Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
Invoice PDF.jar
|
Zip archive data, at least v2.0 to extract
|
initial sample
|
||
C:\Users\user\AppData\Local\Temp\Retrive4117647702204724132.vbs
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\Retrive7530640457785674935.vbs
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\Retrive7965693575833183651.vbs
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\Retrive9101275134933643330.vbs
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\Windows278170804881636675.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\Windows9046764930049020633.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\ebgeaegdbdecaedfebace.reg
|
ASCII text, with CRLF, LF line terminators
|
dropped
|
||
C:\ProgramData\Oracle\Java\.oracle_jre_usage\cce3fe3b0d8d83e2.timestamp
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\Config5175199137087621866.sqlite
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\GYcBDbnJPA3276512531836276281.reg
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\_0.5473048333189129536838706564981496.class
|
Java archive data (JAR)
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\sqlite-3.8.11.2-42eaffe0-b8ea-4880-ab72-6ea9a41a3e14-sqlitejdbc.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3853321935-2125563209-4053062332-1002\83aa4cc77f591dfc2374580bbd95f6ba_d06ed635-68f6-4e9a-955c-4899f5f57b9a
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\COPYRIGHT
|
ISO-8859 text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\LICENSE
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\README.txt
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\THIRDPARTYLICENSEREADME-JAVAFX.txt
|
UTF-8 Unicode (with BOM) text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\THIRDPARTYLICENSEREADME.txt
|
UTF-8 Unicode text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\Welcome.html
|
HTML document, ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\JAWTAccessBridge-32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\JavaAccessBridge-32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\WindowsAccessBridge-32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-console-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-datetime-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-debug-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-errorhandling-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-file-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-file-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-file-l2-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-handle-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-heap-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-interlocked-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-libraryloader-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-localization-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-memory-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-namedpipe-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-processenvironment-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-processthreads-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-processthreads-l1-1-1.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-profile-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-rtlsupport-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-string-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-synch-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-synch-l1-2-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-sysinfo-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-timezone-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-core-util-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-crt-conio-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-crt-convert-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-crt-environment-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-crt-filesystem-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-crt-heap-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-crt-locale-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-crt-math-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-crt-multibyte-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-crt-private-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-crt-process-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-crt-runtime-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-crt-stdio-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-crt-string-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-crt-time-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\api-ms-win-crt-utility-l1-1-0.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\awt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\bci.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\client\Xusage.txt
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\client\classes.jsa
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\client\jvm.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\concrt140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\dcpr.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\decora_sse.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\deploy.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\dt_shmem.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\dt_socket.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\dtplugin\deployJava1.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\dtplugin\npdeployJava1.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\eula.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\fontmanager.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\fxplugins.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\glass.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\glib-lite.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\gstreamer-lite.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\hprof.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\instrument.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\j2pcsc.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\j2pkcs11.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\jaas_nt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\jabswitch.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\java-rmi.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\java.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\java.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\java_crw_demo.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\javacpl.cpl
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\javacpl.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\javafx_font.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\javafx_font_t2k.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\javafx_iio.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\javaw.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\javaws.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\jawt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\jdwp.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\jfr.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\jfxmedia.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\jfxwebkit.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\jjs.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\jli.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\jp2iexp.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\jp2launcher.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\jp2native.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\jp2ssv.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\jpeg.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\jsdt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\jsound.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\jsoundds.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\keytool.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\kinit.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\klist.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\ktab.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\lcms.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\management.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\mlib_image.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\msvcp140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\msvcr100.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\net.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\nio.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\npt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\orbd.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\pack200.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\plugin2\msvcr100.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\plugin2\npjp2.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\policytool.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\prism_common.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\prism_d3d.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\prism_sw.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\resource.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\rmid.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\rmiregistry.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\servertool.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\splashscreen.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\ssv.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\ssvagent.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\sunec.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\sunmscapi.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\t2k.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\tnameserv.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\ucrtbase.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\unpack.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\unpack200.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\vcruntime140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\verify.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\w2k_lsa_auth.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\wsdetect.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\bin\zip.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\accessibility.properties
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\calendars.properties
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\charsets.jar
|
Java archive data (JAR)
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\classlist
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\cmm\CIEXYZ.pf
|
Sun KCMS color profile 2.0, type KCMS, XYZ/XYZ-spac device, 51236 bytes, 2-12-1997 18:50:04, dependently, PCS X=0xf6b3 Z=0xd2f8
"XYZ to XYZ Identity Profile"
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\cmm\GRAY.pf
|
Sun KCMS color profile 2.0, type KCMS, GRAY/XYZ-mntr device, KODA/GRAY model, 632 bytes, 27-7-95 17:30:15, embedded, relative
colorimetric, PCS Z=0xd32b "KODAK Grayscale Conversion - Gamma 1.0"
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\cmm\LINEAR_RGB.pf
|
color profile 2.0, type KCMS, RGB/XYZ-mntr device by KODK, 1044 bytes, 2-2-1998, PCS Z=0xd32c "linear sRGB"
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\cmm\PYCC.pf
|
Sun KCMS color profile 2.0, type KCMS, 3CLR/Lab-spac device, 274474 bytes, 6-11-1996 7:50:04, PCS X=0xf6b3 Z=0xd2f8 "Std Photo
YCC Print"
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\cmm\sRGB.pf
|
Microsoft color profile 2.1, type Lino, RGB/XYZ-mntr device, IEC/sRGB model by HP, 3144 bytes, 9-2-1998 6:49:00 "sRGB IEC61966-2.1"
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\content-types.properties
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\currency.data
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\deploy.jar
|
Java archive data (JAR)
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\deploy\ffjcext.zip
|
Zip archive data, at least v1.0 to extract
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\deploy\messages.properties
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\deploy\messages_de.properties
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\deploy\messages_es.properties
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\deploy\messages_fr.properties
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\deploy\messages_it.properties
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\deploy\messages_ja.properties
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\deploy\messages_ko.properties
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\deploy\messages_pt_BR.properties
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\deploy\messages_sv.properties
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\deploy\messages_zh_CN.properties
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\deploy\messages_zh_HK.properties
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\deploy\messages_zh_TW.properties
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\deploy\splash.gif
|
GIF image data, version 89a, 320 x 139
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\deploy\splash@2x.gif
|
GIF image data, version 89a, 640 x 278
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\deploy\splash_11-lic.gif
|
GIF image data, version 89a, 320 x 139
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\deploy\splash_11@2x-lic.gif
|
GIF image data, version 89a, 640 x 278
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\ext\access-bridge-32.jar
|
Java archive data (JAR)
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\ext\cldrdata.jar
|
Java archive data (JAR)
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\ext\dnsns.jar
|
Java archive data (JAR)
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\ext\jaccess.jar
|
Java archive data (JAR)
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\ext\jfxrt.jar
|
Java archive data (JAR)
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\ext\localedata.jar
|
Java archive data (JAR)
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\ext\meta-index
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\ext\nashorn.jar
|
Java archive data (JAR)
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\ext\sunec.jar
|
Zip archive data, at least v2.0 to extract
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\ext\sunjce_provider.jar
|
Zip archive data, at least v2.0 to extract
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\ext\sunmscapi.jar
|
Zip archive data, at least v2.0 to extract
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\ext\sunpkcs11.jar
|
Zip archive data, at least v2.0 to extract
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\ext\zipfs.jar
|
Java archive data (JAR)
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\flavormap.properties
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\fontconfig.bfc
|
raw G3 (Group 3) FAX
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\fontconfig.properties.src
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\fonts\LucidaBrightDemiBold.ttf
|
TrueType Font data, 15 tables, 1st "LTSH", 16 names, Macintosh, Copyright (c) 2000 Bigelow & Holmes Inc. Pat. Des 289,422.Lucida
BrightDemiboldLucida Bright De
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\fonts\LucidaBrightDemiItalic.ttf
|
TrueType Font data, 15 tables, 1st "LTSH", 16 names, Macintosh, Copyright (c) 2000 Bigelow & Holmes Inc.Lucida BrightDemibold
ItalicLucida Bright Demibold Ital
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\fonts\LucidaBrightItalic.ttf
