Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
DAImS4qg20.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\IUHEMSR9\contextual.media[1].xml
|
ASCII text, with no line terminators
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\T8DRMTJ1\www.msn[2].xml
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{8390101B-4BE3-11EC-90E6-ECF4BB82F7E0}.dat
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{8390101D-4BE3-11EC-90E6-ECF4BB82F7E0}.dat
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
|
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
|
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
|
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
|
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
|
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
|
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
|
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
|
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
|
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\po60zt0\imagestore.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\2d-0e97d4-185735b[1].css
|
UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\52-478955-68ddb2ab[1].js
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\AAOr6Ee[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\AAQCmUS[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\AAQTQg3[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 206x250, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\AAQVtAu[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\AAQW6nE[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 311x333, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\AAQWMEO[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\AAQWRAi[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 311x333, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\AAQWeGa[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 311x333, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\AAQWjrc[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 206x250, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\AAQWsEr[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 311x333, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\AAQX9oS[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\AAQXpRv[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 206x250, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\AAycUpK[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\AAzb5EX[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BB1aXBV1[1].png
|
PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BB1cEP3G[1].png
|
PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BB1cG73h[1].png
|
PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BB1kc8s[1].png
|
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BBJrII1[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BBPfCZL[1].png
|
GIF image data, version 89a, 50 x 50
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\BBX2afX[1].png
|
PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\de-ch[1].htm
|
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\jquery-2.1.1.min[1].js
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\17-361657-68ddb2ab[1].js
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\AA6wTdK[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\AAKp8YX[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\AAOdxvW[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\AAQUJZI[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 311x333, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\AAQWN27[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 311x333, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\AAQWoU7[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\AAQXdUx[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 206x250, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\AAQXi93[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 206x250, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\AAQXiy5[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 206x250, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\a5ea21[1].ico
|
PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\a8a064[1].gif
|
GIF image data, version 89a, 28 x 28
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\checksync[1].htm
|
HTML document, ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\de-ch[1].json
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\e151e5[1].gif
|
GIF image data, version 89a, 1 x 1
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\iab2Data[1].json
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\otBannerSdk[1].js
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\otCommonStyles[1].css
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\otFlat[1].json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\otPcCenter[1].json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\otTCF-ie[1].js
