Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
doc-220808714.xls
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, Code page: 1251, Name of Creating Application:
Microsoft Excel, Create Time/Date: Fri Jun 5 19:19:34 2015, Last Saved Time/Date: Tue Oct 12 08:22:59 2021, Security: 0
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\028E0688-7982-482A-A558-DEEDEEDCA262
|
XML 1.0 document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
 |
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
|
'C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE' /automation -Embedding
|
|
|
|
C:\Windows\SysWOW64\regsvr32.exe
|
'C:\Windows\System32\regsvr32.exe' C:\Datop\test.test
|
|
|
|
C:\Windows\SysWOW64\regsvr32.exe
|
'C:\Windows\System32\regsvr32.exe' C:\Datop\test1.test
|
|
|
|
C:\Windows\SysWOW64\regsvr32.exe
|
'C:\Windows\System32\regsvr32.exe' C:\Datop\test2.test
|
|
|
|
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
|
'C:\Program Files\Microsoft Office\Office14\EXCEL.EXE' /automation -Embedding
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
'C:\Windows\System32\regsvr32.exe' C:\Datop\test.test
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
'C:\Windows\System32\regsvr32.exe' C:\Datop\test1.test
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
'C:\Windows\System32\regsvr32.exe' C:\Datop\test2.test
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.diagnosticssdf.office.com
|
unknown
|
|
|
|
https://login.microsoftonline.com/
|
unknown
|
|
|
|
https://shell.suite.office.com:1443
|
unknown
|
|
|
|
https://login.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize
|
unknown
|
|
|
|
https://autodiscover-s.outlook.com/
|
unknown
|
|
|
|
https://roaming.edog.
|
unknown
|
|
|
|
https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Flickr
|
unknown
|
|
|
|
https://cdn.entity.
|
unknown
|
|
|
|
https://api.addins.omex.office.net/appinfo/query
|
unknown
|
|
|
|
https://clients.config.office.net/user/v1.0/tenantassociationkey
|
unknown
|
|
|
|
https://dev.virtualearth.net/REST/V1/GeospatialEndpoint/
|
unknown
|
|
|
|
https://powerlift.acompli.net
|
unknown
|
|
|
|
https://rpsticket.partnerservices.getmicrosoftkey.com
|
unknown
|
|
|
|
https://lookup.onenote.com/lookup/geolocation/v1
|
unknown
|
|
|
|
https://cortana.ai
|
unknown
|
|
|
|
https://apc.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
|
unknown
|
|
|
|
https://cloudfiles.onenote.com/upload.aspx
|
unknown
|
|
|
|
https://syncservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
|
unknown
|
|
|
|
https://entitlement.diagnosticssdf.office.com
|
unknown
|
|
|
|
https://na01.oscs.protection.outlook.com/api/SafeLinksApi/GetPolicy
|
unknown
|
|
|
|
https://api.aadrm.com/
|
unknown
|
|
|
|
https://ofcrecsvcapi-int.azurewebsites.net/
|
unknown
|
|
|
|
https://dataservice.protection.outlook.com/PsorWebService/v1/ClientSyncFile/MipPolicies
|
unknown
|
|
|
|
https://api.microsoftstream.com/api/
|
unknown
|
|
|
|
https://insertmedia.bing.office.net/images/hosted?host=office&adlt=strict&hostType=Immersive
|
unknown
|
|
|
|
https://cr.office.com
|
unknown
|
|
|
|
https://augloop.office.com;https://augloop-int.officeppe.com;https://augloop-dogfood.officeppe.com;h
|
unknown
|
|
|
|
https://portal.office.com/account/?ref=ClientMeControl
|
unknown
|
|
|
|
https://graph.ppe.windows.net
|
unknown
|
|
|
|
https://res.getmicrosoftkey.com/api/redemptionevents
|
unknown
|
|
|
|
https://powerlift-frontdesk.acompli.net
|
unknown
|
|
|
|
https://tasks.office.com
|
unknown
|
|
|
|
https://officeci.azurewebsites.net/api/
|
unknown
|
|
|
|
https://sr.outlook.office.net/ws/speech/recognize/assistant/work
|
unknown
|
|
|
|
https://madieandme.com.au/xnkpOLnvlN6T/ocrafh.html
|
101.0.112.4
|
|
|
|
https://store.office.cn/addinstemplate
|
unknown
|
|
|
|
https://api.aadrm.com
|
unknown
|
|
|
|
https://outlook.office.com/autosuggest/api/v1/init?cvid=
|
unknown
|
|
|
|
https://globaldisco.crm.dynamics.com
|
unknown
|
|
|
|
https://nam.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
|
unknown
|
|
|
|
https://store.officeppe.com/addinstemplate
|
unknown
|
|
|
|
https://dev0-api.acompli.net/autodetect
|
unknown
|
|
|
|
https://www.odwebp.svc.ms
|
unknown
|
|
|
|
https://api.powerbi.com/v1.0/myorg/groups
|
unknown
|
|
|
|
https://web.microsoftstream.com/video/
|
unknown
|
|
|
|
https://graph.windows.net
|
unknown
|
|
|
|
https://dataservice.o365filtering.com/
|
unknown
|
|
|
|
https://officesetup.getmicrosoftkey.com
|
unknown
|
|
|
|
https://analysis.windows.net/powerbi/api
|
unknown
|
|
|
|
https://prod-global-autodetect.acompli.net/autodetect
|
unknown
|
|
|
|
https://outlook.office365.com/autodiscover/autodiscover.json
|
unknown
|
|
|
|
https://powerpoint.uservoice.com/forums/288952-powerpoint-for-ipad-iphone-ios
|
unknown
|
|
|
|
https://eur.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
|
unknown
|
|
|
|
https://pf.directory.live.com/profile/mine/System.ShortCircuitProfile.json
|
unknown
|
|
|
|
https://ncus.contentsync.
|
unknown
|
|
|
|
https://onedrive.live.com/about/download/?windows10SyncClientInstalled=false
|
unknown
|
|
|
|
https://webdir.online.lync.com/autodiscover/autodiscoverservice.svc/root/
|
unknown
|
|
|
|
http://weather.service.msn.com/data.aspx
|
unknown
|
|
|
|
https://apis.live.net/v5.0/
|
unknown
|
|
|
|
https://officemobile.uservoice.com/forums/929800-office-app-ios-and-ipad-asks
|
unknown
|
|
|
|
https://word.uservoice.com/forums/304948-word-for-ipad-iphone-ios
|
unknown
|
|
|
|
https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml
|
unknown
|
|
|
|
https://management.azure.com
|
unknown
|
|
|
|
https://outlook.office365.com
|
unknown
|
|
|
|
https://wus2.contentsync.
|
unknown
|
|
|
|
https://incidents.diagnostics.office.com
|
unknown
|
|
|
|
https://clients.config.office.net/user/v1.0/ios
|
unknown
|
|
|
|
https://insertmedia.bing.office.net/odc/insertmedia
|
unknown
|
|
|
|
https://o365auditrealtimeingestion.manage.office.com
|
unknown
|
|
|
|
https://outlook.office365.com/api/v1.0/me/Activities
|
unknown
|
|
|
|
https://api.office.net
|
unknown
|
|
|
|
https://incidents.diagnosticssdf.office.com
|
unknown
|
|
|
|
https://asgsmsproxyapi.azurewebsites.net/
|
unknown
|
|
|
|
https://clients.config.office.net/user/v1.0/android/policies
|
unknown
|
|
|
|
https://entitlement.diagnostics.office.com
|
unknown
|
|
|
|
https://pf.directory.live.com/profile/mine/WLX.Profiles.IC.json
|
unknown
|
|
|
|
https://substrate.office.com/search/api/v2/init
|
unknown
|
|
|
|
https://outlook.office.com/
|
unknown
|
|
|
|
https://storage.live.com/clientlogs/uploadlocation
|
unknown
|
|
|
|
https://amerident.com.do/xdOMlaB0XJ7/ocraf.html
|
108.179.242.179
|
|
|
|
https://outlook.office365.com/
|
unknown
|
|
|
|
https://webshell.suite.office.com
|
unknown
|
|
|
|
https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=OneDrive
|
unknown
|
|
|
|
https://substrate.office.com/search/api/v1/SearchHistory
|
unknown
|
|
|
|
https://management.azure.com/
|
unknown
|
|
|
|
https://login.windows.net/common/oauth2/authorize
|
unknown
|
|
|
|
https://dataservice.o365filtering.com/PolicySync/PolicySync.svc/SyncFile
|
unknown
|
|
|
|
https://graph.windows.net/
|
unknown
|
|
|
|
https://api.powerbi.com/beta/myorg/imports
|
unknown
|
|
|
|
https://devnull.onenote.com
|
unknown
|
|
|
|
https://ncus.pagecontentsync.
|
unknown
|
|
|
|
https://r4.res.office365.com/footprintconfig/v1.7/scripts/fpconfig.json
|
unknown
|
|
|
|
https://messaging.office.com/
|
unknown
|
|
|
|
https://dataservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
|
unknown
|
|
|
|
https://augloop.office.com/v2
|
unknown
|
|
|
|
https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Bing
|
unknown
|
|
|
|
https://skyapi.live.net/Activity/
|
unknown
|
|
|
|
https://clients.config.office.net/user/v1.0/mac
|
unknown
|
|
|
|
https://dataservice.o365filtering.com
|
unknown
|
|
|
|
https://ohemaa.org/HUVm9mDKLW9C/ocrafhh.html
|
172.93.99.178
|
|
|
|
http://services.msn.com/svcs/oe/certpage.asp?name=%s&email=%s&&Check
|
unknown
|
|
|
|
http://www.windows.com/pctv.
|
unknown
|
|
|
|
http://investor.msn.com
|
unknown
|
|
|
|
http://www.msnbc.com/news/ticker.txt
|
unknown
|
|
|
|
http://www.icra.org/vocabulary/.
|
unknown
|
|
|
|
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous.
