Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
header.dll
|
MS-DOS executable, MZ for MS-DOS
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\0L4X1T90\www.msn[1].xml
|
ASCII text, with no line terminators
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\M4YABQV7\contextual.media[1].xml
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{00494F50-6A26-11EB-90E4-ECF4BB862DED}.dat
|
Microsoft Word Document
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{00494F52-6A26-11EB-90E4-ECF4BB862DED}.dat
|
Microsoft Word Document
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{0E8B7FBE-6A26-11EB-90E4-ECF4BB862DED}.dat
|
Microsoft Word Document
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{204175F4-6A26-11EB-90E4-ECF4BB862DED}.dat
|
Microsoft Word Document
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\ynfz0jx\imagestore.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\133cc53f-05db-4a40-be66-8815e490de9c[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\58-acd805-185735b[1].css
|
UTF-8 Unicode text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\AA7XCQ3[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\BB10ea2p[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\BB14hq0P[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 192x192, segment length 16, baseline, precision 8, 622x368,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\BB15AQNm[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 192x192, segment length 16, baseline, precision 8, 622x368,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\BB19Ex49[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\BB1cEP3G[1].png
|
PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\BB1cG73h[1].png
|
PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\BB1drVkt[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 206x250, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\BB1dtLMD[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 183x183, segment length 16, baseline, precision 8, 206x250,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\BB1dtXp7[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 311x333, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\BB1dtnA6[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 311x333, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\BB1du24g[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x250, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\BB1du5Dn[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 311x333,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\BB7hjL[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\BBK9Hzy[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\BBMW3y8[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\BBPfCZL[1].png
|
GIF image data, version 89a, 50 x 50
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\BBX2afX[1].png
|
PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\BBnYSFZ[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\adb3478e-c94c-4cdb-9882-fa384ccec861[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\checksync[1].htm
|
HTML document, ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\checksync[2].htm
|
HTML document, ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\dnserror[1]
|
HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\errorPageStrings[1]
|
UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\fcmain[1].js
|
HTML document, ASCII text, with very long lines, with no line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\jquery-2.1.1.min[1].js
|
ASCII text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\41-0bee62-68ddb2ab[1].js
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\755f86[1].png
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\85-0f8009-68ddb2ab[1].js
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\AA3DGHW[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\AAyuliQ[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\BB1daMuH[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 100x75, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\BB1drQhq[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 310x166,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\BB1dsSOc[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 206x250,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\BB1dsccj[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 622x368, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\BB1dt12E[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 300x250, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\BB1dt5gI[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 311x333, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\BB1dtEHX[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 622x368, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\BB1dtUu4[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 206x250, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\BB1dtXHe[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 311x333, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\BB1dtavT[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 206x250, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\BB1du30U[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 311x333, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\BB1du7Rd[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 310x166,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\BB1ducp9[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 622x368,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\BB5zDwX[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\BBVuddh[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\BBZMue5[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 311x333, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\cfdbd9[1].png
|
PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\de-ch[1].htm
|
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\de-ch[1].json
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\http___cdn.taboola.com_libtrc_static_thumbnails_27937c3776dc5ac06745246ca617e1e0[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 207x311, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\http___cdn.taboola.com_libtrc_static_thumbnails_e3bfd3be5db664cc49705a5d4ecfeb94[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 207x311, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\iab2Data[1].json
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\medianet[1].htm
|
HTML document, ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\otSDKStub[1].js
|
ASCII text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\otTCF-ie[1].js
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\AA3e6zI[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\AA6SFRQ[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\BB10MkbM[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\BB14EN7h[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 192x192, segment length 16, baseline, precision 8, 622x368,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\BB17milU[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\BB1dpyE6[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 206x250, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\BB1dsUBu[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 100x75, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\BB1dsXm2[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 206x250, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\BB1dtQPk[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 250x250, segment length 16, baseline, precision 8, 311x333,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\BB1dtYAr[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 310x166,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\BB1dtYjV[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 311x333, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\BB1dttFG[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 206x250, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\BB1dtuMp[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 206x250,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\BB1dtvDF[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 100x75, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\BB1du0XN[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 622x368,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\BB1du24d[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 622x368, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\BB1du2vx[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 350x350, segment length 16, baseline, precision 8, 206x250,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\BB1du497[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 622x368, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\BBUZVvV[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\BBi9D1[1].png
|
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\NewErrorPageTemplate[1]
|
UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\a8a064[1].gif
|
GIF image data, version 89a, 28 x 28
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\checksync[1].htm
|
HTML document, ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\checksync[2].htm
|
HTML document, ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\e151e5[1].gif
|
GIF image data, version 89a, 1 x 1
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\httpErrorPagesScripts[1]
|
UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\otFlat[1].json
|
ASCII text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\otPcCenter[1].json
|
ASCII text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\1612680827771-6732[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 622x324, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\4996b9[1].woff
|
Web Open Font Format, TrueType, length 45633, version 1.0
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\55a804ab-e5c6-4b97-9319-86263d365d28[1].json
|
