IOC Report

loading gif

Files

File Path
Type
Category
Malicious
eLZzxG56uH.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\Users\user\AppData\LocalLow\1xVPfvJcrg
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\LocalLow\RYwTiizs2t
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\LocalLow\U9ijEleEIk4.zip
Zip archive data, at least v2.0 to extract
dropped
 clean
C:\Users\user\AppData\LocalLow\frAQBc8Wsa
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\LocalLow\rQF69AzBla
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\LocalLow\screen.jpeg
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x1024, frames 3
dropped
 clean
C:\Users\user\AppData\LocalLow\sqlite3.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\AccessibleHandler.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\AccessibleMarshal.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\IA2Marshal.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\MapiProxy.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\MapiProxy_InUse.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-core-file-l1-2-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-core-file-l2-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-core-handle-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-core-heap-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-core-interlocked-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-core-libraryloader-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-core-localization-l1-2-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-core-memory-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-core-namedpipe-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-core-processenvironment-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-core-processthreads-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-core-processthreads-l1-1-1.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-core-profile-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-core-rtlsupport-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-core-string-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-core-synch-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-core-synch-l1-2-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-core-sysinfo-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-core-timezone-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-core-util-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-crt-conio-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-crt-convert-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-crt-environment-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-crt-filesystem-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-crt-heap-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-crt-locale-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-crt-math-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-crt-multibyte-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-crt-private-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-crt-process-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-crt-runtime-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-crt-stdio-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-crt-string-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-crt-time-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\api-ms-win-crt-utility-l1-1-0.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\breakpadinjector.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\freebl3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\ldap60.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\ldif60.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\lgpllibs.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\libEGL.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\mozMapi32.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\mozMapi32_InUse.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\mozglue.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\msvcp140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\nss3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\nssckbi.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\nssdbm3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\pB4pD1lB4sD3.zip
Zip archive data, at least v2.0 to extract
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\prldap60.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\qipcap.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\softokn3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\ucrtbase.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\uS0wV5wY9qH3\vcruntime140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\LocalLow\yH9tY9hO9gL5
ASCII text, with CRLF, CR line terminators
dropped
 clean
\Device\Null
ASCII text, with CRLF line terminators, with overstriking
dropped
 clean
There are 59 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\eLZzxG56uH.exe
'C:\Users\user\Desktop\eLZzxG56uH.exe'
malicious
C:\Windows\SysWOW64\cmd.exe
cmd.exe /C timeout /T 10 /NOBREAK > Nul & Del /f /q 'C:\Users\user\Desktop\eLZzxG56uH.exe'
 malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
 clean
C:\Windows\SysWOW64\timeout.exe
timeout /T 10 /NOBREAK
clean
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
 clean

URLs

Name
IP
Malicious
http://185.138.164.150//l/f/-pEuK3wB3dP17SpzG6pB/7320aabda7ae3fb6c8f203b55593b70ca4e3db6f
185.138.164.150
 malicious
http://185.138.164.150//l/f/-pEuK3wB3dP17SpzG6pB/21cbbf099c71cc43b2b903c1329c99a4ee8b02a9
185.138.164.150
 malicious
http://185.138.164.150/
185.138.164.150
 malicious
https://duckduckgo.com/chrome_newtab
unknown
 clean
http://crl.netsolssl.com/NetworkSolutionsCertificateAuthority.crl0
unknown
 clean
http://fedir.comsign.co.il/crl/ComSignCA.crl0
unknown
 clean
https://duckduckgo.com/ac/?q=
unknown
 clean
http://crl.chambersign.org/chambersroot.crl0
unknown
 clean
https://www.google.com/chrome/static/images/favicons/favicon-16x16.p
unknown
 clean
https://repository.luxtrust.lu0
unknown
 clean
https://support.google.com/chrome/answer/6258784
unknown
 clean
http://cps.chambersign.org/cps/chambersroot.html0
unknown
 clean
https://telegram.org/img/t_logo.png
unknown
 clean
http://www.mozilla.com0
unknown
 clean
https://www.google.com/chrome/static/images/favicons/favicon-16x16.png
unknown
 clean
http://www.chambersign.org1
unknown
 clean
https://support.google.com/chrome/?p=plugin_flash
unknown
 clean
http://crl.pkioverheid.nl/DomOrganisatieLatestCRL-G2.crl0
unknown
 clean
http://www.firmaprofesional.com/cps0
unknown
 clean
http://www.diginotar.nl/cps/pkioverheid0
unknown
 clean
http://repository.swisssign.com/0
unknown
 clean
http://185.138.164.150:80//l/f/-pEuK3wB3dP17SpzG6pB/7320aabda7ae3fb6c8f203b55593b70ca4e3db6fiimedpic
unknown
 clean
http://185.138.164.150//l/f/-pEuK3wB3dP17SpzG6pB/7320aabda7ae3fb6c8f203b55593b70ca4e3db6f.te
unknown
 clean
http://crl.securetrust.com/SGCA.crl0
unknown
 clean
http://crl.securetrust.com/STCA.crl0
unknown
 clean
http://www.trustcenter.de/crl/v2/tc_class_3_ca_II.crl
unknown
 clean
http://crl.thawte.com/ThawteTimestampingCA.crl0
unknown
 clean
http://www.certplus.com/CRL/class2.crl0
unknown
 clean
http://www.quovadisglobal.com/cps0
unknown
 clean
http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl0
unknown
 clean
http://185.138.164.150/w
unknown
 clean
http://185.138.164.150/~
unknown
 clean
https://www.google.com/chrome/thank-you.html?statcb=0&installdataindex=empty&defaultbrowser=0
unknown
 clean
https://ocsp.quovadisoffshore.com0
unknown
 clean
http://cps.chambersign.org/cps/chambersignroot.html0
unknown
 clean
http://www.sqlite.org/copyright.html.