|
unknown
|
|
|
|
http://investor.msn.com/
|
unknown
|
|
|
|
http://www.%s.comPA
|
unknown
|
|
|
|
http://windowsmedia.com/redir/services.asp?WMPFriendly=true
|
unknown
|
|
|
|
http://www.hotmail.com/oe
|
unknown
|
|
|
|
http://servername/isapibackend.dll
|
unknown
|
|
There are 101 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ohemaa.org
|
172.93.99.178
|
|
|
|
amerident.com.do
|
108.179.242.179
|
|
|
|
madieandme.com.au
|
101.0.112.4
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
101.0.112.4
|
madieandme.com.au
|
Australia
|
|
|
|
108.179.242.179
|
amerident.com.do
|
United States
|
|
|
|
172.93.99.178
|
ohemaa.org
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems
|
i34
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems
|
j34
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache
|
RemoteClearDate
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3
|
Last
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3\0
|
FilePath
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3\0
|
StartDate
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3\0
|
EndDate
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3\0
|
Properties
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3\0
|
Url
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache
|
LastClean
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
|
DisableWinHttpCertAuth
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
|
DisableIsOwnerRegex
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
|
DisableSessionAwareHttpClose
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
|
DisableADALForExtendedApps
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
|
DisableADALSetSilentAuth
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
|
msoridDisableGuestCredProvider
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
|
msoridDisableOstringReplace
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\IOAV
|
LastBootTime
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ReviewCycle
|
ReviewToken
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery\1BBF9
|
1BBF9
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109110000000000000000F01FEC\Usage
|
VBAFiles
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ExdCache\Excel8.0
|
MSForms
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ExdCache\Excel8.0
|
MSComctlLib
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems
|
d?4
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery\2ADCB
|
2ADCB
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery\2B05B
|
2B05B
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109110000000000000000F01FEC\Usage
|
ProductFiles
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
|
en-US
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
|
en-US
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109110000000000000000F01FEC\Usage
|
EXCELFiles
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming
|
RoamingConfigurableSettings
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming
|
RoamingLastSyncTime
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming
|
RoamingLastWriteTime
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\IOAV
|
LastBootTime
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\Trusted Documents
|
LastPurgeTime
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
|
9'$
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel
|
MTTT
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\ReviewCycle
|
ReviewToken
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\2EE64
|
2EE64
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
VBAFiles
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
|
,+$
|
|
|
|
HKEY_CURRENT_USER_CLASSES\Local Settings\MuiCache\151\52C64B7E
|
@%SystemRoot%\system32\qagentrt.dll,-10
|
|
|
|
HKEY_CURRENT_USER_CLASSES\Local Settings\MuiCache\151\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
|
|
|
HKEY_CURRENT_USER_CLASSES\Local Settings\MuiCache\151\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
|
|
|
HKEY_CURRENT_USER_CLASSES\Local Settings\MuiCache\151\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
|
Max Display
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Max Display
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 1
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 2
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 3
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 4
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 5
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 6
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 7
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 8
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 9
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 10
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 11
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 12
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 13
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 14
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 15
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 16
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 17
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 18
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 19
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 20
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\39E13
|
39E13
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
|
Max Display
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Max Display
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 1
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 2
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 3
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 4
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 5
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 6
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 7
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 8
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 9
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 10
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 11
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 12
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 13
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 14
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 15
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 16
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 17
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 18
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 19
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 20
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\39FC8
|
39FC8
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Security\Trusted Documents
|
LastPurgeTime
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
EXCELFiles
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
ProductFiles
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
|
There are 94 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
230A5C92000
|
unkown
|
page read and write
|
|
|
|
7FF577AF3000
|
unkown image
|
page readonly
|
|
|
|
7DF58FAA0000
|
unkown image
|
page readonly
|
|
|
|
7FF53435D000
|
unkown image
|
page readonly
|
|
|
|
7939DF7000
|
unkown
|
page read and write
|
|
|
|
3018000
|
unkown
|
page read and write
|
|
|
|
1C27EFE0000
|
heap private
|
page read and write
|
|
|
|
7FF5D1F6A000
|
unkown image
|
page readonly
|
|
|
|
2924000
|
unkown image
|
page readonly
|
|
|
|
2048F650000
|
unkown image
|
page readonly
|
|
|
|
230A6CC0000
|
unkown image
|
page readonly
|
|
|
|
19C09992000
|
unkown
|
page read and write
|
|
|
|
3330000
|
unkown image
|
page readonly
|
|
|
|
7FF577CA5000
|
unkown image
|
page readonly
|
|
|
|
2C8D000
|
unkown image
|
page readonly
|
|
|
|
1E6BC8CA000
|
unkown
|
page read and write
|
|
|
|
7FF5D1DEE000
|
unkown image
|
page readonly
|
|
|
|
230AB100000
|
unkown
|
page read and write
|
|
|
|
7FF5165EE000
|
unkown image
|
page readonly
|
|
|
|
7FF5D200E000
|
unkown image
|
page readonly
|
|
|
|
2048F879000
|
unkown
|
page read and write
|
|
|
|
21672A00000
|
unkown
|
page read and write
|
|
|
|
19C08F00000
|
unkown image
|
page readonly
|
|
|
|
2B6C000
|
unkown image
|
page readonly
|
|
|
|
12883E42000
|
unkown
|
page read and write
|
|
|
|
7F502000
|
unkown image
|
page readonly
|
|
|
|
7FF5B1539000
|
unkown image
|
page readonly
|
|
|
|
7FF59992D000
|
unkown image
|
page readonly
|
|
|
|
21672A61000
|
unkown
|
page read and write
|
|
|
|
7FF557355000
|
unkown image
|
page readonly
|
|
|
|
7FF5162EC000
|
unkown image
|
page readonly
|
|
|
|
7FF577A63000
|
unkown image
|
page readonly
|
|
|
|
19C099B3000
|
unkown
|
page read and write
|
|
|
|
1AA1A890000
|
heap private
|
page read and write
|
|
|
|
7FF580343000
|
unkown image
|
page readonly
|
|
|
|
7FF577D3F000
|
unkown image
|
page readonly
|
|
|
|
1AA1A580000
|
unkown
|
page read and write
|
|
|
|
7FF55A04F000
|
unkown image
|
page readonly
|
|
|
|
7FF556B96000
|
unkown image
|
page readonly
|
|
|
|
2AA65F7000
|
unkown
|
page read and write
|
|
|
|
7F500000
|
unkown image
|
page readonly
|
|
|
|
7DF549D20000
|
unkown image
|
page readonly
|
|
|
|
1AA1A67D000
|
unkown
|
page read and write
|
|
|
|
7DF56CD00000
|
unkown image
|
page readonly
|
|
|
|
18222C02000
|
unkown
|
page read and write
|
|
|
|
7939CFE000
|
unkown
|
page read and write
|
|
|
|
1E50D280000
|
unkown image
|
page read and write
|
|
|
|
7FF5B1C9B000
|
unkown image
|
page readonly
|
|
|
|
230A5C57000
|
unkown
|
page read and write
|
|
|
|
303A000
|
unkown
|
page read and write
|
|
|
|
230AB2E5000
|
unkown
|
page read and write
|
|
|
|
7DF549D32000
|
unkown image
|
page readonly
|
|
|
|
18222C67000
|
unkown
|
page read and write
|
|
|
|
7F040000
|
unkown image
|
page readonly
|
|
|
|
19C09979000
|
unkown
|
page read and write
|
|
|
|
12883E5F000
|
unkown
|
page read and write
|
|
|
|
2AD5000
|
unkown image
|
page readonly
|
|
|
|
18222B50000
|
unkown
|
page read and write
|
|
|
|
7F70000
|
unkown
|
page read and write
|
|
|
|
19C09992000
|
unkown
|
page read and write
|
|
|
|
7FF534338000
|
unkown image
|
page readonly
|
|
|
|
2DF0000
|
unkown image
|
page readonly
|
|
|
|
230AB110000
|
unkown
|
page read and write
|
|
|
|
7FF557329000
|
unkown image
|
page readonly
|
|
|
|
7F4F2000
|
unkown image
|
page readonly
|
|
|
|
12883E3D000
|
unkown
|
page read and write
|
|
|
|
31E0000
|
unkown
|
page read and write
|
|
|
|
7FF53433C000
|
unkown image
|
page readonly
|
|
|
|
7FF5D1FEB000
|
unkown image
|
page readonly
|
|
|
|
19C090C0000
|
unkown
|
page read and write
|
|
|
|
7FF5802D4000
|
unkown image
|
page readonly
|
|
|
|
1E6BC5F0000
|
unkown image
|
page readonly
|
|
|
|
2B0D000
|
unkown image
|
page readonly
|
|
|
|
2B82000
|
unkown image
|
page readonly
|
|
|
|
7FF559F9A000
|
unkown image
|
page readonly
|
|
|
|
19C099BB000
|
unkown
|
page read and write
|
|
|
|
7DF5C75E0000
|
unkown image
|
page readonly
|
|
|
|
2A61000
|
unkown image
|
page readonly
|
|
|
|
7FF5D1F63000
|
unkown image
|
page readonly
|
|
|
|
3290000
|
unkown image
|
page readonly
|
|
|
|
19C0999A000
|
unkown
|
page read and write
|
|
|
|
7FF559F7D000
|
