Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
CTS Graphic module for CID-Pro measurement files.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, MSI Installer, Code page: 0, Number of Characters:
0, Number of Pages: 200, Template: ;9, Number of Words: 0, Revision Number: {20A29E39-AE61-4E1D-8B05-2B53D975F455}, Security:
0, Last Printed: Tue Oct 5 09:00:44 2021, Create Time/Date: Tue Oct 5 09:00:44 2021, Last Saved Time/Date: Tue Oct 5 09:00:44
2021
|
initial sample
|
 |
|
|
C:\Config.Msi\4629bc.rbs
|
data
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\MSI195.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\MSI5C.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\MSI602bb.LOG
|
Little-endian UTF-16 Unicode text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\MSIF925.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\MSIFDD9.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\MSIFF03.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\4629bb.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, MSI Installer, Code page: 0, Number of Characters:
0, Number of Pages: 200, Template: ;9, Number of Words: 0, Revision Number: {20A29E39-AE61-4E1D-8B05-2B53D975F455}, Security:
0, Last Printed: Tue Oct 5 09:00:44 2021, Create Time/Date: Tue Oct 5 09:00:44 2021, Last Saved Time/Date: Tue Oct 5 09:00:44
2021
|
dropped
|
|
|
|
C:\Windows\Installer\MSI2E3F.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\MSI37D5.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\MSI38D0.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\MSI3C7D.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\MSI3EA0.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\MSI4009.tmp
|
data
|
dropped
|
|
|
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
|
UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
dropped
|
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\msiexec.exe
|
'C:\Windows\System32\msiexec.exe' /i 'C:\Users\user\Desktop\CTS Graphic module for CID-Pro measurement files.msi'
|
|
|
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding 92B7A03B753DE557328F7B181D3A0B3D C
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding B258116E8C98C69587BFD784FAB73825
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
|
|
|
http://www.symauth.com/cps0(
|
unknown
|
|
|
|
http://www.symauth.com/rpa00
|
unknown
|
|
|
|
https://www.cts-umweltsimulation.de
|
unknown
|
|
|
|
http://ocsp.thawte.com0
|
unknown
|
|
|
|
https://www.cts-umweltsimulation.de%
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Config.Msi\
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\4629bc.rbs
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\4629bc.rbsLow
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BB07DFC4EECBA6D4F80E63320C80CC6E
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\030168055CAD4F647910F825368445DB
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0544F50C78A0B054785DB21B0CFED5B1
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B30FE804616AC741B1CDF8A94E8EEE7
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1439150C59905224189FD405F28C4409
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\19966094764647D47B753D5730B82035
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7ED33C663245240A26E3F1362054A5
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\121E07E274104A84CB81CB161438C9E3
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01D6CB72DAEAAEA409BEC33F7C4D89A0
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\33A8D30BA706C124F9F734645E243A72
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F15517706CCD5644EBC144E7E05F2CDB
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1363E20BE9A1BB48A58E829C4E5F1F8
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\41D2F0176A3684D4386C9C4BF5E0B038
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD3FD12F2CE320E4BA9A605D9F15BA05
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A1C2A67A01CA7014E8D54B3514937C8C
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E7591DDD4C72043B57086C1B9CEDD6
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A1945065160BE1F45B6D6E35B01F7EB5
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B437F75DB7B20924E84D0014E6C5C2F6
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AF644B634EC81747B955A9BBAED27B2
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B23722F17FCDCFA4EB29458C53F77BCC
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397D31DD9B8E51743A031C4D8D194AB9
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\301D06ED66D813745A729E4AC0280031
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\666760BB284E4314BB412644E83273AA
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C91C28D756C15EA4BBB24117A63E066B
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50BC50C29F4921148B46B1683A9446D6
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3146E35D2216AF6428EE45123C0FD47D
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF86B8B5E42619248B512BEA72DA8E96
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1218966E8EB63FC4AA32C3F7E64A5657
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\62319D30B39BEBE419040AFF8D957A1D
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0722A3A03E207364880306EA7E12AEE6
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\445450F33F0A107438098FCD48B97EB3
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D2E5EFEE3DB5524483DAA0167CBA8C8
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71DE60B7053118A429FA9BAA6EE8EE8F
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2185CC7B3CA863D42A433EB7E909D7CE
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB4C2B3C2B7564B488C721C6135A55D3
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D481E0A0155B064A96D6EE3AA249256
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\19586EDFF0FC7F842871FECE5ED61899
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9F260797A1688BA41AEB56A1A100D2CB
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BD8397FB684BC348A350F8C135EDFED
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC11ECF2992199F41A2F5E82AB2CD7B9
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D0760692F25679447804A3ADD5AC6156
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\231D1EA260D0B5646840B8C503A465C5
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D1649DCB6800CE543A06C4801C240E75
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\592B876A9CF50F24E9372AE3A5CCB7EF
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9AA31250FA2960549BDCEB7E735059A5
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDD00CEA264B23E4898002AD53610DD7
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D8BE11179417503439D4228AA03AD537
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1B0E200D57341045A347B941B3D2CA0
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\685D505D8BA512540B496695BAD5EBE4
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0796D9492996E064499D4FD3D533A6BA
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC8D28A1EDC82024A95AC7FB5B7274FD
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\848BF7CEABAFB294EAF5A34AB8E41EC2
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6475A6794F8F9184C8E96A24F362C557
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D410209D964433E4A8125555F6E7CF47
