Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\kS5hYPcgm8.dll,Connectdark
|
 |
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe 'C:\Users\user\Desktop\kS5hYPcgm8.dll',#1
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\kS5hYPcgm8.dll,Mindlake
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\kS5hYPcgm8.dll,Porthigh
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\kS5hYPcgm8.dll,Problemscale
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\kS5hYPcgm8.dll,WingGrass
|
|
|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe 'C:\Users\user\Desktop\kS5hYPcgm8.dll'
|
 |
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe 'C:\Users\user\Desktop\kS5hYPcgm8.dll',#1
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c cd Island
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c cd Island
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c cd Matter m
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c cd Matter m
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c cd Island
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c cd Matter m
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c cd Island
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c cd Matter m
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c cd Island
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c cd Island
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c cd Island
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c cd Matter m
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c cd Matter m
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c cd Matter m
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
There are 24 hidden processes, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF54C71F000
|
unkown
|
page readonly
|
|
|
|
2814000
|
unkown
|
page readonly
|
|
|
|
2974000
|
unkown
|
page readonly
|
|
|
|
20C8BE95000
|
unkown
|
page read and write
|
|
|
|
2BE000
|
unkown
|
page read and write
|
|
|
|
7FF56DF18000
|
unkown
|
page readonly
|
|
|
|
1B23E5B0000
|
unkown
|
page read and write
|
|
|
|
770000
|
unkown
|
page readonly
|
|
|
|
29E7000
|
unkown
|
page readonly
|
|
|
|
2782000
|
unkown
|
page readonly
|
|
|
|
2C12000
|
unkown
|
page readonly
|
|
|
|
62E000
|
unkown
|
page read and write
|
|
|
|
20C8BE13000
|
unkown
|
page read and write
|
|
|
|
2935000
|
unkown
|
page readonly
|
|
|
|
28CD000
|
unkown
|
page readonly
|
|
|
|
20C91320000
|
unkown
|
page read and write
|
|
|
|
360000
|
unkown
|
page readonly
|
|
|
|
43B000
|
unkown
|
page read and write
|
|
|
|
20C8CD00000
|
unkown
|
page read and write
|
|
|
|
7C0000
|
unkown
|
page readonly
|
|
|
|
AEB000
|
unkown
|
page read and write
|
|
|
|
6DCF0000
|
unkown image
|
page readonly
|
|
|
|
33AA000
|
heap default
|
page read and write
|
|
|
|
3270000
|
unkown
|
page readonly
|
|
|
|
294C000
|
unkown
|
page readonly
|
|
|
|
B80000
|
unkown
|
page readonly
|
|
|
|
7FF56DF4E000
|
unkown
|
page readonly
|
|
|
|
28EE000
|
unkown
|
page readonly
|
|
|
|
B70000
|
unkown
|
page readonly
|
|
|
|
29D5000
|
unkown
|
page readonly
|
|
|
|
3250000
|
unkown
|
page read and write
|
|
|
|
D978CFA000
|
unkown
|
page read and write
|
|
|
|
870000
|
heap private
|
page read and write
|
|
|
|
28CD000
|
unkown
|
page readonly
|
|
|
|
7FF54C75B000
|