unkown image
|
page readonly
|
|
|
|
7FF577B4D000
|
unkown image
|
page readonly
|
|
|
|
7FF55A020000
|
unkown image
|
page readonly
|
|
|
|
1E50D45B000
|
unkown
|
page read and write
|
|
|
|
7FF5D1E75000
|
unkown image
|
page readonly
|
|
|
|
7DF56CCE0000
|
unkown image
|
page readonly
|
|
|
|
2A81000
|
unkown image
|
page readonly
|
|
|
|
7DF549D20000
|
unkown image
|
page readonly
|
|
|
|
19C09116000
|
unkown
|
page read and write
|
|
|
|
230AB140000
|
unkown
|
page read and write
|
|
|
|
7FF5164C0000
|
unkown image
|
page readonly
|
|
|
|
7939B7B000
|
unkown
|
page read and write
|
|
|
|
7FF559F57000
|
unkown image
|
page readonly
|
|
|
|
230AB540000
|
unkown
|
page read and write
|
|
|
|
18222C67000
|
unkown
|
page read and write
|
|
|
|
3184000
|
heap private
|
page read and write
|
|
|
|
7FF5803BF000
|
unkown image
|
page readonly
|
|
|
|
2048F650000
|
unkown image
|
page readonly
|
|
|
|
32D0000
|
unkown
|
page read and write
|
|
|
|
2ADC000
|
unkown image
|
page readonly
|
|
|
|
7FF5803CE000
|
unkown image
|
page readonly
|
|
|
|
7DF5E7910000
|
unkown image
|
page readonly
|
|
|
|
7FF5779F3000
|
unkown image
|
page readonly
|
|
|
|
34F0000
|
unkown image
|
page readonly
|
|
|
|
7FF53441E000
|
unkown image
|
page readonly
|
|
|
|
81F0000
|
unkown
|
page read and write
|
|
|
|
230AB524000
|
unkown
|
page read and write
|
|
|
|
19C090A7000
|
unkown
|
page read and write
|
|
|
|
21673080000
|
unkown
|
page read and write
|
|
|
|
230AB140000
|
unkown
|
page read and write
|
|
|
|
7FF516565000
|
unkown image
|
page readonly
|
|
|
|
E35807F000
|
unkown
|
page read and write
|
|
|
|
21672F90000
|
unkown image
|
page readonly
|
|
|
|
7FF5B1CA0000
|
unkown image
|
page readonly
|
|
|
|
230AB570000
|
unkown
|
page read and write
|
|
|
|
7FF599525000
|
unkown image
|
page readonly
|
|
|
|
53AC8FF000
|
unkown
|
page read and write
|
|
|
|
12884380000
|
unkown image
|
page readonly
|
|
|
|
7FF577BB4000
|
unkown image
|
page readonly
|
|
|
|
7FF559F85000
|
unkown image
|
page readonly
|
|
|
|
19C09680000
|
unkown
|
page read and write
|
|
|
|
19C09740000
|
unkown
|
page read and write
|
|
|
|
7FF5165FF000
|
unkown image
|
page readonly
|
|
|
|
327B000
|
unkown
|
page read and write
|
|
|
|
1E6BC610000
|
unkown image
|
page readonly
|
|
|
|
2048F84E000
|
unkown
|
page read and write
|
|
|
|
2DC0000
|
unkown image
|
page readonly
|
|
|
|
12883E61000
|
unkown
|
page read and write
|
|
|
|
230A7060000
|
unkown
|
page read and write
|
|
|
|
7FF559F93000
|
unkown image
|
page readonly
|
|
|
|
19C09E02000
|
unkown
|
page read and write
|
|
|
|
12883E44000
|
unkown
|
page read and write
|
|
|
|
7FF577B8F000
|
unkown image
|
page readonly
|
|
|
|
2DC0000
|
unkown image
|
page readonly
|
|
|
|
2D50000
|
unkown image
|
page readonly
|
|
|
|
1E6BCDA0000
|
unkown
|
page read and write
|
|
|
|
7FF5B1CBB000
|
unkown image
|
page readonly
|
|
|
|
7FF577C00000
|
unkown image
|
page readonly
|
|
|
|
230A6CE0000
|
unkown image
|
page readonly
|
|
|
|
3318000
|
unkown
|
page read and write
|
|
|
|
1E6BC5D0000
|
unkown image
|
page read and write
|
|
|
|
19C099A1000
|
unkown
|
page read and write
|
|
|
|
7DF52BF02000
|
unkown image
|
page readonly
|
|
|
|
7FF515DA2000
|
unkown image
|
page readonly
|
|
|
|
7DF56F942000
|
unkown image
|
page readonly
|
|
|
|
19C09987000
|
unkown
|
page read and write
|
|
|
|
4B9ED7E000
|
unkown
|
page read and write
|
|
|
|
7FF577A33000
|
unkown image
|
page readonly
|
|
|
|
7DF52BEF0000
|
unkown image
|
page readonly
|
|
|
|
7FF53442B000
|
unkown image
|
page readonly
|
|
|
|
34A1000
|
unkown
|
page read and write
|
|
|
|
19C09050000
|
unkown
|
page read and write
|
|
|
|
741B47F000
|
unkown
|
page read and write
|
|
|
|
2D1D000
|
unkown image
|
page readonly
|
|
|
|
19C09974000
|
unkown
|
page read and write
|
|
|
|
21672C00000
|
unkown image
|
page readonly
|
|
|
|
1E6BC82A000
|
unkown
|
page read and write
|
|
|
|
BE9EFF000
|
unkown
|
page read and write
|
|
|
|
19C09976000
|
unkown
|
page read and write
|
|
|
|
2962000
|
unkown image
|
page readonly
|
|
|
|
194347E000
|
unkown
|
page read and write
|
|
|
|
230A5BF0000
|
unkown image
|
page read and write
|
|
|
|
19C09E00000
|
unkown
|
page read and write
|
|
|
|
2CB6000
|
unkown image
|
page readonly
|
|
|
|
1E50D46D000
|
unkown
|
page read and write
|
|
|
|
19C099DB000
|
unkown
|
page read and write
|
|
|
|
7FF577B0E000
|
unkown image
|
page readonly
|
|
|
|
230AB307000
|
unkown
|
page read and write
|
|
|
|
2A94000
|
unkown image
|
page readonly
|
|
|
|
53ACBFB000
|
unkown
|
page read and write
|
|
|
|
230AB249000
|
unkown
|
page read and write
|
|
|
|
3200000
|
unkown image
|
page readonly
|
|
|
|
19C09999000
|
unkown
|
page read and write
|
|
|
|
7FF599908000
|
unkown image
|
page readonly
|
|
|
|
21672A66000
|
unkown
|
page read and write
|
|
|
|
7FF577C22000
|
unkown image
|
page readonly
|
|
|
|
1C27F7D0000
|
unkown
|
page read and write
|
|
|
|
2AE9000
|
unkown image
|
page readonly
|
|
|
|
7DF595D00000
|
unkown image
|
page readonly
|
|
|
|
7F050000
|
unkown image
|
page readonly
|
|
|
|
3014000
|
unkown
|
page read and write
|
|
|
|
7FF577C47000
|
unkown image
|
page readonly
|
|
|
|
BE953D000
|
unkown
|
page read and write
|
|
|
|
230AB211000
|
unkown
|
page read and write
|
|
|
|
7FF580216000
|
unkown image
|
page readonly
|
|
|
|
7F190000
|
unkown image
|
page readonly
|
|
|
|
7FF5164D4000
|
unkown image
|
page readonly
|
|
|
|
7DF56F952000
|
unkown image
|
page readonly
|
|
|
|
12883F02000
|
unkown
|
page read and write
|
|
|
|
230A5D02000
|
unkown
|
page read and write
|
|
|
|
2048F813000
|
unkown
|
page read and write
|
|
|
|
307B000
|
unkown
|
page read and write
|
|
|
|
7FF59987D000
|
unkown image
|
page readonly
|
|
|
|
2048F849000
|
unkown
|
page read and write
|
|
|
|
19C0997D000
|
unkown
|
page read and write
|
|
|
|
7FF599868000
|
unkown image
|
page readonly
|
|
|
|
31CA000
|
heap private
|
page read and write
|
|
|
|
230A5B60000
|
unkown image
|
page readonly
|
|
|
|
28A547D000
|
unkown
|
page read and write
|
|
|
|
7FF53440D000
|
unkown image
|
page readonly
|
|
|
|
182229F0000
|
heap private
|
page read and write
|
|
|
|
2CFC000
|
unkown image
|
page readonly
|
|
|
|
19C09200000
|
unkown image
|
page readonly
|
|
|
|
7DF52BF00000
|
unkown image
|
page readonly
|
|
|
|
7DF56F942000
|
unkown image
|
page readonly
|
|
|
|
3570000
|
unkown image
|
page readonly
|
|
|
|
7FF5573EF000
|
unkown image
|
page readonly
|
|
|
|
230AB110000
|
unkown
|
page read and write
|
|
|
|
1AA1A470000
|
unkown image
|
page readonly
|
|
|
|
7DF5C75C0000
|
unkown image
|
page readonly
|
|
|
|
19C09912000
|
unkown
|
page read and write
|
|
|
|
242F52E000
|
unkown
|
page read and write
|
|
|
|
BE95BE000
|
unkown
|
page read and write
|
|
|
|
12883E46000
|
unkown
|
page read and write
|
|
|
|
7FF5B1CCD000
|
unkown image
|
page readonly
|
|
|
|
19C08EC0000
|
heap private
|
page read and write
|
|
|
|
32FA000
|
heap default
|
page read and write
|
|
|
|
7FF5D1F4D000
|
unkown image
|
page readonly
|
|
|
|
1C27F302000
|
unkown
|
page read and write
|
|
|
|
7DF58D642000
|
unkown image
|
page readonly
|
|
|
|
2ACB000
|
unkown image
|
page readonly
|
|
|
|
7F290000
|
unkown image
|
page readonly
|
|
|
|
7FF577D24000
|
unkown image
|
page readonly
|
|
|
|
28A513B000
|
unkown
|
page read and write
|
|
|
|
741B5F9000
|
unkown
|
page read and write
|
|
|
|
7FF58027E000
|
unkown image
|
page readonly
|
|
|
|
7FF5163B3000
|
unkown image
|
page readonly
|
|
|
|
1E50D600000
|
unkown image
|
page readonly
|
|
|
|
7FF55731D000
|
unkown image
|
page readonly
|
|
|
|
1C27FA00000
|
unkown
|
page read and write
|
|
|
|
7FF577D2E000
|
unkown image
|
page readonly
|
|
|
|
7FF5B1C35000
|
unkown image
|
page readonly
|
|
|
|
31B0000
|
unkown image
|
page readonly
|
|
|
|
19C090F7000
|
unkown
|
page read and write
|
|
|
|
34B2000
|
unkown
|
page read and write
|
|
|
|
2D50000
|
unkown image
|
page readonly
|
|
|
|
7FF559F68000
|
unkown image
|
page readonly
|
|
|
|
194337C000
|
unkown
|
page read and write
|
|
|
|
21672A3C000
|
unkown
|
page read and write
|
|
|
|
3255000
|
unkown
|
page read and write
|
|
|
|
19C09E63000
|
unkown
|
page read and write
|
|
|
|
7FF534327000
|
unkown image
|
page readonly
|
|
|
|
19C09E02000
|
unkown
|
page read and write
|
|
|
|
7FF5B1CCF000
|
unkown image
|
page readonly
|
|
|
|
7FF5165C6000
|
unkown image
|
page readonly
|
|
|
|
230AB070000
|
unkown
|
page read and write
|
|
|
|
230AB0F0000
|
unkown
|
page read and write
|
|
|
|
2B07000
|
unkown image
|
page readonly
|
|
|
|
7F2B0000
|
unkown image
|
page readonly
|
|
|
|
230AB2FC000
|
unkown
|
page read and write
|
|
|
|
7FF57FEAF000
|
unkown image
|
page readonly
|
|
|
|
230AB120000
|
unkown
|
page read and write
|
|
|
|
7DF56CCF2000
|
unkown image
|
page readonly
|
|
|
|
7FF5D1AE9000
|
unkown image
|
page readonly
|
|
|
|
7FF5B1C96000
|
unkown image
|
page readonly
|
|
|
|
7DF5E7930000
|
unkown image
|
page readonly
|
|
|
|
7FF5165FF000
|
unkown image
|
page readonly
|
|
|
|
3328000
|
unkown
|
page read and write
|
|
|
|
7FF51617A000
|
unkown image
|
page readonly
|
|
|
|
7FF5B1BD7000
|
unkown image
|
page readonly
|
|
|
|
7FF5D1F2C000
|
unkown image
|
page readonly
|
|
|
|
53ACCFD000
|
unkown
|
page read and write
|
|
|
|
32F0000
|
heap default
|
page read and write
|
|
|
|
2048F640000
|
heap private
|
page read and write
|
|
|
|
E358179000
|
unkown
|
page read and write
|
|
|
|
7FF5161A4000
|
unkown image
|
page readonly
|
|
|
|
7FF53437A000
|
unkown image
|
page readonly
|
|
|
|
18222C4E000
|
unkown
|
page read and write
|
|
|
|
7FF5D1FFD000
|
unkown image
|
page readonly
|
|
|
|
7FF5B1C1A000
|
unkown image
|
page readonly
|
|
|
|
1E50D990000
|
unkown image
|
page readonly
|
|
|
|
7DF56CCE2000
|
unkown image
|
page readonly
|
|
|
|
2D7B000
|
unkown image
|
page readonly
|
|
|
|
2048F880000
|
unkown
|
page read and write
|
|
|
|
2048FA00000
|
unkown image
|
page readonly
|
|
|
|
7FF5803CB000
|
unkown image
|
page readonly
|
|
|
|
19C09750000
|
unkown image
|
page read and write
|
|
|
|
28A577F000
|
unkown
|
page read and write
|
|
|
|
2D05000
|
unkown image
|
page readonly
|
|
|
|
19C09980000
|
unkown
|
page read and write
|
|
|
|
19C099B9000
|
unkown
|
page read and write
|
|
|
|
7FF5573AF000
|
unkown image
|
page readonly
|
|
|
|
230AB521000
|
unkown
|
page read and write
|
|
|
|
2A40000
|
unkown image
|
page readonly
|
|
|
|
1E6BC8BD000
|
unkown
|
page read and write
|
|
|
|
12883E4D000
|
unkown
|
page read and write
|
|
|
|
2048F913000
|
unkown
|
page read and write
|
|
|
|
7FF57A1AB000
|
unkown image
|
page readonly
|
|
|
|
2B61000
|
unkown image
|
page readonly
|
|
|
|
53ACA7C000
|
unkown
|
page read and write
|
|
|
|
BE9E77000
|
unkown
|
page read and write
|
|
|
|
19C096D0000
|
unkown image
|
page write copy
|
|
|
|
2A6C000
|
unkown image
|
page readonly
|
|
|
|
2048F670000
|
unkown image
|
page readonly
|
|
|
|
2CDA000
|
unkown image
|
page readonly
|
|
|
|
325C000
|
unkown
|
page read and write
|
|
|
|
BE9C77000
|
unkown
|
page read and write
|
|
|
|
230A5CFB000
|
unkown
|
page read and write
|
|
|
|
7FF58014A000
|
unkown image
|
page readonly
|
|
|
|
194327E000
|
unkown
|
page read and write
|
|
|
|
26F8000
|
unkown image
|
page readonly
|
|
|
|
7DF5AF252000
|
unkown image
|
page readonly
|
|
|
|
7FF5778E4000