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\10FC9F8BDF6E39346A784429C41090C1
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C490090EAAA8514C9EA22DDCC8C5794
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4188265143BA914AB1C5B220DCF2229
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\710FF278AF4C384439406C7563B12FED
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\05E03DB76B8984A43B7E842139C95B8F
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7F6CA4CFD37CA4B4789AC870CCF28F20
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1D07FFF8AB0BC04885EA3C4CCA6938B
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3920B34A5A37C8E4F8453158FE55842A
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\764C29C4BD52E3A41971789C2FEF4F9C
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\78FE290DC5A065542BB60FF75C8DA09E
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FCDDE81374C80EE479E8AF0D79E01757
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14A1E9E1971EF3846BF291C2B5ECD4C6
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFDDACEC71A7DD0428E266C9FA0A8115
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D87BC16B8FB56764899A45D208FF86C4
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ABFC742744AA0644CA45862FCBC00B03
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E01B3D8F6DB7E6347805CF7675C766D1
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB1BA8582C831E24FBB2F7ED8379F963
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CDC499F9A739D2345B8741948C90E262
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\SharedDlls
|
C:\Windows\system32\cvirte.dll
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B96038449688B704586135A3006478A7
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C79D43CEFB2DDC942A6146CCD45A7C72
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FE0A2F226AF2954EBD08A7E99BB794D
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\SharedDlls
|
C:\Windows\system32\cviauto.dll
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2D0DD4856729D324C8005F6C19736B24
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\SharedDlls
|
C:\Windows\system32\cviUSI.dll
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F19FB25FA53C034B9EEA263A686C27F
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\SharedDlls
|
C:\Windows\system32\dataskt.dll
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0770C8AFE960C024CBAC940AD341D534
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\SharedDlls
|
C:\Windows\system32\cvintwrk.dll
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\312CEB4378B13F949B1BE3BA550E2EB0
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2AEED6CA6E48EEA43B8EF96E7EEE6A50
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\SharedDlls
|
C:\Windows\system32\cvitdms.dll
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2A4A0083410AE334689D7C26F258E3B0
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FAE628D852A381640AB23F22C88B577B
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23266B966699A5049B2BF81FA6EBF032
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B17254D9FB779AF44B17DF71926B77A2
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\96180803C8F96F34CBA014102CCBF38D
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5248C852DE8595D4682AACB3B536206D
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFD28A845583918439B5F1A3AF0E9516
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EBF5F4ADA22E07A4C87144D5BAC01A7F
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75E123D699E378B3FB32C2FD3F63C14B
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B121D1754691A29369A50091D3A51E1A
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\909E59FB5F378733ABE9A56AB30732F0
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E22E976033B685437B6E78A79C856562
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\489285C3706753E33A733D3D72903715
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F74C83443EF904D34AF9EDBF71F48762
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9DD834BCB1B20E23A96A6DAD28ECD979
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D36A387FC01EF2F33B9CDB1C9FE8BDDC
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3E285BE69D65F4B3F83D8E11830483F1
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FCC01B60BAF4F3637A6C90A523BD3667
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3A880436E76DD633495267B76A09C747
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9166B4ED039A84439930ADDFB2752F5F
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D780146C9EEB404393EF5F1B7B78F94
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6CBA19C0FD3F7B4C8B8A8D2E2696114
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B16BDFB377AA9FF458703419B45690ED
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BDCE19A44F36DE04194A9B4B839191EA
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4855EB21F72F4F469EDB44E157CEA69
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\995952F23BFC48344861C51BB76A4915
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E2FADCE02DBEBBA47866F0BB51EC2EA4
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A24304B5DF0372049B59017A6059004F
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4BD7075FA3CA6514D88AC352058B82D2
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E06AB647FE16B847B3F7836DEA689C1
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\a6f008eDc5593884abffbc12018b2de4
|
96F008EDC5593884ABFFBC12018B2DE4
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\SharedDlls
|
C:\Windows\system32\cvirt.dll
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\CTSGraphicModule\
|
|
There are 112 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF5880C4000
|
unkown image
|
page readonly
|
|
|
|
7FF58812B000
|
unkown image
|
page readonly
|
|
|
|
2B67B77000
|
stack
|
page read and write
|
|
|
|
7FF5925CF000
|
unkown image
|
page readonly
|
|
|
|
7DF5A7ED0000
|
unkown image
|
page readonly
|
|
|
|
7FF5923BE000
|
unkown image
|
page readonly
|
|
|
|
7FF5C885F000
|
unkown image
|
page readonly
|
|
|
|
13F22F02000
|
unkown
|
page read and write
|
|
|
|
7FF588400000
|
unkown image
|
page readonly
|
|
|
|
7FF56A05A000
|
unkown image
|
page readonly
|
|
|
|
19C4886A000
|
unkown
|
page read and write
|
|
|
|
19C4885A000
|
unkown
|
page read and write
|
|
|
|
1A4A2CFF000
|
unkown
|
page read and write
|
|
|
|
7FF527AEE000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4EE3000
|
unkown image
|
page readonly
|
|
|
|
20E00102000
|
unkown
|
page read and write
|
|
|
|
AC92F7E000
|
stack
|
page read and write
|
|
|
|
1A49D580000
|
unkown image
|
page read and write
|
|
|
|
1A49E630000
|
unkown image
|
page readonly
|
|
|
|
7FF5C86D4000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0F58000
|
unkown image
|
page readonly
|
|
|
|
19C48858000
|
unkown
|
page read and write
|
|
|
|
7DF5257E0000
|
unkown image
|
page readonly
|
|
|
|
20E00200000
|
unkown image
|
page readonly
|
|
|
|
20E00013000
|
unkown
|
page read and write
|
|
|
|
1A4A2C52000
|
unkown
|
page read and write
|
|
|
|
7DF597E42000
|
unkown image
|
page readonly
|
|
|
|
7FF58843C000
|
unkown image
|
page readonly
|
|
|
|
7DF4DC020000
|
unkown image
|
page readonly
|
|
|
|
7FF50FE3A000
|
unkown image
|
