Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
http://172.18.48.33/securecgi-bin/CSUserCGI.exe?Init+0
|
URL
|
initial url
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{51C4153A-7641-11EB-90E6-ECF4BB82F7E0}.dat
|
Microsoft Word Document
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{51C4153C-7641-11EB-90E6-ECF4BB82F7E0}.dat
|
Microsoft Word Document
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5B608E5A-7641-11EB-90E6-ECF4BB82F7E0}.dat
|
Microsoft Word Document
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\NewErrorPageTemplate[1]
|
UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\errorPageStrings[1]
|
UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\dnserror[1]
|
HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\down[1]
|
PNG image data, 15 x 15, 8-bit colormap, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\httpErrorPagesScripts[1]
|
UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DF32196A06EAF8E73F.TMP
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DF47798191E14DE165.TMP
|
data
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DF4BC1FF4CD54CB25B.TMP
|
data
|
dropped
|
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\internet explorer\iexplore.exe
|
'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4340 CREDAT:17410 /prefetch:2
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://172.18.48.33/securecgi-bin/CSUserCGI.exe?Init
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Active
|
Malicious
|
|
|---|---|---|---|---|---|
|
172.18.48.33
|
unknown
|
Reserved
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\internet explorer\iexplore.exe
|
{51C4153A-7641-11EB-90E6-ECF4BB82F7E0}
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Blocked
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Blocked
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
There are 9 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1E0BB420000
|
heap private
|
page read and write
|
|
|
|
7FF4FEF7C000
|
unkown
|
page readonly
|
|
|
|
241AA502000
|
unkown
|
page read and write
|
|
|
|
1E0BB26B000
|
heap default
|
page read and write
|
|
|
|
57A56FB000
|
unkown
|
page read and write
|
|
|
|
15DD108D000
|
unkown
|
page read and write
|
|
|
|
4150CCC000
|
unkown
|
page read and write
|
|
|
|
415127E000
|
unkown
|
page read and write
|
|
|
|
7FF583FEA000
|
unkown
|
page readonly
|
|
|
|
7FF4FEF02000
|
unkown
|
page readonly
|
|
|
|
15DD1200000
|
unkown
|
page readonly
|
|
|
|
7FF4FEF0C000
|
unkown
|
page readonly
|
|
|
|
7FF5840DB000
|
unkown
|
page readonly
|
|
|
|
1E0BCF6F000
|
heap private
|
page read and write
|
|
|
|
7FF59DAF1000
|
unkown
|
page readonly
|
|
|
|
7FF4FEF93000
|
unkown
|
page readonly
|
|
|
|
1E34B029000
|
unkown
|
page read and write
|
|
|
|
7FF51FA86000
|
unkown
|
page readonly
|
|
|
|
1E34B06C000
|
unkown
|
page read and write
|
|
|
|
7FF51F683000
|
unkown
|
page readonly
|
|
|
|
15DD1113000
|
unkown
|
page read and write
|
|
|
|
15DD1913000
|
unkown
|
page read and write
|
|
|
|
57A5277000
