|
heap
|
page read and write
|
||
|
5B3000
|
heap
|
page read and write
|
||
|
7653000
|
trusted library allocation
|
page read and write
|
There are 1051 hidden memdumps, click here to show them.