|
TrueType Font data, 15 tables, 1st "LTSH", 16 names, Macintosh, Copyright (c) 2000 Bigelow & Holmes Inc. Pat. Des 289,773.Lucida
BrightItalicLucida Bright Ital
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\fonts\LucidaBrightRegular.ttf
|
TrueType Font data, 15 tables, 1st "LTSH", 16 names, Macintosh, Copyright (c) 2000 Bigelow & Holmes Inc. Pat. Des 289,421.Lucida
BrightRegularLucida Bright Reg
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\fonts\LucidaSansDemiBold.ttf
|
TrueType Font data, 15 tables, 1st "LTSH", 19 names, Macintosh, Copyright (c) 1999, 2001 by Bigelow & Holmes Inc. Pat. Des.
289,420.Lucida SansDemiboldLucida S
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\fonts\LucidaSansRegular.ttf
|
TrueType Font data, 18 tables, 1st "GDEF", 19 names, Macintosh, Copyright (c) 1999 by Bigelow & Holmes Inc. Pat. Des. 289,420.Lucida
SansRegularLucida Sans Reg
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\fonts\LucidaTypewriterBold.ttf
|
TrueType Font data, 13 tables, 1st "OS/2", 16 names, Macintosh, Copyright (c) 1999, 2001 by Bigelow & Holmes Inc.Lucida Sans
TypewriterBoldLucida Sans Typewrit
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\fonts\LucidaTypewriterRegular.ttf
|
TrueType Font data, 13 tables, 1st "OS/2", 16 names, Macintosh, Copyright (c) 1999 by Bigelow & Holmes Inc.Lucida Sans TypewriterRegularLucida
Sans Typewriter
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\hijrah-config-umalqura.properties
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\i386\jvm.cfg
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\images\cursors\cursors.properties
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\images\cursors\invalid32x32.gif
|
GIF image data, version 89a, 32 x 32
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\images\cursors\win32_CopyDrop32x32.gif
|
GIF image data, version 89a, 31 x 32
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\images\cursors\win32_CopyNoDrop32x32.gif
|
GIF image data, version 89a, 32 x 32
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\images\cursors\win32_LinkDrop32x32.gif
|
GIF image data, version 89a, 31 x 32
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\images\cursors\win32_LinkNoDrop32x32.gif
|
GIF image data, version 89a, 32 x 32
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\images\cursors\win32_MoveDrop32x32.gif
|
GIF image data, version 89a, 31 x 32
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\images\cursors\win32_MoveNoDrop32x32.gif
|
GIF image data, version 89a, 32 x 32
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\javafx.properties
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\javaws.jar
|
Java archive data (JAR)
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\jce.jar
|
Zip archive data, at least v2.0 to extract
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\jfr.jar
|
Java archive data (JAR)
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\jfr\default.jfc
|
XML 1.0 document, ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\jfr\profile.jfc
|
XML 1.0 document, ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\jfxswt.jar
|
Java archive data (JAR)
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\jsse.jar
|
Java archive data (JAR)
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\jvm.hprof.txt
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\logging.properties
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\management-agent.jar
|
Java archive data (JAR)
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\management\jmxremote.access
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\management\jmxremote.password.template
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\management\management.properties
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\management\snmp.acl.template
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\meta-index
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\net.properties
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\plugin.jar
|
Java archive data (JAR)
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\psfont.properties.ja
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\psfontj2d.properties
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\resources.jar
|
Java archive data (JAR)
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\rt.jar
|
Java archive data (JAR)
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\security\blacklist
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\security\blacklisted.certs
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\security\cacerts
|
Java KeyStore
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\security\java.policy
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\security\java.security
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\security\javaws.policy
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\security\policy\limited\US_export_policy.jar
|
Zip archive data, at least v2.0 to extract
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\security\policy\limited\local_policy.jar
|
Zip archive data, at least v2.0 to extract
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\security\policy\unlimited\US_export_policy.jar
|
Zip archive data, at least v2.0 to extract
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\security\policy\unlimited\local_policy.jar
|
Zip archive data, at least v2.0 to extract
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\sound.properties
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\tzdb.dat
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\lib\tzmappings
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\Oracle\release
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Roaming\jhxromh.txt
|
Java archive data (JAR)
|
dropped
|
||
C:\Users\user\DfSJGumiMVk\ID.txt
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\DfSJGumiMVk\mrSpbGLeBqF\VRacgaBger.ckLFQ
|
Java archive data (JAR)
|
dropped
|
||
C:\Users\user\bgddtomvyl.js
|
ASCII text, with very long lines
|
modified
|
||
C:\Users\user\fUTkALeaTxM\ID.txt
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Windows\SysWOW64\test.txt
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
There are 248 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe
|
'C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe' -javaagent:'C:\Users\user\AppData\Local\Temp\jartracer.jar' -jar
'C:\Users\user\Desktop\Invoice PDF.jar'
|
||
C:\Windows\SysWOW64\wscript.exe
|
wscript C:\Users\user\bgddtomvyl.js
|
||
C:\Windows\SysWOW64\regedit.exe
|
'regedit.exe' 'C:\Users\user\AppData\Local\Temp\ebgeaegdbdecaedfebace.reg'
|
||
C:\Program Files (x86)\Java\jre1.8.0_211\bin\javaw.exe
|
'C:\Program Files (x86)\Java\jre1.8.0_211\bin\javaw.exe' -jar 'C:\Users\user\AppData\Roaming\jhxromh.txt'
|
||
C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe
|
'C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe' -jar C:\Users\user\AppData\Local\Temp\_0.5473048333189129536838706564981496.class
|
||
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ''C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe' -javaagent:'C:\Users\user\AppData\Local\Temp\jartracer.jar'
-jar 'C:\Users\user\Desktop\Invoice PDF.jar'' >> C:\cmdlinestart.log 2>&1
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\SysWOW64\icacls.exe
|
C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant 'everyone':(OI)(CI)M
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C cscript.exe C:\Users\user\AppData\Local\Temp\Retrive4117647702204724132.vbs
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\SysWOW64\cscript.exe
|
cscript.exe C:\Users\user\AppData\Local\Temp\Retrive4117647702204724132.vbs
|
||
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C cscript.exe C:\Users\user\AppData\Local\Temp\Retrive7965693575833183651.vbs
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\SysWOW64\cscript.exe
|
cscript.exe C:\Users\user\AppData\Local\Temp\Retrive7965693575833183651.vbs
|
||
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C cscript.exe C:\Users\user\AppData\Local\Temp\Retrive7530640457785674935.vbs
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\SysWOW64\cscript.exe
|
cscript.exe C:\Users\user\AppData\Local\Temp\Retrive7530640457785674935.vbs
|
||
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C cscript.exe C:\Users\user\AppData\Local\Temp\Retrive9101275134933643330.vbs
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\SysWOW64\cscript.exe
|
cscript.exe C:\Users\user\AppData\Local\Temp\Retrive9101275134933643330.vbs
|
||
C:\Windows\SysWOW64\xcopy.exe
|
xcopy 'C:\Program Files (x86)\Java\jre1.8.0_211' 'C:\Users\user\AppData\Roaming\Oracle\' /e
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\SysWOW64\taskkill.exe
|
taskkill /IM ProcessHacker.exe /T /F
|
||
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c regedit.exe /s C:\Users\user\AppData\Local\Temp\GYcBDbnJPA3276512531836276281.reg
|
There are 20 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://jrat.io
|
unknown
|
||
http://apache.org/xml/properties/internal/validator/schema#8
|
unknown
|
||
http://javax.xml.XMLConstants/property/accessExternalDTDS
|
unknown
|
||
http://apache.org/xml/properties/internal/entity-resolvert
|
unknown
|
||
http://apache.org/xml/features/validation/schema/augment-psvi
|
unknown
|
||
http://apache.org/xml/features/validation/schemaK~
|
unknown
|
||
http://apache.org/xml/properties/internal/entity-resolvers
|
unknown
|
||
http://maven.apache.org/POM/4.0.0
|
unknown
|
||
http://apache.org/xml/properties/input-buffer-size
|
unknown
|
||
http://apache.org/xml/features/validation/balance-syntax-trees#
|
unknown
|
||
http://www.chambersign.org1
|
unknown
|
||
http://apache.org/xml/features/standard-uri-conformant2
|
unknown
|
||
http://apache.org/xml/properties/internal/document-scanner/apach7
|
unknown
|
||
http://repository.swisssign.com/0
|
unknown
|
||
http://apache.org/xml/properties/schema/external-schemaLocation(
|
unknown
|
||
http://apache.org/xml/properties/internal/entity-manager
|
unknown
|
||
http://www.oracle.com/feature/use-service-mechanism/w3c/
|
unknown
|
||
http://apache.org/xml/properties/internal/symbol-tableQ
|
unknown
|
||
http://apache.org/xml/features/internal/parser-settings
|
unknown
|
||
http://apache.org/xml/properties/internal/dtd-scannerl.o8
|
unknown
|
||
http://apache.org/xml/features/dom/include-ignorable-whitespace
|
unknown
|
||
http://xml.org/sax/features//dom
|
unknown
|
||
http://java.sun.com/xml/dom/properties/
|
unknown
|
||
http://apache.org/xml/properties/internal/stax-entity-resolver
|
unknown
|
||
http://apache.org/xml/properties/dom/current-element-node#
|
unknown
|
||
http://xml.org/sax/features/0co
|
unknown
|
||
http://apache.org/xml/features/internal/validation/schema/use-grammar-pool-onlye/
|
unknown
|
||
http://apache.org/xml/features/nonvalidating/load-external-dtdnt:
|
unknown
|
||
https://jrat.ioS
|
unknown
|
||
http://apache.org/xml/features/3
|
unknown
|
||
http://www.oracle.com/feature/use-service-mechanismrg/ap
|
unknown
|
||
http://apache.org/xml/features/xinclude/fixup-base-uris
|
unknown
|
||
http://apache.org/xml/properties/schema/external-noNamespaceSchemaLocation
|
unknown
|
||
http://apache.org/xml/properties/internal/error-reporter
|
unknown
|
||
http://apache.org/xml/features/internal/tolerate-duplicatesKR
|
unknown
|
||
http://apache.org/xml/properties/security-managerk
|
unknown
|
||
http://apache.org/xml/features/validation/warn-on-duplicate-attdefttp://D
|
unknown
|
||
http://xml.org/sax/properties/(
|
unknown
|
||
http://apache.org/xml/properties/internal/document-scannerKS
|
unknown
|
||
http://java.sun.com/xml/dom/properties/;
|
unknown
|
||
http://apache.org/xml/features/include-comments
|
unknown
|
||
http://apache.org/xml/features/scanner/notify-char-refs
|
unknown
|
||
http://apache.org/xml/features/warn-on-duplicate-entitydef-node-
|
unknown
|
||
http://apache.org/xml/properties/dom/current-element-node9
|
unknown
|
||
http://java.sun.com/xml/schema/features/report-ignored-element-content-whitespace0
|
unknown
|
||
http://policy.camerfirma.com0
|
unknown
|
||
http://apache.org/xml/features/validation/schema/normalized-valueB
|
unknown
|
||
http://java.sun.com/xml/stream/properties/ignore-external-dtd
|
unknown
|
||
http://apache.org/xml/features/continue-after-fatal-error
|
unknown
|
||
http://apache.org/xml/features/standard-uri-conformant
|
unknown
|
||
http://apache.org/xml/properties/internal/document-scanner
|
unknown
|
||
http://www.certplus.com/CRL/class2.crl
|
unknown
|
||
http://bugreport.sun.com/bugreport/
|
unknown
|
||
http://java.sun.com/xml/dom/properties/c
|
unknown
|
||
http://java.oracle.com/
|
unknown
|
||
http://xml.org/sax/features/namespace-prefixesnt(
|
unknown
|
||
http://apache.org/xml/features/
|
unknown
|
||
http://apache.org/xml/features/generate-synthetic-annotations
|
unknown
|
||
http://xml.org/sax/features/allow-dtd-events-after-endDTD
|
unknown
|
||
http://cps.chambersign.org/cps/chambersroot.html
|
unknown
|
||
http://www.certplus.com/CRL/class3P.crl
|
unknown
|
||
http://apache.org/xml/features/validation/balance-syntax-treesS
|
unknown
|
||
http://java.sun.com/xml/stream/properties/reader-in-defined-stateodeIter
|
unknown
|
||
http://javax.xml.XMLConstants/property/accessExternalDTD3
|
unknown
|
||
http://apache.org/xml/features/internal/validation/schema/use-grammar-pool-only
|
unknown
|
||
http://crl.securetrust.com/STCA.crl
|
unknown
|
||
http://apache.org/xml/properties/internal/namespace-binder
|
unknown
|
||
http://javax.xml.XMLConstants/property/accessExternalDTD;
|
unknown
|
||
http://java.sun.com/dtd/properties.dtdk
|
unknown
|
||
http://apache.org/xml/properties/internal/error-reporterSE
|
unknown
|
||
http://apache.org/xml/properties/internal/datatype-validator-factorys
|
unknown
|
||
http://xml.org/sax/properties/e
|
unknown
|
||
http://apache.org/xml/properties/s/dom/iD
|
unknown
|
||
http://xml.org/sax/properties/c
|
unknown
|
||
http://apache.org/xml/properties/security-manager
|
unknown
|
||
http://java.sun.com/xml/dom/properties/ancestor-check
|
unknown
|
||
http://apache.org/xml/features/standard-uri-conformantZ
|
unknown
|
||
http://apache.org/xml/features/validation/balance-syntax-trees1
|
unknown
|
||
http://apache.org/xml/features/namespace-growthS
|
unknown
|
||
http://apache.org/xml/features/create-cdata-nodes3
|
unknown
|
||
http://apache.org/xml/features/validation/warn-on-undeclared-elemdefs
|
unknown
|
||
http://apache.org/xml/features/allow-java-encodingserRej9
|
unknown
|
||
http://apache.org/xml/features/create-cdata-nodes:
|
unknown
|
||
http://apache.org/xml/features/validation/warn-on-undeclared-elemdefk
|
unknown
|
||
http://ops.com.pa/jre7.zipW
|
unknown
|
||
http://apache.org/xml/features/xinclude
|
unknown
|
||
http://apache.org/xml/properties/internal/xinclude-handler9
|
unknown
|
||
http://apache.org/xml/features/validation/schema-full-checking
|
unknown
|
||
http://gG2DwoT3pJewMEBGx6.com
|
unknown
|
||
http://javax.xml.XMLConstants/property/
|
unknown
|
||
http://java.sun.com/xml/dom/properties/ancestor-checkurr
|
unknown
|
||
http://java.sun.com/xml/dom/properties/ancestor-check3C
|
unknown
|
||
http://ops.com.pa/jre7.zip
|
unknown
|
||
http://java.sun.com/xml/stream/properties/3p
|
unknown
|
||
http://apache.org/xml/properties/input-buffer-sizes
|
unknown
|
||
http://apache.org/xml/properties/internal/grammar-pool
|
unknown
|
||
http://javax.xml.XMLConstants/property/accessExternalSchemaD
|
unknown
|
||
http://javax.xml.XMLConstants/property/s3
|
unknown
|
||
http://java.sun.com/xml/stream/properties/reader-in-defined-state
|
unknown
|
||