unkown
|
page readonly
|
|
|
|
7FF56DE8D000
|
unkown
|
page readonly
|
|
|
|
2945000
|
unkown
|
page readonly
|
|
|
|
1F229A63000
|
unkown
|
page read and write
|
|
|
|
41DE000
|
unkown
|
page read and write
|
|
|
|
20C8BF13000
|
unkown
|
page read and write
|
|
|
|
1B23E600000
|
unkown
|
page read and write
|
|
|
|
295D000
|
unkown
|
page readonly
|
|
|
|
6DDD5000
|
unkown image
|
page read and write
|
|
|
|
D978FFA000
|
unkown
|
page read and write
|
|
|
|
29D1000
|
unkown
|
page readonly
|
|
|
|
5D0000
|
unkown
|
page readonly
|
|
|
|
6DD7A000
|
unkown image
|
page readonly
|
|
|
|
29E7000
|
unkown
|
page readonly
|
|
|
|
A40000
|
heap private
|
page read and write
|
|
|
|
7FF56DE0D000
|
unkown
|
page readonly
|
|
|
|
D9796FF000
|
unkown
|
page read and write
|
|
|
|
5C0000
|
unkown
|
page readonly
|
|
|
|
1F229CD0000
|
unkown
|
page readonly
|
|
|
|
597000
|
unkown
|
page read and write
|
|
|
|
7FF54C68D000
|
unkown
|
page readonly
|
|
|
|
2909000
|
unkown
|
page readonly
|
|
|
|
42D0000
|
unkown
|
page read and write
|
|
|
|
2EF0000
|
unkown
|
page readonly
|
|
|
|
7FF54C75D000
|
unkown
|
page readonly
|
|
|
|
68A000
|
heap default
|
page read and write
|
|
|
|
7FF56DE67000
|
unkown
|
page readonly
|
|
|
|
20C8CE00000
|
unkown
|
page readonly
|
|
|
|
20C8C000000
|
unkown
|
page readonly
|
|
|
|
1B23E629000
|
unkown
|
page read and write
|
|
|
|
294C000
|
unkown
|
page readonly
|
|
|
|
20C8C600000
|
unkown
|
page read and write
|
|
|
|
2909000
|
unkown
|
page readonly
|
|
|
|
7FF54C726000
|
unkown
|
page readonly
|
|
|
|
2974000
|
unkown
|
page readonly
|
|
|
|
2DFA000
|
heap default
|
page read and write
|
|
|
|
680000
|
heap default
|
page read and write
|
|
|
|
2955000
|
unkown
|
page readonly
|
|
|
|
AEC9B7F000
|
unkown
|
page read and write
|
|
|
|
29E7000
|
unkown
|
page readonly
|
|
|
|
29D5000
|
unkown
|
page readonly
|
|
|
|
2C75000
|
unkown
|
page readonly
|
|
|
|
2C94000
|
unkown
|
page readonly
|
|
|
|
2914000
|
unkown
|
page readonly
|
|
|
|
2814000
|
unkown
|
page readonly
|
|
|
|
7FF54C72B000
|
unkown
|
page readonly
|
|
|
|
2CFC000
|
unkown
|
page readonly
|
|
|
|
440000
|
unkown
|
page read and write
|
|
|
|
2C34000
|
unkown
|
page readonly
|
|
|
|
2CF1000
|
unkown
|
page readonly
|
|
|
|
1F229A69000
|
unkown
|
page read and write
|
|
|
|
2949000
|
unkown
|
page readonly
|
|
|
|
2910000
|
unkown
|
page readonly
|
|
|
|
29D1000
|
unkown
|
page readonly
|
|
|
|
2935000
|
unkown
|
page readonly
|
|
|
|
6DCF1000
|
unkown image
|
page execute read
|
|
|
|
7A0000
|
unkown
|
page readonly
|
|
|
|
294C000
|
unkown
|
page readonly
|
|
|
|
2814000
|
unkown
|
page readonly
|
|
|
|
1B23EE02000
|
unkown
|
page read and write
|
|
|
|
7FF56DF5F000
|
unkown
|
page readonly
|
|
|
|
20C8C758000
|
unkown
|
page read and write
|
|
|
|
2910000
|
unkown
|
page readonly
|
|
|
|
2C26000
|
unkown
|
page readonly
|
|
|
|
6DCF5000
|
unkown image
|
page read and write
|
|
|
|
2FE0000
|
unkown
|
page readonly
|
|
|
|
2974000
|
unkown
|
page readonly
|
|
|
|
6DDD5000
|
unkown image
|
page read and write
|
|
|
|
29DC000
|
unkown
|
page readonly
|
|
|
|
5E0000
|
unkown
|
page readonly
|
|
|
|
20C8BE41000
|
unkown
|
page read and write
|
|
|
|
D978DFA000
|
unkown
|
page read and write
|
|
|
|
20C8BE58000
|
unkown
|
page read and write
|
|
|
|