|
unkown image
|
page readonly
|
|
|
|
7FF580335000
|
unkown image
|
page readonly
|
|
|
|
21672A29000
|
unkown
|
page read and write
|
|
|
|
3230000
|
heap default
|
page read and write
|
|
|
|
7FF577D10000
|
unkown image
|
page readonly
|
|
|
|
80EE000
|
unkown
|
page read and write
|
|
|
|
7FF55A03B000
|
unkown image
|
page readonly
|
|
|
|
7FF516106000
|
unkown image
|
page readonly
|
|
|
|
7FF5803DD000
|
unkown image
|
page readonly
|
|
|
|
2A26000
|
unkown image
|
page readonly
|
|
|
|
19C09992000
|
unkown
|
page read and write
|
|
|
|
7FF5B19C8000
|
unkown image
|
page readonly
|
|
|
|
7FF577D3F000
|
unkown image
|
page readonly
|
|
|
|
7FF533CAA000
|
unkown image
|
page readonly
|
|
|
|
3470000
|
heap default
|
page read and write
|
|
|
|
4D60000
|
unkown
|
page read and write
|
|
|
|
19C090D4000
|
unkown
|
page read and write
|
|
|
|
230AB200000
|
unkown
|
page read and write
|
|
|
|
7FF5341EC000
|
unkown image
|
page readonly
|
|
|
|
19C09988000
|
unkown
|
page read and write
|
|
|
|
3275000
|
unkown
|
page read and write
|
|
|
|
2B65000
|
unkown image
|
page readonly
|
|
|
|
7FF5802E2000
|
unkown image
|
page readonly
|
|
|
|
7DF48B500000
|
unkown image
|
page readonly
|
|
|
|
7DF56F940000
|
unkown image
|
page readonly
|
|
|
|
32E0000
|
unkown
|
page read and write
|
|
|
|
7FF577C6D000
|
unkown image
|
page readonly
|
|
|
|
1AA1A665000
|
unkown
|
page read and write
|
|
|
|
7FF559B19000
|
unkown image
|
page readonly
|
|
|
|
7DF58FAA2000
|
unkown image
|
page readonly
|
|
|
|
BE9D7F000
|
unkown
|
page read and write
|
|
|
|
19C09907000
|
unkown
|
page read and write
|
|
|
|
4CFE000
|
unkown
|
page read and write
|
|
|
|
230AB570000
|
unkown
|
page read and write
|
|
|
|
12883E2F000
|
unkown
|
page read and write
|
|
|
|
19C09988000
|
unkown
|
page read and write
|
|
|
|
19C0995C000
|
unkown
|
page read and write
|
|
|
|
29A4000
|
unkown image
|
page readonly
|
|
|
|
19C09070000
|
unkown
|
page read and write
|
|
|
|
3090000
|
heap default
|
page read and write
|
|
|
|
242FBFF000
|
unkown
|
page read and write
|
|
|
|
7FF59979F000
|
unkown image
|
page readonly
|
|
|
|
19C09E02000
|
unkown
|
page read and write
|
|
|
|
7DF5C75C2000
|
unkown image
|
page readonly
|
|
|
|
19C0903C000
|
unkown
|
page read and write
|
|
|
|
7FF5B1986000
|
unkown image
|
page readonly
|
|
|
|
53ACB7D000
|
unkown
|
page read and write
|
|
|
|
32AE000
|
unkown
|
page read and write
|
|
|
|
2048F84C000
|
unkown
|
page read and write
|
|
|
|
19C096A0000
|
unkown image
|
page readonly
|
|
|
|
2D09000
|
unkown image
|
page readonly
|
|
|
|
3261000
|
unkown
|
page read and write
|
|
|
|
7FF5800C6000
|
unkown image
|
page readonly
|
|
|
|
2A55000
|
unkown image
|
page readonly
|
|
|
|
7DF447BF0000
|
unkown image
|
page readonly
|
|
|
|
19C09986000
|
unkown
|
page read and write
|
|
|
|
19C08ED0000
|
unkown image
|
page readonly
|
|
|
|
7DF56CD00000
|
unkown image
|
page readonly
|
|
|
|
19C09976000
|
unkown
|
page read and write
|
|
|
|
230AB080000
|
unkown
|
page read and write
|
|
|
|
3311000
|
unkown
|
page read and write
|
|
|
|
7FF599413000
|
unkown image
|
page readonly
|
|
|
|
1E6BCC00000
|
unkown image
|
page readonly
|
|
|
|
7FF579A27000
|
unkown image
|
page readonly
|
|
|
|
19C0997D000
|
unkown
|
page read and write
|
|
|
|
182229E0000
|
unkown image
|
page read and write
|
|
|
|
7FF577AF8000
|
unkown image
|
page readonly
|
|
|
|
2A4A000
|
unkown image
|
page readonly
|
|
|
|
19C09979000
|
unkown
|
page read and write
|
|
|
|
230A7063000
|
unkown
|
page read and write
|
|
|
|
19C0904C000
|
unkown
|
page read and write
|
|
|
|
7FF5340BA000
|
unkown image
|
page readonly
|
|
|
|
7F4F0000
|
unkown image
|
page readonly
|
|
|
|
3258000
|
unkown
|
page read and write
|
|
|
|
28A597E000
|
unkown
|
page read and write
|
|
|
|
6340000
|
unkown image
|
page readonly
|
|
|
|
2D81000
|
unkown image
|
page readonly
|
|
|
|
7FF5164EC000
|
unkown image
|
page readonly
|
|
|
|
19C09400000
|
unkown image
|
page readonly
|
|
|
|
19C09949000
|
unkown
|
page read and write
|
|
|
|
19C09912000
|
unkown
|
page read and write
|
|
|
|
1E50D413000
|
unkown
|
page read and write
|
|
|
|
7DF5C75C0000
|
unkown image
|
page readonly
|
|
|
|
2048F852000
|
unkown
|
page read and write
|
|
|
|
33F0000
|
unkown image
|
page readonly
|
|
|
|
1AA1AC20000
|
unkown image
|
page readonly
|
|
|
|
7DF549D22000
|
unkown image
|
page readonly
|
|
|
|
7DF56F960000
|
unkown image
|
page readonly
|
|
|
|
7FF55A04B000
|
unkown image
|
page readonly
|
|
|
|
19C0998C000
|
unkown
|
page read and write
|
|
|
|
7DF52BF10000
|
unkown image
|
page readonly
|
|
|
|
7FF580192000
|
unkown image
|
page readonly
|
|
|
|
1C27F040000
|
heap default
|
page read and write
|
|
|
|
19C090A7000
|
unkown
|
page read and write
|
|
|
|
7FF5D1FE6000
|
unkown image
|
page readonly
|
|
|
|
1E6BC5E0000
|
heap private
|
page read and write
|
|
|
|
7DF5C75E0000
|
unkown image
|
page readonly
|
|
|
|
19C09740000
|
unkown
|
page read and write
|
|
|
|
230A5ED0000
|
unkown image
|
page readonly
|
|
|
|
7F510000
|
unkown image
|
page readonly
|
|
|
|
18222B30000
|
unkown image
|
page readonly
|
|
|
|
19C099AA000
|
unkown
|
page read and write
|
|
|
|
7F032000
|
unkown image
|
page readonly
|
|
|
|
230AB261000
|
unkown
|
page read and write
|
|
|
|
19C0997D000
|
unkown
|
page read and write
|
|
|
|
7DF429DC0000
|
unkown image
|
page readonly
|
|
|
|
7DF48D970000
|
unkown image
|
page readonly
|
|
|
|
230AB150000
|
unkown
|
page read and write
|
|
|
|
2AA66FF000
|
unkown
|
page read and write
|
|
|
|
19C0997B000
|
unkown
|
page read and write
|
|
|
|
7FF559DED000
|
unkown image
|
page readonly
|
|
|
|
741B67E000
|
unkown
|
page read and write
|
|
|
|
7FF515E67000
|
unkown image
|
page readonly
|
|
|
|
7DF46ABB0000
|
unkown image
|
page readonly
|
|
|
|
2A65000
|
unkown image
|
page readonly
|
|
|
|
7F050000
|
unkown image
|
page readonly
|
|
|
|
7FF53441B000
|
unkown image
|
page readonly
|
|
|
|
21673202000
|
unkown
|
page read and write
|
|
|
|
7DF58D640000
|
unkown image
|
page readonly
|
|
|
|
7FF577871000
|
unkown image
|
page readonly
|
|
|
|
19C09988000
|
unkown
|
page read and write
|
|
|
|
19C08EF0000
|
unkown image
|
page readonly
|
|
|
|
1C27F25C000
|
unkown
|
page read and write
|
|
|
|
7FF57A17B000
|
unkown image
|
page readonly
|
|
|
|
230A5BC0000
|
unkown image
|
page readonly
|
|
|
|
18222D13000
|
unkown
|
page read and write
|
|
|
|
242FAFE000
|
unkown
|
page read and write
|
|
|
|
7F030000
|
unkown image
|
page readonly
|
|
|
|
7FF5162F3000
|
unkown image
|
page readonly
|
|
|
|
7DF58FAB0000
|
unkown image
|
page readonly
|
|
|
|
7FF5341FF000
|
unkown image
|
page readonly
|
|
|
|
7FF577B2E000
|
unkown image
|
page readonly
|
|
|
|
216728F0000
|
unkown image
|
page readonly
|
|
|
|
19C0997F000
|
unkown
|
page read and write
|
|
|
|
7FF580339000
|
unkown image
|
page readonly
|
|
|
|
6490000
|
unkown image
|
page readonly
|
|
|
|
2BC4000
|
unkown image
|
page readonly
|
|
|
|
7DF5AF240000
|
unkown image
|
page readonly
|
|
|
|
38F0000
|
unkown image
|
page readonly
|
|
|
|
3491000
|
unkown
|
page read and write
|
|
|
|
2C9D000
|
unkown image
|
page readonly
|
|
|
|
12883C10000
|
heap default
|
page read and write
|
|
|
|
79397ED000
|
unkown
|
page read and write
|
|
|
|
34B2000
|
unkown
|
page read and write
|
|
|
|
7FF5997A5000
|
unkown image
|
page readonly
|
|
|
|
7DF58FAB0000
|
unkown image
|
page readonly
|
|
|
|
1AA1AAA0000
|
unkown image
|
page readonly
|
|
|
|
194367D000
|
unkown
|
page read and write
|
|
|
|
3210000
|
unkown
|
page read and write
|
|
|
|
1943B7F000
|
unkown
|
page read and write
|
|
|
|
19C09E02000
|
unkown
|
page read and write
|
|
|
|
12883E38000
|
unkown
|
page read and write
|
|
|
|
12883DE0000
|
unkown
|
page read and write
|
|
|
|
7FF5573DE000
|
unkown image
|
page readonly
|
|
|
|
2B77000
|
unkown image
|
page readonly
|
|
|
|
1E50D2A0000
|
unkown image
|
page readonly
|
|
|
|
3070000
|
unkown image
|
page readonly
|
|
|
|
12883E32000
|
unkown
|
page read and write
|
|
|
|
1943A7E000
|
unkown
|
page read and write
|
|
|
|
7FF5598A6000
|
unkown image
|
page readonly
|
|
|
|
2048F850000
|
unkown
|
page read and write
|
|
|
|
7FF5B1CBE000
|
unkown image
|
page readonly
|
|
|
|
7FF58019D000
|
unkown image
|
page readonly
|
|
|
|
4CBE000
|
unkown
|
page read and write
|
|
|
|
4D30000
|
heap private
|
page read and write
|
|
|
|
7E2E000
|
unkown
|
page read and write
|
|
|
|
7EF30000
|
unkown image
|
page readonly
|
|
|
|
7DF5AF242000
|
unkown image
|
page readonly
|
|
|
|
7FF51628A000
|
unkown image
|
page readonly
|
|
|
|
19C09996000
|
unkown
|
page read and write
|
|
|
|
7FF559E63000
|
unkown image
|
page readonly
|
|
|
|
230A5D13000
|
unkown
|
page read and write
|
|
|
|
7FF577BF0000
|
unkown image
|
page readonly
|
|
|
|
12883E6A000
|
unkown
|
page read and write
|
|
|
|
230AB154000
|
unkown
|
page read and write
|
|
|
|
19C0999D000
|
unkown
|
page read and write
|
|
|
|
230A6250000
|
unkown image
|
page readonly
|
|
|
|
18222C00000
|
unkown
|
page read and write
|
|
|
|
19C09985000
|
unkown
|
page read and write
|
|
|
|
7FF577C2C000
|
unkown image
|
page readonly
|
|
|
|
2A34000
|
unkown image
|
page readonly
|
|
|
|
2DEB000
|
unkown
|
page read and write
|
|
|
|
7DF56F952000
|
unkown image
|
page readonly
|
|
|
|
7FF51639D000
|
unkown image
|
page readonly
|
|
|
|
2A6D000
|
unkown image
|
page readonly
|
|
|
|
12883E29000
|
unkown
|
page read and write
|
|
|
|
216728D0000
|
unkown image
|
page readonly
|
|
|
|
19C0999A000
|
unkown
|
page read and write
|
|
|
|
2B04000
|
unkown image
|
page readonly
|
|
|
|
19C0997E000
|
unkown
|
page read and write
|
|
|
|
7FF59994F000
|
unkown image
|
page readonly
|
|
|
|
7FF577C58000
|
unkown image
|
page readonly
|
|
|
|
1C27F200000
|
unkown
|
page read and write
|
|
|
|
1E6BC86B000
|
unkown
|
page read and write
|
|
|
|
19C0997A000
|
unkown
|
page read and write
|
|
|
|
2CE5000
|
unkown image
|
page readonly
|
|
|
|
E3573EC000
|
unkown
|
page read and write
|
|
|
|
1C27EFF0000
|
unkown image
|
page readonly
|
|
|
|
3050000
|
unkown
|
page read and write
|
|
|
|
7FF577C37000
|
unkown image
|
page readonly
|
|
|
|
2A7D000
|
unkown image
|
page readonly
|
|
|
|
7DF5C75D0000
|
unkown image
|
page readonly
|
|
|
|
BE9FFB000
|
unkown
|
page read and write
|
|
|
|
1E50D467000
|
unkown
|
page read and write
|
|
|
|
7FF5341F6000
|
unkown image
|
page readonly
|
|
|
|
230AB520000
|
unkown
|
page read and write
|
|
|
|
34A8000
|
unkown
|
page read and write
|
|
|
|
230A5C9D000
|
unkown
|
page read and write
|
|
|
|
7DF5C75D2000
|
unkown image
|
page readonly
|
|
|
|
7FF577D3D000
|
unkown image
|
page readonly
|
|
|
|
1942D1B000
|
unkown
|
page read and write
|
|
|
|
4B9E87D000
|
unkown
|
page read and write
|
|
|
|
7FF59994F000
|
unkown image
|
page readonly
|
|
|
|
1E50D429000
|
unkown
|
page read and write
|
|
|
|
7FF516507000
|
unkown image
|
page readonly
|
|
|
|
19C0998F000
|
unkown
|
page read and write
|
|
|
|
7FF57A115000
|
unkown image
|
page readonly
|
|
|
|
19C09992000
|
unkown
|
page read and write
|
|
|
|
19C0995C000
|
unkown
|
page read and write
|
|
|
|
19C09992000
|
unkown
|
page read and write
|
|
|
|
19C09988000
|
unkown
|
page read and write
|
|
|
|
7FF5B1C09000
|
unkown image
|
page readonly
|
|
|
|
7FF59994B000
|