http://apache.org/xml/properties/internal/validator/dtd:
|
unknown
|
There are 90 hidden URLs, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
107.175.101.209
|
unknown
|
United States
|
||
127.0.0.1
|
unknown
|
unknown
|
||
192.168.2.1
|
unknown
|
unknown
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
C:\Windows\SysWOW64\wscript.exe
|
LangID
|
||
C:\Windows\SysWOW64\wscript.exe
|
C:\Windows\system32\regedit.exe.FriendlyAppName
|
||
C:\Windows\SysWOW64\wscript.exe
|
C:\Windows\system32\regedit.exe.ApplicationCompany
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
9F97000
|
unkown
|
page read and write
|
||
4E00000
|
unkown
|
page read and write
|
||
10A0000
|
unkown
|
page readonly
|
||
9B8F000
|
unkown
|
page read and write
|
||
7B0000
|
unkown
|
page read and write
|
||
23F8000
|
unkown
|
page readonly
|
||
26B47B13000
|
unkown
|
page read and write
|
||
7FF5326E4000
|
unkown
|
page readonly
|
||
7FF5A2CD2000
|
unkown
|
page readonly
|
||
7FF5A25E8000
|
unkown
|
page readonly
|
||
26B4994A000
|
unkown
|
page read and write
|
||
51CB000
|
unkown
|
page read and write
|
||
23D1000
|
unkown
|
page readonly
|
||
2528000
|
unkown
|
page readonly
|
||
26B49900000
|
unkown
|
page read and write
|
||
4E0B000
|
unkown
|
page read and write
|
||
14EF1000
|
unkown
|
page read and write
|
||
32AE000
|
unkown
|
page read and write
|
||
6AEAC000
|
unkown image
|
page readonly
|
||
15816000
|
unkown
|
page read and write
|
||
830000
|
heap private
|
page read and write
|
||
5240000
|
unkown
|
page read and write
|
||
ADC259B000
|
unkown
|
page read and write
|
||
2A52000
|
unkown
|
page read and write
|
||
25EA000
|
unkown
|
page execute and read and write
|
||
24DB000
|
unkown
|
page readonly
|
||
ADC2AFB000
|
unkown
|
page read and write
|
||
7FF5A2CBD000
|
unkown
|
page readonly
|
||
7FF5DFF34000
|
unkown
|
page readonly
|
||
26B49802000
|
unkown
|
page read and write
|
||
512F000
|
stack
|
page read and write
|
||
15D6C000
|
unkown
|
page read and write
|
||
7FF5EDA95000
|
unkown
|
page readonly
|
||
7FF5378B4000
|
unkown
|
page readonly
|
||
1530C000
|
unkown
|
page read and write
|
||
2A4E000
|
unkown
|
page read and write
|
||
A0D000
|
unkown
|
page read and write
|
||
2428000
|
unkown
|
page readonly
|
||
25B2000
|
unkown
|
page execute and read and write
|
||
158BC000
|
unkown
|
page read and write
|
||
F9FA0FA000
|
unkown
|
page read and write
|
||
5233000
|
unkown
|
page read and write
|
||
95D38FE000
|
unkown
|
page read and write
|
||
2ACFD3B8000
|
unkown
|
page read and write
|
||
2A48000
|
unkown
|
page read and write
|
||
35D0000
|
unkown
|
page readonly
|
||
7FF535167000
|
unkown
|
page readonly
|
||
4CF0000
|
unkown
|
page readonly
|
||
5E0000
|
unkown
|
page read and write
|
||
2ACFD347000
|
heap default
|
page read and write
|
||
1501C000
|
unkown
|
page read and write
|
||
6A60000
|
unkown
|
page read and write
|
||
32B2000
|
unkown
|
page read and write
|
||
2BA0000
|
unkown
|
page read and write
|
||
7FF5373B1000
|
unkown
|
page readonly
|
||
7FF5F39CF000
|
unkown
|
page readonly
|
||
D60000
|
heap default
|
page read and write
|
||
6EDB000
|
unkown
|
page read and write
|
||
2C1B000
|
unkown
|
page readonly
|
||
4D78000
|
unkown
|
page read and write
|
||
7FF532666000
|
unkown
|
page readonly
|
||
47F5000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
3230000
|
unkown
|
page read and write
|
||
482F000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
24B0000
|
unkown
|
page read and write
|
||
4C80000
|
unkown
|
page read and write
|
||
4DB7000
|
unkown
|
page read and write
|
||
49E0000
|
unkown
|
page readonly
|
||
28A8000
|
unkown
|
page read and write
|
||
7FF5358F6000
|
unkown
|
page readonly
|
||
157DF000
|
stack
|
page read and write
|
||
4EC6000
|
unkown
|
page read and write
|
||
D17000
|
unkown
|
page read and write
|
||
2C2E000
|
unkown
|
page readonly
|
||
15C4E000
|
unkown
|
page read and write
|
||
1588C000
|
unkown
|
page read and write
|
||
14FD2000
|
unkown
|
page read and write
|
||
150F8000
|
unkown
|
page read and write
|
||
4EBA000
|
unkown
|
page read and write
|
||
7FF5A2CC6000
|
unkown
|
page readonly
|
||
53E2000
|
unkown
|
page read and write
|
||
7FF537718000
|
unkown
|
page readonly
|
||
32B2000
|
unkown
|
page read and write
|
||
27AE000
|
unkown
|
page read and write
|
||
BFC000
|
unkown
|
page read and write
|
||
2D90000
|
heap default
|
page read and write
|
||
15362000
|
unkown
|
page read and write
|
||
24F2000
|
unkown
|
page readonly
|
||
7AF000
|
unkown
|
page read and write
|
||
2ED6000
|
unkown
|
page read and write
|
||
4BF7000
|
unkown
|
page read and write
|
||
15830000
|
unkown
|
page read and write
|
||
92C000
|
unkown
|
page read and write
|
||
4D7A000
|
unkown
|
page read and write
|
||
4ECA000
|
unkown
|
page read and write
|
||
156DC000
|
unkown
|
page read and write
|
||
7FF5358C4000
|
unkown
|
page readonly
|
||
2ACFD3F9000
|
unkown
|
page read and write
|
||
A1751FB000
|
unkown
|
page read and write
|
||
ADC28FE000
|
unkown
|
page read and write
|
||
810000
|
heap default
|
page read and write
|
||
27139000000
|
unkown
|
page write copy
|
||
2FBE000
|
unkown
|
page readonly
|
||
7FF5A2B67000
|
unkown
|
page readonly
|
||
2F80000
|
heap private
|
page read and write
|
||
A593000
|
unkown
|
page read and write
|
||
15EA0000
|
unkown
|
page readonly
|
||
27138CA0000
|
heap private
|
page read and write
|
||
29AF0013000
|
unkown
|
page read and write
|
||
4EAA000
|
unkown
|
page read and write
|
||
4E09000
|
unkown
|
page read and write
|
||
2671000
|
unkown
|
page readonly
|
||
2A81000
|
unkown
|
page read and write
|
||
14FDB000
|
unkown
|
page read and write
|
||
275E000
|
unkown
|
page read and write
|
||
4BEE000
|
unkown
|
page read and write
|
||
158BC000
|
unkown
|
page read and write
|
||
2455000
|
unkown
|
page readonly
|
||
53DE000
|
unkown
|
page read and write
|
||
A2D000
|
unkown
|
page read and write
|
||
702E6000
|
unkown image
|
page readonly
|
||
4E96000
|
unkown
|
page read and write
|
||
2A4F000
|
unkown
|
page read and write
|
||
4813000
|
unkown
|
page read and write
|
||
539F000
|
stack
|
page read and write
|
||
511F000
|
stack
|
page read and write
|
||
15759000
|
unkown
|
page read and write
|
||
23F0000
|
unkown
|
page readonly
|
||
2CDD000
|
unkown
|
page read and write
|
||
8CF000
|
unkown
|
page read and write
|
||
14FBB000
|
unkown
|
page read and write
|
||
2C5A3360000
|
heap default
|
page read and write
|
||
567E000
|
unkown
|
page read and write
|
||
2F2E000
|
stack
|
page read and write
|
||
15910000
|
unkown
|
page read and write
|
||
158B8000
|
unkown
|
page read and write
|
||
6DFB000
|
unkown
|
page read and write
|
||
46EC000
|
unkown
|
page read and write
|
||
496E000
|
unkown
|
page read and write
|
||
3231000
|
unkown
|
page read and write
|
||
2ACFE190000
|
unkown
|
page read and write
|
||
2C5A3508000
|
unkown
|
page read and write
|
||
55E000
|
unkown
|
page read and write
|
||
7FF53239A000
|
unkown
|
page readonly
|
||
2D80000
|
unkown
|
page readonly
|
||
14FBA000
|
unkown
|
page read and write
|
||
2C05000
|
unkown
|
page readonly
|
||
15B10000
|
unkown
|
page read and write
|
||
207CA452000
|
unkown
|
page read and write
|
||
3272000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
26B47AEA000
|
unkown
|
page read and write
|
||
3238000
|
unkown
|
page read and write
|
||
4D64000
|
unkown
|
page read and write
|
||
32B2000
|
unkown
|
page read and write
|
||
6F13000
|
unkown
|
page read and write
|
||
3240000
|
unkown
|
page read and write
|
||
A0EF000
|
unkown
|
page read and write
|
||
7FF5326FA000
|
unkown
|
page readonly
|
||
156DC000
|
unkown
|
page read and write
|
||
51C4000
|
unkown
|
page read and write
|
||
2327000
|
unkown
|
page readonly
|
||
4EA2000
|
unkown
|
page read and write
|
||
4F50000
|
unkown
|
page readonly
|
||
4D34000
|
unkown
|
page read and write
|
||
2BD6000
|
heap default
|
page read and write
|
||
14C3B000
|
unkown
|
page read and write
|
||
7FF5A2DA7000
|
unkown
|
page readonly
|
||
4DFE000
|
unkown
|
page read and write
|
||
A203000
|
unkown
|
page read and write
|
||
2CFA000
|
unkown
|
page execute and read and write
|
||
2ACFD460000
|
unkown
|
page readonly
|
||
9F69000
|
unkown
|
page read and write
|
||
4DDE000
|
unkown
|
page read and write
|
||
7FF5F3A1F000
|
unkown
|
page readonly
|
||
53FE000
|
unkown
|
page read and write
|
||
27DE000
|
stack
|
page read and write
|
||
322C000
|
unkown
|
page read and write
|
||
6AEA9000
|
unkown image
|
page read and write
|
||
10C0000
|
unkown
|
page readonly
|
||
7FF537710000
|
unkown
|
page readonly
|
||
7FF5A2CAF000
|
unkown
|
page readonly
|
||
9ED6000
|
unkown
|
page read and write
|
||
7FF5A2BB8000
|
unkown
|
page readonly
|
||
2D58000
|
unkown
|
page execute and read and write
|
||
29AF1A70000
|
unkown
|
page read and write
|
||
25B0000
|
unkown
|
page execute and read and write
|
||
2ACFD580000
|
unkown
|
page read and write
|
||
9B8A000
|
unkown
|
page read and write
|
||
26B479A0000
|
heap private
|
page read and write
|
||
2812000
|
unkown
|
page execute and read and write
|
||
7FF5EDB26000
|
unkown
|
page readonly
|
||
26B47B15000
|
unkown
|
page read and write
|
||
4480000
|
unkown
|
page readonly
|
||
152E2000
|
unkown
|
page read and write
|
||
4D7E000
|
unkown
|
page read and write
|
||
322D000
|
unkown
|
page read and write
|
||
14FF3000
|
unkown
|
page read and write
|
||
2514000
|
unkown
|
page readonly
|
||
7FF5DFF37000
|
unkown
|
page readonly
|
||
158AC000
|
unkown
|
page read and write
|
||
7FF5378BD000
|
unkown
|
page readonly
|
||
AC0000
|
unkown
|
page read and write
|
||
2C70000
|
unkown
|
page readonly
|
||
6E99000
|
unkown
|
page read and write
|
||
7FF537846000
|
unkown
|
page readonly
|
||
6F0D000
|
unkown
|
page read and write
|
||
14AF0000
|
unkown
|
page read and write
|
||
15C0D000
|
unkown
|
page read and write
|
||
735000
|
unkown
|
page readonly
|
||
7FF5EDBA7000
|
unkown
|
page readonly
|
||
A896000
|
unkown
|
page read and write
|
||
2A33000
|
unkown
|
page read and write
|
||
A174CCC000
|
unkown
|
page read and write
|
||
2BC0000
|
unkown
|
page readonly
|
||
14FA9000
|
unkown
|
page read and write
|
||
E3E727F000
|
unkown
|
page read and write
|
||
14BAC000
|
unkown
|
page read and write
|
||
2C5A3400000
|
unkown
|
page read and write
|
||
6A60000
|
unkown
|
page read and write
|
||
4734000
|
unkown
|
page read and write
|
||
4830000
|
unkown
|
page readonly
|
||
4D28000
|
unkown
|
page read and write
|
||
C07000
|
heap private
|
page read and write
|
||
2ACFD3AB000
|
unkown
|
page read and write
|
||
1C22AE00000
|
unkown
|
page readonly
|
||
3234000
|
unkown
|
page read and write
|
||
2C26000
|
unkown
|
page readonly
|
||
161ED000
|
unkown
|
page read and write
|
||
16698000
|
unkown
|
page read and write
|
||
A27A000
|
unkown
|
page read and write
|
||
327D000
|
unkown
|
page read and write
|
||
1649D000
|
unkown
|
page read and write
|
||
2CE0000
|
unkown
|
page readonly
|
||
2C5A3300000
|
heap private
|
page read and write
|
||
27CC000
|
unkown
|
page read and write
|
||
53D5000
|
unkown
|
page read and write
|
||
7FF532535000
|
unkown
|
page readonly
|
||
9E5B000
|
unkown
|
page read and write
|
||
1C22ABB0000
|
unkown
|
page read and write
|
||
4D5B000
|
unkown
|
page read and write
|
||
2ACFD3E3000
|
unkown
|
page read and write
|
||
4FD0000
|
unkown
|
page read and write
|
||
7FF5A2BB5000
|
unkown
|
page readonly
|
||
9DDB000
|
unkown
|
page read and write
|
||
46FB000
|
unkown
|
page read and write
|
||
3282000
|
unkown
|
page read and write
|
||
2ACFD433000
|
unkown
|
page read and write
|
||
489D000
|
unkown
|
page read and write
|
||
14C3C000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
4EBE000
|
unkown
|
page read and write
|
||
6AE01000
|
unkown image
|
page execute read
|
||
234A000
|
unkown
|
page readonly
|
||
68C000
|
unkown
|
page read and write
|
||
15002000
|
unkown
|
page read and write
|
||
C8C000
|
stack
|
page read and write
|
||
7FF5358DA000
|
unkown
|
page readonly
|
||
2E8F000
|
stack
|
page read and write
|
||
4D5D000
|
unkown
|
page read and write
|
||
4EC5000
|
unkown
|
page read and write
|
||
2C3E000
|
unkown
|
page read and write
|
||
7FF5ED8B5000
|
unkown
|
page readonly
|
||
7FF532722000
|
unkown
|
page readonly
|
||
15EB0000
|
unkown
|
page read and write
|
||
7FF5EDB39000
|
unkown
|
page readonly
|
||
24DE000
|
unkown
|
page readonly
|
||
4DC5000
|
unkown
|
page read and write
|
||
7FF5EDB0A000
|
unkown
|
page readonly
|
||
428000
|
unkown
|
page read and write
|
||
15830000
|
unkown
|
page read and write
|
||
95D3A7F000
|
unkown
|
page read and write
|
||
7FF5F376E000
|
unkown
|
page readonly
|
||
15F30000
|
heap private
|
page read and write
|
||
526F000
|
stack
|
page read and write
|
||
2A51000
|
unkown
|
page read and write
|
||
63D000
|
unkown
|
page read and write
|
||
14BF4000
|
unkown
|
page read and write
|
||
49B0000
|
unkown
|
page readonly
|
||
35A0000
|
heap private
|
page read and write
|
||
B25000
|
unkown
|
page readonly
|
||
154EE000
|
unkown
|
page read and write
|
||
7FF5DFE8E000
|
unkown
|
page readonly
|
||
1520E000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
5247000
|
unkown
|
page read and write
|
||
53D1000
|
unkown
|
page read and write
|
||
207CAE00000
|
unkown
|
page readonly
|
||
A10000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
9F1F000
|
unkown
|
page read and write
|
||
840000
|
heap default
|
page read and write
|
||
A2CC000
|
unkown
|
page read and write
|
||
7FF5F3BFF000
|
unkown
|
page readonly
|
||
2367000
|
unkown
|
page readonly
|
||
34F0000
|
unkown
|
page readonly
|
||
7FF5F3C1A000
|
unkown
|
page readonly
|
||
7FF5325A5000
|
unkown
|
page readonly
|
||
2C5A3380000
|
unkown
|
page readonly
|
||
27EE000
|
unkown
|
page read and write
|
||
D40000
|
unkown
|
page readonly
|
||
4ED8000
|
unkown
|
page read and write
|
||
31A0000
|
unkown
|
page read and write
|
||
7FF5DFD66000
|
unkown
|
page readonly
|
||
29AF0200000
|
unkown
|
page readonly
|
||
482B000
|
unkown
|
page read and write
|
||
4D84000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
2428000
|
unkown
|
page readonly
|
||
7FF5326D1000
|
unkown
|
page readonly
|
||
6E20000
|
unkown
|
page read and write
|
||
14FBA000
|
unkown
|
page read and write
|
||
6E03000
|
unkown
|
page read and write
|
||
15EFE000
|
unkown
|
page read and write
|
||
164EC000
|
unkown
|
page read and write
|
||
26B49A20000
|
unkown
|
page readonly
|
||
2A50000
|
unkown
|
page read and write
|
||
53E1000
|
unkown
|
page read and write
|
||
1592A000
|
unkown
|
page read and write
|
||
515E000
|
unkown
|
page read and write
|
||
14F59000
|
unkown
|
page read and write
|
||
2BE0000
|
unkown
|
page readonly
|
||
2A52000
|
unkown
|
page read and write
|
||
7FF5F3B08000
|
unkown
|
page readonly
|
||
7150000
|
unkown
|
page read and write
|
||
A16B000
|
unkown
|
page read and write
|
||
150FE000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
2C5A3600000
|
unkown
|
page readonly
|
||
7FF5F3BD0000
|
unkown
|
page readonly
|
||
2A3E000
|
heap default
|
page read and write
|
||
760000
|
unkown
|
page readonly
|
||
4FCF000
|
stack
|
page read and write
|
||
875000
|
heap default
|
page read and write
|
||
1512E000
|
unkown
|
page read and write
|
||
4D46000
|
unkown
|
page read and write
|
||
53D3000
|
unkown
|
page read and write
|
||
4EA0000
|
heap private
|
page read and write
|
||
2502000
|
unkown
|
page readonly
|
||
33EF000
|
stack
|
page read and write
|
||
27138F00000
|
unkown
|
page read and write
|
||
2D70000
|
heap private
|
page read and write
|
||
2ACFD409000
|
unkown
|
page read and write
|
||
2C4E000
|
unkown
|
page read and write
|
||
1C22AD08000
|
unkown
|
page read and write
|
||
B22000
|
unkown
|
page read and write
|
||
2868000
|
unkown
|
page readonly
|
||
470D000
