IOCReport

loading gif

Files

File Path
Type
Category
Malicious
File_78476.xlsb
Microsoft Excel 2007+
initial sample
 malicious
C:\ProgramData\fsh\87.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\11[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
downloaded
 malicious
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7B42C271-6DA5-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7B42C273-6DA5-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7B42C275-6DA5-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7B42C277-6DA5-11EB-90E4-ECF4BB862DED}.dat
Microsoft Word Document
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\10C955FB-4BA9-49A9-ADB0-58D59856D9CE
XML 1.0 document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\8DCD84A8.png
PNG image data, 1200 x 800, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\J[1].htm
ASCII text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\9FNesaJS[1].htm
ASCII text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\2ZOSFMw[1].htm
ASCII text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Temp\A9910000
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\JavaDeployReg.log
ASCII text, with CRLF line terminators
modified
 clean
C:\Users\user\AppData\Local\Temp\~DF045C60B1D61D61DD.TMP
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\~DF78E812B899E938EF.TMP
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\~DF8C7CED52649AE0BD.TMP
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\~DFD125B1B4DDDD071C.TMP
data
dropped
 clean
C:\Users\user\Desktop\~$File_78476.xlsb
data
dropped
 clean
There are 9 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
'C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE' /automation -Embedding
 malicious
C:\Windows\SysWOW64\rundll32.exe
'C:\Windows\System32\rundll32.exe' C:\ProgramData\fsh\87.dll,DllRegisterServer
 malicious
C:\Program Files\internet explorer\iexplore.exe
'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2288 CREDAT:17410 /prefetch:2
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2288 CREDAT:82952 /prefetch:2
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:2288 CREDAT:17430 /prefetch:2
 clean
C:\Windows\System32\mshta.exe
'C:\Windows\System32\mshta.exe' 'about:<hta:application><script>resizeTo(1,1);eval(new ActiveXObject('WScript.Shell').regread('HKCU\\\Software\\AppDataLow\\Software\\Microsoft\\86EC23E5-2D5A-A875-E71A-B15C0BEE7550\\\Actidsrv'));if(!window.flag)close()</script>'
 clean

URLs

Name
IP
Malicious
https://api.diagnosticssdf.office.com
unknown
 clean
https://login.microsoftonline.com/
unknown
 clean
https://shell.suite.office.com:1443
unknown
 clean
https://login.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize
unknown
 clean
https://autodiscover-s.outlook.com/
unknown
 clean
https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Flickr
unknown
 clean
https://cdn.entity.
unknown
 clean
https://api.addins.omex.office.net/appinfo/query
unknown
 clean
https://wus2-000.contentsync.
unknown
 clean
https://clients.config.office.net/user/v1.0/tenantassociationkey
unknown
 clean
https://dev.virtualearth.net/REST/V1/GeospatialEndpoint/
unknown
 clean
https://powerlift.acompli.net
unknown
 clean
https://rpsticket.partnerservices.getmicrosoftkey.com
unknown
 clean
https://lookup.onenote.com/lookup/geolocation/v1
unknown
 clean
https://cortana.ai
unknown
 clean
http://api10.laptok.at/api1/NHDZE5NC0p4/EA1Rau0QpdKGS3/WTlj_2B7vKVxuNa_2F_2B/LYVSumGe5smX_2BD/OTX07ZqQ_2BIY5i/gaJx2nrBRbCwokKD6i/TmP3yOyRd/UIWhx47302AAtFE31oP0/QH6kOp10Kt5yvTIaAYa/LK0GUog4M1OCTVMD4H5Cd4/y7Hidc3RQ475o/Nxk1_2FU/AOpYSuCaFqv8yJoz1d98uE0/RGNbcUJDfT/THwRpNZtVSPwcxLQu/JgOmTTbGBEY6/RAYX3HI935J/bkHevlKXRebACN/zYCEHnvaIKYWA35nI5OI7/Zng6uRiwb/9FNesaJS
35.228.31.40
 clean
https://apc.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
unknown
 clean
https://cloudfiles.onenote.com/upload.aspx
unknown
 clean
https://syncservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
unknown
 clean
http://api10.laptok.at/api1/zobiFDQnBaZYuwt/rfdusQHNImkOYENAMp/kT_2B2cd3/SGUJBC0FLMtXFEIZjgF4/X6JHa0dYaBh2VTFZ3ie/AQvPNAeKAbUpEx_2BIA_2F/yqBcCuGKcxWU4/7_2FDUSL/tmEKyuvK3UnsOb7GxJhyB1v/eAgP5jhU7c/4LQdBuTq0iBob66eg/RKZ75u7U2Jkq/Bh_2B1mS8Vw/lDNXKg1S3Gc5QV/zwawyAQoh3ycAGCJJd6YY/crMtievOTWbq6IjA/LAnATbCyag_2Bwn/5yU0_2BoSAkzUKbcl_/2BAXWx8K4/WLBZv2PnGv5crOgJCyib/ZVr6kC0SezCKLbzs2jt/2ZOSFMw
35.228.31.40
 clean
https://entitlement.diagnosticssdf.office.com
unknown
 clean
https://na01.oscs.protection.outlook.com/api/SafeLinksApi/GetPolicy
unknown
 clean
https://api.aadrm.com/
unknown
 clean
https://ofcrecsvcapi-int.azurewebsites.net/
unknown
 clean
https://dataservice.protection.outlook.com/PsorWebService/v1/ClientSyncFile/MipPolicies
unknown
 clean
https://api.microsoftstream.com/api/
unknown
 clean
https://insertmedia.bing.office.net/images/hosted?host=office&amp;adlt=strict&amp;hostType=Immersive
unknown
 clean
https://cr.office.com
unknown
 clean
https://portal.office.com/account/?ref=ClientMeControl
unknown
 clean
https://ecs.office.com/config/v2/Office
unknown
 clean
http://api3.lepini.at/api1/TsKcWE2WM/nJKmvtwztxYIvooVmlF8/f0GhZMHg0Zw5qyafREH/k8WCOuLk57UyBPUazjQh2Z/3S3ubdSMDgVaL/gAWRJwIA/ZCG7BHExQwWXeVA1UnuSBqn/i4n1PFTtlL/cwWi1gc5A_2Bt5DHa/KB0_2BLRegs0/BViXJpKwWgb/pjm_2BuXWxLo81/vWKBV9Fs7FvCc1nuX8q5n/wGeJRl_2FEvkYbfF/Pr91DmkaDab5rrv/0H_2FXSeTsgpPadA5E/E3CpLlb73/0qgYAbyOZODf4FqqEkA4/X5b8p4TRxQsXlnMDNwZ/TvAO43omBsbN/h
35.228.31.40
 clean
https://graph.ppe.windows.net
unknown
 clean
https://res.getmicrosoftkey.com/api/redemptionevents
unknown
 clean
https://powerlift-frontdesk.acompli.net
unknown
 clean
https://tasks.office.com
unknown
 clean
https://officeci.azurewebsites.net/api/
unknown
 clean
https://sr.outlook.office.net/ws/speech/recognize/assistant/work
unknown
 clean
https://store.office.cn/addinstemplate
unknown
 clean
https://wus2-000.pagecontentsync.