7FF56D730000
|
unkown
|
page readonly
|
|
|
|
297D000
|
unkown
|
page readonly
|
|
|
|
6DCF0000
|
unkown image
|
page readonly
|
|
|
|
296D000
|
unkown
|
page readonly
|
|
|
|
790000
|
unkown
|
page readonly
|
|
|
|
2949000
|
unkown
|
page readonly
|
|
|
|
20C8C700000
|
unkown
|
page read and write
|
|
|
|
1F229960000
|
heap default
|
page read and write
|
|
|
|
29E7000
|
unkown
|
page readonly
|
|
|
|
5B0000
|
unkown
|
page readonly
|
|
|
|
2920000
|
unkown
|
page readonly
|
|
|
|
7FF54C6AA000
|
unkown
|
page readonly
|
|
|
|
2778000
|
unkown
|
page readonly
|
|
|
|
1B23E800000
|
unkown
|
page readonly
|
|
|
|
28F2000
|
unkown
|
page readonly
|
|
|
|
6DCFE000
|
unkown image
|
page readonly
|
|
|
|
2920000
|
unkown
|
page readonly
|
|
|
|
20C91640000
|
unkown
|
page read and write
|
|
|
|
7FF56DE57000
|
unkown
|
page readonly
|
|
|
|
570000
|
unkown
|
page readonly
|
|
|
|
1F229A28000
|
unkown
|
page read and write
|
|
|
|
340000
|
unkown
|
page read and write
|
|
|
|
2C55000
|
unkown
|
page readonly
|
|
|
|
29CB000
|
unkown
|
page readonly
|
|
|
|
2E80000
|
heap default
|
page read and write
|
|
|
|
7B0000
|
heap default
|
page read and write
|
|
|
|
60B000
|
heap default
|
page read and write
|
|
|
|
6DD7A000
|
unkown image
|
page readonly
|
|
|
|
2955000
|
unkown
|
page readonly
|
|
|
|
20C912E8000
|
unkown
|
page read and write
|
|
|
|
20C8CE10000
|
unkown
|
page readonly
|
|
|
|
AAC000
|
unkown
|
page read and write
|
|
|
|
2906000
|
unkown
|
page readonly
|
|
|
|
20C8C602000
|
unkown
|
page read and write
|
|
|
|
1B23E5A0000
|
unkown
|
page readonly
|
|
|
|
3280000
|
heap default
|
page read and write
|
|
|
|
7FF54C695000
|
unkown
|
page readonly
|
|
|
|
29CB000
|
unkown
|
page readonly
|
|
|
|
6DDEC000
|
unkown image
|
page read and write
|
|
|
|
1F229B00000
|
unkown
|
page read and write
|
|
|
|
D9790FB000
|
unkown
|
page read and write
|
|
|
|
780000
|
heap private
|
page read and write
|
|
|
|
7FF54C73D000
|
unkown
|
page readonly
|
|
|
|
2C5B000
|
unkown
|
page readonly
|
|
|
|
600000
|
heap default
|
page read and write
|
|
|
|
7FF56DF26000
|
unkown
|
page readonly
|
|
|
|
1B23E702000
|
unkown
|
page read and write
|
|
|
|
800000
|
unkown
|
page readonly
|
|
|
|
20C914B0000
|
unkown
|
page read and write
|
|
|
|
2949000
|
unkown
|
page readonly
|
|
|
|
6DCF0000
|
unkown image
|
page readonly
|
|
|
|
33A0000
|
heap default
|
page read and write
|
|
|
|
7FF56DE99000
|
unkown
|
page readonly
|
|
|
|
293B000
|
unkown
|
page readonly
|
|
|
|
295D000
|
unkown
|
page readonly
|
|
|
|
2BFD000
|
unkown
|
page readonly
|
|
|
|
28DD000
|
unkown
|
page readonly
|
|
|
|
2778000
|
unkown
|
page readonly
|
|
|
|
7FF56DE6C000
|
unkown
|
page readonly
|
|
|
|
1F229A40000
|
unkown
|
page read and write
|
|
|
|
D97927F000
|
unkown
|
page read and write
|
|
|
|
6DD7A000
|
unkown image
|
page readonly
|
|
|
|
900000
|
heap default
|
page read and write
|
|
|
|
1F229900000
|
heap private
|
page read and write
|
|
|
|
29CB000
|
unkown
|
page readonly
|
|
|
|
6DDD5000
|
unkown image
|
page read and write
|
|
|
|
2C79000
|
unkown
|
page readonly
|
|
|
|
6DCF1000
|
unkown image
|
page execute read
|
|
|
|
2D07000
|
unkown
|
page readonly
|
|
|
|
7FF56DC76000
|
unkown
|
page readonly
|
|
|
|
3290000
|
unkown
|
page readonly
|
|
|
|
28F2000
|
unkown
|