|
unkown
|
page read and write
|
||
57D0000
|
unkown
|
page readonly
|
||
2F10000
|
unkown
|
page readonly
|
||
15283000
|
unkown
|
page read and write
|
||
2CDB000
|
unkown
|
page read and write
|
||
57CF000
|
stack
|
page read and write
|
||
15837000
|
unkown
|
page read and write
|
||
8F1000
|
unkown
|
page read and write
|
||
E3E6D8B000
|
unkown
|
page read and write
|
||
501E000
|
unkown
|
page read and write
|
||
31EE000
|
stack
|
page read and write
|
||
4D48000
|
unkown
|
page read and write
|
||
14FFB000
|
unkown
|
page read and write
|
||
152DE000
|
unkown
|
page read and write
|
||
4CDD000
|
unkown
|
page read and write
|
||
4C70000
|
unkown
|
page readonly
|
||
2CA0000
|
heap private
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
538F000
|
stack
|
page read and write
|
||
4FAF000
|
stack
|
page read and write
|
||
7FF5ED7A8000
|
unkown
|
page readonly
|
||
4E04000
|
unkown
|
page read and write
|
||
23B8000
|
unkown
|
page readonly
|
||
7FF5EDA97000
|
unkown
|
page readonly
|
||
4EA4000
|
heap private
|
page read and write
|
||
4D3B000
|
unkown
|
page read and write
|
||
3530000
|
unkown
|
page readonly
|
||
2ACFDE89000
|
unkown
|
page read and write
|
||
8D1000
|
unkown
|
page read and write
|
||
1C22B940000
|
unkown
|
page readonly
|
||
2ACFD42A000
|
unkown
|
page read and write
|
||
2ACFD39E000
|
unkown
|
page read and write
|
||
14C66000
|
unkown
|
page read and write
|
||
327D000
|
unkown
|
page read and write
|
||
35B000
|
unkown
|
page read and write
|
||
23C2000
|
unkown
|
page readonly
|
||
DF0000
|
heap private
|
page read and write
|
||
4722000
|
unkown
|
page read and write
|
||
2ACFD3CD000
|
unkown
|
page read and write
|
||
15847000
|
unkown
|
page read and write
|
||
7E0000
|
unkown
|
page read and write
|
||
7FF5321D7000
|
unkown
|
page readonly
|
||
29AF0040000
|
unkown
|
page read and write
|
||
15FA0000
|
heap private
|
page read and write
|
||
7FF5376C7000
|
unkown
|
page readonly
|
||
15867000
|
unkown
|
page read and write
|
||
2A4E000
|
unkown
|
page read and write
|
||
2ACFD530000
|
unkown
|
page readonly
|
||
25EE000
|
unkown
|
page execute and read and write
|
||
327D000
|
unkown
|
page read and write
|
||
740D1000
|
unkown image
|
page execute read
|
||
3253000
|
unkown
|
page read and write
|
||
4806000
|
unkown
|
page read and write
|
||
244A000
|
unkown
|
page readonly
|
||
15A70000
|
unkown
|
page read and write
|
||
7FF5EDBE7000
|
unkown
|
page readonly
|
||
4E8C000
|
unkown
|
page read and write
|
||
740DE000
|
unkown image
|
page readonly
|
||
7FF5DFF72000
|
unkown
|
page readonly
|
||
563F000
|
stack
|
page read and write
|
||
A49F000
|
unkown
|
page read and write
|
||
4D74000
|
unkown
|
page read and write
|
||
2A4F000
|
unkown
|
page read and write
|
||
281E000
|
unkown
|
page readonly
|
||
22E2000
|
unkown
|
page readonly
|
||
E3E71FA000
|
unkown
|
page read and write
|
||
2B5E000
|
unkown
|
page readonly
|
||
27F7000
|
unkown
|
page readonly
|
||
4E10000
|
unkown
|
page read and write
|
||
7FF5A2D5D000
|
unkown
|
page readonly
|
||
57BE000
|
unkown
|
page read and write
|
||
7FF5EDB2D000
|
unkown
|
page readonly
|
||
8C7000
|
unkown
|
page read and write
|
||
7FF5F3A8A000
|
unkown
|
page readonly
|
||
14FBA000
|
unkown
|
page read and write
|
||
167D0000
|
heap private
|
page read and write
|
||
14D7F000
|
unkown
|
page read and write
|
||
7FF5DFE27000
|
unkown
|
page readonly
|
||
4BFB000
|
unkown
|
page read and write
|
||
A346000
|
unkown
|
page read and write
|
||
26B47C00000
|
unkown
|
page readonly
|
||
2A52000
|
unkown
|
page read and write
|
||
2325000
|
unkown
|
page readonly
|
||
2452000
|
unkown
|
page readonly
|
||
745000
|
unkown
|
page readonly
|
||
7FF5F38CA000
|
unkown
|
page readonly
|
||
6AEA8000
|
unkown image
|
page readonly
|
||
7FF5F3BE4000
|
unkown
|
page readonly
|
||
4881000
|
unkown
|
page read and write
|
||
157E7000
|
unkown
|
page read and write
|
||
2CDE000
|
unkown
|
page read and write
|
||
815000
|
heap default
|
page read and write
|
||
4EB0000
|
unkown
|
page read and write
|
||
34EE000
|
stack
|
page read and write
|
||
20B000
|
unkown
|
page read and write
|
||
2ACFD41A000
|
unkown
|
page read and write
|
||
14FA9000
|
unkown
|
page read and write
|
||
4D6B000
|
unkown
|
page read and write
|
||
7FF5DFE96000
|
unkown
|
page readonly
|
||
4DC1000
|
unkown
|
page read and write
|
||
95D3AFF000
|
unkown
|
page read and write
|
||
4D9B000
|
unkown
|
page read and write
|
||
417000
|
unkown
|
page read and write
|
||
3212000
|
unkown
|
page read and write
|
||
A3E1000
|
unkown
|
page read and write
|
||
7FF5A2D64000
|
unkown
|
page readonly
|
||
16650000
|
unkown
|
page read and write
|
||
CA0000
|
unkown
|
page read and write
|
||
4DB1000
|
unkown
|
page read and write
|
||
4D60000
|
unkown
|
page read and write
|
||
162A8000
|
unkown
|
page read and write
|
||
528E000
|
unkown
|
page read and write
|
||
7FF537715000
|
unkown
|
page readonly
|
||
E00000
|
unkown
|
page read and write
|
||
54F0000
|
unkown
|
page read and write
|
||
7FF5ED9F0000
|
unkown
|
page readonly
|
||
702E1000
|
unkown image
|
page execute read
|
||
2D50000
|
unkown
|
page read and write
|
||
4E0F000
|
unkown
|
page read and write
|
||
3230000
|
unkown
|
page read and write
|
||
14FBA000
|
unkown
|
page read and write
|
||
14C1B000
|
unkown
|
page read and write
|
||
24CB000
|
unkown
|
page readonly
|
||
14FA9000
|
unkown
|
page read and write
|
||
2FAE000
|
unkown
|
page readonly
|
||
25F2000
|
unkown
|
page execute and read and write
|
||
15F34000
|
heap private
|
page read and write
|
||
323A000
|
unkown
|
page read and write
|
||
14D2E000
|
unkown
|
page read and write
|
||
2FA1000
|
unkown
|
page readonly
|
||
3570000
|
unkown
|
page read and write
|
||
2ACFD3FA000
|
unkown
|
page read and write
|
||
C1DB2FE000
|
unkown
|
page read and write
|
||
15D5A000
|
unkown
|
page read and write
|
||
4EBF000
|
unkown
|
page read and write
|
||
7FF5378B1000
|
unkown
|
page readonly
|
||
1587E000
|
stack
|
page read and write
|
||
32B9000
|
unkown
|
page read and write
|
||
755000
|
heap default
|
page read and write
|
||
1502F000
|
unkown
|
page read and write
|
||
15F40000
|
unkown
|
page readonly
|
||
2D4E000
|
heap default
|
page read and write
|
||
4EA8000
|
unkown
|
page read and write
|
||
2FF0000
|
unkown
|
page read and write
|
||
14FDB000
|
unkown
|
page read and write
|
||
C1DB5FF000
|
unkown
|
page read and write
|
||
322D000
|
unkown
|
page read and write
|
||
325A000
|
unkown
|
page read and write
|
||
4E07000
|
unkown
|
page read and write
|
||
7FF5A2CF9000
|
unkown
|
page readonly
|
||
4D60000
|
unkown
|
page read and write
|
||
4EC1000
|
unkown
|
page read and write
|
||
7FF5A2BB0000
|
unkown
|
page readonly
|
||
6E21000
|
unkown
|
page read and write
|
||
1C22AB90000
|
unkown
|
page readonly
|
||
2A51000
|
unkown
|
page read and write
|
||
26B49987000
|
unkown
|
page read and write
|
||
306E000
|
unkown
|
page read and write
|
||
4F40000
|
unkown
|
page readonly
|
||
2A2E000
|
unkown
|
page read and write
|
||
1581E000
|
unkown
|
page read and write
|
||
7FF53266D000
|
unkown
|
page readonly
|
||
1C22ABA0000
|
unkown
|
page readonly
|
||
7FF5378B7000
|
unkown
|
page readonly
|
||
14FA9000
|
unkown
|
page read and write
|
||
150BE000
|
unkown
|
page read and write
|
||
207CA500000
|
unkown
|
page read and write
|
||
7FF5F3A2E000
|
unkown
|
page readonly
|
||
3253000
|
unkown
|
page read and write
|
||
8F1000
|
unkown
|
page read and write
|
||
2A69000
|
unkown
|
page read and write
|
||
2F90000
|
unkown
|
page readonly
|
||
7FF53264A000
|
unkown
|
page readonly
|
||
2A51000
|
unkown
|
page read and write
|
||
1C22AC00000
|
unkown
|
page read and write
|
||
31F0000
|
heap default
|
page read and write
|
||
1C22AD00000
|
unkown
|
page read and write
|
||
2A4E000
|
unkown
|
page read and write
|
||
7FF5ED7BA000
|
unkown
|
page readonly
|
||
26B47A55000
|
unkown
|
page read and write
|
||
2ACFE190000
|
unkown
|
page read and write
|
||
7FF5F3C4E000
|
unkown
|
page readonly
|
||
2C42000
|
unkown
|
page readonly
|
||
2A4F000
|
unkown
|
page read and write
|
||
53AF000
|
stack
|
page read and write
|
||
2CFE000
|
stack
|
page read and write
|
||
553E000
|
unkown
|
page read and write
|
||
7FF5DFD88000
|
unkown
|
page readonly
|
||
22B6000
|
unkown
|
page readonly
|
||
2D38000
|
heap default
|
page read and write
|
||
750000
|
heap default
|
page read and write
|
||
53D4000
|
unkown
|
page read and write
|
||
2ACFD570000
|
heap private
|
page read and write
|
||
28DE000
|
unkown
|
page readonly
|
||
1C22AC3C000
|
unkown
|
page read and write
|
||
2D4F000
|
stack
|
page read and write
|
||
2ACFD418000
|
unkown
|
page read and write
|
||
48EA000
|
unkown
|
page read and write
|
||
26B49916000
|
unkown
|
page read and write
|
||
4CB0000
|
unkown
|
page read and write
|
||
7FF5DFC45000
|
unkown
|
page readonly
|
||
4F4D000
|
unkown
|
page read and write
|
||
9F23000
|
unkown
|
page read and write
|
||
21F7000
|
unkown
|
page readonly
|
||
54D0000
|
unkown
|
page read and write
|
||
1615E000
|
unkown
|
page read and write
|
||
2A4F000
|
unkown
|
page read and write
|
||
7FF5ED90B000
|
unkown
|
page readonly
|
||
27E1000
|
unkown
|
page readonly
|
||
3235000
|
unkown
|
page read and write
|
||
6D62000
|
unkown
|
page read and write
|
||
482F000
|
stack
|
page read and write
|
||
268D000
|
unkown
|
page readonly
|
||
15002000
|
unkown
|
page read and write
|
||
2ACFE140000
|
unkown
|
page read and write
|
||
1611F000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
7FF51A7AB000
|
unkown
|
page readonly
|
||
4729000
|
unkown
|
page read and write
|
||
1501C000
|
unkown
|
page read and write
|
||
27FD000
|
unkown
|
page readonly
|
||
27138E29000
|
unkown
|
page read and write
|
||
7FF535826000
|
unkown
|
page readonly
|
||
63D0000
|
unkown
|
page read and write
|
||
4E8F000
|
stack
|
page read and write
|
||
156C5000
|
unkown
|
page read and write
|
||
6AE00000
|
unkown image
|
page readonly
|
||
2C5A344B000
|
unkown
|
page read and write
|
||
1538D000
|
unkown
|
page read and write
|
||
323C000
|
unkown
|
page read and write
|
||
4D71000
|
unkown
|
page read and write
|
||
2BF1000
|
unkown
|
page readonly
|
||
15294000
|
unkown
|
page read and write
|
||
2680000
|
heap private
|
page read and write
|
||
14C26000
|
unkown
|
page read and write
|
||
D20000
|
unkown
|
page read and write
|
||
207CB140000
|
unkown
|
page readonly
|
||
C77C07F000
|
unkown
|
page read and write
|
||
250D000
|
unkown
|
page readonly
|
||
327F000
|
unkown
|
page read and write
|
||
7FF535181000
|
unkown
|
page readonly
|
||
C77C1F5000
|
unkown
|
page read and write
|
||
2C05000
|
heap default
|
page read and write
|
||
58C0000
|
unkown
|
page readonly
|
||
26B47AC2000
|
unkown
|
page read and write
|
||
2442000
|
unkown
|
page readonly
|
||
7FF5A2B96000
|
unkown
|
page readonly
|
||
7FF5ED9F8000
|
unkown
|
page readonly
|
||
7E7000
|
heap default
|
page read and write
|
||
25A8000
|
unkown
|
page read and write
|
||
53E9000
|
unkown
|
page read and write
|
||
28F4000
|
unkown
|
page readonly
|
||
16088000
|
unkown
|
page read and write
|
||
51ED000
|
unkown
|
page read and write
|
||
2A8B000
|
unkown
|
page readonly
|
||
15E7F000
|
stack
|
page read and write
|
||
2407000
|
unkown
|
page readonly
|
||
4EB0000
|
unkown
|
page read and write
|
||
888000
|
heap default
|
page read and write
|
||
25FA000
|
unkown
|
page execute and read and write
|
||
2791000
|
unkown
|
page readonly
|
||
14690000
|
unkown
|
page read and write
|
||
2A79000
|
unkown
|
page read and write
|
||
2A77000
|
unkown
|
page read and write
|
||
48DB000
|
unkown
|
page read and write
|
||
5870000
|
unkown
|
page readonly
|
||
30E5000
|
heap default
|
page read and write
|
||
26B47B02000
|
unkown
|
page read and write
|
||
2BD0000
|
heap default
|
page read and write
|
||
9DF5000
|
unkown
|
page read and write
|
||
51CD000
|
unkown
|
page read and write
|
||
207CA2F0000
|
heap private
|
page read and write
|
||
3200000
|
heap private
|
page read and write
|
||
28F6000
|
unkown
|
page read and write
|
||
49F0000
|
unkown
|
page read and write
|
||
3310000
|
heap default
|
page read and write
|
||
2371000
|
unkown
|
page readonly
|
||
9FD5000
|
unkown
|
page read and write
|
||
6A60000
|
unkown
|
page read and write
|
||
3207000
|
unkown
|
page read and write
|
||
A25000
|
unkown
|
page read and write
|
||
5DE000
|
unkown
|
page read and write
|
||
1582E000
|
unkown
|
page read and write
|
||
7FF537902000
|
unkown
|
page readonly
|
||
6AE97000
|
unkown image
|
page read and write
|
||
26DE000
|
unkown
|
page read and write
|
||
2ACFD41A000
|
unkown
|
page read and write
|
||
4DC0000
|
unkown
|
page readonly
|
||
7FF5A2857000
|
unkown
|
page readonly
|
||
53F8000
|
unkown
|
page read and write
|
||
4DCF000
|
unkown
|
page read and write
|
||
26B47980000
|
unkown
|
page read and write
|
||
29AEFF00000
|
heap private
|
page read and write
|
||
51F2000
|
unkown
|
page read and write
|
||
95D3979000
|
unkown
|
page read and write
|
||
2C5A344E000
|
unkown
|
page read and write
|
||
2C78000
|
unkown
|
page readonly
|
||
27138DE0000
|
unkown
|
page readonly
|
||
5216000
|
unkown
|
page read and write
|
||
15D9E000
|
unkown
|
page read and write
|
||
2918000
|
unkown
|
page readonly
|
||
23D9000
|
unkown
|
page readonly
|
||
28C6000
|
unkown
|
page readonly
|
||
1538D000
|
unkown
|
page read and write
|
||
1517F000
|
unkown
|
page read and write
|
||
8A8000
|
heap default
|
page read and write
|
||
7FF53780F000
|
unkown
|
page readonly
|
||
47F1000
|
unkown
|
page read and write
|
||
1582E000
|
unkown
|
page read and write
|
||
C1DB4FA000
|
unkown
|
page read and write
|
||
D30000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
F9F9ABC000
|
unkown
|
page read and write
|
||
2461000
|
unkown
|
page readonly
|
||
B26000
|
unkown
|
page read and write
|
||
52D0000
|
unkown
|
page read and write
|
||
1518E000
|
unkown
|
page read and write
|
||
152A4000
|
unkown
|
page read and write
|
||
8A8000
|
unkown
|
page read and write
|
||
2ACFD418000
|
unkown
|
page read and write
|
||
2602000
|
unkown
|
page execute and read and write
|
||
3680000
|
unkown
|
page readonly
|
||
26B4A010000
|
unkown
|
page read and write
|
||
2D30000
|
heap default
|
page read and write
|
||
2A00000
|
unkown
|
page read and write
|
||
15266000
|
unkown
|
page read and write
|
||
A091000
|
unkown
|
page read and write
|
||
7FF5F3BF1000
|
unkown
|
page readonly
|
||
26DA000
|
unkown
|
page read and write
|
||
23D4000
|
unkown
|
page readonly
|
||
7FF5DFF4A000
|
unkown
|
page readonly
|
||
29AEFF60000
|
heap default
|
page read and write
|
||
92C000
|
unkown
|
page read and write
|
||
58B0000
|
unkown
|
page readonly
|
||
7FF5A2CF7000
|
unkown
|
page readonly
|
||
2EF0000
|
unkown
|
page readonly
|
||
7FF5DFEBD000
|
unkown
|
page readonly
|
||
150EF000
|
unkown
|
page read and write
|
||
251D000
|
unkown
|
page readonly
|
||
2A51000
|
unkown
|
page read and write
|
||
16820000
|
unkown
|
page read and write
|
||
C1DB37A000
|
unkown
|
page read and write
|
||
1C22AC8E000
|
unkown
|
page read and write
|
||
26B49A00000
|
unkown
|
page readonly
|
||
4A08000
|
unkown
|
page read and write
|
||
7FF5326E7000
|
unkown
|
page readonly
|
||
2C5A348B000
|
unkown
|
page read and write
|
||
4DEC000
|
unkown
|
page read and write
|
||
49B0000
|
unkown
|
page readonly
|
||
14F4E000
|
unkown
|
page read and write
|
||
7FF537857000
|
unkown
|
page readonly
|
||
2A50000
|
unkown
|
page read and write
|
||
95D39F9000
|
unkown
|
page read and write
|
||
15D2E000
|
unkown
|
page read and write
|
||
16500000
|
unkown
|
page read and write
|
||
46FF000
|
unkown
|
page read and write
|
||
7FF5DFC4F000
|
unkown
|
page readonly
|
||
2D4C000
|
unkown
|
page execute and read and write
|
||
9EDD000
|
unkown
|