unknown
 clean
https://outlook.office.com/autosuggest/api/v1/init?cvid=
unknown
 clean
https://globaldisco.crm.dynamics.com
unknown
 clean
https://nam.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
unknown
 clean
https://store.officeppe.com/addinstemplate
unknown
 clean
https://dev0-api.acompli.net/autodetect
unknown
 clean
https://www.odwebp.svc.ms
unknown
 clean
https://api.powerbi.com/v1.0/myorg/groups
unknown
 clean
https://web.microsoftstream.com/video/
unknown
 clean
https://graph.windows.net
unknown
 clean
https://dataservice.o365filtering.com/
unknown
 clean
https://officesetup.getmicrosoftkey.com
unknown
 clean
https://analysis.windows.net/powerbi/api
unknown
 clean
http://api3.lepini.at/api1/wg1QV_2B2jK6U599/4soNRq1qJ06YALs/mJi2qRbZeuNMqY4FmA/01g6652pA/D2qVqwQIRUQev6KQGCi0/LYk3CvZ2IO_2Fu9jE12/_2B2kWk8qqoKgVqzIAtHsw/z75DAZtdqon2W/3Wolp6WN/H18LH8kaewpIZWiAXdUEHcF/0Ba_2F_2B2/ICV_2BIs_2FSaSDFn/9h5nv6RAHtg8/YqIkefpDil_/2BfZRGXy7VacIh/PFUk101XGoG2wc6VBSKno/YiX6cbeIPwJJih34/1jOElbpygTipEn_/2FzdBQOzx3LF3SdNfA/TQU2svioerNtuqc/vE_2Foj
35.228.31.40
 clean
https://prod-global-autodetect.acompli.net/autodetect
unknown
 clean
https://outlook.office365.com/autodiscover/autodiscover.json
unknown
 clean
https://powerpoint.uservoice.com/forums/288952-powerpoint-for-ipad-iphone-ios
unknown
 clean
https://eur.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
unknown
 clean
https://pf.directory.live.com/profile/mine/System.ShortCircuitProfile.json
unknown
 clean
https://onedrive.live.com/about/download/?windows10SyncClientInstalled=false
unknown
 clean
http://api3.lepini.at/api1/pmT_2FJ7yMpV_2FsxCGV/80ZJDlvhk5QH3DonF9p/gMZiDS0z2g2bNrJ_2Bv_2B/DXZEEWDxEnN_2/Bx7WHkRW/wpcaGRddIyctm9GWW0oCdyR/qDXQAt7J40/6ogNDJFenwl5gVncd/SbRM7SEjzx1B/lGa_2BU69FH/bDmPVUZABXfNqj/99lThSa0HHLaHhjsVvXGB/uCBX4Mj6I29IAbCC/UnujtjeNBz5OBuo/7XOr98uUHKNs6Ghu4C/k_2BIsFhF/UXse0hUo2oKU8zO8khsV/ZbPtcIIUg_2B2PD2b0Q/KHYH7l2X48hEAXFhsSFudS/huoP4e
35.228.31.40
 clean
https://webdir.online.lync.com/autodiscover/autodiscoverservice.svc/root/
unknown
 clean
http://weather.service.msn.com/data.aspx
unknown
 clean
https://apis.live.net/v5.0/
unknown
 clean
https://officemobile.uservoice.com/forums/929800-office-app-ios-and-ipad-asks
unknown
 clean
https://word.uservoice.com/forums/304948-word-for-ipad-iphone-ios
unknown
 clean
https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml
unknown
 clean
http://api10.laptok.at/api1/zobiFDQnBaZYuwt/rfdusQHNImkOYENAMp/kT_2B2cd3/SGUJBC0FLMtXFEIZjgF4/X6JHa0
unknown
 clean
https://management.azure.com
unknown
 clean
https://incidents.diagnostics.office.com
unknown
 clean
https://clients.config.office.net/user/v1.0/ios
unknown
 clean
https://insertmedia.bing.office.net/odc/insertmedia
unknown
 clean
https://o365auditrealtimeingestion.manage.office.com
unknown
 clean
https://outlook.office365.com/api/v1.0/me/Activities
unknown
 clean
https://api.office.net
unknown
 clean
https://incidents.diagnosticssdf.office.com
unknown
 clean
https://asgsmsproxyapi.azurewebsites.net/
unknown
 clean
https://clients.config.office.net/user/v1.0/android/policies
unknown
 clean
http://api10.laptok.at/favicon.ico
35.228.31.40
 clean
https://entitlement.diagnostics.office.com
unknown
 clean
https://pf.directory.live.com/profile/mine/WLX.Profiles.IC.json
unknown
 clean
https://outlook.office.com/
unknown
 clean
http://139.162.191.228/campo/m/m
139.162.191.228
 clean
https://storage.live.com/clientlogs/uploadlocation
unknown
 clean
https://templatelogging.office.com/client/log
unknown
 clean
https://outlook.office365.com/
unknown
 clean
https://webshell.suite.office.com
unknown
 clean
https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=OneDrive
unknown
 clean
http://139.162.191.228/campo/m/m.D
unknown
 clean
https://management.azure.com/
unknown
 clean
https://ncus-000.contentsync.