page readonly
|
|
|
|
2906000
|
unkown
|
page readonly
|
|
|
|
393000
|
unkown
|
page read and write
|
|
|
|
2945000
|
unkown
|
page readonly
|
|
|
|
6DDED000
|
unkown image
|
page readonly
|
|
|
|
297D000
|
unkown
|
page readonly
|
|
|
|
2D07000
|
unkown
|
page readonly
|
|
|
|
7FF54C72E000
|
unkown
|
page readonly
|
|
|
|
5D0000
|
unkown
|
page readonly
|
|
|
|
1F229A7D000
|
unkown
|
page read and write
|
|
|
|
2D6B000
|
unkown
|
page read and write
|
|
|
|
20C8C718000
|
unkown
|
page read and write
|
|
|
|
292A000
|
unkown
|
page readonly
|
|
|
|
6DDEC000
|
unkown image
|
page read and write
|
|
|
|
20C8BD60000
|
unkown
|
page readonly
|
|
|
|
20C8C615000
|
unkown
|
page read and write
|
|
|
|
7FF54C6C5000
|
unkown
|
page readonly
|
|
|
|
D978BF7000
|
unkown
|
page read and write
|
|
|
|
7FF56DF2E000
|
unkown
|
page readonly
|
|
|
|
20C8BDF0000
|
unkown
|
page read and write
|
|
|
|
1F229B13000
|
unkown
|
page read and write
|
|
|
|
2C7D000
|
unkown
|
page readonly
|
|
|
|
D44D67C000
|
unkown
|
page read and write
|
|
|
|
620000
|
heap default
|
page read and write
|
|
|
|
D97917E000
|
unkown
|
page read and write
|
|
|
|
296D000
|
unkown
|
page readonly
|
|
|
|
28DD000
|
unkown
|
page readonly
|
|
|
|
2949000
|
unkown
|
page readonly
|
|
|
|
28F2000
|
unkown
|
page readonly
|
|
|
|
2782000
|
unkown
|
page readonly
|
|
|
|
4A0000
|
unkown
|
page readonly
|
|
|
|
20C8BC20000
|
heap private
|
page read and write
|
|
|
|
2909000
|
unkown
|
page readonly
|
|
|
|
1B23EB90000
|
unkown
|
page readonly
|
|
|
|
295D000
|
unkown
|
page readonly
|
|
|
|
292A000
|
unkown
|
page readonly
|
|
|
|
2814000
|
unkown
|
page readonly
|
|
|
|
BD0000
|
unkown
|
page readonly
|
|
|
|
2906000
|
unkown
|
page readonly
|
|
|
|
2941000
|
unkown
|
page readonly
|
|
|
|
B50000
|
unkown
|
page read and write
|
|
|
|
2C9D000
|
unkown
|
page readonly
|
|
|
|
2941000
|
unkown
|
page readonly
|
|
|
|
1B23E602000
|
unkown
|
page read and write
|
|
|
|
4C0000
|
unkown
|
page readonly
|
|
|
|
292A000
|
unkown
|
page readonly
|
|
|
|
6DD7A000
|
unkown image
|
page readonly
|
|
|
|
29E7000
|
unkown
|
page readonly
|
|
|
|
2D90000
|
unkown
|
page readonly
|
|
|
|
6DCF1000
|
unkown image
|
page execute read
|
|
|
|
293B000
|
unkown
|
page readonly
|
|
|
|
20C8C718000
|
unkown
|
page read and write
|
|
|
|
1F22A202000
|
unkown
|
page read and write
|
|
|
|
29DC000
|
unkown
|
page readonly
|
|
|
|
20C8BEB1000
|
unkown
|
page read and write
|
|
|
|
1DB000
|
unkown
|
page read and write
|
|
|
|
2910000
|
unkown
|
page readonly
|
|
|
|
7FF56DE4C000
|
unkown
|
page readonly
|
|
|
|
20C91301000
|
unkown
|
page read and write
|
|
|
|
7FF56DD2E000
|
unkown
|
page readonly
|
|
|
|
3370000
|
unkown
|
page readonly
|
|
|
|
421F000
|
unkown
|
page read and write
|
|
|
|
20C8CC20000
|
unkown
|
page read and write
|
|
|
|
7FF56D7A4000
|
unkown
|
page readonly
|
|
|
|
7FF54C66E000
|
unkown
|
page readonly
|
|
|
|
2DF0000
|
heap default
|
page read and write
|
|
|
|
20C8CE40000
|
unkown
|
page readonly
|
|
|
|
20C91310000
|
unkown
|
page read and write
|
|
|
|
29DC000
|
unkown
|
page readonly
|
|
|
|
7FF56DCD7000
|
unkown
|
page readonly
|
|
|
|
6DDED000
|
unkown image
|
page readonly
|
|
|
|
2D67000
|
unkown
|
page read and write
|
|
|
|
292A000
|
unkown
|
page readonly
|
|
|
|
1F22A400000
|