unkown image
|
page readonly
|
|
|
|
28A567B000
|
unkown
|
page read and write
|
|
|
|
7FF5D1F13000
|
unkown image
|
page readonly
|
|
|
|
7FF5160AF000
|
unkown image
|
page readonly
|
|
|
|
3340000
|
heap default
|
page read and write
|
|
|
|
7FF53442F000
|
unkown image
|
page readonly
|
|
|
|
19C09E02000
|
unkown
|
page read and write
|
|
|
|
7FF516321000
|
unkown image
|
page readonly
|
|
|
|
18222A20000
|
unkown image
|
page readonly
|
|
|
|
7FF577C4C000
|
unkown image
|
page readonly
|
|
|
|
7E6F000
|
unkown
|
page read and write
|
|
|
|
2EA9000
|
unkown
|
page read and write
|
|
|
|
12883E41000
|
unkown
|
page read and write
|
|
|
|
12883BA0000
|
unkown image
|
page read and write
|
|
|
|
7FF57A0E9000
|
unkown image
|
page readonly
|
|
|
|
12883E69000
|
unkown
|
page read and write
|
|
|
|
7FF5343E8000
|
unkown image
|
page readonly
|
|
|
|
53AC6FC000
|
unkown
|
page read and write
|
|
|
|
19C09910000
|
unkown
|
page read and write
|
|
|
|
1AA1A66E000
|
unkown
|
page read and write
|
|
|
|
1C27F780000
|
unkown image
|
page readonly
|
|
|
|
7F2B0000
|
unkown image
|
page readonly
|
|
|
|
1C27F7D0000
|
unkown
|
page read and write
|
|
|
|
21672B02000
|
unkown
|
page read and write
|
|
|
|
1AA1A895000
|
heap private
|
page read and write
|
|
|
|
19C09983000
|
unkown
|
page read and write
|
|
|
|
7FF5D1E6F000
|
unkown image
|
page readonly
|
|
|
|
7DF58D630000
|
unkown image
|
page readonly
|
|
|
|
7FF534304000
|
unkown image
|
page readonly
|
|
|
|
7FF5B1BDD000
|
unkown image
|
page readonly
|
|
|
|
2F8A000
|
unkown
|
page read and write
|
|
|
|
7FF559FB5000
|
unkown image
|
page readonly
|
|
|
|
1E50D800000
|
unkown image
|
page readonly
|
|
|
|
7FF5573B6000
|
unkown image
|
page readonly
|
|
|
|
7FF577596000
|
unkown image
|
page readonly
|
|
|
|
1E6BC913000
|
unkown
|
page read and write
|
|
|
|
7FF5D1FF0000
|
unkown image
|
page readonly
|
|
|
|
230A6260000
|
unkown image
|
page readonly
|
|
|
|
19C09978000
|
unkown
|
page read and write
|
|
|
|
2A8D000
|
unkown image
|
page readonly
|
|
|
|
7FF534395000
|
unkown image
|
page readonly
|
|
|
|
7FF534365000
|
unkown image
|
page readonly
|
|
|
|
7DF595D10000
|
unkown image
|
page readonly
|
|
|
|
230AB29F000
|
unkown
|
page read and write
|
|
|
|
194387E000
|
unkown
|
page read and write
|
|
|
|
7DF58FAC0000
|
unkown image
|
page readonly
|
|
|
|
2A30000
|
unkown image
|
page readonly
|
|
|
|
230AB1E0000
|
unkown
|
page read and write
|
|
|
|
19C0998C000
|
unkown
|
page read and write
|
|
|
|
7FF577CF8000
|
unkown image
|
page readonly
|
|
|
|
2A29000
|
unkown image
|
page readonly
|
|
|
|
19C09E03000
|
unkown
|
page read and write
|
|
|
|
7DF493BC0000
|
unkown image
|
page readonly
|
|
|
|
7F040000
|
unkown image
|
page readonly
|
|
|
|
19C099CC000
|
unkown
|
page read and write
|
|
|
|
19C090C7000
|
unkown
|
page read and write
|
|
|
|
7FF5774E6000
|
unkown image
|
page readonly
|
|
|
|
7FF577B53000
|
unkown image
|
page readonly
|
|
|
|
7FF599920000
|
unkown image
|
page readonly
|
|
|
|
7DF56F940000
|
unkown image
|
page readonly
|
|
|
|
7FF5803E4000
|
unkown image
|
page readonly
|
|
|
|
19C09E03000
|
unkown
|
page read and write
|
|
|
|
7DF56F950000
|
unkown image
|
page readonly
|
|
|
|
7FF577B95000
|
unkown image
|
page readonly
|
|
|
|
7FF5D1FD8000
|
unkown image
|
page readonly
|
|
|
|
4D50000
|
unkown image
|
page readonly
|
|
|
|
7FF599763000
|
unkown image
|
page readonly
|
|
|
|
18222C55000
|
unkown
|
page read and write
|
|
|
|
230A5C9F000
|
unkown
|
page read and write
|
|
|
|
7FF516474000
|
unkown image
|
page readonly
|
|
|
|
230A5C13000
|
unkown
|
page read and write
|
|
|
|
19C099B5000
|
unkown
|
page read and write
|
|
|
|
230AB508000
|
unkown
|
page read and write
|
|
|
|
31DE000
|
unkown
|
page read and write
|
|
|
|
7DF52BF10000
|
unkown image
|
page readonly
|
|
|
|
21672B00000
|
unkown
|
page read and write
|
|
|
|
2768000
|
unkown image
|
page readonly
|
|
|
|
7DF4AD110000
|
unkown image
|
page readonly
|
|
|
|
7FF58030C000
|
unkown image
|
page readonly
|
|
|
|
230A6D10000
|
unkown image
|
page readonly
|
|
|
|
2994000
|
unkown image
|
page readonly
|
|
|
|
53ACDFF000
|
unkown
|
page read and write
|
|
|
|
7FF57FC44000
|
unkown image
|
page readonly
|
|
|
|
7FF533CAF000
|
unkown image
|
page readonly
|
|
|
|
7FF516180000
|
unkown image
|
page readonly
|
|
|
|
7FF557353000
|
unkown image
|
page readonly
|
|
|
|
7FF5779C8000
|
unkown image
|
page readonly
|
|
|
|
19C0997D000
|
unkown
|
page read and write
|
|
|
|
19C08ED0000
|
unkown image
|
page readonly
|
|
|
|
2B77000
|
unkown image
|
page readonly
|
|
|
|
7FF59989A000
|
unkown image
|
page readonly
|
|
|
|
3335000
|
unkown
|
page read and write
|
|
|
|
2A99000
|
unkown image
|
page readonly
|
|
|
|
230AB302000
|
unkown
|
page read and write
|
|
|
|
7FF5D2004000
|
unkown image
|
page readonly
|
|
|
|
7FF5991A0000
|
unkown image
|
page readonly
|
|
|
|
1C27F120000
|
unkown image
|
page readonly
|
|
|
|
1E6BC640000
|
heap default
|
page read and write
|
|
|
|
7FF577D3B000
|
unkown image
|
page readonly
|
|
|
|
7DF5E7912000
|
unkown image
|
page readonly
|
|
|
|
19C099A3000
|
unkown
|
page read and write
|
|
|
|
3280000
|
unkown image
|
page readonly
|
|
|
|
7FF559EC4000
|
unkown image
|
page readonly
|
|
|
|
19C09054000
|
unkown
|
page read and write
|
|
|
|
230A5C8B000
|
unkown
|
page read and write
|
|
|
|
7FF515E62000
|
unkown image
|
page readonly
|
|
|
|
21672A7F000
|
unkown
|
page read and write
|
|
|
|
7FF5D1AE3000
|
unkown image
|
page readonly
|
|
|
|
741B1DA000
|
unkown
|
page read and write
|
|
|
|
27E1000
|
unkown image
|
page readonly
|
|
|
|
7FF580318000
|
unkown image
|
page readonly
|
|
|
|
7FF515E57000
|
unkown image
|
page readonly
|
|
|
|
7FF580307000
|
unkown image
|
page readonly
|
|
|
|
7FF5D201B000
|
unkown image
|
page readonly
|
|
|
|
21672E10000
|
unkown image
|
page readonly
|
|
|
|
3220000
|
unkown image
|
page readonly
|
|
|
|
19C09978000
|
unkown
|
page read and write
|
|
|
|
7FF5162F1000
|
unkown image
|
page readonly
|
|
|
|
7DF5E7910000
|
unkown image
|
page readonly
|
|
|
|
7FF5573DB000
|
unkown image
|
page readonly
|
|
|
|
7939FFF000
|
unkown
|
page read and write
|
|
|
|
230A6B00000
|
unkown image
|
page read and write
|
|
|
|
7FF577C83000
|
unkown image
|
page readonly
|
|
|
|
7FF5165E4000
|
unkown image
|
page readonly
|
|
|
|
7FF5161CB000
|
unkown image
|
page readonly
|
|
|
|
1AA1A5D0000
|
unkown image
|
page readonly
|
|
|
|
1C27F400000
|
unkown image
|
page readonly
|
|
|
|
7FF577803000
|
unkown image
|
page readonly
|
|
|
|
F8D000
|
unkown image
|
page readonly
|
|
|
|
7FF577D2B000
|
unkown image
|
page readonly
|
|
|
|
7FF57A0C8000
|
unkown image
|
page readonly
|
|
|
|
230AB500000
|
unkown
|
page read and write
|
|
|
|
7FF58032D000
|
unkown image
|
page readonly
|
|
|
|
19C0995C000
|
unkown
|
page read and write
|
|
|
|
1C27F223000
|
unkown
|
page read and write
|
|
|
|
7DF5C75D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5165DD000
|
unkown image
|
page readonly
|
|
|
|
230A7070000
|
unkown
|
page read and write
|
|
|
|
7DF549D22000
|
unkown image
|
page readonly
|
|
|
|
19C0998C000
|
unkown
|
page read and write
|
|
|
|
21672E00000
|
unkown image
|
page readonly
|
|
|
|
230AB2F6000
|
unkown
|
page read and write
|
|
|
|
7FF5162FD000
|
unkown image
|
page readonly
|
|
|
|
7FF516350000
|
unkown image
|
page readonly
|
|
|
|
7FF5164B0000
|
unkown image
|
page readonly
|
|
|
|
7DF5AF250000
|
unkown image
|
page readonly
|
|
|
|
230A6502000
|
unkown
|
page read and write
|
|
|
|
1AA1A656000
|
heap default
|
page read and write
|
|
|
|
7FF577BED000
|
unkown image
|
page readonly
|
|
|
|
7DF56CCE0000
|
unkown image
|
page readonly
|
|
|
|
1E6BCF12000
|
unkown
|
page read and write
|
|
|
|
7DF56CCF0000
|
unkown image
|
page readonly
|
|
|
|
7DF595D02000
|
unkown image
|
page readonly
|
|
|
|
80AE000
|
unkown
|
page read and write
|
|
|
|
7DF58D632000
|
unkown image
|
page readonly
|
|
|
|
19C09984000
|
unkown
|
page read and write
|
|
|
|
7FF57FF5E000
|
unkown image
|
page readonly
|
|
|
|
12883E30000
|
unkown
|
page read and write
|
|
|
|
230A6559000
|
unkown
|
page read and write
|
|
|
|
7FF579F4D000
|
unkown image
|
page readonly
|
|
|
|
19C09013000
|
unkown
|
page read and write
|
|
|
|
7DF5E7912000
|
unkown image
|
page readonly
|
|
|
|
230A6CD0000
|
unkown image
|
page readonly
|
|
|
|
1E6BC620000
|
unkown image
|
page readonly
|
|
|
|
230A6518000
|
unkown
|
page read and write
|
|
|
|
2A9D000
|
unkown image
|
page readonly
|
|
|
|
7FF57A176000
|
unkown image
|
page readonly
|
|
|
|
7FF5343FB000
|
unkown image
|
page readonly
|
|
|
|
19C09E20000
|
unkown
|
page read and write
|
|
|
|
BE94BB000
|
unkown
|
page read and write
|
|
|
|
12883E64000
|
unkown
|
page read and write
|
|
|
|
346E000
|
unkown
|
page read and write
|
|
|
|
194317B000
|
unkown
|
page read and write
|
|
|
|
3251000
|
unkown
|
page read and write
|
|
|
|
19C08F20000
|
heap default
|
page read and write
|
|
|
|
19C09979000
|
unkown
|
page read and write
|
|
|
|
7F2A0000
|
unkown image
|
page readonly
|
|
|
|
7FF5162BD000
|
unkown image
|
page readonly
|
|
|
|
18222C8C000
|
unkown
|
page read and write
|
|
|
|
7F4F0000
|
unkown image
|
page readonly
|
|
|
|
35F0000
|
unkown image
|
page readonly
|
|
|
|
7FF599857000
|
unkown image
|
page readonly
|
|
|
|
34B2000
|
unkown
|
page read and write
|
|
|
|
19C09E6A000
|
unkown
|
page read and write
|
|
|
|
7FF5572FD000
|
unkown image
|
page readonly
|
|
|
|
1AA1A651000
|
unkown
|
page read and write
|
|
|
|
19C0995B000
|
unkown
|
page read and write
|
|
|
|
7FF53431C000
|
unkown image
|
page readonly
|
|
|
|
1E6BC83E000
|
unkown
|
page read and write
|
|
|
|
7DF5E7920000
|
unkown image
|
page readonly
|
|
|
|
7FF5B1CAD000
|
unkown image
|
page readonly
|
|
|
|
7FF599603000
|
unkown image
|
page readonly
|
|
|
|
7F292000
|
unkown image
|
page readonly
|
|
|
|
19C09E19000
|
unkown
|
page read and write
|
|
|
|
19C09982000
|
unkown
|
page read and write
|
|
|
|
7FF57A0E5000
|
unkown image
|
page readonly
|
|
|
|
18223000000
|
unkown image
|
page readonly
|
|
|
|
1C27F130000
|
unkown image
|
page readonly
|
|
|
|
2FE0000
|
unkown image
|
page readonly
|
|
|
|
7FF559EA5000
|
unkown image
|
page readonly
|
|
|
|
7FF5803FB000
|
unkown image
|
page readonly
|
|
|
|
7FF5162BF000
|
unkown image
|
page readonly
|
|
|
|
2AED000
|
unkown image
|
page readonly
|
|
|
|
230AB220000
|
unkown
|
page read and write
|
|
|
|
7FF5165CE000
|
unkown image
|
page readonly
|
|
|
|
19C0995C000
|
unkown
|
page read and write
|
|
|
|
7FF5D1F27000
|
unkown image
|
page readonly
|
|
|
|
7FF5164F7000
|
unkown image
|
page readonly
|
|
|
|
1E50D2C0000
|
unkown image
|
page readonly
|
|
|
|
28A5877000
|
unkown
|
page read and write
|
|
|
|
2A5B000
|
unkown image
|
page readonly
|
|
|
|
19C09910000
|
unkown
|
page read and write
|
|
|
|
12883CF0000
|
unkown image
|
page readonly
|
|
|
|
19C09590000
|
unkown image
|
page readonly
|
|
|
|
2A21000
|
unkown image
|
page readonly
|
|
|
|
230A5C29000
|
unkown
|
page read and write
|
|
|
|
7DF595CF2000
|
unkown image
|
page readonly
|
|
|
|
2CC4000
|
unkown image
|
page readonly
|
|
|
|
2AC5000
|
unkown image
|
page readonly
|
|
|
|
1E6BCF00000
|
unkown
|
page read and write
|
|
|
|
E357B7F000
|
unkown
|
page read and write
|
|
|
|