page readonly
|
|
|
|
7FF5822DD000
|
unkown image
|
page readonly
|
|
|
|
7FF5884B5000
|
unkown image
|
page readonly
|
|
|
|
7FF569FAD000
|
unkown image
|
page readonly
|
|
|
|
7FF588457000
|
unkown image
|
page readonly
|
|
|
|
7FF5C885F000
|
unkown image
|
page readonly
|
|
|
|
19C487C0000
|
heap default
|
page read and write
|
|
|
|
7DF5DA910000
|
unkown image
|
page readonly
|
|
|
|
1E064900000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0F66000
|
unkown image
|
page readonly
|
|
|
|
7DF4E4760000
|
unkown image
|
page readonly
|
|
|
|
1E701B90000
|
unkown image
|
page readonly
|
|
|
|
1A49DF13000
|
unkown
|
page read and write
|
|
|
|
1A49DB80000
|
unkown image
|
page readonly
|
|
|
|
1D267B90000
|
unkown
|
page read and write
|
|
|
|
7FF50FD3F000
|
unkown image
|
page readonly
|
|
|
|
289FF070000
|
unkown
|
page read and write
|
|
|
|
1D267C02000
|
unkown
|
page read and write
|
|
|
|
1E064800000
|
unkown image
|
page readonly
|
|
|
|
7DF5257E2000
|
unkown image
|
page readonly
|
|
|
|
7FF527A18000
|
unkown image
|
page readonly
|
|
|
|
46492FE000
|
stack
|
page read and write
|
|
|
|
7FF50FDE3000
|
unkown image
|
page readonly
|
|
|
|
2B6756E000
|
stack
|
page read and write
|
|
|
|
7DF59DE60000
|
unkown image
|
page readonly
|
|
|
|
873707E000
|
stack
|
page read and write
|
|
|
|
15FE2FD0000
|
unkown image
|
page readonly
|
|
|
|
15FE3200000
|
unkown image
|
page readonly
|
|
|
|
7FF56A017000
|
unkown image
|
page readonly
|
|
|
|
7DF5E68A2000
|
unkown image
|
page readonly
|
|
|
|
7FF5C87C5000
|
unkown image
|
page readonly
|
|
|
|
1E701800000
|
unkown image
|
page readonly
|
|
|
|
7FF50F9C8000
|
unkown image
|
page readonly
|
|
|
|
7FF50F9B9000
|
unkown image
|
page readonly
|
|
|
|
7FF582458000
|
unkown image
|
page readonly
|
|
|
|
289FF0CB000
|
unkown
|
page read and write
|
|
|
|
13F22E7F000
|
unkown
|
page read and write
|
|
|
|
7FF5883C4000
|
unkown image
|
page readonly
|
|
|
|
289FF088000
|
unkown
|
page read and write
|
|
|
|
1D267B00000
|
heap private
|
page read and write
|
|
|
|
7DEA9FE000
|
stack
|
page read and write
|
|
|
|
7DF59DE52000
|
unkown image
|
page readonly
|
|
|
|
7FF527AEB000
|
unkown image
|
page readonly
|
|
|
|
D2349FE000
|
stack
|
page read and write
|
|
|
|
7FF50FEEB000
|
unkown image
|
page readonly
|
|
|
|
7FF56A049000
|
unkown image
|
page readonly
|
|
|
|
7DF57FA12000
|
unkown image
|
page readonly
|
|
|
|
7FF5C86DE000
|
unkown image
|
page readonly
|
|
|
|
1E064A29000
|
unkown
|
page read and write
|
|
|
|
20E0002A000
|
unkown
|
page read and write
|
|
|
|
7FF58242C000
|
unkown image
|
page readonly
|
|
|
|
6C8987F000
|
stack
|
page read and write
|
|
|
|
15FE2EC0000
|
unkown image
|
page readonly
|
|
|
|
7FF5925CF000
|
unkown image
|
page readonly
|
|
|
|
13F22E02000
|
unkown
|
page read and write
|
|
|
|
D044FFF000
|
stack
|
page read and write
|
|
|
|
6C897FB000
|
stack
|
page read and write
|
|
|
|
7FF58823A000
|
unkown image
|
page readonly
|
|
|
|
1A49DDE0000
|
unkown
|
page read and write
|
|
|
|
1E701C80000
|
unkown
|
page read and write
|
|
|
|
15FE2EF0000
|
heap default
|
page read and write
|
|
|
|
7FF587C24000
|
unkown image
|
page readonly
|
|
|
|
13F22F08000
|
unkown
|
page read and write
|
|
|
|
7FF58250B000
|
unkown image
|
page readonly
|
|
|
|
1A4A2E30000
|
unkown
|
page read and write
|
|
|
|
7FF5925A0000
|
unkown image
|
page readonly
|
|
|
|
20E00000000
|
unkown
|
page read and write
|
|
|
|
1E70164A000
|
unkown
|
page read and write
|
|
|
|
1E70168E000
|
unkown
|
page read and write
|
|
|
|
7FF58853B000
|
unkown image
|
page readonly
|
|
|
|
7FF5822D2000
|
unkown image
|
page readonly
|
|
|
|
1E064910000
|
unkown image
|
page readonly
|
|
|
|
7FF59239E000
|
unkown image
|
page readonly
|
|
|
|
1D267ED0000
|
unkown image
|
page readonly
|
|
|
|
20E00602000
|
unkown
|
page read and write
|
|
|
|
1A49D420000
|
unkown image
|
page readonly
|
|
|
|
7FF588447000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0F8E000
|
unkown image
|
page readonly
|
|
|
|
1A4A29D0000
|
unkown
|
page read and write
|
|
|
|
7FF5C4D9D000
|
unkown image
|
page readonly
|
|
|
|
289FF0BA000
|
unkown
|
page read and write
|
|
|
|
7FF50FE25000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4FE4000
|
unkown image
|
page readonly
|
|
|
|
D0452FF000
|
stack
|
page read and write
|
|
|
|
7FF50FE33000
|
unkown image
|
page readonly
|
|
|
|
7DF5DE162000
|
unkown image
|
page readonly
|
|
|
|
7FF588410000
|
unkown image
|
page readonly
|
|
|
|
D234AFE000
|
stack
|
page read and write
|
|
|
|
7DF59DE42000
|
unkown image
|
page readonly
|
|
|
|
7FF527AFB000
|
unkown image
|
page readonly
|
|
|
|
7FF58252E000
|
unkown image
|
page readonly
|
|
|
|
2B675EE000
|
stack
|
page read and write
|
|
|
|
7FF5882A0000
|
unkown image
|
page readonly
|
|
|
|
19C48875000
|
unkown
|
page read and write
|
|
|
|
7FF58253F000
|
unkown image
|
page readonly
|
|
|
|
289FF802000
|
unkown
|
page read and write
|
|
|
|
7DF53D410000
|
unkown image
|
page readonly
|
|
|
|
7FF58248A000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0E97000
|
unkown image
|
page readonly
|
|
|
|
7FF5924C3000
|
unkown image
|
page readonly
|
|
|
|
1D268260000
|
unkown image
|
page readonly
|
|
|
|
D04487B000
|
unkown
|
page read and write
|
|
|
|
1A49DF59000
|
unkown
|
page read and write
|
|
|
|
7FF5C4FB8000
|
unkown image
|
page readonly
|
|
|
|
7FF58253B000
|
unkown image
|
page readonly
|
|
|
|
1D267B40000
|
unkown image
|
page readonly
|
|
|
|
7DF5E6892000
|
unkown image
|
page readonly
|
|
|
|
7DF53D3F0000
|
unkown image
|
page readonly
|
|
|
|
AC92E7C000
|
stack
|
page read and write
|
|
|
|
7DF49BD10000
|
unkown image
|
page readonly
|
|
|
|
7DF525800000
|
unkown image
|
page readonly
|
|
|
|
7DF5257E2000
|
unkown image
|
page readonly
|
|
|
|
7FF5C83BA000
|
unkown image
|
page readonly
|
|
|
|
7DF5A7EC2000
|
unkown image
|
page readonly
|
|
|
|
7DF59DE42000
|
unkown image
|
page readonly
|
|
|
|
1A49D65E000
|
unkown
|
page read and write
|
|
|
|
7FF50FED4000
|
unkown image
|
page readonly
|
|
|
|
1D267AF0000
|
unkown image
|
page read and write
|
|
|
|
19C49002000
|
unkown
|
page read and write
|
|
|
|
7FF58854B000
|
unkown image
|
page readonly
|
|
|
|
7FF582479000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0DF5000
|
unkown image
|
page readonly
|
|
|
|
D044A7B000
|
stack
|
page read and write
|
|
|
|
7FF527AC6000
|
unkown image
|
page readonly
|
|
|
|
15FE308A000
|
unkown
|
page read and write
|
|
|
|
7FF527A65000
|
unkown image
|
page readonly
|
|
|
|
AC9317E000
|
stack
|
page read and write
|
|
|
|
289FEE30000
|
heap private
|
page read and write
|
|
|
|
7FF5C4CB6000
|
unkown image
|
page readonly
|
|
|
|
20E0005A000
|
unkown
|
page read and write
|
|
|
|
20E00400000
|
unkown image
|
page readonly
|
|
|
|
7FF588443000
|
unkown image
|
page readonly
|
|
|
|
7DF5E68A0000
|
unkown image
|
page readonly
|
|
|
|
1A4A2C20000
|
unkown
|
page read and write
|
|
|
|
7FF50FEDE000
|
unkown image
|
page readonly
|
|
|
|
19C48884000
|
unkown
|
page read and write
|
|
|
|
1A4A2CE2000
|
unkown
|
page read and write
|
|
|
|
1A4A2D02000
|
unkown
|
page read and write
|
|
|
|
7FF5D0EE3000
|
unkown image
|
page readonly
|
|
|
|
15FE3055000
|
unkown
|
page read and write
|
|
|
|
20DFFDE0000
|
unkown image
|
page readonly
|
|
|
|
1A4A2E30000
|
unkown
|
page read and write
|
|
|
|
15FE302A000
