Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
f0t0s.dll
|
MS-DOS executable, MZ for MS-DOS
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\E5F0NRSV\www.msn[2].xml
|
ASCII text, with no line terminators
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\URW0GA4Q\contextual.media[1].xml
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{49A9FD2E-5BB8-11EB-90EB-ECF4BBEA1588}.dat
|
Microsoft Word Document
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{49A9FD30-5BB8-11EB-90EB-ECF4BBEA1588}.dat
|
Microsoft Word Document
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{516E9D73-5BB8-11EB-90EB-ECF4BBEA1588}.dat
|
Microsoft Word Document
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{67AE7C07-5BB8-11EB-90EB-ECF4BBEA1588}.dat
|
Microsoft Word Document
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\gee00pr\imagestore.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\1Yi_2FiH[1].avi
|
data
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\41-0bee62-68ddb2ab[1].js
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\55a804ab-e5c6-4b97-9319-86263d365d28[1].json
|
ASCII text, with very long lines, with no line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\755f86[1].png
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\AA7XCQ3[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\AAuTnto[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\AAyuliQ[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\BB1cROFX[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 311x333,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\BB1cVO9D[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 200x200, segment length 16, baseline, precision 8, 300x250,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\BB1cVySw[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 311x333,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\BB1cW0V5[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 206x250, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\BB1cWC3j[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 311x333, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\BB1cWVaA[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 622x368,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\BB1cWagm[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 311x333, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\BB1cWfeT[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 206x250,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\BB1cWuIx[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 206x250,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\BBK9Hzy[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\BBRUB0d[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\BBkwUr[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\BBlBV0U[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\checksync[1].htm
|
HTML document, ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\checksync[2].htm
|
HTML document, ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\dnserror[1]
|
HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\http___cdn.taboola.com_libtrc_static_thumbnails_b412fb4fe41d835c34f32e35bc47db2f[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 207x311, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\http___cdn.taboola.com_libtrc_static_thumbnails_b735c05319719836ca882359e4b7c3ba[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 207x311, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\http___cdn.taboola.com_libtrc_static_thumbnails_e53ea340bebb1149008f8c4ddcca31a4[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 207x311, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\nrrV63415[1].js
|
ASCII text, with very long lines, with no line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\otSDKStub[1].js
|
ASCII text, with very long lines, with no line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\otTCF-ie[1].js
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\85-0f8009-68ddb2ab[1].js
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\AA6SFRQ[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\AA7zvAd[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\BB16ENv5[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 310x166,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\BB1cEP3G[1].png
|
PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\BB1cG73h[1].png
|
PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\BB1cVBFC[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 220x220, segment length 16, baseline, precision 8, 310x166,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\BB1cVYj0[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 350x350, segment length 16, baseline, precision 8, 311x333,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\BB1cW2K9[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 311x333, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\BB1cW6ej[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 206x250,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\BB1cW6xE[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 206x250, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\BB1cW9H4[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 100x75, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\BB1cWBmL[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 622x368, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\BB1cWKuB[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\BB1cWvPu[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 311x333,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\BB1kKVy[1].png
|
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\BB6Ma4a[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\BBMW3y8[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\a8a064[1].gif
|
GIF image data, version 89a, 28 x 28
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\de-ch[1].json
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\down[1]
|
PNG image data, 15 x 15, 8-bit colormap, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\e151e5[1].gif
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\http___cdn.taboola.com_libtrc_static_thumbnails_4889ff8e9e0bb32b9a7633b2e8e8326a[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 207x311, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\http___cdn.taboola.com_libtrc_static_thumbnails_79bd3695e59603e4e77cbf141486daa4[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 207x311, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\iab2Data[1].json
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\medianet[1].htm
|
HTML document, ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\medianet[2].htm
|
HTML document, ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\otPcCenter[1].json
|
ASCII text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\4996b9[1].woff
|
Web Open Font Format, TrueType, length 45633, version 1.0
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\AA3e6zI[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\BB14EN7h[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 192x192, segment length 16, baseline, precision 8, 622x368,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\BB1cGhXz[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\BB1cV7Ls[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 206x250, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\BB1cVE2T[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 206x250, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\BB1cVLqB[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 310x166, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\BB1cW2y3[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 100x75, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\BB1cWBmL[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 100x75, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\BB1cWGnu[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 622x368,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\BB1cWdTm[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 206x250,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\BB1cWipI[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 622x368, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\BB1cWjhd[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 206x250, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\BB1cWwMe[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 206x250, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\BB5zDwX[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\BB7gRE[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\BB7hjL[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\BBVuddh[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\BBZazha[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 311x333, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\BBnYSFZ[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\a5ea21[1].ico
|
PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\auction[1].htm
|
HTML document, ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\cfdbd9[1].png
|
PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\e20c0926-e917-4c23-9449-56056dc6d4c7[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\errorPageStrings[1]
|
UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\fcmain[1].js
|