ASCII text, with very long lines, with no line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\BB1dt0B4[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 310x166, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\BB1dt0BG[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 100x75, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\BB1dt8r2[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 311x333, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\BB1dtpUv[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 311x333,
frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\BB1du2l3[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 206x250, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\BB1du45J[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 311x333, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\BB1duarJ[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 206x250, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\BB6Ma4a[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\BBJBnUn[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\BBO5Geh[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\BBY7ARN[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\BBkwUr[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\M[1].avi
|
data
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\a5ea21[1].ico
|
PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\auction[1].htm
|
HTML document, ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\down[1]
|
PNG image data, 15 x 15, 8-bit colormap, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\fcmain[1].js
|
HTML document, ASCII text, with very long lines, with no line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\http___cdn.taboola.com_libtrc_static_thumbnails_04f7003f28b476e050afeeef2fdde755[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 207x311, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\http___cdn.taboola.com_libtrc_static_thumbnails_104a01c669544f24b5f23b033ee5bc11[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 207x311, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\http___cdn.taboola.com_libtrc_static_thumbnails_5b68ffcd2f16cf3bb7c4ad5e646032ea[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 207x311, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\http___cdn.taboola.com_libtrc_static_thumbnails_88a9afc7babe5e76f67b4bb3a48c6e72[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 207x311, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\location[1].js
|
ASCII text, with no line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\medianet[1].htm
|
HTML document, ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\nrrV63415[1].js
|
ASCII text, with very long lines, with no line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\otBannerSdk[1].js
|
ASCII text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DF2E257AFBD247FAAE.TMP
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DF7A876BB66DB3A7EF.TMP
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DFCE1737727B990F21.TMP
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DFE18739069DB30C63.TMP
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\PWOIHVK044LNXAO6L76V.temp
|
data
|
modified
|
|
There are 117 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\header.dll
|
|
|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe 'C:\Users\user\Desktop\header.dll'
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c 'C:\Program Files\Internet Explorer\iexplore.exe'
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
C:\Program Files\Internet Explorer\iexplore.exe
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4808 CREDAT:17410 /prefetch:2
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4808 CREDAT:82960 /prefetch:2
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4808 CREDAT:82964 /prefetch:2
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://sp.booking.com/index.html?aid=1589774&label=dech-prime-hp-me
|
unknown
|
|
|
|
https://www.skype.com/de/download-skype
|
unknown
|
|
|
|
https://www.stroeer.de/fileadmin/de/Konvergenz_und_Konzepte/Daten_und_Technologien/Stroeer_SSP/Downl
|
unknown
|
|
|
|
http://searchads.msn.net/.cfm?&&kp=1&
|
unknown
|
|
|
|
https://contextual.media.net/medianet.php?cid=8CU157172
|
unknown
|
|
|
|
https://www.msn.com/de-ch/nachrichten/coronareisen
|
unknown
|
|
|
|
https://www.msn.com/de-ch/news/other/das-wird-auf-dem-kinderspital-areal-gebaut/ar-BB1dqCTX?ocid=hpl
|
unknown
|
|
|
|
https://onedrive.live.com/?wt.mc_id=oo_msn_msnhomepage_header
|
unknown
|
|
|
|
http://www.hotmail.msn.com/pii/ReadOutlookEmail/
|
unknown
|
|
|
|
https://onedrive.live.com;OneDrive-App
|
unknown
|
|
|
|
https://click.linksynergy.com/deeplink?id=xoqYgl4JDe8&mid=46130&u1=dech_mestripe_office&
|
unknown
|
|
|
|
https://onedrive.live.com;Fotos
|
unknown
|
|
|
|
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
|
unknown
|
|
|
|
http://www.symantec.com
|
unknown
|
|
|
|
https://www.onenote.com/notebooks?WT.mc_id=MSN_OneNote_QuickNote&auth=1
|
unknown
|
|
|
|
https://www.onenote.com/notebooks?WT.mc_id=MSN_OneNote_TopMenu&auth=1&wdorigin=msn
|
unknown
|
|
|
|
https://www.msn.com/de-ch/news/other/massenansammlung-in-z%c3%bcrich-drei-menschen-t%c3%a4tlich-ange
|
unknown
|
|
|
|
https://office.live.com/start/Word.aspx?WT.mc_id=MSN_site;Excel
|
unknown
|
|
|
|
http://ocsp.sca1b.amazontrust.com/images/zGNOcARlYGTyeFRYahD/OdEhBIEiSYz2HE0is2R_2F/oHnVMJVJg3qo2/PB8Ukxd3/_2FdZyY7qB28L0O1lNIFjy5/Cda7YQ8H6s/JQwfM8GxgSjvmdhwB/2ltWUZdd2BHl/u2NKk_2Fluq/2xoUB0o4RHEbMY/c6YAz772j6qjm_2FW04GO/VDYE3XILAvi6u1X8/NxxLkoB3WiE1O/M.avi
|
143.204.15.203
|
|
|
|
http://ogp.me/ns/fb#
|
unknown
|
|
|
|
https://office.live.com/start/Excel.aspx?WT.mc_id=MSN_site;Sway
|
unknown
|
|
|
|
https://www.awin1.com/cread.php?awinmid=15168&awinaffid=696593&clickref=de-ch-ss&ued=htt
|
unknown
|
|
|
|
https://policies.oath.com/us/en/oath/privacy/index.html
|
unknown
|
|
|
|
https://cdn.cookielaw.org/vendorlist/googleData.json
|
unknown
|
|
|
|
https://outlook.com/
|
unknown
|
|
|
|
https://outlook.live.com/mail/deeplink/compose;Kalender
|
unknown
|
|
|
|
https://res-a.akamaihd.net/__media__/pics/8000/72/941/fallback1.jpg
|
unknown
|
|
|
|
https://rover.ebay.com/rover/1/5222-53480-19255-0/1?mpre=https%3A%2F%2Fwww.ebay.ch&campid=533862
|
unknown
|
|
|
|
https://www.skyscanner.net/g/referrals/v1/cars/home?associateid=API_B2B_19305_00002
|
unknown
|
|
|
|
https://contextual.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8HBI57XIG&prvid=77%2
|
unknown
|
|
|
|
https://www.msn.com/de-ch/news/other/innert-einer-woche-hat-sich-die-zahl-der-coronavirus-mutationen
|
unknown
|
|
|
|
https://www.stroeer.com/fileadmin/com/StroeerDSP_deviceStorage.json
|
unknown
|
|
|
|
https://srtb.msn.com:443/notify/viewedg?rid=3eba448703da44319429b9093fcf5737&r=infopane&i=3&
|
unknown
|
|
|
|
https://www.msn.com/de-ch/news/other/vaduz-schl%c3%a4gt-z%c3%bcrich-3-2-dzemaili-verletzt-sich/ar-BB
|
unknown
|
|
|
|
https://www.onenote.com/notebooks?WT.mc_id=MSN_OneNote_Recent&auth=1&wdorigin=msn
|
unknown
|
|
|
|
https://cdn.cookielaw.org/vendorlist/iabData.json
|
unknown
|
|
|
|
https://www.msn.com/de-ch/homepage/api/pdp/updatepdpdata"
|
unknown
|
|
|
|
https://cdn.cookielaw.org/vendorlist/iab2Data.json
|
unknown
|
|
|
|
https://onedrive.live.com/?qt=mru;Aktuelle
|
unknown
|
|
|
|
https://cdn.flurry.com/adTemplates/templates/htmls/clips.html"
|
unknown
|
|
|
|
https://www.msn.com/de-ch/?ocid=iehp
|
unknown
|
|
|
|
https://sp.booking.com/index.html?aid=1589774&label=dech-prime-hp-shoppingstripe-nav
|
unknown
|
|
|
|
https://www.skype.com/
|
unknown
|
|
|
|
https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ce_sharpen%2Ch_311%2Cw_207%2Cc_fill%
|
unknown
|
|
|
|
https://www.msn.com/de-ch/news/other/in-albisrieden-w%c3%bctet-die-abrissbirne-die-wohnforscherin-sa
|
unknown
|
|
|
|
https://www.msn.com/de-ch/homepage/api/modules/fetch"
|
unknown
|
|
|
|
https://sp.booking.com/index.html?aid=1589774&label=travelnavlink
|
unknown
|
|
|
|
https://mem.gfx.ms/meversion/?partner=msn&market=de-ch"
|
unknown
|
|
|
|
https://www.msn.com/de-ch/nachrichten/regional
|
unknown
|
|
|
|
https://www.msn.com/de-ch/news/other/svp-fordert-kameras-in-innenstadt-wegen-gewalt/ar-BB1dsYch?ocid
|
unknown
|
|
|
|
https://web.vortex.data.msn.com/collect/v1/t.gif?name=%27Ms.Webi.PageView%27&ver=%272.1%27&a
|
unknown
|
|
|
|
https://onedrive.live.com/?qt=allmyphotos;Aktuelle
|
unknown
|
|
|
|
https://www.bidstack.com/privacy-policy/
|
unknown
|
|
|
|
https://onedrive.live.com/about/en/download/
|
unknown
|
|
|
|
http://popup.taboola.com/german
|
unknown
|
|
|
|
https://www.msn.com/de-ch/news/other/lernfahrer-17-fl%c3%bcchtet-mit-hohem-tempo-vor-polizei/ar-BB1d
|
unknown
|
|
|
|
https://amzn.to/2TTxhNg
|
unknown
|
|
|
|
https://www.msn.com/de-ch/?ocid=iehp2
|
unknown
|
|
|
|
https://www.skype.com/go/onedrivepromo.download?cm_mmc=MSFT_2390_MSN-com
|
unknown
|
|
|
|
https://client-s.gateway.messenger.live.com
|
unknown
|
|
|
|
https://beap.gemini.yahoo.com/mbclk?bv=1.0.0&es=AmefirgGIS_Lxz99Iaf9LzudQyMkYLctqyR7winF7n9zuwfL
|
unknown
|
|
|
|
https://www.ricardo.ch/?utm_source=msn&utm_medium=affiliate&utm_campaign=msn_mestripe_logo_d
|
unknown
|
|
|
|
https://www.msn.com/de-ch/
|
unknown
|
|
|
|
https://office.live.com/start/PowerPoint.aspx?WT.mc_id=MSN_site
|
unknown
|
|
|
|
https://ir2.beap.gemini.yahoo.com/mbcsc?bv=1.0.0&es=ctlhOT0GIS.SiO1sb1Vx3V5caklY9ga5jRMtAn7KUNVp
|
unknown
|
|
|
|
https://contextual.media.net/medianet.php?cid=8CU157172&crid=858412214&size=306x271&https=1
|
unknown
|
|
|
|
https://www.awin1.com/cread.php?awinmid=15168&awinaffid=696593&clickref=de-ch-edge-dhp-river
|
unknown
|
|
|
|
https://twitter.com/
|
unknown
|
|
|
|
https://www.msn.com/de-ch
|
unknown
|
|
|
|
https://click.linksynergy.com/deeplink?id=xoqYgl4JDe8&mid=46130&u1=dech_mestripe_store&m
|
unknown
|
|
|
|
https://clkde.tradedoubler.com/click?p=245744&a=3064090&g=24903118&epi=ch-de
|
unknown
|
|
|
|
https://twitter.com/i/notifications;Ich
|
unknown
|
|
|
|
https://www.awin1.com/cread.php?awinmid=11518&awinaffid=696593&clickref=dech-edge-dhp-infopa
|
unknown
|
|
|
|
https://contextual.media.net/medianet.php?cid=8CU157172&crid=722878611&size=306x271&http
|
unknown
|
|
|
|
https://outlook.live.com/calendar
|
unknown
