Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
http://com-thebigwillow-prod1.collector.snplow.net
|
URL
|
initial url
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{6B362ED2-9BDE-11EB-90E6-ECF4BB82F7E0}.dat
|
Microsoft Word Document
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6B362ED4-9BDE-11EB-90E6-ECF4BB82F7E0}.dat
|
Microsoft Word Document
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6B362ED5-9BDE-11EB-90E6-ECF4BB82F7E0}.dat
|
Microsoft Word Document
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\ErrorPageTemplate[1]
|
UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\bullet[1]
|
PNG image data, 15 x 15, 8-bit colormap, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\down[1]
|
PNG image data, 15 x 15, 8-bit colormap, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\errorPageStrings[1]
|
UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\http_404[1]
|
HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\info_48[1]
|
PNG image data, 47 x 48, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\background_gradient[1]
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1x800, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\httpErrorPagesScripts[1]
|
UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DFA1656558CC95E706.TMP
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DFAB0354CC41CB8B27.TMP
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DFE26F6D6E858AB126.TMP
|
data
|
modified
|
|
There are 5 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\internet explorer\iexplore.exe
|
'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:772 CREDAT:17410 /prefetch:2
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://com-thebigwillow-prod1.collector.snplow.net/Root
|
unknown
|
|
|
|
http://com-thebigwillow-prod1.collector.snplow.net/
|
174.129.44.103
|
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
sp-2020021318235372500000000a-763988400.us-east-1.elb.amazonaws.com
|
174.129.44.103
|
|
|
|
clientconfig.passport.net
|
unknown
|
|
|
|
com-thebigwillow-prod1.collector.snplow.net
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
174.129.44.103
|
sp-2020021318235372500000000a-763988400.us-east-1.elb.amazonaws.com
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\internet explorer\iexplore.exe
|
{6B362ED2-9BDE-11EB-90E6-ECF4BB82F7E0}
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Blocked
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Blocked
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
There are 9 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF5D78EF000
|
unkown
|
page readonly
|
|
|
|
1B31666B000
|
unkown
|
page read and write