HTML document, ASCII text, with very long lines, with no line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\fcmain[2].js
|
HTML document, ASCII text, with very long lines, with no line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\http___cdn.taboola.com_libtrc_static_thumbnails_8708d875fde894d947261b135101c3d9[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 207x311, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\https___crowdhouse-wp-resources-prod.s3.eu-west-1.amazonaws.com_wp-content_uploads_2020_06_02074816_ls2[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 207x311, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\58-acd805-185735b[1].css
|
UTF-8 Unicode text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\AA42pjY[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\AAzb5EX[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\BB10MkbM[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\BB14hq0P[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 192x192, segment length 16, baseline, precision 8, 622x368,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\BB15AQNm[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 192x192, segment length 16, baseline, precision 8, 622x368,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\BB1breIx[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\BB1cVLpF[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 100x75, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\BB1cVPBX[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 311x333, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\BB1cVWMe[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 311x333, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\BB1cW7uG[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 310x166, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\BB1cW90R[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 206x250, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\BB1cWFXb[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 300x250, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\BB1cWlmQ[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 206x250, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\BB1cWuyb[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 311x333, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\BB1cWxae[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 311x333, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\BBO5Geh[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\BBPfCZL[1].png
|
GIF image data, version 89a, 50 x 50
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\BBX2afX[1].png
|
PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\NewErrorPageTemplate[1]
|
UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\aadcdc47-f267-4b70-bc4e-4fdd88f9ef0d[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\checksync[1].htm
|
HTML document, ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\checksync[2].htm
|
HTML document, ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\de-ch[1].htm
|
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\httpErrorPagesScripts[1]
|
UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\http___cdn.taboola.com_libtrc_static_thumbnails_1328c3fff2a2eeaee34a27ffef64effd[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 207x311, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\https___console.brax-cdn.com_creatives_b9476698-227d-4478-b354-042472d9181c_TB1759-founders_box_hg_2_1000x600_1000x600_74795f6956a5ddedf65bfd018b867316[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 207x311, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\jquery-2.1.1.min[1].js
|
ASCII text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\otBannerSdk[1].js
|
ASCII text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\otFlat[1].json
|
ASCII text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DF44580B79E43B30BA.TMP
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DF97D335606DF062D5.TMP
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DFC3F97ABCC3DE5282.TMP
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DFE48F22F871CCC426.TMP
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\YJNWZLLLXQC544CHWZ3W.temp
|
data
|
modified
|
|
There are 119 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\f0t0s.dll
|
|
|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe 'C:\Users\user\Desktop\f0t0s.dll'
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c 'C:\Program Files\Internet Explorer\iexplore.exe'
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
C:\Program Files\Internet Explorer\iexplore.exe
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6972 CREDAT:17410 /prefetch:2
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6972 CREDAT:17428 /prefetch:2
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6972 CREDAT:82960 /prefetch:2
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.msn.com/de-ch/news/other/stadtpr%c3%a4sidentin-corine-mauch-r%c3%a4umt-mitschuld-des-sta
|
unknown
|
|
|
|
http://searchads.msn.net/.cfm?&&kp=1&
|
unknown
|
|
|
|
https://contextual.media.net/medianet.php?cid=8CU157172
|
unknown
|
|
|
|
https://www.msn.com/de-ch/nachrichten/coronareisen
|
unknown
|
|
|
|
https://www.remixd.com/privacy_policy.html
|
unknown
|
|
|
|
https://onedrive.live.com;Fotos
|
unknown
|
|
|
|
http://www.symantec.com
|
unknown
|
|
|
|
https://www.onenote.com/notebooks?WT.mc_id=MSN_OneNote_TopMenu&auth=1&wdorigin=msn
|
unknown
|
|
|
|
https://office.live.com/start/Word.aspx?WT.mc_id=MSN_site;Excel
|
unknown
|
|
|
|
http://ogp.me/ns/fb#
|
unknown
|
|
|
|
https://www.awin1.com/cread.php?awinmid=15168&awinaffid=696593&clickref=de-ch-ss&ued=htt
|
unknown
|
|
|
|
https://www.msn.com/de-ch/news/other/judenhass-kampfsport-und-waffen-f%c3%bcr-den-rassenkrieg-wie-si
|
unknown
|
|
|
|
https://www.msn.com/de-ch/news/other/ein-werbespot-f%c3%bcrs-entsorgungsamt-der-schlecht-ankommt/ar-
|
unknown
|
|
|
|
https://outlook.live.com/mail/deeplink/compose;Kalender
|
unknown
|
|
|
|
https://res-a.akamaihd.net/__media__/pics/8000/72/941/fallback1.jpg
|
unknown
|
|
|
|
https://www.skyscanner.net/g/referrals/v1/cars/home?associateid=API_B2B_19305_00002
|
unknown
|
|
|
|
https://www.onenote.com/notebooks?WT.mc_id=MSN_OneNote_Recent&auth=1&wdorigin=msn
|
unknown
|
|
|
|
https://web.vortex.data.msn.com/collect/v1
|
unknown
|
|
|
|
https://www.skype.com/
|
unknown
|
|
|
|
https://www.msn.com/de-ch/news/other/aargau-schickt-mittel-und-berufssch%c3%bcler-in-fernunterricht/
|
unknown
|
|
|
|
https://sp.booking.com/index.html?aid=1589774&label=travelnavlink
|
unknown
|
|
|
|
https://www.msn.com/de-ch/nachrichten/regional
|
unknown
|
|
|
|
https://www.msn.com/de-ch/news/other/er-will-%c3%bcberrascht-werden-am-liebsten-von-sich-selber/ar-B
|
unknown
|
|
|
|
https://onedrive.live.com/?qt=allmyphotos;Aktuelle
|
unknown
|
|
|
|
https://amzn.to/2TTxhNg
|
unknown
|
|
|
|
https://www.skype.com/go/onedrivepromo.download?cm_mmc=MSFT_2390_MSN-com
|
unknown
|
|
|
|
https://client-s.gateway.messenger.live.com
|
unknown
|
|
|
|
https://www.brightcom.com/privacy-policy/
|
unknown
|
|
|
|
https://www.msn.com/de-ch/
|
unknown
|
|
|
|
https://office.live.com/start/PowerPoint.aspx?WT.mc_id=MSN_site
|
unknown
|
|
|
|
https://contextual.media.net/medianet.php?cid=8CU157172&crid=858412214&size=306x271&https=1
|
unknown
|
|
|
|
https://www.awin1.com/cread.php?awinmid=15168&awinaffid=696593&clickref=de-ch-edge-dhp-river
|
unknown
|
|
|
|
https://bealion.com/politica-de-cookies
|
unknown
|
|
|
|
https://clkde.tradedoubler.com/click?p=295926&a=3064090&g=24886692&epi=de-ch
|
unknown
|
|
|
|
https://www.msn.com/de-ch
|
unknown
|
|
|
|
https://click.linksynergy.com/deeplink?id=xoqYgl4JDe8&mid=46130&u1=dech_mestripe_store&m
|
unknown
|
|
|
|
https://twitter.com/i/notifications;Ich
|
unknown
|
|
|
|
https://www.awin1.com/cread.php?awinmid=11518&awinaffid=696593&clickref=dech-edge-dhp-infopa
|
unknown
|
|
|
|
https://www.gadsme.com/privacy-policy/
|
unknown
|
|
|
|
https://portal.eu.numbereight.me/policies-license#software-privacy-notice
|
unknown
|
|
|
|
https://contextual.media.net/medianet.php?cid=8CU157172&crid=722878611&size=306x271&http
|
unknown
|
|
|
|
https://www.sway.com/?WT.mc_id=MSN_site&utm_source=MSN&utm_medium=Topnav&utm_campaign=link;PowerPoin
|
unknown
|
|
|
|
https://www.msn.com/de-ch/?ocid=iehp&item=deferred_page%3a1&ignorejs=webcore%2fmodules%2fjsb
|
unknown
|
|
|
|
http://ogp.me/ns#
|
unknown
|
|
|
|
https://docs.prebid.org/privacy.html
|
unknown
|
|
|
|
https://onedrive.live.com/?qt=mru;OneDrive-App
|
unknown
|
|
|
|
https://www.skype.com/de
|
unknown
|
|
|
|
https://sp.booking.com/index.html?aid=1589774&label=dech-prime-hp-me
|
unknown
|
|
|
|
https://www.skype.com/de/download-skype
|
unknown
|
|
|
|
https://www.stroeer.de/fileadmin/de/Konvergenz_und_Konzepte/Daten_und_Technologien/Stroeer_SSP/Downl
|
unknown
|
|
|
|
https://onedrive.live.com/?wt.mc_id=oo_msn_msnhomepage_header
|
unknown
|
|
|
|
http://www.hotmail.msn.com/pii/ReadOutlookEmail/
|
unknown
|
|
|
|
https://channelpilot.co.uk/privacy-policy
|
unknown
|
|
|
|
https://onedrive.live.com;OneDrive-App
|
unknown
|
|
|
|
https://click.linksynergy.com/deeplink?id=xoqYgl4JDe8&mid=46130&u1=dech_mestripe_office&
|
unknown
|
|
|
|
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
|
unknown
|
|
|
|
https://www.onenote.com/notebooks?WT.mc_id=MSN_OneNote_QuickNote&auth=1
|
unknown
|
|
|
|
https://www.msn.com/de-ch/news/other/kopf-der-winterthurer-eisenjugend-verhaftet/ar-BB1cVDBd?ocid=hp