|
unkown
|
page read and write
|
|
|
|
1A4A2B00000
|
unkown
|
page read and write
|
|
|
|
1A49D641000
|
unkown
|
page read and write
|
|
|
|
1A4A2ADE000
|
unkown
|
page read and write
|
|
|
|
7FF5C4FEB000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0E14000
|
unkown image
|
page readonly
|
|
|
|
7FF588493000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0F70000
|
unkown image
|
page readonly
|
|
|
|
13F22BC0000
|
unkown image
|
page readonly
|
|
|
|
7DF53D3F2000
|
unkown image
|
page readonly
|
|
|
|
873696B000
|
unkown
|
page read and write
|
|
|
|
1A4A2C1E000
|
unkown
|
page read and write
|
|
|
|
7FF5D0DEF000
|
unkown image
|
page readonly
|
|
|
|
7FF5C882E000
|
unkown image
|
page readonly
|
|
|
|
7FF588243000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8755000
|
unkown image
|
page readonly
|
|
|
|
7FF5C83BE000
|
unkown image
|
page readonly
|
|
|
|
7DF57FA10000
|
unkown image
|
page readonly
|
|
|
|
7FF569C41000
|
unkown image
|
page readonly
|
|
|
|
7FF58244C000
|
unkown image
|
page readonly
|
|
|
|
7DF5DE162000
|
unkown image
|
page readonly
|
|
|
|
1A49E430000
|
unkown
|
page read and write
|
|
|
|
7FF5925BB000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0EA7000
|
unkown image
|
page readonly
|
|
|
|
1A49DDD0000
|
unkown
|
page read and write
|
|
|
|
289FEF70000
|
unkown image
|
page readonly
|
|
|
|
1D267C5A000
|
unkown
|
page read and write
|
|
|
|
7FF50FBA3000
|
unkown image
|
page readonly
|
|
|
|
7FF58230F000
|
unkown image
|
page readonly
|
|
|
|
7FF527AD0000
|
unkown image
|
page readonly
|
|
|
|
1E064E00000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0F9F000
|
unkown image
|
page readonly
|
|
|
|
7FF5925AD000
|
unkown image
|
page readonly
|
|
|
|
AC92A7E000
|
stack
|
page read and write
|
|
|
|
1E70164C000
|
unkown
|
page read and write
|
|
|
|
7FF5C4F4A000
|
unkown image
|
page readonly
|
|
|
|
7FF5C866D000
|
unkown image
|
page readonly
|
|
|
|
7FF592444000
|
unkown image
|
page readonly
|
|
|
|
7DF5DE150000
|
unkown image
|
page readonly
|
|
|
|
7DF53D410000
|
unkown image
|
page readonly
|
|
|
|
289FF590000
|
unkown image
|
page readonly
|
|
|
|
15FE2E80000
|
unkown image
|
page read and write
|
|
|
|
1A49DF18000
|
unkown
|
page read and write
|
|
|
|
19C48842000
|
unkown
|
page read and write
|
|
|
|
AC92CFC000
|
stack
|
page read and write
|
|
|
|
7FF5C8844000
|
unkown image
|
page readonly
|
|
|
|
7FF587D10000
|
unkown image
|
page readonly
|
|
|
|
7DF5DA910000
|
unkown image
|
page readonly
|
|
|
|
7DF57FA02000
|
unkown image
|
page readonly
|
|
|
|
7DF597E30000
|
unkown image
|
page readonly
|
|
|
|
D044EFD000
|
stack
|
page read and write
|
|
|
|
20E00580000
|
unkown image
|
page readonly
|
|
|
|
289FEE90000
|
heap default
|
page read and write
|
|
|
|
1A49D68C000
|
unkown
|
page read and write
|
|
|
|
7FF56A10D000
|
unkown image
|
page readonly
|
|
|
|
19C48863000
|
unkown
|
page read and write
|
|
|
|
7FF5C4FBF000
|
unkown image
|
page readonly
|
|
|
|
19C487A0000
|
unkown image
|
page readonly
|
|
|
|
7DF43B2C0000
|
unkown image
|
page readonly
|
|
|
|
19C48868000
|
unkown
|
page read and write
|
|
|
|
1D267B70000
|
unkown image
|
page readonly
|
|
|
|
19C48750000
|
unkown image
|
page read and write
|
|
|
|
7DF5A7EC0000
|
unkown image
|
page readonly
|
|
|
|
7FF58823C000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0F9F000
|
unkown image
|
page readonly
|
|
|
|
1A4A2C5F000
|
unkown
|
page read and write
|
|
|
|
7FF527A43000
|
unkown image
|
page readonly
|
|
|
|
7FF582414000
|
unkown image
|
page readonly
|
|
|
|
1D268402000
|
unkown
|
page read and write
|
|
|
|
20E00069000
|
unkown
|
page read and write
|
|
|
|
19C4883D000
|
unkown
|
page read and write
|
|
|
|
1E701702000
|
unkown
|
page read and write
|
|
|
|
1A4A2CDC000
|
unkown
|
page read and write
|
|
|
|
D0453FF000
|
stack
|
page read and write
|
|
|
|
13F23000000
|
unkown image
|
page readonly
|
|
|
|
1E065002000
|
unkown
|
page read and write
|
|
|
|
7FF582433000
|
unkown image
|
page readonly
|
|
|
|
289FEE70000
|
unkown image
|
page readonly
|
|
|
|
1E70168A000
|
unkown
|
page read and write
|
|
|
|
7FF50FE55000
|
unkown image
|
page readonly
|
|
|
|
15FE2FF0000
|
unkown
|
page read and write
|
|
|
|
7FF58251D000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4FDD000
|
unkown image
|
page readonly
|
|
|
|
1A49D800000
|
unkown image
|
page readonly
|
|
|
|
7FF5924C7000
|
unkown image
|
page readonly
|
|
|
|
19C48840000
|
unkown
|
page read and write
|
|
|
|
289FF029000
|
unkown
|
page read and write
|
|
|
|
6C896FE000
|
stack
|
page read and write
|
|
|
|
7FF56A053000
|
unkown image
|
page readonly
|
|
|
|
1A49D702000
|
unkown
|
page read and write
|
|
|
|
7FF569E5B000
|
unkown image
|
page readonly
|
|
|
|
7FF592093000
|
unkown image
|
page readonly
|
|
|
|
6C88FAB000
|
unkown
|
page read and write
|
|
|
|
7FF58851B000
|
unkown image
|
page readonly
|
|
|
|
1A49D420000
|
unkown image
|
page readonly
|
|
|
|
7FF58252B000
|
unkown image
|
page readonly
|
|
|
|
13F22E50000
|
unkown
|
page read and write
|
|
|
|
7DF5DA8F2000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4CA8000
|
unkown image
|
page readonly
|
|
|
|
5F2B9FB000
|
stack
|
page read and write
|
|
|
|
7DF5DA8F2000
|
unkown image
|
page readonly
|
|
|
|
1A49D613000
|
unkown
|
page read and write
|
|
|
|
15FE3002000
|
unkown
|
page read and write
|
|
|
|
7FF5C4FFD000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4FFF000
|
unkown image
|
page readonly
|
|
|
|
7DF597E50000
|
unkown image
|
page readonly
|
|
|
|
7FF5924FD000
|
unkown image
|
page readonly
|
|
|
|
D044DFE000
|
stack
|
page read and write
|
|
|
|
19C48848000
|
unkown
|
page read and write
|
|
|
|
7FF58831C000
|
unkown image
|
page readonly
|
|
|
|
15FE3400000
|
unkown image
|
page readonly
|
|
|
|
20E00066000
|
unkown
|
page read and write
|
|
|
|
1D267D00000
|
unkown
|
page read and write
|
|
|
|
1A4A2C47000
|
unkown
|
page read and write
|
|
|
|
7DF5E68B0000
|
unkown image
|
page readonly
|
|
|
|
1A4A2C2C000
|
unkown
|
page read and write
|
|
|
|
15FE3108000
|
unkown
|
page read and write
|
|
|
|
1A4A2AF0000
|
unkown
|
page read and write
|
|
|
|
7FF58854F000
|
unkown image
|
page readonly
|
|
|
|
1A4A2CF7000
|
unkown
|
page read and write
|
|
|
|
1E064C00000
|
unkown image
|
page readonly
|
|
|
|
7FF582483000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8682000
|
unkown image
|
page readonly
|
|
|
|
7FF56A014000
|
unkown image
|
page readonly
|
|
|
|
7DF5257F0000
|
unkown image
|
page readonly
|
|
|
|
7FF592099000
|
unkown image
|
page readonly
|
|
|
|
7DF47D8D0000
|
unkown image
|
page readonly
|
|
|
|
13F23380000
|
unkown image
|
page readonly
|
|
|
|
20DFFE10000
|
heap default
|
page read and write
|
|
|
|
1A4A2D04000
|
unkown
|
page read and write
|
|
|
|
6C899FF000
|
stack
|
page read and write
|
|
|
|
7FF588271000
|
unkown image
|
page readonly
|
|
|
|
1A4A2AD8000
|
unkown
|
page read and write
|
|
|
|
13F22C10000
|
heap default
|
page read and write
|
|
|
|
7FF5C4FCB000
|
unkown image
|
page readonly
|
|
|
|
15FE3100000
|
unkown
|
page read and write
|
|
|
|
7FF56A007000
|
unkown image
|
page readonly
|
|
|
|
289FEE40000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0C53000
|
unkown image
|
page readonly
|
|
|
|
7FF582422000
|
unkown image
|
page readonly
|
|
|
|
5F2B5EE000
|
stack
|
page read and write