page read and write
|
||
2DB3000
|
heap default
|
page read and write
|
||
14E10000
|
unkown
|
page readonly
|
||
4DE4000
|
unkown
|
page read and write
|
||
1C22AC2A000
|
unkown
|
page read and write
|
||
3320000
|
unkown
|
page readonly
|
||
2800000
|
heap private
|
page read and write
|
||
7FF537748000
|
unkown
|
page readonly
|
||
2ACFE130000
|
unkown
|
page read and write
|
||
8E6000
|
unkown
|
page read and write
|
||
4DD8000
|
unkown
|
page read and write
|
||
2A4F000
|
unkown
|
page read and write
|
||
2ACFD3A0000
|
unkown
|
page read and write
|
||
7F0000
|
unkown
|
page readonly
|
||
2CEA000
|
unkown
|
page execute and read and write
|
||
29AF0002000
|
unkown
|
page read and write
|
||
24FE000
|
unkown
|
page readonly
|
||
55CE000
|
stack
|
page read and write
|
||
7FF532727000
|
unkown
|
page readonly
|
||
16697000
|
unkown
|
page read and write
|
||
539F000
|
stack
|
page read and write
|
||
7FF5358B4000
|
unkown
|
page readonly
|
||
2A4E000
|
unkown
|
page read and write
|
||
4DE8000
|
unkown
|
page read and write
|
||
1582B000
|
unkown
|
page read and write
|
||
24F8000
|
unkown
|
page readonly
|
||
15816000
|
unkown
|
page read and write
|
||
7FF5F3C47000
|
unkown
|
page readonly
|
||
2ECE000
|
unkown
|
page read and write
|
||
15F4F000
|
unkown
|
page read and write
|
||
15670000
|
unkown
|
page read and write
|
||
32BA000
|
unkown
|
page read and write
|
||
C90000
|
unkown
|
page read and write
|
||
1586E000
|
unkown
|
page read and write
|
||
3220000
|
heap default
|
page read and write
|
||
327D000
|
unkown
|
page read and write
|
||
524F000
|
stack
|
page read and write
|
||
25F5000
|
unkown
|
page readonly
|
||
2412000
|
unkown
|
page readonly
|
||
4EC8000
|
unkown
|
page read and write
|
||
2713A8F0000
|
unkown
|
page readonly
|
||
26FA000
|
stack
|
page read and write
|
||
14C1B000
|
unkown
|
page read and write
|
||
2CD9000
|
unkown
|
page read and write
|
||
6E21000
|
unkown
|
page read and write
|
||
2C54000
|
unkown
|
page readonly
|
||
4D95000
|
unkown
|
page read and write
|
||
9D0000
|
heap default
|
page read and write
|
||
278A000
|
unkown
|
page readonly
|
||
7FF5F3CAD000
|
unkown
|
page readonly
|
||
4DF2000
|
unkown
|
page read and write
|
||
7FF53757A000
|
unkown
|
page readonly
|
||
7FF537907000
|
unkown
|
page readonly
|
||
2A4F000
|
unkown
|
page read and write
|
||
6A60000
|
unkown
|
page read and write
|
||
2A4F000
|
unkown
|
page read and write
|
||
2B40000
|
unkown
|
page read and write
|
||
1C22AD13000
|
unkown
|
page read and write
|
||
7FF5F3B31000
|
unkown
|
page readonly
|
||
2C5A3E00000
|
unkown
|
page readonly
|
||
3251000
|
unkown
|
page read and write
|
||
32AE000
|
unkown
|
page read and write
|
||
A08A000
|
unkown
|
page read and write
|
||
207CA449000
|
unkown
|
page read and write
|
||
A02000
|
unkown
|
page read and write
|
||
3208000
|
heap default
|
page read and write
|
||
14BAC000
|
unkown
|
page read and write
|
||
24EE000
|
unkown
|
page readonly
|
||
2422000
|
unkown
|
page readonly
|
||
8EE000
|
heap default
|
page read and write
|
||
1645D000
|
unkown
|
page read and write
|
||
2A4F000
|
unkown
|
page read and write
|
||
4D42000
|
unkown
|
page read and write
|
||
2CB0000
|
unkown
|
page execute and read and write
|
||
2F86000
|
heap private
|
page read and write
|
||
207CA370000
|
unkown
|
page readonly
|
||
7FF537813000
|
unkown
|
page readonly
|
||
2ACFDEE0000
|
unkown
|
page read and write
|
||
4D91000
|
unkown
|
page read and write
|
||
D1E000
|
unkown
|
page read and write
|
||
2C5A3413000
|
unkown
|
page read and write
|
||
3210000
|
unkown
|
page readonly
|
||
2ACFD440000
|
unkown
|
page read and write
|
||
4DEE000
|
unkown
|
page read and write
|
||
7FF537571000
|
unkown
|
page readonly
|
||
2C1D000
|
unkown
|
page readonly
|
||
22C6000
|
unkown
|
page readonly
|
||
2ACFD418000
|
unkown
|
page read and write
|
||
7FF5DFB4A000
|
unkown
|
page readonly
|
||
207CA429000
|
unkown
|
page read and write
|
||
53F4000
|
unkown
|
page read and write
|
||
2A4F000
|
unkown
|
page read and write
|
||
7FF5DFE25000
|
unkown
|
page readonly
|
||
2832000
|
unkown
|
page readonly
|
||
2A4E000
|
unkown
|
page read and write
|
||
2ACFD408000
|
unkown
|
page read and write
|
||
2A4E000
|
unkown
|
page read and write
|
||
26B47820000
|
unkown
|
page readonly
|
||
4D1E000
|
unkown
|
page read and write
|
||
D20000
|
unkown
|
page read and write
|
||
8E6000
|
unkown
|
page read and write
|
||
7FF532727000
|
unkown
|
page readonly
|
||
2ACFD41A000
|
unkown
|
page read and write
|
||
2FB3000
|
unkown
|
page readonly
|
||
46F8000
|
unkown
|
page read and write
|
||
C56000
|
unkown
|
page read and write
|
||
323E000
|
unkown
|
page read and write
|
||
848000
|
heap default
|
page read and write
|
||
7FF5DFEC7000
|
unkown
|
page readonly
|
||
53E5000
|
unkown
|
page read and write
|
||
15F20000
|
unkown
|
page readonly
|
||
2BF0000
|
unkown
|
page read and write
|
||
A88D000
|
unkown
|
page read and write
|
||
14FD2000
|
unkown
|
page read and write
|
||
F9F9F79000
|
unkown
|
page read and write
|
||
7FF532646000
|
unkown
|
page readonly
|
||
24C8000
|
unkown
|
page readonly
|
||
14FBB000
|
unkown
|
page read and write
|
||
F9F9FFE000
|
unkown
|
page read and write
|
||
14F9F000
|
unkown
|
page read and write
|
||
26B478F0000
|
unkown
|
page write copy
|
||
221D000
|
unkown
|
page readonly
|
||
2C7F000
|
stack
|
page read and write
|
||
31EE000
|
unkown
|
page read and write
|
||
1529B000
|
unkown
|
page read and write
|
||
2A53000
|
unkown
|
page read and write
|
||
516E000
|
unkown
|
page read and write
|
||
2BB0000
|
unkown
|
page readonly
|
||
4FEF000
|
stack
|
page read and write
|
||
14C26000
|
unkown
|
page read and write
|
||
7FF5358B1000
|
unkown
|
page readonly
|
||
32BB000
|
unkown
|
page read and write
|
||
3236000
|
unkown
|
page read and write
|
||
7FF5378C4000
|
unkown
|
page readonly
|
||
2C4C000
|
unkown
|
page readonly
|
||
6D63000
|
unkown
|
page read and write
|
||
7FF5EDAB7000
|
unkown
|
page readonly
|
||
2C4F000
|
unkown
|
page readonly
|
||
C60000
|
unkown
|
page read and write
|
||
15920000
|
unkown
|
page read and write
|
||
4825000
|
unkown
|
page read and write
|
||
7FF5F3C03000
|
unkown
|
page readonly
|
||
8C9000
|
heap default
|
page read and write
|
||
53DB000
|
unkown
|
page read and write
|
||
2538000
|
unkown
|
page readonly
|
||
2828000
|
unkown
|
page readonly
|
||
3BC000
|
unkown
|
page read and write
|
||
15374000
|
unkown
|
page read and write
|
||
7FF532652000
|
unkown
|
page readonly
|
||
7FF5A2D7A000
|
unkown
|
page readonly
|
||
27138F13000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
54CF000
|
stack
|
page read and write
|
||
15228000
|
unkown
|
page read and write
|
||
7140000
|
unkown
|
page read and write
|
||
4EC0000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
156D6000
|
unkown
|
page read and write
|
||
23CC000
|
unkown
|
page readonly
|
||
7FF5DFEB6000
|
unkown
|
page readonly
|
||
1C22AC02000
|
unkown
|
page read and write
|
||
480F000
|
unkown
|
page read and write
|
||
1538D000
|
unkown
|
page read and write
|
||
14B20000
|
unkown
|
page read and write
|
||
1581E000
|
unkown
|
page read and write
|
||
2805000
|
heap private
|
page read and write
|
||
322D000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
61D0000
|
unkown
|
page readonly
|
||
2C00000
|
heap default
|
page read and write
|
||
9DD8000
|
unkown
|
page read and write
|
||
7FF5378CB000
|
unkown
|
page readonly
|
||
C77C5FE000
|
unkown
|
page read and write
|
||
15DE0000
|
unkown
|
page readonly
|
||
740D8000
|
unkown image
|
page readonly
|
||
A3DE000
|
unkown
|
page read and write
|
||
C1DB77E000
|
unkown
|
page read and write
|
||
158B8000
|
unkown
|
page read and write
|
||
4D2A000
|
unkown
|
page read and write
|
||
2ACFD1E0000
|
unkown
|
page read and write
|
||
2802000
|
unkown
|
page readonly
|
||
28AB000
|
unkown
|
page execute and read and write
|
||
2C5A3C02000
|
unkown
|
page read and write
|
||
2B6F000
|
stack
|
page read and write
|
||
28D8000
|
unkown
|
page readonly
|
||
207CA380000
|
unkown
|
page read and write
|
||
2A4F000
|
unkown
|
page read and write
|
||
283C000
|
unkown
|
page readonly
|
||
4DB0000
|
unkown
|
page read and write
|
||
4EB9000
|
unkown
|
page read and write
|
||
2A47000
|
unkown
|
page read and write
|
||
2F21000
|
unkown
|
page readonly
|
||
2FCF000
|
stack
|
page read and write
|
||
1591E000
|
unkown
|
page read and write
|
||
2351000
|
unkown
|
page readonly
|
||
5230000
|
unkown
|
page read and write
|
||
7FF5373B7000
|
unkown
|
page readonly
|
||
4E90000
|
unkown
|
page readonly
|
||
2A4F000
|
unkown
|
page read and write
|
||
34EE000
|
stack
|
page read and write
|
||
14EB5000
|
unkown
|
page read and write
|
||
2ACFE110000
|
unkown
|
page read and write
|
||
9DFE000
|
unkown
|
page read and write
|
||
2530000
|
unkown
|
page readonly
|
||
D80000
|
unkown
|
page readonly
|
||
323F000
|
unkown
|
page read and write
|
||
470A000
|
unkown
|
page read and write
|
||
3FE000
|
unkown
|
page read and write
|
||
7FF5DFE83000
|
unkown
|
page readonly
|
||
2C5A3446000
|
unkown
|
page read and write
|
||
A0F5000
|
unkown
|
page read and write
|
||
27F0000
|
unkown
|
page read and write
|
||
2A4F000
|
unkown
|
page read and write
|
||
29AEFF70000
|
unkown
|
page write copy
|
||
E3E717A000
|
unkown
|
page read and write
|
||
D66000
|
heap default
|
page read and write
|
||
14A00000
|
unkown
|
page read and write
|
||
53CE000
|
unkown
|
page read and write
|
||
7FF5DFC9B000
|
unkown
|
page readonly
|
||
605000
|
unkown
|
page readonly
|
||
15002000
|
unkown
|
page read and write
|
||
A2E9000
|
unkown
|
page read and write
|
||
27138E67000
|
unkown
|
page read and write
|
||
2920000
|
heap private
|
page read and write
|
||
735000
|
unkown
|
page readonly
|
||
7FF5F3BEF000
|
unkown
|
page readonly
|
||
3236000
|
unkown
|
page read and write
|
||
2BB3000
|
heap default
|
page read and write
|
||
25D5000
|
unkown
|
page readonly
|
||
7020000
|
unkown
|
page read and write
|
||
15C9F000
|
unkown
|
page read and write
|
||
2713AC50000
|
unkown
|
page read and write
|
||
7FF535846000
|
unkown
|
page readonly
|
||
7FF5ED7B6000
|
unkown
|
page readonly
|
||
2CEE000
|
unkown
|
page read and write
|
||
3295000
|
unkown
|
page read and write
|
||
2ACFD330000
|
unkown
|
page readonly
|
||
2A4E000
|
unkown
|
page read and write
|
||
2417000
|
unkown
|
page readonly
|
||
2C78000
|
unkown
|
page readonly
|
||
26B497E0000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
2ACFD418000
|
unkown
|
page read and write
|
||
14B43000
|
unkown
|
page read and write
|
||
15374000
|
unkown
|
page read and write
|
||
640000
|
unkown
|
page readonly
|
||
2388000
|
unkown
|
page readonly
|
||
4E3B000
|
unkown
|
page read and write
|
||
2186000
|
unkown
|
page readonly
|
||
14B43000
|
unkown
|
page read and write
|
||
53E5000
|
unkown
|
page read and write
|
||
1603E000
|
unkown
|
page read and write
|
||
740000
|
unkown
|
page readonly
|
||
45FE000
|
unkown
|
page read and write
|
||
2C5A4140000
|
unkown
|
page readonly
|
||
284E000
|
unkown
|
page execute and read and write
|
||
27F5000
|
unkown
|
page readonly
|
||
C77C2FB000
|
unkown
|
page read and write
|
||
26B49947000
|
unkown
|
page read and write
|
||
24FC000
|
unkown
|
page readonly
|
||
31FE000
|
unkown
|
page read and write
|
||
58BF000
|
stack
|
page read and write
|
||
4E86000
|
unkown
|
page read and write
|
||
15A20000
|
unkown
|
page readonly
|
||
298A000
|
stack
|
page read and write
|
||
2C5D000
|
unkown
|
page readonly
|
||
7FF51A7AB000
|
unkown
|
page readonly
|
||
2B30000
|
unkown
|
page readonly
|
||
2A50000
|
unkown
|
page read and write
|
||
2B81000
|
unkown
|
page readonly
|
||
158BE000
|
unkown
|
page read and write
|
||
2357000
|
unkown
|
page readonly
|
||
2A51000
|
unkown
|
page read and write
|
||
7FF535907000
|
unkown
|
page readonly
|
||
2A50000
|
unkown
|
page read and write
|
||
49A0000
|
heap private
|
page read and write
|
||
3240000
|
unkown
|
page read and write
|
||
1553F000
|
stack
|
page read and write
|
||
15816000
|
unkown
|
page read and write
|
||
16550000
|
unkown
|
page read and write
|
||
A3B2000
|
unkown
|
page read and write
|
||
53D5000
|
unkown
|
page read and write
|
||
327D000
|
unkown
|
page read and write
|
||
6F1C000
|
unkown
|
page read and write
|
||
15294000
|
unkown
|
page read and write
|
||
239B000
|
unkown
|
page readonly
|
||
A99000
|
unkown
|
page readonly
|
||
15D2A000
|
unkown
|
page read and write
|
||
26B47AD8000
|
unkown
|
page read and write
|
||
26B47A3F000
|
unkown
|
page read and write
|
||
E40000
|
unkown
|
page read and write
|
||
2ACFE0F0000
|
unkown
|
page read and write
|
||
207CA457000
|
unkown
|
page read and write
|
||
7FF5A2851000
|
unkown
|
page readonly
|
||
1539D000
|
unkown
|
page read and write
|
||
42B000
|
unkown
|
page read and write
|
||
27138E02000
|
unkown
|
page read and write
|
||
26B47A29000
|
unkown
|
page read and write
|
||
23B3000
|
unkown
|
page readonly
|
||
3520000
|
unkown
|
page readonly
|
||
279E000
|
unkown
|
page read and write
|
||
7FF535172000
|
unkown
|
page readonly
|
||
2A4E000
|
unkown
|
page read and write
|
||
7FF5378C7000
|
unkown
|
page readonly
|
||
48D7000
|
unkown
|
page read and write
|
||
4E9C000
|
unkown
|
page read and write
|
||
2B70000
|
unkown
|
page readonly
|
||
5800000
|
heap private
|
page read and write
|
||
4E02000
|
unkown
|
page read and write
|
||
24E6000
|
unkown
|
page readonly
|
||
2B30000
|
heap private
|
page read and write
|
||
151E0000
|
unkown
|
page read and write
|
||
7FF535731000
|
unkown
|
page readonly
|
||
C00000
|
heap private
|
page read and write
|
||
1557E000
|
unkown
|
page read and write
|
||
4DBD000
|
unkown
|
page read and write
|
||
34AE000
|
unkown
|
page read and write
|
||
2AFB000
|
stack
|
page read and write
|
||
2845000
|
unkown
|
page readonly
|
||
15DEF000
|
unkown
|
page read and write
|
||
7020000
|
unkown
|
page read and write
|
||
8E6000
|
unkown
|
page read and write
|
||
14FBB000
|
unkown
|
page read and write
|
||
15830000
|
unkown
|
page read and write
|
||
26B477B0000
|
heap private
|
page read and write
|
||
2A6E000
|
unkown
|
page read and write
|
||
4A2E000
|
unkown
|
page read and write
|
||
35CB000
|
heap private
|
page read and write
|
||
1501C000
|
unkown
|
page read and write
|
||
898000
|
heap default
|
page read and write
|
||
26B47AF1000
|
unkown
|
page read and write
|
||
31F7000
|
heap default
|
page read and write
|
||
1090000
|
unkown
|
page read and write
|
||
7020000
|
unkown
|
page read and write
|
||
7FF5A2BE8000
|
unkown
|
page readonly
|
||
327D000
|
unkown
|
page read and write
|
||
7FF5ED8BF000
|
unkown
|
page readonly
|
||
6D0000
|
unkown
|
page readonly
|
||
3222000
|
unkown
|
page read and write
|
||
26B497F0000
|
unkown
|
page readonly
|
||
7FF5EDB06000
|
unkown
|
page readonly
|
||
2ACFD340000
|
heap default
|
page read and write
|
||
2647000
|
unkown
|
page readonly
|
||
7FF5F39C5000
|
unkown
|
page readonly
|
||
424000
|
unkown
|
page read and write
|
||
1590F000
|
stack
|
page read and write
|
||
3297000
|
unkown
|
page read and write
|
||
7FF532538000
|
unkown
|
page readonly
|
||
7FF5A2B3A000
|
unkown
|
page readonly
|
||
2ACFD41A000
|
unkown
|
page read and write
|
||
164B0000
|
unkown
|
page read and write
|
||
2645000
|
unkown
|
page execute and read and write
|
||
7FF5ED95F000
|
unkown
|
page readonly
|
||
471A000
|
unkown
|
page read and write
|
||
4EBF000
|
stack
|
page read and write
|
||
14C5D000
|
unkown
|
page read and write
|
||
58D0000
|
heap private
|
page read and write
|
||
A1754FF000
|
unkown
|
page read and write
|
||
1C22AC13000
|
unkown
|
page read and write
|
||
8B0000
|
heap private
|
page read and write
|
||
7FF5378F6000
|
unkown
|
page readonly
|
||
1506E000
|
unkown
|
page read and write