unknown
 clean
https://login.windows.net/common/oauth2/authorize
unknown
 clean
https://dataservice.o365filtering.com/PolicySync/PolicySync.svc/SyncFile
unknown
 clean
https://graph.windows.net/
unknown
 clean
https://api.powerbi.com/beta/myorg/imports
unknown
 clean
https://devnull.onenote.com
unknown
 clean
https://r4.res.office365.com/footprintconfig/v1.7/scripts/fpconfig.json
unknown
 clean
https://messaging.office.com/
unknown
 clean
https://dataservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
unknown
 clean
https://augloop.office.com/v2
unknown
 clean
https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Bing
unknown
 clean
https://skyapi.live.net/Activity/
unknown
 clean
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
c56.lepini.at
35.228.31.40
 malicious
cabogrupo.co.mz
162.241.169.26
 clean
resolver1.opendns.com
208.67.222.222
 clean
api3.lepini.at
35.228.31.40
 clean
api10.laptok.at
35.228.31.40
 clean

IPs

IP
Domain
Country
Active
Malicious
35.228.31.40
unknown
United States
unknown
 malicious
139.162.191.228
unknown
Netherlands
unknown
 clean
162.241.169.26
unknown
United States
unknown
 clean

Registry

Path
Value
Malicious
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
j8;
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
k8;
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
RemoteClearDate
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
Last
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
FilePath
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
StartDate
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
EndDate
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
Properties
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
Url
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
LastClean
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
DisableWinHttpCertAuth
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
DisableIsOwnerRegex
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
DisableSessionAwareHttpClose
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
DisableADALForExtendedApps
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
DisableADALSetSilentAuth
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
msoridDisableGuestCredProvider
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
msoridDisableOstringReplace
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
LastBootTime
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
ReviewToken
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
192C6
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
VBAFiles
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
MSForms
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
MSComctlLib
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
19A09
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
4f;
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
ProductFiles
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
en-US
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
en-US
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
EXCELFiles
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
RoamingConfigurableSettings
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
RoamingLastSyncTime
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
RoamingLastWriteTime
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
CacheReady
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
LastRequest
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
CacheReady
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
LastUpdate
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
NextUpdate
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
SpellingAndGrammarFiles_1036
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
SpellingAndGrammarFiles_1033
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
SpellingAndGrammarFiles_3082
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
SpellingAndGrammarFiles_1036
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
SpellingAndGrammarFiles_1036
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
SpellingAndGrammarFiles_1033
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
SpellingAndGrammarFiles_1033
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
SpellingAndGrammarFiles_3082
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
SpellingAndGrammarFiles_3082
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
ProductFiles
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
ProductFiles
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
ProductFiles
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
ProductFiles
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
LastBootTime
 clean
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
LastPurgeTime
 clean
C:\Program Files\internet explorer\iexplore.exe
{7B42C271-6DA5-11EB-90E4-ECF4BB862DED}
 clean
C:\Program Files\internet explorer\iexplore.exe
AdminActive
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
Blocked
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
LoadTimeArray
 clean
C:\Program Files\internet explorer\iexplore.exe
LoadTimeArray
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
Blocked
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
LoadTimeArray
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
LoadTimeArray
 clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
 clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
Blocked
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
LoadTimeArray
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
LoadTimeArray
 clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
 clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
 clean
There are 75 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
5CE8000
heap private
page read and write
 malicious
5CE8000
heap private
page read and write
 malicious
5B6B000
heap private
page read and write
 malicious
5CE8000
heap private
page read and write
 malicious
5CE8000
heap private
page read and write
 malicious
5CE8000
heap private
page read and write
 malicious
5CE8000
heap private
page read and write
 malicious
5CE8000
heap private
page read and write
 malicious
5CE8000
heap private
page read and write
 malicious
19D93AD3000
unkown
page read and write
 clean
3564000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF532937000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
1C0AA800000
heap default
page read and write
 clean
3578000
unkown
page read and write
 clean
5D105CB000
unkown
page read and write
 clean
19D94510000
unkown
page read and write
 clean
9C4D67C000
unkown
page read and write
 clean
7FF54A46E000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
9C4DB7F000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93FC3000
unkown
page read and write
 clean
A29A8FE000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