|
|
|
|
21BB9F02000
|
unkown
|
page read and write
|
|
|
|
1F0AFCB2000
|
unkown
|
page read and write
|
|
|
|
7FF5D794B000
|
unkown
|
page readonly
|
|
|
|
7FF51DF2A000
|
unkown
|
page readonly
|
|
|
|
9A4EAFC000
|
unkown
|
page read and write
|
|
|
|
7FF51E2BC000
|
unkown
|
page readonly
|
|
|
|
1F0AAF13000
|
unkown
|
page read and write
|
|
|
|
7FF5D7795000
|
unkown
|
page readonly
|
|
|
|
12D117E000
|
unkown
|
page read and write
|
|
|
|
1F0AF9F0000
|
unkown
|
page read and write
|
|
|
|
79804FA000
|
unkown
|
page read and write
|
|
|
|
7FF5EBCDC000
|
unkown
|
page readonly
|
|
|
|
21BB9E13000
|
unkown
|
page read and write
|
|
|
|
21BB9E66000
|
unkown
|
page read and write
|
|
|
|
1F0AFBF4000
|
unkown
|
page readonly
|
|
|
|
29A22090000
|
heap private
|
page read and write
|
|
|
|
7FF51DAE3000
|
unkown
|
page readonly
|
|
|
|
79805FF000
|
unkown
|
page read and write
|
|
|
|
29A23D5F000
|
heap private
|
page read and write
|
|
|
|
12D0FFB000
|
unkown
|
page read and write
|
|
|
|
1B31666B000
|
unkown
|
page read and write
|
|
|
|
7FF5D78B4000
|
unkown
|
page readonly
|
|
|
|
7FF5D71D9000
|
unkown
|
page readonly
|
|
|
|
7FF5EBB85000
|
unkown
|
page readonly
|
|
|
|
1F0AFF70000
|
unkown
|
page readonly
|
|
|
|
7980679000
|
unkown
|
page read and write
|
|
|
|
1F0AFC89000
|
unkown
|
page read and write
|
|
|
|
7FF5D78F5000
|
unkown
|
page readonly
|
|
|
|
7FF5D7151000
|
unkown
|
page readonly
|
|
|
|
1F0AFB10000
|
unkown
|
page read and write
|
|
|
|
1F0AFBEC000
|
unkown
|
page readonly
|
|
|
|
7FF5EB951000
|
unkown
|
page readonly
|
|
|
|
7FF5EFC34000
|
unkown
|
page readonly
|
|
|
|
7FF5EFBD9000
|
unkown
|
page readonly
|
|
|
|
7FF51E23B000
|
unkown
|
page readonly
|
|
|
|
29A21EE0000
|
unkown
|
page readonly
|
|
|
|
12D137D000
|
unkown
|
page read and write
|
|
|
|
7FF5EBCC7000
|
unkown
|
page readonly
|
|
|
|
1B31666B000
|
unkown
|
page read and write
|
|
|
|
7FF5EBCA1000
|
unkown
|
page readonly
|
|
|
|
7FF5D78C5000
|
unkown
|
page readonly
|
|
|
|
7FF5EFBF5000
|
unkown
|
page readonly
|
|
|
|
7FF5EFB51000
|
unkown
|
page readonly
|
|
|
|
21BB9E66000
|
unkown
|
page read and write
|
|
|
|
1F0AFE04000
|
unkown
|
page readonly
|
|
|
|
1B316629000
|
unkown
|
page read and write
|
|
|
|
29A22395000
|
heap private
|
page read and write
|
|
|
|
7FF5D76AF000
|
unkown
|
page readonly
|
|
|
|
1B31666B000
|
unkown
|
page read and write
|
|
|
|
7FF5EB940000
|
unkown
|
page readonly
|
|
|
|
12D13FE000
|
unkown
|
page read and write
|
|
|
|
7FF5D7935000
|
unkown
|
page readonly
|
|
|
|
9A4E97D000
|
unkown
|
page read and write
|
|
|
|
1F0AFC60000
|
unkown
|
page read and write
|
|
|
|
1F0AFE40000
|
unkown
|
page read and write
|
|
|
|