|
|
|
|
https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_311%2Cw_207%2Cc_fill%2Cg_faces:au
|
unknown
|
|
|
|
https://onedrive.live.com/#qt=mru
|
unknown
|
|
|
|
https://s.yimg.com/lo/api/res/1.2/a9BAtuaJnks1Er63gvzL8A--~A/Zmk9Zml0O3c9NjIyO2g9MzY4O2FwcGlkPWdlbWl
|
unknown
|
|
|
|
https://www.msn.com/de-ch/news/other/wie-viel-von-blerim-dzemailis-mut-tut-dem-fcz-gut/ar-BB1drxQU?o
|
unknown
|
|
|
|
https://api.taboola.com/2.0/json/msn-ch-de-home/recommendations.notify-click?app.type=desktop&ap
|
unknown
|
|
|
|
https://i.geistm.com/l/HFCH_DTS_LP?bcid=5f11845dac990841e182d491&bhid=60140a72c5b18a0414cccb9c&a
|
unknown
|
|
|
|
https://www.sway.com/?WT.mc_id=MSN_site&utm_source=MSN&utm_medium=Topnav&utm_campaign=link;PowerPoin
|
unknown
|
|
|
|
https://www.msn.com?form=MY01O4&OCID=MY01O4
|
unknown
|
|
|
|
https://support.skype.com
|
unknown
|
|
|
|
https://www.msn.com/de-ch/?ocid=iehp&item=deferred_page%3a1&ignorejs=webcore%2fmodules%2fjsb
|
unknown
|
|
|
|
https://www.skyscanner.net/flights?associateid=API_B2B_19305_00001&vertical=custom&pageType=
|
unknown
|
|
|
|
https://contextual.media.net/medianet.php?cid=8CU157172&crid=722878611&size=306x271&https=1
|
unknown
|
|
|
|
http://ogp.me/ns#
|
unknown
|
|
|
|
https://clk.tradedoubler.com/click?p=245744&a=3064090&g=21863656
|
unknown
|
|
|
|
https://contextual.media.net/medianet.php?cid=8CU157172&crid=858412214&size=306x271&http
|
unknown
|
|
|
|
https://www.ricardo.ch/?utm_source=msn&utm_medium=affiliate&utm_campaign=msn_shop_de&utm
|
unknown
|
|
|
|
https://onedrive.live.com/?qt=mru;OneDrive-App
|
unknown
|
|
|
|
https://www.skype.com/de
|
unknown
|
|
|
|
https://login.skype.com/login/oauth/microsoft?client_id=738133
|
unknown
|
|
|
|
https://onedrive.live.com?wt.mc_id=oo_msn_msnhomepage_header
|
unknown
|
|
|
|
https://www.msn.com/de-ch/news/other/gewalt-wegen-blauen-dunsts-wie-im-z%c3%bcrcher-hauptbahnhof-ein
|
unknown
|
|
There are 86 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
contextual.media.net
|
92.122.146.68
|
|
|
|
tls13.taboola.map.fastly.net
|
151.101.1.44
|
|
|
|
atomproc.com
|
141.136.42.62
|
|
|
|
ocsp.sca1b.amazontrust.com
|
143.204.15.203
|
|
|
|
hblg.media.net
|
92.122.146.68
|
|
|
|
lg3.media.net
|
92.122.146.68
|
|
|
|
geolocation.onetrust.com
|
104.20.185.68
|
|
|
|
edge.gycpi.b.yahoodns.net
|
87.248.118.23
|
|
|
|
s.yimg.com
|
unknown
|
|
|
|
web.vortex.data.msn.com
|
unknown
|
|
|
|
www.msn.com
|
unknown
|
|
|
|
srtb.msn.com
|
unknown
|
|
|
|
img.img-taboola.com
|
unknown
|
|
|
|
cvision.media.net
|
unknown
|
|
There are 4 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Active
|
Malicious
|
|
|---|---|---|---|---|---|
|
143.204.15.203
|
unknown
|
United States
|
unknown
|
|
|
|
104.20.185.68
|
unknown
|
United States
|
unknown
|
|
|
|
87.248.118.23
|
unknown
|
United Kingdom
|
unknown
|
|
|
|
151.101.1.44
|
unknown
|
United States
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\internet explorer\iexplore.exe
|
{00494F50-6A26-11EB-90E4-ECF4BB862DED}
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
AdminActive
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Blocked
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Window_Placement
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Blocked
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
CVListPingLastYMD
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
DecayDateQueue
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LastProcessed
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Blocked
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
NextUpdateDate
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NumberOfSubdomains
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NumberOfSubdomains
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
NULL
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
Total
|
|
There are 107 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
5998000
|
heap private
|
page read and write
|
|
|
|
5998000
|
heap private
|
page read and write
|
|
|
|
5998000
|
heap private
|
page read and write
|
|
|
|
5998000
|
heap private
|
page read and write
|
|
|
|
5998000
|
heap private
|
page read and write
|
|
|
|
5998000
|
heap private
|
page read and write
|
|
|
|
5998000
|
heap private
|
page read and write
|
|
|
|
5998000
|
heap private
|
page read and write
|
|
|
|
20FA1560000
|
heap default
|
page read and write
|
|
|
|
7FF5A9FF6000
|
unkown
|
page readonly
|
|
|
|
19D94250000
|
unkown
|
page read and write
|
|
|
|
20FA1F3F000
|
unkown
|
page read and write
|
|
|
|
20FA1F9C000
|
unkown
|
page read and write
|
|
|
|
7FF5B7658000
|
unkown
|
page readonly
|
|
|
|
5280F75000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
34D4BAE000
|
unkown
|
page read and write
|
|
|
|
1EF5B86D000
|
unkown
|
page read and write
|
|
|
|
2018539B000
|
heap default
|
page read and write
|
|
|
|
7FF50B01F000
|
unkown
|
page readonly
|
|
|
|
7FF5A9FA1000
|
unkown
|
page readonly
|
|
|
|
20FA1F7B000
|
unkown
|
page read and write
|
|
|
|
1E39B5A8000
|
unkown
|
page read and write
|
|
|
|
201855F0000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
28174B43000
|
unkown
|
page read and write
|
|
|
|
7FF5AA02F000
|
unkown
|
page readonly
|
|
|
|
7FF5B5939000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
FAC078E000
|
unkown
|
page read and write
|
|
|
|
20FA1F67000
|
unkown
|
page read and write
|
|
|
|
7FF54B6F9000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
19D8F759000
|
unkown
|
page read and write
|
|
|
|
20FA1F44000
|
unkown
|
page read and write
|
|
|
|
1A715F02000
|
unkown
|
page read and write
|
|
|
|
20FA1570000
|
unkown
|
page readonly
|
|
|
|
A43CFE000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
28174D02000
|
unkown
|
page read and write
|
|
|
|
7FF5AFC83000
|
unkown
|
page readonly
|
|
|
|
7FF55FD1A000
|
unkown
|
page readonly
|
|
|
|
1E39B6D0000
|
unkown
|
page readonly
|
|
|
|
201855E0000
|
heap private
|
page read and write
|
|
|
|
7FF5E04DD000
|
unkown
|
page readonly
|
|
|
|
20FA1D80000
|
unkown
|
page read and write
|
|
|
|
7FF5A9FF8000
|
unkown
|
page readonly
|
|
|
|
263F38F0000
|
unkown
|
page readonly
|
|
|
|
7FF5B7869000
|
unkown
|
page readonly
|
|
|
|
7FF5B05E9000
|
unkown
|
page readonly
|
|
|
|
19D946B1000
|
unkown
|
page read and write
|
|
|
|
168B1C89000
|
unkown
|
page read and write
|
|
|
|
7FF5AA080000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
281741A0000
|
unkown
|
page read and write
|
|
|
|
7FF5A9FCC000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5AA039000
|
unkown
|
page readonly
|
|
|
|
7FF50B216000
|
unkown
|
page readonly
|
|
|
|
20FA1F46000
|
unkown
|
page read and write
|
|
|
|
20FA1F6E000
|
unkown
|
page read and write
|
|
|
|
7FF5C1EFA000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA15E0000
|
unkown
|
page readonly
|
|
|
|
7FF5B5875000
|
unkown
|
page readonly
|
|
|
|
281747C3000
|
unkown
|
page read and write
|
|
|
|
7FF5C1F46000
|
unkown
|
page readonly
|
|
|
|
1EF5B83D000
|
unkown
|
page read and write
|
|
|
|
263F2000000
|
unkown
|
page write copy
|
|
|
|
20FA1F65000
|
unkown
|
page read and write
|
|
|
|
36A8000
|
unkown
|
page read and write
|
|
|
|
28175110000
|
unkown
|
page read and write
|
|
|
|
20185360000
|
unkown
|
page readonly
|
|
|
|
7FF5E081C000
|
unkown
|
page readonly
|
|
|
|
20FA1F95000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
1EF5B841000
|
unkown
|
page read and write
|
|
|
|
263F1E85000
|
unkown
|
page read and write
|
|
|
|
263F3CE0000
|
unkown
|
page read and write
|
|
|
|
28174B83000
|
unkown
|
page read and write
|
|
|
|
7FF5B7800000
|
unkown
|
page readonly
|
|
|
|
20FA1F33000
|
unkown
|
page read and write
|
|
|
|
281747EA000
|
unkown
|
page read and write
|
|
|
|
28174C00000
|
unkown
|
page read and write
|
|
|
|
1EF5B844000
|
unkown
|
page read and write
|
|
|
|
20FA1F54000
|
unkown
|
page read and write
|
|
|
|
7FF5B050A000
|
unkown
|
page readonly
|
|
|
|
1E39B560000
|
unkown
|
page read and write
|
|
|
|
20FA1F42000
|
unkown
|
page read and write
|
|
|
|
1A715E49000
|
unkown
|
page read and write
|
|
|
|
20FA1F3B000
|
unkown
|
page read and write
|
|
|
|
7FF5B7772000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
281728B5000
|
unkown
|
page read and write
|
|
|
|
7FF5CC539000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F5A000
|
unkown
|
page read and write
|
|
|
|
20FA1F98000
|
unkown
|
page read and write
|
|
|
|
20FA1F3B000
|
unkown
|
page read and write
|
|
|
|
7FF50B1A2000
|
unkown
|
page readonly
|
|
|
|
263F3CE0000
|
unkown
|
page read and write
|
|
|
|
20FA1F78000
|
unkown
|
page read and write
|
|
|
|
168B1C87000
|
unkown
|
page read and write
|
|
|
|
20FA1F54000
|
unkown
|
page read and write
|
|
|
|
7FF5A9FC7000
|
unkown
|
page readonly
|
|
|
|
263F3C70000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
168B1A30000
|
unkown
|
page readonly
|
|
|
|
7FF5B03AE000
|
unkown
|
page readonly
|
|
|
|
1EF5BA00000
|
unkown
|
page readonly
|
|
|
|
7FF5AA05C000
|
unkown
|
page readonly
|
|
|
|
23E250A0000
|
unkown
|
page read and write
|
|
|
|
20FA1F5A000
|
unkown
|
page read and write
|
|
|
|
7FF5B0580000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F87000
|
unkown
|
page read and write
|
|
|
|
7FF5B03BA000
|
unkown
|
page readonly
|
|
|
|
20FA1F5A000
|
unkown
|
page read and write
|
|
|
|
20FA1F49000
|
unkown
|
page read and write
|
|
|
|
20FA16E2000
|
unkown
|
page read and write
|
|
|
|
7FF5C1EE8000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
2817472B000
|
unkown
|
page read and write
|
|
|
|
7FF55FD23000
|
unkown
|
page readonly
|
|
|
|
28174840000
|
unkown
|
page read and write
|
|
|
|
1EF5B861000
|
unkown
|
page read and write
|
|
|
|
20FA2402000
|
unkown
|
page read and write
|
|
|
|
20FA1F5B000
|
unkown
|
page read and write
|
|
|
|
7FF55FD58000
|
unkown
|
page readonly
|
|
|
|
2817286A000
|
unkown
|
page read and write
|
|
|
|
19D9436E000
|
unkown
|
page read and write
|
|
|
|
7FF56B119000
|
unkown
|
page readonly
|
|
|
|
599A000
|
heap private
|
page read and write
|
|
|
|
E02C07B000
|
unkown
|
page read and write
|
|
|
|
20FA1F9D000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
1EF5B83B000
|
unkown
|
page read and write
|
|
|
|
7FF5B58AC000