unknown
 clean
http://policy.camerfirma.com0
unknown
 clean
http://www.mozilla.com/en-US/blocklist/
unknown
 clean
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
unknown
 clean
http://www.accv.es/legislacion_c.htm0U
unknown
 clean
http://www.certicamara.com/dpc/0Z
unknown
 clean
http://ocsp.accv.es0
unknown
 clean
http://ocsp.thawte.com0
unknown
 clean
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
 clean
https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search
unknown
 clean
https://www.google.com/chrome/thank-you.htmlstatcb=0&installdataindex=empty&defaultbrowser=0
unknown
 clean
https://ac.ecosia.org/autocomplete?q=
unknown
 clean
https://www.catcert.net/verarrel
unknown
 clean
http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1.crt0
unknown
 clean
http://crl.chambersign.org/chambersignroot.crl0
unknown
 clean
http://crl.xrampsecurity.com/XGCA.crl0
unknown
 clean
https://www.catcert.net/verarrel05
unknown
 clean
https://t.me/tika31ramencomp
149.154.167.99
 clean
http://www.quovadis.bm0
unknown
 clean
http://185.138.164.150:80/F2FB95FBD9F1696ome
unknown
 clean
http://www.accv.es00
unknown
 clean
http://www.pkioverheid.nl/policies/root-policy-G20
unknown
 clean
http://www.cert.fnmt.es/dpcs/0
unknown
 clean
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
unknown
 clean
http://185.138.164.150/D
unknown
 clean
https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
unknown
 clean
There are 51 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
t.me
149.154.167.99
 clean

IPs

IP
Domain
Country
Malicious
185.138.164.150
unknown
Germany
malicious
149.154.167.99
t.me
United Kingdom
clean

Memdumps

Base Address
Regiontype
Protect
Malicious
22D000
unkown image
page readonly
 malicious
2025BB3B000
unkown
page read and write
 clean
10E7000
unkown
page read and write
 clean
2FBB000
unkown image
page readonly
 clean
7FF5B5BCA000
unkown image
page readonly
 clean
7FF5B72ED000
unkown image
page readonly
 clean
2FCC000
unkown image
page readonly
 clean
7FF5B7303000
unkown image
page readonly
 clean
7FF5B735D000
unkown image
page readonly
 clean
2025BB75000
unkown
page read and write
 clean
3121000
unkown
page read and write
 clean
7DF5B9CA0000
unkown image
page readonly
 clean
2AB4F940000
unkown image
page read and write
 clean
7FF521366000
unkown image
page readonly
 clean
7DF52F250000
unkown image
page readonly
 clean
17E3C611000
unkown
page read and write
 clean
42C9F77000
unkown
page read and write
 clean
4C648000
unkown
page read and write
 clean
2025BB8F000
unkown
page read and write
 clean
2025B24F000
unkown
page read and write
 clean
3130000
unkown
page read and write
 clean
27631F70000
unkown image
page readonly
 clean
17E3C62F000
unkown
page read and write
 clean
7FF5B53C9000
unkown image
page readonly
 clean
7DF5C5050000
unkown image
page readonly
 clean
905C3AE000
unkown
page read and write
 clean
36AD000
unkown
page read and write
 clean
C7C4B0B000
unkown
page read and write
 clean
7FF5CADFE000
unkown image
page readonly
 clean
2025BB8C000
unkown
page read and write
 clean
2025BB75000
unkown
page read and write
 clean
4C610000
unkown
page read and write
 clean
3046000
unkown image
page readonly
 clean
7FF52155A000
unkown image
page readonly
 clean
10F9000
unkown
page read and write
 clean
2025BBA0000
unkown
page read and write
 clean
175D000
unkown
page read and write
 clean
7FF5B71F7000
unkown image
page readonly
 clean
1564000
unkown
page read and write
 clean
DAFFB77000
unkown
page read and write
 clean
2025BB79000
unkown
page read and write
 clean
7FF5ABEA5000
unkown image
page readonly
 clean
2025BB8F000
unkown
page read and write
 clean
1763000
unkown
page read and write
 clean
7DF5D8B00000
unkown image
page readonly
 clean
DAFFD7F000
unkown
page read and write
 clean
7DF5C5040000
unkown image
page readonly
 clean
920000
unkown image
page readonly
 clean
FB0000
unkown image
page readonly
 clean
2025BB75000
unkown
page read and write
 clean
175D000
unkown
page read and write
 clean
1746000
unkown
page read and write
 clean
14CE000
unkown
page read and write
 clean
1564000
unkown
page read and write
 clean
17E3C62F000
unkown
page read and write
 clean
2025BB8F000
unkown
page read and write
 clean
7FF5B7185000
unkown image
page readonly
 clean
58F4BFE000
unkown
page read and write
 clean
7FF5ABF7E000
unkown image
page readonly
 clean
2ADDAA5B000
unkown
page read and write
 clean
2025BBBC000
unkown
page read and write
 clean
2025B213000
unkown
page read and write
 clean
3120000
unkown
page read and write
 clean
7FF5B5AE6000
unkown image
page readonly
 clean
2025B249000
unkown
page read and write
 clean
4C721000
unkown
page read and write
 clean
27632102000
unkown
page read and write
 clean
7FF5B73E0000
unkown image
page readonly
 clean
7DF5B9C80000
unkown image
page readonly
 clean
2025BBB1000
unkown
page read and write
 clean
17E3C5D0000
unkown image
page readonly
 clean
187E000
unkown
page read and write
 clean
27632802000
unkown
page read and write
 clean
3121000
unkown
page read and write
 clean
2025BB75000
unkown
page read and write
 clean
7FF52152B000
unkown image
page readonly
 clean
7DF5C3842000
unkown image
page readonly
 clean
2025BB1F000
unkown
page read and write
 clean
7FF5214D7000
unkown image
page readonly
 clean
3122000
unkown
page read and write
 clean
2ADDAE00000
unkown image
page readonly
 clean
2025B24A000
unkown
page read and write
 clean
6EBF6000
unkown image
page write copy
 clean
6EAA1000
unkown image
page execute read
 clean
2025BB82000
unkown
page read and write
 clean
7FF5CAE79000
unkown image
page readonly
 clean
2025BB77000
unkown
page read and write
 clean
7DF5C3842000
unkown image
page readonly
 clean
17E3C5B0000
unkown image
page readonly
 clean
7FF5B70B2000
unkown image
page readonly