|
unknown
|
|
|
|
https://office.live.com/start/Excel.aspx?WT.mc_id=MSN_site;Sway
|
unknown
|
|
|
|
https://www.admo.tv/en/privacy-policy
|
unknown
|
|
|
|
https://www.bet365affiliates.com/UI/Pages/Affiliates/Affiliates.aspx?ContentPath
|
unknown
|
|
|
|
https://cdn.cookielaw.org/vendorlist/googleData.json
|
unknown
|
|
|
|
https://outlook.com/
|
unknown
|
|
|
|
https://rover.ebay.com/rover/1/5222-53480-19255-0/1?mpre=https%3A%2F%2Fwww.ebay.ch&campid=533862
|
unknown
|
|
|
|
https://contextual.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8HBI57XIG&prvid=77%2
|
unknown
|
|
|
|
https://cdn.cookielaw.org/vendorlist/iabData.json
|
unknown
|
|
|
|
https://www.msn.com/de-ch/homepage/api/pdp/updatepdpdata"
|
unknown
|
|
|
|
https://cdn.cookielaw.org/vendorlist/iab2Data.json
|
unknown
|
|
|
|
https://onedrive.live.com/?qt=mru;Aktuelle
|
unknown
|
|
|
|
https://www.msn.com/de-ch/?ocid=iehp
|
unknown
|
|
|
|
https://sp.booking.com/index.html?aid=1589774&label=dech-prime-hp-shoppingstripe-nav
|
unknown
|
|
|
|
https://www.msn.com/de-ch/news/other/80-k%c3%a4lber-aus-brennendem-stall-evakuiert/ar-BB1cVbsV?ocid=
|
unknown
|
|
|
|
https://www.msn.com/de-ch/homepage/api/modules/fetch"
|
unknown
|
|
|
|
https://mem.gfx.ms/meversion/?partner=msn&market=de-ch"
|
unknown
|
|
|
|
https://web.vortex.data.msn.com/collect/v1/t.gif?name=%27Ms.Webi.PageView%27&ver=%272.1%27&a
|
unknown
|
|
|
|
https://www.bidstack.com/privacy-policy/
|
unknown
|
|
|
|
https://onedrive.live.com/about/en/download/
|
unknown
|
|
|
|
http://popup.taboola.com/german
|
unknown
|
|
|
|
https://listonic.com/privacy/
|
unknown
|
|
|
|
https://www.ricardo.ch/?utm_source=msn&utm_medium=affiliate&utm_campaign=msn_mestripe_logo_d
|
unknown
|
|
|
|
http://ocsp.sca1b.amazontrust.com/images/UX6NBxejGKuiww/O5lNkgT6UNtIOi_2F9bva/Qprmk34fIbO879qt/MdtrogqLmF_2Fqf/_2FF2F05EKst9Z1EEw/f4caZYYsT/SAZrEW2lvj_2BEojoTxU/tDJE5vtOctKZ_2FKqji/N5plaj5Qq3lxm6IFqAOkT_/2FkRoPIQCjapM/McWFMQds/m87yGEYxK6DYnqXLcn6Sf84/1Yi_2FiH.avi
|
143.204.214.141
|
|
|
|
https://www.msn.com/de-ch/news/other/sexuelle-%c3%bcbergriffe-bei-medizinischer-massage/ar-BB1cW8f7?
|
unknown
|
|
|
|
https://twitter.com/
|
unknown
|
|
|
|
https://clkde.tradedoubler.com/click?p=245744&a=3064090&g=24903118&epi=ch-de
|
unknown
|
|
|
|
https://quantyoo.de/datenschutz
|
unknown
|
|
|
|
https://outlook.live.com/calendar
|
unknown
|
|
|
|
https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_311%2Cw_207%2Cc_fill%2Cg_faces:au
|
unknown
|
|
|
|
https://onedrive.live.com/#qt=mru
|
unknown
|
|
|
|
https://api.taboola.com/2.0/json/msn-ch-de-home/recommendations.notify-click?app.type=desktop&ap
|
unknown
|
|
|
|
https://www.msn.com/de-ch/news/other/z%c3%bcrich-erh%c3%a4lt-zwei-kulturdirektorinnen/ar-BB1cVvSE?oc
|
unknown
|
|
|
|
https://www.msn.com/de-ch/news/other/bus-mit-eis-und-schnee-beworfen-jugendliche-festgenommen/ar-BB1
|
unknown
|
|
|
|
https://www.msn.com?form=MY01O4&OCID=MY01O4
|
unknown
|
|
|
|
https://www.vidstart.com/wp-content/uploads/2018/09/PrivacyPolicyPDF-Vidstart.pdf
|
unknown
|
|
|
|
https://support.skype.com
|
unknown
|
|
|
|
https://www.skyscanner.net/flights?associateid=API_B2B_19305_00001&vertical=custom&pageType=
|
unknown
|
|
|
|
https://contextual.media.net/medianet.php?cid=8CU157172&crid=722878611&size=306x271&https=1
|
unknown
|
|
|
|
https://clk.tradedoubler.com/click?p=245744&a=3064090&g=21863656
|
unknown
|
|
|
|
https://contextual.media.net/medianet.php?cid=8CU157172&crid=858412214&size=306x271&http
|
unknown
|
|
|
|
https://www.ricardo.ch/?utm_source=msn&utm_medium=affiliate&utm_campaign=msn_shop_de&utm
|
unknown
|
|
|
|
https://related.hu/adatkezeles/
|
unknown
|
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
contextual.media.net
|
104.76.200.23
|
|
|
|
tls13.taboola.map.fastly.net
|
151.101.1.44
|
|
|
|
ocsp.sca1b.amazontrust.com
|
143.204.214.141
|
|
|
|
hblg.media.net
|
104.76.200.23
|
|
|
|
lg3.media.net
|
104.76.200.23
|
|
|
|
web.vortex.data.msn.com
|
unknown
|
|
|
|
www.msn.com
|
unknown
|
|
|
|
srtb.msn.com
|
unknown
|
|
|
|
img.img-taboola.com
|
unknown
|
|
|
|
cvision.media.net
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Active
|
Malicious
|
|
|---|---|---|---|---|---|
|
143.204.214.141
|
unknown
|
United States
|
unknown
|
|
|
|
151.101.1.44
|
unknown
|
United States
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\internet explorer\iexplore.exe
|
{49A9FD2E-5BB8-11EB-90EB-ECF4BBEA1588}
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Blocked
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Window_Placement
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Blocked
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
DecayDateQueue
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LastProcessed
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
CVListPingLastYMD
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Blocked
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
NextUpdateDate
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NumberOfSubdomains
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
There are 104 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
50A8000
|
heap private
|
page read and write
|
|
|
|
50A8000
|
heap private
|
page read and write
|
|
|
|
50A8000
|
heap private
|
page read and write
|
|
|
|
50A8000
|
heap private
|
page read and write
|
|
|
|
50A8000
|
heap private
|
page read and write
|
|
|
|
50A8000
|
heap private
|
page read and write
|
|
|
|
50A8000
|
heap private
|
page read and write
|
|
|
|
50A8000
|
heap private
|
page read and write
|
|
|
|
50A8000
|
heap private
|
page read and write
|
|
|
|
EEDAE7B000
|
unkown
|
page read and write
|
|
|
|
2BE0000
|
unkown
|
page readonly
|
|
|
|
7FF53AC5A000
|
unkown
|
page readonly
|
|
|
|
2CC6A472000
|
unkown
|
page read and write
|
|
|
|
2CC6A48F000
|
unkown
|
page read and write
|
|
|
|
1B2C183F000
|
unkown
|
page read and write
|
|
|
|
340000
|
unkown
|
page read and write
|
|
|
|
1A56B75F000
|
unkown
|
page read and write
|
|
|
|
7FF561567000
|
unkown
|
page readonly
|
|
|
|
7FF583EC3000
|
unkown
|
page readonly
|
|
|
|
13932760000
|
heap private
|
page read and write
|
|
|
|
A43E47A000
|
unkown
|
page read and write
|
|
|
|
7FF561587000
|
unkown
|
page readonly
|
|
|
|
13930AE0000
|
unkown
|
page readonly
|
|
|
|
7FF4FDB5C000
|
unkown
|
page readonly
|
|
|
|
7FF5987DC000
|
unkown
|
page readonly
|
|
|
|
1A56AEBD000
|
unkown
|
page read and write
|
|
|
|
1A56B753000
|
unkown
|
page read and write
|
|
|
|
466B000
|
unkown
|
page read and write
|
|
|
|
1A56B76D000
|
unkown
|
page read and write
|
|
|
|
7FF53AB5C000
|
unkown
|
page readonly
|
|
|
|
7FF56154E000
|
unkown
|
page readonly
|
|
|
|
1A56AEA4000
|
unkown
|
page read and write
|
|
|
|
1617B5F7000
|
unkown
|
page read and write
|
|
|
|
1B2C1813000
|
unkown
|
page read and write
|
|
|
|
8C0000
|
unkown
|
page read and write
|
|
|
|
1A56B785000
|
unkown
|
page read and write
|
|
|
|
1A56B75D000
|
unkown
|
page read and write
|
|
|
|
7FF5E6D01000
|
unkown
|
page readonly
|
|
|
|
7FF561431000
|
unkown
|
page readonly
|
|
|
|
58BA57E000
|
unkown
|
page read and write
|
|
|
|
7FF598962000
|
unkown
|
page readonly
|
|
|
|
EC9A8FE000
|
unkown
|
page read and write
|
|
|
|
1617B591000
|
unkown
|
page read and write
|
|
|
|
7FF53AB12000
|
unkown
|
page readonly
|
|
|
|
1A56AED2000
|
unkown
|
page read and write
|
|
|
|
1A56B743000
|
unkown
|
page read and write
|
|
|
|
1548000
|
heap default
|
page read and write
|
|
|
|
2CC6AE00000
|
unkown
|
page readonly
|
|
|
|
16179502000
|
unkown
|
page read and write
|
|
|
|
7FF5E6E74000
|
unkown
|
page readonly
|
|
|
|
BAF000
|
unkown
|
page readonly
|
|
|
|
7FF5E6D1E000
|
unkown
|
page readonly
|
|
|
|
13932610000
|
heap private
|
page read and write
|
|
|
|
1A56B7A1000
|
unkown
|
page read and write
|
|
|
|
7FF50BE70000
|
unkown
|
page readonly
|
|
|
|
16179572000
|
unkown
|
page read and write
|
|
|
|
6920DFE000
|
unkown
|
page read and write
|
|
|
|
E7DE0FE000
|
unkown
|
page read and write
|
|
|
|
7FF5BAE93000
|
unkown
|
page readonly
|
|
|
|
1A56B757000
|
unkown
|
page read and write
|
|
|
|
692107E000
|
unkown
|
page read and write
|
|
|
|
1617B902000
|
unkown
|
page read and write
|
|
|
|
2100BCD0000
|
unkown
|
page readonly
|
|
|
|
4B7E000
|
unkown
|
page read and write
|
|
|
|
7FF56121A000
|
unkown
|
page readonly
|
|
|
|
7FF56151F000
|
unkown
|
page readonly
|
|
|
|
1A56B76A000
|
unkown
|
page read and write
|
|
|
|
7FF5BAFA7000
|
unkown
|
page readonly
|
|
|
|
1A56AC50000
|
heap default
|
page read and write
|
|
|
|
7FF598870000
|
unkown
|
page readonly
|
|
|
|
7FF4FDBAD000
|
unkown
|
page readonly
|
|
|
|
303D6FA000
|
unkown
|
page read and write
|
|
|
|
7FF53F367000
|
unkown
|
page readonly
|
|
|
|
EC9AEFE000
|
unkown
|
page read and write
|
|
|
|
7FF53F442000
|
unkown
|
page readonly
|
|
|
|
B00000
|
unkown
|
page read and write
|
|
|
|
289C000
|
unkown
|
page readonly
|
|
|
|
1A56B768000
|
unkown
|
page read and write
|
|
|
|
7FF53EEC2000
|
unkown
|
page readonly
|
|
|
|
1617B500000
|
unkown
|
page read and write
|
|
|
|
7FF5E6E57000
|
unkown
|
page readonly
|
|
|
|
1B5B1FE6000
|
heap default
|
page read and write
|
|
|
|
13930AC0000
|
unkown
|
page readonly
|
|
|
|
2100E010000
|
unkown
|
page read and write
|
|
|
|
7FF561129000
|
unkown
|
page readonly
|
|
|
|
1B5B22B0000
|
heap private
|
page read and write
|
|
|
|
292B000
|
unkown
|
page readonly
|
|
|
|
243D9202000
|
unkown
|
page read and write
|
|
|
|
1F031E80000
|
unkown
|
page read and write