unkown
|
page readonly
|
|
|
|
29D5000
|
unkown
|
page readonly
|
|
|
|
34B0000
|
unkown
|
page readonly
|
|
|
|
7FF54C6A3000
|
unkown
|
page readonly
|
|
|
|
7FF56DEC5000
|
unkown
|
page readonly
|
|
|
|
2C61000
|
unkown
|
page readonly
|
|
|
|
2945000
|
unkown
|
page readonly
|
|
|
|
20C8BE90000
|
unkown
|
page read and write
|
|
|
|
2A98000
|
unkown
|
page readonly
|
|
|
|
7FF54C718000
|
unkown
|
page readonly
|
|
|
|
6DCF0000
|
unkown image
|
page readonly
|
|
|
|
2778000
|
unkown
|
page readonly
|
|
|
|
6DCF0000
|
unkown image
|
page readonly
|
|
|
|
2D90000
|
unkown
|
page readonly
|
|
|
|
3690000
|
heap private
|
page read and write
|
|
|
|
2959000
|
unkown
|
page readonly
|
|
|
|
293B000
|
unkown
|
page readonly
|
|
|
|
2E8A000
|
heap default
|
page read and write
|
|
|
|
7FF56DE10000
|
unkown
|
page readonly
|
|
|
|
2955000
|
unkown
|
page readonly
|
|
|
|
292A000
|
unkown
|
page readonly
|
|
|
|
28CD000
|
unkown
|
page readonly
|
|
|
|
2920000
|
unkown
|
page readonly
|
|
|
|
2CEB000
|
unkown
|
page readonly
|
|
|
|
62A000
|
unkown
|
page read and write
|
|
|
|
2FEB000
|
unkown
|
page read and write
|
|
|
|
1B23E590000
|
unkown
|
page readonly
|
|
|
|
2959000
|
unkown
|
page readonly
|
|
|
|
2D90000
|
unkown
|
page readonly
|
|
|
|
6DDEC000
|
unkown image
|
page read and write
|
|
|
|
2906000
|
unkown
|
page readonly
|
|
|
|
7FF56DF4B000
|
unkown
|
page readonly
|
|
|
|
EE0000
|
unkown
|
page readonly
|
|
|
|
297D000
|
unkown
|
page readonly
|
|
|
|
29E7000
|
unkown
|
page readonly
|
|
|
|
28DD000
|
unkown
|
page readonly
|
|
|
|
5FF000
|
unkown
|
page read and write
|
|
|
|
20C8BEFF000
|
unkown
|
page read and write
|
|
|
|
1B23E623000
|
unkown
|
page read and write
|
|
|
|
2959000
|
unkown
|
page readonly
|
|
|
|
2959000
|
unkown
|
page readonly
|
|
|
|
2914000
|
unkown
|
page readonly
|
|
|
|
6DCF1000
|
unkown image
|
page execute read
|
|
|
|
2920000
|
unkown
|
page readonly
|
|
|
|
6DDED000
|
unkown image
|
page readonly
|
|
|
|
390000
|
unkown
|
page readonly
|
|
|
|
295D000
|
unkown
|
page readonly
|
|
|
|
20C8CE30000
|
unkown
|
page readonly
|
|
|
|
7FF54C744000
|
unkown
|
page readonly
|
|
|
|
7FF54C75F000
|
unkown
|
page readonly
|
|
|
|
2974000
|
unkown
|
page readonly
|
|
|
|
D44DA7B000
|
unkown
|
page read and write
|
|
|
|
6DCF1000
|
unkown image
|
page execute read
|
|
|
|
2935000
|
unkown
|
page readonly
|
|
|
|
2C40000
|
unkown
|
page readonly
|
|
|
|
2782000
|
unkown
|
page readonly
|
|
|
|
28F2000
|
unkown
|
page readonly
|
|
|
|
20C91440000
|
unkown
|
page read and write
|
|
|
|
7FF56DEA3000
|
unkown
|
page readonly
|
|
|
|
2C69000
|
unkown
|
page readonly
|
|
|
|
2778000
|
unkown
|
page readonly
|
|
|
|
6DCFF000
|
unkown image
|
page execute read
|
|
|
|
D97937F000
|
unkown
|
page read and write
|
|
|
|
AEC9AFB000
|
unkown
|
page read and write
|
|
|
|
7FF56DDFD000
|
unkown
|
page readonly
|
|
|
|
6DDED000
|
unkown image
|
page readonly
|
|
|
|
20C8C713000
|
unkown
|
page read and write
|
|
|
|
6DCF0000
|
unkown image
|
page readonly
|
|
|
|
7FF56DF2B000
|
unkown
|
page readonly
|
|
|
|
6DD7A000
|
unkown image
|
page readonly
|
|
|
|
20C8BE7A000
|
unkown
|
page read and write
|
|
|
|
2941000
|
unkown
|
page readonly
|
|
|
|
3380000
|
unkown
|
page readonly
|
|
|
|
28DD000
|
unkown
|
page readonly
|
|
|
|