 clean
17E3C7D0000
unkown
page read and write
 clean
3275000
heap private
page read and write
 clean
2025BBC1000
unkown
page read and write
 clean
905C32E000
unkown
page read and write
 clean
27632100000
unkown
page read and write
 clean
7DF5C3840000
unkown image
page readonly
 clean
4CB3E000
unkown
page read and write
 clean
10F6000
unkown
page read and write
 clean
7DF5C5040000
unkown image
page readonly
 clean
3C4F000
unkown
page read and write
 clean
2025B0E0000
heap private
page read and write
 clean
7FF5ABF9D000
unkown image
page readonly
 clean
2D7000
unkown
page read and write
 clean
7FF5B72CE000
unkown image
page readonly
 clean
2025BB9C000
unkown
page read and write
 clean
2AB4F9C0000
unkown image
page readonly
 clean
1339000
unkown
page read and write
 clean
176D000
unkown
page read and write
 clean
3B4E000
unkown
page read and write
 clean
4C63D000
unkown
page read and write
 clean
61E00000
unkown image
page readonly
 clean
7DF5C3830000
unkown image
page readonly
 clean
3121000
unkown
page read and write
 clean
6EAD1000
unkown image
page execute read
 clean
2025BBAE000
unkown
page read and write
 clean
3D8E000
unkown
page read and write
 clean
2AB4FA4F000
unkown
page read and write
 clean
302E000
unkown image
page readonly
 clean
7FF5B6FB4000
unkown image
page readonly
 clean
7FF5B5BA9000
unkown image
page readonly
 clean
3121000
unkown
page read and write
 clean
2025BB8F000
unkown
page read and write
 clean
2025B4D0000
unkown image
page readonly
 clean
175D000
heap default
page read and write
 clean
150E000
unkown
page read and write
 clean
2025BB86000
unkown
page read and write
 clean
2F89000
unkown image
page readonly
 clean
7FF5B5BD1000
unkown image
page readonly
 clean
2025BB71000
unkown
page read and write
 clean
2025B850000
unkown image
page readonly
 clean
2025BB9F000
unkown
page read and write
 clean
2025BB75000
unkown
page read and write
 clean
7FF5B5AE3000
unkown image
page readonly
 clean
FB0000
unkown image
page readonly
 clean
2025BB6B000
unkown
page read and write
 clean
2ADDAA7F000
unkown
page read and write
 clean
2025B24B000
unkown
page read and write
 clean
7FF5ABDF0000
unkown image
page readonly
 clean
42C977F000
unkown
page read and write
 clean
7FF5ABEA1000
unkown image
page readonly
 clean
3670000
unkown
page read and write
 clean
27631F60000
heap private
page read and write
 clean
2025BBB3000
unkown
page read and write
 clean
7DF5B9C90000
unkown image
page readonly
 clean
2025B250000
unkown
page read and write
 clean
2025B313000
unkown
page read and write
 clean
7FF5B7145000
unkown image
page readonly
 clean
7FD62000
unkown image
page readonly
 clean
4C73A000
unkown
page read and write
 clean
7FF5CAC6D000
unkown image
page readonly
 clean
7FF5ABE0B000
unkown image
page readonly
 clean
7DF4C1700000
unkown image
page readonly
 clean
7FF5B5ADD000
unkown image
page readonly
 clean
2763204E000
unkown
page read and write
 clean
3670000
unkown
page read and write
 clean
2025B2A5000
unkown
page read and write
 clean
174F000
heap default
page read and write
 clean
7FF5215B2000
unkown image
page readonly
 clean
13C000
unkown
page read and write
 clean
7FF5B5B2E000
unkown image
page readonly
 clean
16DE000
heap default
page read and write
 clean
2ADDAA60000
unkown
page read and write
 clean
2025B1E0000
unkown
page read and write
 clean
2AB4FA6F000
unkown
page read and write
 clean
2AB4F9E0000
unkown
page read and write
 clean
2F9B000
unkown image
page readonly
 clean
2ADDAA3C000
unkown
page read and write
 clean
4C721000
unkown
page read and write
 clean
2025B0F0000
unkown image
page readonly
 clean
3121000
unkown
page read and write
 clean
2ADDAA00000
unkown
page read and write
 clean
7FF5B5BC5000
unkown image
page readonly
 clean
7FF52143B000
unkown image
page readonly
 clean
69E000
unkown
page read and write
 clean
7FF5B7191000
unkown image
page readonly
 clean
2025B270000
unkown
page read and write
 clean
3121000
unkown
page read and write
 clean
148E000
unkown
page read and write
 clean
42C9BFA000
unkown
page read and write
 clean
352F000
unkown
page read and write
 clean
7FF5215D1000
unkown image
page readonly
 clean
2AB4F980000
unkown image
page readonly
 clean
2025BB6B000
unkown
page read and write
 clean
1760000
unkown
page read and write
 clean
7FF5B72E9000
unkown image
page readonly
 clean
58F4B7A000
unkown
page read and write
 clean
58F470A000
unkown
page read and write
 clean
7FF5CADAD000
unkown image
page readonly
 clean
720000
unkown image
page readonly
 clean
3121000
unkown
page read and write
 clean
4C632000
unkown
page read and write
 clean
10FF000
unkown
page read and write
 clean
2AB4FA29000
unkown
page read and write
 clean
2025B259000
unkown
page read and write
 clean
17E3C590000
unkown image
page read and write
 clean
2025BB67000
unkown
page read and write
 clean
1564000
unkown
page read and write
 clean
7FF5215C4000
unkown image
page readonly
 clean
7DF5C5042000
unkown image
page readonly
 clean
7FF5AC00A000
unkown image
page readonly
 clean
2F9F000
unkown image
page readonly
 clean
6EAD0000
unkown image
page readonly
 clean
27631F70000
unkown image
page readonly
 clean
7FF52155D000
unkown image
page readonly
 clean
2025BBA0000
unkown
page read and write
 clean
AA0000
unkown image
page readonly
 clean
2025B110000
unkown image
page readonly
 clean
7DF52F240000
unkown image
page readonly
 clean
7FF5B6C43000
unkown image
page readonly
 clean
7DF5D8B02000
unkown image
page readonly
 clean
7FF5B58CD000
unkown image
page readonly
 clean
7DF5C5042000
unkown image
page readonly
 clean
2ADDAA7F000
unkown
page read and write
 clean
42C9E7F000
unkown
page read and write
 clean
2025B1E0000
unkown
page read and write
 clean
7FF5AC021000
unkown image
page readonly
 clean
905C9FF000
unkown
page read and write
 clean
7FF5CADA9000
