Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
https://bit.ly/39Yryji?%7C=www.santander.cl
|
URL
|
initial url
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\cuenta-nnwk[1].htm
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{22CB6B3D-610D-11EB-90E5-ECF4BB570DC9}.dat
|
Microsoft Word Document
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{22CB6B3F-610D-11EB-90E5-ECF4BB570DC9}.dat
|
Microsoft Word Document
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{29CC5350-610D-11EB-90E5-ECF4BB570DC9}.dat
|
Microsoft Word Document
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\dikxvqf\imagestore.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\3iJRjYG[1].htm
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\BolaContacto[1].png
|
PNG image data, 72 x 78, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\CorreoZB[1].js
|
ASCII text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\Default[1].htm
|
HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\DeltaNegra[1].png
|
PNG image data, 510 x 265, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\KronosPool[1].png
|
PNG image data, 510 x 265, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\MesaPoolEko[1].htm
|
HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\OpcionAccesorio[1].png
|
PNG image data, 510 x 265, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\OpcionMesaBillar[1].png
|
PNG image data, 510 x 265, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\OpcionServicio[1].png
|
PNG image data, 510 x 265, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\TexturaClara[1].png
|
PNG image data, 250 x 250, 8-bit/color RGB, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\accesorios[1].htm
|
HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\bolas%20economicas%20para%20pool[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:10 07:30:29,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\botanas%20master[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:13 12:57:45,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\buchacas%20mesas%20de%20pool[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:10 07:21:18,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\pa os%20para%20billar%20pool[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:13 14:11:16,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\porta%20tizas[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:10 07:02:34,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\rep2_1[1].jpg
|
[TIFF image data, little-endian, direntries=0], baseline, precision 8, 245x150, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\rep2_2[1].jpg
|
[TIFF image data, little-endian, direntries=0], baseline, precision 8, 245x150, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\texturanegrapunteada[1].jpg
|
[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe
Photoshop CS3 Windows, datetime=2007:09:10 16:31:11], baseline, precision 8, 120x120, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\tizas%20cosmeticos%20hansinburg[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:13 13:01:22,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\triangulos%20de%20billar[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:10 06:27:41,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\39Yryji[1].htm
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\ArchitectsDaughter[1].ttf
|
TrueType Font data, 11 tables, 1st "OS/2", 24 names, Macintosh, Copyright (c) 2010, Kimberly Geswein (kimberlygeswein.com)Architects
DaughterRegular1.000;pyrs;
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\Delta2[1].png
|
PNG image data, 510 x 265, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\Eko[1].png
|
PNG image data, 510 x 265, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\GRC7VUR6.htm
|
HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\Gabardina%20billar%20carambola[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:13 14:14:09,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\Kronos[1].png
|
PNG image data, 510 x 265, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\Min480Max959[1].css
|
UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\Min960Max1719[1].css
|
UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\Pool[1].htm
|
HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\accesorios[1].htm
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\bolas%20de%20pool%20marca%20imperial[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:10 07:32:52,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\botanas%20de%20billar%20hansinburg[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:13 12:52:10,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\bullet[1].png
|
PNG image data, 12 x 9, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\casquillos%20tacos%20de%20billar[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:13 13:42:35,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\contacto[1].htm
|
HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\contempo_caram_510x320[1].jpg
|
[TIFF image data, little-endian, direntries=0], baseline, precision 8, 510x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\fundas%20tacos%20de%20billar[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:10 05:28:23,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\mesas_de_billar[1].htm
|
HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\parches%20pa o%20de%20pool[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:10 07:25:47,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\rep1_1[1].jpg
|
[TIFF image data, little-endian, direntries=0], baseline, precision 8, 245x150, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\taco%20de%20billar%20tipo%20union[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:10 10:16:17,
GPS-Data], baseline, precision 8, 320x427, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\tizas%20cosmetico%20master[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:13 13:17:24,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\Basico[1].css
|
UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\Bolas%20ruedo%20carambola%20aramit%20pro%20cup[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:13 13:32:45,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\Comun[1].css
|
UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\Default[1].htm
|
HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\Max479[1].css
|
UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\Min1720[1].css
|
UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\Piramid[1].png
|
PNG image data, 510 x 265, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\Tanke[1].png
|
PNG image data, 510 x 265, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\barandas%20bandas%20de%20billar[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:10 07:34:19,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\cepillo%20mesas%20de%20billar[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:10 07:19:51,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\charolas%20bolas%20sueltas[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:10 05:49:50,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\contacto[1].htm
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\cubiletes%20dados%20poker[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:10 07:12:41,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\favicon[1].ico
|
MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 32x32, 8 bits/pixel
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\mesa_reparada2[1].jpg
|
[TIFF image data, little-endian, direntries=0], baseline, precision 8, 510x340, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\mesas_de_billar[1].htm