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\264bf325-c7e4-4939-8912-2424a7abe532[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\AAHxkqw[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\AAQVTlD[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 310x166, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\AAQWMEO[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 310x166, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\AAQWZ1M[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 310x166, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\AAQX4Y6[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\AAQXaYx[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 311x333, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\AAQXiHB[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 311x333, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\AAQXnHc[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BB1dTzfp[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 310x166, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BB6Ma4a[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BB7gRE[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BB7hg4[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BB7hjL[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BBXXVfm[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\BBkwUr[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\acd2daab-5725-43ab-85e5-2982ff17f53e[1].jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\cfdbd9[1].png
|
PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\checksync[1].htm
|
HTML document, ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\checksync[2].htm
|
HTML document, ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\nrrV52461[1].js
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\otSDKStub[1].js
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\4996b9[1].woff
|
Web Open Font Format, TrueType, length 45633, version 1.0
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\55a804ab-e5c6-4b97-9319-86263d365d28[1].json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\AAMqFmF[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\AAPQoxX[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\AAQBdIv[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 622x368, frames
3
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\AAQTNpF[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x250, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\AAQVPm6[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 100x75, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\AAQW0Fs[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 100x75, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\AAQWQUY[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 100x75, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\AAQWUGg[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 311x333, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\AAQXfSR[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 100x75, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\AAQXlCQ[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x250, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\AAQXpWY[1].jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 311x333, frames
3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\AAzjSw3[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\BB1ftEY0[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\BBVuddh[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\BBY7ARN[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\BBZbaoj[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\checksync[1].htm
|
HTML document, ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\medianet[1].htm
|
HTML document, ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\medianet[2].htm
|
HTML document, ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\tag[1].js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DF9C2CCE80C1F33BED.TMP
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DFF1F774F52185074A.TMP
|
data
|
dropped
|
|
There are 97 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\DAImS4qg20.dll"
|
|
|
|
C:\Windows\SysWOW64\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\DAImS4qg20.dll
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\DAImS4qg20.dll",#1
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\DAImS4qg20.dll,DllRegisterServer
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\DAImS4qg20.dll,bkxqycokxxfv
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\DAImS4qg20.dll,cgeiuxsb
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\DAImS4qg20.dll",#1
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
C:\Program Files\Internet Explorer\iexplore.exe
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1880 CREDAT:17410 /prefetch:2
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://technoshoper.com
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/videos/202101/09/381366292/original/(m=eGJF8f)(mh=A9K9Dt4yrfCI6NAf)
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/videos/202102/16/383720652/original/(m=eah-8f)(mh=tuueX3YvM_1RgBsB)3.jpg
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/videos/202110/08/396033731/original/(m=eah-8f)(mh=_YHDCRlOvzLfiWhy)0.jpg
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/videos/202107/02/390530381/original/(m=eGJF8f)(mh=WJxOTVm1yb51LWGI)2.jpg
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/videos/202102/16/383720652/original/(m=eW0Q8f)(mh=2y9UoU4MHsJytSCL)3.jpg
|
unknown
|
|
|
|