|
|
|
|
1617C510000
|
unkown
|
page read and write
|
|
|
|
7FF5988E9000
|
unkown
|
page readonly
|
|
|
|
7FF53F116000
|
unkown
|
page readonly
|
|
|
|
7FF5BAF53000
|
unkown
|
page readonly
|
|
|
|
7FF583C7C000
|
unkown
|
page readonly
|
|
|
|
58BA27E000
|
unkown
|
page read and write
|
|
|
|
EEDB27B000
|
unkown
|
page read and write
|
|
|
|
2100BB02000
|
unkown
|
page read and write
|
|
|
|
7FF5988BA000
|
unkown
|
page readonly
|
|
|
|
6C5000
|
heap default
|
page read and write
|
|
|
|
161794DD000
|
unkown
|
page read and write
|
|
|
|
1617AFE0000
|
unkown
|
page readonly
|
|
|
|
243D9213000
|
unkown
|
page read and write
|
|
|
|
AE0000
|
unkown
|
page execute and read and write
|
|
|
|
1A56B739000
|
unkown
|
page read and write
|
|
|
|
1A56B76D000
|
unkown
|
page read and write
|
|
|
|
1A56B779000
|
unkown
|
page read and write
|
|
|
|
A43E3FE000
|
unkown
|
page read and write
|
|
|
|
1A56B78F000
|
unkown
|
page read and write
|
|
|
|
2883000
|
unkown
|
page readonly
|
|
|
|
161793F0000
|
heap default
|
page read and write
|
|
|
|
6920D7B000
|
unkown
|
page read and write
|
|
|
|
7FF53A83F000
|
unkown
|
page readonly
|
|
|
|
7FF4FDB74000
|
unkown
|
page readonly
|
|
|
|
1A56B75C000
|
unkown
|
page read and write
|
|
|
|
7FF598954000
|
unkown
|
page readonly
|
|
|
|
1A56B764000
|
unkown
|
page read and write
|
|
|
|
7FF53A9A6000
|
unkown
|
page readonly
|
|
|
|
7FF5987C3000
|
unkown
|
page readonly
|
|
|
|
1617B5F1000
|
unkown
|
page read and write
|
|
|
|
290F000
|
unkown
|
page readonly
|
|
|
|
1A56B780000
|
unkown
|
page read and write
|
|
|
|
1617B942000
|
unkown
|
page read and write
|
|
|
|
7FF53AC62000
|
unkown
|
page readonly
|
|
|
|
EEDB1FA000
|
unkown
|
page read and write
|
|
|
|
8D0000
|
unkown
|
page read and write
|
|
|
|
1617B507000
|
unkown
|
page read and write
|
|
|
|
7FF598713000
|
unkown
|
page readonly
|
|
|
|
7FF53F1F3000
|
unkown
|
page readonly
|
|
|
|
18B16FE000
|
unkown
|
page read and write
|
|
|
|
BA1000
|
unkown
|
page execute read
|
|
|
|
7FF53AB9F000
|
unkown
|
page readonly
|
|
|
|
1F031730000
|
unkown
|
page readonly
|
|
|
|
1B5B1F40000
|
unkown
|
page read and write
|
|
|
|
1A56B75D000
|
unkown
|
page read and write
|
|
|
|
2100D970000
|
unkown
|
page read and write
|
|
|
|
243D9400000
|
unkown
|
page readonly
|
|
|
|
1A56AED9000
|
unkown
|
page read and write
|
|
|
|
7FF5BAFE4000
|
unkown
|
page readonly
|
|
|
|
303DC7C000
|
unkown
|
page read and write
|
|
|
|
1A56B7A1000
|
unkown
|
page read and write
|
|
|
|
13930A70000
|
unkown
|
page readonly
|
|
|
|
1A56B768000
|
unkown
|
page read and write
|
|
|
|
7FF5613A9000
|
unkown
|
page readonly
|
|
|
|
1617B673000
|
unkown
|
page read and write
|
|
|
|
1A56B775000
|
unkown
|
page read and write
|
|
|
|
7FF598430000
|
unkown
|
page readonly
|
|
|
|
7FF59886E000
|
unkown
|
page readonly
|
|
|
|
16179413000
|
unkown
|
page read and write
|
|
|
|
28A3000
|
unkown
|
page readonly
|
|
|
|
7FF5BB00D000
|
unkown
|
page readonly
|
|
|
|
7FF53F3BE000
|
unkown
|
page readonly
|
|
|
|
1A56B75A000
|
unkown
|
page read and write
|
|
|
|
2903000
|
unkown
|
page readonly
|
|
|
|
1A56B7AA000
|
unkown
|
page read and write
|
|
|
|
2CC6A400000
|
unkown
|
page read and write
|
|
|
|
1617B5B6000
|
unkown
|
page read and write
|
|
|
|
303DEFE000
|
unkown
|
page read and write
|
|
|
|
7FF53F394000
|
unkown
|
page readonly
|
|
|
|
1617B743000
|
unkown
|
page read and write
|
|
|
|
7FF50BE5C000
|
unkown
|
page readonly
|
|
|
|
7FF561375000
|
unkown
|
page readonly
|
|
|
|
1617BC00000
|
unkown
|
page readonly
|
|
|
|
7FF50BF54000
|
unkown
|
page readonly
|
|
|
|
2CC6A508000
|
unkown
|
page read and write
|
|
|
|
7FF53ABB4000
|
unkown
|
page readonly
|
|
|
|
16179530000
|
unkown
|
page read and write
|
|
|
|
69216F8000
|
unkown
|
page read and write
|
|
|
|
2100DB33000
|
unkown
|
page read and write
|
|
|
|
1393270F000
|
heap private
|
page read and write
|
|
|
|
2100BB13000
|
unkown
|
page read and write
|
|
|
|
7FF5840A4000
|
unkown
|
page readonly
|
|
|
|
1A56B4B0000
|
unkown
|
page readonly
|
|
|
|
1A56AE55000
|
unkown
|
page read and write
|
|
|
|
1B5B22C0000
|
unkown
|
page readonly
|
|
|
|
46C0000
|
unkown
|
page read and write
|
|
|
|
303D5FA000
|
unkown
|
page read and write
|
|
|
|
1A56AEA0000
|
unkown
|
page read and write
|
|
|
|
7FF53ABDE000
|
unkown
|
page readonly
|
|
|
|
7FF59886A000
|
unkown
|
page readonly
|
|
|
|
7FF583FF8000
|
unkown
|
page readonly
|
|
|
|
2CC6A429000
|
unkown
|
page read and write
|
|
|
|
692187E000
|
unkown
|
page read and write
|
|
|
|
1530000
|
heap default
|
page read and write
|
|
|
|
303DA7B000
|
unkown
|
page read and write
|
|
|
|
7FF53F24B000
|
unkown
|
page readonly
|
|
|
|
2971000
|
unkown
|
page readonly
|
|
|
|
1617C310000
|
unkown
|
page read and write
|
|
|
|
462C000
|
unkown
|
page read and write
|
|
|
|
1617B6A4000
|
unkown
|
page read and write
|
|
|
|
2100D490000
|
unkown
|
page read and write
|
|
|
|
7FF560E51000
|
unkown
|
page readonly
|
|
|
|
2DB000
|
unkown
|
page read and write
|
|
|
|
1617C310000
|
unkown
|
page read and write
|
|
|
|
7FF50BE9C000
|
unkown
|
page readonly
|
|
|
|
1A56AE83000
|
unkown
|
page read and write
|
|
|
|
1F03184F000
|
unkown
|
page read and write
|
|
|
|
820000
|
unkown
|
page readonly
|
|
|
|
2CC6A44F000
|
unkown
|
page read and write
|
|
|
|
7FF53AB33000
|
unkown
|
page readonly
|
|
|
|
7FF583C97000
|
unkown
|
page readonly
|
|
|
|
1A56B739000
|
unkown
|
page read and write
|
|
|
|
1A56AD50000
|
unkown
|
page read and write
|
|
|
|
7FF5614EC000
|
unkown
|
page readonly
|
|
|
|
CF9EDFB000
|
unkown
|
page read and write
|
|
|
|
6921175000
|
unkown
|
page read and write
|
|
|
|
1F031829000
|
unkown
|
page read and write
|
|
|
|
2100BA00000
|
unkown
|
page read and write
|
|
|
|
7FF5985E7000
|
unkown
|
page readonly
|
|
|
|
CF9F1FA000
|
unkown
|
page read and write
|
|
|
|
1617B584000
|
unkown
|
page read and write
|
|
|
|
7FF53EA33000
|
unkown
|
page readonly
|
|
|
|
28F7000
|
unkown
|
page readonly
|
|
|
|
1B5B1FA0000
|
unkown
|
page readonly
|
|
|
|
6C0000
|
heap default
|
page read and write
|
|
|
|
7FF56159A000
|
unkown
|
page readonly
|
|
|
|
7FF53A9C9000
|
unkown
|
page readonly
|
|
|
|
7FF50BC65000
|
unkown
|
page readonly
|
|
|
|
7FF53AB75000
|
unkown
|
page readonly
|
|
|
|
7FF53AAB6000
|
unkown
|
page readonly
|
|
|
|
7FF50BEB4000
|
unkown
|
page readonly
|
|
|
|
7FF56154A000
|
unkown
|
page readonly
|
|
|
|
7FF53A991000
|
unkown
|
page readonly
|
|
|
|
28FF000
|
unkown
|
page readonly
|
|
|
|
7FF53EF65000
|
unkown
|
page readonly
|
|
|
|
692127A000
|
unkown
|
page read and write
|
|
|
|
13930CC0000
|
unkown
|
page readonly
|
|
|
|
7FF5BAE8B000
|
unkown
|
page readonly
|
|
|
|
7FF583FC0000
|
unkown
|
page readonly
|
|
|
|
1A56B470000
|
unkown
|
page read and write
|
|
|
|
7FF5E6E99000
|
unkown
|
page readonly
|
|
|
|
7FF561550000
|
unkown
|
page readonly
|
|
|
|
7FF50BE02000
|
unkown
|
page readonly
|
|
|
|
1A56B75C000
|
unkown
|
page read and write
|
|
|
|
7FF5615C6000
|
unkown
|
page readonly
|
|
|
|
2100DB0A000
|
unkown
|
page read and write
|
|
|
|
7FF5BAFBF000
|
unkown
|
page readonly
|
|
|
|
7FF50BEDE000
|
unkown
|
page readonly
|
|
|
|
EEDAFF9000
|
unkown
|
page read and write
|
|
|
|
1A56B727000
|
unkown
|
page read and write
|
|
|
|
7FF58401E000
|
unkown
|
page readonly
|
|
|
|
EEDAEFE000
|
unkown
|
page read and write
|
|
|
|
28CC000
|
unkown
|
page readonly
|
|
|
|
7FF5BAE71000
|
unkown
|
page readonly
|
|
|
|
1A56B732000
|
unkown
|
page read and write
|
|
|
|
7FF5BAFFE000
|
unkown
|
page readonly
|
|
|
|
1B5B2012000
|
unkown
|
page read and write
|
|
|
|
7FF53EE2E000
|
unkown
|
page readonly
|
|
|
|
1617B53B000
|
unkown
|
page read and write
|
|
|
|
1A56B79B000
|
unkown
|
page read and write
|
|
|
|
7FF5E6E7F000
|
unkown
|
page readonly
|
|
|
|
7FF5614E2000
|
unkown
|
page readonly
|
|
|
|
7FF53F31F000
|
unkown
|
page readonly
|
|
|
|
1617B783000
|
unkown
|
page read and write
|
|
|
|
CF9F2FF000
|
unkown
|
page read and write
|
|
|
|
243D9180000
|
heap private
|
page read and write
|
|
|
|
243D9520000
|
unkown
|
page readonly
|
|
|
|
1B5B1FFF000
|
unkown
|
page read and write
|
|
|
|
243D9302000
|
unkown
|
page read and write
|
|
|
|
1617AEE0000
|
unkown
|
page read and write
|
|
|
|
2100BED0000
|
unkown
|
page readonly
|
|
|
|
2100BA56000
|
unkown
|
page read and write
|
|
|
|
18B157C000
|
unkown
|
page read and write
|
|
|
|
1A56AEAF000
|
unkown
|
page read and write
|
|
|
|
28DB000
|
unkown
|
page readonly
|
|
|
|
1A56B75F000
|
unkown
|
page read and write
|
|
|
|
7FF5E6E4F000
|
unkown
|
page readonly
|
|
|
|
7FF50BF62000
|
unkown
|
page readonly
|
|
|
|
7FF58381D000
|
unkown
|
page readonly
|
|
|
|
7FF5E6E8E000
|
unkown
|
page readonly
|
|
|
|
1617C410000
|
unkown
|
page read and write
|
|
|
|
2888000
|
unkown
|
page readonly
|
|
|
|
1B2C1829000
|
unkown
|
page read and write
|
|
|
|
1617B900000
|
unkown
|
page read and write
|
|
|
|
1617B3B0000
|
unkown
|
page readonly
|
|
|
|
EEDAF7E000
|
unkown
|
page read and write
|
|
|
|
1A56B75C000
|
unkown
|
page read and write
|
|
|
|
BA0000
|
unkown
|
page read and write
|
|
|
|
28E0000
|
unkown
|
page readonly
|
|
|
|
7FF50BB4A000
|
unkown
|
page readonly
|
|
|
|
8CF000
|
unkown
|
page read and write
|
|
|
|
1A56B7A1000
|
unkown
|
page read and write
|
|
|
|
1617B52A000
|
unkown
|
page read and write
|
|
|
|
288D000
|
unkown
|
page readonly
|
|
|
|
1F031720000
|
heap default
|
page read and write
|
|
|
|
7FF4FDB8E000
|
unkown
|
page readonly
|
|
|
|
2100DC00000
|
unkown
|
page readonly
|
|
|
|
1A56B75C000
|
unkown