|
unkown
|
page readonly
|
|
|
|
28174D42000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
168B1C2A000
|
unkown
|
page read and write
|
|
|
|
20FA1F5A000
|
unkown
|
page read and write
|
|
|
|
28175000000
|
unkown
|
page read and write
|
|
|
|
7FF5B7525000
|
unkown
|
page readonly
|
|
|
|
20FA1F47000
|
unkown
|
page read and write
|
|
|
|
7FF55FCBC000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
263F3D10000
|
unkown
|
page readonly
|
|
|
|
20FA1F6C000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
5280BBE000
|
unkown
|
page read and write
|
|
|
|
168B1C70000
|
unkown
|
page read and write
|
|
|
|
7FF55FDE7000
|
unkown
|
page readonly
|
|
|
|
20FA1F14000
|
unkown
|
page read and write
|
|
|
|
7FF50B21C000
|
unkown
|
page readonly
|
|
|
|
1A715BB0000
|
heap private
|
page read and write
|
|
|
|
7FF540D09000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
E02C37A000
|
unkown
|
page read and write
|
|
|
|
7FF5A9CFC000
|
unkown
|
page readonly
|
|
|
|
2817298A000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA15B0000
|
unkown
|
page readonly
|
|
|
|
263F3F33000
|
unkown
|
page read and write
|
|
|
|
7FF5C1F70000
|
unkown
|
page readonly
|
|
|
|
8D19AFE000
|
unkown
|
page read and write
|
|
|
|
19D94360000
|
unkown
|
page read and write
|
|
|
|
1A716000000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
168B1D02000
|
unkown
|
page read and write
|
|
|
|
7FF50B1FD000
|
unkown
|
page readonly
|
|
|
|
7FF55FD1C000
|
unkown
|
page readonly
|
|
|
|
20FA1F33000
|
unkown
|
page read and write
|
|
|
|
263F1E3F000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5B77B9000
|
unkown
|
page readonly
|
|
|
|
1EF5B85A000
|
unkown
|
page read and write
|
|
|
|
20FA1F41000
|
unkown
|
page read and write
|
|
|
|
20FA1F86000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F7C000
|
unkown
|
page read and write
|
|
|
|
7FF5B74D3000
|
unkown
|
page readonly
|
|
|
|
20FA1F56000
|
unkown
|
page read and write
|
|
|
|
7FF5B00F0000
|
unkown
|
page readonly
|
|
|
|
20FA2402000
|
unkown
|
page read and write
|
|
|
|
7FF55FB10000
|
unkown
|
page readonly
|
|
|
|
599B000
|
heap private
|
page read and write
|
|
|
|
7FF5EB046000
|
unkown
|
page readonly
|
|
|
|
7FF55FC38000
|
unkown
|
page readonly
|
|
|
|
7FF5B77EC000
|
unkown
|
page readonly
|
|
|
|
19D943A4000
|
unkown
|
page read and write
|
|
|
|
E02C57A000
|
unkown
|
page read and write
|
|
|
|
7FF5A9FE0000
|
unkown
|
page readonly
|
|
|
|
1DB78E3F000
|
unkown
|
page read and write
|
|
|
|
20FA1F41000
|
unkown
|
page read and write
|
|
|
|
7FF5E002D000
|
unkown
|
page readonly
|
|
|
|
20FA1500000
|
heap private
|
page read and write
|
|
|
|
20FA1F18000
|
unkown
|
page read and write
|
|
|
|
7FF5AA04D000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF50B190000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
28174A00000
|
unkown
|
page read and write
|
|
|
|
28172936000
|
unkown
|
page read and write
|
|
|
|
20FA1F3B000
|
unkown
|
page read and write
|
|
|
|
7FF5B00E0000
|
unkown
|
page readonly
|
|
|
|
7FF5C1FD9000
|
unkown
|
page readonly
|
|
|
|
7FF55FDE4000
|
unkown
|
page readonly
|
|
|
|
7FF5E0935000
|
unkown
|
page readonly
|
|
|
|
E02BA7A000
|
unkown
|
page read and write
|
|
|
|
281747FB000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5E09A1000
|
unkown
|
page readonly
|
|
|
|
8D195EC000
|
unkown
|
page read and write
|
|
|
|
7FF5B773C000
|
unkown
|
page readonly
|
|
|
|
23E25D90000
|
unkown
|
page read and write
|
|
|
|
34D4B2B000
|
unkown
|
page read and write
|
|
|
|
7FF55FDCC000
|
unkown
|
page readonly
|
|
|
|
7FF5E0898000
|
unkown
|
page readonly
|
|
|
|
7FF5B75BA000
|
unkown
|
page readonly
|
|
|
|
263F1E77000
|
unkown
|
page read and write
|
|
|
|
7FF55FBAE000
|
unkown
|
page readonly
|
|
|
|
7FF5E0710000
|
unkown
|
page readonly
|
|
|
|
7FF5E08DE000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1656000
|
unkown
|
page read and write
|
|
|
|
1EF5B85E000
|
unkown
|
page read and write
|
|
|
|
7FF5C1FD9000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
1A715E4D000
|
unkown
|
page read and write
|
|
|
|
7FF5C1F4C000
|
unkown
|
page readonly
|
|
|
|
20FA16EB000
|
unkown
|
page read and write
|
|
|
|
20FA2600000
|
unkown
|
page readonly
|
|
|
|
1A715CF0000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
E02B8FB000
|
unkown
|
page read and write
|
|
|
|
7FF5A9BE0000
|
unkown
|
page readonly
|
|
|
|
20FA2461000
|
unkown
|
page read and write
|
|
|
|
7FF55FD40000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF50BE79000
|
unkown
|
page readonly
|
|
|
|
20FA1600000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
B770878000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5A9DA5000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5A9F21000
|
unkown
|
page readonly
|
|
|
|
19D945B0000
|
unkown
|
page read and write
|
|
|
|
20FA1650000
|
unkown
|
page read and write
|
|
|
|
28172946000
|
unkown
|
page read and write
|
|
|
|
20FA1F4B000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5E06CB000
|
unkown
|
page readonly
|
|
|
|
A43EFE000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
1EF5BE02000
|
unkown
|
page read and write
|
|
|
|
7FF5B0539000
|
unkown
|
page readonly
|
|
|
|
7FF5C1F5C000
|
unkown
|
page readonly
|
|
|
|
7FF5E06FA000
|
unkown
|
page readonly
|
|
|
|
E02C47A000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5A9DFF000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF55FD27000
|
unkown
|
page readonly
|
|
|
|
E02B9F9000
|
unkown
|
page read and write
|
|
|
|
7FF5C1D5F000
|
unkown
|
page readonly
|
|
|
|
1A715F08000
|
unkown
|
page read and write
|
|
|
|
20FA1F67000
|
unkown
|
page read and write
|
|
|
|
1A716600000
|
unkown
|
page readonly
|
|
|
|
20FA1F3E000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F3B000
|
unkown
|
page read and write
|
|
|
|
7FF5B777A000
|
unkown
|
page readonly
|
|
|
|
168B19C0000
|
heap private
|
page read and write
|
|
|
|
1EF5B877000
|
unkown
|
page read and write
|
|
|
|
28175210000
|
unkown
|
page read and write
|
|
|
|
20FA1FCF000
|
unkown
|
page read and write
|
|
|
|
D37B37F000
|
unkown
|
page read and write
|
|
|
|
1A715C10000
|
heap default
|
page read and write
|
|
|
|
7FF5EB0C1000
|
unkown
|
page readonly
|
|
|
|
7FF5B04E2000
|
unkown
|
page readonly
|
|
|
|
20FA1F49000
|
unkown
|
page read and write
|
|
|
|
7FF5A9EA1000
|
unkown
|
page readonly
|
|
|
|
7FF50B1CE000
|
unkown
|
page readonly
|
|
|
|
1EF5B846000
|
unkown
|
page read and write
|
|
|
|
28174A95000
|
unkown
|
page read and write
|
|
|
|
7FF5EB04C000
|
unkown
|
page readonly
|
|
|
|
281747D9000
|
unkown
|
page read and write
|
|
|
|
7FF5AA0E1000
|
unkown
|
page readonly
|
|
|
|
28175310000
|
unkown
|
page read and write
|
|
|
|
18A14A46000
|
unkown
|
page read and write
|
|
|
|
28172750000
|
unkown
|
page write copy
|
|
|
|
7FF5E08B2000
|
unkown
|
page readonly
|
|
|
|
7FF55FDD5000
|
unkown
|
page readonly
|
|
|
|
7FF5823A9000
|
unkown
|
page readonly
|
|
|
|
7FF5B0421000
|
unkown
|
page readonly
|
|
|
|
19D946BB000
|
unkown
|
page read and write
|
|
|
|
249D61F0000
|
unkown
|
page read and write
|
|
|
|
7FF5B00DA000
|
unkown
|
page readonly
|
|
|
|
20FA16A6000
|
unkown
|
page read and write
|
|
|
|
FAC0CFC000
|
unkown
|
page read and write
|
|
|
|
7FF5B589D000
|
unkown
|
page readonly
|
|
|
|
7FF5B58BC000
|
unkown
|
page readonly
|
|
|
|
20FA1F67000
|
unkown
|
page read and write
|
|
|
|
1EF5B82D000
|
unkown
|
page read and write
|
|
|
|
28174D02000
|
unkown
|
page read and write
|
|
|
|
20FA1F6A000
|
unkown
|
page read and write
|
|
|
|
7FF5A9F5C000
|
unkown
|
page readonly
|
|
|
|
263F1E6B000
|
unkown
|
page read and write
|
|
|
|
20FA1FBC000
|
unkown
|
page read and write
|
|
|
|
7FF5E0940000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F67000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5B58B6000
|
unkown
|
page readonly
|
|
|
|
20FA1F42000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
249D61F0000
|
unkown
|
page read and write
|
|
|
|
28172855000
|
unkown
|
page read and write
|
|
|
|
1DB78DA0000
|
unkown
|
page write copy
|
|
|
|
7FF5B5889000
|
unkown
|
page readonly
|
|
|
|
7FF5E087C000
|
unkown
|
page readonly
|
|
|
|
1A715E00000
|
unkown
|
page read and write
|
|
|
|
7FF50AFBA000
|
unkown
|
page readonly
|
|
|
|
263F1EC6000
|
unkown
|
page read and write
|
|
|
|
281727A0000
|
unkown
|
page readonly
|
|
|
|
20FA1F59000
|
unkown
|
page read and write
|
|
|
|
263F1EA0000
|
unkown
|
page read and write
|
|
|
|
1EF5B867000
|
unkown
|
page read and write
|
|
|
|
18A14A57000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5E0657000
|
unkown
|
page readonly
|
|
|
|
7FF55FB6B000
|
unkown
|
page readonly
|
|
|
|
7FF5E07B7000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5E085A000
|
unkown
|
page readonly
|
|
|
|
20FA1F6D000
|
unkown
|
page read and write
|
|
|
|
20FA1F3E000
|
unkown
|
page read and write
|
|
|
|
E02C5FB000
|
unkown
|
page read and write
|
|
|
|
1EF5B87E000
|
unkown
|
page read and write
|
|
|
|
19D943A0000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF55FD38000
|
unkown
|
page readonly
|
|
|
|
263F1F13000
|
unkown
|
page read and write
|
|
|
|
20FA1F3A000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F77000
|
unkown
|
page read and write
|
|
|
|
7FF55F97D000
|
unkown
|
page readonly
|
|
|
|
20FA1F48000
|
unkown
|
page read and write
|
|
|
|
7FF55FE49000
|
unkown
|
page readonly
|
|
|
|
7FF55FE3E000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5B58A6000
|
unkown
|
page readonly
|
|
|
|
7FF5E09A9000
|
unkown
|
page readonly
|
|
|
|
1A715DD0000
|
unkown
|
page readonly
|
|
|
|
7FF5E065E000
|
unkown
|
page readonly
|
|
|
|
B770FF9000
|
unkown
|
page read and write
|
|
|
|
7FF5C1F56000
|
unkown
|
page readonly
|
|
|
|
20FA1FA7000
|
unkown
|
page read and write
|
|
|
|
7FF55FDE0000
|
unkown
|
page readonly
|
|
|
|
20FA1F5E000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5EB062000
|
unkown
|
page readonly
|
|
|
|
7FF5A9872000
|
unkown
|
page readonly
|
|
|
|
1A715E7E000
|
unkown
|
page read and write
|
|
|
|
20FA16EA000
|
unkown
|
page read and write
|
|
|
|
19D8F759000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20185290000
|
unkown
|
page readonly
|
|
|
|
20FA1F47000
|
unkown
|