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\prensa%20pega%20botanas[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:10 07:16:42,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\regatones%20gomas%20tacos%20de%20billar[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:10 05:56:30,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\servicios[1].htm
|
HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\taco%20de%20billar%20cuatro%20empalmes[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:10 10:13:24,
GPS-Data], baseline, precision 8, 320x427, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\w-logo-blue-white-bg[1].png
|
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\AEHAWZV0.htm
|
HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\BolaAccesorios[1].png
|
PNG image data, 72 x 78, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\BolaInicio[1].png
|
PNG image data, 72 x 78, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\BolaMesaBillar[1].png
|
PNG image data, 72 x 79, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\BolaServicio[1].png
|
PNG image data, 71 x 78, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\Boomerang[1].png
|
PNG image data, 510 x 265, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\Colonial[1].png
|
PNG image data, 510 x 265, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\Default[1].htm
|
HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\LogoZonabillar[1].png
|
PNG image data, 659 x 136, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\MesaPoolKronos[1].htm
|
HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\Pajhody[1].png
|
PNG image data, 510 x 265, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\bolas%20pelotas%20de%20futbolito[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:10 05:54:08,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\botella%20y%20bolitas%20de%20sorteo[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:13 13:49:04,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\burritas%20mesa%20de%20billar[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:13 14:06:01,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\enviar02[1].htm
|
HTML document, ASCII text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\guantes%20de%20billar[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:10 06:54:55,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\mesa_reparada1[1].jpg
|
[TIFF image data, little-endian, direntries=0], baseline, precision 8, 510x340, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\modernizr.custom.46138[1].js
|
HTML document, ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\rep1_2[1].jpg
|
[TIFF image data, little-endian, direntries=0], baseline, precision 8, 245x150, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\servicios[1].htm
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\tiza%20cosmetico%20tungho[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:13 13:05:34,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\virolas%20tacos%20de%20billar[1].jpg
|
[TIFF image data, big-endian, direntries=11, description= , manufacturer=Canon, model=Canon
PowerShot SX500 IS, orientation=upper-left, xresolution=210, yresolution=218, resolutionunit=2, datetime=2015:03:10 05:59:46,
GPS-Data], baseline, precision 8, 427x320, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DF63F9EEFA8506E00E.TMP
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DF9F2FC73470E9E1CF.TMP
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DFB4A70F06E7D4BB57.TMP
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\DKC746G81IF7J339D2CX.temp
|
data
|
dropped
|
|
There are 88 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\internet explorer\iexplore.exe
|
'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4012 CREDAT:17410 /prefetch:2
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.zonabillar.com/accesorios/
|
|
||
|
http://www.zonabillar.com/accesorios/Default.aspx
|
|
||
|
http://www.zonabillar.com/mesas_de_billar/Pool
|
|
||
|
http://www.zonabillar.com/mesas_de_billar/MesaPoolEko
|
|
||
|
http://www.zonabillar.com/mesas_de_billar/MesaPoolKronos
|
|
||
|
http://www.zonabillar.com/mesas_de_billar/
|
|
||
|
http://www.zonabillar.com/contacto/
|
|
||
|
http://www.zonabillar.com/servicios/
|
|
||
|
http://www.zonabillar.com/App_Themes/Default/Min1720.css
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/img/Colonial.png
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/accesorios/img/charolas%20bolas%20sueltas.JPG
|
198.38.83.196
|
|
|
|
https://bit.ly/3iJRjYG?l=www.santander.cl
|
unknown
|
|
|
|
http://www.zonabillar.com/accesorios/img/taco%20de%20billar%20cuatro%20empalmes.JPG
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/lladolid.com/activacion/cuenta-nnwk/
|
unknown
|
|
|
|
https://www.lacreatura.esivalladolid.com/activacion/cuenta-nnwk/
|
unknown
|
|
|
|
http://www.zonabillar.com/accesorios/img/bolas%20de%20pool%20marca%20imperial.JPG
|
198.38.83.196
|
|
|
|
http://wordpress.roma.it/wp-includes/images/w-logo-blue-white-bg.png
|
95.85.11.200
|
|
|
|
http://www.zonabillar.com/
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/img/LogoZonabillar.png
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/accesorios/img/botanas%20de%20billar%20hansinburg.JPG
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/img/Tanke.png
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/accesorios/
|
198.38.83.196
|
|
|
|
http://www.zonabicom/servicios/Default.aspxaspxKOjVLYjk7ohFpeJ
|
unknown
|
|
|
|
http://www.zonabillar.com/accesorios/img/regatones%20gomas%20tacos%20de%20billar.JPG
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/accesorios/img/virolas%20tacos%20de%20billar.JPG
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/accesorios/img/taco%20de%20billar%20tipo%20union.JPG
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/App_Themes/Default/Comun.css
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/img/contempo_caram_510x320.jpg
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/MesaPoolEko8ZonaBillar
|
unknown
|
|
|
|
http://www.zonabillar.com/img/OpcionMesaBillar.png
|
198.38.83.196
|
|
|
|
http://www.zonabiar.com/
|
unknown
|
|
|
|
http://www.zonabillar.com/img/OpcionServicio.png
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/servicios/lar/d:
|
unknown
|
|
|
|
http://www.zonabillar.com/accesorios/img/Bolas%20ruedo%20carambola%20aramit%20pro%20cup.JPG
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/MesaPoolKronos
|
198.38.83.196
|
|
|
|
http://wordpress.roma.it/favicon/enviar02.php?l=333342500
|
95.85.11.200
|
|
|
|
http://www.zonabillar.com/servicios/img/rep2_2.jpg
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/servicios/img/mesa_reparada2.jpg
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/favicon.ico
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/img/Boomerang.png
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/Pool
|
198.38.83.196
|
|
|
|
http://www.zonabicom/accesorios/Default.aspxaspxKOjVLYjk7ohFpeJ
|
unknown
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/MesaPoolEko
|
198.38.83.196
|
|
|
|
https://www.lacreaturait/favicon/enviar02.php?l=333342500.esivalladolid.com/activacion/cuenta-nnwk/R
|
unknown
|
|
|
|
http://www.zonabillar..esivalladolid.com/activacion/cuenta-nnwk/com/lladolid.com/activacion/cuenta-n
|
unknown
|
|
|
|
https://www.lacreatura.esivalladolid.com/activacion/cuenta-nnwk/LMEM
|
unknown
|
|
|
|
http://www.zonabillar.com/accesorios/Default.aspxFZonaBillar
|
unknown
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/Poolaspx~
|
unknown
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/img/Delta2.png
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/accesorios/Default.aspxaspx
|