http://technoshoper.com/glik/PYr_2FIpOm05_2FUW/ENmWVrI4cWQd/LZa7D3TRw8h/_2BvAFCcagnXmK/p9XTHR8FlP4_2
|
unknown
|
|
|
|
https://di-ph.rdtcdn.com/videos/202108/06/392519101/original/(m=eW0Q8f)(mh=jjBlsV8wnqN5j2Bh)8.jpg
|
unknown
|
|
|
|
https://click.linksynergy.com/deeplink?id=xoqYgl4JDe8&mid=46130&u1=dech_promotionalstripe_na
|
unknown
|
|
|
|
https://di.rdtcdn.com/m=eOhlbe/media/pics/sites/001/208/368/cover1607700750/1607700750.jpg
|
unknown
|
|
|
|
https://ci-ph.rdtcdn.com/videos/202102/16/383720652/original/(m=eah-8f)(mh=tuueX3YvM_1RgBsB)3.jpg
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/videos/202110/20/396672391/original/(m=eW0Q8f)(mh=j32jaYek4af-nome)13.jpg
|
unknown
|
|
|
|
https://ci.rdtcdn.com/www-static/cdn_files/redtube/fonts/rt_font.eot?v=4d2297e422656da83aa5336e8f7ff
|
unknown
|
|
|
|
https://di-ph.rdtcdn.com/videos/202102/16/383727802/original/(m=eW0Q8f)(mh=AIexk6e10jYW5KM0)11.jpg
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/videos/202103/29/385840151/original/(m=bIaMwLVg5p)(mh=N4XcEmYFNb972ax0)0.we
|
unknown
|
|
|
|
https://di-ph.rdtcdn.com/videos/202104/30/387345561/original/(m=bIaMwLVg5p)(mh=UXwyzZ50hOvZh9oc)0.we
|
unknown
|
|
|
|
https://www.msn.com/de-ch/sport/fussball/der-fcz-zittert-und-steht-doch-ganz-oben/ar-AAQWrxt?ocid=hp
|
unknown
|
|
|
|
https://di-ph.rdtcdn.com/videos/202109/21/395079201/original/(m=eW0Q8f)(mh=cxEknms_1yckAIBn)0.jpg
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/videos/202103/15/385162911/original/(m=bIaMwLVg5p)(mh=VQ_v3kpqj7Aeovzz)13.w
|
unknown
|
|
|
|
https://ci-ph.rdtcdn.com/videos/202105/13/387969681/original/(m=bIa44NVg5p)(mh=HM9XGLzS1Ovlv-K7)13.w
|
unknown
|
|
|
|
https://di.rdtcdn.com/m=IbTvgzPf2lWL2yZ9sDZvMCZ9cmWaZlXqtnVadmZ8sy2fgDHjhn3ydn3iZm28cBVD2BFvwz4qdmHj
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/m=bIWpYLVg5p/pics/pornstars/000/004/440/thumb_198761.webp
|
unknown
|
|
|
|
https://ev-ph.rdtcdn.com/videos/202104/10/386393281/360P_360K_386393281_fb.mp4?validfrom=1637584345&
|
unknown
|
|
|
|
https://ei.rdtcdn.com/m=eGJF8f/media/videos/202011/03/37542501/original/11.jpg
|
unknown
|
|
|
|
https://www.redtube.com/?page=2
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/videos/202107/15/391276841/original/(m=eW0Q8f)(mh=E0b0jmSK6DC1HrwH)12.jpg
|
unknown
|
|
|
|
https://di-ph.rdtcdn.com/videos/202102/02/382866442/original/(m=eGJF8f)(mh=OEtE8tPnvWXYSDdk)0.jpg
|
unknown
|
|
|
|
https://di-ph.rdtcdn.com/videos/202105/13/387969681/original/(m=bIa44NVg5p)(mh=HM9XGLzS1Ovlv-K7)13.w
|
unknown
|
|
|
|
https://di-ph.rdtcdn.com/videos/202102/10/383348732/original/(m=eGJF8f)(mh=DgnIqRs89G9xs0MA)
|
unknown
|
|
|
|
https://ei.rdtcdn.com/www-static/cdn_files/redtube/images/pc/category/amateur_001.jpg
|
unknown
|
|
|
|
https://ci-ph.rdtcdn.com/m=bIWpYLVg5p/pics/pornstars/000/005/343/thumb_1439151.webp
|
unknown
|
|
|
|
https://ei.rdtcdn.com/m=IbTvgzPf2lWL2yZ9sDZvMCZ9cmWaZlXqtnVatm48sy2fgDHjxmXGJmXeJn0KZlS92zV9vmYqwoJn
|
unknown
|
|
|
|
https://ci-ph.rdtcdn.com/m=e_rU8f/pics/pornstars/000/006/163/thumb_662761.jpg
|
unknown
|
|
|
|
https://di.rdtcdn.com/www-static/cdn_files/redtube/js/generated/pc/video-index.js?v=4d2297e422656da8
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/videos/202110/08/396019111/original/(m=eW0Q8f)(mh=C8F0X1FVIdY_WBmL)12.jpg
|
unknown
|
|
|
|
https://ci-ph.rdtcdn.com/videos/202103/30/385903541/original/(m=eGJF8f)(mh=Yy1DSjgV4c_Phzoy)0.jpg
|
unknown
|
|
|
|
https://di-ph.rdtcdn.com/videos/202108/06/392519101/original/(m=eah-8f)(mh=CwKP3M_7OrZvajyK)8.jpg
|
unknown
|
|
|
|
https://ei.rdtcdn.com/www-static/cdn_files/redtube/js/generated/pc/video-index.js?v=4d2297e422656da8
|
unknown
|
|
|
|
https://res-a.akamaihd.net/__media__/pics/8000/72/941/fallback1.jpg
|
unknown
|
|
|
|
https://di-ph.rdtcdn.com/videos/202105/23/388494361/original/(m=eGJF8f)(mh=rLPnaoc3-dxVDZLO)0.jpg
|
unknown
|
|
|
|
https://di.rdtcdn.com/m=IbTvgzPf2lWL2yZ9sDZvMCZ9cmWaZlXqtnVatm48sy2fgDHjxmXGJmXeJn0KZlS92zV9vmYqwoJn
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/videos/202105/22/388428561/original/(m=eGJF8f)(mh=33kTkDy0HuhRSBWy)
|
unknown
|
|
|
|
https://www.onenote.com/notebooks?WT.mc_id=MSN_OneNote_Recent&auth=1&wdorigin=msn
|
unknown
|
|
|
|
https://di-ph.rdtcdn.com/videos/202103/29/385840151/original/(m=eah-8f)(mh=wI8t9ZEujXVgWx4y)0.jpg
|
unknown
|
|
|
|
https://di-ph.rdtcdn.com/videos/202106/07/389209821/original/(m=bIa44NVg5p)(mh=NyOu0if_TSONkes5)8.we
|
unknown
|
|
|
|
https://di.rdtcdn.com/m=ejrk8f/media/videos/201702/24/2030173/original/4.jpg
|
unknown
|
|
|
|
https://ev-ph.rdtcdn.com/videos/202007/31/338025661/360P_360K_338025661_fb.mp4?validfrom=1637584345&
|
unknown
|
|
|
|
https://ei.rdtcdn.com/www-static/cdn_files/redtube/images/pc/category/mature_001.jpg
|
unknown
|
|
|
|
https://avolebukoneh.website/lJ
|
unknown
|
|
|
|
https://di-ph.rdtcdn.com/videos/202009/10/350779682/original/(m=bIa44NVg5p)(mh=p6qAJQiOTkk74BZu)5.we
|
unknown
|
|
|
|
https://ei.rdtcdn.com/m=eGJF8f/media/videos/201312/16/623581/original/12.jpg
|
unknown
|
|
|
|
https://ci-ph.rdtcdn.com/videos/202110/08/396033731/original/(m=eah-8f)(mh=_YHDCRlOvzLfiWhy)0.jpg
|
unknown
|
|
|
|
https://di-ph.rdtcdn.com/videos/202009/15/351996012/original/(m=eah-8f)(mh=HXQtlZbFZP2l7E33)11.jpg
|
unknown
|
|
|
|
https://ci-ph.rdtcdn.com/videos/202102/16/383720652/original/(m=eW0Q8f)(mh=2y9UoU4MHsJytSCL)3.jpg
|
unknown
|
|
|
|