page read and write
|
|
|
|
23E24EAF000
|
unkown
|
page read and write
|
|
|
|
28175210000
|
unkown
|
page read and write
|
|
|
|
20FA1F96000
|
unkown
|
page read and write
|
|
|
|
7FF55FD85000
|
unkown
|
page readonly
|
|
|
|
20FA16E8000
|
unkown
|
page read and write
|
|
|
|
7FF5EAFFE000
|
unkown
|
page readonly
|
|
|
|
281728AD000
|
unkown
|
page read and write
|
|
|
|
281728BC000
|
unkown
|
page read and write
|
|
|
|
7FF50AA41000
|
unkown
|
page readonly
|
|
|
|
7FF55FDBC000
|
unkown
|
page readonly
|
|
|
|
20FA1F49000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
168B1C13000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF55FAF7000
|
unkown
|
page readonly
|
|
|
|
1A716940000
|
unkown
|
page readonly
|
|
|
|
263F2050000
|
unkown
|
page readonly
|
|
|
|
1A715C20000
|
unkown
|
page readonly
|
|
|
|
7FF5A9E1C000
|
unkown
|
page readonly
|
|
|
|
20FA1F54000
|
unkown
|
page read and write
|
|
|
|
263F3F64000
|
unkown
|
page read and write
|
|
|
|
3682000
|
unkown
|
page read and write
|
|
|
|
7FF5EB0BE000
|
unkown
|
page readonly
|
|
|
|
20FA1F41000
|
unkown
|
page read and write
|
|
|
|
23E24EA8000
|
unkown
|
page read and write
|
|
|
|
FAC0C7B000
|
unkown
|
page read and write
|
|
|
|
20185230000
|
unkown
|
page readonly
|
|
|
|
19D94381000
|
unkown
|
page read and write
|
|
|
|
20FA1F4A000
|
unkown
|
page read and write
|
|
|
|
28174797000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F47000
|
unkown
|
page read and write
|
|
|
|
7FF5E070E000
|
unkown
|
page readonly
|
|
|
|
263F1E56000
|
unkown
|
page read and write
|
|
|
|
1A715E8C000
|
unkown
|
page read and write
|
|
|
|
7FF5AA066000
|
unkown
|
page readonly
|
|
|
|
FAC0E7F000
|
unkown
|
page read and write
|
|
|
|
A43A7E000
|
unkown
|
page read and write
|
|
|
|
E02C3FB000
|
unkown
|
page read and write
|
|
|
|
7FF5A9CFF000
|
unkown
|
page readonly
|
|
|
|
20FA1FAE000
|
unkown
|
page read and write
|
|
|
|
20FA1F86000
|
unkown
|
page read and write
|
|
|
|
D37B3FE000
|
unkown
|
page read and write
|
|
|
|
7FF5B0566000
|
unkown
|
page readonly
|
|
|
|
20FA1F42000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
168B1BF0000
|
unkown
|
page read and write
|
|
|
|
7FF5A9B5D000
|
unkown
|
page readonly
|
|
|
|
20FA1F53000
|
unkown
|
page read and write
|
|
|
|
20FA1DA0000
|
unkown
|
page readonly
|
|
|
|
20FA1F3E000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
19D94384000
|
unkown
|
page read and write
|
|
|
|
20FA1F47000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
263F3CE0000
|
unkown
|
page read and write
|
|
|
|
20FA1F41000
|
unkown
|
page read and write
|
|
|
|
20FA2402000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F3E000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5B74C4000
|
unkown
|
page readonly
|
|
|
|
20FA1F65000
|
unkown
|
page read and write
|
|
|
|
7FF5B77A5000
|
unkown
|
page readonly
|
|
|
|
263F1F00000
|
unkown
|
page read and write
|
|
|
|
1EF5B86A000
|
unkown
|
page read and write
|
|
|
|
20FA1D80000
|
unkown
|
page read and write
|
|
|
|
7FF5EAFD8000
|
unkown
|
page readonly
|
|
|
|
263F1E29000
|
unkown
|
page read and write
|
|
|
|
E02C27B000
|
unkown
|
page read and write
|
|
|
|
1E39B5B5000
|
unkown
|
page read and write
|
|
|
|
19D946B7000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F44000
|
unkown
|
page read and write
|
|
|
|
2817292C000
|
unkown
|
page read and write
|
|
|
|
36B8000
|
unkown
|
page read and write
|
|
|
|
18A14A47000
|
unkown
|
page read and write
|
|
|
|
7FF5A9E9C000
|
unkown
|
page readonly
|
|
|
|
7FF5E0857000
|
unkown
|
page readonly
|
|
|
|
E02BAFA000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1713000
|
unkown
|
page read and write
|
|
|
|
7FF50ADA0000
|
unkown
|
page readonly
|
|
|
|
1E39B8D0000
|
unkown
|
page readonly
|
|
|
|
20FA1F57000
|
unkown
|
page read and write
|
|
|
|
36A8000
|
unkown
|
page read and write
|
|
|
|
20FA1F53000
|
unkown
|
page read and write
|
|
|
|
7FF55FDAD000
|
unkown
|
page readonly
|
|
|
|
7FF5C1EE6000
|
unkown
|
page readonly
|
|
|
|
28174760000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
E02C1FB000
|
unkown
|
page read and write
|
|
|
|
7FF5E0798000
|
unkown
|
page readonly
|
|
|
|
20FA1800000
|
unkown
|
page readonly
|
|
|
|
28174A23000
|
unkown
|
page read and write
|
|
|
|
28172800000
|
unkown
|
page read and write
|
|
|
|
20FA1613000
|
unkown
|
page read and write
|
|
|
|
20FA1F3E000
|
unkown
|
page read and write
|
|
|
|
A43DFE000
|
unkown
|
page read and write
|
|
|
|
34D4E7E000
|
unkown
|
page read and write
|
|
|
|
20FA2402000
|
unkown
|
page read and write
|
|
|
|
168B2202000
|
unkown
|
page read and write
|
|
|
|
E02BF7C000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5E08F9000
|
unkown
|
page readonly
|
|
|
|
7FF55FD2C000
|
unkown
|
page readonly
|
|
|
|
20FA1F4A000
|
unkown
|
page read and write
|
|
|
|
1EF5B857000
|
unkown
|
page read and write
|
|
|
|
E02B54E000
|
unkown
|
page read and write
|
|
|
|
20FA1F8E000
|
unkown
|
page read and write
|
|
|
|
20FA168B000
|
unkown
|
page read and write
|
|
|
|
7FF5B74D7000
|
unkown
|
page readonly
|
|
|
|
7FF5C1F0E000
|
unkown
|
page readonly
|
|
|
|
20FA1F9C000
|
unkown
|
page read and write
|
|
|
|
7FF50B088000
|
unkown
|
page readonly
|
|
|
|
7FF5ABB19000
|
unkown
|
page readonly
|
|
|
|
1EF5B831000
|
unkown
|
page read and write
|
|
|
|
168B1C4D000
|
unkown
|
page read and write
|
|
|
|
7FF5B7677000
|
unkown
|
page readonly
|
|
|
|
168B2740000
|
unkown
|
page readonly
|
|
|
|
2817287B000
|
unkown
|
page read and write
|
|
|
|
19D94360000
|
unkown
|
page read and write
|
|
|
|
7FF5C1F3D000
|
unkown
|
page readonly
|
|
|
|
28175210000
|
unkown
|
page read and write
|
|
|
|
7FF55FDC6000
|
unkown
|
page readonly
|
|
|
|
8BEE97E000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF55FAB7000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F64000
|
unkown
|
page read and write
|
|
|
|
28174860000
|
unkown
|
page readonly
|
|
|
|
7FF50B206000
|
unkown
|
page readonly
|
|
|
|
7FF5A9D1A000
|
unkown
|
page readonly
|
|
|
|
7FF5E099E000
|
unkown
|
page readonly
|
|
|
|
7FF5B77CD000
|
unkown
|
page readonly
|
|
|
|
8BEE87A000
|
unkown
|
page read and write
|
|
|
|
19D946B9000
|
unkown
|
page read and write
|
|
|
|
7FF5E08EF000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F98000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
263F1E13000
|
unkown
|
page read and write
|
|
|
|
28175010000
|
unkown
|
page read and write
|
|
|
|
20FA1F5B000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F8D000
|
unkown
|
page read and write
|
|
|
|
20FA1F42000
|
unkown
|
page read and write
|
|
|
|
7FF5E08CA000
|
unkown
|
page readonly
|
|
|
|
7FF5B592E000
|
unkown
|
page readonly
|
|
|
|
20FA1F44000
|
unkown
|
page read and write
|
|
|
|
7FF5B7530000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF55FD01000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F75000
|
unkown
|
page read and write
|
|
|
|
1A715E02000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F97000
|
unkown
|
page read and write
|
|
|
|
19D8EE99000
|
unkown
|
page read and write
|
|
|
|
28174AD6000
|
unkown
|
page read and write
|
|
|
|
7FF5A9BDA000
|
unkown
|
page readonly
|
|
|
|
19D8FD40000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA2454000
|
unkown
|
page read and write
|
|
|
|
A4376C000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
28174783000
|
unkown
|
page read and write
|
|
|
|
5D0000
|
unkown image
|
page readonly
|
|
|
|
B77056B000
|
unkown
|
page read and write
|
|
|
|
7FF5E08B6000
|
unkown
|
page readonly
|
|
|
|
7FF5B77DC000
|
unkown
|
page readonly
|
|
|
|
1EF5BD90000
|
unkown
|
page read and write
|
|
|
|
168B2400000
|
unkown
|
page readonly
|
|
|
|
8D199FF000
|
unkown
|
page read and write
|
|
|
|
20FA1F46000
|
unkown
|
page read and write
|
|
|
|
7FF55F953000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5B05E1000
|
unkown
|
page readonly
|
|
|
|
7FF5E0815000
|
unkown
|
page readonly
|
|
|
|
18A14A56000
|
unkown
|
page read and write
|
|
|
|
7FF50B10C000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
19D943A0000
|
unkown
|
page read and write
|
|
|
|
168B1B00000
|
unkown
|
page readonly
|
|
|
|
18A14A47000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
1DB78F02000
|
unkown
|
page read and write
|
|
|
|
1A715E13000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
281728A3000
|
unkown
|
page read and write
|
|
|
|
20FA1F49000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF55FAA4000
|
unkown
|
page readonly
|
|
|
|
7FF5E08E5000
|
unkown
|
page readonly
|
|
|
|
28175110000
|
unkown
|
page read and write
|
|
|
|
20FA1D30000
|
unkown
|
page write copy
|
|
|
|
7FF5E0926000
|
unkown
|
page readonly
|
|
|
|
20FA15F0000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5C1ED0000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
281747DD000
|
unkown
|
page read and write
|
|
|
|
7FF55FCFA000
|
unkown
|
page readonly
|
|
|
|
2817286B000
|
unkown
|
page read and write
|
|
|
|
20FA1F6F000
|
unkown
|
page read and write
|
|
|
|
168B1C4B000
|
unkown
|
page read and write
|
|
|
|
7FF55FCB5000
|
unkown
|
page readonly
|
|
|
|
7FF50B06A000
|
unkown
|
page readonly
|
|
|
|
7FF5E0854000
|
unkown
|
page readonly
|
|
|
|
201855E5000
|
heap private
|
page read and write
|
|
|
|
7FF55FD99000
|
unkown
|
page readonly
|
|
|
|
20FA1F54000
|
unkown
|
page read and write
|
|
|
|
7FF50B0D7000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
28172855000
|
unkown
|
page read and write
|
|
|
|
7FF5A9F81000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5AA00A000
|
unkown
|
page readonly
|
|
|
|
1EF5B842000
|
unkown
|
page read and write
|
|
|
|
2817285D000
|
unkown
|
page read and write
|
|
|
|
263F3C60000
|
unkown
|
page read and write
|
|
|
|
19D8EE9B000
|
unkown
|
page read and write
|
|
|
|
263F1CB0000
|
heap private
|
page read and write
|
|
|
|
20FA1FD8000
|
unkown
|
page read and write
|
|
|
|
7FF5E0937000
|
unkown
|
page readonly
|
|
|
|
20FA1F53000
|
unkown
|
page read and write
|
|
|
|
28174C82000
|
unkown
|
page read and write
|
|
|
|
28172913000
|
unkown
|
page read and write
|
|
|
|
7FF5E04B3000
|
unkown
|
page readonly
|
|
|
|
20FA1F91000
|
unkown
|
page read and write
|
|
|
|
7FF5E0604000
|
unkown
|
page readonly
|
|
|