2914000
|
unkown
|
page readonly
|
|
|
|
2935000
|
unkown
|
page readonly
|
|
|
|
52B000
|
unkown
|
page read and write
|
|
|
|
7FF56DF44000
|
unkown
|
page readonly
|
|
|
|
62A000
|
heap default
|
page read and write
|
|
|
|
297D000
|
unkown
|
page readonly
|
|
|
|
2914000
|
unkown
|
page readonly
|
|
|
|
D44DC7E000
|
unkown
|
page read and write
|
|
|
|
370000
|
unkown
|
page readonly
|
|
|
|
2C4A000
|
unkown
|
page readonly
|
|
|
|
1F22A060000
|
unkown
|
page readonly
|
|
|
|
20C8BD90000
|
unkown
|
page read and write
|
|
|
|
2782000
|
unkown
|
page readonly
|
|
|
|
7FF56DE42000
|
unkown
|
page readonly
|
|
|
|
6DDD8000
|
unkown image
|
page execute and read and write
|
|
|
|
20C8C881000
|
unkown
|
page read and write
|
|
|
|
4EC000
|
unkown
|
page read and write
|
|
|
|
4B0000
|
heap default
|
page read and write
|
|
|
|
20C8C702000
|
unkown
|
page read and write
|
|
|
|
1F229A00000
|
unkown
|
page read and write
|
|
|
|
30F0000
|
unkown
|
page readonly
|
|
|
|
2C65000
|
unkown
|
page readonly
|
|
|
|
28EE000
|
unkown
|
page readonly
|
|
|
|
20C8BE70000
|
unkown
|
page read and write
|
|
|
|
1F229B02000
|
unkown
|
page read and write
|
|
|
|
2920000
|
unkown
|
page readonly
|
|
|
|
D9794FC000
|
unkown
|
page read and write
|
|
|
|
760000
|
unkown
|
page readonly
|
|
|
|
6DCF0000
|
unkown image
|
page readonly
|
|
|
|
450000
|
unkown
|
page readonly
|
|
|
|
6DCF1000
|
unkown image
|
page execute read
|
|
|
|
7FF54C74E000
|
unkown
|
page readonly
|
|
|
|
29D1000
|
unkown
|
page readonly
|
|
|
|
8A0000
|
unkown
|
page readonly
|
|
|
|
2959000
|
unkown
|
page readonly
|
|
|
|
29D1000
|
unkown
|
page readonly
|
|
|
|
550000
|
unkown
|
page read and write
|
|
|
|
DD000
|
unkown
|
page read and write
|
|
|
|
20C8CDF0000
|
unkown
|
page readonly
|
|
|
|
6DDEC000
|
unkown image
|
page read and write
|
|
|
|
2C29000
|
unkown
|
page readonly
|
|
|
|
5E0000
|
heap default
|
page read and write
|
|
|
|
2C30000
|
unkown
|
page readonly
|
|
|
|
20C8C5C1000
|
unkown
|
page read and write
|
|
|
|
7FF56DA91000
|
unkown
|
page readonly
|
|
|
|
1DC000
|
unkown
|
page read and write
|
|
|
|
1F229980000
|
unkown
|
page readonly
|
|
|
|
296D000
|
unkown
|
page readonly
|
|
|
|
2814000
|
unkown
|
page readonly
|
|
|
|
2C0E000
|
unkown
|
page readonly
|
|
|
|
2909000
|
unkown
|
page readonly
|
|
|
|
29D5000
|
unkown
|
page readonly
|
|
|
|
1F229A68000
|
unkown
|
page read and write
|
|
|
|
2C2000
|
unkown
|
page read and write
|
|
|
|
2DB000
|
unkown
|
page read and write
|
|
|
|
720000
|
unkown
|
page readonly
|
|
|
|
296D000
|
unkown
|
page readonly
|
|
|
|
D9787FC000
|
unkown
|
page read and write
|
|
|
|
20C91640000
|
unkown
|
page read and write
|
|
|
|
2941000
|
unkown
|
page readonly
|
|
|
|
28EE000
|
unkown
|
page readonly
|
|
|
|
7FF56DBEA000
|
unkown
|
page readonly
|
|
|
|
1B23E450000
|
heap private
|
page read and write
|
|
|
|
296D000
|
unkown
|
page readonly
|
|
|
|
1F229C00000
|
unkown
|
page readonly
|
|
|
|
6DCF0000
|
unkown image
|
page readonly
|
|
|
|
3A0000
|
heap default
|
page read and write
|
|
|
|
7FF56DF1F000
|
unkown
|
page readonly
|
|
|
|
20C91430000
|
unkown
|
page read and write
|
|
|
|
640000
|
unkown
|
page read and write
|
|
|
|
2E40000
|
unkown
|
page readonly
|
|
|
|
2C6C000
|
unkown
|
page readonly
|
|
|
|
20C91324000
|