|
unkown
|
page read and write
|
|
|
|
1E0BCE70000
|
heap private
|
page read and write
|
|
|
|
15DD6413000
|
unkown
|
page read and write
|
|
|
|
1E34B054000
|
unkown
|
page read and write
|
|
|
|
7FF59DB58000
|
unkown
|
page readonly
|
|
|
|
7FF51F9FC000
|
unkown
|
page readonly
|
|
|
|
5EFE15B000
|
unkown
|
page read and write
|
|
|
|
7FF51F9A8000
|
unkown
|
page readonly
|
|
|
|
241AA46A000
|
unkown
|
page read and write
|
|
|
|
15DD1802000
|
unkown
|
page read and write
|
|
|
|
4150DCE000
|
unkown
|
page read and write
|
|
|
|
7FF4FEC8F000
|
unkown
|
page readonly
|
|
|
|
7FF4FEE9B000
|
unkown
|
page readonly
|
|
|
|
1E34CB00000
|
unkown
|
page readonly
|
|
|
|
7FF5840E8000
|
unkown
|
page readonly
|
|
|
|
1E34B06A000
|
unkown
|
page read and write
|
|
|
|
57A53FD000
|
unkown
|
page read and write
|
|
|
|
57A5BFF000
|
unkown
|
page read and write
|
|
|
|
1E0BB1D0000
|
unkown
|
page read and write
|
|
|
|
7FF584127000
|
unkown
|
page readonly
|
|
|
|
7FF59DA5A000
|
unkown
|
page readonly
|
|
|
|
7FF59DC26000
|
unkown
|
page readonly
|
|
|
|
7FF4FED5D000
|
unkown
|
page readonly
|
|
|
|
7FF59DA55000
|
unkown
|
page readonly
|
|
|
|
7FF59D450000
|
unkown
|
page readonly
|
|
|
|
7FF51FA02000
|
unkown
|
page readonly
|
|
|
|
15DD17E0000
|
unkown
|
page read and write
|
|
|
|
15DD1900000
|
unkown
|
page read and write
|
|
|
|
7FF584149000
|
unkown
|
page readonly
|
|
|
|
7FF51F67A000
|
unkown
|
page readonly
|
|
|
|
15DD64B4000
|
unkown
|
page read and write
|
|
|
|
5EFE67F000
|
unkown
|
page read and write
|
|
|
|
7FF4FEC7D000
|
unkown
|
page readonly
|
|
|
|
7FF4FEEB0000
|
unkown
|
page readonly
|
|
|
|
15DD109F000
|
unkown
|
page read and write
|
|
|
|
7FF5839E0000
|
unkown
|
page readonly
|
|
|
|
15DD1815000
|
unkown
|
page read and write
|
|
|
|
5EFE5FF000
|
unkown
|
page read and write
|
|
|
|
7FF4FED40000
|
unkown
|
page readonly
|
|
|
|
15DD6840000
|
unkown
|
page read and write
|
|
|
|
1E34AF10000
|
heap default
|
page read and write
|
|
|
|
4150D4E000
|
unkown
|
page read and write
|
|
|
|
241AA500000
|
unkown
|
page read and write
|
|
|
|
15DD1E00000
|
unkown
|
page read and write
|
|
|
|
57A52FE000
|
unkown
|
page read and write
|
|
|
|
7FF583DAC000
|
unkown
|
page readonly
|
|
|
|
57A58FE000
|
unkown
|
page read and write
|
|
|
|
5EFE57A000
|
unkown
|
page read and write
|
|
|
|
14069FF000
|
unkown
|
page read and write
|
|
|
|
15DD63F0000
|
unkown
|
page read and write
|
|
|
|
57A5DFD000
|
unkown
|
page read and write
|
|
|
|
241ABE70000
|
unkown
|
page read and write
|
|
|
|
7FF51F9B0000
|
unkown
|
page readonly
|
|
|
|
1E34B068000
|
unkown
|
page read and write
|
|
|
|
15DD0E90000
|
unkown
|
page readonly
|
|
|
|
15DD63C0000
|
unkown
|
page read and write
|
|
|
|
15DD6600000
|
unkown
|
page read and write
|
|
|
|
7FF4FEC84000
|
unkown
|
page readonly
|
|
|
|
415107D000
|
unkown
|
page read and write
|
|
|
|
1E34B06B000
|
unkown
|
page read and write
|
|
|
|
15DD64B1000
|
unkown
|
page read and write
|
|
|
|
241AA46C000
|
unkown
|
page read and write
|
|
|
|
15DD17C1000