29D4F000000
unkown
page read and write
 clean
5C69000
heap private
page read and write
 clean
19D91C60000
unkown
page read and write
 clean
19D91CC4000
unkown
page read and write
 clean
7FF540CFA000
unkown
page readonly
 clean
1DFD4C50000
unkown
page read and write
 clean
7FF5E644A000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
3532000
unkown
page read and write
 clean
19D93EED000
unkown
page read and write
 clean
7FF5E62CA000
unkown
page readonly
 clean
5D1097A000
unkown
page read and write
 clean
1E225B18000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF540ED2000
unkown
page readonly
 clean
7FF540F29000
unkown
page readonly
 clean
1E22A730000
unkown
page read and write
 clean
9C4D77E000
unkown
page read and write
 clean
19D93A98000
unkown
page read and write
 clean
19D93F00000
unkown
page read and write
 clean
7FF54A4D7000
unkown
page readonly
 clean
7FF540EE8000
unkown
page readonly
 clean
7FF56EC09000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
1DFD5740000
unkown
page readonly
 clean
19D91CE7000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93ADC000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF54A446000
unkown
page readonly
 clean
740DFFB000
unkown
page read and write
 clean
70480000
unkown image
page readonly
 clean
7FF540F15000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
5D118FA000
unkown
page read and write
 clean
F63F07E000
unkown
page read and write
 clean
19D94110000
unkown
page read and write
 clean
1DFD49B0000
heap private
page read and write
 clean
7FF5E642A000
unkown
page readonly
 clean
2B173002000
unkown
page read and write
 clean
7FF54A02A000
unkown
page readonly
 clean
3532000
unkown
page read and write
 clean
7FF532A17000
unkown
page readonly
 clean
7FF540EFA000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
201DAA02000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
5D11C7B000
unkown
page read and write
 clean
A29A7F9000
unkown
page read and write
 clean
3579000
unkown
page read and write
 clean
19D93C30000
unkown
page read and write
 clean
3577000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF54A4A6000
unkown
page readonly
 clean
1DFD4D13000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF556EF3000
unkown
page readonly
 clean
1DFD4C8D000
unkown
page read and write
 clean
1C0AAA2F000
unkown
page read and write
 clean
19D93F83000
unkown
page read and write
 clean
7FF54A539000
unkown
page readonly
 clean
19D93EE6000
unkown
page read and write
 clean
7FF540DE3000
unkown
page readonly
 clean
19D94110000
unkown
page read and write
 clean
19D93EE9000
unkown
page read and write
 clean
7FF5DCA09000
unkown
page readonly
 clean
7FF55719A000
unkown
page readonly
 clean
1C0AAA45000
unkown
page read and write
 clean
2B17305D000
unkown
page read and write
 clean
1C0AAA3E000
unkown
page read and write
 clean
7FF5E656E000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
1C0AAA50000
unkown
page read and write
 clean
19D93AF7000
unkown
page read and write
 clean
19D91C8D000
unkown
page read and write
 clean
19D91D4A000
unkown
page read and write
 clean
7FF5E6227000
unkown
page readonly
 clean
29D4EF90000
unkown
page write copy
 clean
352C000
unkown
page read and write
 clean
7FF5E61E7000
unkown
page readonly
 clean
7FF5E6453000
unkown
page readonly
 clean
201DAC00000
unkown
page readonly
 clean
19D93F43000
unkown
page read and write
 clean
5D10A7F000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
5D117FB000
unkown
page read and write
 clean
F63F67E000
unkown
page read and write
 clean
7FF556FDA000
unkown
page readonly
 clean
1C0AAA13000
unkown
page read and write
 clean
7FF5327F0000
unkown
page readonly
 clean
740E07F000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
2FE0000
unkown
page read and write
 clean
19D93F43000
unkown
page read and write
 clean
19D93AD3000
unkown
page read and write
 clean
F63F0FE000
unkown
page read and write
 clean
19D94000000
unkown
page read and write
 clean
19D93AF5000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93A51000
unkown
page read and write
 clean
2B173067000
unkown
page read and write
 clean
29D4F056000
unkown
page read and write
 clean
7FF5E64EC000
unkown
page readonly
 clean
5D111FB000
unkown
page read and write
 clean
1C0AAA7E000
unkown
page read and write
 clean
5E81000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
5CEB000
heap private
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5E6083000
unkown
page readonly
 clean
19D93A85000
unkown
page read and write
 clean
7FF540AD0000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
7FF5E62DE000
unkown
page readonly
 clean
5D1087E000
unkown
page read and write
 clean
1C0AAA42000
unkown
page read and write
 clean
7FF5E61D4000
unkown
page readonly
 clean
7FF540F70000
unkown
page readonly
 clean
19D93A13000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5E64BF000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
1DFD4AF0000
unkown
page readonly
 clean
7FF532893000
unkown
page readonly
 clean
19D93A49000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF532992000
unkown
page readonly
 clean
19D91A60000
unkown
page readonly
 clean
1C0AAA3A000
unkown
page read and write
 clean
1E22A744000
unkown
page read and write
 clean
7FF54A3AC000
unkown
page readonly
 clean
1C0AAC00000
unkown
page readonly
 clean
7FF54A49D000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
19D93C60000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF532750000
unkown
page readonly
 clean
7FF54A2BF000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
1DFD5202000
unkown
page read and write
 clean
7FF524EF6000
unkown
page readonly
 clean
19D93EBE000
unkown
page read and write
 clean
19D93EE6000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
2B173200000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
7FF5E6457000
unkown
page readonly
 clean
7FF54A4D0000
unkown
page readonly
 clean
19D93E00000
unkown
page read and write
 clean
7FF532996000
unkown
page readonly
 clean
7FF540F56000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93EE5000
unkown
page read and write
 clean
5D116FD000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5E644C000
unkown
page readonly
 clean
19D91CC0000
unkown
page read and write
 clean
5D1197A000
unkown
page read and write
 clean
7FF524F2F000
unkown
page readonly
 clean
1E22A8B1000
unkown
page read and write
 clean
A29A77A000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
5D11CFC000
unkown
page read and write
 clean
19D91C8A000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF524F4D000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
19D95102000
unkown
page read and write
 clean
7FF5E62B8000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
7FF524F87000
unkown
page readonly
 clean
7FF532A27000
unkown
page readonly
 clean
1DFD4C3C000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF524EF8000
unkown
page readonly
 clean