unknown
|
|
|
|
http://www.zonabillar.com/Fuente/ArchitectsDaughter.ttf
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/img/KronosPool.png
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/img/BolaInicio.png
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/Pool4ZonaBillar
|
unknown
|
|
|
|
http://www.zonabillar.com/accesorios/img/botanas%20master.JPG
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/servicios/img/mesa_reparada1.jpg
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/favicon.ico~
|
unknown
|
|
|
|
http://www.zonabillar.com/contacto/
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/img/BolaAccesorios.png
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/MesaPoolKronos8ZonaBillar
|
unknown
|
|
|
|
http://www.zonabillar.com/accesorios/img/bolas%20pelotas%20de%20futbolito.JPG
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/servicios/img/rep1_1.jpg
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/accesorios/FZonaBillar
|
unknown
|
|
|
|
http://www.zonabillar.com/js/modernizr.custom.46138.js
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/accesorios/img/tizas%20cosmetico%20master.JPG
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/accesorios/img/parches%20pa%C3%B1o%20de%20pool.JPG
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/contacto/lar/
|
unknown
|
|
|
|
http://www.zonabillar.com/App_Themes/Default/Max479.css
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/accesorios/lar/l
|
unknown
|
|
|
|
http://www.zonabillar.com/contacto/lar/w.zonabillar.com/favicon.ico
|
unknown
|
|
|
|
http://www.zonabillar.com/accesorios/img/buchacas%20mesas%20de%20pool.JPG
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/img/Eko.png
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/img/Kronos.png
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/accesorios/img/porta%20tizas.JPG
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/accesorios/img/triangulos%20de%20billar.JPG
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/accesorios/img/fundas%20tacos%20de%20billar.JPG
|
198.38.83.196
|
|
|
|
http://www.zonabillar.
|
unknown
|
|
|
|
http://wordpress.roma.it/favicon.ico
|
95.85.11.200
|
|
|
|
http://www.zonabillar.com/img/OpcionAccesorio.png
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/mesas_de_billar
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/servicios/img/rep2_1.jpg
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/img/DeltaNegra.png
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/lladolid.com/activacion/cuenta-nnwk/V
|
unknown
|
|
|
|
http://www.zonabillar.com/accesorios/img/barandas%20bandas%20de%20billar.JPG
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/img/bullet.png
|
198.38.83.196
|
|
|
|
http://kimberlygeswein.comCopyright
|
unknown
|
|
|
|
http://www.zonabillar.com/servicios/
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/js/CorreoZB.js
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/accesorios/img/botella%20y%20bolitas%20de%20sorteo.JPG
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/Default.aspx8ZonaBillar
|
unknown
|
|
|
|
http://www.zonabillar.com/img/TexturaClara.png
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/accesorios/img/tiza%20cosmetico%20tungho.JPG
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/App_Themes/Default/Min960Max1719.css
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/accesorios/img/bolas%20economicas%20para%20pool.JPG
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/img/BolaContacto.png
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/img/BolaServicio.png
|
198.38.83.196
|
|
|
|
http://scripts.sil.org/OFLCopyright
|
unknown
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/MesaPoolEkoos
|
unknown
|
|
|
|
http://www.zonabillar.com/contacto
|
198.38.83.196
|
|
|
|
http://www.zonabillar.com/App_Themes/Default/Min480Max959.css
|
198.38.83.196
|
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bit.ly
|
67.199.248.11
|
|
|
|
wordpress.roma.it
|
95.85.11.200
|
|
|
|
www.lacreatura.esivalladolid.com
|
188.164.197.43
|
|
|
|
www.zonabillar.com
|
198.38.83.196
|
|
IPs
|
IP
|
Domain
|
Country
|
Active
|
Malicious
|
|
|---|---|---|---|---|---|
|
95.85.11.200
|
unknown
|
European Union
|
unknown
|
|
|
|
198.38.83.196
|
unknown
|
United States
|
unknown
|
|
|
|
67.199.248.11
|
unknown
|
United States
|
unknown
|
|
|
|
188.164.197.43
|
unknown
|
Spain
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\internet explorer\iexplore.exe
|
{22CB6B3D-610D-11EB-90E5-ECF4BB570DC9}
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Blocked
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
DecayDateQueue
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LastProcessed
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
DecayDateQueue
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LastProcessed
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Blocked
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
DecayDateQueue
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LastProcessed
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
CVListPingLastYMD
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
DecayDateQueue
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LastProcessed
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
DecayDateQueue
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LastProcessed
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
DecayDateQueue
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LastProcessed
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
DecayDateQueue
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LastProcessed
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
DecayDateQueue
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LastProcessed
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
DecayDateQueue
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LastProcessed
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
DecayDateQueue
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LastProcessed
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
DecayDateQueue
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LastProcessed
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
DecayDateQueue
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LastProcessed
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
DecayDateQueue
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LastProcessed
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
@C:\Windows\System32\ieframe.dll,-912
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
@C:\Windows\System32\ieframe.dll,-903
|
|
There are 38 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF50D484000
|
unkown
|
page readonly
|
|
|
|
1DE17641000
|
unkown
|
page read and write
|
|
|
|
7FF56A03B000
|
unkown
|
page readonly
|
|
|
|
7FF5A9088000
|
unkown
|
page readonly
|
|
|
|
7FF5BDFE8000
|
unkown
|
page readonly
|
|
|
|
25E6D802000
|
unkown
|
page read and write
|
|
|
|
7FF50D633000
|
unkown
|
page readonly
|
|
|
|
7FF51AE37000
|
unkown
|
page readonly
|
|
|
|
7FF50D3F7000
|
unkown
|
page readonly
|
|
|
|
7FF598348000
|
unkown
|
page readonly
|
|
|
|
7FF4F0DF5000
|
unkown
|
page readonly
|
|
|
|
7FF5BE000000
|
unkown
|
page readonly
|
|
|
|
1AF6C7D0000
|
unkown
|
page readonly
|
|
|
|
7FF50D221000
|
unkown
|
page readonly
|
|
|
|
7FF4F14F3000
|
unkown
|
page readonly
|
|
|
|
FD3470E000
|
unkown
|
page read and write
|
|
|
|
7FF596D46000
|
unkown
|
page readonly
|
|
|
|
7FF5A92A7000
|
unkown
|
page readonly
|
|
|
|
7FF570DDC000
|
unkown
|
page readonly
|
|
|
|
7FF596C8D000
|
unkown
|
page readonly
|
|
|
|
2C1F2740000
|
heap private
|
page read and write
|
|
|
|
1AF66FD0000
|
unkown
|
page readonly
|
|
|
|
25E6D680000
|
heap private