|
7FF5E091C000
|
unkown
|
page readonly
|
|
|
|
28172670000
|
heap default
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5AA084000
|
unkown
|
page readonly
|
|
|
|
7FF55FBB0000
|
unkown
|
page readonly
|
|
|
|
7FF5B6EE9000
|
unkown
|
page readonly
|
|
|
|
20FA1F78000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF55FD6A000
|
unkown
|
page readonly
|
|
|
|
7FF50B0A3000
|
unkown
|
page readonly
|
|
|
|
7FF5B7776000
|
unkown
|
page readonly
|
|
|
|
7FF5E072F000
|
unkown
|
page readonly
|
|
|
|
2DD8000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F57000
|
unkown
|
page read and write
|
|
|
|
7FF5E0861000
|
unkown
|
page readonly
|
|
|
|
168B1BE0000
|
unkown
|
page readonly
|
|
|
|
7FF5E0944000
|
unkown
|
page readonly
|
|
|
|
20FA164D000
|
unkown
|
page read and write
|
|
|
|
E02B4CB000
|
unkown
|
page read and write
|
|
|
|
400000
|
unkown image
|
page readonly
|
|
|
|
20FA1F81000
|
unkown
|
page read and write
|
|
|
|
1EF5B87B000
|
unkown
|
page read and write
|
|
|
|
20FA1F99000
|
unkown
|
page read and write
|
|
|
|
7FF55FD8F000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
E02B87B000
|
unkown
|
page read and write
|
|
|
|
B7709F5000
|
unkown
|
page read and write
|
|
|
|
E02B5CE000
|
unkown
|
page read and write
|
|
|
|
1EF5B85B000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F59000
|
unkown
|
page read and write
|
|
|
|
28174D82000
|
unkown
|
page read and write
|
|
|
|
20FA16A6000
|
unkown
|
page read and write
|
|
|
|
1EF5B5D0000
|
heap private
|
page read and write
|
|
|
|
7FF530509000
|
unkown
|
page readonly
|
|
|
|
7FF5B051E000
|
unkown
|
page readonly
|
|
|
|
28175110000
|
unkown
|
page read and write
|
|
|
|
1DB78E02000
|
unkown
|
page read and write
|
|
|
|
1EF5B82A000
|
unkown
|
page read and write
|
|
|
|
7FF50B0D1000
|
unkown
|
page readonly
|
|
|
|
20FA1F53000
|
unkown
|
page read and write
|
|
|
|
28174840000
|
unkown
|
page readonly
|
|
|
|
20FA1FA7000
|
unkown
|
page read and write
|
|
|
|
20FA1FAC000
|
unkown
|
page read and write
|
|
|
|
20FA1F3F000
|
unkown
|
page read and write
|
|
|
|
7FF55FDB1000
|
unkown
|
page readonly
|
|
|
|
8D1987F000
|
unkown
|
page read and write
|
|
|
|
20FA1702000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F56000
|
unkown
|
page read and write
|
|
|
|
7FF5E07B3000
|
unkown
|
page readonly
|
|
|
|
20FA1F41000
|
unkown
|
page read and write
|
|
|
|
7FF5C1CFA000
|
unkown
|
page readonly
|
|
|
|
E02BBFE000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
249D61F0000
|
unkown
|
page read and write
|
|
|
|
1DB78DF0000
|
unkown
|
page readonly
|
|
|
|
7FF5A9E28000
|
unkown
|
page readonly
|
|
|
|
28172A00000
|
unkown
|
page readonly
|
|
|
|
E02BC7C000
|
unkown
|
page read and write
|
|
|
|
20FA1F00000
|
unkown
|
page read and write
|
|
|
|
E02C6FD000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF55FDD7000
|
unkown
|
page readonly
|
|
|
|
7FF55FD56000
|
unkown
|
page readonly
|
|
|
|
19D944C0000
|
unkown
|
page read and write
|
|
|
|
7FF55FCE1000
|
unkown
|
page readonly
|
|
|
|
1EF5B845000
|
unkown
|
page read and write
|
|
|
|
168B1C50000
|
unkown
|
page read and write
|
|
|
|
7FF50B192000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
E02BB7B000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5B056C000
|
unkown
|
page readonly
|
|
|
|
7FF5AA025000
|
unkown
|
page readonly
|
|
|
|
20FA1F5B000
|
unkown
|
page read and write
|
|
|
|
263F3F1F000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5AA087000
|
unkown
|
page readonly
|
|
|
|
19D8F5F0000
|
unkown
|
page read and write
|
|
|
|
7FF5B04F8000
|
unkown
|
page readonly
|
|
|
|
7FF5EB055000
|
unkown
|
page readonly
|
|
|
|
28175310000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA16C6000
|
unkown
|
page read and write
|
|
|
|
263F5000000
|
unkown
|
page readonly
|
|
|
|
7FF5B785E000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
1EF5B847000
|
unkown
|
page read and write
|
|
|
|
20FA1F80000
|
unkown
|
page read and write
|
|
|
|
20FA1F53000
|
unkown
|
page read and write
|
|
|
|
7FF5A9E03000
|
unkown
|
page readonly
|
|
|
|
281747FA000
|
unkown
|
page read and write
|
|
|
|
28172902000
|
unkown
|
page read and write
|
|
|
|
28172610000
|
heap private
|
page read and write
|
|
|
|
168B1D00000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
28174747000
|
unkown
|
page read and write
|
|
|
|
E02BEFB000
|
unkown
|
page read and write
|
|
|
|
20FA1580000
|
unkown
|
page readonly
|
|
|
|
E02BFFB000
|
unkown
|
page read and write
|
|
|
|
7FF5E084A000
|
unkown
|
page readonly
|
|
|
|
23E24EAF000
|
unkown
|
page read and write
|
|
|
|
D37AFEE000
|
unkown
|
page read and write
|
|
|
|
7FF50AD8A000
|
unkown
|
page readonly
|
|
|
|
1EF5B84E000
|
unkown
|
page read and write
|
|
|
|
7FF5E0617000
|
unkown
|
page readonly
|
|
|
|
20FA2400000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5A9ED8000
|
unkown
|
page readonly
|
|
|
|
7FF5B045C000
|
unkown
|
page readonly
|
|
|
|
20FA1D80000
|
unkown
|
page read and write
|
|
|
|
20FA1F4F000
|
unkown
|
page read and write
|
|
|
|
7FF5B77E6000
|
unkown
|
page readonly
|
|
|
|
28172947000
|
unkown
|
page read and write
|
|
|
|
18A149E0000
|
unkown
|
page read and write
|
|
|
|
7FF5B0584000
|
unkown
|
page readonly
|
|
|
|
168B1C55000
|
unkown
|
page read and write
|
|
|
|
FAC0B7F000
|
unkown
|
page read and write
|
|
|
|
A43B7F000
|
unkown
|
page read and write
|
|
|
|
52813FE000
|
unkown
|
page read and write
|
|
|
|
1E39B5B2000
|
unkown
|
page read and write
|
|
|
|
8D19A7E000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F56000
|
unkown
|
page read and write
|
|
|
|
19D94390000
|
unkown
|
page read and write
|
|
|
|
7FF5A9FD8000
|
unkown
|
page readonly
|
|
|
|
263F1EB3000
|
unkown
|
page read and write
|
|
|
|
7FF55FCEA000
|
unkown
|
page readonly
|
|
|
|
7FF5E0887000
|
unkown
|
page readonly
|
|
|
|
7FF5E08A2000
|
unkown
|
page readonly
|
|
|
|
281727E0000
|
unkown
|
page read and write
|
|
|
|
7FF5B6EED000
|
unkown
|
page readonly
|
|
|
|
7FF5B7717000
|
unkown
|
page readonly
|
|
|
|
7FF55FD7E000
|
unkown
|
page readonly
|
|
|
|
7FF5B04F6000
|
unkown
|
page readonly
|
|
|
|
7FF5A9FF2000
|
unkown
|
page readonly
|
|
|
|
263F3F02000
|
unkown
|
page read and write
|
|
|
|
1E39B5B7000
|
unkown
|
page read and write
|
|
|
|
20FA1651000
|
unkown
|
page read and write
|
|
|
|
7FF5E0665000
|
unkown
|
page readonly
|
|
|
|
2817285D000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF57E3B9000
|
unkown
|
page readonly
|
|
|
|
2817286D000
|
unkown
|
page read and write
|
|
|
|
20FA1F86000
|
unkown
|
page read and write
|
|
|
|
FAC068B000
|
unkown
|
page read and write
|
|
|
|
20FA16D5000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF50B299000
|
unkown
|
page readonly
|
|
|
|
20FA1F67000
|
unkown
|
page read and write
|
|
|
|
7FF5A9B59000
|
unkown
|
page readonly
|
|
|
|
1E39B6B0000
|
heap private
|
page read and write
|
|
|
|
20FA1FBC000
|
unkown
|
page read and write
|
|
|
|
20FA1F44000
|
unkown
|
page read and write
|
|
|
|
52811F7000
|
unkown
|
page read and write
|
|
|
|
19D944B0000
|
unkown
|
page read and write
|
|
|
|
7FF50B1BA000
|
unkown
|
page readonly
|
|
|
|
28172937000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5B75D0000
|
unkown
|
page readonly
|
|
|
|
7FF5EB02D000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
19D94368000
|
unkown
|
page read and write
|
|
|
|
19D94430000
|
unkown
|
page read and write
|
|
|
|
19D8F718000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
263F1E00000
|
unkown
|
page read and write
|
|
|
|
8BEE9FF000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
599B000
|
heap private
|
page read and write
|
|
|
|
1EF5B85C000
|
unkown
|
page read and write
|
|
|
|
7FF5B7778000
|
unkown
|
page readonly
|
|
|
|
B770B77000
|
unkown
|
page read and write
|
|
|
|
263F1EC8000
|
unkown
|
page read and write
|
|
|
|
7FF55FB9A000
|
unkown
|
page readonly
|
|
|
|
7FF5EB036000
|
unkown
|
page readonly
|
|
|
|
7FF5E08B8000
|
unkown
|
page readonly
|
|
|
|
7FF5A9EAE000
|
unkown
|
page readonly
|
|
|
|
20FA1F65000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
19D8EE89000
|
unkown
|
page read and write
|
|
|
|
28174D82000
|
unkown
|
page read and write
|
|
|
|
281747B8000
|
unkown
|
page read and write
|
|
|
|
20FA1F96000
|
unkown
|
page read and write
|
|
|
|
34D507A000
|
unkown
|
page read and write
|
|
|
|
1EF5B858000
|
unkown
|
page read and write
|
|
|
|
1EF5B85F000
|
unkown
|
page read and write
|
|
|
|
7FF5EB00F000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
19D94450000
|
unkown
|
page read and write
|
|
|
|
7FF5E0029000
|
unkown
|
page readonly
|
|
|
|
20FA164C000
|
unkown
|
page read and write
|
|
|
|
28172936000
|
unkown
|
page read and write
|
|
|
|
7FF5C1F29000
|
unkown
|
page readonly
|
|
|
|
20FA1716000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
34D53FD000
|
unkown
|
page read and write
|
|
|
|
7FF55FCF4000
|
unkown
|
page readonly
|
|
|
|
7FF5B05E9000
|
unkown
|
page readonly
|
|
|
|
281728ED000
|
unkown
|
page read and write
|
|
|
|
7FF5AA06C000
|
unkown
|
page readonly
|
|
|
|
D37B2FF000
|
unkown
|
page read and write
|
|
|
|
7FF5E0613000
|
unkown
|
page readonly
|
|
|
|
7FF55FCF7000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF55FACC000
|
unkown
|
page readonly
|
|
|
|
7FF5B584A000
|
unkown
|
page readonly
|
|
|
|
28172829000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
5280E7E000
|
unkown
|
page read and write
|
|
|
|
E02BD7B000
|
unkown
|
page read and write
|
|
|
|
B7708FE000
|
unkown
|
page read and write
|
|
|
|
7FF5A9FE2000
|
unkown
|
page readonly
|
|
|
|
E02C77C000
|
unkown
|
page read and write
|
|
|
|
263F3CD0000
|
unkown
|
page readonly
|
|
|
|
7FF5B5848000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
1DB7A870000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5B7869000
|
unkown
|
page readonly
|
|
|
|
20FA1F46000
|
unkown
|
page read and write
|
|
|
|
7FF50B1DF000
|
unkown
|
page readonly
|
|
|
|
7FF5B03FD000
|
unkown
|
page readonly
|
|
|
|
2817286E000
|
unkown
|
page read and write
|
|
|
|
28175110000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
1E39B5B2000
|
unkown
|
page read and write
|
|
|
|
7FF5B5939000
|
unkown
|
page readonly
|
|
|
|
7FF5B58D2000
|
unkown
|