|
unkown
|
page read and write
|
|
|
|
15DD6880000
|
unkown
|
page readonly
|
|
|
|
1E0BB4E0000
|
unkown
|
page readonly
|
|
|
|
15DD10FF000
|
unkown
|
page read and write
|
|
|
|
7FF4FEC1F000
|
unkown
|
page readonly
|
|
|
|
1E0BB870000
|
unkown
|
page readonly
|
|
|
|
7FF4FEF09000
|
unkown
|
page readonly
|
|
|
|
7FF51F98B000
|
unkown
|
page readonly
|
|
|
|
7FF59DBB2000
|
unkown
|
page readonly
|
|
|
|
1E34AFF0000
|
unkown
|
page readonly
|
|
|
|
1E34B06A000
|
unkown
|
page read and write
|
|
|
|
15DD67E7000
|
unkown
|
page write copy
|
|
|
|
7FF4FEB41000
|
unkown
|
page readonly
|
|
|
|
15DD2360000
|
unkown
|
page read and write
|
|
|
|
57A50FE000
|
unkown
|
page read and write
|
|
|
|
1E34B06A000
|
unkown
|
page read and write
|
|
|
|
1E34B002000
|
unkown
|
page read and write
|
|
|
|
15DD643F000
|
unkown
|
page read and write
|
|
|
|
15DD6700000
|
unkown
|
page read and write
|
|
|
|
15DD6390000
|
unkown
|
page readonly
|
|
|
|
5EFE1DF000
|
unkown
|
page read and write
|
|
|
|
7FF59D90F000
|
unkown
|
page readonly
|
|
|
|
7FF4FEE05000
|
unkown
|
page readonly
|
|
|
|
7FF4FEEA8000
|
unkown
|
page readonly
|
|
|
|
1E34B250000
|
unkown
|
page readonly
|
|
|
|
7FF583F3A000
|
unkown
|
page readonly
|
|
|
|
7FF4FEE60000
|
unkown
|
page readonly
|
|
|
|
15DD6890000
|
unkown
|
page readonly
|
|
|
|
15DD63F0000
|
unkown
|
page read and write
|
|
|
|
7FF4FEC9E000
|
unkown
|
page readonly
|
|
|
|
15DD67D4000
|
unkown
|
page readonly
|
|
|
|
15DD0E80000
|
heap default
|
page read and write
|
|
|
|
7FF5840F4000
|
unkown
|
page readonly
|
|
|
|
241AA46C000
|
unkown
|
page read and write
|
|
|
|
7FF4FEEC9000
|
unkown
|
page readonly
|
|
|
|
7FF59D821000
|
unkown
|
page readonly
|
|
|
|
15DD67E4000
|
unkown
|
page write copy
|
|
|
|
15DD1A01000
|
unkown
|
page read and write
|
|
|
|
15DD6840000
|
unkown
|
page read and write
|
|
|
|
1E34B06B000
|
unkown
|
page read and write
|
|
|
|
7FF4FEE54000
|
unkown
|
page readonly
|
|
|
|
7FF5841BC000
|
unkown
|
page readonly
|
|
|
|
7FF4FEE8B000
|
unkown
|
page readonly
|
|
|
|
57A57FB000
|
unkown
|
page read and write
|
|
|
|
7FF4FEF76000
|
unkown
|
page readonly
|
|
|
|
7FF4FE789000
|
unkown
|
page readonly
|
|
|
|
7FF59DB95000
|
unkown
|
page readonly
|
|
|
|
57A55FF000
|
unkown
|
page read and write
|
|
|
|
241ABF70000
|
unkown
|
page readonly
|
|
|
|
15DD0E20000
|
heap private
|
page read and write
|
|
|
|
7FF59D9AA000
|
unkown
|
page readonly
|
|
|
|
7FF5841D3000
|
unkown
|
page readonly
|
|
|
|
7FF583DA0000
|
unkown
|
page readonly
|
|
|
|
7FF4FEE0C000
|
unkown
|
page readonly
|
|
|
|
1E34B06A000
|
unkown
|
page read and write
|
|
|
|
7FF4FE7FB000
|
unkown
|
page readonly
|
|
|
|
7FF51FA7C000
|
unkown
|
page readonly
|
|
|
|
7FF51FA16000
|
unkown
|
page readonly
|
|
|
|
140697A000
|
unkown
|
page read and write
|
|
|
|
15DD0F90000
|
unkown
|
page read and write
|
|
|
|
15DD644C000
|
unkown
|
page read and write
|
|
|
|
15DD0FF0000
|
unkown
|
page read and write
|
|
|
|
15DD63D0000
|
unkown
|
page read and write
|
|
|
|
1E34B068000
|
unkown