unkown image
page readonly
 clean
3121000
unkown
page read and write
 clean
2ADDB202000
unkown
page read and write
 clean
DAFF4BB000
unkown
page read and write
 clean
3121000
unkown
page read and write
 clean
3121000
unkown
page read and write
 clean
7FF5215DA000
unkown image
page readonly
 clean
7FF5B7126000
unkown image
page readonly
 clean
3024000
unkown image
page readonly
 clean
58F478E000
unkown
page read and write
 clean
2AB4FED0000
unkown image
page readonly
 clean
3121000
unkown
page read and write
 clean
1102000
unkown
page read and write
 clean
27631FC0000
heap default
page read and write
 clean
7DF5D8B20000
unkown image
page readonly
 clean
2ADDAA13000
unkown
page read and write
 clean
7DF5C5050000
unkown image
page readonly
 clean
301B000
unkown image
page readonly
 clean
7FD50000
unkown image
page readonly
 clean
4C721000
unkown
page read and write
 clean
1564000
unkown
page read and write
 clean
7DF5C5060000
unkown image
page readonly
 clean
17E3C5B0000
unkown image
page readonly
 clean
7FF5B724C000
unkown image
page readonly
 clean
4E0000
heap private
page read and write
 clean
2025B1F0000
unkown image
page read and write
 clean
17E3C626000
unkown
page read and write
 clean
7DF5C3840000
unkown image
page readonly
 clean
2025B930000
unkown image
page write copy
 clean
3121000
unkown
page read and write
 clean
2025B23C000
unkown
page read and write
 clean
7FF5213B0000
unkown image
page readonly
 clean
3C8E000
unkown
page read and write
 clean
7FF5215B9000
unkown image
page readonly
 clean
7FF5B6FB7000
unkown image
page readonly
 clean
17E3C641000
unkown
page read and write
 clean
2025BB8E000
unkown
page read and write
 clean
2F7A000
unkown image
page readonly
 clean
2ADDAA5C000
unkown
page read and write
 clean
2025B2C6000
unkown
page read and write
 clean
3121000
unkown
page read and write
 clean
7FF5B5BBA000
unkown image
page readonly
 clean
7FF5CADD7000
unkown image
page readonly
 clean
7FF5ABF2F000
unkown image
page readonly
 clean
3058000
unkown image
page readonly
 clean
7DF5B9C82000
unkown image
page readonly
 clean
6EBFB000
unkown image
page readonly
 clean
7FD52000
unkown image
page readonly
 clean
2025BBA0000
unkown
page read and write
 clean
16B1000
heap default
page read and write
 clean
7FF521435000
unkown image
page readonly
 clean
197E000
unkown
page read and write
 clean
1564000
unkown
page read and write
 clean
4C7AC000
unkown
page read and write
 clean
2ADDA8C0000
unkown image
page readonly
 clean
7FF5B72EF000
unkown image
page readonly
 clean
7FF5B70EB000
unkown image
page readonly
 clean
2025B25C000
unkown
page read and write
 clean
2025BBC4000
unkown
page read and write
 clean
32EE000
unkown
page read and write
 clean
C7C4FFE000
unkown
page read and write
 clean
2025B0D0000
unkown image
page read and write
 clean
7FF52144C000
unkown image
page readonly
 clean
7FF5CAE1D000
unkown image
page readonly
 clean
27632650000
unkown image
page readonly
 clean
7FF5214ED000
unkown image
page readonly
 clean
1760000
unkown
page read and write
 clean
2025B22D000
unkown
page read and write
 clean
7DF52F242000
unkown image
page readonly
 clean
2AB4F960000
unkown image
page readonly
 clean
7FF5210C1000
unkown image
page readonly
 clean
FA0000
unkown image
page read and write
 clean
7FF5CA981000
unkown image
page readonly
 clean
2ADDA8C0000
unkown image
page readonly
 clean
7FF5B7261000
unkown image
page readonly
 clean
7DF5D8B12000
unkown image
page readonly
 clean
2025BB7D000
unkown
page read and write
 clean
7FF5ABF9A000
unkown image
page readonly
 clean
2025BBA6000
unkown
page read and write
 clean
C7C4F7C000
unkown
page read and write
 clean
7DF42D110000
unkown image
page readonly
 clean
4C648000
unkown
page read and write
 clean
8F6000
unkown image
page readonly
 clean
17E3C7F0000
unkown
page read and write
 clean
7FF5B5ADF000
unkown image
page readonly
 clean
2025B120000
unkown image
page readonly
 clean
190000
unkown image
page readonly
 clean
7FF5CADC0000
unkown image
page readonly
 clean
3121000
unkown
page read and write
 clean
2025B2B0000
unkown
page read and write
 clean
2ADDA8B0000
heap private
page read and write
 clean
166E000
unkown
page read and write
 clean
3121000
unkown
page read and write
 clean
7FF5CACFB000
unkown image
page readonly
 clean
1440000
unkown
page read and write
 clean
2763204A000
unkown
page read and write
 clean
17E3C830000
unkown image
page readonly
 clean
2025BB7C000
unkown
page read and write
 clean
2025BA02000
unkown
page read and write
 clean
7DF5C3850000
unkown image
page readonly
 clean
7FF5B7131000
unkown image
page readonly
 clean
2AB4FB00000
unkown
page read and write
 clean
3121000
unkown
page read and write
 clean
2F95000
unkown image
page readonly
 clean
7FF52150E000
unkown image
page readonly
 clean
1510000
unkown image
page readonly
 clean
7FF5B72F3000
unkown image
page readonly
 clean
2025BB8A000
unkown
page read and write
 clean
560000
heap default
page read and write
 clean
17E3C616000
heap default
page read and write
 clean
2AB50202000
unkown
page read and write
 clean
7DF5C3832000
unkown image
page readonly
 clean
2025C002000
unkown
page read and write
 clean
7DF5C5052000
unkown image
page readonly
 clean
7FF5B7195000
unkown image
page readonly
 clean
7F530000
unkown image
page readonly
 clean
C7C52FE000
unkown
page read and write
 clean
2025B286000
unkown
page read and write
 clean
6EAD0000
unkown image
page readonly
 clean
7FF5ABB07000
unkown image
page readonly
 clean
2025BB77000
unkown
page read and write
 clean
27632050000
unkown
page read and write
 clean
1C0000
unkown image
page readonly
 clean
4C646000
unkown
page read and write
 clean
7FF5B728F000
unkown image
page readonly
 clean
7FF5B71B0000
unkown image
page readonly
 clean
7FF5CACAF000
unkown image
page readonly
 clean
3270000