7FF5997C4000
|
unkown image
|
page readonly
|
|
|
|
18222C88000
|
unkown
|
page read and write
|
|
|
|
7FF534369000
|
unkown image
|
page readonly
|
|
|
|
3313000
|
heap default
|
page read and write
|
|
|
|
8000000
|
unkown
|
page read and write
|
|
|
|
1E6BC8C7000
|
unkown
|
page read and write
|
|
|
|
7FF577915000
|
unkown image
|
page readonly
|
|
|
|
7FF5B1C8F000
|
unkown image
|
page readonly
|
|
|
|
7FF5573EF000
|
unkown image
|
page readonly
|
|
|
|
230A6513000
|
unkown
|
page read and write
|
|
|
|
19C0997A000
|
unkown
|
page read and write
|
|
|
|
7FF55A02D000
|
unkown image
|
page readonly
|
|
|
|
230A6500000
|
unkown
|
page read and write
|
|
|
|
7FF55A00F000
|
unkown image
|
page readonly
|
|
|
|
1E50D980000
|
unkown image
|
page readonly
|
|
|
|
230AB570000
|
unkown
|
page read and write
|
|
|
|
19C0999D000
|
unkown
|
page read and write
|
|
|
|
7F2A0000
|
unkown image
|
page readonly
|
|
|
|
7FF57A16F000
|
unkown image
|
page readonly
|
|
|
|
12883E63000
|
unkown
|
page read and write
|
|
|
|
7FF59990F000
|
unkown image
|
page readonly
|
|
|
|
7FF577C75000
|
unkown image
|
page readonly
|
|
|
|
7FF577A50000
|
unkown image
|
page readonly
|
|
|
|
2FD0000
|
unkown image
|
page read and write
|
|
|
|
18222A00000
|
unkown image
|
page readonly
|
|
|
|
7F502000
|
unkown image
|
page readonly
|
|
|
|
7DF549D40000
|
unkown image
|
page readonly
|
|
|
|
2CD0000
|
unkown image
|
page readonly
|
|
|
|
3495000
|
unkown
|
page read and write
|
|
|
|
7FF5164AD000
|
unkown image
|
page readonly
|
|
|
|
1E50D477000
|
unkown
|
page read and write
|
|
|
|
7DF5C75D2000
|
unkown image
|
page readonly
|
|
|
|
19C09410000
|
unkown image
|
page readonly
|
|
|
|
7FF577D06000
|
unkown image
|
page readonly
|
|
|
|
7FF534400000
|
unkown image
|
page readonly
|
|
|
|
19C09988000
|
unkown
|
page read and write
|
|
|
|
7FF516543000
|
unkown image
|
page readonly
|
|
|
|
7DF58FAA0000
|
unkown image
|
page readonly
|
|
|
|
18222D00000
|
unkown
|
page read and write
|
|
|
|
7F2A2000
|
unkown image
|
page readonly
|
|
|
|
7FF5B1BC7000
|
unkown image
|
page readonly
|
|
|
|
3000000
|
unkown image
|
page readonly
|
|
|
|
7DF5E7920000
|
unkown image
|
page readonly
|
|
|
|
7FF577D1D000
|
unkown image
|
page readonly
|
|
|
|
326E000
|
unkown
|
page read and write
|
|
|
|
2A0D000
|
unkown image
|
page readonly
|
|
|
|
12883E60000
|
unkown
|
page read and write
|
|
|
|
3220000
|
heap default
|
page read and write
|
|
|
|
7DF5C75C2000
|
unkown image
|
page readonly
|
|
|
|
1E6BC824000
|
unkown
|
page read and write
|
|
|
|
7FF5775B6000
|
unkown image
|
page readonly
|
|
|
|
21672A27000
|
unkown
|
page read and write
|
|
|
|
7DF5E7930000
|
unkown image
|
page readonly
|
|
|
|
4B9ECFD000
|
unkown
|
page read and write
|
|
|
|
3253000
|
heap default
|
page read and write
|
|
|
|
1E6BC720000
|
unkown image
|
page readonly
|
|
|
|
12883E50000
|
unkown
|
page read and write
|
|
|
|
3310000
|
unkown image
|
page readonly
|
|
|
|
19C09983000
|
unkown
|
page read and write
|
|
|
|
19C090E9000
|
unkown
|
page read and write
|
|
|
|
18222C13000
|
unkown
|
page read and write
|
|
|
|
2BB4000
|
unkown image
|
page readonly
|
|
|
|
7FF5165B8000
|
unkown image
|
page readonly
|
|
|
|
7F042000
|
unkown image
|
page readonly
|
|
|
|
2048F680000
|
unkown image
|
page readonly
|
|
|
|
19C09900000
|
unkown
|
page read and write
|
|
|
|
2D2D000
|
unkown image
|
page readonly
|
|
|
|
2A01000
|
unkown image
|
page readonly
|
|
|
|
7FF599916000
|
unkown image
|
page readonly
|
|
|
|
2048FD80000
|
unkown image
|
page readonly
|
|
|
|
18222C50000
|
unkown
|
page read and write
|
|
|
|
4D34000
|
heap private
|
page read and write
|
|
|
|
7FF516187000
|
unkown image
|
page readonly
|
|
|
|
7FF599885000
|
unkown image
|
page readonly
|
|
|
|
19C09113000
|
unkown
|
page read and write
|
|
|
|
1E50D290000
|
heap private
|
page read and write
|
|
|
|
7FF5B1978000
|
unkown image
|
page readonly
|
|
|
|
7FF5163CC000
|
unkown image
|
page readonly
|
|
|
|
7FF577B03000
|
unkown image
|
page readonly
|
|
|
|
19C0998C000
|
unkown
|
page read and write
|
|
|
|
323B000
|
unkown
|
page read and write
|
|
|
|
19C09906000
|
unkown
|
page read and write
|
|
|
|
1AA1A66E000
|
unkown
|
page read and write
|
|
|
|
7939EFE000
|
unkown
|
page read and write
|
|
|
|
7FF516131000
|
unkown image
|
page readonly
|
|
|
|
1E50D502000
|
unkown
|
page read and write
|
|
|
|
7F042000
|
unkown image
|
page readonly
|
|
|
|
2A91000
|
unkown image
|
page readonly
|
|
|
|
2048F902000
|
unkown
|
page read and write
|
|
|
|
7DF5AF250000
|
unkown image
|
page readonly
|
|
|
|
12883BE0000
|
unkown image
|
page readonly
|
|
|
|
E357D7B000
|
unkown
|
page read and write
|
|
|
|
7FF5B1BB3000
|
unkown image
|
page readonly
|
|
|
|
230A6415000
|
unkown
|
page read and write
|
|
|
|
18222A00000
|
unkown image
|
page readonly
|
|
|
|
19C09974000
|
unkown
|
page read and write
|
|
|
|
1E6BC887000
|
unkown
|
page read and write
|
|
|
|
1C27F802000
|
unkown
|
page read and write
|
|
|
|
7FF59971E000
|
unkown image
|
page readonly
|
|
|
|
19C099BC000
|
unkown
|
page read and write
|
|
|
|
7FF55733A000
|
unkown image
|
page readonly
|
|
|
|
7FF5B1B90000
|
unkown image
|
page readonly
|
|
|
|
12883E47000
|
unkown
|
page read and write
|
|
|
|
7FF5D201F000
|
unkown image
|
page readonly
|
|
|
|
12883E49000
|
unkown
|
page read and write
|
|
|
|
19C09802000
|
unkown
|
page read and write
|
|
|
|
2B77000
|
unkown image
|
page readonly
|
|
|
|
7E70000
|
unkown
|
page read and write
|
|
|
|
330A000
|
heap private
|
page read and write
|
|
|
|
7FF516307000
|
unkown image
|
page readonly
|
|
|
|
2B5B000
|
unkown image
|
page readonly
|
|
|
|
7DF5AF252000
|
unkown image
|
page readonly
|
|
|
|
18222D08000
|
unkown
|
page read and write
|
|
|
|
2AD1000
|
unkown image
|
page readonly
|
|
|
|
7FF51652D000
|
unkown image
|
page readonly
|
|
|
|
2048F885000
|
unkown
|
page read and write
|
|
|
|
1AA1A66E000
|
unkown
|
page read and write
|
|
|
|
1E6BCA00000
|
unkown image
|
page readonly
|
|
|
|
12883BF0000
|
unkown image
|
page readonly
|
|
|
|
2AB0000
|
unkown image
|
page readonly
|
|
|
|
7FF516539000
|
unkown image
|
page readonly
|
|
|
|
29FD000
|
unkown image
|
page readonly
|
|
|
|
2F86000
|
unkown
|
page read and write
|
|
|
|
7DF58D632000
|
unkown image
|
page readonly
|
|
|
|
7FF577A61000
|
unkown image
|
page readonly
|
|
|
|
7FF559E9F000
|
unkown image
|
page readonly
|
|
|
|
2AA0000
|
unkown image
|
page readonly
|
|
|
|
7FF577D0B000
|
unkown image
|
page readonly
|
|
|
|
2A7D000
|
unkown image
|
page readonly
|
|
|
|
53ACEFF000
|
unkown
|
page read and write
|
|
|
|
1C27F202000
|
unkown
|
page read and write
|
|
|
|
12883E48000
|
unkown
|
page read and write
|
|
|
|
2AFD000
|
unkown image
|
page readonly
|
|
|
|
7FF57A168000
|
unkown image
|
page readonly
|
|
|
|
18222A50000
|
heap default
|
page read and write
|
|
|
|
7FF557325000
|
unkown image
|
page readonly
|
|
|
|
19C09E02000
|
unkown
|
page read and write
|
|
|
|
230A6518000
|
unkown
|
page read and write
|
|
|
|
2957000
|
unkown image
|
page readonly
|
|
|
|
230A5B80000
|
unkown image
|
page readonly
|
|
|
|
2A69000
|
unkown image
|
page readonly
|
|
|
|
18222C3C000
|
unkown
|
page read and write
|
|
|
|
19C0904E000
|
unkown
|
page read and write
|
|
|
|
7FF5777EF000
|
unkown image
|
page readonly
|
|
|
|
7FF5B1C13000
|
unkown image
|
page readonly
|
|
|
|
12883E67000
|
unkown
|
page read and write
|
|
|
|
3315000
|
unkown
|
page read and write
|
|
|
|
2AA4000
|
unkown image
|
page readonly
|
|
|
|
21672B13000
|
unkown
|
page read and write
|
|
|
|
1AA1A450000
|
unkown image
|
page read and write
|
|
|
|
7FF534373000
|
unkown image
|
page readonly
|
|
|
|
7FF577C33000
|
unkown image
|
page readonly
|
|
|
|
19C09993000
|
unkown
|
page read and write
|
|
|
|
7F3F0000
|
unkown image
|
page readonly
|
|
|
|
7FF5162EA000
|
unkown image
|
page readonly
|
|
|
|
7FF5573C0000
|
unkown image
|
page readonly
|
|
|
|
18222C6F000
|
unkown
|
page read and write
|
|
|
|
19C0997D000
|
unkown
|
page read and write
|
|
|
|
18222C4A000
|
unkown
|
page read and write
|
|
|
|
347A000
|
heap default
|
page read and write
|
|
|
|
3493000
|
heap default
|
page read and write
|
|
|
|
7F500000
|
unkown image
|
page readonly
|
|
|
|
21672A13000
|
unkown
|
page read and write
|
|
|
|
12884200000
|
unkown image
|
page readonly
|
|
|
|
7DF52BEF2000
|
unkown image
|
page readonly
|
|
|
|
7FF599847000
|
unkown image
|
page readonly
|
|
|
|
2771000
|
unkown image
|
page readonly
|
|
|
|
230AB22D000
|
unkown
|
page read and write
|
|
|
|
2AE5000
|
unkown image
|
page readonly
|
|
|
|
7DF5AF240000
|
unkown image
|
page readonly
|
|
|
|
19C0997A000
|
unkown
|
page read and write
|
|
|
|
BE997E000
|
unkown
|
page read and write
|
|
|
|
34E7000
|
heap private
|
page read and write
|
|
|
|
28A51BF000
|
unkown
|
page read and write
|
|
|
|
7DF5E7922000
|
unkown image
|
page readonly
|
|
|
|
7FF5803B8000
|
unkown image
|
page readonly
|
|
|
|
2D97000
|
unkown image
|
page readonly
|
|
|
|
2D24000
|
unkown image
|
page readonly
|
|
|
|
E35797B000
|
unkown
|
page read and write
|
|
|
|
12883E7D000
|
unkown
|
page read and write
|
|
|
|
19C0996E000
|
unkown
|
page read and write
|
|
|
|
7DF595D02000
|
unkown image
|
page readonly
|
|
|
|
7DF595CF2000
|
unkown image
|
page readonly
|
|
|
|
1AA1A470000
|
unkown image
|
page readonly
|
|
|
|
7FF580274000
|
unkown image
|
page readonly
|
|
|
|
2048FC00000
|
unkown image
|
page readonly
|
|
|
|
7FF59993E000
|
unkown image
|
page readonly
|
|
|
|
7FF577590000
|
unkown image
|
page readonly
|
|
|
|
323A000
|
heap default
|
page read and write
|
|
|
|
19C090B1000
|
unkown
|
page read and write
|
|
|
|
3190000
|
unkown
|
page read and write
|
|
|
|
7FF599428000
|
unkown image
|
page readonly
|
|
|
|
7FF5B1C05000
|
unkown image
|
page readonly
|
|
|
|
230AB2AF000
|
unkown
|
page read and write
|
|
|
|
7FF516397000
|
unkown image
|
page readonly
|
|
|
|
E357EFE000
|
unkown
|
page read and write
|
|
|
|
7FF58020D000
|
unkown image
|
page readonly
|
|
|
|
7FF579E63000
|
unkown image
|
page readonly
|
|
|
|
2048F800000
|
unkown
|
page read and write
|
|
|
|
7FF5D1E0E000
|
unkown image
|
page readonly
|
|
|
|
7FF5D1E94000
|
unkown image
|
page readonly
|
|
|
|
1E6BC902000
|
unkown
|
page read and write
|
|
|
|
19C09919000
|
unkown
|
page read and write
|
|
|
|
12883E6C000
|
unkown
|
page read and write
|
|
|
|
19C09E02000
|
unkown
|
page read and write
|
|
|
|
2048F7A0000
|
unkown
|
page read and write
|
|
|
|
230AB302000
|
unkown
|
page read and write
|
|
|
|
1C27F7D0000
|
unkown
|
page read and write
|
|
|
|
E357C7C000
|
unkown
|
page read and write
|
|
|
|
7FF559F5C000
|
unkown image
|
page readonly
|
|
|
|
230A5B60000
|
unkown image
|
page readonly
|
|
|
|
3258000
|
unkown
|
page read and write
|
|
|
|
7DF46D810000
|
unkown image
|
page readonly
|
|
|
|
12883BC0000
|
unkown image
|
page readonly
|
|
|
|
BEA0FE000
|
unkown
|
page read and write
|
|
|
|
3300000
|
heap private
|
page read and write
|
|
|
|
19C09082000
|
unkown
|
page read and write
|
|
|
|
12883E6E000
|
unkown
|
page read and write
|
|
|
|
7FF516535000
|
unkown image
|
page readonly
|
|
|
|
19C099B4000
|
unkown
|
page read and write
|
|
|
|
230AB2FD000
|
unkown
|
page read and write
|
|
|
|
7FF59991B000
|
unkown image
|