|
|
|
|
7DF5DE152000
|
unkown image
|
page readonly
|
|
|
|
7FF50FCDE000
|
unkown image
|
page readonly
|
|
|
|
7FF58839F000
|
unkown image
|
page readonly
|
|
|
|
7FF587D13000
|
unkown image
|
page readonly
|
|
|
|
1A49E420000
|
unkown
|
page read and write
|
|
|
|
19C48AD0000
|
unkown image
|
page readonly
|
|
|
|
1E0647D0000
|
unkown image
|
page readonly
|
|
|
|
1E064A40000
|
unkown
|
page read and write
|
|
|
|
7FF5880DF000
|
unkown image
|
page readonly
|
|
|
|
1E0647F0000
|
unkown image
|
page readonly
|
|
|
|
13F23402000
|
unkown
|
page read and write
|
|
|
|
19C48770000
|
unkown image
|
page readonly
|
|
|
|
7DF57FA00000
|
unkown image
|
page readonly
|
|
|
|
7FF588516000
|
unkown image
|
page readonly
|
|
|
|
7FF50FDE7000
|
unkown image
|
page readonly
|
|
|
|
1E701708000
|
unkown
|
page read and write
|
|
|
|
1E701A00000
|
unkown image
|
page readonly
|
|
|
|
7DF53D402000
|
unkown image
|
page readonly
|
|
|
|
5F2BBFF000
|
stack
|
page read and write
|
|
|
|
7DF5E6892000
|
unkown image
|
page readonly
|
|
|
|
7FF56A0CF000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4F39000
|
unkown image
|
page readonly
|
|
|
|
7FF50FEDB000
|
unkown image
|
page readonly
|
|
|
|
1A49D69C000
|
unkown
|
page read and write
|
|
|
|
19C48800000
|
unkown
|
page read and write
|
|
|
|
15FE2ED0000
|
unkown image
|
page readonly
|
|
|
|
1D267B60000
|
heap default
|
page read and write
|
|
|
|
289FEE20000
|
unkown image
|
page read and write
|
|
|
|
7FF58253D000
|
unkown image
|
page readonly
|
|
|
|
19C48845000
|
unkown
|
page read and write
|
|
|
|
1A49E001000
|
unkown
|
page read and write
|
|
|
|
1D267B10000
|
unkown image
|
page readonly
|
|
|
|
13F22DE0000
|
unkown
|
page read and write
|
|
|
|
1E0647C0000
|
heap private
|
page read and write
|
|
|
|
1A49DF02000
|
unkown
|
page read and write
|
|
|
|
7DEA3DC000
|
unkown
|
page read and write
|
|
|
|
8736E7B000
|
stack
|
page read and write
|
|
|
|
7FF56A075000
|
unkown image
|
page readonly
|
|
|
|
7FF50FC8D000
|
unkown image
|
page readonly
|
|
|
|
AC928FC000
|
stack
|
page read and write
|
|
|
|
289FEE60000
|
unkown image
|
page readonly
|
|
|
|
AC92B7E000
|
stack
|
page read and write
|
|
|
|
7DF59DE40000
|
unkown image
|
page readonly
|
|
|
|
1E064A5C000
|
unkown
|
page read and write
|
|
|
|
7FF527AB8000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4F35000
|
unkown image
|
page readonly
|
|
|
|
20DFFDC0000
|
unkown image
|
page readonly
|
|
|
|
1A49DF18000
|
unkown
|
page read and write
|
|
|
|
1D268250000
|
unkown image
|
page readonly
|
|
|
|
6C893F7000
|
stack
|
page read and write
|
|
|
|
1A4A2AF1000
|
unkown
|
page read and write
|
|
|
|
7FF588534000
|
unkown image
|
page readonly
|
|
|
|
7DF5DA900000
|
unkown image
|
page readonly
|
|
|
|
D0451FF000
|
stack
|
page read and write
|
|
|
|
7DF597E32000
|
unkown image
|
page readonly
|
|
|
|
7FF5C884E000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4EC0000
|
unkown image
|
page readonly
|
|
|
|
7FF50FD03000
|
unkown image
|
page readonly
|
|
|
|
7FF50FE29000
|
unkown image
|
page readonly
|
|
|
|
7FF50FD64000
|
unkown image
|
page readonly
|
|
|
|
1E064A58000
|
unkown
|
page read and write
|
|
|
|
1A4A2AF4000
|
unkown
|
page read and write
|
|
|
|
7FF5D05F5000
|
unkown image
|
page readonly
|
|
|
|
7FF5882ED000
|
unkown image
|
page readonly
|
|
|
|
7FF50FD45000
|
unkown image
|
page readonly
|
|
|
|
5F2BCFE000
|
stack
|
page read and write
|
|
|
|
8736C7F000
|
stack
|
page read and write
|
|
|
|
1A49E620000
|
unkown image
|
page readonly
|
|
|
|
7FF5C87AA000
|
unkown image
|
page readonly
|
|
|
|
7DF5E6890000
|
unkown image
|
page readonly
|
|
|
|
7FF58845C000
|
unkown image
|
page readonly
|
|
|
|
13F22E56000
|
unkown
|
page read and write
|
|
|
|
6C89A7F000
|
stack
|
page read and write
|
|
|
|
7FF5D0ED9000
|
unkown image
|
page readonly
|
|
|
|
1A4A2C00000
|
unkown
|
page read and write
|
|
|
|
289FF0E1000
|
unkown
|
page read and write
|
|
|
|
7FF5924DC000
|
unkown image
|
page readonly
|
|
|
|
7FF5C884B000
|
unkown image
|
page readonly
|
|
|
|
D234BFD000
|
stack
|
page read and write
|
|
|
|
1A49E520000
|
unkown
|
page read and write
|
|
|
|
7FF5C4FC6000
|
unkown image
|
page readonly
|
|
|
|
46491FE000
|
stack
|
page read and write
|
|
|
|
7FF588432000
|
unkown image
|
page readonly
|
|
|
|
7DF59DE40000
|
unkown image
|
page readonly
|
|
|
|
15FE307F000
|
unkown
|
page read and write
|
|
|
|
289FEF90000
|
unkown
|
page read and write
|
|
|
|
7FF5C882B000
|
unkown image
|
page readonly
|
|
|
|
20DFFEF0000
|
unkown image
|
page readonly
|
|
|
|
1A49D62A000
|
unkown
|
page read and write
|
|
|
|
19C48865000
|
unkown
|
page read and write
|
|
|
|
7DF597E50000
|
unkown image
|
page readonly
|
|
|
|
7DF5E68A0000
|
unkown image
|
page readonly
|
|
|
|
7DF57FA02000
|
unkown image
|
page readonly
|
|
|
|
7FF50FCB3000
|
unkown image
|
page readonly
|
|
|
|
19C48861000
|
unkown
|
page read and write
|
|
|
|
19C4886B000
|
unkown
|
page read and write
|
|
|
|
1A4A2E00000
|
unkown
|
page read and write
|
|
|
|
1E064820000
|
heap default
|
page read and write
|
|
|
|
7FF592509000
|
unkown image
|
page readonly
|
|
|
|
7DF5DE160000
|
unkown image
|
page readonly
|
|
|
|
1A49DE00000
|
unkown
|
page read and write
|
|
|
|
7DF53D402000
|
unkown image
|
page readonly
|
|
|
|
15FE2EA0000
|
unkown image
|
page readonly
|
|
|
|
7FF52730F000
|
unkown image
|
page readonly
|
|
|
|
1E065200000
|
unkown
|
page read and write
|
|
|
|
1E0647B0000
|
unkown image
|
page read and write
|
|
|
|
7FF5925B4000
|
unkown image
|
page readonly
|
|
|
|
7FF56A01C000
|
unkown image
|
page readonly
|
|
|
|
19C48E50000
|
unkown image
|
page readonly
|
|
|
|
7FF58849A000
|
unkown image
|
page readonly
|
|
|
|
19C4883B000
|
unkown
|
page read and write
|
|
|
|
7DF5E6890000
|
unkown image
|
page readonly
|
|
|
|
19C48860000
|
unkown
|
page read and write
|
|
|
|
7FF58824D000
|
unkown image
|
page readonly
|
|
|
|
1A49DF59000
|
unkown
|
page read and write
|
|
|
|
1A4A2C3A000
|
unkown
|
page read and write
|
|
|
|
20DFFFE0000
|
unkown
|
page read and write
|
|
|
|
7FF5C883D000
|
unkown image
|
page readonly
|
|
|
|
873717F000
|
stack
|
page read and write
|
|
|
|
289FF102000
|
unkown
|
page read and write
|
|
|
|
1E064B02000
|
unkown
|
page read and write
|
|
|
|
7FF5279F7000
|
unkown image
|
page readonly
|
|
|
|
7FF582475000
|
unkown image
|
page readonly
|
|
|
|
7FF5C85FD000
|
unkown image
|
page readonly
|
|
|
|
7DF597E32000
|
unkown image
|
page readonly
|
|
|
|
1A49DE15000
|
unkown
|
page read and write
|
|
|
|
1D267C28000
|
unkown
|
page read and write
|
|
|
|
7FF5C885D000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4ED0000
|
unkown image
|
page readonly
|
|
|
|
7FF588056000
|
unkown image
|
page readonly
|
|
|
|
1A49D668000
|
unkown
|
page read and write
|
|
|
|
1E701653000
|
unkown
|
page read and write
|
|
|
|
7FF5C8676000
|
unkown image
|
page readonly
|
|
|
|
7FF50FDF7000
|
unkown image
|
page readonly
|
|
|
|
1D267C68000
|
unkown
|
page read and write
|
|
|
|
1A4A2CF9000
|
unkown
|
page read and write
|
|
|
|
7FF56A045000
|
unkown image
|
page readonly
|
|
|
|
1E0647D0000
|
unkown image
|
page readonly
|
|
|
|
289FF580000
|
unkown image
|
page readonly
|
|
|
|
7FF58223D000
|
unkown image
|
page readonly
|
|
|
|
1A4A2BF0000
|
unkown
|
page read and write
|
|
|
|
2B67D7C000
|
stack
|