7FF5EBAA5000
|
unkown
|
page readonly
|
|
|
|
7FF5D713E000
|
unkown
|
page readonly
|
|
|
|
1F0AFC3D000
|
unkown
|
page read and write
|
|
|
|
1B316641000
|
unkown
|
page read and write
|
|
|
|
7FF5D778B000
|
unkown
|
page readonly
|
|
|
|
7FF5EBCF6000
|
unkown
|
page readonly
|
|
|
|
1F0AA450000
|
heap private
|
page read and write
|
|
|
|
7FF5D785C000
|
unkown
|
page readonly
|
|
|
|
7FF5D7554000
|
unkown
|
page readonly
|
|
|
|
D116FF9000
|
unkown
|
page read and write
|
|
|
|
7FF51DF33000
|
unkown
|
page readonly
|
|
|
|
12D079B000
|
unkown
|
page read and write
|
|
|
|
1F0AAF18000
|
unkown
|
page read and write
|
|
|
|
7FF5EBA3F000
|
unkown
|
page readonly
|
|
|
|
1F0AB5E0000
|
unkown
|
page readonly
|
|
|
|
29A220D0000
|
unkown
|
page readonly
|
|
|
|
7FF5EBCB1000
|
unkown
|
page readonly
|
|
|
|
1F0AB5F0000
|
unkown
|
page readonly
|
|
|
|
7FF5D7182000
|
unkown
|
page readonly
|
|
|
|
7FF51E2C6000
|
unkown
|
page readonly
|
|
|
|
1F0AA679000
|
unkown
|
page read and write
|
|
|
|
7FF5EBCE2000
|
unkown
|
page readonly
|
|
|
|
1B316658000
|
unkown
|
page read and write
|
|
|
|
7FF5D714C000
|
unkown
|
page readonly
|
|
|
|
7FF5D79CC000
|
unkown
|
page readonly
|
|
|
|
7FF5EFCA3000
|
unkown
|
page readonly
|
|
|
|
1F0AA68E000
|
unkown
|
page read and write
|
|
|
|
1F0AFA00000
|
unkown
|
page read and write
|
|
|
|
21BB9E6B000
|
unkown
|
page read and write
|
|
|
|
7FF5D7855000
|
unkown
|
page readonly
|
|
|
|
7FF5D7180000
|
unkown
|
page readonly
|
|
|
|
21BB9E6B000
|
unkown
|
page read and write
|
|
|
|
1F0AB5C0000
|
unkown
|
page readonly
|
|
|
|
7FF5D7952000
|
unkown
|
page readonly
|
|
|
|
7FF5D76EE000
|
unkown
|
page readonly
|
|
|
|
1F0AA4B0000
|
heap default
|
page read and write
|
|
|
|
1B31666B000
|
unkown
|
page read and write
|
|
|
|
7FF5EFC12000
|
unkown
|
page readonly
|
|
|
|
7FF5EFC96000
|
unkown
|
page readonly
|
|
|
|
7FF5EBCC5000
|
unkown
|
page readonly
|
|
|
|
7FF5D7860000
|
unkown
|
page readonly
|
|
|
|
7FF5D79C6000
|
unkown
|
page readonly
|
|
|
|
9A4EA7E000
|
unkown
|
page read and write
|
|
|
|
1F0AFC81000
|
unkown
|
page read and write
|
|
|
|
7FF5EFBC4000
|
unkown
|
page readonly
|
|
|
|
7FF5D7538000
|
unkown
|
page readonly
|
|
|
|
21BB9E56000
|
unkown
|
page read and write
|
|
|
|
29A2215D000
|
heap default
|
page read and write
|
|
|
|
7FF5D78DB000
|
unkown
|
page readonly
|
|
|
|
21BB9E66000
|
unkown
|
page read and write
|
|
|
|
7FF5D78F8000
|
unkown
|
page readonly
|
|
|
|
1B3181C0000
|
unkown
|
page readonly
|
|
|
|
1F0AAE02000
|
unkown
|
page read and write
|
|
|
|
1F0AFC00000
|
unkown
|
page read and write
|
|
|
|
7FF5D78BC000
|
unkown
|
page readonly
|
|
|
|
21BB9E70000
|
unkown
|
page read and write