|
||
7F5000
|
heap default
|
page read and write
|
||
7FF5A2D93000
|
unkown
|
page readonly
|
||
2A4F000
|
unkown
|
page read and write
|
||
23BE000
|
unkown
|
page readonly
|
||
DF5000
|
heap private
|
page read and write
|
||
323E000
|
unkown
|
page read and write
|
||
1C22AB80000
|
heap default
|
page read and write
|
||
7FF5F3CF7000
|
unkown
|
page readonly
|
||
4D4A000
|
unkown
|
page read and write
|
||
524B000
|
unkown
|
page read and write
|
||
2A52000
|
unkown
|
page read and write
|
||
15682000
|
unkown
|
page read and write
|
||
2860000
|
unkown
|
page readonly
|
||
7FF5F3CA4000
|
unkown
|
page readonly
|
||
702EB000
|
unkown image
|
page readonly
|
||
6F9000
|
stack
|
page read and write
|
||
4DF8000
|
unkown
|
page read and write
|
||
7FF5324E7000
|
unkown
|
page readonly
|
||
4EBC000
|
unkown
|
page read and write
|
||
A174D4E000
|
unkown
|
page read and write
|
||
2A70000
|
unkown
|
page read and write
|
||
7FF5DFEA2000
|
unkown
|
page readonly
|
||
325F000
|
unkown
|
page read and write
|
||
9ECB000
|
unkown
|
page read and write
|
||
2910000
|
unkown
|
page readonly
|
||
7FF53261F000
|
unkown
|
page readonly
|
||
2A49000
|
unkown
|
page read and write
|
||
4C2F000
|
unkown
|
page read and write
|
||
152DF000
|
unkown
|
page read and write
|
||
A33D000
|
unkown
|
page read and write
|
||
14EA0000
|
unkown
|
page read and write
|
||
2D81000
|
heap default
|
page read and write
|
||
3670000
|
heap private
|
page read and write
|
||
2CD0000
|
heap private
|
page read and write
|
||
5100000
|
unkown
|
page read and write
|
||
2EFA000
|
stack
|
page read and write
|
||
2431000
|
unkown
|
page readonly
|
||
740D0000
|
unkown image
|
page readonly
|
||
7FF5F3C3D000
|
unkown
|
page readonly
|
||
53D3000
|
unkown
|
page read and write
|
||
28BB000
|
unkown
|
page readonly
|
||
7FF5F3B38000
|
unkown
|
page readonly
|
||
A1E000
|
unkown
|
page read and write
|
||
250C000
|
unkown
|
page readonly
|
||
1C22AB20000
|
heap private
|
page read and write
|
||
158B0000
|
unkown
|
page read and write
|
||
2A4F000
|
unkown
|
page read and write
|
||
2CDA000
|
unkown
|
page read and write
|
||
1623A000
|
unkown
|
page read and write
|
||
53EE000
|
unkown
|
page read and write
|
||
342E000
|
unkown
|
page read and write
|
||
157F0000
|
unkown
|
page read and write
|
||
4C3D000
|
unkown
|
page read and write
|
||
2A51000
|
unkown
|
page read and write
|
||
2538000
|
unkown
|
page read and write
|
||
4E1D000
|
unkown
|
page read and write
|
||
2A67000
|
unkown
|
page read and write
|
||
59E0000
|
unkown
|
page readonly
|
||
2C5A3450000
|
unkown
|
page read and write
|
||
245A000
|
unkown
|
page readonly
|
||
A10000
|
unkown
|
page readonly
|
||
48C0000
|
unkown
|
page readonly
|
||
2A50000
|
unkown
|
page read and write
|
||
2D8E000
|
stack
|
page read and write
|
||
1578E000
|
unkown
|
page read and write
|
||
2A52000
|
unkown
|
page read and write
|
||
514E000
|
unkown
|
page read and write
|
||
4D5E000
|
unkown
|
page read and write
|
||
4924000
|
unkown
|
page read and write
|
||
7FF5378DA000
|
unkown
|
page readonly
|
||
2844000
|
unkown
|
page readonly
|
||
4E2E000
|
unkown
|
page read and write
|
||
27138D00000
|
heap default
|
page read and write
|
||
3315000
|
heap default
|
page read and write
|
||
4E39000
|
unkown
|
page read and write
|
||
7FF5DFF24000
|
unkown
|
page readonly
|
||
7FF535748000
|
unkown
|
page readonly
|
||
15310000
|
unkown
|
page read and write
|
||
2465000
|
unkown
|
page readonly
|
||
2ACFDE60000
|
unkown
|
page read and write
|
||
2ACFD240000
|
unkown
|
page readonly
|
||
8F1000
|
unkown
|
page read and write
|
||
4E4E000
|
unkown
|
page read and write
|
||
14F92000
|
unkown
|
page read and write
|
||
2A52000
|
unkown
|
page read and write
|
||
4835000
|
unkown
|
page read and write
|
||
ADC2C77000
|
unkown
|
page read and write
|
||
1640C000
|
unkown
|
page read and write
|
||
4E68000
|
unkown
|
page read and write
|
||
7FF535814000
|
unkown
|
page readonly
|
||
B25000
|
unkown
|
page readonly
|
||
32A1000
|
unkown
|
page read and write
|
||
2ACFD310000
|
unkown
|
page read and write
|
||
26B49902000
|
unkown
|
page read and write
|
||
7FF5EDB94000
|
unkown
|
page readonly
|
||
15374000
|
unkown
|
page read and write
|
||
A3D5000
|
unkown
|
page read and write
|
||
2A00000
|
unkown
|
page readonly
|
||
4DE2000
|
unkown
|
page read and write
|
||
14F24000
|
unkown
|
page read and write
|
||
53D6000
|
unkown
|
page read and write
|
||
327D000
|
unkown
|
page read and write
|
||
4A7F000
|
stack
|
page read and write
|
||
7FF53769A000
|
unkown
|
page readonly
|
||
23F8000
|
unkown
|
page readonly
|
||
14B43000
|
unkown
|
page read and write
|
||
F9F9EFB000
|
unkown
|
page read and write
|
||
4EA0000
|
unkown
|
page read and write
|
||
6D63000
|
unkown
|
page read and write
|
||
2C5A3370000
|
unkown
|
page readonly
|
||
1581E000
|
unkown
|
page read and write
|
||
1083000
|
unkown
|
page readonly
|
||
7FF5F3CF7000
|
unkown
|
page readonly
|
||
7FF5358BD000
|
unkown
|
page readonly
|
||
2ACFD790000
|
unkown
|
page readonly
|
||
15FA4000
|
heap private
|
page read and write
|
||
26B49987000
|
unkown
|
page read and write
|
||
24D6000
|
unkown
|
page readonly
|
||
32AE000
|
unkown
|
page read and write
|
||
2761000
|
unkown
|
page readonly
|
||
53D8000
|
unkown
|
page read and write
|
||
A350000
|
unkown
|
page read and write
|
||
4A22000
|
unkown
|
page read and write
|
||
A201000
|
unkown
|
page read and write
|
||
3010000
|
unkown
|
page readonly
|
||
284D000
|
unkown
|
page readonly
|
||
522E000
|
unkown
|
page read and write
|
||
2451000
|
unkown
|
page readonly
|
||
473A000
|
unkown
|
page read and write
|
||
3580000
|
unkown
|
page read and write
|
||
702E9000
|
unkown image
|
page read and write
|
||
6E01000
|
unkown
|
page read and write
|
||
7FF537801000
|
unkown
|
page readonly
|
||
1532A000
|
unkown
|
page read and write
|
||
231A000
|
unkown
|
page readonly
|
||
3259000
|
unkown
|
page read and write
|
||
3066000
|
heap private
|
page read and write
|
||
2A4F000
|
unkown
|
page read and write
|
||
53F9000
|
unkown
|
page read and write
|
||
2A63000
|
unkown
|
page readonly
|
||
24A1000
|
unkown
|
page readonly
|
||
2B30000
|
unkown
|
page readonly
|
||
A99000
|
unkown
|
page readonly
|
||
7FF5358CB000
|
unkown
|
page readonly
|
||
302E000
|
unkown
|
page read and write
|
||
14C14000
|
unkown
|
page read and write
|
||
7FF5376F6000
|
unkown
|
page readonly
|
||
30B0000
|
unkown
|
page readonly
|
||
1645A000
|
unkown
|
page read and write
|
||
7FF5EDBE7000
|
unkown
|
page readonly
|
||
14F99000
|
unkown
|
page read and write
|
||
7FF5EDBA4000
|
unkown
|
page readonly
|
||
14E0E000
|
unkown
|
page read and write
|
||
7FF53568C000
|
unkown
|
page readonly
|
||
15816000
|
unkown
|
page read and write
|
||
30E0000
|
heap default
|
page read and write
|
||
2795000
|
unkown
|
page readonly
|
||
4600000
|
unkown
|
page read and write
|
||
7FF53584D000
|
unkown
|
page readonly
|
||
4D57000
|
unkown
|
page read and write
|
||
7FF5321D1000
|
unkown
|
page readonly
|
||
35C5000
|
heap private
|
page read and write
|
||
2CD8000
|
unkown
|
page read and write
|
||
4D8E000
|
unkown
|
page read and write
|
||
52AE000
|
unkown
|
page read and write
|
||
71F000
|
unkown
|
page read and write
|
||
158ED000
|
unkown
|
page read and write
|
||
2F20000
|
unkown
|
page readonly
|
||
D30000
|
unkown
|
page read and write
|
||
7FF5F3CE6000
|
unkown
|
page readonly
|
||
14EA0000
|
unkown
|
page read and write
|
||
2FF8000
|
unkown
|
page readonly
|
||
2ACFD39E000
|
unkown
|
page read and write
|
||
2713A7F0000
|
unkown
|
page read and write
|
||
1C22AC56000
|
unkown
|
page read and write
|
||
21EE000
|
unkown
|
page readonly
|
||
4875000
|
unkown
|
page read and write
|
||
5310000
|
unkown
|
page read and write
|
||
312E000
|
stack
|
page read and write
|
||
7FF5DFEC9000
|
unkown
|
page readonly
|
||
5275000
|
unkown
|
page read and write
|
||
7FF5F3B97000
|
unkown
|
page readonly
|
||
2A4F000
|
unkown
|
page read and write
|
||
529E000
|
unkown
|
page read and write
|
||
577F000
|
stack
|
page read and write
|
||
7FF535857000
|
unkown
|
page readonly
|
||
5F0000
|
heap default
|
page read and write
|
||
1C22AC70000
|
unkown
|
page read and write
|
||
22DD000
|
unkown
|
page readonly
|
||
2752000
|
unkown
|
page readonly
|
||
51D0000
|
unkown
|
page read and write
|
||
4E2C000
|
unkown
|
page read and write
|
||
7C0000
|
unkown
|
page readonly
|
||
3200000
|
heap default
|
page read and write
|
||
274D000
|
unkown
|
page readonly
|
||
4DF0000
|
unkown
|
page readonly
|
||
53F9000
|
unkown
|
page read and write
|
||
5279000
|
unkown
|
page read and write
|
||
47EF000
|
unkown
|
page read and write
|
||
15816000
|
unkown
|
page read and write
|
||
7FF5EDB9D000
|
unkown
|
page readonly
|
||
29AF1B70000
|
unkown
|
page readonly
|
||
24B5000
|
unkown
|
page readonly
|
||
4EEE000
|
unkown
|
page read and write
|
||
9DB0000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
7FF5A2CB3000
|
unkown
|
page readonly
|
||
16000000
|
unkown
|
page read and write
|
||
A005000
|
unkown
|
page read and write
|
||
15856000
|
unkown
|
page read and write
|
||
327A000
|
unkown
|
page read and write
|
||
16240000
|
unkown
|
page read and write
|
||
2FAE000
|
unkown
|
page read and write
|
||
2A80000
|
unkown
|
page readonly
|
||
690000
|
heap private
|
page read and write
|
||
7FF5F3A1B000
|
unkown
|
page readonly
|
||
15264000
|
unkown
|
page read and write
|
||
3223000
|
unkown
|
page read and write
|
||
2CD8000
|
unkown
|
page read and write
|
||
4D53000
|
unkown
|
page read and write
|
||
207CA508000
|
unkown
|
page read and write
|
||
C3C000
|
unkown
|
page read and write
|
||
2ACFDE70000
|
unkown
|
page read and write
|
||
702E0000
|
unkown image
|
page readonly
|
||
4D36000
|
unkown
|
page read and write
|
||
7FF5F3BA1000
|
unkown
|
page readonly
|
||
3229000
|
unkown
|
page read and write
|
||
7FF5F39E9000
|
unkown
|
page readonly
|
||
302E000
|
stack
|
page read and write
|
||
2520000
|
unkown
|
page readonly
|
||
4EBC000
|
unkown
|
page read and write
|
||
63F000
|
stack
|
page read and write
|
||
4E80000
|
unkown
|
page read and write
|
||
2CB2000
|
unkown
|
page execute and read and write
|
||
1538D000
|
unkown
|
page read and write
|
||
7FF53262F000
|
unkown
|
page readonly
|
||
4707000
|
unkown
|
page read and write
|
||
2ACFDE70000
|
unkown
|
page read and write
|
||
58A0000
|
unkown
|
page readonly
|
||
4ECE000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
ADC287E000
|
unkown
|
page read and write
|
||
7FF5A2CCA000
|
unkown
|
page readonly
|
||
9FF5000
|
unkown
|
page read and write
|
||
FEE000
|
stack
|
page read and write
|
||
2ACFDEE7000
|
unkown
|
page read and write
|
||
9F91000
|
unkown
|
page read and write
|
||
4CD4000
|
unkown
|
page read and write
|
||
ADC2E7D000
|
unkown
|
page read and write
|
||
4725000
|
unkown
|
page read and write
|
||
75E000
|
unkown
|
page read and write
|
||
2667000
|
unkown
|
page readonly
|
||
35C0000
|
heap private
|
page read and write
|
||
2C5A3429000
|
unkown
|
page read and write
|
||
7FF535741000
|
unkown
|
page readonly
|
||
7FF537859000
|
unkown
|
page readonly
|
||
1532F000
|
unkown
|
page read and write
|
||
7FF5A25EE000
|
unkown
|
page readonly
|
||
3236000
|
unkown
|
page read and write
|
||
207000
|
unkown
|
page read and write
|
||
4E11000
|
unkown
|
page read and write
|
||
2D98000
|
heap default
|
page read and write
|
||
32B2000
|
unkown
|
page read and write
|
||
605000
|
unkown
|
page readonly
|
||
24B8000
|
unkown
|
page readonly
|
||
2385000
|
unkown
|
page readonly
|
||
4DBE000
|
unkown
|
page read and write
|
||
7FF5EDBAB000
|
unkown
|
page readonly
|
||
2820000
|
unkown
|
page read and write
|
||
158B8000
|
unkown
|
page read and write
|
||
745000
|
unkown
|
page readonly
|
||
4A82000
|
unkown
|
page read and write
|
||
279B000
|
unkown
|
page readonly
|
||
27138D10000
|
unkown
|
page readonly
|
||
2A50000
|
unkown
|
page read and write
|
||
325E000
|
unkown
|
page read and write
|
||
7D0000
|
heap default
|
page read and write
|
||
2D70000
|
unkown
|
page readonly
|
||
5880000
|
heap private
|
page read and write
|
||
26A6000
|
unkown
|
page readonly
|
||
2CCE000
|
unkown
|
page read and write
|
||
284B000
|
unkown
|
page readonly
|
||
155E0000
|
unkown
|
page readonly
|
||
240D000
|
unkown
|
page readonly
|
||
4E84000
|
unkown
|
page read and write
|
||
4DF4000
|
unkown
|
page read and write
|
||
2D54000
|
heap default
|
page read and write
|
||
E3E70FE000
|
unkown
|
page read and write
|
||
2A4F000
|
unkown
|
page read and write
|
||
26B47AC7000
|
unkown
|
page read and write
|
||
27F8000
|
unkown
|
page readonly
|
||
8F1000
|
unkown
|
page read and write
|
||
4ECE000
|
unkown
|
page read and write
|
||
27138E13000
|
unkown
|
page read and write
|
||
32B6000
|
unkown
|
page read and write
|
||
14FA9000
|
unkown
|
page read and write
|
||
158AC000
|
unkown
|
page read and write
|
||
53D8000
|
unkown
|
page read and write
|
||
2A4E000
|
unkown
|
page read and write
|
||
14F92000
|
unkown
|
page read and write
|
||
7FF5DF767000
|
unkown
|
page readonly
|
||
4C2B000
|
unkown
|
page read and write
|
||
A0FF000
|
unkown
|
page read and write
|
||
7FF5DFE7F000
|
unkown
|
page readonly
|
||
4EB6000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
4DDA000
|
unkown
|
page read and write
|
||
7FF5EDAF3000
|
unkown
|
page readonly
|
||
870000
|
unkown
|
page readonly
|
||
4713000
|
unkown
|
page read and write
|
||
264B000
|
unkown
|
page execute and read and write
|
||
9EDA000
|
unkown
|
page read and write
|
||
E3E707E000
|
unkown
|
page read and write
|
||
4704000
|
unkown
|
page read and write
|
||
7FF5F3C49000
|
unkown
|
page readonly
|
||
15905000
|
unkown
|
page read and write
|
||
7FF5F34E7000
|
unkown
|
page readonly
|
||
7FF5F38C6000
|
unkown
|
page readonly
|
||
9FE6000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
1538E000
|
unkown
|
page read and write
|
||
9DB9000
|
unkown
|
page read and write
|
||
7FF5F3A3B000
|
unkown
|
page readonly
|
||
2930000
|
unkown
|
page read and write
|
||
5227000
|
unkown
|
page read and write
|
||
207CA44A000
|
unkown
|
page read and write
|
||
C77C0FD000
|
unkown
|
page read and write
|
||
26B47810000
|
heap default
|
page read and write
|
||
24C5000
|
unkown
|
page readonly
|
||
53E8000
|
unkown
|
page read and write
|
||
6940000
|
unkown
|
page read and write
|
||
26B494A0000
|
unkown
|
page readonly
|
||
7FF5DFF77000
|
unkown
|
page readonly
|
||
2A9E000
|
unkown
|
page readonly
|
||
152B0000
|
unkown
|
page read and write
|
||
15283000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
7FF535907000
|
unkown
|
page readonly
|
||
2D00000
|
unkown
|
page readonly
|
||
3300000
|
unkown
|
page readonly
|
||
4EB8000
|
unkown
|
page read and write
|
||
14FD2000
|
unkown
|
page read and write
|
||
3230000
|
unkown
|
page read and write
|
||
23B5000
|
unkown
|
page readonly
|
||
1C22B600000
|
unkown
|
page readonly
|
||
4D8B000
|
unkown
|
page read and write
|
||
2767000
|
unkown
|
page readonly
|
||
A0B5000
|
unkown
|
page read and write
|
||
7FF5F3C22000
|
unkown
|
page readonly
|
||
26B497E0000
|
unkown
|
page read and write
|
||
16696000
|
unkown
|
page read and write
|
||
3250000
|
unkown
|
page read and write
|
||
2A51000
|
unkown
|
page read and write
|
||
2824000
|
unkown
|
page read and write
|
||
C1DAFDB000
|
unkown
|
page read and write
|
||
26B47AC0000
|
unkown
|
page read and write
|
||
53F3000
|
unkown
|
page read and write
|
||
9F63000
|
unkown
|
page read and write
|
||
51E3000
|
unkown
|
page read and write
|
||
4809000
|
unkown
|
page read and write
|
||
14F92000
|
unkown
|
page read and write
|
||
29AF0000000
|
unkown
|
page read and write
|
||
4717000
|
unkown
|
page read and write
|
||
7F0000
|
heap default
|