|
page read and write
|
|
|
|
1CAA5670000
|
unkown
|
page read and write
|
|
|
|
1CAA5F12000
|
unkown
|
page read and write
|
|
|
|
7FF596D18000
|
unkown
|
page readonly
|
|
|
|
234C4830000
|
unkown
|
page readonly
|
|
|
|
7FF570EBE000
|
unkown
|
page readonly
|
|
|
|
7FF50CF74000
|
unkown
|
page readonly
|
|
|
|
7FF570E05000
|
unkown
|
page readonly
|
|
|
|
1AF66FF0000
|
unkown
|
page read and write
|
|
|
|
20A8D5B0000
|
heap default
|
page read and write
|
|
|
|
7FF5A9224000
|
unkown
|
page readonly
|
|
|
|
7FF569D3D000
|
unkown
|
page readonly
|
|
|
|
13A9F2D0000
|
unkown
|
page readonly
|
|
|
|
7FF569F4C000
|
unkown
|
page readonly
|
|
|
|
7FF59835B000
|
unkown
|
page readonly
|
|
|
|
234C4875000
|
heap private
|
page read and write
|
|
|
|
7FF596D6B000
|
unkown
|
page readonly
|
|
|
|
13A9F03E000
|
unkown
|
page read and write
|
|
|
|
7FF50D53F000
|
unkown
|
page readonly
|
|
|
|
7FF569F50000
|
unkown
|
page readonly
|
|
|
|
7FF596D50000
|
unkown
|
page readonly
|
|
|
|
7FF5A9292000
|
unkown
|
page readonly
|
|
|
|
7FF596D4B000
|
unkown
|
page readonly
|
|
|
|
542C28C000
|
unkown
|
page read and write
|
|
|
|
1AF67056000
|
unkown
|
page read and write
|
|
|
|
20D75300000
|
unkown
|
page read and write
|
|
|
|
1AF67730000
|
unkown
|
page read and write
|
|
|
|
13A9F07B000
|
unkown
|
page read and write
|
|
|
|
1AF6CAA0000
|
unkown
|
page readonly
|
|
|
|
7FF5A938D000
|
unkown
|
page readonly
|
|
|
|
234C65A0000
|
heap private
|
page read and write
|
|
|
|
13A9F048000
|
unkown
|
page read and write
|
|
|
|
7FF5981F7000
|
unkown
|
page readonly
|
|
|
|
1AF6C780000
|
unkown
|
page read and write
|
|
|
|
7FF5A92FA000
|
unkown
|
page readonly
|
|
|
|
7FF59834F000
|
unkown
|
page readonly
|
|
|
|
7FF569FFF000
|
unkown
|
page readonly
|
|
|
|
7FF5A93AD000
|
unkown
|
page readonly
|
|
|
|
1AF6C760000
|
unkown
|
page read and write
|
|
|
|
1AF67072000
|
unkown
|
page read and write
|
|
|
|
7FF596D7D000
|
unkown
|
page readonly
|
|
|
|
1CAA6000000
|
unkown
|
page readonly
|
|
|
|
234C47F0000
|
unkown
|
page read and write
|
|
|
|
7FF51AE58000
|
unkown
|
page readonly
|
|
|
|
7FF596CF7000
|
unkown
|
page readonly
|
|
|
|
234C6210000
|
unkown
|
page readonly
|
|
|
|
7FF50D6DE000
|
unkown
|
page readonly
|
|
|
|
542C6FF000
|
unkown
|
page read and write
|
|
|
|
20EDE7E000
|
unkown
|
page read and write
|
|
|
|
1CAA6340000
|
unkown
|
page readonly
|
|
|
|
7FF598043000
|
unkown
|
page readonly
|
|
|
|
7FF596C87000
|
unkown
|
page readonly
|
|
|
|
7FF51ADB4000
|
unkown
|
page readonly
|
|
|
|
34C417E000
|
unkown
|
page read and write
|
|
|
|
6A1137B000
|
unkown
|
page read and write
|
|
|
|
8A1AC7C000
|
unkown
|
page read and write
|
|
|
|
13A9F062000
|
unkown
|
page read and write
|
|
|
|
1C49D44E000
|
unkown
|
page read and write
|
|
|
|
7FF5981E5000
|
unkown
|
page readonly
|
|
|
|
1AF66F60000
|
heap private
|
page read and write
|
|
|
|
1AF67013000
|
unkown
|
page read and write
|
|
|
|
7FF4F14C8000
|
unkown
|
page readonly
|
|
|
|
1AF67102000
|
unkown
|
page read and write
|
|
|
|
7FF596D4A000
|
unkown
|
page readonly
|
|
|
|
7FF569E2E000
|
unkown
|
page readonly
|
|
|
|
7FF5A92BC000
|
unkown
|
page readonly
|
|
|
|
7FF5BE02F000
|
unkown
|
page readonly
|
|
|
|
13A9F041000
|
unkown
|
page read and write
|
|
|
|
7FF5BDF65000
|
unkown
|
page readonly
|
|
|
|
D84937D000
|
unkown
|
page read and write
|
|
|
|
1AF677F0000
|
unkown
|
page read and write
|
|
|
|
1AF6C480000
|
unkown
|
page read and write
|
|
|
|
20D75308000
|
unkown
|
page read and write
|
|
|
|
1C49D380000
|
heap private
|
page read and write
|
|
|
|
7FF5BDED3000
|
unkown
|
page readonly
|
|
|
|
7FF5BDFEF000
|
unkown
|
page readonly
|
|
|
|
13A9F802000
|
unkown
|
page read and write
|
|
|
|
1AF67FE0000
|
unkown
|
page read and write
|
|
|
|
1AF6C84C000
|
unkown
|
page read and write
|
|
|
|
13A9F06D000
|
unkown
|
page read and write
|
|
|
|
1C49D485000
|
unkown
|
page read and write
|
|
|
|
7FF570E88000
|
unkown
|
page readonly
|
|
|
|
13A9F067000
|
unkown
|
page read and write
|
|
|
|
13A9F033000
|
unkown
|
page read and write
|
|
|
|
1AF6C62E000
|
unkown
|
page read and write
|
|
|
|
7FF569F47000
|
unkown
|
page readonly
|
|
|
|
7FF596C50000
|
unkown
|
page readonly
|
|
|
|
1C49D3F0000
|
unkown
|
page readonly
|
|
|
|
7FF570C96000
|
unkown
|
page readonly
|
|
|
|
7FF5BDF27000
|
unkown
|
page readonly
|
|
|
|
7FF50D411000
|
unkown
|
page readonly
|
|
|
|
7FF5BD8A1000
|
unkown
|
page readonly
|
|
|
|
1AF6C628000
|
unkown
|
page read and write
|
|
|
|
7FF51AD8F000
|
unkown
|
page readonly
|
|
|
|
7FF596BEE000
|
unkown
|
page readonly
|
|
|
|
1AF6C641000
|
unkown
|
page read and write
|
|
|
|
7FF50D26A000
|
unkown
|
page readonly
|
|
|
|
34C487E000
|
unkown
|
page read and write
|
|
|
|
2C1F2886000
|
unkown
|
page read and write
|
|
|
|
7FF50D2A2000
|
unkown
|
page readonly
|
|
|
|
13A9F000000
|
unkown
|
page read and write
|
|
|
|
7FF5A8B89000
|
unkown
|
page readonly
|
|
|
|
7FF50D5E7000
|
unkown
|
page readonly
|
|
|
|
7FF569E4D000
|
unkown
|
page readonly
|
|
|
|
13A9F06B000
|
unkown
|
page read and write
|
|
|
|
6A113FF000
|
unkown
|
page read and write
|
|
|
|
1DE17530000
|
unkown
|
page readonly
|
|
|
|
34C497E000
|
unkown
|
page read and write
|
|
|
|
7FF5BDF95000
|
unkown
|
page readonly
|
|
|
|
34C427A000
|
unkown
|
page read and write
|
|
|
|
1AF680D0000
|
unkown
|
page readonly
|
|
|
|
6A1107B000
|
unkown
|
page read and write
|
|
|
|
7FF51AD95000
|
unkown
|
page readonly
|
|
|
|
260ED7F000
|
unkown
|
page read and write
|
|
|
|
7FF5A92A3000
|
unkown
|
page readonly
|
|
|
|
7FF570DC3000
|
unkown
|
page readonly
|
|
|
|
1AF6703C000
|
unkown
|
page read and write
|
|
|
|
7FF5BDF9D000
|
unkown
|
page readonly
|
|
|
|
7FF570E96000
|
unkown
|
page readonly
|
|
|
|
13A9F200000
|
unkown
|
page readonly
|
|
|
|
20A8D5C0000
|
unkown
|
page readonly
|
|
|
|
25E6DD90000
|
unkown
|
page readonly
|
|
|
|
7FF570ECF000
|
unkown
|
page readonly
|
|
|
|
20A8D8D0000
|
unkown
|
page write copy
|
|
|
|
20D75229000
|
unkown
|
page read and write
|
|
|
|
25E6D902000
|
unkown
|
page read and write
|
|
|
|
7FF596DCB000
|
unkown
|
page readonly
|
|
|
|
7FF598356000
|
unkown
|
page readonly
|
|
|
|
234C488B000
|
heap default
|
page read and write
|
|
|
|
7FF570E09000
|
unkown
|
page readonly
|
|
|
|
7FF50D5F7000
|
unkown
|
page readonly
|
|
|
|
7FF597E53000
|
unkown
|
page readonly
|
|
|
|
25E6DE80000
|
unkown
|
page read and write
|
|
|
|
1AF6C780000
|
unkown
|
page read and write
|
|
|
|
234C4810000
|
unkown
|
page read and write
|
|
|
|
EA47A7D000
|
unkown
|
page read and write
|
|
|
|
7FF597E68000
|
unkown
|
page readonly
|
|
|
|
1AF68480000
|
unkown
|
page read and write
|
|
|
|
1C49DB40000
|
unkown
|
page read and write
|
|
|
|
25E6D83D000
|
unkown
|
page read and write
|
|
|
|
234C4980000
|
unkown
|
page readonly
|
|
|
|
7FF596DB8000
|
unkown
|
page readonly
|
|
|
|
7FF50D1F6000
|
unkown
|
page readonly
|
|
|
|
7FF569F75000
|
unkown
|
page readonly
|
|
|
|
20D75253000
|
unkown
|
page read and write
|
|
|
|
1AF67959000
|
unkown
|
page read and write
|
|
|
|
7FF5A9394000
|
unkown
|
page readonly
|
|
|
|
20A8D655000
|
unkown
|
page read and write
|
|
|
|
7FF596DEE000
|
unkown
|
page readonly
|
|
|
|
20A8DCB0000
|
unkown
|
page readonly
|
|
|
|
7FF4F14E9000
|
unkown
|
page readonly
|
|
|
|
7FF5BDEDA000
|
unkown
|
page readonly
|
|
|
|
7FF570DD8000
|
unkown
|
page readonly
|
|
|
|
7FF4F15AB000
|
unkown
|
page readonly
|
|
|
|
1C49D470000
|
unkown
|
page read and write
|
|
|
|
7FF5A9284000
|
unkown
|
page readonly
|
|
|
|
7FF5968D8000
|
unkown
|
page readonly
|
|
|
|
234C62F0000
|
heap private
|
page read and write
|
|
|
|
34C467B000
|
unkown
|
page read and write
|
|
|
|
7FF596D64000
|
unkown
|
page readonly
|
|
|
|
13A9F059000
|
unkown
|
page read and write
|
|
|
|
7FF569F14000
|
unkown
|
page readonly
|
|
|
|
7FF51ACDD000