9C4D97E000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
5D1127B000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93EEB000
unkown
page read and write
 clean
19D93A81000
unkown
page read and write
 clean
3555000
unkown
page read and write
 clean
3F147E000
unkown
page read and write
 clean
19D91CB0000
unkown
page read and write
 clean
19D91BC0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
F63F477000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
1C0AAA7B000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D936A0000
unkown
page readonly
 clean
19D93A0B000
unkown
page read and write
 clean
29D4F102000
unkown
page read and write
 clean
1DFD4E00000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF557281000
unkown
page readonly
 clean
7FF532A7E000
unkown
page readonly
 clean
1C0AAA77000
unkown
page read and write
 clean
7FF54A030000
unkown
page readonly
 clean
19D93F43000
unkown
page read and write
 clean
19D93F43000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF540F5C000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
1DFD4D02000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D91C00000
unkown
page read and write
 clean
19D91C90000
unkown
page read and write
 clean
7FF532A81000
unkown
page readonly
 clean
201DAA3F000
unkown
page read and write
 clean
7FF54A531000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
5CEA000
heap private
page read and write
 clean
A29A6FE000
unkown
page read and write
 clean
5D10D7B000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
3564000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
1E22A700000
unkown
page read and write
 clean
9C4D6FE000
unkown
page read and write
 clean
2B172F20000
unkown
page readonly
 clean
7FF540F65000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
2B17302A000
unkown
page read and write
 clean
1C0AAA29000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
2B173590000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
740DA8C000
unkown
page read and write
 clean
19D93E4A000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF524F0A000
unkown
page readonly
 clean
19D93C90000
unkown
page readonly
 clean
7FF524839000
unkown
page readonly
 clean
1C0AAA60000
unkown
page read and write
 clean
7FF540F3D000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
201DA900000
unkown
page write copy
 clean
7FF5571C5000
unkown
page readonly
 clean
7FF506219000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
19D91D6B000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF524D6F000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
7FF5E6505000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
1C0AAA84000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93A14000
unkown
page read and write
 clean
2B17302C000
unkown
page read and write
 clean
19D91CC6000
unkown
page read and write
 clean
5D10BFB000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93A85000
unkown
page read and write
 clean
A29A67E000
unkown
page read and write
 clean
7FF55715C000
unkown
page readonly
 clean
29D4EEC0000
unkown
page readonly
 clean
7FF5571AA000
unkown
page readonly
 clean
1E22A708000
unkown
page read and write
 clean
19D93C00000
unkown
page read and write
 clean
19D93EE2000
unkown
page read and write
 clean
19D93A76000
unkown
page read and write
 clean
29D50AA0000
unkown
page readonly
 clean
7FF5E60AD000
unkown
page readonly
 clean
7FF524F66000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
19D93C40000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
25E579A0000
unkown
page read and write
 clean
29D4EE50000
heap private
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF556AD9000
unkown
page readonly
 clean
1E22A8B6000
unkown
page read and write
 clean
5D110FB000
unkown
page read and write
 clean
19D93A55000
unkown
page read and write
 clean
19D93E2A000
unkown
page read and write
 clean
F63F2FB000
unkown
page read and write
 clean
1C0AAA5F000
unkown
page read and write
 clean
5CE8000
heap private
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF54A442000
unkown
page readonly
 clean
3F167F000
unkown
page read and write
 clean
5D10FFB000
unkown
page read and write
 clean
7FF5E6468000
unkown
page readonly
 clean
7FF532A89000
unkown
page readonly
 clean
7FF5E6431000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D91D7C000
unkown
page read and write
 clean
2B173602000
unkown
page read and write
 clean
29D4F113000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF556EF7000
unkown
page readonly
 clean
7FF540FCE000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
201DAA13000
unkown
page read and write
 clean
19D95042000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
2B173800000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
356C000
unkown
page read and write
 clean
7FF5E6486000
unkown
page readonly
 clean
5D108FE000
unkown
page read and write
 clean
7FF5E64F6000
unkown
page readonly
 clean
1C0AAA30000
unkown
page read and write
 clean
7FF5E6240000
unkown
page readonly
 clean
7FF524F84000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
1E22AA60000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5E6424000
unkown
page readonly
 clean
19D95082000
unkown
page read and write
 clean
19D91CED000
unkown
page read and write
 clean
19D91C5C000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93C80000
unkown
page readonly
 clean
7FF54A371000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF540ED0000
unkown
page readonly
 clean
7FF53295A000
unkown
page readonly
 clean
19D91D26000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93A33000
unkown
page read and write
 clean
7FF54A4BC000
unkown
page readonly
 clean
7FF540ACA000
unkown
page readonly
 clean
356D000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF53293A000
unkown
page readonly
 clean
7FF5407C0000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
19D94010000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF540D9E000
unkown
page readonly
 clean
19D93A81000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF540E17000
unkown
page readonly
 clean
5D114FB000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93ABB000
unkown
page read and write
 clean
7FF540D5F000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF540DAA000
unkown
page readonly
 clean
7FF5E6383000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
2B173108000
unkown
page read and write
 clean
1DFD4C02000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93A87000
unkown
page read and write
 clean
7FF557192000
unkown
page readonly
 clean
19D94110000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
5D11D7B000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5326E4000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D91CC6000
unkown
page read and write
 clean
19D91D2B000
unkown
page read and write
 clean
7FF5407BA000
unkown
page readonly
 clean
2B173062000
unkown
page read and write
 clean
356B000
unkown
page read and write
 clean
201DAB02000