https://di.rdtcdn.com/m=ejrk8f/media/videos/201605/11/1574749/original/5.jpg
|
unknown
|
|
|
|
https://ci-ph.rdtcdn.com/videos/202108/06/392519101/original/(m=eGJF8f)(mh=WkYhQhB3INqWVDRK)8.jpg
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/videos/202107/09/390952331/original/(m=eW0Q8f)(mh=RnHTYPpmOBUDBtdJ)0.jpg
|
unknown
|
|
|
|
https://ei.rdtcdn.com/m=eOhl9f/media/videos/201505/22/1129688/original/15.jpg
|
unknown
|
|
|
|
https://dv-ph.rdtcdn.com/videos/202107/09/390952331/360P_360K_390952331_fb.mp4?ttl=1637591545&ri
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/videos/202108/06/392519101/original/(m=bIa44NVg5p)(mh=0T_6FlE8UaNCvLn9)8.we
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/videos/202108/20/393253431/original/(m=eah-8f)(mh=UplXGiod-8yKuhmP)11.jpg
|
unknown
|
|
|
|
https://ci-ph.rdtcdn.com/videos/202102/16/383727802/original/(m=eGJF8f)(mh=NgpIRNkCbNvnGQxk)
|
unknown
|
|
|
|
https://amzn.to/2TTxhNg
|
unknown
|
|
|
|
https://ci-ph.rdtcdn.com/videos/202107/09/390952331/original/(m=eW0Q8f)(mh=RnHTYPpmOBUDBtdJ)0.jpg
|
unknown
|
|
|
|
https://ei.rdtcdn.com/m=eOhlbe/media/pics/sites/006/584/061/cover1586450376/1586450376.jpg
|
unknown
|
|
|
|
https://static.trafficjunky.com/invocation/embeddedads/
|
unknown
|
|
|
|
https://di-ph.rdtcdn.com/videos/202103/15/385162911/original/(m=eW0Q8f)(mh=IMwlBCkbnKAK5Fq6)13.jpg
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/m=e_rU8f/pics/pornstars/000/003/670/thumb_209561.jpg
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/videos/202102/17/383779182/original/(m=bIa44NVg5p)(mh=0X9fqInSeaQqyZOk)11.w
|
unknown
|
|
|
|
https://ci-ph.rdtcdn.com/videos/202110/20/396672391/original/(m=eah-8f)(mh=7YR-JXJN_iIjHdZ1)13.jpg
|
unknown
|
|
|
|
https://ei.rdtcdn.com/m=ejrk8f/media/videos/201707/27/2307748/original/12.jpg
|
unknown
|
|
|
|
https://ci-ph.rdtcdn.com/videos/202107/19/391523361/original/(m=eah-8f)(mh=nZPo0c6iq4V6D9ma)14.jpg
|
unknown
|
|
|
|
https://ci-ph.rdtcdn.com/videos/202108/20/393253431/original/(m=eGJF8f)(mh=OxvIzAGNFLRXHFxK)11.jpg
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/videos/202108/06/392519101/original/(m=eGJF8f)(mh=WkYhQhB3INqWVDRK)8.jpg
|
unknown
|
|
|
|
https://ci-ph.rdtcdn.com/videos/202102/16/383727802/original/(m=eah-8f)(mh=4F6_zw4RTHBGPJvS)11.jpg
|
unknown
|
|
|
|
https://ci.rdtcdn.com/www-static/cdn_files/redtube/js/generated/pc/video-index.js?v=4d2297e422656da8
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/videos/202003/24/296067601/original/(m=eW0Q8f)(mh=T1uH12rOW62FoVfb)12.jpg
|
unknown
|
|
|
|
https://di.rdtcdn.com/www-static/cdn_files/redtube/fonts/rt_font.eot?v=4d2297e422656da83aa5336e8f7ff
|
unknown
|
|
|
|
https://ei.rdtcdn.com/m=eOhlbe/media/pics/sites/000/145/221/cover1521045226/1521045226.jpg
|
unknown
|
|
|
|
https://di-ph.rdtcdn.com/videos/202105/13/387969681/original/(m=eGJF8f)(mh=mvRzAXC9JfssDwdG)13.jpg
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/videos/202104/27/387209541/original/(m=eW0Q8f)(mh=ILH_eQg1pWZVeG6Y)11.jpg
|
unknown
|
|
|
|
https://di-ph.rdtcdn.com/videos/202104/27/387209541/original/(m=eGJF8f)(mh=QIzBL-601FBcP7K7)11.jpg
|
unknown
|
|
|
|
https://silvermob.com/privacy
|
unknown
|
|
|
|
https://ci-ph.rdtcdn.com/videos/202106/14/389580241/original/(m=eah-8f)(mh=8UDLO8f-2jNrRZas)16.jpg
|
unknown
|
|
|
|
https://ci-ph.rdtcdn.com/videos/202107/09/390952331/original/(m=eGJF8f)(mh=fJaEmzxMdYg7fGrz)
|
unknown
|
|
|
|
https://di.rdtcdn.com/m=eGJF8f/media/videos/201312/16/623581/original/12.jpg
|
unknown
|
|
|
|
https://di-ph.rdtcdn.com/videos/202009/10/350779682/original/(m=eGJF8f)(mh=WrC9TE6PvGxLAxtZ)
|
unknown
|
|
|
|
https://ev-ph.rdtcdn.com/videos/202105/13/387969681/360P_360K_387969681_fb.mp4?validfrom=1637584345&
|
unknown
|
|
|
|
https://di-ph.rdtcdn.com/videos/202109/21/395079201/original/(m=bIaMwLVg5p)(mh=qCg6AylP9g8SQ3kV)0.we
|
unknown
|
|
|
|
https://ci-ph.rdtcdn.com/videos/202107/02/390530381/original/(m=eGJF8f)(mh=WJxOTVm1yb51LWGI)2.jpg
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/videos/202009/15/352054982/original/(m=bIa44NVg5p)(mh=faKGw-K-kQrEXKR3)15.w
|
unknown
|
|
|
|
https://de.redtube.com/
|
unknown
|
|
|
|
https://ci-ph.rdtcdn.com/videos/202105/22/388428561/original/(m=bIa44NVg5p)(mh=GZ_PJlsMmZXQeuzT)16.w
|
unknown
|
|
|
|
https://dv-ph.rdtcdn.com/videos/202107/15/391276841/360P_360K_391276841_fb.mp4?ttl=1637591545&ri
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/videos/202107/02/390530381/original/(m=eGJF8f)(mh=WJxOTVm1yb51LWGI)
|
unknown
|
|
|
|
https://ev-ph.rdtcdn.com/videos/202104/07/386245271/360P_360K_386245271_fb.mp4?validfrom=1637584345&
|
unknown
|
|
|
|
https://cdn1d-static-shared.phncdn.com/timings-1.0.0.js
|
unknown
|
|
|
|
https://ci-ph.rdtcdn.com/m=bIWpYLVg5p/pics/pornstars/000/035/562/thumb_1261201.webp
|
unknown
|
|
|
|
https://jp.redtube.com/
|
unknown
|
|
|
|
https://ei-ph.rdtcdn.com/videos/202109/27/395420491/original/(m=bIa44NVg5p)(mh=ekugR0mNtx2VXD5u)15.w
|
unknown
|
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
contextual.media.net
|
2.18.160.23
|
|
|
|
avolebukoneh.website
|
37.120.206.119
|
|
|
|
redtube.com
|
66.254.114.238
|
|
|
|
hblg.media.net
|
2.18.160.23
|
|
|
|
lg3.media.net
|
2.18.160.23
|
|
|
|
technoshoper.com
|
45.9.20.245
|
|
|
|
btloader.com
|
172.67.70.134
|
|
|
|
assets.msn.com
|
unknown
|
|
|
|
web.vortex.data.msn.com
|
unknown