|
unkown
|
page readonly
|
|
|
|
1CAA5640000
|
unkown
|
page read and write
|
|
|
|
7FF596DD0000
|
unkown
|
page readonly
|
|
|
|
6A116FF000
|
unkown
|
page read and write
|
|
|
|
1AF6C650000
|
unkown
|
page read and write
|
|
|
|
8A1ADFB000
|
unkown
|
page read and write
|
|
|
|
7FF570ECD000
|
unkown
|
page readonly
|
|
|
|
7FF50D625000
|
unkown
|
page readonly
|
|
|
|
7FF569C22000
|
unkown
|
page readonly
|
|
|
|
7FF5A9076000
|
unkown
|
page readonly
|
|
|
|
7FF5981DF000
|
unkown
|
page readonly
|
|
|
|
1DE17659000
|
unkown
|
page read and write
|
|
|
|
7FF5BDFFB000
|
unkown
|
page readonly
|
|
|
|
7FF569F79000
|
unkown
|
page readonly
|
|
|
|
20D756D0000
|
unkown
|
page readonly
|
|
|
|
7FF570EA0000
|
unkown
|
page readonly
|
|
|
|
1C49D449000
|
unkown
|
page read and write
|
|
|
|
7FF4F14DD000
|
unkown
|
page readonly
|
|
|
|
1AF67959000
|
unkown
|
page read and write
|
|
|
|
26FB4FF000
|
unkown
|
page read and write
|
|
|
|
13A9EF20000
|
heap private
|
page read and write
|
|
|
|
7FF51AD0E000
|
unkown
|
page readonly
|
|
|
|
7FF50D3E3000
|
unkown
|
page readonly
|
|
|
|
1CAA5590000
|
unkown
|
page read and write
|
|
|
|
542C87E000
|
unkown
|
page read and write
|
|
|
|
234C46C0000
|
unkown
|
page readonly
|
|
|
|
7FF50D6ED000
|
unkown
|
page readonly
|
|
|
|
1AF6C780000
|
unkown
|
page readonly
|
|
|
|
20D75F40000
|
unkown
|
page readonly
|
|
|
|
542C67D000
|
unkown
|
page read and write
|
|
|
|
7FF570E8F000
|
unkown
|
page readonly
|
|
|
|
7FF5A90F8000
|
unkown
|
page readonly
|
|
|
|
20D75190000
|
heap private
|
page read and write
|
|
|
|
1AF6C620000
|
unkown
|
page read and write
|
|
|
|
7FF5BE02B000
|
unkown
|
page readonly
|
|
|
|
7FF5A8BF4000
|
unkown
|
page readonly
|
|
|
|
1AF67113000
|
unkown
|
page read and write
|
|
|
|
34C46FF000
|
unkown
|
page read and write
|
|
|
|
1AF6C714000
|
unkown
|
page readonly
|
|
|
|
7FF5BDF69000
|
unkown
|
page readonly
|
|
|
|
260EC7E000
|
unkown
|
page read and write
|
|
|
|
1CAA5560000
|
heap default
|
page read and write
|
|
|
|
7FF50D264000
|
unkown
|
page readonly
|
|
|
|
1AF6C6F0000
|
unkown
|
page write copy
|
|
|
|
7FF569D47000
|
unkown
|
page readonly
|
|
|
|
1AF670AB000
|
unkown
|
page read and write
|
|
|
|
7FF56A006000
|
unkown
|
page readonly
|
|
|
|
1C49D48D000
|
unkown
|
page read and write
|
|
|
|
7FF569EF7000
|
unkown
|
page readonly
|
|
|
|
1AF6C8AB000
|
unkown
|
page read and write
|
|
|
|
26FB6FE000
|
unkown
|
page read and write
|
|
|
|
20A8D63F000
|
unkown
|
page read and write
|
|
|
|
1DE174C0000
|
heap private
|
page read and write
|
|
|
|
13A9EF90000
|
unkown
|
page readonly
|
|
|
|
7FF50D5B0000
|
unkown
|
page readonly
|
|
|
|
7FF50D413000
|
unkown
|
page readonly
|
|
|
|
7FF50D61D000
|
unkown
|
page readonly
|
|
|
|
1AF6C660000
|
unkown
|
page read and write
|
|
|
|
20A8D629000
|
unkown
|
page read and write
|
|
|
|
25E6D7D0000
|
unkown
|
page readonly
|
|
|
|
7FF50D6CD000
|
unkown
|
page readonly
|
|
|
|
7FF51ABF3000
|
unkown
|
page readonly
|
|
|
|
1CAA5800000
|
unkown
|
page readonly
|
|
|
|
7FF50D255000
|
unkown
|
page readonly
|
|
|
|
7FF50D440000
|
unkown
|
page readonly
|
|
|
|
25E6D85C000
|
unkown
|
page read and write
|
|
|
|
25E6DE70000
|
unkown
|
page read and write
|
|
|
|
7FF569FA3000
|
unkown
|
page readonly
|
|
|
|
25E6DE70000
|
unkown
|
page read and write
|
|
|
|
1AF677F3000
|
unkown
|
page read and write
|
|
|
|
1AF6C6F4000
|
unkown
|
page readonly
|
|
|
|
1C49D500000
|
unkown
|
page read and write
|
|
|
|
FD34CFF000
|
unkown
|
page read and write
|
|
|
|
7FF596CB5000
|
unkown
|
page readonly
|
|
|
|
7FF50CEBE000
|
unkown
|
page readonly
|
|
|
|
7FF59838B000
|
unkown
|
page readonly
|
|
|
|
7FF570C9F000
|
unkown
|
page readonly
|
|
|
|
1AF680F0000
|
unkown
|
page readonly
|
|
|
|
7FF51AF10000
|
unkown
|
page readonly
|
|
|
|
1AF6CA60000
|
unkown
|
page readonly
|
|
|
|
2C1F283C000
|
unkown
|
page read and write
|
|
|
|
2C1F2902000
|
unkown
|
page read and write
|
|
|
|
1CAA5570000
|
unkown
|
page readonly
|
|
|
|
8A1AFFF000
|
unkown
|
page read and write
|
|
|
|
1AF670FA000
|
unkown
|
page read and write
|
|
|
|
1AF6C740000
|
unkown
|
page read and write
|
|
|
|
13A9F013000
|
unkown
|
page read and write
|
|
|
|
7FF5A9368000
|
unkown
|
page readonly
|
|
|
|
7FF598283000
|
unkown
|
page readonly
|
|
|
|
1C49DC02000
|
unkown
|
page read and write
|
|
|
|
20D751F0000
|
heap default
|
page read and write
|
|
|
|
7FF5BDC1D000
|
unkown
|
page readonly
|
|
|
|
7FF5BDF93000
|
unkown
|
page readonly
|
|
|
|
1AF672D0000
|
unkown
|
page readonly
|
|
|
|
7FF5BE00D000
|
unkown
|
page readonly
|
|
|
|
7FF5A9142000
|
unkown
|
page readonly
|
|
|
|
7FF51AE79000
|
unkown
|
page readonly
|
|
|
|
20A8D600000
|
unkown
|
page read and write
|
|
|
|
7FF596D6E000
|
unkown
|
page readonly
|
|
|
|
1C49DE00000
|
unkown
|
page readonly
|
|
|
|
20A8D613000
|
unkown
|
page read and write
|
|
|
|
1CAA5687000
|
unkown
|
page read and write
|
|
|
|
1CAA5630000
|
unkown
|
page read and write
|
|
|
|
7FF4F134D000
|
unkown
|
page readonly
|
|
|
|
1AF67802000
|
unkown
|
page read and write
|
|
|
|
7FF596DFF000
|
unkown
|
page readonly
|
|
|
|
13A9F077000
|
unkown
|
page read and write
|
|
|
|
20EE0FB000
|
unkown
|
page read and write
|
|
|
|
7FF5BD79D000
|
unkown
|
page readonly
|
|
|
|
7FF4F1263000
|
unkown
|
page readonly
|
|
|
|
260E87B000
|
unkown
|
page read and write
|
|
|
|
7FF50D6AF000
|
unkown
|
page readonly
|
|
|
|
7FF570EBB000
|
unkown
|
page readonly
|
|
|
|
7FF50D3ED000
|
unkown
|
page readonly
|
|
|
|
7FF51AF3F000
|
unkown
|
page readonly
|
|
|
|
20A8D602000
|
unkown
|
page read and write
|
|
|
|
7FF569EED000
|
unkown
|
page readonly
|
|
|
|
7FF4F1594000
|
unkown
|
page readonly
|
|
|
|
7FF51AF2E000
|
unkown
|
page readonly
|
|
|
|
20D7524C000
|
unkown
|
page read and write
|
|
|
|
7FF596CE5000
|
unkown
|
page readonly
|
|
|
|
7FF4F159E000
|
unkown
|
page readonly
|
|
|
|
7FF51AF1D000
|
unkown
|
page readonly
|
|
|
|
7FF5BDD13000
|
unkown
|
page readonly
|
|
|
|
7FF569C1D000
|
unkown
|
page readonly
|
|
|
|
13A9F05F000
|
unkown
|
page read and write
|
|
|
|
1AF6706C000
|
unkown
|
page read and write
|
|
|
|
13A9F04F000
|
unkown
|
page read and write
|
|
|
|
7FF4F1515000
|
unkown
|
page readonly
|
|
|
|
FD3478E000
|
unkown
|
page read and write
|
|
|
|
7FF598360000
|
unkown
|
page readonly
|
|
|
|
234C6200000
|
unkown
|
page readonly
|
|
|
|
2C1F2829000
|
unkown
|
page read and write
|
|
|
|
1AF67815000
|
unkown
|
page read and write
|
|
|
|
1AF6C650000
|
unkown
|
page read and write
|
|
|
|
1AF6CA80000
|
unkown
|
page readonly
|
|
|
|
1AF6C640000
|
unkown
|
page read and write
|
|
|
|
7FF5BE01B000
|
unkown
|
page readonly
|
|
|
|
20A8D66C000
|
unkown
|
page read and write
|
|
|
|
7FF570EB4000
|
unkown
|
page readonly
|
|
|
|
7FF596D7F000
|
unkown
|
page readonly
|
|
|
|
1AF67200000
|
unkown
|
page readonly
|
|
|
|
7FF596D0C000
|
unkown
|
page readonly
|
|
|
|
8A1B1FF000
|
unkown
|
page read and write
|
|
|
|
1AF6C780000
|
unkown
|
page read and write
|
|
|
|
1DE1765B000
|
unkown
|
page read and write
|
|
|
|
1AF6C72C000
|
unkown
|
page readonly
|
|
|
|
1CAA5C60000
|
unkown
|
page readonly
|
|
|
|
1AF6C490000
|
unkown
|
page read and write
|
|
|
|
7FF596BCE000
|
unkown
|
page readonly
|
|
|
|
1C49D3E0000
|
heap default
|
page read and write
|
|
|
|
1DE17602000
|
unkown
|
page read and write
|
|
|
|
7FF570DB2000
|
unkown
|
page readonly
|
|
|
|
26FB679000
|
unkown
|
page read and write
|
|
|
|
7FF569DB7000
|
unkown
|
page readonly
|
|
|
|
7FF50D6A8000
|
unkown
|
page readonly
|
|
|
|
7FF50D5FC000
|
unkown
|
page readonly
|
|
|
|
20D7524E000
|
unkown
|
page read and write
|
|
|
|
7FF596A28000
|
unkown
|
page readonly
|
|
|
|
2C1F27B0000
|
unkown
|
page readonly
|
|
|
|
1AF6C813000
|
unkown
|
page read and write
|
|
|
|
25E6D800000
|
unkown
|
page read and write
|
|
|
|
20EDBBC000
|
unkown
|