unkown
page read and write
 clean
7FF5E64DD000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
1C0AAA41000
unkown
page read and write
 clean
1DFD4C4A000
unkown
page read and write
 clean
7FF532A20000
unkown
page readonly
 clean
1C0AAB02000
unkown
page read and write
 clean
19D919F0000
heap private
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5E6571000
unkown
page readonly
 clean
5D112FB000
unkown
page read and write
 clean
29D4EEB0000
heap default
page read and write
 clean
7FF557093000
unkown
page readonly
 clean
2B173000000
unkown
page read and write
 clean
1DFD4D08000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D91C8A000
unkown
page read and write
 clean
19D939F0000
unkown
page readonly
 clean
7FF540F0E000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
1DFD4D00000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
2B173B40000
unkown
page readonly
 clean
19D91E00000
unkown
page readonly
 clean
7FF5E64B5000
unkown
page readonly
 clean
19D91CC4000
unkown
page read and write
 clean
19D94110000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF55727E000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
1C0AAA31000
unkown
page read and write
 clean
7FF54A343000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
1E22AA60000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D91CD1000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
A29A87E000
unkown
page read and write
 clean
1C0AAA46000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
2B173055000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
1C0AA7A0000
heap private
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D91CC0000
unkown
page read and write
 clean
7FF540F1F000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
19D93A77000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93A12000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF540FD9000
unkown
page readonly
 clean
5D10F7C000
unkown
page read and write
 clean
3564000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5571CF000
unkown
page readonly
 clean
7FF532A06000
unkown
page readonly
 clean
356C000
unkown
page read and write
 clean
19D93C00000
unkown
page read and write
 clean
7FF524F6C000
unkown
page readonly
 clean
7FF524FE1000
unkown
page readonly
 clean
7FF557206000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
19D93B02000
unkown
page read and write
 clean
5D119FB000
unkown
page read and write
 clean
7FF524FE9000
unkown
page readonly
 clean
7FF557198000
unkown
page readonly
 clean
19D93A1B000
unkown
page read and write
 clean
7FF549D20000
unkown
page readonly
 clean
7FF54A4D4000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
7FF5E64E6000
unkown
page readonly
 clean
7FF557224000
unkown
page readonly
 clean
7FF54A430000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5E63E5000
unkown
page readonly
 clean
19D91B30000
unkown
page write copy
 clean
7FF5E641A000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
3531000
unkown
page read and write
 clean
7FF524D0A000
unkown
page readonly
 clean
25E579A0000
unkown
page read and write
 clean
1C0AAA31000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D91CC4000
unkown
page read and write
 clean
7FF557217000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF532745000
unkown
page readonly
 clean
2B172DE0000
heap private
page read and write
 clean
32D0000
unkown
page read and write
 clean
5D113FB000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5E6472000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
19D93EDF000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF556F45000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93F83000
unkown
page read and write
 clean
19D93A7F000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF54A25A000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF55715A000
unkown
page readonly
 clean
3569000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5326F7000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93EE8000
unkown
page read and write
 clean
7FF55720C000
unkown
page readonly
 clean
19D91BF0000
heap private
page read and write
 clean
F63F1F5000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF532941000
unkown
page readonly
 clean
1C0AA9C0000
unkown
page readonly
 clean
7FF557141000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
5D11A7B000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5E629B000
unkown
page readonly
 clean
2B172E50000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
7FF524F25000
unkown
page readonly
 clean
7FF55713A000
unkown
page readonly
 clean
19D91D25000
unkown
page read and write
 clean
7FF5322D9000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
19D93EE6000
unkown
page read and write
 clean
5D109FA000
unkown
page read and write
 clean
19D91C8E000
unkown
page read and write
 clean
7FF54A30A000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
7FF540E11000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
7FF524EE0000
unkown
page readonly
 clean
7FF5E62E0000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
1C0AAA4C000
unkown
page read and write
 clean
7FF5E64AE000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
7FF54A4C5000
unkown
page readonly
 clean
19D93AB2000
unkown
page read and write
 clean
7FF5329CF000
unkown
page readonly
 clean
3579000
unkown
page read and write
 clean
1C0AAA7A000
unkown
page read and write
 clean
7FF556ADD000
unkown
page readonly
 clean
7FF5E6517000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
29D4F200000
unkown
page readonly
 clean
1DFD4C8A000
unkown
page read and write
 clean
7FF532897000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
1DFD5400000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
29D509A0000
unkown
page read and write
 clean
7FF5E5DC9000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
7FF5E6510000
unkown
page readonly
 clean
3577000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
740DB8E000
unkown
page read and write
 clean
201DAA33000
unkown
page read and write
 clean
2B173102000
unkown
page read and write
 clean
5D1147B000
unkown
page read and write
 clean
7FF5E6488000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
19D91CC0000
unkown
page read and write
 clean
7FF54A040000
unkown
page readonly
 clean
3564000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
2B173100000
unkown
page read and write
 clean
7FF54A4B6000
unkown
page readonly
 clean
7FF54A489000
unkown
page readonly
 clean
1DFD4C4E000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
740DB0D000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5329AA000
unkown
page readonly
 clean
19D91D2A000
unkown
page read and write
 clean
201DA950000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
7FF5E645C000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
19D94310000
unkown
page read and write
 clean
29D50E00000
unkown
page read and write
 clean
7FF5329FC000
unkown
page readonly
 clean