page readonly
|
|
|
|
2AA64FB000
|
unkown
|
page read and write
|
|
|
|
3180000
|
heap private
|
page read and write
|
|
|
|
7FF5803FF000
|
unkown image
|
page readonly
|
|
|
|
12883E83000
|
unkown
|
page read and write
|
|
|
|
7FF55A016000
|
unkown image
|
page readonly
|
|
|
|
12884402000
|
unkown
|
page read and write
|
|
|
|
7FF557333000
|
unkown image
|
page readonly
|
|
|
|
2DB0000
|
unkown image
|
page read and write
|
|
|
|
7FF5164B7000
|
unkown image
|
page readonly
|
|
|
|
7DF595CF0000
|
unkown image
|
page readonly
|
|
|
|
7FF5165FD000
|
unkown image
|
page readonly
|
|
|
|
19C0999A000
|
unkown
|
page read and write
|
|
|
|
19C0999A000
|
unkown
|
page read and write
|
|
|
|
7DF52BEF2000
|
unkown image
|
page readonly
|
|
|
|
7FF534137000
|
unkown image
|
page readonly
|
|
|
|
2ABA000
|
unkown image
|
page readonly
|
|
|
|
1E6BC8B9000
|
unkown
|
page read and write
|
|
|
|
242F9FE000
|
unkown
|
page read and write
|
|
|
|
7FF55A04F000
|
unkown image
|
page readonly
|
|
|
|
2CC0000
|
unkown image
|
page readonly
|
|
|
|
2CB1000
|
unkown image
|
page readonly
|
|
|
|
7FF559D03000
|
unkown image
|
page readonly
|
|
|
|
230A5C41000
|
unkown
|
page read and write
|
|
|
|
3268000
|
unkown
|
page read and write
|
|
|
|
1AA1A67E000
|
unkown
|
page read and write
|
|
|
|
230AB2F0000
|
unkown
|
page read and write
|
|
|
|
19C099B4000
|
unkown
|
page read and write
|
|
|
|
7FF5164F3000
|
unkown image
|
page readonly
|
|
|
|
7FF5D1F59000
|
unkown image
|
page readonly
|
|
|
|
12883BB0000
|
heap private
|
page read and write
|
|
|
|
230A5C65000
|
unkown
|
page read and write
|
|
|
|
230A6BE0000
|
unkown
|
page read and write
|
|
|
|
7FF57A1AF000
|
unkown image
|
page readonly
|
|
|
|
2CF1000
|
unkown image
|
page readonly
|
|
|
|
19C09998000
|
unkown
|
page read and write
|
|
|
|
7DF56CCF2000
|
unkown image
|
page readonly
|
|
|
|
349C000
|
unkown
|
page read and write
|
|
|
|
1E6BC800000
|
unkown
|
page read and write
|
|
|
|
18222C29000
|
unkown
|
page read and write
|
|
|
|
2AA627D000
|
unkown
|
page read and write
|
|
|
|
19C099A3000
|
unkown
|
page read and write
|
|
|
|
7FF57A19B000
|
unkown image
|
page readonly
|
|
|
|
7FF577A31000
|
unkown image
|
page readonly
|
|
|
|
7FF5B1BA0000
|
unkown image
|
page readonly
|
|
|
|
230AB2A2000
|
unkown
|
page read and write
|
|
|
|
19C0995A000
|
unkown
|
page read and write
|
|
|
|
7DF549D30000
|
unkown image
|
page readonly
|
|
|
|
7FF51644F000
|
unkown image
|
page readonly
|
|
|
|
19C099C7000
|
unkown
|
page read and write
|
|
|
|
7FF5779C4000
|
unkown image
|
page readonly
|
|
|
|
2DF0000
|
unkown image
|
page readonly
|
|
|
|
7FF516323000
|
unkown image
|
page readonly
|
|
|
|
7FF55A01B000
|
unkown image
|
page readonly
|
|
|
|
1E50D402000
|
unkown
|
page read and write
|
|
|
|
7FF5163B8000
|
unkown image
|
page readonly
|
|
|
|
21672A9B000
|
unkown
|
page read and write
|
|
|
|
7DF58D640000
|
unkown image
|
page readonly
|
|
|
|
E357E7F000
|
unkown
|
page read and write
|
|
|
|
194397F000
|
unkown
|
page read and write
|
|
|
|
7FF5573BB000
|
unkown image
|
page readonly
|
|
|
|
21672A5E000
|
unkown
|
page read and write
|
|
|
|
7DF52BF02000
|
unkown image
|
page readonly
|
|
|
|
1E6BC5F0000
|
unkown image
|
page readonly
|
|
|
|
18222C7B000
|
unkown
|
page read and write
|
|
|
|
7FF559F43000
|
unkown image
|
page readonly
|
|
|
|
18222E00000
|
unkown image
|
page readonly
|
|
|
|
7FF5D1E33000
|
unkown image
|
page readonly
|
|
|
|
19C0999A000
|
unkown
|
page read and write
|
|
|
|
21672920000
|
heap default
|
page read and write
|
|
|
|
7FF599843000
|
unkown image
|
page readonly
|
|
|
|
18223402000
|
unkown
|
page read and write
|
|
|
|
7FF5B1CB4000
|
unkown image
|
page readonly
|
|
|
|
7F20000
|
unkown
|
page read and write
|
|
|
|
2048F829000
|
unkown
|
page read and write
|
|
|
|
2048F908000
|
unkown
|
page read and write
|
|
|
|
230A5C60000
|
unkown
|
page read and write
|
|
|
|
230AB50E000
|
unkown
|
page read and write
|
|
|
|
230AB400000
|
unkown
|
page read and write
|
|
|
|
19C09978000
|
unkown
|
page read and write
|
|
|
|
7FF57FF5A000
|
unkown image
|
page readonly
|
|
|
|
7DF58D630000
|
unkown image
|
page readonly
|
|
|
|
230A63E1000
|
unkown
|
page read and write
|
|
|
|
7FF5996ED000
|
unkown image
|
page readonly
|
|
|
|
2DAA000
|
unkown
|
page read and write
|
|
|
|
4D4E000
|
unkown
|
page read and write
|
|
|
|
1C27F213000
|
unkown
|
page read and write
|
|
|
|
2048F780000
|
unkown image
|
page readonly
|
|
|
|
19C09049000
|
unkown
|
page read and write
|
|
|
|
2AA5FDE000
|
unkown
|
page read and write
|
|
|
|
1C27F010000
|
unkown image
|
page readonly
|
|
|
|
7DF595D00000
|
unkown image
|
page readonly
|
|
|
|
230A5B90000
|
unkown image
|
page readonly
|
|
|
|
7DF58D642000
|
unkown image
|
page readonly
|
|
|
|
19C09983000
|
unkown
|
page read and write
|
|
|
|
7FF559F47000
|
unkown image
|
page readonly
|
|
|
|
2934000
|
unkown image
|
page readonly
|
|
|
|
741B6FE000
|
unkown
|
page read and write
|
|
|
|
7FF5341CD000
|
unkown image
|
page readonly
|
|
|
|
7FF516394000
|
unkown image
|
page readonly
|
|
|
|
3770000
|
unkown image
|
page readonly
|
|
|
|
7FF559E1E000
|
unkown image
|
page readonly
|
|
|
|
3307000
|
heap private
|
page read and write
|
|
|
|
1C27F600000
|
unkown image
|
page readonly
|
|
|
|
194377F000
|
unkown
|
page read and write
|
|
|
|
7FF577A47000
|
unkown image
|
page readonly
|
|
|
|
230A5C69000
|
unkown
|
page read and write
|
|
|
|
2CF9000
|
unkown image
|
page readonly
|
|
|
|
7FF534312000
|
unkown image
|
page readonly
|
|
|
|
1E50D3F0000
|
unkown
|
page read and write
|
|
|
|
34B0000
|
unkown image
|
page readonly
|
|
|
|
7FF580222000
|
unkown image
|
page readonly
|
|
|
|
7FF559F89000
|
unkown image
|
page readonly
|
|
|
|
7FF534414000
|
unkown image
|
page readonly
|
|
|
|
19C0998B000
|
unkown
|
page read and write
|
|
|
|
19C099AE000
|
unkown
|
page read and write
|
|
|
|
7FF5B1A6D000
|
unkown image
|
page readonly
|
|
|
|
1E50D400000
|
unkown
|
page read and write
|
|
|
|
7FF559B13000
|
unkown image
|
page readonly
|
|
|
|
2A11000
|
unkown image
|
page readonly
|
|
|
|
12883E4B000
|
unkown
|
page read and write
|
|
|
|
1C27F229000
|
unkown
|
page read and write
|
|
|
|
18222A30000
|
unkown image
|
page readonly
|
|
|
|
194357E000
|
unkown
|
page read and write
|
|
|
|
2AA5F5B000
|
unkown
|
page read and write
|
|
|
|
34B5000
|
unkown
|
page read and write
|
|
|
|
7FF5164E2000
|
unkown image
|
page readonly
|
|
|
|
7FF58034A000
|
unkown image
|
page readonly
|
|
|
|
E3577F8000
|
unkown
|
page read and write
|
|
|
|
2AF1000
|
unkown image
|
page readonly
|
|
|
|
7FF516518000
|
unkown image
|
page readonly
|
|
|
|
7FF57A1AF000
|
unkown image
|
page readonly
|
|
|
|
7DF52BEF0000
|
unkown image
|
page readonly
|
|
|
|
1E50D2A0000
|
unkown image
|
page readonly
|
|
|
|
2D97000
|
unkown image
|
page readonly
|
|
|
|
28E7000
|
unkown image
|
page readonly
|
|
|
|
7FF599889000
|
unkown image
|
page readonly
|
|
|
|
7FF599713000
|
unkown image
|
page readonly
|
|
|
|
12883E02000
|
unkown
|
page read and write
|
|
|
|
3498000
|
unkown
|
page read and write
|
|
|
|
4B9EA7D000
|
unkown
|
page read and write
|
|
|
|
7FF534348000
|
unkown image
|
page readonly
|
|
|
|
1AA1A5A0000
|
unkown
|
page read and write
|
|
|
|
7FF5B1BFD000
|
unkown image
|
page readonly
|
|
|
|
BE9B7A000
|
unkown
|
page read and write
|
|
|
|
7FF5800D8000
|
unkown image
|
page readonly
|
|
|
|
2AA637C000
|
unkown
|
page read and write
|
|
|
|
12883E40000
|
unkown
|
page read and write
|
|
|
|
2D8C000
|
unkown image
|
page readonly
|
|
|
|
7FF556C66000
|
unkown image
|
page readonly
|
|
|
|
34E0000
|
heap private
|
page read and write
|
|
|
|
7FF599419000
|
unkown image
|
page readonly
|
|
|
|
7FF577ADD000
|
unkown image
|
page readonly
|
|
|
|
7FF5161AD000
|
unkown image
|
page readonly
|
|
|
|
230AB300000
|
unkown
|
page read and write
|
|
|
|
2FE0000
|
unkown image
|
page readonly
|
|
|
|
2A96000
|
unkown image
|
page readonly
|
|
|
|
7FF577A53000
|
unkown image
|
page readonly
|
|
|
|
19C09998000
|
unkown
|
page read and write
|
|
|
|
7DF52BF00000
|
unkown image
|
page readonly
|
|
|
|
19C0997A000
|
unkown
|
page read and write
|
|
|
|
7DF595CF0000
|
unkown image
|
page readonly
|
|
|
|
7F510000
|
unkown image
|
page readonly
|
|
|
|
230AB2F8000
|
unkown
|
page read and write
|
|
|
|
34D0000
|
unkown
|
page read and write
|
|
|
|
4B9EAFF000
|
unkown
|
page read and write
|
|
|
|
BE9A78000
|
unkown
|
page read and write
|
|
|
|
12883BC0000
|
unkown image
|
page readonly
|
|
|
|
53AC2CC000
|
unkown
|
page read and write
|
|
|
|
7F032000
|
unkown image
|
page readonly
|
|
|
|
2048F6A0000
|
heap default
|
page read and write
|
|
|
|
19C0998F000
|
unkown
|
page read and write
|
|
|
|
19C09088000
|
unkown
|
page read and write
|
|
|
|
7F290000
|
unkown image
|
page readonly
|
|
|
|
2AA63FE000
|
unkown
|
page read and write
|
|
|
|
7FF57A180000
|
unkown image
|
page readonly
|
|
|
|
7FF5165CB000
|
unkown image
|
page readonly
|
|
|
|
7F292000
|
unkown image
|
page readonly
|
|
|
|
7FF5164D8000
|
unkown image
|
page readonly
|
|
|
|
230A6CF0000
|
unkown image
|
page readonly
|
|
|
|
1AA1A666000
|
unkown
|
page read and write
|
|
|
|
230A5B50000
|
heap private
|
page read and write
|
|
|
|
19C0904A000
|
unkown
|
page read and write
|
|
|
|
7FF55A008000
|
unkown image
|
page readonly
|
|
|
|
7FF5343F6000
|
unkown image
|
page readonly
|
|
|
|
7FF577CFF000
|
unkown image
|
page readonly
|
|
|
|
7FF53442D000
|
unkown image
|
page readonly
|
|
|
|
321E000
|
unkown
|
page read and write
|
|
|
|
230A6402000
|
unkown
|
page read and write
|
|
|
|
1E6BC730000
|
unkown image
|
page readonly
|
|
|
|
7FF534323000
|
unkown image
|
page readonly
|
|
|
|
19C08EB0000
|
unkown image
|
page read and write
|
|
|
|
12884000000
|
unkown image
|
page readonly
|
|
|
|
7FF5D1F85000
|
unkown image
|
page readonly
|
|
|
|
230A5C89000
|
unkown
|
page read and write
|
|
|
|
7FF516437000
|
unkown image
|
page readonly
|
|
|
|
7FF59985C000
|
unkown image
|
page readonly
|
|
|
|
230A6D00000
|
unkown image
|
page readonly
|
|
|
|
1E50D2F0000
|
heap default
|
page read and write
|
|
|
|
18223180000
|
unkown image
|
page readonly
|
|
|
|
19C0998C000
|
unkown
|
page read and write
|
|
|
|
7FF577A90000
|
unkown image
|
page readonly
|
|
|
|
21672B08000
|
unkown
|
page read and write
|
|
|
|
19C09000000
|
unkown
|
page read and write
|
|
|
|
2AA67FE000
|
unkown
|
page read and write
|
|
|
|
3770000
|
unkown image
|
page readonly
|
|
|
|
2988000
|
unkown image
|
page readonly
|
|
|
|
7DF549D40000
|
unkown image
|
page readonly
|
|
|
|
2D0D000
|
unkown image
|
page readonly
|
|
|
|
28F2000
|
unkown image
|
page readonly
|
|
|
|
7FF516174000
|
unkown image
|
page readonly
|
|
|
|
2048F870000
|
unkown
|
page read and write
|
|
|
|
2048F900000
|
unkown
|
page read and write
|
|
|
|
18222D02000
|
unkown
|
page read and write
|
|
|
|
7FF5D1F55000
|
unkown image
|
page readonly
|
|
|
|
19C09052000
|
unkown
|
page read and write
|
|
|
|
7DF56CCF0000
|
unkown image
|
page readonly
|
|
|
|
19C09108000
|
unkown
|
page read and write
|
|
|
|
7FF5D200B000
|
unkown image
|
page readonly
|
|
|
|
19C099AB000
|
unkown
|
page read and write
|
|
|
|
2CEB000
|
unkown image
|
page readonly
|
|
|
|
7FF5573D4000
|
unkown image
|
page readonly