|
page read and write
|
|
|
|
2100BB18000
|
unkown
|
page read and write
|
|
|
|
1617B340000
|
unkown
|
page read and write
|
|
|
|
7FF5BAFF8000
|
unkown
|
page readonly
|
|
|
|
7FF4FDB68000
|
unkown
|
page readonly
|
|
|
|
303D15E000
|
unkown
|
page read and write
|
|
|
|
2CC6A46C000
|
unkown
|
page read and write
|
|
|
|
139311D0000
|
unkown
|
page readonly
|
|
|
|
7FF5BAF90000
|
unkown
|
page readonly
|
|
|
|
A43DF4A000
|
unkown
|
page read and write
|
|
|
|
1617B800000
|
unkown
|
page read and write
|
|
|
|
1617B5E2000
|
unkown
|
page read and write
|
|
|
|
6D0000
|
unkown
|
page readonly
|
|
|
|
7FF561453000
|
unkown
|
page readonly
|
|
|
|
7FF583F60000
|
unkown
|
page readonly
|
|
|
|
370000
|
unkown
|
page readonly
|
|
|
|
2100B9B0000
|
unkown
|
page write copy
|
|
|
|
1617C510000
|
unkown
|
page read and write
|
|
|
|
7FF56144B000
|
unkown
|
page readonly
|
|
|
|
1617C310000
|
unkown
|
page read and write
|
|
|
|
7FF53A995000
|
unkown
|
page readonly
|
|
|
|
58BA379000
|
unkown
|
page read and write
|
|
|
|
2100BA3F000
|
unkown
|
page read and write
|
|
|
|
7FF59889C000
|
unkown
|
page readonly
|
|
|
|
7FF50BECE000
|
unkown
|
page readonly
|
|
|
|
303DB7B000
|
unkown
|
page read and write
|
|
|
|
2899000
|
unkown
|
page readonly
|
|
|
|
EED000
|
unkown
|
page read and write
|
|
|
|
2100BB1A000
|
unkown
|
page read and write
|
|
|
|
28F5000
|
unkown
|
page readonly
|
|
|
|
7FF597F53000
|
unkown
|
page readonly
|
|
|
|
16179920000
|
unkown
|
page readonly
|
|
|
|
7FF583F62000
|
unkown
|
page readonly
|
|
|
|
1A56B7CF000
|
unkown
|
page read and write
|
|
|
|
1F031902000
|
unkown
|
page read and write
|
|
|
|
1A56B758000
|
unkown
|
page read and write
|
|
|
|
290A000
|
unkown
|
page readonly
|
|
|
|
1617C210000
|
unkown
|
page read and write
|
|
|
|
4270000
|
unkown
|
page readonly
|
|
|
|
7FF561384000
|
unkown
|
page readonly
|
|
|
|
1A56B77A000
|
unkown
|
page read and write
|
|
|
|
7FF53A9B1000
|
unkown
|
page readonly
|
|
|
|
1A56AE4E000
|
unkown
|
page read and write
|
|
|
|
7FF53F0C7000
|
unkown
|
page readonly
|
|
|
|
7FF598875000
|
unkown
|
page readonly
|
|
|
|
E7DE1F5000
|
unkown
|
page read and write
|
|
|
|
1617C510000
|
unkown
|
page read and write
|
|
|
|
1A56B78C000
|
unkown
|
page read and write
|
|
|
|
7FF561496000
|
unkown
|
page readonly
|
|
|
|
2100D9A0000
|
unkown
|
page readonly
|
|
|
|
7FF5E6D84000
|
unkown
|
page readonly
|
|
|
|
1617B584000
|
unkown
|
page read and write
|
|
|
|
1A56AEE2000
|
unkown
|
page read and write
|
|
|
|
7FF56130B000
|
unkown
|
page readonly
|
|
|
|
1A56AE00000
|
unkown
|
page read and write
|
|
|
|
1A56B7D9000
|
unkown
|
page read and write
|
|
|
|
1617C110000
|
unkown
|
page read and write
|
|
|
|
4C3F000
|
unkown
|
page read and write
|
|
|
|
13930A50000
|
unkown
|
page read and write
|
|
|
|
7FF50BEE6000
|
unkown
|
page readonly
|
|
|
|
E7DE57F000
|
unkown
|
page read and write
|
|
|
|
2100D980000
|
unkown
|
page readonly
|
|
|
|
1A56B713000
|
unkown
|
page read and write
|
|
|
|
1617BA02000
|
unkown
|
page read and write
|
|
|
|
EC9ACF7000
|
unkown
|
page read and write
|
|
|
|
7FF5BAFD4000
|
unkown
|
page readonly
|
|
|
|
7FF5BAF32000
|
unkown
|
page readonly
|
|
|
|
7FF53F39A000
|
unkown
|
page readonly
|
|
|
|
7FF583EC8000
|
unkown
|
page readonly
|
|
|
|
7FF53AB4F000
|
unkown
|
page readonly
|
|
|
|
1A56AEEC000
|
unkown
|
page read and write
|
|
|
|
7FF5E6509000
|
unkown
|
page readonly
|
|
|
|
139309D0000
|
unkown
|
page readonly
|
|
|
|
7FF53AB7B000
|
unkown
|
page readonly
|
|
|
|
7FF5BAF30000
|
unkown
|
page readonly
|
|
|
|
1A56B784000
|
unkown
|
page read and write
|
|
|
|
1A56AE52000
|
unkown
|
page read and write
|
|
|
|
1A56B78F000
|
unkown
|
page read and write
|
|
|
|
7FF561371000
|
unkown
|
page readonly
|
|
|
|
1A56B79A000
|
unkown
|
page read and write
|
|
|
|
13930E40000
|
unkown
|
page readonly
|
|
|
|
1617B5E3000
|
unkown
|
page read and write
|
|
|
|
303D97A000
|
unkown
|
page read and write
|
|
|
|
7FF5E6C71000
|
unkown
|
page readonly
|
|
|
|
2CC6A402000
|
unkown
|
page read and write
|
|
|
|
69214FE000
|
unkown
|
page read and write
|
|
|
|
1F031881000
|
unkown
|
page read and write
|
|
|
|
1B2C1902000
|
unkown
|
page read and write
|
|
|
|
1A56B75E000
|
unkown
|
page read and write
|
|
|
|
1A56B75C000
|
unkown
|
page read and write
|
|
|
|
7FF53F3AF000
|
unkown
|
page readonly
|
|
|
|
7FF4FDB3B000
|
unkown
|
page readonly
|
|
|
|
303D0DB000
|
unkown
|
page read and write
|
|
|
|
1A56BC02000
|
unkown
|
page read and write
|
|
|
|
69215F7000
|
unkown
|
page read and write
|
|
|
|
1A56B757000
|
unkown
|
page read and write
|
|
|
|
EC9AB7B000
|
unkown
|
page read and write
|
|
|
|
1617C010000
|
unkown
|
page read and write
|
|
|
|
7FF50BE87000
|
unkown
|
page readonly
|
|
|
|
1A56AC60000
|
unkown
|
page readonly
|
|
|
|
1F03183C000
|
unkown
|
page read and write
|
|
|
|
1617947E000
|
unkown
|
page read and write
|
|
|
|
7FF53F2F0000
|
unkown
|
page readonly
|
|
|
|
B00000
|
unkown
|
page read and write
|
|
|
|
6A0000
|
unkown
|
page readonly
|
|
|
|
2722000
|
unkown
|
page readonly
|
|
|
|
7FF5E6E1E000
|
unkown
|
page readonly
|
|
|
|
1A56B75C000
|
unkown
|
page read and write
|
|
|
|
7FF5BAFDA000
|
unkown
|
page readonly
|
|
|
|
7FF5BB006000
|
unkown
|
page readonly
|
|
|
|
28AA000
|
unkown
|
page readonly
|
|
|
|
7FF50BE06000
|
unkown
|
page readonly
|
|
|
|
1A56B75C000
|
unkown
|
page read and write
|
|
|
|
7FF53F258000
|
unkown
|
page readonly
|
|
|
|
7FF561641000
|
unkown
|
page readonly
|
|
|
|
7FF561634000
|
unkown
|
page readonly
|
|
|
|
7FF5615BE000
|
unkown
|
page readonly
|
|
|
|
7FF5988ED000
|
unkown
|
page readonly
|
|
|
|
2100D590000
|
unkown
|
page readonly
|
|
|
|
7FF5BAE98000
|
unkown
|
page readonly
|
|
|
|
1617B612000
|
unkown
|
page read and write
|
|
|
|
7FF5BB081000
|
unkown
|
page readonly
|
|
|
|
7FF583FEC000
|
unkown
|
page readonly
|
|
|
|
7FF56151B000
|
unkown
|
page readonly
|
|
|
|
7FF50BE0C000
|
unkown
|
page readonly
|
|
|
|
2100BA86000
|
unkown
|
page read and write
|
|
|
|
7FF59876E000
|
unkown
|
page readonly
|
|
|
|
B17000
|
heap private
|
page read and write
|
|
|
|
2100BB5D000
|
unkown
|
page read and write
|
|
|
|
7FF53F43A000
|
unkown
|
page readonly
|
|
|
|
7FF53AA51000
|
unkown
|
page readonly
|
|
|
|
1A56AE3C000
|
unkown
|
page read and write
|
|
|
|
1617945C000
|
unkown
|
page read and write
|
|
|
|
B10000
|
heap private
|
page read and write
|
|
|
|
1F031851000
|
unkown
|
page read and write
|
|
|
|
13932AF0000
|
heap private
|
page read and write
|
|
|
|
1617C110000
|
unkown
|
page read and write
|
|
|
|
243D9229000
|
unkown
|
page read and write
|
|
|
|
7FF584014000
|
unkown
|
page readonly
|
|
|
|
7FF561391000
|
unkown
|
page readonly
|
|
|
|
6B0000
|
unkown
|
page read and write
|
|
|
|
1617B802000
|
unkown
|
page read and write
|
|
|
|
7FF53F37F000
|
unkown
|
page readonly
|
|
|
|
1617B639000
|
unkown
|
page read and write
|
|
|
|
3F0000
|
unkown
|
page readonly
|
|
|
|
85A000
|
heap default
|
page read and write
|
|
|
|
7FF4FDB7A000
|
unkown
|
page readonly
|
|
|
|
1A56B78E000
|
unkown
|
page read and write
|
|
|
|
7FF53AA78000
|
unkown
|
page readonly
|
|
|
|
7FF53F33C000
|
unkown
|
page readonly
|
|
|
|
CF9F0FE000
|
unkown
|
page read and write
|
|
|
|
1A56AE4A000
|
unkown
|
page read and write
|
|
|
|
45EF000
|
unkown
|
page read and write
|
|
|
|
1A56B470000
|
unkown
|
page readonly
|
|
|
|
1617C000000
|
unkown
|
page read and write
|
|
|
|
1A56B740000
|
unkown
|
page read and write
|
|
|
|
7FF50BF5A000
|
unkown
|
page readonly
|
|
|
|
1A56B73A000
|
unkown
|
page read and write
|
|
|
|
1F031908000
|
unkown
|
page read and write
|
|
|
|
7FF5E6E64000
|
unkown
|
page readonly
|
|
|
|
1617B783000
|
unkown
|
page read and write
|
|
|
|
16179513000
|
unkown
|
page read and write
|
|
|
|
10D7000
|
unkown
|
page read and write
|
|
|
|
1617B5F1000
|
unkown
|
page read and write
|
|
|
|
B00000
|
unkown
|
page read and write
|
|
|
|
2CC6A513000
|
unkown
|
page read and write
|
|
|
|
2CC6AC02000
|
unkown
|
page read and write
|
|
|
|
7FF53AABD000
|
unkown
|
page readonly
|
|
|
|
B00000
|
unkown
|
page read and write
|
|
|
|
69213F7000
|
unkown
|
page read and write
|
|
|
|
2CC6A2C0000
|
unkown
|
page readonly
|
|
|
|
1F03188D000
|
unkown
|
page read and write
|
|
|
|
7FF4FDB84000
|
unkown
|
page readonly
|
|
|
|
1B5B1FE1000
|
unkown
|
page read and write
|
|
|
|
303DE7A000
|
unkown
|
page read and write
|
|
|
|
7FF50BEED000
|
unkown
|
page readonly
|
|
|
|
29A3000
|
unkown
|
page readonly
|
|
|
|
7FF53F2BC000
|
unkown
|
page readonly
|
|
|
|
303DBFD000
|
unkown
|
page read and write
|
|
|
|
7FF53F434000
|
unkown
|
page readonly
|
|
|
|
2CC6A44E000
|
unkown
|
page read and write
|
|
|
|
7FF583DE5000
|
unkown
|
page readonly
|
|
|
|
2911000
|
unkown
|
page readonly
|
|
|
|
2100DB23000
|
unkown
|
page read and write
|
|
|
|
EC9ADFE000
|
unkown
|
page read and write
|
|
|
|
7FF53F37C000
|
unkown
|
page readonly
|
|
|
|
2DE0000
|
unkown
|
page readonly
|
|
|
|
1A56B76E000
|
unkown
|
page read and write
|
|
|
|
7FF53A3CD000
|
unkown
|
page readonly
|
|
|
|
7FF53AA73000
|
unkown
|
page readonly
|
|
|
|
1A56AEC4000
|
unkown
|
page read and write
|
|
|
|
7FF5BB082000
|
unkown
|
page readonly
|
|
|
|
EEDB2FD000
|
unkown
|
page read and write
|
|
|
|
7FF53AB10000
|
unkown
|
page readonly
|
|
|
|
1A56B76B000
|
unkown
|
page read and write
|
|
|
|
16179571000
|
unkown
|
page read and write
|
|
|
|
7FF561227000
|
unkown
|
page readonly
|
|
|
|
1A56B769000
|
unkown
|
page read and write
|
|
|
|
7FF5988C4000
|
unkown
|
page readonly