5D10C7B000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
1E22A860000
unkown
page read and write
 clean
7FF53299A000
unkown
page readonly
 clean
7FF532A24000
unkown
page readonly
 clean
19D93B02000
unkown
page read and write
 clean
2B172E40000
heap default
page read and write
 clean
1C0AAA49000
unkown
page read and write
 clean
29D4F03F000
unkown
page read and write
 clean
1C0AA8E0000
unkown
page readonly
 clean
356C000
unkown
page read and write
 clean
59EE000
heap private
page read and write
 clean
32D0000
unkown
page read and write
 clean
1DFD4A10000
heap default
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D94110000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF524F1E000
unkown
page readonly
 clean
7FF5E6482000
unkown
page readonly
 clean
19D91C29000
unkown
page read and write
 clean
3370000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF540F4C000
unkown
page readonly
 clean
19D91D13000
unkown
page read and write
 clean
25E579A0000
unkown
page read and write
 clean
19D93A00000
unkown
page read and write
 clean
19D93AF9000
unkown
page read and write
 clean
19D93E9D000
unkown
page read and write
 clean
7FF5E622E000
unkown
page readonly
 clean
7FF5327DA000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
F63F57F000
unkown
page read and write
 clean
1DFD4C29000
unkown
page read and write
 clean
19D94210000
unkown
page read and write
 clean
740DEF5000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
1DFD4C46000
unkown
page read and write
 clean
2B17308A000
unkown
page read and write
 clean
7FF54A448000
unkown
page readonly
 clean
3526000
unkown
page read and write
 clean
7FF540DC8000
unkown
page readonly
 clean
201DA820000
heap default
page read and write
 clean
5D11BFC000
unkown
page read and write
 clean
7FF53295C000
unkown
page readonly
 clean
7FF557289000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
1C0AAA48000
unkown
page read and write
 clean
19D91CF3000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
3532000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93EE8000
unkown
page read and write
 clean
19D91C98000
unkown
page read and write
 clean
F63ED9B000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93C50000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF54A45A000
unkown
page readonly
 clean
1C0AAA55000
unkown
page read and write
 clean
7FF52483C000
unkown
page readonly
 clean
19D91CC6000
unkown
page read and write
 clean
7FF5571D9000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
7FF5E5DCD000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
7FF540FD9000
unkown
page readonly
 clean
7FF5571ED000
unkown
page readonly
 clean
201DA830000
unkown
page readonly
 clean
1C0AAA67000
unkown
page read and write
 clean
19D91A50000
heap default
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
1DFD4A20000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
3569000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
29D4F029000
unkown
page read and write
 clean
7FF5E6579000
unkown
page readonly
 clean
1E22AA60000
unkown
page read and write
 clean
7FF5322DD000
unkown
page readonly
 clean
19D93EE6000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5571F6000
unkown
page readonly
 clean
19D91D2B000
unkown
page read and write
 clean
19D91B80000
unkown
page readonly
 clean
1E22A740000
unkown
page read and write
 clean
7FF54A4AC000
unkown
page readonly
 clean
7FF549D1A000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
5D1137B000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
201DAA29000
unkown
page read and write
 clean
19D93B02000
unkown
page read and write
 clean
201DAA00000
unkown
page read and write
 clean
29D4F013000
unkown
page read and write
 clean
19D93A09000
unkown
page read and write
 clean
5D10EFB000
unkown
page read and write
 clean
7FF540E4C000
unkown
page readonly
 clean
1C0AAA63000
unkown
page read and write
 clean
2B17305F000
unkown
page read and write
 clean
19D95100000
unkown
page read and write
 clean
5D11B7B000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
3F15FE000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93EBE000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
3F1579000
unkown
page read and write
 clean
7FF540EE2000
unkown
page readonly
 clean
7FF524F80000
unkown
page readonly
 clean
7FF540FD1000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
5D10B79000
unkown
page read and write
 clean
7FF557097000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
1C0AAA2E000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF54A34D000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
19D91CDA000
unkown
page read and write
 clean
740E27E000
unkown
page read and write
 clean
7FF54A475000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
1DFD4C70000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93EE5000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93E15000
unkown
page read and write
 clean
1E22A7D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5E64FC000
unkown
page readonly
 clean
1C0AB002000
unkown
page read and write
 clean
7FF5329C5000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
5D115FB000
unkown
page read and write
 clean
7FF54A52E000
unkown
page readonly
 clean
19D91D3A000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
740E37F000
unkown
page read and write
 clean
1C0AAA62000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D91C8D000
unkown
page read and write
 clean
1C0AAA6D000
unkown
page read and write
 clean
201DC4A0000
unkown
page readonly
 clean
7FF5E61E3000
unkown
page readonly
 clean
19D91D4A000
unkown
page read and write
 clean
2B173013000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5329D9000
unkown
page readonly
 clean
19D94110000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5E6368000
unkown
page readonly
 clean
29D4F100000
unkown
page read and write
 clean
7FF52E139000
unkown
page readonly
 clean
1C0AAA43000
unkown
page read and write
 clean
19D94010000
unkown
page read and write
 clean
19D93C00000
unkown
page read and write
 clean
19D91C8D000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5326F3000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
A29A3EB000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF540C36000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF557196000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
2C38000
unkown
page readonly
 clean
19D93E6B000
unkown
page read and write
 clean
7FF54A328000
unkown
page readonly
 clean
7FF5E62AC000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D94610000
unkown
page read and write
 clean
19D93EE3000
unkown
page read and write
 clean
7FF524F39000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
19D93ACB000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF54A47F000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
3F112B000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF54A432000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF540EE6000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