heap private
page read and write
 clean
2AB4FA3C000
unkown
page read and write
 clean
7FF521391000
unkown image
page readonly
 clean
279000
unkown image
page execute read
 clean
2AB4F9B0000
heap default
page read and write
 clean
4D2D0000
unkown image
page read and write
 clean
276324D0000
unkown image
page readonly
 clean
2025BB92000
unkown
page read and write
 clean
16EC000
heap default
page read and write
 clean
1756000
unkown
page read and write
 clean
2025BB7B000
unkown
page read and write
 clean
7FF5215CA000
unkown image
page readonly
 clean
1564000
unkown
page read and write
 clean
4C8FA000
heap private
page read and write
 clean
7DF5D8B20000
unkown image
page readonly
 clean
2025BB7E000
unkown
page read and write
 clean
2025BB15000
unkown
page read and write
 clean
8F6000
unkown image
page readonly
 clean
3121000
unkown
page read and write
 clean
2DB000
unkown
page read and write
 clean
27631F50000
unkown image
page read and write
 clean
7FF5B6EC1000
unkown image
page readonly
 clean
7FF5B72C3000
unkown image
page readonly
 clean
7FF5CADC3000
unkown image
page readonly
 clean
2025B140000
heap default
page read and write
 clean
32A0000
heap private
page read and write
 clean
7FF5ABF4E000
unkown image
page readonly
 clean
7FF5ABB01000
unkown image
page readonly
 clean
2025B2E0000
unkown
page read and write
 clean
17E3C60B000
heap default
page read and write
 clean
7FF521557000
unkown image
page readonly
 clean
42CA0FF000
unkown
page read and write
 clean
2ADDAA29000
unkown
page read and write
 clean
2AB4FA52000
unkown
page read and write
 clean
3121000
unkown
page read and write
 clean
1550000
unkown
page read and write
 clean
7FF5CADEB000
unkown image
page readonly
 clean
42CA1FB000
unkown
page read and write
 clean
2025B25A000
unkown
page read and write
 clean
7FF5ABE2F000
unkown image
page readonly
 clean
7FF5B72A2000
unkown image
page readonly
 clean
7FF5AB883000
unkown image
page readonly
 clean
7FF5B72D7000
unkown image
page readonly
 clean
7FF5B730E000
unkown image
page readonly
 clean
7FF5B6D5C000
unkown image
page readonly
 clean
7FD60000
unkown image
page readonly
 clean
1738000
unkown
page read and write
 clean
7FF5ABF40000
unkown image
page readonly
 clean
7FF5B6EC7000
unkown image
page readonly
 clean
2025B25D000
unkown
page read and write
 clean
7FD70000
unkown image
page readonly
 clean
7F550000
unkown image
page readonly
 clean
2025BB79000
unkown
page read and write
 clean
27632055000
unkown
page read and write
 clean
7FF5ABE8C000
unkown image
page readonly
 clean
7FF5B73B2000
unkown image
page readonly
 clean
2025B6D0000
unkown image
page readonly
 clean
2025BB7B000
unkown
page read and write
 clean
175B000
unkown
page read and write
 clean
366D000
unkown
page read and write
 clean
3121000
unkown
page read and write
 clean
1530000
unkown
page read and write
 clean
7FF5CAD21000
unkown image
page readonly
 clean
7FF5214F3000
unkown image
page readonly
 clean
6EBF8000
unkown image
page read and write
 clean
2025BB75000
unkown
page read and write
 clean
2025BB82000
unkown
page read and write
 clean
37AD000
unkown
page read and write
 clean
7FF5B5B4A000
unkown image
page readonly
 clean
7FF5CAE91000
unkown image
page readonly
 clean
3121000
unkown
page read and write
 clean
2AB50050000
unkown image
page readonly
 clean
7DF5B9C90000
unkown image
page readonly
 clean
7F542000
unkown image
page readonly
 clean
1527000
heap private
page read and write
 clean
27631FA0000
unkown image
page readonly
 clean
7FD62000
unkown image
page readonly
 clean
3058000
unkown image
page readonly
 clean
3053000
unkown image
page readonly
 clean
2025BB79000
unkown
page read and write
 clean
3121000
unkown
page read and write
 clean
7FF5CAC8B000
unkown image
page readonly
 clean
17E3CA30000
unkown image
page readonly
 clean
4C78A000
unkown
page read and write
 clean
568000
heap default
page read and write
 clean
2025BB8F000
unkown
page read and write
 clean
7FF52153E000
unkown image
page readonly
 clean
2025B190000
unkown image
page readonly
 clean
175D000
unkown
page read and write
 clean
7FF5ABDD1000
unkown image
page readonly
 clean
7FF5B6D47000
unkown image
page readonly
 clean
2763208A000
unkown
page read and write
 clean
7FD70000
unkown image
page readonly
 clean
1758000
unkown
page read and write
 clean
2ADDA8A0000
unkown image
page read and write
 clean
17E3C600000
heap default
page read and write
 clean
2025BBA0000
unkown
page read and write
 clean
1758000
heap default
page read and write
 clean
16BE000
heap default
page read and write
 clean
7FF521265000
unkown image
page readonly
 clean
2AB4FA4B000
unkown
page read and write
 clean
2ADDA8E0000
unkown image
page readonly
 clean
3121000
unkown
page read and write
 clean
7FF5B733E000
unkown image
page readonly
 clean
2025BB39000
unkown
page read and write
 clean
2025BB8F000
unkown
page read and write
 clean
7FF5B7265000
unkown image
page readonly
 clean
7FF5B72BE000
unkown image
page readonly
 clean
7FF5ABDED000
unkown image
page readonly
 clean
6EAA0000
unkown image
page readonly
 clean
2025B150000
unkown image
page readonly
 clean
DAFF53E000
unkown
page read and write
 clean
2025BBB0000
unkown
page read and write
 clean
4C62F000
unkown
page read and write
 clean
173B000
heap default
page read and write
 clean
2ADDAF80000
unkown image
page readonly
 clean
1772000
unkown
page read and write
 clean
7FF5ABDA6000
unkown image
page readonly
 clean
7DF52F250000
unkown image
page readonly
 clean
4C8F0000
heap private
page read and write
 clean
7FF5ABFF9000
unkown image
page readonly
 clean
7FF5B5AF0000
unkown image
page readonly
 clean
7FF5214EF000
unkown image
page readonly
 clean
7DF5B9C92000
unkown image
page readonly
 clean
2AB4F990000
unkown image
page readonly
 clean
24D000
unkown image
page execute read