|
page read and write
|
|
|
|
7FF59DB14000
|
unkown
|
page readonly
|
|
|
|
241AA3F0000
|
unkown
|
page readonly
|
|
|
|
57A517E000
|
unkown
|
page read and write
|
|
|
|
15DD6820000
|
unkown
|
page read and write
|
|
|
|
415117E000
|
unkown
|
page read and write
|
|
|
|
15DD1072000
|
unkown
|
page read and write
|
|
|
|
15DD6432000
|
unkown
|
page read and write
|
|
|
|
1E0BB200000
|
unkown
|
page readonly
|
|
|
|
15DD1102000
|
unkown
|
page read and write
|
|
|
|
7FF4FEAFB000
|
unkown
|
page readonly
|
|
|
|
57A5CFB000
|
unkown
|
page read and write
|
|
|
|
7FF5841B6000
|
unkown
|
page readonly
|
|
|
|
7FF5840F0000
|
unkown
|
page readonly
|
|
|
|
14068FF000
|
unkown
|
page read and write
|
|
|
|
241AA6D0000
|
unkown
|
page readonly
|
|
|
|
7FF59DBC6000
|
unkown
|
page readonly
|
|
|
|
7FF583FE5000
|
unkown
|
page readonly
|
|
|
|
7FF58413C000
|
unkown
|
page readonly
|
|
|
|
140687A000
|
unkown
|
page read and write
|
|
|
|
7FF4FEF16000
|
unkown
|
page readonly
|
|
|
|
1E34B068000
|
unkown
|
page read and write
|
|
|
|
241AA458000
|
unkown
|
page read and write
|
|
|
|
7FF4FED45000
|
unkown
|
page readonly
|
|
|
|
7FF59DB4F000
|
unkown
|
page readonly
|
|
|
|
7FF5840A4000
|
unkown
|
page readonly
|
|
|
|
15DD6721000
|
unkown
|
page read and write
|
|
|
|
1E34CA00000
|
unkown
|
page read and write
|
|
|
|
57A5A7F000
|
unkown
|
page read and write
|
|
|
|
15DD670E000
|
unkown
|
page read and write
|
|
|
|
241AA390000
|
heap default
|
page read and write
|
|
|
|
7FF59DBAC000
|
unkown
|
page readonly
|
|
|
|
15DD6400000
|
unkown
|
page read and write
|
|
|
|
7FF51F9C1000
|
unkown
|
page readonly
|
|
|
|
7FF5841C6000
|
unkown
|
page readonly
|
|
|
|
15DD2000000
|
unkown
|
page readonly
|
|
|
|
7FF4FE7EC000
|
unkown
|
page readonly
|
|
|
|
15DD67B3000
|
unkown
|
page readonly
|
|
|
|
241AA46B000
|
unkown
|
page read and write
|
|
|
|
7FF4FEEB4000
|
unkown
|
page readonly
|
|
|
|
7FF59DB97000
|
unkown
|
page readonly
|
|
|
|
7FF584083000
|
unkown
|
page readonly
|
|
|
|
241AA402000
|
unkown
|
page read and write
|
|
|
|
15DD1918000
|
unkown
|
page read and write
|
|
|
|
57A54FA000
|
unkown
|
page read and write
|
|
|
|
15DD6720000
|
unkown
|
page read and write
|
|
|
|
7FF51FA0C000
|
unkown
|
page readonly
|
|
|
|
7FF5841D3000
|
unkown
|
page readonly
|
|
|
|
241AA330000
|
heap private
|
page read and write
|
|
|
|
1E34B068000
|
unkown
|
page read and write
|
|
|
|
7FF4FEE64000
|
unkown
|
page readonly
|
|
|
|
7FF4FEE6C000
|
unkown
|
page readonly
|
|
|
|
241AA46C000
|
unkown
|
page read and write
|
|
|
|
7FF4FEEA5000
|
unkown
|
page readonly
|
|
|
|
7FF59DB81000
|
unkown
|
page readonly
|
|
|
|
15DD1000000
|
unkown
|
page read and write
|
|
|
|
15DD1096000
|
unkown
|
page read and write
|
|
|
|
7FF584142000
|
unkown
|
page readonly
|
|
|
|
15DD6708000
|
unkown
|
page read and write
|
|
|
|
15DD0F60000
|
unkown
|
page readonly
|
|
|
|
1E0BD100000
|
heap private
|
page read and write
|
|
|
|
241AA468000
|
unkown
|
page read and write
|
|
|
|
1E0BB4D5000
|
heap private
|
page read and write