|
|
|
|
7FF5EBD73000
|
unkown
|
page readonly
|
|
|
|
7FF5EBD56000
|
unkown
|
page readonly
|
|
|
|
1F0AA5B0000
|
unkown
|
page read and write
|
|
|
|
7FF5D7715000
|
unkown
|
page readonly
|
|
|
|
21BB9E29000
|
unkown
|
page read and write
|
|
|
|
7FF5D78B0000
|
unkown
|
page readonly
|
|
|
|
29A22320000
|
heap private
|
page read and write
|
|
|
|
7FF5EBC7B000
|
unkown
|
page readonly
|
|
|
|
7FF5D76F1000
|
unkown
|
page readonly
|
|
|
|
21BB9E40000
|
unkown
|
page read and write
|
|
|
|
1F0AA659000
|
unkown
|
page read and write
|
|
|
|
12D127F000
|
unkown
|
page read and write
|
|
|
|
7FF5D76A9000
|
unkown
|
page readonly
|
|
|
|
1F0AFBE0000
|
unkown
|
page read and write
|
|
|
|
7FF5EBCEC000
|
unkown
|
page readonly
|
|
|
|
7FF51E260000
|
unkown
|
page readonly
|
|
|
|
1F0AFE00000
|
unkown
|
page write copy
|
|
|
|
7FF5D7576000
|
unkown
|
page readonly
|
|
|
|
79801AF000
|
unkown
|
page read and write
|
|
|
|
7FF5EBC90000
|
unkown
|
page readonly
|
|
|
|
1F0AFB50000
|
unkown
|
page read and write
|
|
|
|
7FF5EF881000
|
unkown
|
page readonly
|
|
|
|
29A22030000
|
unkown
|
page read and write
|
|
|
|
7FF5EFBE1000
|
unkown
|
page readonly
|
|
|
|
1F0AAF59000
|
unkown
|
page read and write
|
|
|
|
1F0AFB31000
|
unkown
|
page read and write
|
|
|
|
7FF5D75D3000
|
unkown
|
page readonly
|
|
|
|
7FF51E256000
|
unkown
|
page readonly
|
|
|
|
7FF51E2AC000
|
unkown
|
page readonly
|
|
|
|
7FF5EBCA9000
|
unkown
|
page readonly
|
|
|
|
7FF5EFCA3000
|
unkown
|
page readonly
|
|
|
|
29A223A0000
|
unkown
|
page readonly
|
|
|
|
21BB9E66000
|
unkown
|
page read and write
|
|
|
|
798047E000
|
unkown
|
page read and write
|
|
|
|
29A22220000
|
unkown
|
page readonly
|
|
|
|
1B3165C0000
|
unkown
|
page readonly
|
|
|
|
7FF5EBD66000
|
unkown
|
page readonly
|
|
|
|
21BB9E66000
|
unkown
|
page read and write
|
|
|
|
1B3165B0000
|
heap default
|
page read and write
|
|
|
|
7FF5D7790000
|
unkown
|
page readonly
|
|
|
|
7FF5EBC7F000
|
unkown
|
page readonly
|
|
|
|
7FF5EB580000
|
unkown
|
page readonly
|
|
|
|
1B31666B000
|
unkown
|
page read and write
|
|
|
|
1F0AFB40000
|
unkown
|
page read and write
|
|
|
|
1F0AFEC0000
|
unkown
|
page readonly
|
|
|
|
7FF5EFABA000
|
unkown
|
page readonly
|
|
|
|
1F0AFA10000
|
unkown
|
page read and write
|
|
|
|
7FF5D79E3000
|
unkown
|
page readonly
|
|
|
|
7FF5EFBF7000
|
unkown
|
page readonly
|
|
|
|
7FF5EFC8C000
|
unkown
|
page readonly
|
|
|
|
1F0AA5C0000
|
unkown
|
page read and write
|
|
|
|
1F0AA693000
|
unkown
|
page read and write
|
|
|
|
7FF5D7921000
|
unkown
|
page readonly
|
|
|
|
7FF5EFA0A000
|
unkown
|
page readonly
|
|
|
|
7FF5EFBD1000
|
unkown
|
page readonly
|
|
|
|
7FF5D795C000
|
unkown
|