|
|
|
|
3330000
|
unkown
|
page read and write
|
|
|
|
230AB254000
|
unkown
|
page read and write
|
|
|
|
19C0999A000
|
unkown
|
page read and write
|
|
|
|
19C09990000
|
unkown
|
page read and write
|
|
|
|
E357FFF000
|
unkown
|
page read and write
|
|
|
|
242F5AE000
|
unkown
|
page read and write
|
|
|
|
7DF5AF260000
|
unkown image
|
page readonly
|
|
|
|
7FF57A194000
|
unkown image
|
page readonly
|
|
|
|
19C099BF000
|
unkown
|
page read and write
|
|
|
|
1E6BCE02000
|
unkown
|
page read and write
|
|
|
|
7939C7B000
|
unkown
|
page read and write
|
|
|
|
230AB530000
|
unkown
|
page read and write
|
|
|
|
19C09E02000
|
unkown
|
page read and write
|
|
|
|
12883E00000
|
unkown
|
page read and write
|
|
|
|
7FF5D1DE3000
|
unkown image
|
page readonly
|
|
|
|
7FF599893000
|
unkown image
|
page readonly
|
|
|
|
7DF56F960000
|
unkown image
|
page readonly
|
|
|
|
19C09E19000
|
unkown
|
page read and write
|
|
|
|
1AA1A490000
|
unkown image
|
page readonly
|
|
|
|
19C090E1000
|
unkown
|
page read and write
|
|
|
|
8100000
|
unkown
|
page read and write
|
|
|
|
7FF577BF7000
|
unkown image
|
page readonly
|
|
|
|
7FF5803EE000
|
unkown image
|
page readonly
|
|
|
|
2AD9000
|
unkown image
|
page readonly
|
|
|
|
230A60D0000
|
unkown image
|
page readonly
|
|
|
|
19C099AB000
|
unkown
|
page read and write
|
|
|
|
7FF559E13000
|
unkown image
|
page readonly
|
|
|
|
3321000
|
unkown
|
page read and write
|
|
|
|
19C0998C000
|
unkown
|
page read and write
|
|
|
|
7DF4C5490000
|
unkown image
|
page readonly
|
|
|
|
7DF5E7922000
|
unkown image
|
page readonly
|
|
|
|
2CF5000
|
unkown image
|
page readonly
|
|
|
|
E357DFE000
|
unkown
|
page read and write
|
|
|
|
7DF595D10000
|
unkown image
|
page readonly
|
|
|
|
230A6400000
|
unkown
|
page read and write
|
|
|
|
21672A5C000
|
unkown
|
page read and write
|
|
|
|
12883E45000
|
unkown
|
page read and write
|
|
|
|
7FF53412D000
|
unkown image
|
page readonly
|
|
|
|
1E50D440000
|
unkown
|
page read and write
|
|
|
|
2CB9000
|
unkown image
|
page readonly
|
|
|
|
216728D0000
|
unkown image
|
page readonly
|
|
|
|
19C0998A000
|
unkown
|
page read and write
|
|
|
|
7FF53442F000
|
unkown image
|
page readonly
|
|
|
|
7FF51618F000
|
unkown image
|
page readonly
|
|
|
|
19C09102000
|
unkown
|
page read and write
|
|
|
|
2048F630000
|
unkown image
|
page read and write
|
|
|
|
7FF5803FD000
|
unkown image
|
page readonly
|
|
|
|
19C09E02000
|
unkown
|
page read and write
|
|
|
|
2AEB000
|
unkown image
|
page readonly
|
|
|
|
793976C000
|
unkown
|
page read and write
|
|
|
|
7DF549D30000
|
unkown image
|
page readonly
|
|
|
|
80F0000
|
unkown
|
page read and write
|
|
|
|
53ACFFF000
|
unkown
|
page read and write
|
|
|
|
7DF5AF260000
|
unkown image
|
page readonly
|
|
|
|
19C09057000
|
unkown
|
page read and write
|
|
|
|
E357A7A000
|
unkown
|
page read and write
|
|
|
|
7FF55A034000
|
unkown image
|
page readonly
|
|
|
|
19C09982000
|
unkown
|
page read and write
|
|
|
|
7FF559E3E000
|
unkown image
|
page readonly
|
|
|
|
216728C0000
|
heap private
|
page read and write
|
|
|
|
3170000
|
unkown
|
page read and write
|
|
|
|
216728B0000
|
unkown image
|
page read and write
|
|
|
|
7FF57A19E000
|
unkown image
|
page readonly
|
|
|
|
19C09992000
|
unkown
|
page read and write
|
|
|
|
7DF4E57E0000
|
unkown image
|
page readonly
|
|
|
|
19C0997B000
|
unkown
|
page read and write
|
|
|
|
1C27F020000
|
unkown image
|
page readonly
|
|
|
|
7FF57A0BC000
|
unkown image
|
page readonly
|
|
|
|
19C0999A000
|
unkown
|
page read and write
|
|
|
|
7FF5803FF000
|
unkown image
|
page readonly
|
|
|
|
7FF5341C2000
|
unkown image
|
page readonly
|
|
|
|
7FF5D1F17000
|
unkown image
|
page readonly
|
|
|
|
19C0997A000
|
unkown
|
page read and write
|
|
|
|
1AA1A67C000
|
unkown
|
page read and write
|
|
|
|
7FF5342AE000
|
unkown image
|
page readonly
|
|
|
|
7DF56F950000
|
unkown image
|
page readonly
|
|
|
|
7F4F2000
|
unkown image
|
page readonly
|
|
|
|
7FF5164D0000
|
unkown image
|
page readonly
|
|
|
|
12883E7C000
|
unkown
|
page read and write
|
|
|
|
7FF51650C000
|
unkown image
|
page readonly
|
|
|
|
230A5CAD000
|
unkown
|
page read and write
|
|
|
|
7DF58FAB2000
|
unkown image
|
page readonly
|
|
|
|
BE98FC000
|
unkown
|
page read and write
|
|
|
|
53AC9FF000
|
unkown
|
page read and write
|
|
|
|
7FF577A3D000
|
unkown image
|
page readonly
|
|
|
|
19C09997000
|
unkown
|
page read and write
|
|
|
|
7FF5D1FDF000
|
unkown image
|
page readonly
|
|
|
|
7FF5D1F38000
|
unkown image
|
page readonly
|
|
|
|
19C0997D000
|
unkown
|
page read and write
|
|
|
|
7FF577818000
|
unkown image
|
page readonly
|
|
|
|
7DF58FAB2000
|
unkown image
|
page readonly
|
|
|
|
1C27EFF0000
|
unkown image
|
page readonly
|
|
|
|
2EA5000
|
unkown
|
page read and write
|
|
|
|
19C09E1D000
|
unkown
|
page read and write
|
|
|
|
19C09985000
|
unkown
|
page read and write
|
|
|
|
1E50D3D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D1CD3000
|
unkown image
|
page readonly
|
|
|
|
230AB120000
|
unkown
|
page read and write
|
|
|
|
7FF577C79000
|
unkown image
|
page readonly
|
|
|
|
19C09974000
|
unkown
|
page read and write
|
|
|
|
7FF559B28000
|
unkown image
|
page readonly
|
|
|
|
19C09996000
|
unkown
|
page read and write
|
|
|
|
7FF5573CD000
|
unkown image
|
page readonly
|
|
|
|
7FF577C18000
|
unkown image
|
page readonly
|
|
|
|
31C0000
|
heap private
|
page read and write
|
|
|
|
7FF5165EB000
|
unkown image
|
page readonly
|
|
|
|
230AB550000
|
unkown
|
page read and write
|
|
|
|
1E50D2D0000
|
unkown image
|
page readonly
|
|
|
|
1AA1A8A0000
|
unkown image
|
page readonly
|
|
|
|
19C09029000
|
unkown
|
page read and write
|
|
|
|
1E50DC02000
|
unkown
|
page read and write
|
|
|
|
1C27F7A0000
|
unkown
|
page read and write
|
|
|
|
7DF549D32000
|
unkown image
|
page readonly
|
|
|
|
19C0997D000
|
unkown
|
page read and write
|
|
|
|
7FF559C25000
|
unkown image
|
page readonly
|
|
|
|
4B9EBFD000
|
unkown
|
page read and write
|
|
|
|
7FF59993B000
|
unkown image
|
page readonly
|
|
|
|
4D90000
|
heap private
|
page read and write
|
|
|
|
7FF5D201F000
|
unkown image
|
page readonly
|
|
|
|
7DF58D650000
|
unkown image
|
page readonly
|
|
|
|
19C09988000
|
unkown
|
page read and write
|
|
|
|
4D94000
|
heap private
|
page read and write
|
|
|
|
7E80000
|
unkown
|
page read and write
|
|
|
|
2DE0000
|
unkown image
|
page readonly
|
|
|
|
7FF5802F3000
|
unkown image
|
page readonly
|
|
|
|
1C27EFD0000
|
unkown image
|
page read and write
|
|
|
|
7FF5991A6000
|
unkown image
|
page readonly
|
|
|
|
12883E4E000
|
unkown
|
page read and write
|
|
|
|
7DF56CCE2000
|
unkown image
|
page readonly
|
|
|
|
1E6BCD80000
|
unkown image
|
page readonly
|
|
|
|
1AA1A67F000
|
unkown
|
page read and write
|
|
|
|
2D40000
|
unkown image
|
page read and write
|
|
|
|
7FF5802F5000
|
unkown image
|
page readonly
|
|
|
|
7FF599934000
|
unkown image
|
page readonly
|
|
|
|
7FF577809000
|
unkown image
|
page readonly
|
|
|
|
19C09740000
|
unkown
|
page read and write
|
|
|
|
7FF57A0A7000
|
unkown image
|
page readonly
|
|
|
|
21672A54000
|
unkown
|
page read and write
|
|
|
|
1AA1A5E0000
|
unkown image
|
page readonly
|
|
|
|
2B07000
|
unkown image
|
page readonly
|
|
|
|
2A79000
|
unkown image
|
page readonly
|
|
|
|
7FF579A24000
|
unkown image
|
page readonly
|
|
|
|
1AA1A640000
|
heap default
|
page read and write
|
|
|
|
4B9E97E000
|
unkown
|
page read and write
|
|
|
|
7FF5B1CCF000
|
unkown image
|
page readonly
|
|
|
|
2D85000
|
unkown image
|
page readonly
|
|
|
|
12883E54000
|
unkown
|
page read and write
|
|
|
|
7FF51654A000
|
unkown image
|
page readonly
|
|
|
|
7F030000
|
unkown image
|
page readonly
|
|
|
|
7FF5165FB000
|
unkown image
|
page readonly
|
|
|
|
7FF5998B5000
|
unkown image
|
page readonly
|
|
|
|
7DF5AF242000
|
unkown image
|
page readonly
|
|
|
|
31C7000
|
heap private
|
page read and write
|
|
|
|
7FF577C8A000
|
unkown image
|
page readonly
|
|
|
|
7FF5598A0000
|
unkown image
|
page readonly
|
|
|
|
7FF59973E000
|
unkown image
|
page readonly
|
|
|
|
7FF5343EF000
|
unkown image
|
page readonly
|
|
|
|
242F4AB000
|
unkown
|
page read and write
|
|
|
|
12883E74000
|
unkown
|
page read and write
|
|
|
|
4B9E7FF000
|
unkown
|
page read and write
|
|
|
|
E35837F000
|
unkown
|
page read and write
|
|
|
|
741B4FF000
|
unkown
|
page read and write
|
|
|
|
7F2A2000
|
unkown image
|
page readonly
|
|
|
|
2CA1000
|
unkown image
|
page readonly
|
|
|
|
7FF5802EC000
|
unkown image
|
page readonly
|
|
|
|
19C0995B000
|
unkown
|
page read and write
|
|
|
|
2AF5000
|
unkown image
|
page readonly
|
|
|
|
19C099BB000
|
unkown
|
page read and write
|
|
|
|
21672900000
|
unkown image
|
page readonly
|
|
|
|
7FF5B1C88000
|
unkown image
|
page readonly
|
|
|
|
7FF57A0DD000
|
unkown image
|
page readonly
|
|
|
|
7FF5803EB000
|
unkown image
|
page readonly
|
|
|
|
19C09E02000
|
unkown
|
page read and write
|
|
|
|
65E0000
|
unkown image
|
page readonly
|
|
|
|
12883E66000
|
unkown
|
page read and write
|
|
|
|
12883E13000
|
unkown
|
page read and write
|
|
|
|
34EA000
|
heap private
|
page read and write
|
|
|
|
20490002000
|
unkown
|
page read and write
|
|
|
|
331C000
|
unkown
|
page read and write
|
|
|
|
230A5C00000
|
unkown
|
page read and write
|
|
|
|
2048F84A000
|
unkown
|
page read and write
|
|
|
|
4B9E32C000
|
unkown
|
page read and write
|
|
|
|
230A5BB0000
|
heap default
|
page read and write
|
|
|
|
7FF5D1DBD000
|
unkown image
|
page readonly
|
|
|
|
12883E73000
|
unkown
|
page read and write
|
|
|
|
3318000
|
unkown
|
page read and write
|
|
|
|
2048F83C000
|
unkown
|
page read and write
|
|
|
|
7FF5D1AF8000
|
unkown image
|
page readonly
|
|
|
|
12883E7A000
|
unkown
|
page read and write
|
|
|
|
12883E62000
|
unkown
|
page read and write
|
|
|
|
E357F7F000
|
unkown
|
page read and write
|
|
|
|
2AFC000
|
unkown image
|
page readonly
|
|
|
|
19C09E02000
|
unkown
|
page read and write
|
|
|
|
7FF5165BF000
|
unkown image
|
page readonly
|
|
|
|
7FF57A0F3000
|
unkown image
|
page readonly
|
|
|
|
741B57A000
|
unkown
|
page read and write
|
|
|
|
7FF55A03E000
|
unkown image
|
page readonly
|
|
|
|
1E50D513000
|
unkown
|
page read and write
|
|
|
|
19C09982000
|
unkown
|
page read and write
|
|
|
|
230AB23C000
|
unkown
|
page read and write
|
|
|
|
1E6BC813000
|
unkown
|
page read and write
|
|
|
|
230A5B40000
|
unkown image
|
page read and write
|
|
|
|
230A6558000
|
unkown
|
page read and write
|
|
|
|
2A75000
|
unkown image
|
page readonly
|
|
|
|
7DF58FAC0000
|
unkown image
|
page readonly
|
|
|
|
1C27F240000
|
unkown
|
page read and write
|
|
|
|
1E6BD340000
|
unkown image
|
page write copy
|
|
|
|
230AB304000
|
unkown
|
page read and write
|
|
|
|
7FF5802F7000
|
unkown image
|
page readonly
|
|
|
|
7DF58FAA2000
|
unkown image
|
page readonly
|
|
|
|
19C09955000
|
unkown
|
page read and write
|
|
|
|
230A5BE0000
|
unkown
|
page read and write
|
|
|
|
7FF57A0FA000
|
unkown image
|
page readonly
|
|
|
|
7FF580365000
|
unkown image
|
page readonly
|
|
|
|
7FF5803C6000
|
unkown image
|
page readonly
|
|
|
|
7FF5573A8000
|
unkown image
|
page readonly
|
|
|
|
7939A7E000
|
unkown
|
page read and write
|
|
|
|
7DF58D650000
|
unkown image
|
page readonly
|
|
|
|
3498000
|
unkown
|
page read and write
|
|
There are 1398 hidden memdumps, click here to show them.