page read and write
|
||
30C0000
|
unkown
|
page readonly
|
||
2C5A3390000
|
unkown
|
page read and write
|
||
15266000
|
unkown
|
page read and write
|
||
15377000
|
unkown
|
page read and write
|
||
26B47A79000
|
unkown
|
page read and write
|
||
1592D000
|
unkown
|
page read and write
|
||
A10000
|
heap default
|
page read and write
|
||
32B6000
|
unkown
|
page read and write
|
||
7FF5DFF63000
|
unkown
|
page readonly
|
||
3238000
|
unkown
|
page read and write
|
||
1623E000
|
unkown
|
page read and write
|
||
800000
|
unkown
|
page readonly
|
||
3235000
|
unkown
|
page read and write
|
||
2823000
|
unkown
|
page readonly
|
||
7FF5EDBBA000
|
unkown
|
page readonly
|
||
14FBA000
|
unkown
|
page read and write
|
||
16830000
|
unkown
|
page read and write
|
||
26B47A13000
|
unkown
|
page read and write
|
||
4690000
|
unkown
|
page read and write
|
||
15759000
|
unkown
|
page read and write
|
||
31F2000
|
unkown
|
page read and write
|
||
7FF532716000
|
unkown
|
page readonly
|
||
A00E000
|
unkown
|
page read and write
|
||
2C38000
|
unkown
|
page readonly
|
||
15F10000
|
unkown
|
page read and write
|
||
3258000
|
unkown
|
page read and write
|
||
24E8000
|
unkown
|
page readonly
|
||
51C8000
|
unkown
|
page read and write
|
||
26B497E0000
|
unkown
|
page read and write
|
||
6AEA7000
|
unkown image
|
page read and write
|
||
14BFB000
|
unkown
|
page read and write
|
||
4E20000
|
unkown
|
page readonly
|
||
207CA453000
|
unkown
|
page read and write
|
||
C80000
|
heap private
|
page read and write
|
||
1110000
|
unkown
|
page readonly
|
||
2A50000
|
unkown
|
page read and write
|
||
2C5A3513000
|
unkown
|
page read and write
|
||
28A5000
|
unkown
|
page execute and read and write
|
||
4DB5000
|
unkown
|
page read and write
|
||
531A000
|
unkown
|
page read and write
|
||
522C000
|
unkown
|
page read and write
|
||
15729000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
A30000
|
unkown
|
page readonly
|
||
51C6000
|
unkown
|
page read and write
|
||
14C26000
|
unkown
|
page read and write
|
||
7FF5EDBE2000
|
unkown
|
page readonly
|
||
7FF5378F3000
|
unkown
|
page readonly
|
||
4DC7000
|
unkown
|
page read and write
|
||
2B92000
|
unkown
|
page readonly
|
||
7FF5F3CB4000
|
unkown
|
page readonly
|
||
3206000
|
heap private
|
page read and write
|
||
14C14000
|
unkown
|
page read and write
|
||
5219000
|
unkown
|
page read and write
|
||
14C3B000
|
unkown
|
page read and write
|
||
15330000
|
unkown
|
page readonly
|
||
2A50000
|
unkown
|
page read and write
|
||
2ACFD3F8000
|
unkown
|
page read and write
|
||
14C3B000
|
unkown
|
page read and write
|
||
2CD6000
|
heap private
|
page read and write
|
||
2ACFD3A4000
|
unkown
|
page read and write
|
||
48DE000
|
unkown
|
page read and write
|
||
7FF5358F3000
|
unkown
|
page readonly
|
||
450000
|
unkown
|
page readonly
|
||
9C36000
|
unkown
|
page read and write
|
||
A24000
|
unkown
|
page read and write
|
||
3220000
|
unkown
|
page read and write
|
||
2520000
|
unkown
|
page read and write
|
||
7FF5DFC9F000
|
unkown
|
page readonly
|
||
2832000
|
unkown
|
page readonly
|
||
2320000
|
unkown
|
page readonly
|
||
15905000
|
unkown
|
page read and write
|
||
2B98000
|
heap default
|
page read and write
|
||
4D30000
|
unkown
|
page read and write
|
||
2BA1000
|
unkown
|
page readonly
|
||
3254000
|
unkown
|
page read and write
|
||
2C6E000
|
stack
|
page read and write
|
||
26B47A00000
|
unkown
|
page read and write
|
||
2B5E000
|
unkown
|
page read and write
|
||
9E32000
|
unkown
|
page read and write
|
||
4D82000
|
unkown
|
page read and write
|
||
2C40000
|
unkown
|
page read and write
|
||
8D0000
|
heap default
|
page read and write
|
||
2900000
|
unkown
|
page read and write
|
||
62F0000
|
unkown
|
page readonly
|
||
7FF532713000
|
unkown
|
page readonly
|
||
5332000
|
unkown
|
page read and write
|
||
7FF5EDAFE000
|
unkown
|
page readonly
|
||
2C5A3500000
|
unkown
|
page read and write
|
||
EA0000
|
unkown
|
page readonly
|
||
67D0000
|
unkown
|
page read and write
|
||
26B47AA4000
|
unkown
|
page read and write
|
||
2A4F000
|
unkown
|
page read and write
|
||
2B70000
|
unkown
|
page readonly
|
||
5890000
|
heap private
|
page read and write
|
||
7FF532621000
|
unkown
|
page readonly
|
||
46C9000
|
unkown
|
page read and write
|
||
4D30000
|
unkown
|
page read and write
|
||
730000
|
unkown
|
page readonly
|
||
6600000
|
unkown
|
page readonly
|
||
7FF5326EB000
|
unkown
|
page readonly
|
||
155CE000
|
stack
|
page read and write
|
||
1588C000
|
unkown
|
page read and write
|
||
7FF532568000
|
unkown
|
page readonly
|
||
5220000
|
unkown
|
page read and write
|
||
2A4E000
|
unkown
|
page read and write
|
||
161AF000
|
unkown
|
page read and write
|
||
95D387E000
|
unkown
|
page read and write
|
||
9F57000
|
unkown
|
page read and write
|
||
4A34000
|
unkown
|
page read and write
|
||
7FF5A2A1A000
|
unkown
|
page readonly
|
||
63C0000
|
heap private
|
page read and write
|
||
8E6000
|
unkown
|
page read and write
|
||
E3E72FE000
|
unkown
|
page read and write
|
||
4EB2000
|
unkown
|
page read and write
|
||
2A51000
|
unkown
|
page read and write
|
||
6A60000
|
unkown
|
page read and write
|
||
156C2000
|
unkown
|
page read and write
|
||
207CA488000
|
unkown
|
page read and write
|
||
7FF5A2D67000
|
unkown
|
page readonly
|
||
2ACFD391000
|
heap default
|
page read and write
|
||
C1DB579000
|
unkown
|
page read and write
|
||
2821000
|
unkown
|
page readonly
|
||
2A57000
|
unkown
|
page readonly
|
||
2A50000
|
unkown
|
page read and write
|
||
158B0000
|
unkown
|
page read and write
|
||
7FF5F3CB7000
|
unkown
|
page readonly
|
||
7FF5A2D96000
|
unkown
|
page readonly
|
||
460E000
|
unkown
|
page read and write
|
||
EA0000
|
heap default
|
page read and write
|
||
2AFA000
|
stack
|
page read and write
|
||
42F000
|
unkown
|
page read and write
|
||
322B000
|
unkown
|
page read and write
|
||
EAB000
|
heap default
|
page read and write
|
||
1C22AC8A000
|
unkown
|
page read and write
|
||
3070000
|
unkown
|
page readonly
|
||
2ACFDB20000
|
unkown
|
page readonly
|
||
7FF5F37D6000
|
unkown
|
page readonly
|
||
2841000
|
unkown
|
page readonly
|
||
14F27000
|
unkown
|
page read and write
|
||
14FD2000
|
unkown
|
page read and write
|
||
14B20000
|
unkown
|
page read and write
|
||
207CAC02000
|
unkown
|
page read and write
|
||
4E2A000
|
unkown
|
page read and write
|
||
9D7E000
|
unkown
|
page read and write
|
||
5224000
|
unkown
|
page read and write
|
||
2A4F000
|
unkown
|
page read and write
|
||
23A6000
|
unkown
|
page readonly
|
||
7FF5F3BD4000
|
unkown
|
page readonly
|
||
7170000
|
unkown
|
page read and write
|
||
53D7000
|
unkown
|
page read and write
|
||
8090000
|
unkown
|
page read and write
|
||
14FEB000
|
unkown
|
page read and write
|
||
323B000
|
unkown
|
page read and write
|
||
7FF5F3C36000
|
unkown
|
page readonly
|
||
9FC5000
|
unkown
|
page read and write
|
||
15369000
|
unkown
|
page read and write
|
||
4611000
|
unkown
|
page read and write
|
||
A3CA000
|
unkown
|
page read and write
|
||
3213000
|
unkown
|
page read and write
|
||
5990000
|
unkown
|
page readonly
|
||
327D000
|
unkown
|
page read and write
|
||
7FF537826000
|
unkown
|
page readonly
|
||
4D39000
|
unkown
|
page read and write
|
||
7FF532391000
|
unkown
|
page readonly
|
||
2A4F000
|
unkown
|
page read and write
|
||
7020000
|
unkown
|
page read and write
|
||
22D7000
|
unkown
|
page readonly
|
||
4701000
|
unkown
|
page read and write
|
||
2ACFE0F0000
|
unkown
|
page read and write
|
||
2A30000
|
heap default
|
page read and write
|
||
26B49947000
|
unkown
|
page read and write
|
||
23DD000
|
unkown
|
page readonly
|
||
485E000
|
unkown
|
page read and write
|
||
ADC2D7F000
|
unkown
|
page read and write
|
||
26B47B56000
|
unkown
|
page read and write
|
||
207CA44E000
|
unkown
|
page read and write
|
||
2A49000
|
unkown
|
page read and write
|
||
2C3E000
|
unkown
|
page readonly
|
||
29AF0102000
|
unkown
|
page read and write
|
||
2747000
|
unkown
|
page readonly
|
||
14BAC000
|
unkown
|
page read and write
|
||
F9FA07D000
|
unkown
|
page read and write
|
||
4EAF000
|
unkown
|
page read and write
|
||
2B9E000
|
unkown
|
page read and write
|
||
7FF5F3BA5000
|
unkown
|
page readonly
|
||
14FD2000
|
unkown
|
page read and write
|
||
7FF5326D4000
|
unkown
|
page readonly
|
||
266E000
|
unkown
|
page readonly
|
||
7FF53263D000
|
unkown
|
page readonly
|
||
1C22AC50000
|
unkown
|
page read and write
|
||
2BA5000
|
unkown
|
page readonly
|
||
471E000
|
unkown
|
page read and write
|
||
7FF5A2DA7000
|
unkown
|
page readonly
|
||
15374000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
14B27000
|
unkown
|
page read and write
|
||
7FF5F39E2000
|
unkown
|
page readonly
|
||
234D000
|
unkown
|
page readonly
|
||
15EBC000
|
unkown
|
page read and write
|
||
7FF5F3C16000
|
unkown
|
page readonly
|
||
7FF5F3CCA000
|
unkown
|
page readonly
|
||
32AE000
|
unkown
|
page read and write
|
||
2301000
|
unkown
|
page readonly
|
||
2ACFDED0000
|
unkown
|
page read and write
|
||
A597000
|
unkown
|
page read and write
|
||
7FF53714E000
|
unkown
|
page readonly
|
||
4ED4000
|
unkown
|
page read and write
|
||
29AF0009000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
C1DB3FA000
|
unkown
|
page read and write
|
||
4DBB000
|
unkown
|
page read and write
|
||
4E8E000
|
unkown
|
page read and write
|
||
2ACFDE70000
|
unkown
|
page read and write
|
||
5242000
|
unkown
|
page read and write
|
||
2A4F000
|
unkown
|
page read and write
|
||
25CE000
|
unkown
|
page readonly
|
||
2ACFD39E000
|
unkown
|
page read and write
|
||
2BAC000
|
unkown
|
page read and write
|
||
3676000
|
heap private
|
page read and write
|
||
2771000
|
unkown
|
page readonly
|
||
327D000
|
unkown
|
page read and write
|
||
2A90000
|
heap default
|
page read and write
|
||
2A95000
|
heap default
|
page read and write
|
||
158AC000
|
unkown
|
page read and write
|
||
7FF5F3B00000
|
unkown
|
page readonly
|
||
740D0000
|
unkown image
|
page readonly
|
||
7FF5F38B8000
|
unkown
|
page readonly
|
||
164EA000
|
unkown
|
page read and write
|
||
156BE000
|
unkown
|
page read and write
|
||
2D7F000
|
unkown
|
page read and write
|
||
207CA600000
|
unkown
|
page readonly
|
||
720000
|
unkown
|
page read and write
|
||
51D2000
|
unkown
|
page read and write
|
||
207CA350000
|
heap default
|
page read and write
|
||
5245000
|
unkown
|
page read and write
|
||
7FF5EDBD6000
|
unkown
|
page readonly
|
||
525F000
|
stack
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
207CA502000
|
unkown
|
page read and write
|
||
2D83000
|
unkown
|
page read and write
|
||
2C5A36D0000
|
unkown
|
page readonly
|
||
231E000
|
unkown
|
page readonly
|
||
7FF532633000
|
unkown
|
page readonly
|
||
4A02000
|
unkown
|
page read and write
|
||
89C000
|
unkown
|
page read and write
|
||
7FF537907000
|
unkown
|
page readonly
|
||
3060000
|
heap private
|
page read and write
|
||
15B70000
|
unkown
|
page readonly
|
||
D70000
|
unkown
|
page readonly
|
||
30AE000
|
unkown
|
page read and write
|
||
7FF5A2C25000
|
unkown
|
page readonly
|
||
4D66000
|
unkown
|
page read and write
|
||
6F3000
|
stack
|
page read and write
|
||
7FF5F3CA7000
|
unkown
|
page readonly
|
||
53E8000
|
unkown
|
page read and write
|
||
7FF5F3AE6000
|
unkown
|
page readonly
|
||
DEE000
|
unkown
|
page read and write
|
||
2891000
|
unkown
|
page readonly
|
||
A0EA000
|
unkown
|
page read and write
|
||
2312000
|
unkown
|
page readonly
|
||
4D2E000
|
unkown
|
page read and write
|
||
2337000
|
unkown
|
page readonly
|
||
2A51000
|
unkown
|
page read and write
|
||
288C000
|
unkown
|
page read and write
|
||
207CA360000
|
unkown
|
page readonly
|
||
2A4F000
|
unkown
|
page read and write
|
||
702E0000
|
unkown image
|
page readonly
|
||
A787000
|
unkown
|
page read and write
|
||
4D8D000
|
unkown
|
page read and write
|
||
C1DB67D000
|
unkown
|
page read and write
|
||
1587D000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
2538000
|
unkown
|
page readonly
|
||
1C22AD02000
|
unkown
|
page read and write
|
||
207CA470000
|
unkown
|
page read and write
|
||
2717000
|
unkown
|
page readonly
|
||
2333000
|
unkown
|
page readonly
|
||
6D20000
|
unkown
|
page read and write
|
||
24E3000
|
unkown
|
page readonly
|
||
14F27000
|
unkown
|
page read and write
|
||
4DD5000
|
unkown
|
page read and write
|
||
2C5A3455000
|
unkown
|
page read and write
|
||
50FF000
|
stack
|
page read and write
|
||
4FFE000
|
unkown
|
page read and write
|
||
9E02000
|
unkown
|
page read and write
|
||
28A5000
|
unkown
|
page readonly
|
||
2A52000
|
unkown
|
page read and write
|
||
53ED000
|
unkown
|
page read and write
|
||
6AE99000
|
unkown image
|
page readonly
|
||
2ACFD397000
|
unkown
|
page read and write
|
||
4DD1000
|
unkown
|
page read and write
|
||
26B47A88000
|
unkown
|
page read and write
|
||
3286000
|
unkown
|
page read and write
|
||
207CA6D0000
|
unkown
|
page readonly
|
||
6AE00000
|
unkown image
|
page readonly
|
||
3550000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
2ACFD3AB000
|
unkown
|
page read and write
|
||
4827000
|
unkown
|
page read and write
|
||
29AF0054000
|
unkown
|
page read and write
|
||
2A4E000
|
unkown
|
page read and write
|
||
7FF53784D000
|
unkown
|
page readonly
|
||
7FF5DFE9A000
|
unkown
|
page readonly
|
||
156BE000
|
unkown
|
page read and write
|
||
151DF000
|
unkown
|
page read and write
|
||
3190000
|
heap private
|
page read and write
|
||
9D80000
|
unkown
|
page read and write
|
||
A174DCE000
|
unkown
|
page read and write
|
||
107F000
|
stack
|
page read and write
|
||
7FF5DFF27000
|
unkown
|
page readonly
|
||
A337000
|
unkown
|
page read and write
|
||
2A6C000
|
unkown
|
page read and write
|
||
27138E00000
|
unkown
|
page read and write
|
||
CCC000
|
unkown
|
page read and write
|
||
14C26000
|
unkown
|
page read and write
|
||
2D02000
|
unkown
|
page execute and read and write
|
||
2B9A000
|
unkown
|
page readonly
|
||
2F1D000
|
unkown
|
page readonly
|
||
481E000
|
unkown
|
page read and write
|
||
2BC8000
|
unkown
|
page read and write
|
||
27138F02000
|
unkown
|
page read and write
|
||
2CBE000
|
unkown
|
page read and write
|
||
4E94000
|
unkown
|
page read and write
|
||
284A000
|
unkown
|
page execute and read and write
|
||
7020000
|
unkown
|
page read and write
|
||
29C9000
|
unkown
|
page readonly
|
||
327F000
|
unkown
|
page read and write
|
||
2C5A346F000
|
unkown
|
page read and write
|
||
27139050000
|
unkown
|
page readonly
|
||
25DD000
|
unkown
|
page readonly
|
||
14F24000
|
unkown
|
page read and write
|
||
14FD2000
|
unkown
|
page read and write
|
||
95D35CB000
|
unkown
|
page read and write
|
||
35B0000
|
unkown
|
page readonly
|
||
4D87000
|
unkown
|
page read and write
|
||
A341000
|
unkown
|
page read and write
|
||
2862000
|
unkown
|
page execute and read and write
|
||
322D000
|
unkown
|
page read and write
|
||
890000
|
unkown
|
page read and write
|
||
53D8000
|
unkown
|
page read and write
|
||
14C75000
|
unkown
|
page read and write
|
||
2F85000
|
unkown
|
page readonly
|
||
158ED000
|
unkown
|
page read and write
|
||
2BAB000
|
unkown
|
page readonly
|
||
51DC000
|
unkown
|
page read and write
|
||
27E0000
|
heap default
|
page read and write
|
||
29AEFFC0000
|
unkown
|
page readonly
|
||
53D8000
|
unkown
|
page read and write
|
||
740DB000
|
unkown image
|
page read and write
|
||
32A6000
|
unkown
|
page read and write
|
||
4E00000
|
unkown
|
page read and write
|
||
4C5F000
|
unkown
|
page read and write
|
||
2D46000
|
unkown
|
page execute and read and write
|
||
2528000
|
unkown
|
page readonly
|
||
53F4000
|
unkown
|
page read and write
|
||
246B000
|
unkown
|
page readonly
|
||
4E9E000
|
unkown
|
page read and write
|
||
2A52000
|
unkown
|
page read and write
|
||
62E0000
|
heap private
|
page read and write
|
||
C1DB6FC000
|
unkown
|
page read and write
|