page read and write
|
|
|
|
6C89BFA000
|
stack
|
page read and write
|
|
|
|
1D267C40000
|
unkown
|
page read and write
|
|
|
|
8736F77000
|
stack
|
page read and write
|
|
|
|
1A4A2B14000
|
unkown
|
page read and write
|
|
|
|
4648DEE000
|
stack
|
page read and write
|
|
|
|
19C48844000
|
unkown
|
page read and write
|
|
|
|
1A49DB90000
|
unkown image
|
page readonly
|
|
|
|
20E00113000
|
unkown
|
page read and write
|
|
|
|
7FF592596000
|
unkown image
|
page readonly
|
|
|
|
19C48826000
|
unkown
|
page read and write
|
|
|
|
19C48862000
|
unkown
|
page read and write
|
|
|
|
7DF597E40000
|
unkown image
|
page readonly
|
|
|
|
7FF592283000
|
unkown image
|
page readonly
|
|
|
|
7FF58852D000
|
unkown image
|
page readonly
|
|
|
|
1E064FB0000
|
unkown
|
page read and write
|
|
|
|
13F22E13000
|
unkown
|
page read and write
|
|
|
|
1D267D02000
|
unkown
|
page read and write
|
|
|
|
7FF58854D000
|
unkown image
|
page readonly
|
|
|
|
7FF50FECD000
|
unkown image
|
page readonly
|
|
|
|
7FF56A0ED000
|
unkown image
|
page readonly
|
|
|
|
7FF588489000
|
unkown image
|
page readonly
|
|
|
|
7FF569FC7000
|
unkown image
|
page readonly
|
|
|
|
19C48902000
|
unkown
|
page read and write
|
|
|
|
7DF5A7EC2000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0D8E000
|
unkown image
|
page readonly
|
|
|
|
7FF59259B000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4F2D000
|
unkown image
|
page readonly
|
|
|
|
7FF581BFD000
|
unkown image
|
page readonly
|
|
|
|
7FF50FEC0000
|
unkown image
|
page readonly
|
|
|
|
7DF59DE60000
|
unkown image
|
page readonly
|
|
|
|
7FF5C80A4000
|
unkown image
|
page readonly
|
|
|
|
7DEABFB000
|
stack
|
page read and write
|
|
|
|
7FF588407000
|
unkown image
|
page readonly
|
|
|
|
20DFFDB0000
|
heap private
|
page read and write
|
|
|
|
15FE303C000
|
unkown
|
page read and write
|
|
|
|
1A49D440000
|
unkown image
|
page readonly
|
|
|
|
1D267C13000
|
unkown
|
page read and write
|
|
|
|
7FF592425000
|
unkown image
|
page readonly
|
|
|
|
1A49D400000
|
unkown image
|
page read and write
|
|
|
|
7FF5D0A69000
|
unkown image
|
page readonly
|
|
|
|
7FF5920A8000
|
unkown image
|
page readonly
|
|
|
|
13F23200000
|
unkown image
|
page readonly
|
|
|
|
1E7014D0000
|
unkown image
|
page readonly
|
|
|
|
1E701E02000
|
unkown
|
page read and write
|
|
|
|
15FE3102000
|
unkown
|
page read and write
|
|
|
|
5F2B4EC000
|
unkown
|
page read and write
|
|
|
|
7DF5A7EE0000
|
unkown image
|
page readonly
|
|
|
|
464907E000
|
stack
|
page read and write
|
|
|
|
7FF56A0F4000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8767000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0E93000
|
unkown image
|
page readonly
|
|
|
|
2B67C7F000
|
stack
|
page read and write
|
|
|
|
D234EFE000
|
stack
|
page read and write
|
|
|
|
D23497E000
|
stack
|
page read and write
|
|
|
|
7FF527A35000
|
unkown image
|
page readonly
|
|
|
|
6C89CFA000
|
stack
|
page read and write
|
|
|
|
7DF53D3F0000
|
unkown image
|
page readonly
|
|
|
|
7FF582437000
|
unkown image
|
page readonly
|
|
|
|
1E7014B0000
|
unkown image
|
page read and write
|
|
|
|
7FF588424000
|
unkown image
|
page readonly
|
|
|
|
15FE3000000
|
unkown
|
page read and write
|
|
|
|
1A49D6FD000
|
unkown
|
page read and write
|
|
|
|
7FF592535000
|
unkown image
|
page readonly
|
|
|
|
7DEA8FB000
|
stack
|
page read and write
|
|
|
|
7DF525800000
|
unkown image
|
page readonly
|
|
|
|
7FF58853E000
|
unkown image
|
page readonly
|
|
|
|
1A49D663000
|
unkown
|
page read and write
|
|
|
|
1E064A67000
|
unkown
|
page read and write
|
|
|
|
7DF5DA8F0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C87A3000
|
unkown image
|
page readonly
|
|
|
|
7DF5257E0000
|
unkown image
|
page readonly
|
|
|
|
1A49E640000
|
unkown image
|
page readonly
|
|
|
|
1E701520000
|
heap default
|
page read and write
|
|
|
|
1D267C22000
|
unkown
|
page read and write
|
|
|
|
5F2BAF7000
|
stack
|
page read and write
|
|
|
|
19C4884E000
|
unkown
|
page read and write
|
|
|
|
7FF5C4F43000
|
unkown image
|
page readonly
|
|
|
|
1E701613000
|
unkown
|
page read and write
|
|
|
|
7FF5923E3000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4F07000
|
unkown image
|
page readonly
|
|
|
|
7FF5924D7000
|
unkown image
|
page readonly
|
|
|
|
289FF900000
|
unkown
|
page read and write
|
|
|
|
7FF58854F000
|
unkown image
|
page readonly
|
|
|
|
1A49E610000
|
unkown image
|
page readonly
|
|
|
|
1A4A2C30000
|
unkown
|
page read and write
|
|
|
|
13F22E7D000
|
unkown
|
page read and write
|
|
|
|
7FF527AE4000
|
unkown image
|
page readonly
|
|
|
|
1A4A2CC4000
|
unkown
|
page read and write
|
|
|
|
7DF5DA900000
|
unkown image
|
page readonly
|
|
|
|
20E0003D000
|
unkown
|
page read and write
|
|
|
|
13F22F00000
|
unkown
|
page read and write
|
|
|
|
7FF592513000
|
unkown image
|
page readonly
|
|
|
|
7FF527ABF000
|
unkown image
|
page readonly
|
|
|
|
1A49D69E000
|
unkown
|
page read and write
|
|
|
|
1A4A2CAC000
|
unkown
|
page read and write
|
|
|
|
13F22CF0000
|
unkown image
|
page readonly
|
|
|
|
20E0006F000
|
unkown
|
page read and write
|
|
|
|
1A4A2CF3000
|
unkown
|
page read and write
|
|
|
|
1A4A2C9A000
|
unkown
|
page read and write
|
|
|
|
13F22BB0000
|
heap private
|
page read and write
|
|
|
|
7FF50FDFC000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8799000
|
unkown image
|
page readonly
|
|
|
|
7FF588241000
|
unkown image
|
page readonly
|
|
|
|
7FF569FF2000
|
unkown image
|
page readonly
|
|
|
|
7FF5277B3000
|
unkown image
|
page readonly
|
|
|
|
7DF5257F2000
|
unkown image
|
page readonly
|
|
|
|
6C895FA000
|
stack
|
page read and write
|
|
|
|
6C89EFE000
|
stack
|
page read and write
|
|
|
|
19C48832000
|
unkown
|
page read and write
|
|
|
|
7FF582510000
|
unkown image
|
page readonly
|
|
|
|
4648D6C000
|
unkown
|
page read and write
|
|
|
|
7DF57FA20000
|
unkown image
|
page readonly
|
|
|
|
7FF582506000
|
unkown image
|
page readonly
|
|
|
|
AC92D7C000
|
stack
|
page read and write
|
|
|
|
7FF5C4793000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4FD0000
|
unkown image
|
page readonly
|
|
|
|
7DF4D87C0000
|
unkown image
|
page readonly
|
|
|
|
1A4A2C13000
|
unkown
|
page read and write
|
|
|
|
7DF57FA00000
|
unkown image
|
page readonly
|
|
|
|
7FF5C7ECD000
|
unkown image
|
page readonly
|
|
|
|
1A49D653000
|
unkown
|
page read and write
|
|
|
|
15FE3802000
|
unkown
|
page read and write
|
|
|
|
7DF5DE160000
|
unkown image
|
page readonly
|
|
|
|
7FF588420000
|
unkown image
|
page readonly
|
|
|
|
1A49D410000
|
heap private
|
page read and write
|
|
|
|
1E701600000
|
unkown
|
page read and write
|
|
|
|
7FF5C8526000
|
unkown image
|
page readonly
|
|
|
|
8736D7C000
|
stack
|
page read and write
|
|
|
|
19C48790000
|
unkown image
|
page readonly
|
|
|
|
7FF59258F000
|
unkown image
|
page readonly
|
|
|
|
7FF56A0C8000
|
unkown image
|
page readonly
|
|
|
|
7FF58850F000
|
unkown image
|
page readonly
|
|
|
|
1E701602000
|
unkown
|
page read and write
|
|
|
|
7FF58851E000
|
unkown image
|
page readonly
|
|
|
|
D234E7D000
|
stack
|
page read and write
|
|
|
|
7FF5925CB000
|
unkown image
|
page readonly
|
|
|
|
7FF58847D000
|
unkown image
|
page readonly
|
|
|
|
289FF113000
|
unkown
|
page read and write
|
|
|
|
7FF5C8826000
|
unkown image
|
page readonly
|
|
|
|
7DF5E68B0000
|
unkown image
|
page readonly
|
|
|
|
7FF582306000
|
unkown image
|
page readonly