unkown
|
page read and write
|
|
|
|
6DDD5000
|
unkown image
|
page read and write
|
|
|
|
2910000
|
unkown
|
page readonly
|
|
|
|
2941000
|
unkown
|
page readonly
|
|
|
|
2B34000
|
unkown
|
page readonly
|
|
|
|
293B000
|
unkown
|
page readonly
|
|
|
|
36A0000
|
unkown
|
page readonly
|
|
|
|
38F000
|
unkown
|
page read and write
|
|
|
|
2BED000
|
unkown
|
page readonly
|
|
|
|
20C912E0000
|
unkown
|
page read and write
|
|
|
|
D9791FF000
|
unkown
|
page read and write
|
|
|
|
590000
|
unkown
|
page read and write
|
|
|
|
20C8BE00000
|
unkown
|
page read and write
|
|
|
|
29E7000
|
unkown
|
page readonly
|
|
|
|
6DDED000
|
unkown image
|
page readonly
|
|
|
|
6DCF0000
|
unkown image
|
page readonly
|
|
|
|
295D000
|
unkown
|
page readonly
|
|
|
|
D978EFF000
|
unkown
|
page read and write
|
|
|
|
880000
|
unkown
|
page readonly
|
|
|
|
20C8BF02000
|
unkown
|
page read and write
|
|
|
|
AEC9BFF000
|
unkown
|
page read and write
|
|
|
|
1F229990000
|
unkown
|
page read and write
|
|
|
|
380000
|
unkown
|
page readonly
|
|
|
|
65A000
|
heap default
|
page read and write
|
|
|
|
2CF5000
|
unkown
|
page readonly
|
|
|
|
2914000
|
unkown
|
page readonly
|
|
|
|
6DCF0000
|
unkown image
|
page readonly
|
|
|
|
D44D97B000
|
unkown
|
page read and write
|
|
|
|
6DCF3000
|
unkown image
|
page readonly
|
|
|
|
3021000
|
unkown
|
page read and write
|
|
|
|
6DDD5000
|
unkown image
|
page read and write
|
|
|
|
6DDEC000
|
unkown image
|
page read and write
|
|
|
|
7FF52A8CF000
|
unkown
|
page readonly
|
|
|
|
29E7000
|
unkown
|
page readonly
|
|
|
|
650000
|
heap default
|
page read and write
|
|
|
|
D9793FF000
|
unkown
|
page read and write
|
|
|
|
38A0000
|
unkown
|
page readonly
|
|
|
|
2906000
|
unkown
|
page readonly
|
|
|
|
6DCF0000
|
unkown image
|
page readonly
|
|
|
|
20C912EE000
|
unkown
|
page read and write
|
|
|
|
630000
|
unkown
|
page readonly
|
|
|
|
2AA2000
|
unkown
|
page readonly
|
|
|
|
28F2000
|
unkown
|
page readonly
|
|
|
|
2955000
|
unkown
|
page readonly
|
|
|
|
2782000
|
unkown
|
page readonly
|
|
|
|
3025000
|
unkown
|
page read and write
|
|
|
|
6DDD5000
|
unkown image
|
page read and write
|
|
|
|
20C8C5E0000
|
unkown
|
page read and write
|
|
|
|
6DDEC000
|
unkown image
|
page read and write
|
|
|
|
2C8D000
|
unkown
|
page readonly
|
|
|
|
1F229A57000
|
unkown
|
page read and write
|
|
|
|
29CB000
|
unkown
|
page readonly
|
|
|
|
297D000
|
unkown
|
page readonly
|
|
|
|
D9792FF000
|
unkown
|
page read and write
|
|
|
|
28EE000
|
unkown
|
page readonly
|
|
|
|
480000
|
unkown
|
page readonly
|
|
|
|
20C8C759000
|
unkown
|
page read and write
|
|
|
|
2949000
|
unkown
|
page readonly
|
|
|
|
20C8BC90000
|
unkown
|
page readonly
|
|
|
|
28CD000
|
unkown
|
page readonly
|
|
|
|
29D1000
|
unkown
|
page readonly
|
|
|
|
7FF56DF5D000
|
unkown
|
page readonly
|
|
|
|
2FD0000
|
heap default
|
page read and write
|
|
|
|
20C8BEBD000
|
unkown
|
page read and write
|
|
|
|
20C913B0000
|
unkown
|
page read and write
|
|
|
|
1F229A13000
|
unkown
|
page read and write
|
|
|
|
3DB000
|
unkown
|
page read and write
|
|
|
|
6DDEC000
|
unkown image
|
page read and write
|
|
|
|
20C8BE8C000
|
unkown
|
page read and write
|
|
|
|
20C8C390000
|
unkown
|
page readonly
|
|
|
|
890000
|
heap private
|
page read and write
|
|
|
|
6DDED000
|
unkown image