page readonly
|
|
|
|
7FF51E1E3000
|
unkown
|
page readonly
|
|
|
|
7FF5EFA75000
|
unkown
|
page readonly
|
|
|
|
7FF51E059000
|
unkown
|
page readonly
|
|
|
|
7FF5D7891000
|
unkown
|
page readonly
|
|
|
|
21BB9E66000
|
unkown
|
page read and write
|
|
|
|
1F0AFED0000
|
unkown
|
page readonly
|
|
|
|
1F0AADE1000
|
unkown
|
page read and write
|
|
|
|
29A220C0000
|
unkown
|
page readonly
|
|
|
|
1B3168D0000
|
unkown
|
page write copy
|
|
|
|
7FF5D77D1000
|
unkown
|
page readonly
|
|
|
|
7FF5D78C0000
|
unkown
|
page readonly
|
|
|
|
7FF51E264000
|
unkown
|
page readonly
|
|
|
|
1F0AAF02000
|
unkown
|
page read and write
|
|
|
|
1F0AA641000
|
unkown
|
page read and write
|
|
|
|
7FF5D7904000
|
unkown
|
page readonly
|
|
|
|
21BB9E00000
|
unkown
|
page read and write
|
|
|
|
7FF5EB94C000
|
unkown
|
page readonly
|
|
|
|
1F0AA67C000
|
unkown
|
page read and write
|
|
|
|
7FF5D7549000
|
unkown
|
page readonly
|
|
|
|
1F0AA629000
|
unkown
|
page read and write
|
|
|
|
12D0DFB000
|
unkown
|
page read and write
|
|
|
|
1F0AA613000
|
unkown
|
page read and write
|
|
|
|
7FF5EFBAF000
|
unkown
|
page readonly
|
|
|
|
1F0AFCA8000
|
unkown
|
page read and write
|
|
|
|
7FF5D76D4000
|
unkown
|
page readonly
|
|
|
|
7FF5D78EB000
|
unkown
|
page readonly
|
|
|
|
7FF5EF9D5000
|
unkown
|
page readonly
|
|
|
|
1F0AFB34000
|
unkown
|
page read and write
|
|
|
|
21BB9C60000
|
heap default
|
page read and write
|
|
|
|
7FF5EFBB8000
|
unkown
|
page readonly
|
|
|
|
1F0AFCB4000
|
unkown
|
page read and write
|
|
|
|
1F0AA713000
|
unkown
|
page read and write
|
|
|
|
1F0AAE00000
|
unkown
|
page read and write
|
|
|
|
1B316700000
|
unkown
|
page read and write
|
|
|
|
1F0AA6A0000
|
unkown
|
page read and write
|
|
|
|
21BB9E6B000
|
unkown
|
page read and write
|
|
|
|
D1170FF000
|
unkown
|
page read and write
|
|
|
|
7FF5D7911000
|
unkown
|
page readonly
|
|
|
|
1F0AFC11000
|
unkown
|
page read and write
|
|
|
|
21BB9E68000
|
unkown
|
page read and write
|
|
|
|
1F0AAF00000
|
unkown
|
page read and write
|
|
|
|
1F0AFE20000
|
unkown
|
page read and write
|
|
|
|
1F0AA672000
|
unkown
|
page read and write
|
|
|
|
1B316600000
|
unkown
|
page read and write
|
|
|
|
7FF5EBC88000
|
unkown
|
page readonly
|
|
|
|
12D187F000
|
unkown
|
page read and write
|
|
|
|
7FF5EF4B0000
|
unkown
|
page readonly
|
|
|
|
21BB9C70000
|
unkown
|
page readonly
|
|
|
|
21BB9E6B000
|
unkown
|
page read and write
|
|
|
|
1B316550000
|
heap private
|
page read and write
|
|
|
|
29A22010000
|
unkown
|
page read and write
|
|
|
|
7FF51E1ED000
|
unkown
|
page readonly
|
|
|
|
7FF5EFB53000
|
unkown
|
page readonly
|
|
|
|
7FF5D71E2000
|
unkown
|
page readonly
|
|
|
|
7FF51E258000
|
unkown
|