|
|
|
|
830000
|
unkown
|
page execute and read and write
|
|
|
|
7FF583DE1000
|
unkown
|
page readonly
|
|
|
|
1A56B732000
|
unkown
|
page read and write
|
|
|
|
7FF5BAFEE000
|
unkown
|
page readonly
|
|
|
|
7FF5BAD4B000
|
unkown
|
page readonly
|
|
|
|
7FF53ABBA000
|
unkown
|
page readonly
|
|
|
|
2100BAA7000
|
unkown
|
page read and write
|
|
|
|
7FF4FDC22000
|
unkown
|
page readonly
|
|
|
|
7FF5615A4000
|
unkown
|
page readonly
|
|
|
|
FED000
|
unkown
|
page read and write
|
|
|
|
1617C110000
|
unkown
|
page read and write
|
|
|
|
7FF5BAF8E000
|
unkown
|
page readonly
|
|
|
|
58BA2FE000
|
unkown
|
page read and write
|
|
|
|
28C5000
|
unkown
|
page readonly
|
|
|
|
7FF53AB6A000
|
unkown
|
page readonly
|
|
|
|
7FF53F10B000
|
unkown
|
page readonly
|
|
|
|
7FF50BEA8000
|
unkown
|
page readonly
|
|
|
|
1617C410000
|
unkown
|
page read and write
|
|
|
|
E7DE07E000
|
unkown
|
page read and write
|
|
|
|
1A56B734000
|
unkown
|
page read and write
|
|
|
|
7FF583D86000
|
unkown
|
page readonly
|
|
|
|
7FF5E6F0A000
|
unkown
|
page readonly
|
|
|
|
1A56B76D000
|
unkown
|
page read and write
|
|
|
|
2CC6A48C000
|
unkown
|
page read and write
|
|
|
|
1617952D000
|
unkown
|
page read and write
|
|
|
|
7FF5BB07A000
|
unkown
|
page readonly
|
|
|
|
7FF53ECA7000
|
unkown
|
page readonly
|
|
|
|
1617B350000
|
unkown
|
page readonly
|
|
|
|
380000
|
unkown image
|
page execute and read and write
|
|
|
|
1A56AD70000
|
unkown
|
page readonly
|
|
|
|
7FF53ABA7000
|
unkown
|
page readonly
|
|
|
|
1A56B79D000
|
unkown
|
page read and write
|
|
|
|
1A56BC61000
|
unkown
|
page read and write
|
|
|
|
1A56AF13000
|
unkown
|
page read and write
|
|
|
|
7FF4FD483000
|
unkown
|
page readonly
|
|
|
|
EC9ABFE000
|
unkown
|
page read and write
|
|
|
|
2100D970000
|
unkown
|
page read and write
|
|
|
|
1A56B470000
|
unkown
|
page read and write
|
|
|
|
243D91F0000
|
unkown
|
page readonly
|
|
|
|
1A56B785000
|
unkown
|
page read and write
|
|
|
|
28FD000
|
unkown
|
page readonly
|
|
|
|
1A56B79B000
|
unkown
|
page read and write
|
|
|
|
1A56B7AA000
|
unkown
|
page read and write
|
|
|
|
380000
|
unkown image
|
page readonly
|
|
|
|
7FF561524000
|
unkown
|
page readonly
|
|
|
|
7FF4FDB9E000
|
unkown
|
page readonly
|
|
|
|
161794E0000
|
unkown
|
page read and write
|
|
|
|
50AB000
|
heap private
|
page read and write
|
|
|
|
2100BA29000
|
unkown
|
page read and write
|
|
|
|
7FF53F2F2000
|
unkown
|
page readonly
|
|
|
|
153B000
|
heap default
|
page read and write
|
|
|
|
7FF5840AA000
|
unkown
|
page readonly
|
|
|
|
1A56ABF0000
|
heap private
|
page read and write
|
|
|
|
1A56B79D000
|
unkown
|
page read and write
|
|
|
|
7FF5E69E0000
|
unkown
|
page readonly
|
|
|
|
7FF53F253000
|
unkown
|
page readonly
|
|
|
|
7FF583FBE000
|
unkown
|
page readonly
|
|
|
|
2998000
|
unkown
|
page readonly
|
|
|
|
4AE8000
|
heap private
|
page read and write
|
|
|
|
1B5B2011000
|
unkown
|
page read and write
|
|
|
|
7FF5987D4000
|
unkown
|
page readonly
|
|
|
|
1A56B77A000
|
unkown
|
page read and write
|
|
|
|
7FF53AB0C000
|
unkown
|
page readonly
|
|
|
|
1617B5C7000
|
unkown
|
page read and write
|
|
|
|
7FF5BADE9000
|
unkown
|
page readonly
|
|
|
|
7FF561386000
|
unkown
|
page readonly
|
|
|
|
303DD7C000
|
unkown
|
page read and write
|
|
|
|
1617C010000
|
unkown
|
page read and write
|
|
|
|
1A56B000000
|
unkown
|
page readonly
|
|
|
|
CF9F27E000
|
unkown
|
page read and write
|
|
|
|
7FF53F0D0000
|
unkown
|
page readonly
|
|
|
|
2CC6A3A0000
|
unkown
|
page readonly
|
|
|
|
4A69000
|
heap private
|
page read and write
|
|
|
|
7FF53AA6B000
|
unkown
|
page readonly
|
|
|
|
243D9200000
|
unkown
|
page read and write
|
|
|
|
2CC6A3B0000
|
unkown
|
page read and write
|
|
|
|
303D67B000
|
unkown
|
page read and write
|
|
|
|
7FF5610B2000
|
unkown
|
page readonly
|
|
|
|
13930AF0000
|
heap default
|
page read and write
|
|
|
|
7FF53EF10000
|
unkown
|
page readonly
|
|
|
|
B9D000
|
unkown
|
page read and write
|
|
|
|
7FF5988B4000
|
unkown
|
page readonly
|
|
|
|
2CC6A502000
|
unkown
|
page read and write
|
|
|
|
7FF53AB44000
|
unkown
|
page readonly
|
|
|
|
7FF5E6E6A000
|
unkown
|
page readonly
|
|
|
|
161794C8000
|
unkown
|
page read and write
|
|
|
|
1A56B71C000
|
unkown
|
page read and write
|
|
|
|
27D5000
|
unkown
|
page readonly
|
|
|
|
1B2C3270000
|
unkown
|
page read and write
|
|
|
|
1B2C1AD0000
|
unkown
|
page readonly
|
|
|
|
28D3000
|
unkown
|
page readonly
|
|
|
|
303DDFA000
|
unkown
|
page read and write
|
|
|
|
69212FF000
|
unkown
|
page read and write
|
|
|
|
7FF53A83A000
|
unkown
|
page readonly
|
|
|
|
7FF56153A000
|
unkown
|
page readonly
|
|
|
|
1A56B734000
|
unkown
|
page read and write
|
|
|
|
7FF53A847000
|
unkown
|
page readonly
|
|
|
|
161794C2000
|
unkown
|
page read and write
|
|
|
|
7FF5614F2000
|
unkown
|
page readonly
|
|
|
|
89C000
|
unkown
|
page read and write
|
|
|
|
1A56B71C000
|
unkown
|
page read and write
|
|
|
|
1A56B78E000
|
unkown
|
page read and write
|
|
|
|
7FF561594000
|
unkown
|
page readonly
|
|
|
|
7FF5E6D73000
|
unkown
|
page readonly
|
|
|
|
7FF50BEC4000
|
unkown
|
page readonly
|
|
|
|
2CC6A390000
|
unkown
|
page readonly
|
|
|
|
1617C310000
|
unkown
|
page read and write
|
|
|
|
1F031A00000
|
unkown
|
page readonly
|
|
|
|
840000
|
unkown
|
page execute and read and write
|
|
|
|
1617B743000
|
unkown
|
page read and write
|
|
|
|
272B000
|
unkown
|
page readonly
|
|
|
|
1F031813000
|
unkown
|
page read and write
|
|
|
|
1A56BC00000
|
unkown
|
page read and write
|
|
|
|
1617BA00000
|
unkown
|
page read and write
|
|
|
|
7FF5BAF8A000
|
unkown
|
page readonly
|
|
|
|
2100D910000
|
heap private
|
page read and write
|
|
|
|
7FF53F441000
|
unkown
|
page readonly
|
|
|
|
7FF53A471000
|
unkown
|
page readonly
|
|
|
|
13930AFB000
|
heap default
|
page read and write
|
|
|
|
1A56B761000
|
unkown
|
page read and write
|
|
|
|
7FF583C8A000
|
unkown
|
page readonly
|
|
|
|
EEDB0FE000
|
unkown
|
page read and write
|
|
|
|
1A56B78E000
|
unkown
|
page read and write
|
|
|
|
1617B982000
|
unkown
|
page read and write
|
|
|
|
7FF5BAFBC000
|
unkown
|
page readonly
|
|
|
|
7FF5988E6000
|
unkown
|
page readonly
|
|
|
|
1B5B22B5000
|
heap private
|
page read and write
|
|
|
|
2922000
|
unkown
|
page readonly
|
|
|
|
692177F000
|
unkown
|
page read and write
|
|
|
|
1617B402000
|
unkown
|
page read and write
|
|
|
|
1617C410000
|
unkown
|
page read and write
|
|
|
|
B00000
|
unkown
|
page read and write
|
|
|
|
18B113C000
|
unkown
|
page read and write
|
|
|
|
7FF53ABE1000
|
unkown
|
page readonly
|
|
|
|
26CA000
|
unkown
|
page readonly
|
|
|
|
7FF561555000
|
unkown
|
page readonly
|
|
|
|
2100BAC7000
|
unkown
|
page read and write
|
|
|
|
7FF598961000
|
unkown
|
page readonly
|
|
|
|
1B2C1800000
|
unkown
|
page read and write
|
|
|
|
EC9AA75000
|
unkown
|
page read and write
|
|
|
|
7FF53ABE6000
|
unkown
|
page readonly
|
|
|
|
7FF5987BD000
|
unkown
|
page readonly
|
|
|
|
7FF53F231000
|
unkown
|
page readonly
|
|
|
|
2CC6A500000
|
unkown
|
page read and write
|
|
|
|
7FF597F59000
|
unkown
|
page readonly
|
|
|
|
16179458000
|
unkown
|
page read and write
|
|
|
|
7FF4FD487000
|
unkown
|
page readonly
|
|
|
|
1A56B740000
|
unkown
|
page read and write
|
|
|
|
1A56ADF0000
|
unkown
|
page readonly
|
|
|
|
1A56B72A000
|
unkown
|
page read and write
|
|
|
|
7FF53A94F000
|
unkown
|
page readonly
|
|
|
|
1A56B7B5000
|
unkown
|
page read and write
|
|
|
|
1A56ADA0000
|
unkown
|
page write copy
|
|
|
|
1A56B78F000
|
unkown
|
page read and write
|
|
|
|
2984000
|
unkown
|
page readonly
|
|
|
|
243D9241000
|
unkown
|
page read and write
|
|
|
|
1617C210000
|
unkown
|
page read and write
|
|
|
|
7FF53AB87000
|
unkown
|
page readonly
|
|
|
|
1617B5AD000
|
unkown
|
page read and write
|
|
|
|
1A56B763000
|
unkown
|
page read and write
|
|
|
|
7FF56155B000
|
unkown
|
page readonly
|
|
|
|
7FF5988DE000
|
unkown
|
page readonly
|
|
|
|
7FF5E6F11000
|
unkown
|
page readonly
|
|
|
|
1A56B750000
|
unkown
|
page read and write
|
|
|
|
1A56AE8A000
|
unkown
|
page read and write
|
|
|
|
1617952A000
|
unkown
|
page read and write
|
|
|
|
EEDB379000
|
unkown
|
page read and write
|
|
|
|
1A56AEE9000
|
unkown
|
page read and write
|
|
|
|
7FF598887000
|
unkown
|
page readonly
|
|
|
|
1F032540000
|
unkown
|
page readonly
|
|
|
|
7FF53F1A1000
|
unkown
|
page readonly
|
|
|
|
1617B653000
|
unkown
|
page read and write
|
|
|
|
1B5B1FD0000
|
heap default
|
page read and write
|
|
|
|
7FF56157C000
|
unkown
|
page readonly
|
|
|
|
7FF5BAD56000
|
unkown
|
page readonly
|
|
|
|
7FF53ABD8000
|
unkown
|
page readonly
|
|
|
|
E7DE2FB000
|
unkown
|
page read and write
|
|
|
|
4B3F000
|
unkown
|
page read and write
|
|
|
|
1250000
|
unkown
|
page readonly
|
|
|
|
7FF5BAFC8000
|
unkown
|
page readonly
|
|
|
|
243DACC0000
|
unkown
|
page read and write
|
|
|
|
7FF53F150000
|
unkown
|
page readonly
|
|
|
|
16179600000
|
unkown
|
page readonly
|
|
|
|
7FF50BE7B000
|
unkown
|
page readonly
|
|
|
|
1617B3C0000
|
unkown
|
page read and write
|
|
|
|
7FF56157F000
|
unkown
|
page readonly
|
|
|
|
7FF53F34A000
|
unkown
|
page readonly
|
|
|
|
E7DE477000
|
unkown
|
page read and write
|
|
|
|
7FF583EBB000
|
unkown
|
page readonly
|
|
|
|
A43E27F000
|
unkown
|
page read and write
|
|
|
|
7FF56120C000
|
unkown
|
page readonly
|
|
|
|
2100DB00000
|
unkown
|
page read and write
|
|
|
|
7FF5E6E20000
|
unkown
|
page readonly
|
|
|
|
7FF53EC70000
|
unkown
|
page readonly
|
|
|
|
1A56BC54000
|
unkown
|
page read and write
|
|
|
|
1617948F000
|
unkown
|
page read and write
|
|
|
|
7FF561458000
|
unkown