page read and write
|
|
|
|
20D75271000
|
unkown
|
page read and write
|
|
|
|
7FF5A939E000
|
unkown
|
page readonly
|
|
|
|
8A1B0FD000
|
unkown
|
page read and write
|
|
|
|
D849A7F000
|
unkown
|
page read and write
|
|
|
|
D84967C000
|
unkown
|
page read and write
|
|
|
|
1CAA5F00000
|
unkown
|
page read and write
|
|
|
|
7FF5A90FA000
|
unkown
|
page readonly
|
|
|
|
1CAA5580000
|
unkown
|
page readonly
|
|
|
|
7FF596C67000
|
unkown
|
page readonly
|
|
|
|
7FF50D48D000
|
unkown
|
page readonly
|
|
|
|
20A8D800000
|
unkown
|
page readonly
|
|
|
|
7FF5A91BD000
|
unkown
|
page readonly
|
|
|
|
20D75A02000
|
unkown
|
page read and write
|
|
|
|
7FF570C6D000
|
unkown
|
page readonly
|
|
|
|
7FF4F14E5000
|
unkown
|
page readonly
|
|
|
|
234C4840000
|
unkown
|
page readonly
|
|
|
|
7FF56A03F000
|
unkown
|
page readonly
|
|
|
|
542C38E000
|
unkown
|
page read and write
|
|
|
|
7FF51AF06000
|
unkown
|
page readonly
|
|
|
|
20D75313000
|
unkown
|
page read and write
|
|
|
|
1DE17677000
|
unkown
|
page read and write
|
|
|
|
7FF570BD7000
|
unkown
|
page readonly
|
|
|
|
7FF596B1D000
|
unkown
|
page readonly
|
|
|
|
7FF56A02E000
|
unkown
|
page readonly
|
|
|
|
1AF6702A000
|
unkown
|
page read and write
|
|
|
|
7FF51AE33000
|
unkown
|
page readonly
|
|
|
|
13A9F046000
|
unkown
|
page read and write
|
|
|
|
7FF59838F000
|
unkown
|
page readonly
|
|
|
|
7FF598297000
|
unkown
|
page readonly
|
|
|
|
1AF67918000
|
unkown
|
page read and write
|
|
|
|
1DE17600000
|
unkown
|
page read and write
|
|
|
|
FD3507E000
|
unkown
|
page read and write
|
|
|
|
1AF6708C000
|
unkown
|
page read and write
|
|
|
|
7FF598287000
|
unkown
|
page readonly
|
|
|
|
34C4C7B000
|
unkown
|
page read and write
|
|
|
|
7FF50D290000
|
unkown
|
page readonly
|
|
|
|
2C1F2913000
|
unkown
|
page read and write
|
|
|
|
8A1ABFE000
|
unkown
|
page read and write
|
|
|
|
7FF569F8A000
|
unkown
|
page readonly
|
|
|
|
EA4797F000
|
unkown
|
page read and write
|
|
|
|
7FF50D4A3000
|
unkown
|
page readonly
|
|
|
|
234C669F000
|
heap private
|
page read and write
|
|
|
|
7FF569EF0000
|
unkown
|
page readonly
|
|
|
|
1DE17BA0000
|
unkown
|
page readonly
|
|
|
|
1AF6C717000
|
unkown
|
page readonly
|
|
|
|
25E6D6F0000
|
unkown
|
page readonly
|
|
|
|
26FB47B000
|
unkown
|
page read and write
|
|
|
|
34C447E000
|
unkown
|
page read and write
|
|
|
|
1CAA5E02000
|
unkown
|
page read and write
|
|
|
|
234C6370000
|
heap private
|
page read and write
|
|
|
|
7FF570A35000
|
unkown
|
page readonly
|
|
|
|
7FF598153000
|
unkown
|
page readonly
|
|
|
|
7FF596DFF000
|
unkown
|
page readonly
|
|
|
|
7FF51AF24000
|
unkown
|
page readonly
|
|
|
|
2C1F2A00000
|
unkown
|
page readonly
|
|
|
|
7FF56A010000
|
unkown
|
page readonly
|
|
|
|
8A1AEFD000
|
unkown
|
page read and write
|
|
|
|
13A9EF80000
|
heap default
|
page read and write
|
|
|
|
1C49D400000
|
unkown
|
page read and write
|
|
|
|
7FF59829C000
|
unkown
|
page readonly
|
|
|
|
1AF6C8C0000
|
unkown
|
page read and write
|
|
|
|
7FF50D63A000
|
unkown
|
page readonly
|
|
|
|
7FF56A03F000
|
unkown
|
page readonly
|
|
|
|
2C1F3002000
|
unkown
|
page read and write
|
|
|
|
34C48FE000
|
unkown
|
page read and write
|
|
|
|
1DE17800000
|
unkown
|
page readonly
|
|
|
|
1CAA58D0000
|
unkown
|
page readonly
|
|
|
|
13A9EFA0000
|
unkown
|
page readonly
|
|
|
|
7FF5A922E000
|
unkown
|
page readonly
|
|
|
|
13A9F065000
|
unkown
|
page read and write
|
|
|
|
7FF4F1576000
|
unkown
|
page readonly
|
|
|
|
7FF4F15AF000
|
unkown
|
page readonly
|
|
|
|
FD350FE000
|
unkown
|
page read and write
|
|
|
|
7FF51AE6D000
|
unkown
|
page readonly
|
|
|
|
1AF6C644000
|
unkown
|
page read and write
|
|
|
|
13A9F029000
|
unkown
|
page read and write
|
|
|
|
7FF5A937B000
|
unkown
|
page readonly
|
|
|
|
7FF5A91D2000
|
unkown
|
page readonly
|
|
|
|
13A9F047000
|
unkown
|
page read and write
|
|
|
|
1DE17C80000
|
unkown
|
page read and write
|
|
|
|
7FF56A024000
|
unkown
|
page readonly
|
|
|
|
1CAA5D30000
|
unkown
|
page write copy
|
|
|
|
7FF570ECF000
|
unkown
|
page readonly
|
|
|
|
7FF596DBF000
|
unkown
|
page readonly
|
|
|
|
20A8D550000
|
heap private
|
page read and write
|
|
|
|
7FF5A92E5000
|
unkown
|
page readonly
|
|
|
|
7FF569C2A000
|
unkown
|
page readonly
|
|
|
|
7FF5A8E5F000
|
unkown
|
page readonly
|
|
|
|
1AF67900000
|
unkown
|
page read and write
|
|
|
|
7FF59837B000
|
unkown
|
page readonly
|
|
|
|
25E6D824000
|
unkown
|
page read and write
|
|
|
|
1AF6C886000
|
unkown
|
page read and write
|
|
|
|
1DE17675000
|
unkown
|
page read and write
|
|
|
|
20D7523C000
|
unkown
|
page read and write
|
|
|
|
EA47D7C000
|
unkown
|
page read and write
|
|
|
|
7FF5BDF48000
|
unkown
|
page readonly
|
|
|
|
1CAA5500000
|
heap private
|
page read and write
|
|
|
|
2C1F288E000
|
unkown
|
page read and write
|
|
|
|
7FF596D35000
|
unkown
|
page readonly
|
|
|
|
2C1F27C0000
|
unkown
|
page readonly
|
|
|
|
1AF6C730000
|
unkown
|
page read and write
|
|
|
|
7FF569FF8000
|
unkown
|
page readonly
|
|
|
|
13A9F060000
|
unkown
|
page read and write
|
|
|
|
7FF5982C5000
|
unkown
|
page readonly
|
|
|
|
1C49D502000
|
unkown
|
page read and write
|
|
|
|
7FF5A8F0A000
|
unkown
|
page readonly
|
|
|
|
20EDEFE000
|
unkown
|
page read and write
|
|
|
|
7FF5A92C8000
|
unkown
|
page readonly
|
|
|
|
7FF596D7F000
|
unkown
|
page readonly
|
|
|
|
D84997F000
|
unkown
|
page read and write
|
|
|
|
13A9F03B000
|
unkown
|
page read and write
|
|
|
|
7FF596DDD000
|
unkown
|
page readonly
|
|
|
|
7FF596552000
|
unkown
|
page readonly
|
|
|
|
7FF5982F5000
|
unkown
|
page readonly
|
|
|
|
1AF6C4D0000
|
unkown
|
page readonly
|
|
|
|
34C3D0E000
|
unkown
|
page read and write
|
|
|
|
7FF4F156F000
|
unkown
|
page readonly
|
|
|
|
7FF596D2D000
|
unkown
|
page readonly
|
|
|
|
7FF4F15AF000
|
unkown
|
page readonly
|
|
|
|
1AF68461000
|
unkown
|
page read and write
|
|
|
|
7FF50D527000
|
unkown
|
page readonly
|
|
|
|
13A9F05B000
|
unkown
|
page read and write
|
|
|
|
7FF5A92B7000
|
unkown
|
page readonly
|
|
|
|
1CAA5629000
|
unkown
|
page read and write
|
|
|
|
2C1F2802000
|
unkown
|
page read and write
|
|
|
|
13A9F032000
|
unkown
|
page read and write
|
|
|
|
1C49D455000
|
unkown
|
page read and write
|
|
|
|
7FF596AB3000
|
unkown
|
page readonly
|
|
|
|
26FB5FE000
|
unkown
|
page read and write
|
|
|
|
2C1F2813000
|
unkown
|
page read and write
|
|
|
|
1C49D478000
|
unkown
|
page read and write
|
|
|
|
1AF67F00000
|
unkown
|
page read and write
|
|
|
|
7FF50D5C4000
|
unkown
|
page readonly
|
|
|
|
1AF67902000
|
unkown
|
page read and write
|
|
|
|
25E6D6E0000
|
heap default
|
page read and write
|
|
|
|
1C49E140000
|
unkown
|
page readonly
|
|
|
|
7FF56A02B000
|
unkown
|
page readonly
|
|
|
|
7FF598374000
|
unkown
|
page readonly
|
|
|
|
20D75C00000
|
unkown
|
page readonly
|
|
|
|
7FF50D4A8000
|
unkown
|
page readonly
|
|
|
|
D849D7E000
|
unkown
|
page read and write
|
|
|
|
7FF596D07000
|
unkown
|
page readonly
|
|
|
|
7FF596C13000
|
unkown
|
page readonly
|
|
|
|
1AF6C820000
|
unkown
|
page read and write
|
|
|
|
13A9F102000
|
unkown
|
page read and write
|
|
|
|
7FF569F6D000
|
unkown
|
page readonly
|
|
|
|
7FF570E1A000
|
unkown
|
page readonly
|
|
|
|
7FF570EAD000
|
unkown
|
page readonly
|
|
|
|
7FF50D6D4000
|
unkown
|
page readonly
|
|
|
|
7FF5A8F0E000
|
unkown
|
page readonly
|
|
|
|
6A1117E000
|
unkown
|
page read and write
|
|
|
|
20D75940000
|
unkown
|
page readonly
|
|
|
|
7FF570DBC000
|
unkown
|
page readonly
|
|
|
|
1AF6C510000
|
unkown
|
page read and write
|
|
|
|
7FF4F0E25000
|
unkown
|
page readonly
|
|
|
|
7FF50D3DC000
|
unkown
|
page readonly
|
|
|
|
D849C7F000
|
unkown
|
page read and write
|
|
|
|
7FF596C40000
|
unkown
|
page readonly
|
|
|
|
7FF5A93AF000
|
unkown
|
page readonly
|
|
|
|
20D75200000
|
unkown
|
page read and write
|
|
|
|
7FF596C63000
|
unkown
|
page readonly
|
|
|
|
34C437B000
|
unkown
|