page readonly
|
|
|
|
1F0AAE15000
|
unkown
|
page read and write
|
|
|
|
7FF5EFC86000
|
unkown
|
page readonly
|
|
|
|
7FF5EBD73000
|
unkown
|
page readonly
|
|
|
|
7FF51E24F000
|
unkown
|
page readonly
|
|
|
|
D116BCB000
|
unkown
|
page read and write
|
|
|
|
21BBA000000
|
unkown
|
page readonly
|
|
|
|
21BB9F00000
|
unkown
|
page read and write
|
|
|
|
7FF5EFBAB000
|
unkown
|
page readonly
|
|
|
|
1F0AB5D0000
|
unkown
|
page readonly
|
|
|
|
21BB9E6B000
|
unkown
|
page read and write
|
|
|
|
1F0AA702000
|
unkown
|
page read and write
|
|
|
|
1B3180C0000
|
unkown
|
page read and write
|
|
|
|
1F0AFF60000
|
unkown
|
page read and write
|
|
|
|
7FF5D7134000
|
unkown
|
page readonly
|
|
|
|
21BB9E6F000
|
unkown
|
page read and write
|
|
|
|
7FF5D76DF000
|
unkown
|
page readonly
|
|
|
|
12D147E000
|
unkown
|
page read and write
|
|
|
|
9A4E58C000
|
unkown
|
page read and write
|
|
|
|
1F0AB400000
|
unkown
|
page read and write
|
|
|
|
1F0AAB90000
|
unkown
|
page readonly
|
|
|
|
12D11FE000
|
unkown
|
page read and write
|
|
|
|
7FF5D7959000
|
unkown
|
page readonly
|
|
|
|
7FF5D78A4000
|
unkown
|
page readonly
|
|
|
|
7FF5EFC26000
|
unkown
|
page readonly
|
|
|
|
1F0AB963000
|
unkown
|
page read and write
|
|
|
|
D11707F000
|
unkown
|
page read and write
|
|
|
|
12D167A000
|
unkown
|
page read and write
|
|
|
|
1F0AFB18000
|
unkown
|
page read and write
|
|
|
|
1F0AFC61000
|
unkown
|
page read and write
|
|
|
|
7FF5D77F0000
|
unkown
|
page readonly
|
|
|
|
21BB9D90000
|
unkown
|
page readonly
|
|
|
|
7FF5EF96F000
|
unkown
|
page readonly
|
|
|
|
1F0AFC8D000
|
unkown
|
page read and write
|
|
|
|
1F0AFE70000
|
unkown
|
page read and write
|
|
|
|
1F0AB960000
|
unkown
|
page read and write
|
|
|
|
7FF5D76CD000
|
unkown
|
page readonly
|
|
|
|
21BB9F13000
|
unkown
|
page read and write
|
|
|
|
29A22730000
|
unkown
|
page readonly
|
|
|
|
12D0EFE000
|
unkown
|
page read and write
|
|
|
|
1F0AA6FE000
|
unkown
|
page read and write
|
|
|
|
1F0AFBE8000
|
unkown
|
page write copy
|
|
|
|
1F0AFE50000
|
unkown
|
page read and write
|
|
|
|
7FF5EF87C000
|
unkown
|
page readonly
|
|
|
|
21BB9C00000
|
heap private
|
page read and write
|
|
|
|
1B316602000
|
unkown
|
page read and write
|
|
|
|
1B316713000
|
unkown
|
page read and write
|
|
|
|
7FF5D7900000
|
unkown
|
page readonly
|
|
|
|
1F0AFB1E000
|
unkown
|
page read and write
|
|
|
|
1F0AAF18000
|
unkown
|
page read and write
|
|
|
|
1F0AB620000
|
unkown
|
page readonly
|
|
|
|
12D157F000
|
unkown
|
page read and write
|
|
|
|
21BB9E6B000
|
unkown
|
page read and write
|
|
|
|
29A23E90000
|
heap private
|
page read and write
|
|
|
|
1F0AA6AF000
|
unkown
|
page read and write
|
|
|
|
29A22390000
|