|
page readonly
|
|
|
|
7FF53F24E000
|
unkown
|
page readonly
|
|
|
|
7FF584004000
|
unkown
|
page readonly
|
|
|
|
7FF5615AE000
|
unkown
|
page readonly
|
|
|
|
243DADC0000
|
unkown
|
page readonly
|
|
|
|
1A56B760000
|
unkown
|
page read and write
|
|
|
|
7FF56149D000
|
unkown
|
page readonly
|
|
|
|
1617B700000
|
unkown
|
page read and write
|
|
|
|
1F031913000
|
unkown
|
page read and write
|
|
|
|
7FF4FDB30000
|
unkown
|
page readonly
|
|
|
|
303DAFB000
|
unkown
|
page read and write
|
|
|
|
1A56B779000
|
unkown
|
page read and write
|
|
|
|
2774000
|
unkown
|
page readonly
|
|
|
|
1A56B76E000
|
unkown
|
page read and write
|
|
|
|
7FF59876B000
|
unkown
|
page readonly
|
|
|
|
7FF53F3A4000
|
unkown
|
page readonly
|
|
|
|
2975000
|
unkown
|
page readonly
|
|
|
|
303DF7B000
|
unkown
|
page read and write
|
|
|
|
7FF59885A000
|
unkown
|
page readonly
|
|
|
|
7FF53ABCE000
|
unkown
|
page readonly
|
|
|
|
7FF53AB3B000
|
unkown
|
page readonly
|
|
|
|
2100D900000
|
unkown
|
page readonly
|
|
|
|
7FF53ABE9000
|
unkown
|
page readonly
|
|
|
|
7FF5BAC4C000
|
unkown
|
page readonly
|
|
|
|
16179581000
|
unkown
|
page read and write
|
|
|
|
1617B882000
|
unkown
|
page read and write
|
|
|
|
7FF53F35B000
|
unkown
|
page readonly
|
|
|
|
1617B3E0000
|
unkown
|
page readonly
|
|
|
|
7FF53F34E000
|
unkown
|
page readonly
|
|
|
|
1A56AF02000
|
unkown
|
page read and write
|
|
|
|
7FF50BF03000
|
unkown
|
page readonly
|
|
|
|
7FF5E6D8C000
|
unkown
|
page readonly
|
|
|
|
2CC6A413000
|
unkown
|
page read and write
|
|
|
|
7FF5988CF000
|
unkown
|
page readonly
|
|
|
|
7FF53F3B8000
|
unkown
|
page readonly
|
|
|
|
7FF5E6E1A000
|
unkown
|
page readonly
|
|
|
|
1A56AE6C000
|
unkown
|
page read and write
|
|
|
|
1A56B763000
|
unkown
|
page read and write
|
|
|
|
243D94D0000
|
unkown
|
page write copy
|
|
|
|
1617B3C0000
|
unkown
|
page read and write
|
|
|
|
1A56BC02000
|
unkown
|
page read and write
|
|
|
|
1A56B732000
|
unkown
|
page read and write
|
|
|
|
7FF5E6E2B000
|
unkown
|
page readonly
|
|
|
|
1A56BC02000
|
unkown
|
page read and write
|
|
|
|
1A56B766000
|
unkown
|
page read and write
|
|
|
|
7FF4FDC21000
|
unkown
|
page readonly
|
|
|
|
18B15FE000
|
unkown
|
page read and write
|
|
|
|
1A56B740000
|
unkown
|
page read and write
|
|
|
|
360000
|
unkown
|
page readonly
|
|
|
|
E7DE67F000
|
unkown
|
page read and write
|
|
|
|
1B5B20D0000
|
unkown
|
page readonly
|
|
|
|
7FF5E6E4C000
|
unkown
|
page readonly
|
|
|
|
1B2C3370000
|
unkown
|
page readonly
|
|
|
|
1617C210000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
18B14FD000
|
unkown
|
page read and write
|
|
|
|
7FF598445000
|
unkown
|
page readonly
|
|
|
|
1A56B761000
|
unkown
|
page read and write
|
|
|
|
161794B9000
|
unkown
|
page read and write
|
|
|
|
1A56B74D000
|
unkown
|
page read and write
|
|
|
|
7FF53F387000
|
unkown
|
page readonly
|
|
|
|
1A56AEF6000
|
unkown
|
page read and write
|
|
|
|
B00000
|
unkown
|
page read and write
|
|
|
|
7FF5615C9000
|
unkown
|
page readonly
|
|
|
|
13930B2D000
|
heap default
|
page read and write
|
|
|
|
1A56B74F000
|
unkown
|
page read and write
|
|
|
|
1A56B766000
|
unkown
|
page read and write
|
|
|
|
303D8F9000
|
unkown
|
page read and write
|
|
|
|
7FF4FDC1A000
|
unkown
|
page readonly
|
|
|
|
13930E30000
|
heap private
|
page read and write
|
|
|
|
2100B9A0000
|
heap default
|
page read and write
|
|
|
|
1F03184B000
|
unkown
|
page read and write
|
|
|
|
7FF53F3C9000
|
unkown
|
page readonly
|
|
|
|
7FF583F83000
|
unkown
|
page readonly
|
|
|
|
7FF53EF16000
|
unkown
|
page readonly
|
|
|
|
7FF53EF67000
|
unkown
|
page readonly
|
|
|
|
7FF53A948000
|
unkown
|
page readonly
|
|
|
|
7FF5614F0000
|
unkown
|
page readonly
|
|
|
|
2100BC00000
|
unkown
|
page readonly
|
|
|
|
161794CC000
|
unkown
|
page read and write
|
|
|
|
1A56B78E000
|
unkown
|
page read and write
|
|
|
|
1F031800000
|
unkown
|
page read and write
|
|
|
|
7FF59895A000
|
unkown
|
page readonly
|
|
|
|
1B2C1802000
|
unkown
|
page read and write
|
|
|
|
1B2C1A00000
|
unkown
|
page readonly
|
|
|
|
1F031C00000
|
unkown
|
page readonly
|
|
|
|
7FF56121F000
|
unkown
|
page readonly
|
|
|
|
7FF53F2A3000
|
unkown
|
page readonly
|
|
|
|
7FF50BE6E000
|
unkown
|
page readonly
|
|
|
|
7FF50B6D7000
|
unkown
|
page readonly
|
|
|
|
385000
|
unkown image
|
page execute and read and write
|
|
|
|
7FF59885C000
|
unkown
|
page readonly
|
|
|
|
1617C010000
|
unkown
|
page read and write
|
|
|
|
7FF50BF61000
|
unkown
|
page readonly
|
|
|
|
1617C410000
|
unkown
|
page read and write
|
|
|
|
1A56BC02000
|
unkown
|
page read and write
|
|
|
|
1A56B762000
|
unkown
|
page read and write
|
|
|
|
7FF583FC5000
|
unkown
|
page readonly
|
|
|
|
1A56B602000
|
unkown
|
page read and write
|
|
|
|
2926000
|
unkown
|
page readonly
|
|
|
|
16179454000
|
unkown
|
page read and write
|
|
|
|
7FF583FD7000
|
unkown
|
page readonly
|
|
|
|
1A56B754000
|
unkown
|
page read and write
|
|
|
|
7FF5E6E37000
|
unkown
|
page readonly
|
|
|
|
29C000
|
unkown
|
page read and write
|
|
|
|
1A56B730000
|
unkown
|
page read and write
|
|
|
|
7FF53AB9C000
|
unkown
|
page readonly
|
|
|
|
7FF53A92B000
|
unkown
|
page readonly
|
|
|
|
7FF5E69E6000
|
unkown
|
page readonly
|
|
|
|
1A56AF16000
|
unkown
|
page read and write
|
|
|
|
4CB0000
|
heap private
|
page read and write
|
|
|
|
7FF53AB6E000
|
unkown
|
page readonly
|
|
|
|
7FF5E6E0A000
|
unkown
|
page readonly
|
|
|
|
7FF561316000
|
unkown
|
page readonly
|
|
|
|
7FF53F324000
|
unkown
|
page readonly
|
|
|
|
7FF5E69F5000
|
unkown
|
page readonly
|
|
|
|
2100D8F0000
|
unkown
|
page read and write
|
|
|
|
1B2C1854000
|
unkown
|
page read and write
|
|
|
|
1617C210000
|
unkown
|
page read and write
|
|
|
|
1A56B7B5000
|
unkown
|
page read and write
|
|
|
|
CF9F179000
|
unkown
|
page read and write
|
|
|
|
7FF53A936000
|
unkown
|
page readonly
|
|
|
|
46F0000
|
heap private
|
page read and write
|
|
|
|
1F0316C0000
|
heap private
|
page read and write
|
|
|
|
7FF53F1FA000
|
unkown
|
page readonly
|
|
|
|
1617B684000
|
unkown
|
page read and write
|
|
|
|
7FF53AB5A000
|
unkown
|
page readonly
|
|
|
|
7FF53A6D2000
|
unkown
|
page readonly
|
|
|
|
7FF5BA7ED000
|
unkown
|
page readonly
|
|
|
|
7FF5E6E9D000
|
unkown
|
page readonly
|
|
|
|
303D4FB000
|
unkown
|
page read and write
|
|
|
|
EEDB17E000
|
unkown
|
page read and write
|
|
|
|
A43E37F000
|
unkown
|
page read and write
|
|
|
|
161794F1000
|
unkown
|
page read and write
|
|
|
|
1A56B736000
|
unkown
|
page read and write
|
|
|
|
7FF53ECA3000
|
unkown
|
page readonly
|
|
|
|
7FF53F3C6000
|
unkown
|
page readonly
|
|
|
|
7FF50BE5A000
|
unkown
|
page readonly
|
|
|
|
1A56B740000
|
unkown
|
page read and write
|
|
|
|
2100DB02000
|
unkown
|
page read and write
|
|
|
|
2100D960000
|
unkown
|
page readonly
|
|
|
|
1A56BC02000
|
unkown
|
page read and write
|
|
|
|
1F031856000
|
unkown
|
page read and write
|
|
|
|
1B5B1F90000
|
unkown
|
page readonly
|
|
|
|
7FF53F2B4000
|
unkown
|
page readonly
|
|
|
|
2100BA13000
|
unkown
|
page read and write
|
|
|
|
7FF53A749000
|
unkown
|
page readonly
|
|
|
|
EC9A87B000
|
unkown
|
page read and write
|
|
|
|
1F031862000
|
unkown
|
page read and write
|
|
|
|
16179400000
|
unkown
|
page read and write
|
|
|
|
7FF5E6BA0000
|
unkown
|
page readonly
|
|
|
|
7FF584031000
|
unkown
|
page readonly
|
|
|
|
16179720000
|
unkown
|
page readonly
|
|
|
|
1617B3C0000
|
unkown
|
page readonly
|
|
|
|
7FF56132F000
|
unkown
|
page readonly
|
|
|
|
4BFE000
|
unkown
|
page read and write
|
|
|
|
1A56AD30000
|
unkown
|
page readonly
|
|
|
|
303D77B000
|
unkown
|
page read and write
|
|
|
|
7FF5E6CC3000
|
unkown
|
page readonly
|
|
|
|
7FF53AC54000
|
unkown
|
page readonly
|
|
|
|
29A3000
|
unkown
|
page readonly
|
|
|
|
2100DA02000
|
unkown
|
page read and write
|
|
|
|
7FF5E6B97000
|
unkown
|
page readonly
|
|
|
|
7FF5E6E96000
|
unkown
|
page readonly
|
|
|
|
1F03186D000
|
unkown
|
page read and write
|
|
|
|
13930BF0000
|
unkown
|
page readonly
|
|
|
|
1A56AEEB000
|
unkown
|
page read and write
|
|
|
|
1617B50B000
|
unkown
|
page read and write
|
|
|
|
7FF53F186000
|
unkown
|
page readonly
|
|
|
|
1617B513000
|
unkown
|
page read and write
|
|
|
|
2100BABF000
|
unkown
|
page read and write
|
|
|
|
7FF583FCB000
|
unkown
|
page readonly
|
|
|
|
1617B5D8000
|
unkown
|
page read and write
|
|
|
|
1A56B470000
|
unkown
|
page read and write
|
|
|
|
13A0000
|
heap default
|
page read and write
|
|
|
|
7FF5986C1000
|
unkown
|
page readonly
|
|
|
|
7FF53AC61000
|
unkown
|
page readonly
|
|
|
|
7FF53F184000
|
unkown
|
page readonly
|
|
|
|
7FF584036000
|
unkown
|
page readonly
|
|
|
|
7FF583E19000
|
unkown
|
page readonly
|
|
|
|
7FF58402E000
|
unkown
|
page readonly
|
|
|
|
E7DDDFC000
|
unkown
|
page read and write
|
|
|
|
46BE000
|
unkown
|
page read and write
|
|
|
|
BAC000
|
unkown
|
page readonly
|
|
|
|
7FF5E6F04000
|
unkown
|
page readonly
|
|
|
|
7FF5BAF9B000
|
unkown
|
page readonly
|
|
|
|
2CC6A44B000
|
unkown
|
page read and write
|
|
|
|
BAD000
|
unkown
|
page read and write
|
|
|
|
1A56B700000
|
unkown
|
page read and write
|
|
|
|
1617B563000
|
unkown
|
page read and write
|
|
|
|
16179390000
|
heap private
|
page read and write
|
|
|
|
7FF560DAD000
|
unkown
|
page readonly
|
|
|
|
4BBF000
|
unkown
|
page read and write
|
|
|
|
EEDB07A000
|
unkown
|
page read and write
|
|
|
|
7FF5840B1000
|
unkown
|
page readonly
|
|
|
|
7FF53EF25000
|
unkown
|
page readonly
|
|
|
|
1A56B768000
|
unkown
|
page read and write
|
|
|
|
13930A30000
|
unkown
|
page read and write
|
|
|
|
2100BB5C000
|
unkown
|