|
|
|
|
15DD63E0000
|
unkown
|
page read and write
|
|
|
|
1E34B06E000
|
unkown
|
page read and write
|
|
|
|
7FF4FED81000
|
unkown
|
page readonly
|
|
|
|
7FF4FE7F6000
|
unkown
|
page readonly
|
|
|
|
57A597F000
|
unkown
|
page read and write
|
|
|
|
7FF583E9F000
|
unkown
|
page readonly
|
|
|
|
1E0BB29D000
|
heap default
|
page read and write
|
|
|
|
7FF584101000
|
unkown
|
page readonly
|
|
|
|
1E34B000000
|
unkown
|
page read and write
|
|
|
|
7FF4FEB62000
|
unkown
|
page readonly
|
|
|
|
7FF4FECA1000
|
unkown
|
page readonly
|
|
|
|
1E34B102000
|
unkown
|
page read and write
|
|
|
|
7FF4FEC59000
|
unkown
|
page readonly
|
|
|
|
15DD6810000
|
unkown
|
page read and write
|
|
|
|
15DD1EE0000
|
unkown
|
page read and write
|
|
|
|
7FF51FA93000
|
unkown
|
page readonly
|
|
|
|
7FF4FEE9F000
|
unkown
|
page readonly
|
|
|
|
241AA429000
|
unkown
|
page read and write
|
|
|
|
15DD7000000
|
unkown
|
page read and write
|
|
|
|
15DD63F0000
|
unkown
|
page read and write
|
|
|
|
140656F000
|
unkown
|
page read and write
|
|
|
|
7FF59DBB9000
|
unkown
|
page readonly
|
|
|
|
241AA400000
|
unkown
|
page read and write
|
|
|
|
15DD2010000
|
unkown
|
page readonly
|
|
|
|
241AA41F000
|
unkown
|
page read and write
|
|
|
|
241AA3A0000
|
unkown
|
page write copy
|
|
|
|
7FF4FEB26000
|
unkown
|
page readonly
|
|
|
|
7FF51FA09000
|
unkown
|
page readonly
|
|
|
|
15DD64AB000
|
unkown
|
page read and write
|
|
|
|
7FF4FEE80000
|
unkown
|
page readonly
|
|
|
|
1E0BCDE0000
|
heap private
|
page read and write
|
|
|
|
1E34B040000
|
unkown
|
page read and write
|
|
|
|
7FF51F9E5000
|
unkown
|
page readonly
|
|
|
|
1E34B013000
|
unkown
|
page read and write
|
|
|
|
7FF51F9B4000
|
unkown
|
page readonly
|
|
|
|
1E0BB430000
|
unkown
|
page readonly
|
|
|
|
15DD1918000
|
unkown
|
page read and write
|
|
|
|
57A587F000
|
unkown
|
page read and write
|
|
|
|
15DD1590000
|
unkown
|
page readonly
|
|
|
|
7FF4FEEFB000
|
unkown
|
page readonly
|
|
|
|
15DD1092000
|
unkown
|
page read and write
|
|
|
|
1E0BB260000
|
heap default
|
page read and write
|
|
|
|
7FF51F9A6000
|
unkown
|
page readonly
|
|
|
|
1E34B06D000
|
unkown
|
page read and write
|
|
|
|
241AA46C000
|
unkown
|
page read and write
|
|
|
|
1E0BB080000
|
unkown
|
page readonly
|
|
|
|
7FF51F71F000
|
unkown
|
page readonly
|
|
|
|
7FF59DBBC000
|
unkown
|
page readonly
|
|
|
|
5EFE4FF000
|
unkown
|
page read and write
|
|
|
|
15DD6840000
|
unkown
|
page readonly
|
|
|
|
15DD6940000
|
unkown
|
page readonly
|
|
|
|
1E0BB240000
|
unkown
|
page readonly
|
|
|
|
7FF4FEEE5000
|
unkown
|
page readonly
|
|
|
|
57A507C000
|
unkown
|
page read and write
|
|
|
|
15DD63E0000
|
unkown
|
page read and write
|
|
|
|
1E34B068000
|
unkown
|
page read and write
|
|
|
|
15DD6700000
|
unkown
|
page read and write
|
|
|
|
15DD6724000
|
unkown
|
page read and write
|
|
|
|
7FF51F933000
|
unkown
|
page readonly
|
|
|
|
15DD0FF3000
|
unkown
|
page read and write
|
|
|
|
7FF4FEF24000
|
unkown
|
page readonly
|
|
|
|
7FF4FEB83000
|
unkown
|
page readonly
|
|
|
|
7FF59DC43000