|
|
|
|
www.msn.com
|
unknown
|
|
|
|
www.redtube.com
|
unknown
|
|
|
|
cvision.media.net
|
unknown
|
|
There are 2 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
37.120.206.119
|
avolebukoneh.website
|
Romania
|
|
|
|
66.254.114.238
|
redtube.com
|
United States
|
|
|
|
45.9.20.245
|
technoshoper.com
|
Russian Federation
|
|
|
|
172.67.70.134
|
btloader.com
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Recovery\AdminActive
|
{8390101B-4BE3-11EC-90E6-ECF4BB82F7E0}
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DomainSuggestion
|
NextUpdateDate
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\iexplore
|
Count
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\iexplore
|
Time
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\iexplore
|
Blocked
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
|
Count
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
|
Time
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
|
LoadTimeArray
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
|
Count
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
|
Time
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
|
LoadTimeArray
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation
|
CVListPingLastYMD
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation
|
CVListPingBitmap
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserEmulation
|
CVListPingRandomizedBitmap
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage
|
DecayDateQueue
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage
|
LastProcessed
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage
|
DecayDateQueue
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage
|
LastProcessed
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\www.msn.com
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\msn.com
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\msn.com
|
NumberOfSubdomains
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\contextual.media.net
|
NULL
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\media.net
|
Total
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\Total
|
NULL
|
|
There are 84 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2D60000
|
stack
|
page execute and read and write
|
|
|
|
1290000
|
unkown
|
page execute and read and write
|
|
|
|
1A0000
|
unkown
|
page read and write
|
|
|
|
55C8000
|
heap private
|
page read and write
|
|
|
|
55C8000
|
heap private
|
page read and write
|
|
|
|
4B98000
|
heap private
|
page read and write
|
|
|
|
4B98000
|
heap private
|
page read and write
|
|
|
|
2328000
|
heap private
|
page read and write
|
|
|
|
20AD000
|
heap private
|
page read and write
|
|
|
|
2328000
|
heap private
|
page read and write
|
|
|
|
544B000
|
heap private
|
page read and write
|
|
|
|
2328000
|
heap private
|
page read and write
|
|
|
|
4B98000
|
heap private
|
page read and write
|
|
|
|
2328000
|
heap private
|
page read and write
|
|
|
|
4A1B000
|
heap private
|
page read and write
|
|
|
|
55C8000
|
heap private
|
page read and write
|
|
|
|
47A0000
|
heap private
|
page read and write
|
|
|
|
2328000
|
heap private
|
page read and write
|
|
|
|
55C8000
|
heap private
|
page read and write
|
|
|
|
4B98000
|
heap private
|
page read and write
|
|
|
|
21AB000
|
heap private
|
page read and write
|
|
|
|
2328000
|
heap private
|
page read and write
|
|
|
|
4669000
|
heap private
|
page read and write
|
|
|
|
491D000
|
heap private
|
page read and write
|
|
|
|
4B98000
|
heap private
|
page read and write
|
|
|
|
3070000
|
stack
|
page execute and read and write
|
|
|
|
1C0000
|
unkown
|
page execute and read and write
|
|
|
|
3050000
|
stack
|
page read and write
|
|
|
|
1F30000
|
heap private
|
page read and write
|
|
|
|
5049000
|
heap private
|
page read and write
|
|
|
|
2328000
|
heap private
|
page read and write
|
|
|
|
51D0000
|
heap private
|
page read and write
|
|
|
|
1CF9000
|
heap private
|
page read and write
|
|
|
|
1070000
|
unkown
|
page read and write
|
|
|
|
55C8000
|
heap private
|
page read and write
|
|
|
|
55C8000
|
heap private
|
page read and write
|
|
|
|
55C8000
|
heap private
|
page read and write
|
|
|
|
4B98000
|
heap private
|
page read and write
|
|
|
|
4B98000
|
heap private
|
page read and write
|
|
|
|
2D40000
|
stack
|
page read and write
|
|
|
|
2328000
|
heap private
|
page read and write
|
|
|
|
4B98000
|
heap private
|
page read and write
|
|
|
|
55C8000
|
heap private
|
page read and write
|
|
|
|
2328000
|
heap private
|
page read and write
|
|
|
|
55C8000
|
heap private
|
page read and write
|
|
|
|
4B98000
|
heap private
|
page read and write
|
|
|
|
534D000
|
heap private
|
page read and write
|
|
|
|
227E3002000
|
unkown
|
page read and write
|
|
|
|
72BAE000
|
unkown image
|
page read and write
|
|
|
|
B5B69FC000
|
stack
|
page read and write
|
|
|
|
7F262000
|
unkown image
|
page readonly
|
|
|
|
2A54000
|
unkown image
|
page readonly
|
|
|
|
3FCF000
|
stack
|
page read and write
|
|
|
|
2D00000
|
unkown image
|
page readonly
|
|
|
|
22A9000
|
heap private
|
page read and write
|
|
|
|
7FF549478000
|
unkown image
|
page readonly
|
|
|
|
6FAD2FF000
|
stack
|
page read and write
|
|
|
|
17D83000000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7DF5744E0000
|
unkown image
|
page readonly
|
|
|
|
21CAA4E0000
|