19D93A85000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
29D4EFE0000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
3564000
unkown
page read and write
 clean
3578000
unkown
page read and write
 clean
19D91CB4000
unkown
page read and write
 clean
19D95002000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF532A89000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
1C0AAA47000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF540F77000
unkown
page readonly
 clean
7FF5E6235000
unkown
page readonly
 clean
5D11DFF000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF557078000
unkown
page readonly
 clean
3564000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D91C9A000
unkown
page read and write
 clean
7FF540DED000
unkown
page readonly
 clean
7FF5E6514000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5E6387000
unkown
page readonly
 clean
1C0AA810000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
19D91C13000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF532998000
unkown
page readonly
 clean
1E22A700000
unkown
page read and write
 clean
7FF557227000
unkown
page readonly
 clean
7FF540AE0000
unkown
page readonly
 clean
19D93E9C000
unkown
page read and write
 clean
1C0AAA65000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF540F74000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
7FF5E6579000
unkown
page readonly
 clean
7FF524F5C000
unkown
page readonly
 clean
7FF5E6470000
unkown
page readonly
 clean
9C4DA7F000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF556FF0000
unkown
page readonly
 clean
201DA7C0000
heap private
page read and write
 clean
201DAA56000
unkown
page read and write
 clean
19D91C54000
unkown
page read and write
 clean
5D10AFA000
unkown
page read and write
 clean
7FF5329F6000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
19D95000000
unkown
page read and write
 clean
7FF5E62FF000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
7FF532878000
unkown
page readonly
 clean
5D10DFB000
unkown
page read and write
 clean
7FF557137000
unkown
page readonly
 clean
19D93A29000
unkown
page read and write
 clean
7FF5571FC000
unkown
page readonly
 clean
5D11879000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93A71000
unkown
page read and write
 clean
7FF524F56000
unkown
page readonly
 clean
19D91C8B000
unkown
page read and write
 clean
7FF5329BE000
unkown
page readonly
 clean
19D91C9F000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D91C3F000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93E9E000
unkown
page read and write
 clean
201DC3A0000
unkown
page read and write
 clean
32D0000
unkown
page execute and read and write
 clean
7FF5E63EC000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
1DFD4C00000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93FC4000
unkown
page read and write
 clean
19D93C00000
unkown
page read and write
 clean
7FF54A196000
unkown
page readonly
 clean
19D93A0C000
unkown
page read and write
 clean
19D935A0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5E6507000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
5D1157B000
unkown
page read and write
 clean
7FF5571BE000
unkown
page readonly
 clean
3555000
unkown
page read and write
 clean
19D94310000
unkown
page read and write
 clean
2B173113000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5329ED000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D93AF4000
unkown
page read and write
 clean
7FF557220000
unkown
page readonly
 clean
19D94210000
unkown
page read and write
 clean
1DFD4BD0000
unkown
page readonly
 clean
1C0AAA6B000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
5D1107B000
unkown
page read and write
 clean
7FF5E64C9000
unkown
page readonly
 clean
7FF556F50000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
19D94410000
unkown
page read and write
 clean
5D10E7B000
unkown
page read and write
 clean
19D91D02000
unkown
page read and write
 clean
3F11AE000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
3564000
unkown
page read and write
 clean
7FF524FDE000
unkown
page readonly
 clean
3564000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF556EE4000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
2FC0000
unkown
page execute and read and write
 clean
19D91BD0000
unkown
page readonly
 clean
1C0AAA4A000
unkown
page read and write
 clean
5D1177B000
unkown
page read and write
 clean
29D4F002000
unkown
page read and write
 clean
F63F37E000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D94310000
unkown
page read and write
 clean
3521000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
2B17303C000
unkown
page read and write
 clean
3564000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
3F14F9000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
19D94610000
unkown
page read and write
 clean
19D91CE1000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
5D1167B000
unkown
page read and write
 clean
19D91C8D000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
1C0AA9D0000
unkown
page read and write
 clean
7FF540F46000
unkown
page readonly
 clean
5D11AFB000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5E649A000
unkown
page readonly
 clean
1E22A724000
unkown
page read and write
 clean
7FF5E6427000
unkown
page readonly
 clean
7FF54A377000
unkown
page readonly
 clean
7FF532A0C000
unkown
page readonly
 clean
7FF5E64E1000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
1C0AAA6A000
unkown
page read and write
 clean
19D91CD9000
unkown
page read and write
 clean
1DFD4C55000
unkown
page read and write
 clean
7FF557289000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF524FE9000
unkown
page readonly
 clean
1E22A70E000
unkown
page read and write
 clean
5D1117B000
unkown
page read and write
 clean
7FF5183A9000
unkown
page readonly
 clean
19D93EE3000
unkown
page read and write
 clean
19D94010000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF524F75000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
1E22A850000
unkown
page read and write
 clean
2B1735A0000
unkown
page read and write
 clean
7FF54A539000
unkown
page readonly
 clean
1DFD4C13000
unkown
page read and write
 clean
19D93A79000
unkown
page read and write
 clean
740E177000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF5E61FC000
unkown
page readonly
 clean
7FF53F029000
unkown
page readonly
 clean
1C0AAA00000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
7FF54A2FE000
unkown
page readonly
 clean
32D0000
unkown
page read and write
 clean
1E225B18000
unkown
page read and write
 clean
2B17308E000
unkown
page read and write
 clean
5D10CFA000
unkown
page read and write
 clean
1DFD4BE0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
32D0000
unkown
page read and write
 clean
3564000
unkown
page read and write
 clean
1E22A721000
unkown
page read and write
 clean
There are 1043 hidden memdumps, click here to show them.