page read and write
|
|
|
|
1AF67800000
|
unkown
|
page read and write
|
|
|
|
13A9F06A000
|
unkown
|
page read and write
|
|
|
|
1C49D43C000
|
unkown
|
page read and write
|
|
|
|
7FF569C0F000
|
unkown
|
page readonly
|
|
|
|
EA4787C000
|
unkown
|
page read and write
|
|
|
|
34C3C8B000
|
unkown
|
page read and write
|
|
|
|
7FF4F1580000
|
unkown
|
page readonly
|
|
|
|
2C1F3200000
|
unkown
|
page readonly
|
|
|
|
1DE1766D000
|
unkown
|
page read and write
|
|
|
|
6A115FF000
|
unkown
|
page read and write
|
|
|
|
7FF4F159B000
|
unkown
|
page readonly
|
|
|
|
1C49D413000
|
unkown
|
page read and write
|
|
|
|
7FF5A936F000
|
unkown
|
page readonly
|
|
|
|
7FF570BCD000
|
unkown
|
page readonly
|
|
|
|
7FF4F14BC000
|
unkown
|
page readonly
|
|
|
|
7FF50D3E1000
|
unkown
|
page readonly
|
|
|
|
7FF50D608000
|
unkown
|
page readonly
|
|
|
|
7FF5982BD000
|
unkown
|
page readonly
|
|
|
|
7FF5BE014000
|
unkown
|
page readonly
|
|
|
|
1DE17653000
|
unkown
|
page read and write
|
|
|
|
7FF51AE4C000
|
unkown
|
page readonly
|
|
|
|
234C4880000
|
heap default
|
page read and write
|
|
|
|
25E6D7E0000
|
unkown
|
page read and write
|
|
|
|
7FF570E9B000
|
unkown
|
page readonly
|
|
|
|
13A9F07E000
|
unkown
|
page read and write
|
|
|
|
7FF5982DA000
|
unkown
|
page readonly
|
|
|
|
D8492FE000
|
unkown
|
page read and write
|
|
|
|
7FF4F1568000
|
unkown
|
page readonly
|
|
|
|
FD3468C000
|
unkown
|
page read and write
|
|
|
|
1CAA56CC000
|
unkown
|
page read and write
|
|
|
|
1AF67918000
|
unkown
|
page read and write
|
|
|
|
1AF6C800000
|
unkown
|
page read and write
|
|
|
|
7FF570DC7000
|
unkown
|
page readonly
|
|
|
|
25E6D82A000
|
unkown
|
page read and write
|
|
|
|
1AF6C89F000
|
unkown
|
page read and write
|
|
|
|
1AF6C750000
|
unkown
|
page read and write
|
|
|
|
8A1A4FB000
|
unkown
|
page read and write
|
|
|
|
7FF570DFD000
|
unkown
|
page readonly
|
|
|
|
7FF51AE75000
|
unkown
|
page readonly
|
|
|
|
7FF596D38000
|
unkown
|
page readonly
|
|
|
|
7FF56978E000
|
unkown
|
page readonly
|
|
|
|
7FF5BDECF000
|
unkown
|
page readonly
|
|
|
|
7FF596D43000
|
unkown
|
page readonly
|
|
|
|
FD34DFD000
|
unkown
|
page read and write
|
|
|
|
7FF5A91C6000
|
unkown
|
page readonly
|
|
|
|
D84977F000
|
unkown
|
page read and write
|
|
|
|
20D75251000
|
unkown
|
page read and write
|
|
|
|
7FF5BDF40000
|
unkown
|
page readonly
|
|
|
|
1DE17E02000
|
unkown
|
page read and write
|
|
|
|
7FF5A914D000
|
unkown
|
page readonly
|
|
|
|
7FF50D6DB000
|
unkown
|
page readonly
|
|
|
|
7FF570720000
|
unkown
|
page readonly
|
|
|
|
7FF50CF6A000
|
unkown
|
page readonly
|
|
|
|
7FF596CAD000
|
unkown
|
page readonly
|
|
|
|
7FF597AE2000
|
unkown
|
page readonly
|
|
|
|
1CAA55C0000
|
unkown
|
page readonly
|
|
|
|
1CAA56E8000
|
unkown
|
page read and write
|
|
|
|
542C30E000
|
unkown
|
page read and write
|
|
|
|
7FF50D270000
|
unkown
|
page readonly
|
|
|
|
7FF596C77000
|
unkown
|
page readonly
|
|
|
|
1C49D44D000
|
unkown
|
page read and write
|
|
|
|
1DE17666000
|
unkown
|
page read and write
|
|
|
|
1C49D42A000
|
unkown
|
page read and write
|
|
|
|
7FF570B5A000
|
unkown
|
page readonly
|
|
|
|
2C1F2E60000
|
unkown
|
page readonly
|
|
|
|
7FF596D5D000
|
unkown
|
page readonly
|
|
|
|
25E6DE70000
|
unkown
|
page read and write
|
|
|
|
FD34F7D000
|
unkown
|
page read and write
|
|
|
|
7FF570DA4000
|
unkown
|
page readonly
|
|
|
|
1AF6C7C0000
|
unkown
|
page readonly
|
|
|
|
1AF66FC0000
|
heap default
|
page read and write
|
|
|
|
7FF50D629000
|
unkown
|
page readonly
|
|
|
|
7FF50D3DA000
|
unkown
|
page readonly
|
|
|
|
7FF5A92DD000
|
unkown
|
page readonly
|
|
|
|
7FF59815E000
|
unkown
|
page readonly
|
|
|
|
7FF596A78000
|
unkown
|
page readonly
|
|
|
|
7FF570E35000
|
unkown
|
page readonly
|
|
|
|
7FF50D5A7000
|
unkown
|
page readonly
|
|
|
|
234C6120000
|
unkown
|
page readonly
|
|
|
|
13A9F05D000
|
unkown
|
page read and write
|
|
|
|
1C49D450000
|
unkown
|
page read and write
|
|
|
|
7FF50D5C0000
|
unkown
|
page readonly
|
|
|
|
1CAA5613000
|
unkown
|
page read and write
|
|
|
|
7FF598204000
|
unkown
|
page readonly
|
|
|
|
34C47FF000
|
unkown
|
page read and write
|
|
|
|
1AF680E0000
|
unkown
|
page readonly
|
|
|
|
7FF50D5C8000
|
unkown
|
page readonly
|
|
|
|
7FF597E59000
|
unkown
|
page readonly
|
|
|
|
25E6E002000
|
unkown
|
page read and write
|
|
|
|
20EE1F7000
|
unkown
|
page read and write
|
|
|
|
7FF51AF3F000
|
unkown
|
page readonly
|
|
|
|
1C49D458000
|
unkown
|
page read and write
|
|
|
|
1AF6709E000
|
unkown
|
page read and write
|
|
|
|
7FF596D39000
|
unkown
|
page readonly
|
|
|
|
7FF570C62000
|
unkown
|
page readonly
|
|
|
|
13A9F058000
|
unkown
|
page read and write
|
|
|
|
7FF596CCA000
|
unkown
|
page readonly
|
|
|
|
7FF59838F000
|
unkown
|
page readonly
|
|
|
|
7FF50D6EF000
|
unkown
|
page readonly
|
|
|
|
1AF6709C000
|
unkown
|
page read and write
|
|
|
|
2C1F27D0000
|
unkown
|
page read and write
|
|
|
|
234C4870000
|
heap private
|
page read and write
|
|
|
|
7FF50D6BB000
|
unkown
|
page readonly
|
|
|
|
13A9F07A000
|
unkown
|
page read and write
|
|
|
|
1C49D508000
|
unkown
|
page read and write
|
|
|
|
7FF570C8C000
|
unkown
|
page readonly
|
|
|
|
7FF5A93AF000
|
unkown
|
page readonly
|
|
|
|
7FF596C74000
|
unkown
|
page readonly
|
|
|
|
1AF67660000
|
unkown
|
page readonly
|
|
|
|
D84987D000
|
unkown
|
page read and write
|
|
|
|
6A114F7000
|
unkown
|
page read and write
|
|
|
|
7FF50D6EB000
|
unkown
|
page readonly
|
|
|
|
7FF50D6BE000
|
unkown
|
page readonly
|
|
|
|
7FF51AD53000
|
unkown
|
page readonly
|
|
|
|
26FB57E000
|
unkown
|
page read and write
|
|
|
|
7FF50D5D2000
|
unkown
|
page readonly
|
|
|
|
20EE2FF000
|
unkown
|
page read and write
|
|
|
|
7FF5A939B000
|
unkown
|
page readonly
|
|
|
|
13A9F002000
|
unkown
|
page read and write
|
|
|
|
20A8F0C0000
|
unkown
|
page read and write
|
|
|
|
20D75400000
|
unkown
|
page readonly
|
|
|
|
1AF6C780000
|
unkown
|
page read and write
|
|
|
|
FD34E7F000
|
unkown
|
page read and write
|
|
|
|
7FF5A92F3000
|
unkown
|
page readonly
|
|
|
|
542C7FC000
|
unkown
|
page read and write
|
|
|
|
20A8F1C0000
|
unkown
|
page readonly
|
|
|
|
1DE17613000
|
unkown
|
page read and write
|
|
|
|
8A1A97E000
|
unkown
|
page read and write
|
|
|
|
1AF6C862000
|
unkown
|
page read and write
|
|
|
|
8A1AAFF000
|
unkown
|
page read and write
|
|
|
|
1CAA56C4000
|
unkown
|
page read and write
|
|
|
|
7FF596C55000
|
unkown
|
page readonly
|
|
|
|
7FF5A929C000
|
unkown
|
page readonly
|
|
|
|
FD34BFF000
|
unkown
|
page read and write
|
|
|
|
7FF56A01D000
|
unkown
|
page readonly
|
|
|
|
7FF5A92E9000
|
unkown
|
page readonly
|
|
|
|
7FF51AA03000
|
unkown
|
page readonly
|
|
|
|
20A8D702000
|
unkown
|
page read and write
|
|
|
|
1DE17C70000
|
unkown
|
page readonly
|
|
|
|
234C4D10000
|
unkown
|
page readonly
|
|
|
|
234C6450000
|
heap private
|
page read and write
|
|
|
|
7FF59817E000
|
unkown
|
page readonly
|
|
|
|
7FF51AE47000
|
unkown
|
page readonly
|
|
|
|
7FF51AA18000
|
unkown
|
page readonly
|
|
|
|
7FF51AF2B000
|
unkown
|
page readonly
|
|
|
|
7FF5968C9000
|
unkown
|
page readonly
|
|
|
|
7FF569D65000
|
unkown
|
page readonly
|
|
|
|
7FF59837E000
|
unkown
|
page readonly
|
|
|
|
1AF6C664000
|
unkown
|
page read and write
|
|
|
|
7FF5BDFF6000
|
unkown
|
page readonly
|
|
|
|
2C1F2872000
|
unkown
|
page read and write
|
|
|
|
7FF570D4E000
|
unkown
|
page readonly
|
|
|
|
1DE17713000
|
unkown
|
page read and write
|
|
|
|
7FF50D4BC000
|
unkown
|
page readonly
|
|
|
|
7FF596DC6000
|
unkown
|
page readonly
|
|
|
|
1AF67090000
|
unkown
|
page read and write
|
|
|
|
1AF6C728000
|
unkown
|
page write copy
|
|
|
|
1CAA56E1000
|
unkown
|
page read and write
|
|
|
|
234C61F0000
|
unkown
|
page readonly
|
|
|
|
7FF570E13000
|
unkown
|
page readonly
|
|
|
|
1C49D6D0000
|
unkown
|
page readonly
|
|
|
|
1DE17A00000
|
unkown
|
page readonly
|
|
|