 clean
7FF5ABE75000
unkown image
page readonly
 clean
7DF5B9C80000
unkown image
page readonly
 clean
2025BBA6000
unkown
page read and write
 clean
42CA07A000
unkown
page read and write
 clean
905C8F7000
unkown
page read and write
 clean
DAFF9FB000
unkown
page read and write
 clean
2025BB7B000
unkown
page read and write
 clean
7FF5B5AF7000
unkown image
page readonly
 clean
3121000
unkown
page read and write
 clean
905C7FB000
unkown
page read and write
 clean
1520000
heap private
page read and write
 clean
7FF5B7333000
unkown image
page readonly
 clean
3121000
unkown
page read and write
 clean
7DF4D69D0000
unkown image
page readonly
 clean
17E3C60D000
heap default
page read and write
 clean
58F4AF9000
unkown
page read and write
 clean
7FF5ABF2D000
unkown image
page readonly
 clean
1564000
unkown
page read and write
 clean
7FF5213CB000
unkown image
page readonly
 clean
7FF5B7166000
unkown image
page readonly
 clean
7DF52F242000
unkown image
page readonly
 clean
7FF5B71F2000
unkown image
page readonly
 clean
1564000
unkown
page read and write
 clean
3121000
unkown
page read and write
 clean
C7C50FB000
unkown
page read and write
 clean
7FD50000
unkown image
page readonly
 clean
71F000
unkown
page read and write
 clean
7FF5B73C4000
unkown image
page readonly
 clean
2025BB7D000
unkown
page read and write
 clean
DAFF5BE000
unkown
page read and write
 clean
7FF5CACF5000
unkown image
page readonly
 clean
3121000
unkown
page read and write
 clean
E0000
unkown image
page readonly
 clean
3250000
unkown
page read and write
 clean
1564000
unkown
page read and write
 clean
3670000
unkown
page read and write
 clean
1564000
unkown
page read and write
 clean
2025C063000
unkown
page read and write
 clean
3121000
unkown
page read and write
 clean
2AB4FA00000
unkown
page read and write
 clean
1760000
heap default
page read and write
 clean
DAFFA7E000
unkown
page read and write
 clean
7FF5AC011000
unkown image
page readonly
 clean
27632108000
unkown
page read and write
 clean
7FF5B5BD1000
unkown image
page readonly
 clean
7F540000
unkown image
page readonly
 clean
7FF5ABF97000
unkown image
page readonly
 clean
276322D0000
unkown image
page readonly
 clean
3121000
unkown
page read and write
 clean
3121000
unkown
page read and write
 clean
7FF5B5B23000
unkown image
page readonly
 clean
4C79E000
unkown
page read and write
 clean
2025BB8D000
unkown
page read and write
 clean
7FF5CAE9A000
unkown image
page readonly
 clean
FD0000
unkown image
page readonly
 clean
2025BB8A000
unkown
page read and write
 clean
2025BBA6000
unkown
page read and write
 clean
7FF520E22000
unkown image
page readonly
 clean
2ADDAB02000
unkown
page read and write
 clean
2025BB8F000
unkown
page read and write
 clean
2025BB8E000
unkown
page read and write
 clean
2025B24C000
unkown
page read and write
 clean
7FF521507000
unkown image
page readonly
 clean
7FF5CADC7000
unkown image
page readonly
 clean
7FF5B6BD9000
unkown image
page readonly
 clean
2025BB6B000
unkown
page read and write
 clean
7FF5ABF47000
unkown image
page readonly
 clean
2025BBB3000
unkown
page read and write
 clean
7FF5ABE7B000
unkown image
page readonly
 clean
6EAC2000
unkown image
page readonly
 clean
4C660000
unkown
page read and write
 clean
7F430000
unkown image
page readonly
 clean
7DF52F252000
unkown image
page readonly
 clean
7FF5B73B9000
unkown image
page readonly
 clean
3121000
unkown
page read and write
 clean
7DF5C3850000
unkown image
page readonly
 clean
2025C002000
unkown
page read and write
 clean
4CC50000
unkown
page read and write
 clean
7FF5AC004000
unkown image
page readonly
 clean
7F532000
unkown image
page readonly
 clean
2025C002000
unkown
page read and write
 clean
17E3CA40000
unkown image
page readonly
 clean
2025BB4C000
unkown
page read and write
 clean
4CC3F000
unkown
page read and write
 clean
27631FF0000
unkown
page read and write
 clean
2025BB84000
unkown
page read and write
 clean
2ADDAB00000
unkown
page read and write
 clean
2025B2F8000
unkown
page read and write
 clean
2025C002000
unkown
page read and write
 clean
7FF5CAD25000
unkown image
page readonly
 clean
17E3C62F000
unkown
page read and write
 clean
7FF5B73DA000
unkown image
page readonly
 clean
7FF5ABF73000
unkown image
page readonly
 clean
7FF5AC01A000
unkown image
page readonly
 clean
7DF52F252000
unkown image
page readonly
 clean
4BC000
unkown image
page execute read
 clean
2ADDAA9B000
unkown
page read and write
 clean
7FF5B723B000
unkown image
page readonly
 clean
7FF5CAE1A000
unkown image
page readonly
 clean
2025B254000
unkown
page read and write
 clean
2025BB8F000
unkown
page read and write
 clean
3121000
unkown
page read and write
 clean
2025B170000
unkown
page read and write
 clean
3121000
unkown
page read and write
 clean
7FF5CADAF000
unkown image
page readonly
 clean
7FF5B7065000
unkown image
page readonly
 clean
6EAB9000
unkown image
page readonly
 clean
27632113000
unkown
page read and write
 clean
7FC50000
unkown image
page readonly
 clean
2025C01D000
unkown
page read and write
 clean
10FC000
unkown
page read and write
 clean
1E0000
unkown
page read and write
 clean
2025BB8E000
unkown
page read and write
 clean
16D2000
heap default
page read and write
 clean
2025BB00000
unkown
page read and write
 clean
C7C4B8E000
unkown
page read and write
 clean
3280000
unkown
page read and write
 clean
2FB6000
unkown image
page readonly
 clean
4C645000
unkown
page read and write
 clean
7DF4B7B50000
unkown image
page readonly
 clean
2025BB39000
unkown
page read and write
 clean
7DF5C3832000
unkown image
page readonly
 clean
2ADDA8F0000
unkown image
page readonly
 clean
42C9D77000
unkown
page read and write
 clean
7FF5B70DD000
unkown image
page readonly
 clean
D0000
unkown image
page read and write
 clean
7FF5CA987000
unkown image
page readonly
 clean
7DF5C5060000