page readonly
|
|
|
|
263F1E6D000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5A98AA000
|
unkown
|
page readonly
|
|
|
|
7FF5C1F65000
|
unkown
|
page readonly
|
|
|
|
20FA1F4C000
|
unkown
|
page read and write
|
|
|
|
263F1D10000
|
heap default
|
page read and write
|
|
|
|
B7710FE000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF50B20C000
|
unkown
|
page readonly
|
|
|
|
599A000
|
heap private
|
page read and write
|
|
|
|
7FF5C1F77000
|
unkown
|
page readonly
|
|
|
|
7FF5B778A000
|
unkown
|
page readonly
|
|
|
|
20FA163C000
|
unkown
|
page read and write
|
|
|
|
28174787000
|
unkown
|
page read and write
|
|
|
|
7FF55F5C0000
|
unkown
|
page readonly
|
|
|
|
1E39B596000
|
heap default
|
page read and write
|
|
|
|
7FF5EB0C9000
|
unkown
|
page readonly
|
|
|
|
20FA1F5C000
|
unkown
|
page read and write
|
|
|
|
20FA1F77000
|
unkown
|
page read and write
|
|
|
|
7FF5C1FD1000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
19D901C0000
|
unkown
|
page read and write
|
|
|
|
20FA1FD0000
|
unkown
|
page read and write
|
|
|
|
20FA1708000
|
unkown
|
page read and write
|
|
|
|
7FF5AA0E9000
|
unkown
|
page readonly
|
|
|
|
168B1C3C000
|
unkown
|
page read and write
|
|
|
|
7FF5B779E000
|
unkown
|
page readonly
|
|
|
|
281727F0000
|
unkown
|
page readonly
|
|
|
|
20FA1F78000
|
unkown
|
page read and write
|
|
|
|
20FA1F50000
|
unkown
|
page read and write
|
|
|
|
7FF5A9F9A000
|
unkown
|
page readonly
|
|
|
|
28174B43000
|
unkown
|
page read and write
|
|
|
|
7FF5B7804000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
D37B279000
|
unkown
|
page read and write
|
|
|
|
20FA1F5B000
|
unkown
|
page read and write
|
|
|
|
7FF5B0587000
|
unkown
|
page readonly
|
|
|
|
20FA1F3A000
|
unkown
|
page read and write
|
|
|
|
7FF5B04E0000
|
unkown
|
page readonly
|
|
|
|
7FF5EAFDA000
|
unkown
|
page readonly
|
|
|
|
7FF5B7807000
|
unkown
|
page readonly
|
|
|
|
7FF50B1E9000
|
unkown
|
page readonly
|
|
|
|
E02BDFB000
|
unkown
|
page read and write
|
|
|
|
28174B43000
|
unkown
|
page read and write
|
|
|
|
7FF50A92D000
|
unkown
|
page readonly
|
|
|
|
E02C2FB000
|
unkown
|
page read and write
|
|
|
|
19D94430000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
1DB78E58000
|
unkown
|
page read and write
|
|
|
|
7FF5B0525000
|
unkown
|
page readonly
|
|
|
|
D37AF6E000
|
unkown
|
page read and write
|
|
|
|
7FF5E088C000
|
unkown
|
page readonly
|
|
|
|
263F1DF0000
|
unkown
|
page readonly
|
|
|
|
28172977000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
A437EE000
|
unkown
|
page read and write
|
|
|
|
20FA1F46000
|
unkown
|
page read and write
|
|
|
|
E02C4FB000
|
unkown
|
page read and write
|
|
|
|
20FA1F3B000
|
unkown
|
page read and write
|
|
|
|
1E39B58B000
|
heap default
|
page read and write
|
|
|
|
20FA16A2000
|
unkown
|
page read and write
|
|
|
|
7FF5AFC7D000
|
unkown
|
page readonly
|
|
|
|
20FA1F76000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
1EF5B902000
|
unkown
|
page read and write
|
|
|
|
28175410000
|
unkown
|
page read and write
|
|
|
|
1E39B6C0000
|
unkown
|
page readonly
|
|
|
|
7FF55FB05000
|
unkown
|
page readonly
|
|
|
|
28174B83000
|
unkown
|
page read and write
|
|
|
|
263F1F02000
|
unkown
|
page read and write
|
|
|
|
20FA1F42000
|
unkown
|
page read and write
|
|
|
|
2817286A000
|
unkown
|
page read and write
|
|
|
|
1EF5B630000
|
heap default
|
page read and write
|
|
|
|
7FF50B1A6000
|
unkown
|
page readonly
|
|
|
|
281728AA000
|
unkown
|
page read and write
|
|
|
|
19D8EEF9000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F47000
|
unkown
|
page read and write
|
|
|
|
7FF5AFC50000
|
unkown
|
page readonly
|
|
|
|
E02C17C000
|
unkown
|
page read and write
|
|
|
|
7FF5E090D000
|
unkown
|
page readonly
|
|
|
|
19D944C0000
|
unkown
|
page read and write
|
|
|
|
20FA1F46000
|
unkown
|
page read and write
|
|
|
|
20185470000
|
unkown
|
page read and write
|
|
|
|
7FF5E0911000
|
unkown
|
page readonly
|
|
|
|
20FA1F46000
|
unkown
|
page read and write
|
|
|
|
1EF5B82F000
|
unkown
|
page read and write
|
|
|
|
20FA1F31000
|
unkown
|
page read and write
|
|
|
|
1EF5B800000
|
unkown
|
page read and write
|
|
|
|
28175410000
|
unkown
|
page read and write
|
|
|
|
20FA1F86000
|
unkown
|
page read and write
|
|
|
|
20FA1F58000
|
unkown
|
page read and write
|
|
|
|
20FA1F53000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
263F3F23000
|
unkown
|
page read and write
|
|
|
|
7FF55FE49000
|
unkown
|
page readonly
|
|
|
|
1EF5B640000
|
unkown
|
page readonly
|
|
|
|
20FA1590000
|
unkown
|
page read and write
|
|
|
|
20FA1F77000
|
unkown
|
page read and write
|
|
|
|
281745E0000
|
heap private
|
page read and write
|
|
|
|
1A716402000
|
unkown
|
page read and write
|
|
|
|
7FF55FAFE000
|
unkown
|
page readonly
|
|
|
|
18A14A57000
|
unkown
|
page read and write
|
|
|
|
20FA1FB2000
|
unkown
|
page read and write
|
|
|
|
20FA1F53000
|
unkown
|
page read and write
|
|
|
|
22B74C78000
|
unkown
|
page read and write
|
|
|
|
28174840000
|
unkown
|
page read and write
|
|
|
|
7FF5B77F7000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF50B234000
|
unkown
|
page readonly
|
|
|
|
20FA1F4B000
|
unkown
|
page read and write
|
|
|
|
20FA164F000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
28174A09000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
263F37F0000
|
unkown
|
page read and write
|
|
|
|
7FF5B77D6000
|
unkown
|
page readonly
|
|
|
|
7FF5B055C000
|
unkown
|
page readonly
|
|
|
|
7FF5E0916000
|
unkown
|
page readonly
|
|
|
|
7FF5B7721000
|
unkown
|
page readonly
|
|
|
|
7FF50B225000
|
unkown
|
page readonly
|
|
|
|
28172890000
|
unkown
|
page read and write
|
|
|
|
7FF5E092C000
|
unkown
|
page readonly
|
|
|
|
34D51F7000
|
unkown
|
page read and write
|
|
|
|
52810FE000
|
unkown
|
page read and write
|
|
|
|
1EF5B86B000
|
unkown
|
page read and write
|
|
|
|
20FA1F88000
|
unkown
|
page read and write
|
|
|
|
20FA1F2C000
|
unkown
|
page read and write
|
|
|
|
20FA1F42000
|
unkown
|
page read and write
|
|
|
|
7FF50B299000
|
unkown
|
page readonly
|
|
|
|
8D198FF000
|
unkown
|
page read and write
|
|
|
|
7FF5A9BF0000
|
unkown
|
page readonly
|
|
|
|
20FA16B0000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
28174830000
|
unkown
|
page readonly
|
|
|
|
20FA1F41000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
1E39B6B5000
|
heap private
|
page read and write
|
|
|
|
7FF50B237000
|
unkown
|
page readonly
|
|
|
|
20FA1F47000
|
unkown
|
page read and write
|
|
|
|
7FF5A9D6C000
|
unkown
|
page readonly
|
|
|
|
1DB7A970000
|
unkown
|
page readonly
|
|
|
|
2817283F000
|
unkown
|
page read and write
|
|
|
|
7FF5B04F2000
|
unkown
|
page readonly
|
|
|
|
28172813000
|
unkown
|
page read and write
|
|
|
|
7FF5B03D8000
|
unkown
|
page readonly
|
|
|
|
19D944C0000
|
unkown
|
page read and write
|
|
|
|
263F4010000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
19D94430000
|
unkown
|
page read and write
|
|
|
|
7FF5B586E000
|
unkown
|
page readonly
|
|
|
|
28174700000
|
unkown
|
page read and write
|
|
|
|
7FF50B230000
|
unkown
|
page readonly
|
|
|
|
20FA1F4B000
|
unkown
|
page read and write
|
|
|
|
D37AEEA000
|
unkown
|
page read and write
|
|
|
|
263F1D20000
|
unkown
|
page readonly
|
|
|
|
1A715E55000
|
unkown
|
page read and write
|
|
|
|
7FF5C1F15000
|
unkown
|
page readonly
|
|
|
|
7FF5A9DB0000
|
unkown
|
page readonly
|
|
|
|
7FF55FAB3000
|
unkown
|
page readonly
|
|
|
|
5280B3C000
|
unkown
|
page read and write
|
|
|
|
7FF5B77AF000
|
unkown
|
page readonly
|
|
|
|
7FF5B4199000
|
unkown
|
page readonly
|
|
|
|
281747FA000
|
unkown
|
page read and write
|
|
|
|
19D8F5F3000
|
unkown
|
page read and write
|
|
|
|
B770A7E000
|
unkown
|
page read and write
|
|
|
|
281728BF000
|
unkown
|
page read and write
|
|
|
|
7FF5B0556000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5A9EF7000
|
unkown
|
page readonly
|
|
|
|
7FF50B28E000
|
unkown
|
page readonly
|
|
|
|
7FF5A9F97000
|
unkown
|
page readonly
|
|
|
|
20FA1F4B000
|
unkown
|
page read and write
|
|
|
|
7FF55FB7C000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
19D945F0000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
2817473C000
|
unkown
|
page read and write
|
|
|
|
34D50FE000
|
unkown
|
page read and write
|
|
|
|
28172680000
|
unkown
|
page readonly
|
|
|
|
7FF55FBCF000
|
unkown
|
page readonly
|
|
|
|
FAC070F000
|
unkown
|
page read and write
|
|
|
|
1EF5B83E000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
1EF5B862000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F65000
|
unkown
|
page read and write
|
|
|
|
1DB79000000
|
unkown
|
page readonly
|
|
|
|
19D94390000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
B770D7F000
|
unkown
|
page read and write
|
|
|
|
20FA1F4B000
|
unkown
|
page read and write
|
|
|
|
168B1C00000
|
unkown
|
page read and write
|
|
|
|
1EF5B884000
|
unkown
|
page read and write
|
|
|
|
7FF55FC57000
|
unkown
|
page readonly
|
|
|
|
20FA1658000
|
unkown
|
page read and write
|
|
|
|
7FF50B291000
|
unkown
|
page readonly
|
|
|
|
1A715E8A000
|
unkown
|
page read and write
|
|
|
|
168B1C49000
|
unkown
|
page read and write
|
|
|
|
20FA1FAA000
|
unkown
|
page read and write
|
|
|
|
1DB78E13000
|
unkown
|
page read and write
|
|
|
|
7FF5AA0DE000
|
unkown
|
page readonly
|
|
|
|
20FA1F48000
|
unkown
|
page read and write
|
|
|
|
20FA1F95000
|
unkown
|
page read and write
|
|
|
|
7FF5EB005000
|
unkown
|
page readonly
|
|
|
|
1E39B591000
|
unkown
|
page read and write
|
|
|
|
28174766000
|
unkown
|
page read and write
|
|
|
|
FAC0AF9000
|
unkown
|
page read and write
|
|
|
|
263F3E02000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F75000
|
unkown
|
page read and write
|
|
|
|
20FA1671000
|
unkown
|
page read and write
|
|
|
|
168B1A20000
|
heap default
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5AA01E000
|
unkown
|
page readonly
|
|
|
|
1A715E4B000
|
unkown
|
page read and write
|
|
|
|
7FF5E08A0000
|
unkown
|
page readonly
|
|
|
|
1E39B490000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
FAC0D7D000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF55FD42000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
1DB790D0000
|
unkown
|
page readonly
|
|
|
|
7FF5EB019000
|
unkown
|
page readonly
|
|
|
|