|
unkown
|
page readonly
|
|
|
|
241AA46A000
|
unkown
|
page read and write
|
|
|
|
15DD0F80000
|
unkown
|
page read and write
|
|
|
|
15DD1059000
|
unkown
|
page read and write
|
|
|
|
7FF4FEED1000
|
unkown
|
page readonly
|
|
|
|
7FF51FA76000
|
unkown
|
page readonly
|
|
|
|
15DD1902000
|
unkown
|
page read and write
|
|
|
|
7FF4FEBFD000
|
unkown
|
page readonly
|
|
|
|
15DD10A5000
|
unkown
|
page read and write
|
|
|
|
7FF4FED3B000
|
unkown
|
page readonly
|
|
|
|
1E0BB360000
|
unkown
|
page readonly
|
|
|
|
7FF4FECC5000
|
unkown
|
page readonly
|
|
|
|
7FF4FEE70000
|
unkown
|
page readonly
|
|
|
|
15DD67BC000
|
unkown
|
page write copy
|
|
|
|
7FF4FEB04000
|
unkown
|
page readonly
|
|
|
|
7FF59DC36000
|
unkown
|
page readonly
|
|
|
|
15DD107B000
|
unkown
|
page read and write
|
|
|
|
7FF59DBD4000
|
unkown
|
page readonly
|
|
|
|
7FF4FEB89000
|
unkown
|
page readonly
|
|
|
|
7FF584111000
|
unkown
|
page readonly
|
|
|
|
1E0BB4D0000
|
heap private
|
page read and write
|
|
|
|
7FF4FECBF000
|
unkown
|
page readonly
|
|
|
|
15DD6426000
|
unkown
|
page read and write
|
|
|
|
15DD68A0000
|
unkown
|
page readonly
|
|
|
|
7FF59D81C000
|
unkown
|
page readonly
|
|
|
|
241AA600000
|
unkown
|
page readonly
|
|
|
|
7FF59DB79000
|
unkown
|
page readonly
|
|
|
|
7FF59DB60000
|
unkown
|
page readonly
|
|
|
|
7FF59DAF3000
|
unkown
|
page readonly
|
|
|
|
41511FC000
|
unkown
|
page read and write
|
|
|
|
1E0BB0E0000
|
unkown
|
page readonly
|
|
|
|
1E34AEB0000
|
heap private
|
page read and write
|
|
|
|
57A5B7F000
|
unkown
|
page read and write
|
|
|
|
15DD1090000
|
unkown
|
page read and write
|
|
|
|
7FF4FEB43000
|
unkown
|
page readonly
|
|
|
|
7FF4FE7A5000
|
unkown
|
page readonly
|
|
|
|
7FF59DB71000
|
unkown
|
page readonly
|
|
|
|
7FF59DA15000
|
unkown
|
page readonly
|
|
|
|
15DD67B0000
|
unkown
|
page read and write
|
|
|
|
7FF59DB64000
|
unkown
|
page readonly
|
|
|
|
57A59FF000
|
unkown
|
page read and write
|
|
|
|
7FF4FEE75000
|
unkown
|
page readonly
|
|
|
|
1E0BB1B0000
|
unkown
|
page read and write
|
|
|
|
15DD6800000
|
unkown
|
page read and write
|
|
|
|
1E34B100000
|
unkown
|
page read and write
|
|
|
|
15DD0F70000
|
unkown
|
page readonly
|
|
|
|
15DD1029000
|
unkown
|
page read and write
|
|
|
|
241AA468000
|
unkown
|
page read and write
|
|
|
|
57A5EFE000
|
unkown
|
page read and write
|
|
|
|
1406A7F000
|
unkown
|
page read and write
|
|
|
|
7FF584156000
|
unkown
|
page readonly
|
|
|
|
1E34B113000
|
unkown
|
page read and write
|
|
|
|
241AA46A000
|
unkown
|
page read and write
|
|
|
|
15DD1078000
|
unkown
|
page read and write
|
|
|
|
15DD6960000
|
unkown
|
page readonly
|
|
|
|
1E34B06C000
|
unkown
|
page read and write
|
|
|
|
15DD1013000
|
unkown
|
page read and write
|
|
|
|
7FF51F99F000
|
unkown
|
page readonly
|
|
|
|
15DD1FE0000
|
unkown
|
page readonly
|
|
|
|
7FF4FEC5F000
|
unkown
|
page readonly
|
|
|
|
7FF51F93D000
|
unkown
|
page readonly
|
|
|
|
7FF4FEAF9000
|
unkown
|
page readonly
|
|
|
|
7FF4FEAE8000
|
unkown
|
page readonly
|
|
|
|
1E34B200000
|
unkown