heap private
|
page read and write
|
|
|
|
29A22050000
|
unkown
|
page readonly
|
|
|
|
29A23C60000
|
heap private
|
page read and write
|
|
|
|
1F0AFBF0000
|
unkown
|
page readonly
|
|
|
|
1B31666B000
|
unkown
|
page read and write
|
|
|
|
1F0AFE30000
|
unkown
|
page read and write
|
|
|
|
7FF5D7974000
|
unkown
|
page readonly
|
|
|
|
7FF5EBD5C000
|
unkown
|
page readonly
|
|
|
|
7FF5D75D9000
|
unkown
|
page readonly
|
|
|
|
1F0AA590000
|
unkown
|
page readonly
|
|
|
|
1F0AFCA1000
|
unkown
|
page read and write
|
|
|
|
7FF51E1E7000
|
unkown
|
page readonly
|
|
|
|
7FF51E32C000
|
unkown
|
page readonly
|
|
|
|
798057A000
|
unkown
|
page read and write
|
|
|
|
12D0A7E000
|
unkown
|
page read and write
|
|
|
|
7FF5D7919000
|
unkown
|
page readonly
|
|
|
|
7FF5D75B2000
|
unkown
|
page readonly
|
|
|
|
1F0AF9C0000
|
unkown
|
page readonly
|
|
|
|
7FF51E271000
|
unkown
|
page readonly
|
|
|
|
7FF5EFB74000
|
unkown
|
page readonly
|
|
|
|
D116E7F000
|
unkown
|
page read and write
|
|
|
|
7FF51E336000
|
unkown
|
page readonly
|
|
|
|
1F0AA677000
|
unkown
|
page read and write
|
|
|
|
7FF5EF870000
|
unkown
|
page readonly
|
|
|
|
798012B000
|
unkown
|
page read and write
|
|
|
|
9A4E8FE000
|
unkown
|
page read and write
|
|
|
|
7FF51DB2A000
|
unkown
|
page readonly
|
|
|
|
7FF5EBC94000
|
unkown
|
page readonly
|
|
|
|
7FF5D777B000
|
unkown
|
page readonly
|
|
|
|
1F0AAF59000
|
unkown
|
page read and write
|
|
|
|
1F0AB970000
|
unkown
|
page read and write
|
|
|
|
1B316800000
|
unkown
|
page readonly
|
|
|
|
7FF5D770F000
|
unkown
|
page readonly
|
|
|
|
12D177C000
|
unkown
|
page read and write
|
|
|
|
7FF5EBB8A000
|
unkown
|
page readonly
|
|
|
|
7FF5EBC23000
|
unkown
|
page readonly
|
|
|
|
7FF5D78D0000
|
unkown
|
page readonly
|
|
|
|
29A21F40000
|
unkown
|
page readonly
|
|
|
|
1F0AB600000
|
unkown
|
page readonly
|
|
|
|
29A22060000
|
unkown
|
page readonly
|
|
|
|
1F0AFE70000
|
unkown
|
page read and write
|
|
|
|
1F0AFB10000
|
unkown
|
page read and write
|
|
|
|
1B316702000
|
unkown
|
page read and write
|
|
|
|
1F0AFE70000
|
unkown
|
page read and write
|
|
|
|
21BB9D40000
|
unkown
|
page write copy
|
|
|
|
7FF51E2B2000
|
unkown
|
page readonly
|
|
|
|
1F0AFC2C000
|
unkown
|
page read and write
|
|
|
|
1F0AB610000
|
unkown
|
page readonly
|
|
|
|
1F0AFC70000
|
unkown
|
page read and write
|
|
|
|
1F0AFB40000
|
unkown
|
page read and write
|
|
|
|
1F0AFB54000
|
unkown
|
page read and write
|
|
|
|
7FF51E2D4000
|
unkown
|
page readonly
|
|
|
|
1F0AFC4A000
|
unkown
|
page read and write
|
|
|
|
29A2212B000
|
heap default
|
page read and write
|
|
|
|
12D10FF000
|
unkown
|
page read and write
|
|
|
|
1F0AA600000
|
unkown
|
page read and write