|
page readonly
|
|
|
|
20C8C5F0000
|
unkown
|
page read and write
|
|
|
|
580000
|
unkown
|
page readonly
|
|
|
|
6DCF0000
|
unkown image
|
page readonly
|
|
|
|
1B23E4B0000
|
heap default
|
page read and write
|
|
|
|
20C91304000
|
unkown
|
page read and write
|
|
|
|
20C8BE76000
|
unkown
|
page read and write
|
|
|
|
7FF56DA66000
|
unkown
|
page readonly
|
|
|
|
20C914B6000
|
unkown
|
page read and write
|
|
|
|
20C8CDE0000
|
unkown
|
page readonly
|
|
|
|
20C8BDF3000
|
unkown
|
page read and write
|
|
|
|
1F229A02000
|
unkown
|
page read and write
|
|
|
|
2909000
|
unkown
|
page readonly
|
|
|
|
6DCF6000
|
unkown image
|
page readonly
|
|
|
|
294C000
|
unkown
|
page readonly
|
|
|
|
20C8BEA0000
|
unkown
|
page read and write
|
|
|
|
7FF54C74B000
|
unkown
|
page readonly
|
|
|
|
29DC000
|
unkown
|
page readonly
|
|
|
|
2945000
|
unkown
|
page readonly
|
|
|
|
2945000
|
unkown
|
page readonly
|
|
|
|
7FF56DE17000
|
unkown
|
page readonly
|
|
|
|
7FF54C699000
|
unkown
|
page readonly
|
|
|
|
D44DB7F000
|
unkown
|
page read and write
|
|
|
|
6DDED000
|
unkown image
|
page readonly
|
|
|
|
6DD7A000
|
unkown image
|
page readonly
|
|
|
|
32A0000
|
heap private
|
page read and write
|
|
|
|
3360000
|
unkown
|
page readonly
|
|
|
|
294C000
|
unkown
|
page readonly
|
|
|
|
20C8BC80000
|
heap default
|
page read and write
|
|
|
|
20C8BD80000
|
unkown
|
page read and write
|
|
|
|
20C8BD70000
|
unkown
|
page readonly
|
|
|
|
6DCF1000
|
unkown image
|
page execute read
|
|
|
|
28DD000
|
unkown
|
page readonly
|
|
|
|
1F229970000
|
unkown
|
page readonly
|
|
|
|
28EE000
|
unkown
|
page readonly
|
|
|
|
7FF56DEAA000
|
unkown
|
page readonly
|
|
|
|
7FF56DE95000
|
unkown
|
page readonly
|
|
|
|
20C912E0000
|
unkown
|
page read and write
|
|
|
|
6DD7A000
|
unkown image
|
page readonly
|
|
|
|
2778000
|
unkown
|
page readonly
|
|
|
|
29D5000
|
unkown
|
page readonly
|
|
|
|
29E7000
|
unkown
|
page readonly
|
|
|
|
6DCF0000
|
unkown image
|
page readonly
|
|
|
|
20C8BE29000
|
unkown
|
page read and write
|
|
|
|
59B000
|
unkown
|
page read and write
|
|
|
|
800000
|
unkown
|
page readonly
|
|
|
|
7FF56DF3D000
|
unkown
|
page readonly
|
|
|
|
CA0000
|
heap private
|
page read and write
|
|
|
|
29C000
|
unkown
|
page read and write
|
|
|
|
39D000
|
unkown
|
page read and write
|
|
|
|
6DCF0000
|
unkown image
|
page readonly
|
|
|
|
29CB000
|
unkown
|
page readonly
|
|
|
|
7FF56D5EC000
|
unkown
|
page readonly
|
|
|
|
1B23E4C0000
|
unkown
|
page readonly
|
|
|
|
29DC000
|
unkown
|
page readonly
|
|
|
|
2955000
|
unkown
|
page readonly
|
|
|
|
29E7000
|
unkown
|
page readonly
|
|
|
|
2935000
|
unkown
|
page readonly
|
|
|
|
7FF56DF5F000
|
unkown
|
page readonly
|
|
|
|
890000
|
unkown
|
page readonly
|
|
|
|
6DDD5000
|
unkown image
|
page read and write
|
|
|
|
7FF54C75F000
|
unkown
|
page readonly
|
|
|
|
293B000
|
unkown
|
page readonly
|
|
|
|
1B23E613000
|
unkown
|
page read and write
|
|
|
|
28CD000
|
unkown
|
page readonly
|
|
|
|
2910000
|
unkown
|
page readonly
|
|
|
|
20C8CE20000
|
unkown
|
page readonly
|
|
|
|
32B0000
|
unkown
|
page readonly
|
|
|
|
2FAD000
|
unkown
|
page read and write
|
|
|
|
2974000
|
unkown
|
page readonly
|
|
|
|
20C91640000
|
unkown
|
page read and write
|
|
There are 529 hidden memdumps, click here to show them.