unkown image
page readonly
 clean
3121000
unkown
page read and write
 clean
2025B255000
unkown
page read and write
 clean
7FF5B713F000
unkown image
page readonly
 clean
7FF5CAEA1000
unkown image
page readonly
 clean
1564000
unkown
page read and write
 clean
2025BB8F000
unkown
page read and write
 clean
2025B2D5000
unkown
page read and write
 clean
905CAFF000
unkown
page read and write
 clean
2025C002000
unkown
page read and write
 clean
7F550000
unkown image
page readonly
 clean
4CAFF000
unkown
page read and write
 clean
2025BBA1000
unkown
page read and write
 clean
3121000
unkown
page read and write
 clean
7DF5B9CA0000
unkown image
page readonly
 clean
2025BB9F000
unkown
page read and write
 clean
2025BB8F000
unkown
page read and write
 clean
2025BB92000
unkown
page read and write
 clean
6EAC0000
unkown image
page read and write
 clean
42C97FE000
unkown
page read and write
 clean
1756000
unkown
page read and write
 clean
7FF5B71AD000
unkown image
page readonly
 clean
7FF5B5BB4000
unkown image
page readonly
 clean
17E3C616000
unkown
page read and write
 clean
2025BB17000
unkown
page read and write
 clean
2FAF000
unkown image
page readonly
 clean
C7C51F7000
unkown
page read and write
 clean
2AB4FA8A000
unkown
page read and write
 clean
C7C53FF000
unkown
page read and write
 clean
3121000
unkown
page read and write
 clean
7FF5B71CB000
unkown image
page readonly
 clean
4C9FE000
unkown
page read and write
 clean
2ADDA910000
heap default
page read and write
 clean
10E3000
unkown
page read and write
 clean
2AB4FA80000
unkown
page read and write
 clean
27632013000
unkown
page read and write
 clean
1756000
unkown
page read and write
 clean
2025BBA1000
unkown
page read and write
 clean
7FF5B70A7000
unkown image
page readonly
 clean
2025BBC7000
unkown
page read and write
 clean
4C62B000
unkown
page read and write
 clean
1564000
unkown
page read and write
 clean
7FF5CAE17000
unkown image
page readonly
 clean
2025BB9D000
unkown
page read and write
 clean
7FF5ABF29000
unkown image
page readonly
 clean
2025BBA0000
unkown
page read and write
 clean
7FF5B5B4D000
unkown image
page readonly
 clean
7FF5214E9000
unkown image
page readonly
 clean
7FF5ABF6B000
unkown image
page readonly
 clean
7DF5D8B10000
unkown image
page readonly
 clean
7FF5B6F49000
unkown image
page readonly
 clean
7FF5B5BA2000
unkown image
page readonly
 clean
4F0000
heap default
page read and write
 clean
7DF5D8B00000
unkown image
page readonly
 clean
2025B316000
unkown
page read and write
 clean
42C96FB000
unkown
page read and write
 clean
7F540000
unkown image
page readonly
 clean
7FF5B7357000
unkown image
page readonly
 clean
7FF5ABFF2000
unkown image
page readonly
 clean
2AB4FCD0000
unkown image
page readonly
 clean
2AB4F960000
unkown image
page readonly
 clean
2025BB73000
unkown
page read and write
 clean
1769000
unkown
page read and write
 clean
7DF52F260000
unkown image
page readonly
 clean
2025BB8F000
unkown
page read and write
 clean
FE0000
unkown image
page readonly
 clean
7FF5213EF000
unkown image
page readonly
 clean
27632000000
unkown
page read and write
 clean
7FF5B73CA000
unkown image
page readonly
 clean
7FF5213AD000
unkown image
page readonly
 clean
4C990000
unkown image
page readonly
 clean
7FF5B7291000
unkown image
page readonly
 clean
2025BB9B000
unkown
page read and write
 clean
7FF5CAE8A000
unkown image
page readonly
 clean
7F542000
unkown image
page readonly
 clean
2025B302000
unkown
page read and write
 clean
7FF5CAD97000
unkown image
page readonly
 clean
7FD60000
unkown image
page readonly
 clean
7FF5CAE72000
unkown image
page readonly
 clean
7FD52000
unkown image
page readonly
 clean
1564000
unkown
page read and write
 clean
2ADDA9F0000
unkown image
page readonly
 clean
2025B2E2000
unkown
page read and write
 clean
2025BB8F000
unkown
page read and write
 clean
6EAA0000
unkown image
page readonly
 clean
2025B200000
unkown
page read and write
 clean
2ADDB070000
unkown
page read and write
 clean
2025C06A000
unkown
page read and write
 clean
7FF521461000
unkown image
page readonly
 clean
1F0000
unkown image
page readonly
 clean
905C6FB000
unkown
page read and write
 clean
7FF5CADB3000
unkown image
page readonly
 clean
1769000
unkown
page read and write
 clean
7DF4C2F10000
unkown image
page readonly
 clean
1758000
unkown
page read and write
 clean
7FF5B72BA000
unkown image
page readonly
 clean
7FF5AC021000
unkown image
page readonly
 clean
1746000
unkown
page read and write
 clean
2025BB92000
unkown
page read and write
 clean
7DF5C3830000
unkown image
page readonly
 clean
10F3000
unkown
page read and write
 clean
1980000
unkown image
page readonly
 clean
7FF5B7235000
unkown image
page readonly
 clean
7DF5D8B12000
unkown image
page readonly
 clean
2AB4FA55000
unkown
page read and write
 clean
2AB4FB02000
unkown
page read and write
 clean
7FF5CADF3000
unkown image
page readonly
 clean
27632029000
unkown
page read and write
 clean
4C634000
unkown
page read and write
 clean
1C1000
unkown image
page execute read
 clean
7FF5B5AFE000
unkown image
page readonly
 clean
7DF5B9C92000
unkown image
page readonly
 clean
2ADDAA54000
unkown
page read and write
 clean
7FF5B735A000
unkown image
page readonly
 clean
1564000
unkown
page read and write
 clean
905C2AB000
unkown
page read and write
 clean
7FF5B7317000
unkown image
page readonly
 clean
2025BBC7000
unkown
page read and write
 clean
2AB4F950000
heap private
page read and write
 clean
7FF5B5AF3000
unkown image
page readonly
 clean
2025C003000
unkown
page read and write
 clean
7FF5B7124000
unkown image
page readonly
 clean
DAFFC7E000
unkown
page read and write
 clean
2ADDAA5F000
unkown
page read and write
 clean
6EBC0000
unkown image
page readonly
 clean
301F000
unkown image
page readonly
 clean
7FF5B5B1B000
unkown image
page readonly
 clean
4C62F000