|
7FF5BDF3C000
|
unkown
|
page readonly
|
|
|
|
13A9F084000
|
unkown
|
page read and write
|
|
|
|
8A1A8FC000
|
unkown
|
page read and write
|
|
|
|
25E6D813000
|
unkown
|
page read and write
|
|
|
|
7FF50D564000
|
unkown
|
page readonly
|
|
|
|
20EE3FF000
|
unkown
|
page read and write
|
|
|
|
7FF4F0DE6000
|
unkown
|
page readonly
|
|
|
|
234C48BD000
|
heap default
|
page read and write
|
|
|
|
1DE17520000
|
heap default
|
page read and write
|
|
|
|
EA47B7B000
|
unkown
|
page read and write
|
|
|
|
26FB77A000
|
unkown
|
page read and write
|
|
|
|
7FF50D19F000
|
unkown
|
page readonly
|
|
|
|
7FF5BDF73000
|
unkown
|
page readonly
|
|
|
|
7FF570DE8000
|
unkown
|
page readonly
|
|
|
|
7FF50D5A0000
|
unkown
|
page readonly
|
|
|
|
2C1F2800000
|
unkown
|
page read and write
|
|
|
|
EA47C77000
|
unkown
|
page read and write
|
|
|
|
7FF569F58000
|
unkown
|
page readonly
|
|
|
|
234C4720000
|
unkown
|
page readonly
|
|
|
|
7FF596A36000
|
unkown
|
page readonly
|
|
|
|
6A110FE000
|
unkown
|
page read and write
|
|
|
|
7FF5982D3000
|
unkown
|
page readonly
|
|
|
|
7FF51AD2E000
|
unkown
|
page readonly
|
|
|
|
7FF596CF3000
|
unkown
|
page readonly
|
|
|
|
1AF6C8A9000
|
unkown
|
page read and write
|
|
|
|
1AF6C620000
|
unkown
|
page read and write
|
|
|
|
260E8FE000
|
unkown
|
page read and write
|
|
|
|
1AF67000000
|
unkown
|
page read and write
|
|
|
|
D84927C000
|
unkown
|
page read and write
|
|
|
|
1AF6C500000
|
unkown
|
page read and write
|
|
|
|
7FF596DEB000
|
unkown
|
page readonly
|
|
|
|
1AF6CA00000
|
unkown
|
page readonly
|
|
|
|
8A1A5FD000
|
unkown
|
page read and write
|
|
|
|
7FF596C4F000
|
unkown
|
page readonly
|
|
|
|
34C40F7000
|
unkown
|
page read and write
|
|
|
|
1C49D453000
|
unkown
|
page read and write
|
|
|
|
7FF59812D000
|
unkown
|
page readonly
|
|
|
|
7FF570ECB000
|
unkown
|
page readonly
|
|
|
|
1C49D513000
|
unkown
|
page read and write
|
|
|
|
542C77E000
|
unkown
|
page read and write
|
|
|
|
1DE17702000
|
unkown
|
page read and write
|
|
|
|
1AF6C8AD000
|
unkown
|
page read and write
|
|
|
|
1AF6C83F000
|
unkown
|
page read and write
|
|
|
|
7FF4F14FA000
|
unkown
|
page readonly
|
|
|
|
1C49D600000
|
unkown
|
page readonly
|
|
|
|
7FF570726000
|
unkown
|
page readonly
|
|
|
|
1AF67076000
|
unkown
|
page read and write
|
|
|
|
7FF5BDF5D000
|
unkown
|
page readonly
|
|
|
|
1AF6C6F0000
|
unkown
|
page read and write
|
|
|
|
260E97E000
|
unkown
|
page read and write
|
|
|
|
1AF68110000
|
unkown
|
page readonly
|
|
|
|
D849B7F000
|
unkown
|
page read and write
|
|
|
|
7FF5BE01E000
|
unkown
|
page readonly
|
|
|
|
7FF51AE8A000
|
unkown
|
page readonly
|
|
|
|
D84947B000
|
unkown
|
page read and write
|
|
|
|
1AF6C855000
|
unkown
|
page read and write
|
|
|
|
7FF569F83000
|
unkown
|
page readonly
|
|
|
|
20D754D0000
|
unkown
|
page readonly
|
|
|
|
1C49D44B000
|
unkown
|
page read and write
|
|
|
|
1DE17CA0000
|
unkown
|
page readonly
|
|
|
|
7FF5A937E000
|
unkown
|
page readonly
|
|
|
|
7FF5A93AB000
|
unkown
|
page readonly
|
|
|
|
1AF66FE0000
|
unkown
|
page readonly
|
|
|
|
2C1F27A0000
|
heap default
|
page read and write
|
|
|
|
1CAA5702000
|
unkown
|
page read and write
|
|
|
|
1AF6708A000
|
unkown
|
page read and write
|
|
|
|
7FF596D3F000
|
unkown
|
page readonly
|
|
|
|
7FF51AF0B000
|
unkown
|
page readonly
|
|
|
|
7FF596BC3000
|
unkown
|
page readonly
|
|
|
|
7FF50D6EF000
|
unkown
|
page readonly
|
|
|
|
7FF5A9376000
|
unkown
|
page readonly
|
|
|
|
260EB7E000
|
unkown
|
page read and write
|
|
|
|
EA47F7E000
|
unkown
|
page read and write
|
|
|
|
7FF50D655000
|
unkown
|
page readonly
|
|
|
|
7FF51AF3B000
|
unkown
|
page readonly
|
|
|
|
7FF50D3AF000
|
unkown
|
page readonly
|
|
|
|
1AF680C0000
|
unkown
|
page readonly
|
|
|
|
7FF51AEFF000
|
unkown
|
page readonly
|
|
|
|
7FF51AA09000
|
unkown
|
page readonly
|
|
|
|
20D7528D000
|
unkown
|
page read and write
|
|
|
|
1AF68100000
|
unkown
|
page readonly
|
|
|
|
1C49D457000
|
unkown
|
page read and write
|
|
|
|
7FF50D27F000
|
unkown
|
page readonly
|
|
|
|
7FF596DE4000
|
unkown
|
page readonly
|
|
|
|
7FF596DFB000
|
unkown
|
page readonly
|
|
|
|
7FF50D5E3000
|
unkown
|
page readonly
|
|
|
|
1CAA5600000
|
unkown
|
page read and write
|
|
|
|
7FF569792000
|
unkown
|
page readonly
|
|
|
|
1AF6C8AF000
|
unkown
|
page read and write
|
|
|
|
1CAA5713000
|
unkown
|
page read and write
|
|
|
|
7FF50D293000
|
unkown
|
page readonly
|
|
|
|
7FF4F14A7000
|
unkown
|
page readonly
|
|
|
|
1C49DB30000
|
unkown
|
page readonly
|
|
|
|
1AF6C770000
|
unkown
|
page read and write
|
|
|
|
1AF6C520000
|
unkown
|
page read and write
|
|
|
|
7FF50D5DC000
|
unkown
|
page readonly
|
|
|
|
7FF5982C9000
|
unkown
|
page readonly
|
|
|
|
20A8D670000
|
unkown
|
page read and write
|
|
|
|
7FF596CB9000
|
unkown
|
page readonly
|
|
|
|
1AF6C82D000
|
unkown
|
page read and write
|
|
|
|
EA478FE000
|
unkown
|
page read and write
|
|
|
|
13A9EFB0000
|
unkown
|
page read and write
|
|
|
|
34C477E000
|
unkown
|
page read and write
|
|
|
|
7FF51AEA5000
|
unkown
|
page readonly
|
|
|
|
8A1A57E000
|
unkown
|
page read and write
|
|
|
|
7FF5BDC26000
|
unkown
|
page readonly
|
|
|
|
7FF596B9D000
|
unkown
|
page readonly
|
|
|
|
7FF51AE83000
|
unkown
|
page readonly
|
|
|
|
34C4B7F000
|
unkown
|
page read and write
|
|
|
|
7FF5968C3000
|
unkown
|
page readonly
|
|
|
|
7FF5965AA000
|
unkown
|
page readonly
|
|
|
|
1AF68120000
|
unkown
|
page readonly
|
|
|
|
2C1F2870000
|
unkown
|
page read and write
|
|
|
|
EA47E7E000
|
unkown
|
page read and write
|
|
|
|
7FF50D37A000
|
unkown
|
page readonly
|
|
|
|
1DE18000000
|
unkown
|
page readonly
|
|
|
|
7FF596D65000
|
unkown
|
page readonly
|
|
|
|
7FF51AEF8000
|
unkown
|
page readonly
|
|
|
|
7FF59836D000
|
unkown
|
page readonly
|
|
|
|
7FF56A00B000
|
unkown
|
page readonly
|
|
|
|
7FF4F157B000
|
unkown
|
page readonly
|
|
|
|
2C1F2AD0000
|
unkown
|
page readonly
|
|
|
|
20D75213000
|
unkown
|
page read and write
|
|
|
|
20D75302000
|
unkown
|
page read and write
|
|
|
|
7FF51AD03000
|
unkown
|
page readonly
|
|
|
|
7FF5A9315000
|
unkown
|
page readonly
|
|
|
|
7FF5BE02F000
|
unkown
|
page readonly
|
|
|
|
25E6DA00000
|
unkown
|
page readonly
|
|
|
|
7FF5982A8000
|
unkown
|
page readonly
|
|
|
|
20A8D920000
|
unkown
|
page readonly
|
|
|
|
7FF50D6B6000
|
unkown
|
page readonly
|
|
|
|
25E6D7C0000
|
unkown
|
page readonly
|
|
|
|
7FF50D59D000
|
unkown
|
page readonly
|
|
|
|
7FF596CC3000
|
unkown
|
page readonly
|
|
|
|
FD34B7E000
|
unkown
|
page read and write
|
|
|
|
34C3D8E000
|
unkown
|
page read and write
|
|
|
|
1AF67074000
|
unkown
|
page read and write
|
|
|
|
1CAA56BB000
|
unkown
|
page read and write
|
|
|
|
20D75950000
|
unkown
|
page read and write
|
|
|
|
1DE17629000
|
unkown
|
page read and write
|
|
|
|
D84957F000
|
unkown
|
page read and write
|
|
|
|
13A9F043000
|
unkown
|
page read and write
|
|
|
|
34C4579000
|
unkown
|
page read and write
|
|
|
|
1AF67913000
|
unkown
|
page read and write
|
|
|
|
7FF5A92A5000
|
unkown
|
page readonly
|
|
|
|
1AF6C8BE000
|
unkown
|
page read and write
|
|
|
|
8A1AD7E000
|
unkown
|
page read and write
|
|
There are 808 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
http://www.zonabillar.com/mesas_de_billar/Pool
|
|
|
|
http://www.zonabillar.com/accesorios/Default.aspx
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/Default.aspx
|
|
|
|
http://www.zonabillar.com/servicios/
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/MesaPoolKronos
|
|
|
|
http://www.zonabillar.com/contacto/
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/MesaPoolEko
|
|
|
|
http://www.zonabillar.com/
|
|
|
|
http://www.zonabillar.com/accesorios/
|
|
|
|
http://www.zonabillar.com/servicios/Default.aspx
|
|
|
|
http://www.zonabillar.com/
|
|
|
|
http://www.zonabillar.com/mesas_de_billar/
|
|
There are 2 hidden doms, click here to show them.