unkown
|
page read and write
|
|
|
|
7DF4BC8C0000
|
unkown image
|
page readonly
|
|
|
|
72BAB000
|
unkown image
|
page read and write
|
|
|
|
1F4A000
|
unkown image
|
page readonly
|
|
|
|
155B000
|
heap default
|
page read and write
|
|
|
|
2D5B000
|
unkown image
|
page readonly
|
|
|
|
B5B6D7B000
|
stack
|
page read and write
|
|
|
|
2489000
|
unkown image
|
page readonly
|
|
|
|
23E0000
|
unkown image
|
page read and write
|
|
|
|
2006000
|
unkown image
|
page readonly
|
|
|
|
2A82000
|
unkown image
|
page readonly
|
|
|
|
7FF5D6854000
|
unkown image
|
page readonly
|
|
|
|
7F8C0000
|
unkown image
|
page readonly
|
|
|
|
2A9B000
|
unkown image
|
page readonly
|
|
|
|
7FF53D5D5000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4776000
|
unkown image
|
page readonly
|
|
|
|
7DFDFB546000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
7FF549556000
|
unkown image
|
page readonly
|
|
|
|
3317000
|
unkown
|
page read and write
|
|
|
|
1D1EBEF0000
|
unkown image
|
page readonly
|
|
|
|
161B000
|
unkown
|
page read and write
|
|
|
|
226BB100000
|
unkown image
|
page readonly
|
|
|
|
15B4000
|
unkown
|
page read and write
|
|
|
|
7FF549563000
|
unkown image
|
page readonly
|
|
|
|
408D000
|
stack
|
page read and write
|
|
|
|
7FF5BD470000
|
unkown image
|
page readonly
|
|
|
|
4721000
|
unkown
|
page read and write
|
|
|
|
21CAA530000
|
unkown
|
page read and write
|
|
|
|
7FF5D68B9000
|
unkown image
|
page readonly
|
|
|
|
4FF1000
|
unkown
|
page read and write
|
|
|
|
2038000
|
unkown image
|
page readonly
|
|
|
|
226BB4D0000
|
unkown image
|
page readonly
|
|
|
|
72B90000
|
unkown image
|
page readonly
|
|
|
|
2D30000
|
stack
|
page read and write
|
|
|
|
7FF53DDF0000
|
unkown image
|
page readonly
|
|
|
|
17D82E7D000
|
unkown
|
page read and write
|
|
|
|
15C2000
|
unkown
|
page read and write
|
|
|
|
28CA000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD4C4000
|
unkown image
|
page readonly
|
|
|
|
227E3200000
|
unkown
|
page read and write
|
|
|
|
5F1E000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
227E2829000
|
unkown
|
page read and write
|
|
|
|
7FF53DE3C000
|
unkown image
|
page readonly
|
|
|
|
161A000
|
unkown
|
page read and write
|
|
|
|
7FF572D89000
|
unkown image
|
page readonly
|
|
|
|
1636000
|
unkown
|
page read and write
|
|
|
|
1F64E713000
|
unkown
|
page read and write
|
|
|
|
251B000
|
unkown image
|
page readonly
|
|
|
|
B5B6CFD000
|
stack
|
page read and write
|
|
|
|
3090000
|
unkown
|
page read and write
|
|
|
|
1F54000
|
unkown image
|
page readonly
|
|
|
|
21CA4DE0000
|
unkown
|
page read and write
|
|
|
|
7FF5BD177000
|
unkown image
|
page readonly
|
|
|
|
17D82CB0000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7FF53DD4C000
|
unkown image
|
page readonly
|
|
|
|
21CAA310000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7FF53DDE6000
|
unkown image
|
page readonly
|
|
|
|
21CAA431000
|
unkown
|
page read and write
|
|
|
|
7FF572D3F000
|
unkown image
|
page readonly
|
|
|
|
27CD000
|
heap default
|
page read and write
|
|
|
|
5CE0000
|
unkown
|
page read and write
|
|
|
|
2F69000
|
unkown
|
page read and write
|
|
|
|
2552000
|
unkown image
|
page readonly
|
|
|
|
7FF5494CC000
|
unkown image
|
page readonly
|
|
|
|
55CA000
|
heap private
|
page read and write
|
|
|
|
7FF572F4C000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7F9C0000
|
unkown image
|
page readonly
|
|
|
|
7F032000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7F9D0000
|
unkown image
|
page readonly
|
|
|
|
7F0A0000
|
unkown image
|
page readonly
|
|
|
|
7FF55F1E6000
|
unkown image
|
page readonly
|
|
|
|
251B000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
227E2AD0000
|
unkown image
|
page readonly
|
|
|
|
226BB130000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7DF560660000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
26DE000
|
stack
|
page read and write
|
|
|
|
7FF572BDB000
|
unkown image
|
page readonly
|
|
|
|
421F000
|
stack
|
page read and write
|
|
|
|
21CAA560000
|
unkown
|
page read and write
|
|
|
|
F66000
|
unkown
|
page read and write
|
|
|
|
21CAA4E0000
|
unkown
|
page read and write
|
|
|
|
7FF5A4785000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
1D1ECC50000
|
unkown
|
page read and write
|
|
|
|
254E000
|
unkown image
|
page readonly
|
|
|
|
7FA90000
|
unkown image
|
page readonly
|
|
|
|
31D0000
|
unkown image
|
page readonly
|
|
|
|
1F64E540000
|
heap private
|
page read and write
|
|
|
|
2CBB000
|
unkown image
|
page readonly
|
|
|
|
32A9000
|
unkown
|
page read and write
|
|
|
|
2518000
|
unkown
|
page read and write
|
|
|
|
7DF5D7DE2000
|
unkown image
|
page readonly
|
|
|
|
1F85000
|
unkown image
|
page readonly
|
|
|
|
7F040000
|
unkown image
|
page readonly
|
|
|
|
21A38E75000
|
unkown
|
page read and write
|
|
|
|
7FF55EF3B000
|
unkown image
|
page readonly
|
|
|
|
27BA000
|
unkown
|
page read and write
|
|
|
|
2E50000
|
heap private
|
page read and write
|
|
|
|
33DFD7E000
|
stack
|
page read and write
|
|
|
|
2780000
|
unkown image
|
page readonly
|
|
|
|
27E0000
|
unkown image
|
page readonly
|
|
|
|
7FF572DA5000
|
unkown image
|
page readonly
|
|
|
|
5040000
|
unkown
|
page read and write
|
|
|
|
30000
|
unkown image
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
2508000
|
unkown image
|
page readonly
|
|
|
|
2AB0000
|
unkown image