|
|
|
|
7FF59241F000
|
unkown image
|
page readonly
|
|
|
|
15FE304A000
|
unkown
|
page read and write
|
|
|
|
20E00076000
|
unkown
|
page read and write
|
|
|
|
7FF58820E000
|
unkown image
|
page readonly
|
|
|
|
19C4882A000
|
unkown
|
page read and write
|
|
|
|
7FF50FEA8000
|
unkown image
|
page readonly
|
|
|
|
7FF592588000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8795000
|
unkown image
|
page readonly
|
|
|
|
7DF53D3F2000
|
unkown image
|
page readonly
|
|
|
|
7DEAAFE000
|
stack
|
page read and write
|
|
|
|
20DFFDA0000
|
unkown image
|
page read and write
|
|
|
|
7FF5824FF000
|
unkown image
|
page readonly
|
|
|
|
7FF58253F000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4CF8000
|
unkown image
|
page readonly
|
|
|
|
19C48874000
|
unkown
|
page read and write
|
|
|
|
1D267B30000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0EEA000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0A63000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0F6B000
|
unkown image
|
page readonly
|
|
|
|
7FF5C885B000
|
unkown image
|
page readonly
|
|
|
|
1E7014C0000
|
heap private
|
page read and write
|
|
|
|
7FF582247000
|
unkown image
|
page readonly
|
|
|
|
7FF569E26000
|
unkown image
|
page readonly
|
|
|
|
7FF582448000
|
unkown image
|
page readonly
|
|
|
|
1E064FB0000
|
unkown
|
page read and write
|
|
|
|
7FF588508000
|
unkown image
|
page readonly
|
|
|
|
1A49E440000
|
unkown image
|
page read and write
|
|
|
|
13F22BE0000
|
unkown image
|
page readonly
|
|
|
|
19C487D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5880D7000
|
unkown image
|
page readonly
|
|
|
|
289FF660000
|
unkown image
|
page write copy
|
|
|
|
7FF5C881F000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4F65000
|
unkown image
|
page readonly
|
|
|
|
13F22BC0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0D6E000
|
unkown image
|
page readonly
|
|
|
|
1A4A2E10000
|
unkown
|
page read and write
|
|
|
|
7FF56A10F000
|
unkown image
|
page readonly
|
|
|
|
289FF400000
|
unkown image
|
page readonly
|
|
|
|
7FF588081000
|
unkown image
|
page readonly
|
|
|
|
20DFFF00000
|
unkown image
|
page readonly
|
|
|
|
7FF527AFF000
|
unkown image
|
page readonly
|
|
|
|
1E701500000
|
unkown image
|
page readonly
|
|
|
|
15FE3580000
|
unkown image
|
page readonly
|
|
|
|
1A49E9A0000
|
unkown
|
page read and write
|
|
|
|
7FF588485000
|
unkown image
|
page readonly
|
|
|
|
7FF52789D000
|
unkown image
|
page readonly
|
|
|
|
6C8997F000
|
stack
|
page read and write
|
|
|
|
1A4A2BE0000
|
unkown
|
page read and write
|
|
|
|
7FF588387000
|
unkown image
|
page readonly
|
|
|
|
7FF5C876C000
|
unkown image
|
page readonly
|
|
|
|
7FF587FFF000
|
unkown image
|
page readonly
|
|
|
|
7FF527A2D000
|
unkown image
|
page readonly
|
|
|
|
7DF597E30000
|
unkown image
|
page readonly
|
|
|
|
D044BFF000
|
stack
|
page read and write
|
|
|
|
7FF5C830F000
|
unkown image
|
page readonly
|
|
|
|
1A49D550000
|
unkown image
|
page readonly
|
|
|
|
19C487F0000
|
unkown
|
page read and write
|
|
|
|
7FF50FEEF000
|
unkown image
|
page readonly
|
|
|
|
1E701629000
|
unkown
|
page read and write
|
|
|
|
7FF50F9B3000
|
unkown image
|
page readonly
|
|
|
|
1E064A02000
|
unkown
|
page read and write
|
|
|
|
7FF56A0DB000
|
unkown image
|
page readonly
|
|
|
|
1A4A2AD0000
|
unkown
|
page read and write
|
|
|
|
7DF5257F2000
|
unkown image
|
page readonly
|
|
|
|
7FF581C02000
|
unkown image
|
page readonly
|
|
|
|
D0450FF000
|
stack
|
page read and write
|
|
|
|
7DF5DE152000
|
unkown image
|
page readonly
|
|
|
|
1E701713000
|
unkown
|
page read and write
|
|
|
|
7FF5D0F8B000
|
unkown image
|
page readonly
|
|
|
|
7FF5C85F2000
|
unkown image
|
page readonly
|
|
|
|
1E701670000
|
unkown
|
page read and write
|
|
|
|
15FE2EA0000
|
unkown image
|
page readonly
|
|
|
|
7FF527A4A000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0F9B000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0EB8000
|
unkown image
|
page readonly
|
|
|
|
7FF5880CA000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4FEE000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8734000
|
unkown image
|
page readonly
|
|
|
|
15FE2E90000
|
heap private
|
page read and write
|
|
|
|
7FF56A03D000
|
unkown image
|
page readonly
|
|
|
|
7FF58246D000
|
unkown image
|
page readonly
|
|
|
|
7FF5824A5000
|
unkown image
|
page readonly
|
|
|
|
7FF569C16000
|
unkown image
|
page readonly
|
|
|
|
7DF495D00000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8818000
|
unkown image
|
page readonly
|
|
|
|
5F2B56E000
|
stack
|
page read and write
|
|
|
|
1A49D5E1000
|
unkown
|
page read and write
|
|
|
|
7DF53D400000
|
unkown image
|
page readonly
|
|
|
|
1A49DDC3000
|
unkown
|
page read and write
|
|
|
|
7FF5925BE000
|
unkown image
|
page readonly
|
|
|
|
289FF044000
|
unkown
|
page read and write
|
|
|
|
1E701700000
|
unkown
|
page read and write
|
|
|
|
AC9307C000
|
stack
|
page read and write
|
|
|
|
7FF588273000
|
unkown image
|
page readonly
|
|
|
|
1E064FB0000
|
unkown
|
page read and write
|
|
|
|
1A49DE02000
|
unkown
|
page read and write
|
|
|
|
D044CFC000
|
stack
|
page read and write
|
|
|
|
1A49DDC0000
|
unkown
|
page read and write
|
|
|
|
19C48846000
|
unkown
|
page read and write
|
|
|
|
1D267B10000
|
unkown image
|
page readonly
|
|
|
|
1A49D570000
|
unkown
|
page read and write
|
|
|
|
7FF569954000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0CED000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0A78000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8742000
|
unkown image
|
page readonly
|
|
|
|
1A4A2B10000
|
unkown
|
page read and write
|
|
|
|
19C4887D000
|
unkown
|
page read and write
|
|
|
|
19C48841000
|
unkown
|
page read and write
|
|
|
|
7FF527A0C000
|
unkown image
|
page readonly
|
|
|
|
1A4A2CB0000
|
unkown
|
page read and write
|
|
|
|
1A49D713000
|
unkown
|
page read and write
|
|
|
|
7FF5822FC000
|
unkown image
|
page readonly
|
|
|
|
7FF50FEAF000
|
unkown image
|
page readonly
|
|
|
|
1A4A2B00000
|
unkown
|
page read and write
|
|
|
|
7FF56A10F000
|
unkown image
|
page readonly
|
|
|
|
19C4886D000
|
unkown
|
page read and write
|
|
|
|
15FE304D000
|
unkown
|
page read and write
|
|
|
|
7DF5DE170000
|
unkown image
|
page readonly
|
|
|
|
7DF597E42000
|
unkown image
|
page readonly
|
|
|
|
7DF5257F0000
|
unkown image
|
page readonly
|
|
|
|
7FF50F545000
|
unkown image
|
page readonly
|
|
|
|
7FF569D9A000
|
unkown image
|
page readonly
|
|
|
|
7DF5DE150000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8757000
|
unkown image
|
page readonly
|
|
|
|
1A49D600000
|
unkown
|
page read and write
|
|
|
|
13F22E6D000
|
unkown
|
page read and write
|
|
|
|
7FF569FC0000
|
unkown image
|
page readonly
|
|
|
|
6C894FC000
|
stack
|
page read and write
|
|
|
|
7FF527A39000
|
unkown image
|
page readonly
|
|
|
|
7FF5C878D000
|
unkown image
|
page readonly
|
|
|
|
1A49D691000
|
unkown
|
page read and write
|
|
|
|
19C48864000
|
unkown
|
page read and write
|
|
|
|
7DF4236B0000
|
unkown image
|
page readonly
|
|
|
|
19C48770000
|
unkown image
|
page readonly
|
|
|
|
7FF5C46BB000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8538000
|
unkown image
|
page readonly
|
|
|
|
7FF50FE1D000
|
unkown image
|
page readonly
|
|
|
|
1E70163C000
|
unkown
|
page read and write
|
|
|
|
7FF569EDE000
|
unkown image
|
page readonly
|
|
|
|