7FF5A9F27000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF55FB88000
|
unkown
|
page readonly
|
|
|
|
1DB78E00000
|
unkown
|
page read and write
|
|
|
|
263F3CF0000
|
unkown
|
page readonly
|
|
|
|
7FF5E062C000
|
unkown
|
page readonly
|
|
|
|
20FA1F88000
|
unkown
|
page read and write
|
|
|
|
168B1D08000
|
unkown
|
page read and write
|
|
|
|
28174A64000
|
unkown
|
page read and write
|
|
|
|
20FA1F4E000
|
unkown
|
page read and write
|
|
|
|
19D94240000
|
unkown
|
page read and write
|
|
|
|
7FF5AA056000
|
unkown
|
page readonly
|
|
|
|
20FA1F8E000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5A9E4E000
|
unkown
|
page readonly
|
|
|
|
7FF5EA88A000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F45000
|
unkown
|
page read and write
|
|
|
|
1DB78D90000
|
heap default
|
page read and write
|
|
|
|
E02C0FB000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5B773A000
|
unkown
|
page readonly
|
|
|
|
7FF5E06E8000
|
unkown
|
page readonly
|
|
|
|
1DB78D30000
|
heap private
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
E02B97F000
|
unkown
|
page read and write
|
|
|
|
28174C02000
|
unkown
|
page read and write
|
|
|
|
7FF5A9FC3000
|
unkown
|
page readonly
|
|
|
|
20FA1FAD000
|
unkown
|
page read and write
|
|
|
|
28174AB5000
|
unkown
|
page read and write
|
|
|
|
7FF5B0427000
|
unkown
|
page readonly
|
|
|
|
20FA1F18000
|
unkown
|
page read and write
|
|
|
|
20FA1F3E000
|
unkown
|
page read and write
|
|
|
|
20185370000
|
heap default
|
page read and write
|
|
|
|
7FF50B05E000
|
unkown
|
page readonly
|
|
|
|
8BEE4CB000
|
unkown
|
page read and write
|
|
|
|
263F3F00000
|
unkown
|
page read and write
|
|
|
|
19D8EE87000
|
unkown
|
page read and write
|
|
|
|
281742A0000
|
unkown
|
page readonly
|
|
|
|
1E39B5B2000
|
unkown
|
page read and write
|
|
|
|
20FA18D0000
|
unkown
|
page readonly
|
|
|
|
20FA1F43000
|
unkown
|
page read and write
|
|
|
|
1E39B580000
|
heap default
|
page read and write
|
|
|
|
FAC0BFA000
|
unkown
|
page read and write
|
|
|
|
20FA1FB2000
|
unkown
|
page read and write
|
|
|
|
20FA1F69000
|
unkown
|
page read and write
|
|
|
|
1A715E3C000
|
unkown
|
page read and write
|
|
|
|
20FA1F42000
|
unkown
|
page read and write
|
|
|
|
168B1D13000
|
unkown
|
page read and write
|
|
|
|
E02C67E000
|
unkown
|
page read and write
|
|
|
|
20FA1F3E000
|
unkown
|
page read and write
|
|
|
|
20FA1F3E000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
281728CB000
|
unkown
|
page read and write
|
|
|
|
18A149E0000
|
unkown
|
page read and write
|
|
|
|
1EF5B860000
|
unkown
|
page read and write
|
|
|
|
20FA1F0E000
|
unkown
|
page read and write
|
|
|
|
7FF55FDB6000
|
unkown
|
page readonly
|
|
|
|
263F1F19000
|
unkown
|
page read and write
|
|
|
|
7FF5EB03C000
|
unkown
|
page readonly
|
|
|
|
20FA1629000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
168B1C8D000
|
unkown
|
page read and write
|
|
|
|
7FF5B036F000
|
unkown
|
page readonly
|
|
|
|
28175210000
|
unkown
|
page read and write
|
|
|
|
7FF5A9EFD000
|
unkown
|
page readonly
|
|
|
|
7FF5C1643000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5E09A9000
|
unkown
|
page readonly
|
|
|
|
7FF5B0575000
|
unkown
|
page readonly
|
|
|
|
7FF5B58C5000
|
unkown
|
page readonly
|
|
|
|
7FF5B05DE000
|
unkown
|
page readonly
|
|
|
|
34D52FF000
|
unkown
|
page read and write
|
|
|
|
7FF50B1A8000
|
unkown
|
page readonly
|
|
|
|
28175010000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F56000
|
unkown
|
page read and write
|
|
|
|
281728AC000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
E02BCFB000
|
unkown
|
page read and write
|
|
|
|
263F3F0A000
|
unkown
|
page read and write
|
|
|
|
20FA1655000
|
unkown
|
page read and write
|
|
|
|
7FF50B0AD000
|
unkown
|
page readonly
|
|
|
|
1EF5B710000
|
unkown
|
page readonly
|
|
|
|
7FF5E0841000
|
unkown
|
page readonly
|
|
|
|
20FA1652000
|
unkown
|
page read and write
|
|
|
|
20FA1F75000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
B7705EE000
|
unkown
|
page read and write
|
|
|
|
7FF5B5931000
|
unkown
|
page readonly
|
|
|
|
1A715E50000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F3F000
|
unkown
|
page read and write
|
|
|
|
20FA1F4F000
|
unkown
|
page read and write
|
|
|
|
20FA1F3A000
|
unkown
|
page read and write
|
|
|
|
2018537B000
|
heap default
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5B052F000
|
unkown
|
page readonly
|
|
|
|
20FA1FA8000
|
unkown
|
page read and write
|
|
|
|
28174AB8000
|
unkown
|
page read and write
|
|
|
|
1A715F13000
|
unkown
|
page read and write
|
|
|
|
20FA1F41000
|
unkown
|
page read and write
|
|
|
|
20FA1F41000
|
unkown
|
page read and write
|
|
|
|
7FF5C1F1F000
|
unkown
|
page readonly
|
|
|
|
7FF5E0947000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F53000
|
unkown
|
page read and write
|
|
|
|
7FF5C1FCE000
|
unkown
|
page readonly
|
|
|
|
7FF50A933000
|
unkown
|
page readonly
|
|
|
|
1DB78E29000
|
unkown
|
page read and write
|
|
|
|
1E39B680000
|
unkown
|
page read and write
|
|
|
|
20FA1F64000
|
unkown
|
page read and write
|
|
|
|
1A715DE0000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5E0883000
|
unkown
|
page readonly
|
|
|
|
7FF5B03F3000
|
unkown
|
page readonly
|
|
|
|
18A149E0000
|
unkown
|
page read and write
|
|
|
|
7FF50AD90000
|
unkown
|
page readonly
|
|
|
|
1A715E6E000
|
unkown
|
page read and write
|
|
|
|
7FF5C1F74000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
B770E7B000
|
unkown
|
page read and write
|
|
|
|
28172873000
|
unkown
|
page read and write
|
|
|
|
8BEE54F000
|
unkown
|
page read and write
|
|
|
|
7FF5B771A000
|
unkown
|
page readonly
|
|
|
|
7FF5A9EBA000
|
unkown
|
page readonly
|
|
|
|
20FA1E02000
|
unkown
|
page read and write
|
|
|
|
A43BFE000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
28175413000
|
unkown
|
page read and write
|
|
|
|
FAC0A7A000
|
unkown
|
page read and write
|
|
|
|
7FF5AA0E9000
|
unkown
|
page readonly
|
|
|
|
7FF5A9E6F000
|
unkown
|
page readonly
|
|
|
|
28174D00000
|
unkown
|
page read and write
|
|
|
|
20FA1F64000
|
unkown
|
page read and write
|
|
|
|
1A715E29000
|
unkown
|
page read and write
|
|
|
|
1EF5B7F0000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
28172933000
|
unkown
|
page read and write
|
|
|
|
7FF520C1C000
|
unkown
|
page readonly
|
|
|
|
1E39B5AA000
|
unkown
|
page read and write
|
|
|
|
7FF5A9D17000
|
unkown
|
page readonly
|
|
|
|
28174A13000
|
unkown
|
page read and write
|
|
|
|
263F3CE0000
|
unkown
|
page read and write
|
|
|
|
7FF5B030A000
|
unkown
|
page readonly
|
|
|
|
7FF5B7861000
|
unkown
|
page readonly
|
|
|
|
20FA1D80000
|
unkown
|
page readonly
|
|
|
|
20FA1F49000
|
unkown
|
page read and write
|
|
|
|
263F1E70000
|
unkown
|
page read and write
|
|
|
|
20FA16BF000
|
unkown
|
page read and write
|
|
|
|
1EF5B87A000
|
unkown
|
page read and write
|
|
|
|
168B1E00000
|
unkown
|
page readonly
|
|
|
|
1EF5B83A000
|
unkown
|
page read and write
|
|
|
|
20FA1F47000
|
unkown
|
page read and write
|
|
|
|
1A715F00000
|
unkown
|
page read and write
|
|
|
|
20FA1F76000
|
unkown
|
page read and write
|
|
|
|
28174870000
|
unkown
|
page readonly
|
|
|
|
52812FF000
|
unkown
|
page read and write
|
|
|
|
7FF50B1D5000
|
unkown
|
page readonly
|
|
|
|
281728AB000
|
unkown
|
page read and write
|
|
|
|
FAC0DFF000
|
unkown
|
page read and write
|
|
|
|
28174B00000
|
unkown
|
page read and write
|
|
|
|
20FA1D90000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
19D8F718000
|
unkown
|
page read and write
|
|
|
|
20FA1F5B000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
34D4F75000
|
unkown
|
page read and write
|
|
|
|
7FF5A9EF3000
|
unkown
|
page readonly
|
|
|
|
7FF55FD52000
|
unkown
|
page readonly
|
|
|
|
7FF5E0670000
|
unkown
|
page readonly
|
|
|
|
20FA1F48000
|
unkown
|
page read and write
|
|
|
|
E02BE7C000
|
unkown
|
page read and write
|
|
|
|
1EF5B813000
|
unkown
|
page read and write
|
|
|
|
8BEE8F9000
|
unkown
|
page read and write
|
|
|
|
528107B000
|
unkown
|
page read and write
|
|
|
|
20FA1F64000
|
unkown
|
page read and write
|
|
|
|
28174602000
|
unkown
|
page read and write
|
|
|
|
28174ADC000
|
unkown
|
page read and write
|
|
|
|
19D946B5000
|
unkown
|
page read and write
|
|
|
|
28174C42000
|
unkown
|
page read and write
|
|
|
|
20FA1F54000
|
unkown
|
page read and write
|
|
|
|
281747A2000
|
unkown
|
page read and write
|
|
|
|
28172855000
|
unkown
|
page read and write
|
|
|
|
20FA1F41000
|
unkown
|
page read and write
|
|
|
|
B770EFE000
|
unkown
|
page read and write
|
|
|
|
7FF5A9C21000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
19D8EE8D000
|
unkown
|
page read and write
|
|
|
|
7FF5A9E0A000
|
unkown
|
page readonly
|
|
|
|
20FA1F42000
|
unkown
|
page read and write
|
|
|
|
7FF5D3C99000
|
unkown
|
page readonly
|
|
|
|
1E39B58D000
|
heap default
|
page read and write
|
|
|
|
7FF55FE41000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
19D944C0000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5B054D000
|
unkown
|
page readonly
|
|
|
|
19D8EF02000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
7FF5B7673000
|
unkown
|
page readonly
|
|
|
|
20FA2000000
|
unkown
|
page readonly
|
|
|
|
28174840000
|
unkown
|
page read and write
|
|
|
|
23E24EAF000
|
unkown
|
page read and write
|
|
|
|
263F1EA7000
|
unkown
|
page read and write
|
|
|
|
7FF5EACF7000
|
unkown
|
page readonly
|
|
|
|
7FF5E087A000
|
unkown
|
page readonly
|
|
|
|
20185490000
|
unkown
|
page read and write
|
|
|
|
B770C78000
|
unkown
|
page read and write
|
|
|
|
7FF5AA075000
|
unkown
|
page readonly
|
|
|
|
20FA1F65000
|
unkown
|
page read and write
|
|
|
|
7FF55FC53000
|
unkown
|
page readonly
|
|
|
|
28172957000
|
unkown
|
page read and write
|
|
|
|
7FF5EB0C9000
|
unkown
|
page readonly
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA16F9000
|
unkown
|
page read and write
|
|
|
|
263F3C80000
|
heap private
|
page read and write
|
|
|
|
20FA1F89000
|
unkown
|
page read and write
|
|
|
|
20FA1F9F000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
3620000
|
unkown
|
page read and write
|
|
|
|
20FA1F9F000
|
unkown
|
page read and write
|
|
|
|
8BEE5CF000
|
unkown
|
page read and write
|
|
|
|
7FF5E06DC000
|
unkown
|
page readonly
|
|
There are 1302 hidden memdumps, click here to show them.