|
|
|
|
7FF5EFBC0000
|
unkown
|
page readonly
|
|
|
|
7FF51E343000
|
unkown
|
page readonly
|
|
|
|
29A22120000
|
heap default
|
page read and write
|
|
|
|
7FF5EBADA000
|
unkown
|
page readonly
|
|
|
|
D116EFF000
|
unkown
|
page read and write
|
|
|
|
7FF5EFC0C000
|
unkown
|
page readonly
|
|
|
|
7FF5EFAB5000
|
unkown
|
page readonly
|
|
|
|
21BBB8A0000
|
unkown
|
page readonly
|
|
|
|
1F0AFF90000
|
unkown
|
page readonly
|
|
|
|
1F0AFCB0000
|
unkown
|
page read and write
|
|
|
|
9A4E87E000
|
unkown
|
page read and write
|
|
|
|
7FF5EFC19000
|
unkown
|
page readonly
|
|
|
|
1B31666B000
|
unkown
|
page read and write
|
|
|
|
1F0AFEB0000
|
unkown
|
page readonly
|
|
|
|
7FF5D7742000
|
unkown
|
page readonly
|
|
|
|
1F0AFC1E000
|
unkown
|
page read and write
|
|
|
|
1F0AF970000
|
unkown
|
page read and write
|
|
|
|
7FF5EBD04000
|
unkown
|
page readonly
|
|
|
|
1B316613000
|
unkown
|
page read and write
|
|
|
|
7FF5D79D5000
|
unkown
|
page readonly
|
|
|
|
29A220B0000
|
unkown
|
page readonly
|
|
|
|
12D107E000
|
unkown
|
page read and write
|
|
|
|
7FF5EBB45000
|
unkown
|
page readonly
|
|
|
|
21BBB7A0000
|
unkown
|
page read and write
|
|
|
|
21BB9E02000
|
unkown
|
page read and write
|
|
|
|
7FF51E281000
|
unkown
|
page readonly
|
|
|
|
12D0BF8000
|
unkown
|
page read and write
|
|
|
|
1F0AFB30000
|
unkown
|
page read and write
|
|
|
|
7FF5EBCE9000
|
unkown
|
page readonly
|
|
|
|
7FF5D754B000
|
unkown
|
page readonly
|
|
|
|
1F0AA5A0000
|
unkown
|
page readonly
|
|
|
|
7FF51E2B9000
|
unkown
|
page readonly
|
|
|
|
9A4E9FE000
|
unkown
|
page read and write
|
|
|
|
1F0AF980000
|
unkown
|
page read and write
|
|
|
|
7FF5EBC44000
|
unkown
|
page readonly
|
|
|
|
1F0AB4E0000
|
unkown
|
page read and write
|
|
|
|
21BB9E6B000
|
unkown
|
page read and write
|
|
|
|
7FF51E295000
|
unkown
|
page readonly
|
|
|
|
7FF51E279000
|
unkown
|
page readonly
|
|
|
|
21BB9E66000
|
unkown
|
page read and write
|
|
|
|
7FF5D79E3000
|
unkown
|
page readonly
|
|
|
|
1F0AA800000
|
unkown
|
page readonly
|
|
|
|
7FF5D77AD000
|
unkown
|
page readonly
|
|
|
|
1F0AFE70000
|
unkown
|
page readonly
|
|
|
|
1B316920000
|
unkown
|
page readonly
|
|
|
|
1F0AFF50000
|
unkown
|
page readonly
|
|
|
|
12D0AFE000
|
unkown
|
page read and write
|
|
|
|
7FF5EFC1C000
|
unkown
|
page readonly
|
|
|
|
1F0AA4C0000
|
unkown
|
page readonly
|
|
|
|
7FF5EBC21000
|
unkown
|
page readonly
|
|
|
|
12D0CFA000
|
unkown
|
page read and write
|
|
|
|
7FF51E326000
|
unkown
|
page readonly
|
|
|
|
7FF51E343000
|
unkown
|
page readonly
|
|
|
|
7FF5D7966000
|
unkown
|
page readonly
|
|
|
|
D116F79000
|
unkown
|
page read and write
|
|
There are 379 hidden memdumps, click here to show them.