|
page readonly
|
|
|
|
17D82E00000
|
unkown
|
page read and write
|
|
|
|
21CAA4E0000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
1F34000
|
unkown image
|
page readonly
|
|
|
|
17D82E76000
|
unkown
|
page read and write
|
|
|
|
33DFFF9000
|
stack
|
page read and write
|
|
|
|
2D0F000
|
unkown image
|
page readonly
|
|
|
|
1050000
|
unkown image
|
page readonly
|
|
|
|
273B000
|
heap default
|
page read and write
|
|
|
|
7F1B2000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
17D82E60000
|
unkown
|
page read and write
|
|
|
|
21CAA6F4000
|
unkown
|
page read and write
|
|
|
|
17D83602000
|
unkown
|
page read and write
|
|
|
|
15BB000
|
unkown
|
page read and write
|
|
|
|
7FF53DA82000
|
unkown image
|
page readonly
|
|
|
|
21CAA434000
|
unkown
|
page read and write
|
|
|
|
227E2780000
|
heap private
|
page read and write
|
|
|
|
21A38F02000
|
unkown
|
page read and write
|
|
|
|
1F64E63E000
|
unkown
|
page read and write
|
|
|
|
7FF5BD5A3000
|
unkown image
|
page readonly
|
|
|
|
27C9000
|
heap default
|
page read and write
|
|
|
|
2A9B000
|
unkown image
|
page readonly
|
|
|
|
72B90000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
2E60000
|
unkown image
|
page readonly
|
|
|
|
17D82E41000
|
unkown
|
page read and write
|
|
|
|
178E000
|
stack
|
page read and write
|
|
|
|
17D82E74000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
21CA5718000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
2E20000
|
heap private
|
page read and write
|
|
|
|
227E27B0000
|
unkown image
|
page readonly
|
|
|
|
4EC2DFF000
|
stack
|
page read and write
|
|
|
|
7FF572C46000
|
unkown image
|
page readonly
|
|
|
|
2494000
|
unkown image
|
page readonly
|
|
|
|
1980000
|
heap private
|
page read and write
|
|
|
|
21CA4E92000
|
unkown
|
page read and write
|
|
|
|
21CAA570000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
21CA4E13000
|
unkown
|
page read and write
|
|
|
|
2543000
|
unkown image
|
page readonly
|
|
|
|
7FF55EFAB000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
195D000
|
stack
|
page read and write
|
|
|
|
7FF5A3F75000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD519000
|
unkown image
|
page readonly
|
|
|
|
78A89FB000
|
stack
|
page read and write
|
|
|
|
2A73000
|
unkown image
|
page readonly
|
|
|
|
6FACBEB000
|
unkown
|
page read and write
|
|
|
|
17D82E7C000
|
unkown
|
page read and write
|
|
|
|
21CA6263000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7FF5A46FC000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7FF572E80000
|
unkown image
|
page readonly
|
|
|
|
7FF572F88000
|
unkown image
|
page readonly
|
|
|
|
21CAA6A6000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
249F000
|
unkown image
|
page readonly
|
|
|
|
17D82E85000
|
unkown
|
page read and write
|
|
|
|
7FF5494E9000
|
unkown image
|
page readonly
|
|
|
|
7FF549499000
|
unkown image
|
page readonly
|
|
|
|
32D8000
|
heap default
|
page read and write
|
|
|
|
7FF5492C2000
|
unkown image
|
page readonly
|
|
|
|
50C8000
|
heap private
|
page read and write
|
|
|
|
2981000
|
unkown image
|
page readonly
|
|
|
|
21CAA270000
|
unkown
|
page read and write
|
|
|
|
3339000
|
unkown
|
page read and write
|
|
|
|
7FF5A4716000
|
unkown image
|
page readonly
|
|
|
|
7DF53F332000
|
unkown image
|
page readonly
|
|
|
|
251B000
|
unkown
|
page read and write
|
|
|
|
2D1F000
|
stack
|
page read and write
|
|
|
|
29C6000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
72B90000
|
unkown image
|
page readonly
|
|
|
|
3420000
|
unkown
|
page read and write
|
|
|
|
2348000
|
unkown image
|
page readonly
|
|
|
|
15C2000
|
heap default
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7FF5A4702000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
7FF572F21000
|
unkown image
|
page readonly
|
|
|
|
17CE000
|
stack
|
page read and write
|
|
|
|
27B8000
|
unkown
|
page read and write
|
|
|
|
21CA5DE0000
|
unkown
|
page read and write
|
|
|
|
32D8000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
140000
|
unkown
|
page read and write
|
|
|
|
2F80000
|
unkown image
|
page readonly
|
|
|
|
21CA4D60000
|
unkown image
|
page readonly
|
|
|
|
227E27E0000
|
heap default
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
17D82E34000
|
unkown
|
page read and write
|
|
|
|
7FF5A46E5000
|
unkown image
|
page readonly
|
|
|
|
7FF572C69000
|
unkown image
|
page readonly
|
|
|
|
7FF572F6B000
|
unkown image
|
page readonly
|
|
|
|
2455000
|
unkown image
|
page readonly
|
|
|
|
2D9B000
|
unkown
|
page read and write
|
|
|
|
7DF54A9C2000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7FF572D9F000
|
unkown image
|
page readonly
|
|
|
|
17D82E79000
|
unkown
|
page read and write
|
|
|
|
227E2F70000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
7FF572CFF000
|
unkown image
|
page readonly
|
|
|
|
7F822000
|
unkown image
|
page readonly
|
|
|
|
2A7E000
|
unkown image
|
page readonly
|
|
|
|
7FF53DED3000
|
unkown image
|
page readonly
|
|
|
|
4EC2CFF000
|
stack
|
page read and write
|
|
|
|
264E000
|
stack
|
page read and write
|
|
|
|
7DF5744C0000
|
unkown image
|
page readonly
|
|
|
|
21CA4EFE000
|
unkown
|
page read and write
|
|
|
|
21CA4E29000
|
unkown
|
page read and write
|
|
|
|
7FF5A4525000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
21A38F13000
|
unkown
|
page read and write
|
|
|
|
7F160000
|