||
53E3000
|
unkown
|
page read and write
|
||
2A4F000
|
unkown
|
page read and write
|
||
2852000
|
unkown
|
page execute and read and write
|
||
28D3000
|
unkown
|
page readonly
|
||
28AC000
|
unkown
|
page read and write
|
||
26B47990000
|
unkown
|
page readonly
|
||
9B6B000
|
unkown
|
page read and write
|
||
4E1F000
|
unkown
|
page read and write
|
||
7D7000
|
heap default
|
page read and write
|
||
502E000
|
unkown
|
page read and write
|
||
15C60000
|
unkown
|
page read and write
|
||
7FF5DFF2D000
|
unkown
|
page readonly
|
||
29AF0029000
|
unkown
|
page read and write
|
||
7FF5326D7000
|
unkown
|
page readonly
|
||
322A000
|
unkown
|
page read and write
|
||
1582E000
|
unkown
|
page read and write
|
||
2A4F000
|
unkown
|
page read and write
|
||
8D1000
|
unkown
|
page read and write
|
||
232B000
|
unkown
|
page readonly
|
||
2F1B000
|
stack
|
page read and write
|
||
14FDB000
|
unkown
|
page read and write
|
||
53D7000
|
unkown
|
page read and write
|
||
4910000
|
unkown
|
page read and write
|
||
323B000
|
unkown
|
page read and write
|
||
3510000
|
unkown
|
page readonly
|
||
4C51000
|
unkown
|
page read and write
|
||
157F7000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
2ACFD3B8000
|
unkown
|
page read and write
|
||
6E01000
|
unkown
|
page read and write
|
||
15264000
|
unkown
|
page read and write
|
||
2653000
|
unkown
|
page execute and read and write
|
||
7FF537832000
|
unkown
|
page readonly
|
||
7FF5DFB38000
|
unkown
|
page readonly
|
||
7FF532679000
|
unkown
|
page readonly
|
||
28FD000
|
unkown
|
page readonly
|
||
7FF5F3CE3000
|
unkown
|
page readonly
|
||
24EE000
|
unkown
|
page readonly
|
||
A2E7000
|
unkown
|
page read and write
|
||
6E98000
|
unkown
|
page read and write
|
||
8E6000
|
unkown
|
page read and write
|
||
27BC000
|
unkown
|
page read and write
|
||
4DCB000
|
unkown
|
page read and write
|
||
7FF5ED90F000
|
unkown
|
page readonly
|
||
C77C4FF000
|
unkown
|
page read and write
|
||
8F1000
|
unkown
|
page read and write
|
||
16694000
|
unkown
|
page read and write
|
||
3297000
|
unkown
|
page read and write
|
||
2CD9000
|
unkown
|
page read and write
|
||
C70000
|
unkown
|
page read and write
|
||
53E5000
|
unkown
|
page read and write
|
||
2A4F000
|
unkown
|
page read and write
|
||
6EDA000
|
unkown
|
page read and write
|
||
7FF535859000
|
unkown
|
page readonly
|
||
2CF2000
|
unkown
|
page execute and read and write
|
||
4E0D000
|
unkown
|
page read and write
|
||
28A8000
|
unkown
|
page readonly
|
||
2F1A000
|
unkown
|
page readonly
|
||
8A0000
|
heap default
|
page read and write
|
||
2A4F000
|
unkown
|
page read and write
|
||
15322000
|
unkown
|
page read and write
|
||
59E000
|
stack
|
page read and write
|
||
8E6000
|
unkown
|
page read and write
|
||
4EC4000
|
unkown
|
page read and write
|
||
4D97000
|
unkown
|
page read and write
|
||
7FF5F3BC7000
|
unkown
|
page readonly
|
||
14DBE000
|
unkown
|
page read and write
|
||
1514F000
|
unkown
|
page read and write
|
||
4D24000
|
unkown
|
page read and write
|
||
10B0000
|
heap private
|
page read and write
|
||
4ECE000
|
unkown
|
page read and write
|
||
56CE000
|
stack
|
page read and write
|
||
7FF532677000
|
unkown
|
page readonly
|
||
1EC000
|
stack
|
page read and write
|
||
7FF5F3CF2000
|
unkown
|
page readonly
|
||
523E000
|
unkown
|
page read and write
|
||
880000
|
unkown
|
page read and write
|
||
7020000
|
unkown
|
page read and write
|
||
1524E000
|
unkown
|
page read and write
|
||
7FF5EDB97000
|
unkown
|
page readonly
|
||
245B000
|
unkown
|
page readonly
|
||
1509E000
|
unkown
|
page read and write
|
||
26B497E0000
|
unkown
|
page read and write
|
||
9EDF000
|
unkown
|
page read and write
|
||
2AA0000
|
unkown
|
page readonly
|
||
270D000
|
unkown
|
page readonly
|
||
2FF8000
|
unkown
|
page readonly
|
||
15E2E000
|
unkown
|
page read and write
|
||
346E000
|
stack
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
7FF5A2DA2000
|
unkown
|
page readonly
|
||
283A000
|
unkown
|
page readonly
|
||
2CDE000
|
unkown
|
page read and write
|
||
7FF537148000
|
unkown
|
page readonly
|
||
2C5A3402000
|
unkown
|
page read and write
|
||
5930000
|
heap private
|
page read and write
|
||
A0D000
|
heap default
|
page read and write
|
||
7FF5357FF000
|
unkown
|
page readonly
|
||
4D40000
|
unkown
|
page read and write
|
||
4E4C000
|
unkown
|
page read and write
|
||
A1752F7000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
2A53000
|
unkown
|
page read and write
|
||
A892000
|
unkown
|
page read and write
|
||
2227000
|
unkown
|
page readonly
|
||
7D0000
|
unkown
|
page readonly
|
||
2C5A343C000
|
unkown
|
page read and write
|
||
7FF5EDAEF000
|
unkown
|
page readonly
|
||
1528B000
|
unkown
|
page read and write
|
||
7FF5A2D51000
|
unkown
|
page readonly
|
||
53D1000
|
unkown
|
page read and write
|
||
2C5A3502000
|
unkown
|
page read and write
|
||
15DC0000
|
unkown
|
page read and write
|
||
2ACFD575000
|
heap private
|
page read and write
|
||
D30000
|
unkown
|
page readonly
|
||
6D83000
|
unkown
|
page read and write
|
||
4E44000
|
unkown
|
page read and write
|
||
14EF1000
|
unkown
|
page read and write
|
||
7FF5A2CA1000
|
unkown
|
page readonly
|
||
7FF5DFD80000
|
unkown
|
page readonly
|
||
16810000
|
heap private
|
page read and write
|
||
6F1C000
|
unkown
|
page read and write
|
||
280B000
|
unkown
|
page readonly
|
||
2782000
|
unkown
|
page readonly
|
||
23DE000
|
unkown
|
page readonly
|
||
7FF5ED3D7000
|
unkown
|
page readonly
|
||
2B35000
|
heap private
|
page read and write
|
||
7FF5DFF3B000
|
unkown
|
page readonly
|
||
4E3D000
|
unkown
|
page read and write
|
||
2C49000
|
unkown
|
page readonly
|
||
4710000
|
unkown
|
page read and write
|
||
2C08000
|
unkown
|
page readonly
|
||
152AB000
|
unkown
|
page read and write
|
||
15219000
|
unkown
|
page read and write
|
||
2ACFD3CD000
|
unkown
|
page read and write
|
||
241D000
|
unkown
|
page readonly
|
||
4696000
|
unkown
|
page read and write
|
||
2A51000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
8E6000
|
unkown
|
page read and write
|
||
7FF5358C7000
|
unkown
|
page readonly
|
||
A42F000
|
unkown
|
page read and write
|
||
4CA0000
|
unkown
|
page read and write
|
||
26B493A0000
|
unkown
|
page read and write
|
||
7FF5F3A54000
|
unkown
|
page readonly
|
||
9F50000
|
unkown
|
page read and write
|
||
2A3E000
|
unkown
|
page read and write
|
||
2ACFD418000
|
unkown
|
page read and write
|
||
2F30000
|
heap private
|
page read and write
|
||
15318000
|
unkown
|
page read and write
|
||
32A7000
|
unkown
|
page read and write
|
||
48ED000
|
unkown
|
page read and write
|
||
7FF5324BA000
|
unkown
|
page readonly
|
||
2B90000
|
heap default
|
page read and write
|
||
2D75000
|
heap private
|
page read and write
|
||
1581E000
|
unkown
|
page read and write
|
||
7FF5DFF77000
|
unkown
|
page readonly
|
||
4E1A000
|
unkown
|
page read and write
|
||
7FF532530000
|
unkown
|
page readonly
|
||
7FF5322D0000
|
unkown
|
page readonly
|
||
53EE000
|
unkown
|
page read and write
|
||
27138E44000
|
unkown
|
page read and write
|
||
C1DB47F000
|
unkown
|
page read and write
|
||
71B000
|
unkown
|
page read and write
|
||
ADC2F7F000
|
unkown
|
page read and write
|
||
1AD000
|
unkown
|
page read and write
|
||
3204000
|
unkown
|
page read and write
|
||
7FF5A2CED000
|
unkown
|
page readonly
|
||
8F1000
|
unkown
|
page read and write
|
||
C77C3F7000
|
unkown
|
page read and write
|
||
3251000
|
unkown
|
page read and write
|
||
28F0000
|
unkown
|
page read and write
|
||
46F2000
|
unkown
|
page read and write
|
||
3238000
|
unkown
|
page read and write
|
||
1C22B402000
|
unkown
|
page read and write
|
||
2A38000
|
heap default
|
page read and write
|
||
7FF5F3A30000
|
unkown
|
page readonly
|
||
15759000
|
unkown
|
page read and write
|
||
14FEB000
|
unkown
|
page read and write
|
||
7FF5DFCEF000
|
unkown
|
page readonly
|
||
9D9F000
|
unkown
|
page read and write
|
||
278D000
|
unkown
|
page readonly
|
||
4D6F000
|
unkown
|
page read and write
|
||
7FF5EDBD3000
|
unkown
|
page readonly
|
||
285A000
|
unkown
|
page execute and read and write
|
||
14C66000
|
unkown
|
page read and write
|
||
97E000
|
unkown
|
page read and write
|
||
9B50000
|
unkown
|
page read and write
|
||
2ECE000
|
unkown
|
page read and write
|
||
2868000
|
unkown
|
page readonly
|
||
4EAF000
|
stack
|
page read and write
|
||
14C3B000
|
unkown
|
page read and write
|
||
8D1000
|
unkown
|
page read and write
|
||
14C1B000
|
unkown
|
page read and write
|
||
28E2000
|
unkown
|
page readonly
|
||
2D00000
|
unkown
|
page readonly
|
||
23EE000
|
unkown
|
page readonly
|
||
C1DB27E000
|
unkown
|
page read and write
|
||
2A4E000
|
unkown
|
page read and write
|
||
282E000
|
unkown
|
page readonly
|
||
15D28000
|
unkown
|
page read and write
|
||
2A4F000
|
unkown
|
page read and write
|
||
325E000
|
unkown
|
page read and write
|
||
7FF5ED9D6000
|
unkown
|
page readonly
|
||
2ACFD57A000
|
heap private
|
page read and write
|
||
7FF53781D000
|
unkown
|
page readonly
|
||
3275000
|
unkown
|
page read and write
|
||
A1753FE000
|
unkown
|
page read and write
|
||
1529F000
|
unkown
|
page read and write
|
||
7FF5DFE47000
|
unkown
|
page readonly
|
||
ADC2B7E000
|
unkown
|
page read and write
|
||
46F4000
|
unkown
|
page read and write
|
||
7FF5A2D57000
|
unkown
|
page readonly
|
||
14FDE000
|
unkown
|
page read and write
|
||
15729000
|
unkown
|
page read and write
|
||
2ACFE120000
|
unkown
|
page readonly
|
||
46EF000
|
unkown
|
page read and write
|
||
207CA400000
|
unkown
|
page read and write
|
||
30C000
|
unkown
|
page read and write
|
||
4E80000
|
unkown
|
page readonly
|
||
2641000
|
unkown
|
page readonly
|
||
327D000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
8D1000
|
unkown
|
page read and write
|
||
8FE000
|
heap default
|
page read and write
|
||
2620000
|
unkown
|
page read and write
|
||
2A4F000
|
unkown
|
page read and write
|
||
9B65000
|
unkown
|
page read and write
|
||
14E00000
|
unkown
|
page read and write
|
||
1582E000
|
unkown
|
page read and write
|
||
32B6000
|
unkown
|
page read and write
|
||
8C0000
|
unkown
|
page read and write
|
||
7FF5A2D54000
|
unkown
|
page readonly
|
||
14E60000
|
unkown
|
page read and write
|
||
207CA43C000
|
unkown
|
page read and write
|
||
2A4E000
|
unkown
|
page read and write
|
||
158BE000
|
unkown
|
page read and write
|
||
1C22AED0000
|
unkown
|
page readonly
|
||
7FF5358B7000
|
unkown
|
page readonly
|
||
41B000
|
unkown
|
page read and write
|
||
322D000
|
unkown
|
page read and write
|
||
7FF5A2D6B000
|
unkown
|
page readonly
|
||
529E000
|
unkown
|
page read and write
|
||
480D000
|
unkown
|
page read and write
|
||
28EC000
|
unkown
|
page readonly
|
||
A358000
|
unkown
|
page read and write
|
||
1536E000
|
unkown
|
page read and write
|
||
207CA413000
|
unkown
|
page read and write
|
||
53D0000
|
unkown
|
page read and write
|
||
4980000
|
unkown
|
page read and write
|
||
14FBA000
|
unkown
|
page read and write
|
||
9DA8000
|
unkown
|
page read and write
|
||
16290000
|
unkown
|
page read and write
|
||
14E98000
|
unkown
|
page read and write
|
||
7FF535718000
|
unkown
|
page readonly
|
||
2C33000
|
unkown
|
page readonly
|
||
9F54000
|
unkown
|
page read and write
|
||
26B479F0000
|
unkown
|
page readonly
|
||
23AE000
|
unkown
|
page readonly
|
||
32B2000
|
unkown
|
page read and write
|
||
4D4D000
|
unkown
|
page read and write
|
||
2ACFD3A4000
|
unkown
|
page read and write
|
||
3236000
|
unkown
|
page read and write
|
||
26B47940000
|
unkown
|
page readonly
|
||
A0FA000
|
unkown
|
page read and write
|
||
4D51000
|
unkown
|
page read and write
|
||
54EF000
|
stack
|
page read and write
|
||
14F24000
|
unkown
|
page read and write
|
||
7FF5326DD000
|
unkown
|
page readonly
|
||
2816000
|
unkown
|
page readonly
|
||
7FF5F3C0D000
|
unkown
|
page readonly
|
||
32BB000
|
unkown
|
page read and write
|
||
48F0000
|
unkown
|
page readonly
|
||
7FF5A2A11000
|
unkown
|
page readonly
|
||
7FF532516000
|
unkown
|
page readonly
|
||
26BD000
|
unkown
|
page read and write
|
||
28B3000
|
unkown
|
page execute and read and write
|
||
2504000
|
unkown
|
page readonly
|
||
327F000
|
unkown
|
page read and write
|
||
690D000
|
unkown
|
page read and write
|
||
A29C000
|
unkown
|
page read and write
|
||
2A52000
|
unkown
|
page read and write
|
||
102E000
|
unkown
|
page read and write
|
||
14FFA000
|
unkown
|
page read and write
|
||
2BD5000
|
heap default
|
page read and write
|
||
7FF5F3BD9000
|
unkown
|
page readonly
|
||
14FA9000
|
unkown
|
page read and write
|
||
28F2000
|
unkown
|
page read and write
|
||
2ACFDE89000
|
unkown
|
page read and write
|
||
9ED8000
|
unkown
|
page read and write
|
||
A3C4000
|
unkown
|
page read and write
|
||
2441000
|
unkown
|
page readonly
|
||
2CD9000
|
unkown
|
page read and write
|
||
2A52000
|
unkown
|
page read and write
|
||
23E3000
|
unkown
|
page readonly
|
||
2ACFD3E3000
|
unkown
|
page read and write
|
||
2A4E000
|
unkown
|
page read and write
|
||
207CA513000
|
unkown
|
page read and write
|
||
232E000
|
unkown
|
page readonly
|
||
8D7000
|
heap default
|
page read and write
|
||
2321000
|
unkown
|
page readonly
|
||
323C000
|
unkown
|
page read and write
|
||
3229000
|
unkown
|
page read and write
|
||
15CDD000
|
unkown
|
page read and write
|
||
6F1C000
|
unkown
|
page read and write
|
||
7FF5F3A6F000
|
unkown
|
page readonly
|
||
15DBA000
|
unkown
|
page read and write
|
||
2ACFE1A0000
|
unkown
|
page read and write
|
||
5940000
|
unkown
|
page readonly
|
||
47E8000
|
unkown
|
page read and write
|
||
7FF5EDB37000
|
unkown
|
page readonly
|
||
4DA5000
|
unkown
|
page read and write
|
||
160CE000
|
unkown
|
page read and write
|
||
157E7000
|
unkown
|
page read and write
|
||
2D60000
|
unkown
|
page readonly
|
||
1581E000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
7FF5DFB46000
|
unkown
|
page readonly
|
||
ADC29F5000
|
unkown
|
page read and write
|
||
9DF9000
|
unkown
|
page read and write
|
||
1538D000
|
unkown
|
page read and write
|
||
7FF5F3BA7000
|
unkown
|
page readonly
|
||
4831000
|
unkown
|
page read and write
|
||
7FF5DFF66000
|
unkown
|
page readonly
|
||
6A0C000
|
stack
|
page read and write
|
||
A1E000
|
heap default
|
page read and write
|
||
14F27000
|
unkown
|
page read and write
|
||
7FF53782A000
|
unkown
|
page readonly
|
||
51D5000
|
unkown
|
page read and write
|
||
323C000
|
unkown
|
page read and write
|
||
2810000
|
unkown
|
page execute and read and write
|
||
7FF5377FF000
|
unkown
|
page readonly
|
||
5229000
|
unkown
|
page read and write
|
||
A34B000
|
unkown
|
page read and write
|
||
7FF5EDB12000
|
unkown
|
page readonly
|
||
151BE000
|
unkown
|
page read and write
|
||
4DA1000
|
unkown
|
page read and write
|
||
7FF5A2C9F000
|
unkown
|
page readonly
|
||
2918000
|
unkown
|
page readonly
|
||
24F3000
|
unkown
|
page readonly
|
||
29AF02D0000
|
unkown
|
page readonly
|
||
2FEE000
|
stack
|
page read and write
|
||
7E0000
|
unkown
|
page readonly
|
||
24B1000
|
unkown
|
page readonly
|
||
7FF537785000
|
unkown
|
page readonly
|
||
1583E000
|
unkown
|
page read and write
|
||
3252000
|
unkown
|
page read and write
|
||
155D0000
|
unkown
|
page readonly
|
||
15F0A000
|
unkown
|
page read and write
|
||
156BE000
|
unkown
|
page read and write
|
||
327D000
|
unkown
|
page read and write
|
||
7020000
|
unkown
|
page read and write
|
||
9DB000
|
heap default
|
page read and write
|
||
9BE000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
4D9F000
|
unkown
|
page read and write
|
||
2A50000
|
unkown
|
page read and write
|
||
600000
|
unkown
|
page readonly
|
||
7FF5A2CE6000
|
unkown
|
page readonly
|
||
1528B000
|
unkown
|
page read and write
|
||
28CE000
|
unkown
|
page readonly
|
||
C77BD8C000
|
unkown
|
page read and write
|
There are 2146 hidden memdumps, click here to show them.