|
page write copy
|
|
|
|
15DD648C000
|
unkown
|
page read and write
|
|
|
|
7FF4FEE10000
|
unkown
|
page readonly
|
|
|
|
15DD1FC0000
|
unkown
|
page readonly
|
|
|
|
241AA43F000
|
unkown
|
page read and write
|
|
|
|
7FF583F05000
|
unkown
|
page readonly
|
|
|
|
15DD648A000
|
unkown
|
page read and write
|
|
|
|
241AA46C000
|
unkown
|
page read and write
|
|
|
|
7FF4FEF93000
|
unkown
|
page readonly
|
|
|
|
7FF5840DF000
|
unkown
|
page readonly
|
|
|
|
1E34B06C000
|
unkown
|
page read and write
|
|
|
|
1E34B06E000
|
unkown
|
page read and write
|
|
|
|
7FF583FA5000
|
unkown
|
page readonly
|
|
|
|
15DD64B4000
|
unkown
|
page read and write
|
|
|
|
7FF58414C000
|
unkown
|
page readonly
|
|
|
|
15DD1FF0000
|
unkown
|
page readonly
|
|
|
|
15DD67F0000
|
unkown
|
page read and write
|
|
|
|
15DD2020000
|
unkown
|
page readonly
|
|
|
|
15DD1FD0000
|
unkown
|
page readonly
|
|
|
|
7FF51FA93000
|
unkown
|
page readonly
|
|
|
|
7FF51F7A9000
|
unkown
|
page readonly
|
|
|
|
15DD6724000
|
unkown
|
page read and write
|
|
|
|
7FF4FEF85000
|
unkown
|
page readonly
|
|
|
|
7FF51F9D1000
|
unkown
|
page readonly
|
|
|
|
7FF51F644000
|
unkown
|
page readonly
|
|
|
|
7FF59D810000
|
unkown
|
page readonly
|
|
|
|
14064EB000
|
unkown
|
page read and write
|
|
|
|
1E0BB250000
|
unkown
|
page readonly
|
|
|
|
7FF59DC43000
|
unkown
|
page readonly
|
|
|
|
7FF59DC2C000
|
unkown
|
page readonly
|
|
|
|
1E34AF20000
|
unkown
|
page readonly
|
|
|
|
7FF584125000
|
unkown
|
page readonly
|
|
|
|
15DD1041000
|
unkown
|
page read and write
|
|
|
|
7FF584109000
|
unkown
|
page readonly
|
|
|
|
15DD6840000
|
unkown
|
page read and write
|
|
|
|
15DD6930000
|
unkown
|
page read and write
|
|
|
|
15DD17F0000
|
unkown
|
page read and write
|
|
|
|
14065EE000
|
unkown
|
page read and write
|
|
|
|
7FF584164000
|
unkown
|
page readonly
|
|
|
|
1E34B06E000
|
unkown
|
page read and write
|
|
|
|
7FF51F9C9000
|
unkown
|
page readonly
|
|
|
|
7FF51FA24000
|
unkown
|
page readonly
|
|
|
|
7FF4FEEC1000
|
unkown
|
page readonly
|
|
|
|
7FF4FEDA0000
|
unkown
|
page readonly
|
|
|
|
15DD64B5000
|
unkown
|
page read and write
|
|
|
|
15DD646F000
|
unkown
|
page read and write
|
|
|
|
7FF583DB1000
|
unkown
|
page readonly
|
|
|
|
7FF4FED2B000
|
unkown
|
page readonly
|
|
|
|
7FF584081000
|
unkown
|
page readonly
|
|
|
|
15DD67D0000
|
unkown
|
page write copy
|
|
|
|
7FF4FECF2000
|
unkown
|
page readonly
|
|
|
|
7FF59DB4B000
|
unkown
|
page readonly
|
|
|
|
7FF4FEE41000
|
unkown
|
page readonly
|
|
|
|
241AA513000
|
unkown
|
page read and write
|
|
|
|
241AA413000
|
unkown
|
page read and write
|
|
|
|
15DD67B0000
|
unkown
|
page readonly
|
|
|
|
1E34B06A000
|
unkown
|
page read and write
|
|
|
|
15DD1800000
|
unkown
|
page read and write
|
|
|
|
5EFE479000
|
unkown
|
page read and write
|
|
|
|
7FF59D975000
|
unkown
|
page readonly
|
|
|
|
7FF51F937000
|
unkown
|
page readonly
|
|
|
|
15DD6920000
|
unkown
|
page readonly
|
|
|
|
1E0BB1F0000
|
unkown
|
page readonly
|
|
There are 388 hidden memdumps, click here to show them.