page read and write
|
|
|
|
1F031900000
|
unkown
|
page read and write
|
|
|
|
1F031862000
|
unkown
|
page read and write
|
|
|
|
41F0000
|
unkown
|
page read and write
|
|
|
|
2886000
|
unkown
|
page readonly
|
|
|
|
7FF53F350000
|
unkown
|
page readonly
|
|
|
|
2100D970000
|
unkown
|
page read and write
|
|
|
|
7FF5E6D6D000
|
unkown
|
page readonly
|
|
|
|
7FF584039000
|
unkown
|
page readonly
|
|
|
|
7FF50BE75000
|
unkown
|
page readonly
|
|
|
|
58BA47E000
|
unkown
|
page read and write
|
|
|
|
7FF53AB3F000
|
unkown
|
page readonly
|
|
|
|
1A56AED9000
|
unkown
|
page read and write
|
|
|
|
7FF598436000
|
unkown
|
page readonly
|
|
|
|
303D47E000
|
unkown
|
page read and write
|
|
|
|
7FF56152F000
|
unkown
|
page readonly
|
|
|
|
1617B600000
|
unkown
|
page read and write
|
|
|
|
13930E35000
|
heap private
|
page read and write
|
|
|
|
1A56B775000
|
unkown
|
page read and write
|
|
|
|
2992000
|
unkown
|
page readonly
|
|
|
|
2100B940000
|
heap private
|
page read and write
|
|
|
|
2CC6A452000
|
unkown
|
page read and write
|
|
|
|
7FF53A82C000
|
unkown
|
page readonly
|
|
|
|
303D1D9000
|
unkown
|
page read and write
|
|
|
|
7FF5BB074000
|
unkown
|
page readonly
|
|
|
|
27C8000
|
unkown
|
page readonly
|
|
|
|
58BA4FF000
|
unkown
|
page read and write
|
|
|
|
1A56B480000
|
unkown
|
page read and write
|
|
|
|
1617943F000
|
unkown
|
page read and write
|
|
|
|
A43E2F9000
|
unkown
|
page read and write
|
|
|
|
7FF53F32F000
|
unkown
|
page readonly
|
|
|
|
161794C2000
|
unkown
|
page read and write
|
|
|
|
7FF583D7B000
|
unkown
|
page readonly
|
|
|
|
1A56B767000
|
unkown
|
page read and write
|
|
|
|
1617C410000
|
unkown
|
page read and write
|
|
|
|
303D7FA000
|
unkown
|
page read and write
|
|
|
|
1A56B78D000
|
unkown
|
page read and write
|
|
|
|
1A56AF08000
|
unkown
|
page read and write
|
|
|
|
7FF56163A000
|
unkown
|
page readonly
|
|
|
|
7FF5988D8000
|
unkown
|
page readonly
|
|
|
|
1617B5DE000
|
unkown
|
page read and write
|
|
|
|
E7DE37E000
|
unkown
|
page read and write
|
|
|
|
7FF5985F0000
|
unkown
|
page readonly
|
|
|
|
16179570000
|
unkown
|
page read and write
|
|
|
|
2CC6A2B0000
|
heap default
|
page read and write
|
|
|
|
1A56B73A000
|
unkown
|
page read and write
|
|
|
|
7FF4FDBA9000
|
unkown
|
page readonly
|
|
|
|
7FF50B6D5000
|
unkown
|
page readonly
|
|
|
|
1A56B783000
|
unkown
|
page read and write
|
|
|
|
7FF583C8F000
|
unkown
|
page readonly
|
|
|
|
7FF50BEBA000
|
unkown
|
page readonly
|
|
|
|
1617B360000
|
heap private
|
page read and write
|
|
|
|
EC9A97E000
|
unkown
|
page read and write
|
|
|
|
7FF53A9C1000
|
unkown
|
page readonly
|
|
|
|
1617B5F3000
|
unkown
|
page read and write
|
|
|
|
7FF5BAF95000
|
unkown
|
page readonly
|
|
|
|
7FF5BAC67000
|
unkown
|
page readonly
|
|
|
|
1A56B755000
|
unkown
|
page read and write
|
|
|
|
7FF561642000
|
unkown
|
page readonly
|
|
|
|
50AA000
|
heap private
|
page read and write
|
|
|
|
7FF561513000
|
unkown
|
page readonly
|
|
|
|
850000
|
heap default
|
page read and write
|
|
|
|
2100DB64000
|
unkown
|
page read and write
|
|
|
|
1617B3C0000
|
unkown
|
page read and write
|
|
|
|
7FF5E6503000
|
unkown
|
page readonly
|
|
|
|
1A56AE4D000
|
unkown
|
page read and write
|
|
|
|
680000
|
heap private
|
page read and write
|
|
|
|
7FF53F31B000
|
unkown
|
page readonly
|
|
|
|
7FF598751000
|
unkown
|
page readonly
|
|
|
|
7FF53ABC4000
|
unkown
|
page readonly
|
|
|
|
2CC6AA60000
|
unkown
|
page readonly
|
|
|
|
161796D0000
|
unkown
|
page write copy
|
|
|
|
7FF59889F000
|
unkown
|
page readonly
|
|
|
|
1A56B780000
|
unkown
|
page read and write
|
|
|
|
7FF4FD450000
|
unkown
|
page readonly
|
|
|
|
2CC6A600000
|
unkown
|
page readonly
|
|
|
|
7FF5BB001000
|
unkown
|
page readonly
|
|
|
|
2CC6A250000
|
heap private
|
page read and write
|
|
|
|
1B5B1F60000
|
unkown
|
page read and write
|
|
|
|
58BA3FA000
|
unkown
|
page read and write
|
|
|
|
7FF4FDB35000
|
unkown
|
page readonly
|
|
|
|
1A56B76F000
|
unkown
|
page read and write
|
|
|
|
7FF5BAC5F000
|
unkown
|
page readonly
|
|
|
|
1B5B1FFF000
|
unkown
|
page read and write
|
|
|
|
303DCFB000
|
unkown
|
page read and write
|
|
|
|
1A56AE29000
|
unkown
|
page read and write
|
|
|
|
2100D970000
|
unkown
|
page read and write
|
|
|
|
13932920000
|
heap private
|
page read and write
|
|
|
|
7FF53EEBE000
|
unkown
|
page readonly
|
|
|
|
1A56AEA5000
|
unkown
|
page read and write
|
|
|
|
7FF5840B2000
|
unkown
|
page readonly
|
|
|
|
7FF5BB009000
|
unkown
|
page readonly
|
|
|
|
1F032200000
|
unkown
|
page readonly
|
|
|
|
303D87B000
|
unkown
|
page read and write
|
|
|
|
298C000
|
unkown
|
page readonly
|
|
|
|
7FF5E6E25000
|
unkown
|
page readonly
|
|
|
|
1A56B778000
|
unkown
|
page read and write
|
|
|
|
7FF5615B8000
|
unkown
|
page readonly
|
|
|
|
13930A80000
|
unkown
|
page readonly
|
|
|
|
1617B586000
|
unkown
|
page read and write
|
|
|
|
7FF5615C1000
|
unkown
|
page readonly
|
|
|
|
1B2C1780000
|
unkown
|
page write copy
|
|
|
|
7FF583EA1000
|
unkown
|
page readonly
|
|
|
|
1F032002000
|
unkown
|
page read and write
|
|
|
|
7FF50BEE9000
|
unkown
|
page readonly
|
|
|
|
7FF53EC51000
|
unkown
|
page readonly
|
|
|
|
56E000
|
unkown
|
page read and write
|
|
|
|
7FF5613A1000
|
unkown
|
page readonly
|
|
|
|
1617B5D2000
|
unkown
|
page read and write
|
|
|
|
7FF53AB02000
|
unkown
|
page readonly
|
|
|
|
7FF5E6F12000
|
unkown
|
page readonly
|
|
|
|
7FF583FBA000
|
unkown
|
page readonly
|
|
|
|
1A56B768000
|
unkown
|
page read and write
|
|
|
|
1A56AE4B000
|
unkown
|
page read and write
|
|
|
|
1A56B490000
|
unkown
|
page readonly
|
|
|
|
7FF59887B000
|
unkown
|
page readonly
|
|
|
|
7FF53F191000
|
unkown
|
page readonly
|
|
|
|
7FF53EA39000
|
unkown
|
page readonly
|
|
|
|
1B2C17D0000
|
unkown
|
page readonly
|
|
|
|
1617C310000
|
unkown
|
page read and write
|
|
|
|
7FF584028000
|
unkown
|
page readonly
|
|
|
|
303D57F000
|
unkown
|
page read and write
|
|
|
|
7FF53F33A000
|
unkown
|
page readonly
|
|
|
|
1617C110000
|
unkown
|
page read and write
|
|
|
|
7FF53EEB2000
|
unkown
|
page readonly
|
|
|
|
1A56B7D9000
|
unkown
|
page read and write
|
|
|
|
1A56B460000
|
unkown
|
page readonly
|
|
|
|
1617B55E000
|
unkown
|
page read and write
|
|
|
|
7FF4FDC14000
|
unkown
|
page readonly
|
|
|
|
8C0000
|
unkown
|
page read and write
|
|
|
|
1617B743000
|
unkown
|
page read and write
|
|
|
|
1A56B778000
|
unkown
|
page read and write
|
|
|
|
7FF5E6D1B000
|
unkown
|
page readonly
|
|
|
|
2728000
|
unkown
|
page readonly
|
|
|
|
16179429000
|
unkown
|
page read and write
|
|
|
|
1B5B1FFF000
|
unkown
|
page read and write
|
|
|
|
A43DFCE000
|
unkown
|
page read and write
|
|
|
|
1B5B1FF7000
|
unkown
|
page read and write
|
|
|
|
1B2C1770000
|
heap default
|
page read and write
|
|
|
|
1A56B774000
|
unkown
|
page read and write
|
|
|
|
7FF56153C000
|
unkown
|
page readonly
|
|
|
|
1A56B800000
|
unkown
|
page readonly
|
|
|
|
CF9F07F000
|
unkown
|
page read and write
|
|
|
|
13930AD0000
|
unkown
|
page readonly
|
|
|
|
2CC6A43C000
|
unkown
|
page read and write
|
|
|
|
7FF5BADB5000
|
unkown
|
page readonly
|
|
|
|
7FF53AB70000
|
unkown
|
page readonly
|
|
|
|
7FF4FDB5F000
|
unkown
|
page readonly
|
|
|
|
58B9FDB000
|
unkown
|
page read and write
|
|
|
|
243D9256000
|
unkown
|
page read and write
|
|
|
|
7FF583FEF000
|
unkown
|
page readonly
|
|
|
|
1617953F000
|
unkown
|
page read and write
|
|
|
|
1617B58C000
|
unkown
|
page read and write
|
|
|
|
56A000
|
unkown
|
page read and write
|
|
|
|
243D91E0000
|
heap default
|
page read and write
|
|
|
|
7FF4FDB98000
|
unkown
|
page readonly
|
|
|
|
1F031E70000
|
unkown
|
page readonly
|
|
|
|
10D3000
|
unkown
|
page read and write
|
|
|
|
1B2C1710000
|
heap private
|
page read and write
|
|
|
|
7FF5BAC5A000
|
unkown
|
page readonly
|
|
|
|
7FF53A9A4000
|
unkown
|
page readonly
|
|
|
|
1A56B799000
|
unkown
|
page read and write
|
|
|
|
1617B842000
|
unkown
|
page read and write
|
|
|
|
1617C510000
|
unkown
|
page read and write
|
|
|
|
7FF50B78C000
|
unkown
|
page readonly
|
|
|
|
1617C110000
|
unkown
|
page read and write
|
|
|
|
7FF5E6E0C000
|
unkown
|
page readonly
|
|
|
|
7FF50BB4D000
|
unkown
|
page readonly
|
|
|
|
692197F000
|
unkown
|
page read and write
|
|
|
|
7FF5BADB1000
|
unkown
|
page readonly
|
|
|
|
1A56B774000
|
unkown
|
page read and write
|
|
|
|
7FF53F355000
|
unkown
|
page readonly
|
|
|
|
1617B5F4000
|
unkown
|
page read and write
|
|
|
|
EEDB3FE000
|
unkown
|
page read and write
|
|
|
|
28E9000
|
unkown
|
page readonly
|
|
|
|
7FF53F29D000
|
unkown
|
page readonly
|
|
|
|
7FF5E6E88000
|
unkown
|
page readonly
|
|
|
|
2739000
|
unkown
|
page readonly
|
|
|
|
1617947B000
|
unkown
|
page read and write
|
|
|
|
303D9FB000
|
unkown
|
page read and write
|
|
|
|
7FF561328000
|
unkown
|
page readonly
|
|
|
|
161794BB000
|
unkown
|
page read and write
|
|
|
|
1B5B1FF6000
|
unkown
|
page read and write
|
|
|
|
2100BB00000
|
unkown
|
page read and write
|
|
|
|
1A56B778000
|
unkown
|
page read and write
|
|
|
|
7FF50BED8000
|
unkown
|
page readonly
|
|
|
|
7FF5988A7000
|
unkown
|
page readonly
|
|
|
|
1617948A000
|
unkown
|
page read and write
|
|
|
|
7FF58403D000
|
unkown
|
page readonly
|
|
|
|
1617C410000
|
unkown
|
page read and write
|
|
|
|
27D0000
|
unkown
|
page readonly
|
|
|
|
1A56B750000
|
unkown
|
page read and write
|
|
|
|
16179550000
|
unkown
|
page read and write
|
|
|
|
7FF58400A000
|
unkown
|
page readonly
|
|
|
|
1A56AE13000
|
unkown
|
page read and write
|
|
|
|
1A56AD40000
|
unkown
|
page readonly
|
|
There are 1065 hidden memdumps, click here to show them.