7FF588303000
|
unkown image
|
page readonly
|
|
|
|
15FE3050000
|
unkown
|
page read and write
|
|
|
|
13F22F13000
|
unkown
|
page read and write
|
|
|
|
7DF5A7ED0000
|
unkown image
|
page readonly
|
|
|
|
7FF569E87000
|
unkown image
|
page readonly
|
|
|
|
7FF588257000
|
unkown image
|
page readonly
|
|
|
|
1E7014D0000
|
unkown image
|
page readonly
|
|
|
|
7DF5DA8F0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0F05000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8778000
|
unkown image
|
page readonly
|
|
|
|
13F22E00000
|
unkown
|
page read and write
|
|
|
|
7DF57FA10000
|
unkown image
|
page readonly
|
|
|
|
19C48859000
|
unkown
|
page read and write
|
|
|
|
1A4A2AD0000
|
unkown
|
page read and write
|
|
|
|
15FE3113000
|
unkown
|
page read and write
|
|
|
|
7FF527AFF000
|
unkown image
|
page readonly
|
|
|
|
7DF597E40000
|
unkown image
|
page readonly
|
|
|
|
7FF569FBD000
|
unkown image
|
page readonly
|
|
|
|
7FF587C1D000
|
unkown image
|
page readonly
|
|
|
|
6C89AFF000
|
stack
|
page read and write
|
|
|
|
289FF013000
|
unkown
|
page read and write
|
|
|
|
D2344AB000
|
unkown
|
page read and write
|
|
|
|
7FF5881DA000
|
unkown image
|
page readonly
|
|
|
|
7FF527ACB000
|
unkown image
|
page readonly
|
|
|
|
1D267C7B000
|
unkown
|
page read and write
|
|
|
|
1E064A56000
|
unkown
|
page read and write
|
|
|
|
7FF592505000
|
unkown image
|
page readonly
|
|
|
|
7FF56A0D6000
|
unkown image
|
page readonly
|
|
|
|
7DF57FA20000
|
unkown image
|
page readonly
|
|
|
|
46493FE000
|
stack
|
page read and write
|
|
|
|
7DF5DE170000
|
unkown image
|
page readonly
|
|
|
|
289FF200000
|
unkown image
|
page readonly
|
|
|
|
7FF588308000
|
unkown image
|
page readonly
|
|
|
|
7DF5DA902000
|
unkown image
|
page readonly
|
|
|
|
7FF50FE08000
|
unkown image
|
page readonly
|
|
|
|
7FF50FEB6000
|
unkown image
|
page readonly
|
|
|
|
19C48813000
|
unkown
|
page read and write
|
|
|
|
7DF5A7ED2000
|
unkown image
|
page readonly
|
|
|
|
7DF59DE52000
|
unkown image
|
page readonly
|
|
|
|
7DF5A7ED2000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0EAC000
|
unkown image
|
page readonly
|
|
|
|
7DF59DE50000
|
unkown image
|
page readonly
|
|
|
|
D234D7D000
|
stack
|
page read and write
|
|
|
|
19C48857000
|
unkown
|
page read and write
|
|
|
|
7DF4A5D90000
|
unkown image
|
page readonly
|
|
|
|
19C48CD0000
|
unkown image
|
page readonly
|
|
|
|
7FF50FEEF000
|
unkown image
|
page readonly
|
|
|
|
7DF53D400000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0D63000
|
unkown image
|
page readonly
|
|
|
|
1E064A13000
|
unkown
|
page read and write
|
|
|
|
2B674EB000
|
unkown
|
page read and write
|
|
|
|
7FF5D0D3D000
|
unkown image
|
page readonly
|
|
|
|
13F22E3C000
|
unkown
|
page read and write
|
|
|
|
7FF5824F8000
|
unkown image
|
page readonly
|
|
|
|
1A4A2BA0000
|
unkown
|
page read and write
|
|
|
|
7FF587C12000
|
unkown image
|
page readonly
|
|
|
|
15FE3070000
|
unkown
|
page read and write
|
|
|
|
2B679FB000
|
stack
|
page read and write
|
|
|
|
1E064A00000
|
unkown
|
page read and write
|
|
|
|
20DFFDC0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0F84000
|
unkown image
|
page readonly
|
|
|
|
7FF569FFC000
|
unkown image
|
page readonly
|
|
|
|
1E0649F0000
|
unkown
|
page read and write
|
|
|
|
7FF5823BE000
|
unkown image
|
page readonly
|
|
|
|
1E70167C000
|
unkown
|
page read and write
|
|
|
|
19C4887B000
|
unkown
|
page read and write
|
|
|
|
7DF57FA12000
|
unkown image
|
page readonly
|
|
|
|
7DF59DE50000
|
unkown image
|
page readonly
|
|
|
|
7FF588428000
|
unkown image
|
page readonly
|
|
|
|
1E701A10000
|
unkown image
|
page readonly
|
|
|
|
2B67A7E000
|
stack
|
page read and write
|
|
|
|
7FF59251A000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0ED5000
|
unkown image
|
page readonly
|
|
|
|
1A49DF00000
|
unkown
|
page read and write
|
|
|
|
13F22E2A000
|
unkown
|
page read and write
|
|
|
|
20E00002000
|
unkown
|
page read and write
|
|
|
|
7FF50FC3D000
|
unkown image
|
page readonly
|
|
|
|
2B678FC000
|
stack
|
page read and write
|
|
|
|
7FF5880D0000
|
unkown image
|
page readonly
|
|
|
|
1E7014F0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4EF7000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4FFF000
|
unkown image
|
page readonly
|
|
|
|
7FF592393000
|
unkown image
|
page readonly
|
|
|
|
1D267D13000
|
unkown
|
page read and write
|
|
|
|
6C898FF000
|
stack
|
page read and write
|
|
|
|
1D2680D0000
|
unkown image
|
page readonly
|
|
|
|
19C4887E000
|
unkown
|
page read and write
|
|
|
|
19C4886F000
|
unkown
|
page read and write
|
|
|
|
1A49E600000
|
unkown image
|
page readonly
|
|
|
|
13F22BA0000
|
unkown image
|
page read and write
|
|
|
|
7DF5E68A2000
|
unkown image
|
page readonly
|
|
|
|
1E064F80000
|
unkown image
|
page readonly
|
|
|
|
19C48760000
|
heap private
|
page read and write
|
|
|
|
7FF50FEBB000
|
unkown image
|
page readonly
|
|
|
|
1A4A2D06000
|
unkown
|
page read and write
|
|
|
|
AC924CB000
|
unkown
|
page read and write
|
|
|
|
7FF5C4F0D000
|
unkown image
|
page readonly
|
|
|
|
7FF56A0DE000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0ECD000
|
unkown image
|
page readonly
|
|
|
|
1A49D450000
|
unkown image
|
page readonly
|
|
|
|
13F22E8A000
|
unkown
|
page read and write
|
|
|
|
7FF5D0F7D000
|
unkown image
|
page readonly
|
|
|
|
87369EF000
|
stack
|
page read and write
|
|
|
|
7FF582524000
|
unkown image
|
page readonly
|
|
|
|
1A49E650000
|
unkown image
|
page readonly
|
|
|
|
1E70164F000
|
unkown
|
page read and write
|
|
|
|
7DF5A7EE0000
|
unkown image
|
page readonly
|
|
|
|
7FF59231D000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0DB3000
|
unkown image
|
page readonly
|
|
|
|
7FF5883FD000
|
unkown image
|
page readonly
|
|
|
|
7FF5C874C000
|
unkown image
|
page readonly
|
|
|
|
7FF50FCBE000
|
unkown image
|
page readonly
|
|
|
|
1A4A2E30000
|
unkown
|
page read and write
|
|
|
|
7FF56A0FB000
|
unkown image
|
page readonly
|
|
|
|
1D267C00000
|
unkown
|
page read and write
|
|
|
|
289FEE40000
|
unkown image
|
page readonly
|
|
|
|
7FF588468000
|
unkown image
|
page readonly
|
|
|
|
15FE3013000
|
unkown
|
page read and write
|
|
|
|
7DF5A7EC0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D0F5F000
|
unkown image
|
page readonly
|
|
|
|
1A49D470000
|
heap default
|
page read and write
|
|
|
|
289FF000000
|
unkown
|
page read and write
|
|
|
|
19C4885C000
|
unkown
|
page read and write
|
|
|
|
7FF56A0FE000
|
unkown image
|
page readonly
|
|
|
|
7FF5880F4000
|
unkown image
|
page readonly
|
|
|
|
13F22BF0000
|
unkown image
|
page readonly
|
|
|
|
289FF0C3000
|
unkown
|
page read and write
|
|
|
|
7FF5924E8000
|
unkown image
|
page readonly
|
|
|
|
7DF5DA902000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8753000
|
unkown image
|
page readonly
|
|
|
|
19C4885D000
|
unkown
|
page read and write
|
|
|
|
19C4885E000
|
unkown
|
page read and write
|
|
|
|
D234C7F000
|
stack
|
page read and write
|
|
|
|
7FF5821CA000
|
unkown image
|
page readonly
|
|
|
|
20DFFDF0000
|
unkown image
|
page readonly
|
|
|
|
7FF5882E4000
|
unkown image
|
page readonly
|
|
|
|
AC92BFC000
|
stack
|
page read and write
|
|
|
|
7FF59236D000
|
unkown image
|
page readonly
|
|
|
|
1A49DA00000
|
unkown image
|
page readonly
|
|
|
|
46494FE000
|
stack
|
page read and write
|
|
There are 864 hidden memdumps, click here to show them.