unkown
page read and write
 clean
176D000
unkown
page read and write
 clean
2025B1E0000
unkown
page read and write
 clean
2025BBB3000
unkown
page read and write
 clean
2025C002000
unkown
page read and write
 clean
17E3C5A5000
heap private
page read and write
 clean
6DE000
unkown
page read and write
 clean
7FF521500000
unkown image
page readonly
 clean
2025BB8F000
unkown
page read and write
 clean
17E3C820000
unkown image
page readonly
 clean
7F530000
unkown image
page readonly
 clean
7FF5ABDC5000
unkown image
page readonly
 clean
27631F90000
unkown image
page readonly
 clean
1564000
unkown
page read and write
 clean
27631FD0000
unkown image
page readonly
 clean
7FF5B7307000
unkown image
page readonly
 clean
3121000
unkown
page read and write
 clean
2025BB72000
unkown
page read and write
 clean
3121000
unkown
page read and write
 clean
180000
unkown image
page readonly
 clean
C7C4E7E000
unkown
page read and write
 clean
1B80000
unkown image
page readonly
 clean
2025BBA0000
unkown
page read and write
 clean
7FF5B7199000
unkown image
page readonly
 clean
1D00000
unkown image
page readonly
 clean
7FF5CAEA1000
unkown image
page readonly
 clean
247000
unkown image
page read and write
 clean
2025BB9F000
unkown
page read and write
 clean
7DF52F260000
unkown image
page readonly
 clean
4C639000
unkown
page read and write
 clean
2025BB9B000
unkown
page read and write
 clean
E0000
unkown image
page readonly
 clean
2025B257000
unkown
page read and write
 clean
1756000
heap default
page read and write
 clean
7FF5ABF17000
unkown image
page readonly
 clean
42C9C7F000
unkown
page read and write
 clean
7FF5210C7000
unkown image
page readonly
 clean
356D000
unkown
page read and write
 clean
7FF5B732B000
unkown image
page readonly
 clean
7FF5ABF43000
unkown image
page readonly
 clean
3121000
unkown
page read and write
 clean
2ADDAA5E000
unkown
page read and write
 clean
7DF52F240000
unkown image
page readonly
 clean
2025C002000
unkown
page read and write
 clean
2ADDAC00000
unkown image
page readonly
 clean
2ADDAA80000
unkown
page read and write
 clean
2ADDAB13000
unkown
page read and write
 clean
4C720000
unkown
page read and write
 clean
7DF5D8B02000
unkown image
page readonly
 clean
1763000
unkown
page read and write
 clean
1C0000
unkown image
page readonly
 clean
7FF5215E1000
unkown image
page readonly
 clean
3121000
unkown
page read and write
 clean
175A000
unkown
page read and write
 clean
58F4C7D000
unkown
page read and write
 clean
2025BB8F000
unkown
page read and write
 clean
7FF5B7300000
unkown image
page readonly
 clean
58F4A7E000
unkown
page read and write
 clean
7FF5B73E1000
unkown image
page readonly
 clean
175B000
unkown
page read and write
 clean
17E3CBC0000
unkown image
page readonly
 clean
7FF5CA703000
unkown image
page readonly
 clean
3121000
unkown
page read and write
 clean
33EE000
unkown
page read and write
 clean
53E000
unkown
page read and write
 clean
1758000
unkown
page read and write
 clean
2763203C000
unkown
page read and write
 clean
2025BBA0000
unkown
page read and write
 clean
2025B2A6000
unkown
page read and write
 clean
2AB4FA13000
unkown
page read and write
 clean
7FF5CAC26000
unkown image
page readonly
 clean
2025B24D000
unkown
page read and write
 clean
2AB4FB08000
unkown
page read and write
 clean
168A000
heap default
page read and write
 clean
7FF5CAC51000
unkown image
page readonly
 clean
7FF5CAB25000
unkown image
page readonly
 clean
2025B2BF000
unkown
page read and write
 clean
7FF5B6F47000
unkown image
page readonly
 clean
7DF5C5052000
unkown image
page readonly
 clean
7FF5B5BC1000
unkown image
page readonly
 clean
342E000
unkown
page read and write
 clean
2ADDAB08000
unkown
page read and write
 clean
3121000
unkown
page read and write
 clean
1C0000
unkown image
page readonly
 clean
7FF5CAC45000
unkown image
page readonly
 clean
7FF5ABF33000
unkown image
page readonly
 clean
2025BB79000
unkown
page read and write
 clean
17E3C5A0000
heap private
page read and write
 clean
273000
unkown image
page read and write
 clean
17E3C625000
unkown
page read and write
 clean
7FF5CAE84000
unkown image
page readonly
 clean
2025BB8E000
unkown
page read and write
 clean
2763207F000
unkown
page read and write
 clean
7FF5CAD0C000
unkown image
page readonly
 clean
17E3C640000
unkown
page read and write
 clean
2025B0F0000
unkown image
page readonly
 clean
7FF5B73D1000
unkown image
page readonly
 clean
123C000
unkown
page read and write
 clean
1560000
heap default
page read and write
 clean
7DF5B9C82000
unkown image
page readonly
 clean
2025B308000
unkown
page read and write
 clean
2AB4FA4E000
unkown
page read and write
 clean
1680000
heap default
page read and write
 clean
7FF5CAC70000
unkown image
page readonly
 clean
2025BB9D000
unkown
page read and write
 clean
2025C002000
unkown
page read and write
 clean
2AB4FB13000
unkown
page read and write
 clean
7F532000
unkown image
page readonly
 clean
7FF521533000
unkown image
page readonly
 clean
7FF5CADCE000
unkown image
page readonly
 clean
7FF5215E1000
unkown image
page readonly
 clean
27632002000
unkown
page read and write
 clean
7DF5D8B10000
unkown image
page readonly
 clean
7FF5B6D4B000
unkown image
page readonly
 clean
7FF521517000
unkown image
page readonly
 clean
27632070000
unkown
page read and write
 clean
2025B229000
unkown
page read and write
 clean
7FF5ABCA5000
unkown image
page readonly
 clean
2025C000000
unkown
page read and write
 clean
4C980000
unkown
page read and write
 clean
7FF521503000
unkown image
page readonly
 clean
7FF5B71EF000
unkown image
page readonly
 clean
3121000
unkown
page read and write
 clean
17C000
unkown
page read and write
 clean
7FF521465000
unkown image
page readonly
 clean
7FF5ABF57000
unkown image
page readonly
 clean
There are 840 hidden memdumps, click here to show them.