unkown image
|
page readonly
|
|
|
|
7FA92000
|
unkown image
|
page readonly
|
|
|
|
21CAA643000
|
unkown
|
page read and write
|
|
|
|
72BAB000
|
unkown image
|
page read and write
|
|
|
|
2BC0000
|
unkown image
|
page readonly
|
|
|
|
21A38E41000
|
unkown
|
page read and write
|
|
|
|
7DF560670000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
21CA4E97000
|
unkown
|
page read and write
|
|
|
|
227E2790000
|
unkown image
|
page readonly
|
|
|
|
DDC000
|
unkown
|
page read and write
|
|
|
|
21A38C50000
|
heap default
|
page read and write
|
|
|
|
7FF572F7B000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7DF5744E0000
|
unkown image
|
page readonly
|
|
|
|
1D71000
|
unkown image
|
page readonly
|
|
|
|
17D82D00000
|
heap default
|
page read and write
|
|
|
|
7FF5BD526000
|
unkown image
|
page readonly
|
|
|
|
1350000
|
heap default
|
page read and write
|
|
|
|
17D82CA0000
|
heap private
|
page read and write
|
|
|
|
21CA4D50000
|
heap private
|
page read and write
|
|
|
|
72BA1000
|
unkown image
|
page readonly
|
|
|
|
7FF51B8D6000
|
unkown image
|
page readonly
|
|
|
|
7FF572E61000
|
unkown image
|
page readonly
|
|
|
|
2337000
|
unkown image
|
page readonly
|
|
|
|
7DF54A9C0000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7FF53DEC6000
|
unkown image
|
page readonly
|
|
|
|
26FA000
|
heap default
|
page read and write
|
|
|
|
5B50000
|
unkown
|
page read and write
|
|
|
|
21CAA540000
|
unkown
|
page read and write
|
|
|
|
24CF000
|
unkown image
|
page readonly
|
|
|
|
1960000
|
unkown
|
page read and write
|
|
|
|
4621000
|
unkown
|
page read and write
|
|
|
|
7FF5BD51C000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
7DF54A9C0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D68FC000
|
unkown image
|
page readonly
|
|
|
|
7FF55F0A7000
|
unkown image
|
page readonly
|
|
|
|
21CA4E00000
|
unkown
|
page read and write
|
|
|
|
1F76000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
5BE0000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
17D82CB0000
|
unkown image
|
page readonly
|
|
|
|
4F7E000
|
unkown
|
page read and write
|
|
|
|
7FF5D68A4000
|
unkown image
|
page readonly
|
|
|
|
7FF5D67FC000
|
unkown image
|
page readonly
|
|
|
|
3060000
|
unkown image
|
page readonly
|
|
|
|
4B19000
|
heap private
|
page read and write
|
|
|
|
2558000
|
unkown image
|
page readonly
|
|
|
|
7DF53F340000
|
unkown image
|
page readonly
|
|
|
|
2A6A000
|
unkown image
|
page readonly
|
|
|
|
2750000
|
heap default
|
page read and write
|
|
|
|
7DF43D1F0000
|
unkown image
|
page readonly
|
|
|
|
7DF45E520000
|
unkown image
|
page readonly
|
|
|
|
7FF57305C000
|
unkown image
|
page readonly
|
|
|
|
7FF55F0F9000
|
unkown image
|
page readonly
|
|
|
|
31E0000
|
unkown image
|
page readonly
|
|
|
|
7FF55F10F000
|
unkown image
|
page readonly
|
|
|
|
2A90000
|
heap default
|
page read and write
|
|
|
|
7DF5BEA10000
|
unkown image
|
page readonly
|
|
|
|
28AE000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
21CAA623000
|
unkown
|
page read and write
|
|
|
|
21A38C00000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
227E2802000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
5AB0000
|
unkown
|
page read and write
|
|
|
|
26E0000
|
heap private
|
page read and write
|
|
|
|
1D1EC6B0000
|
unkown image
|
page readonly
|
|
|
|
2004000
|
unkown image
|
page readonly
|
|
|
|
1E78000
|
unkown image
|
page readonly
|
|
|
|
17D82E68000
|
unkown
|
page read and write
|
|
|
|
27EE000
|
heap default
|
page read and write
|
|
|
|
21CAA418000
|
unkown
|
page read and write
|
|
|
|
2C8F000
|
unkown image
|
page readonly
|
|
|
|
2444000
|
unkown image
|
page readonly
|
|
|
|
1F64E6E8000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
428D000
|
stack
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
7EF30000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7FF572EF0000
|
unkown image
|
page readonly
|
|
|
|
1F74000
|
unkown image
|
page readonly
|
|
|
|
72B90000
|
unkown image
|
page readonly
|
|
|
|
400D000
|
stack
|
page read and write
|
|
|
|
21A38E29000
|
unkown
|
page read and write
|
|
|
|
2D30000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7DF53F322000
|
unkown image
|
page readonly
|
|
|
|
7FF53DDF4000
|
unkown image
|
page readonly
|
|
|
|
7FF572D39000
|
unkown image
|
page readonly
|
|
|
|
2A4F000
|
unkown image
|
page readonly
|
|
|
|
30B0000
|
heap default
|
page read and write
|
|
|
|
599B000
|
stack
|
page read and write
|
|
|
|
7DF5A5BF0000
|
unkown image
|
page readonly
|
|
|
|
4B9A000
|
heap private
|
page read and write
|
|
|
|
7FF5494F4000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
2756000
|
unkown
|
page read and write
|
|
|
|
273B000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7FA82000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4675000
|
unkown image
|
page readonly
|
|
|
|
7FF5D654D000
|
unkown image
|
page readonly
|
|
|
|
7FF5D688F000
|
unkown image
|
page readonly
|
|
|
|
21CAA6EE000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
21CA4D40000
|
unkown image
|
page read and write
|
|
|
|
5AB0000
|
unkown
|
page read and write
|
|
|
|
2C5A000
|
unkown image
|
page readonly
|
|
|
|
232A000
|
heap private
|
page read and write
|
|
|
|
232A000
|
heap private
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
7FF55F0D4000
|
unkown image
|
page readonly
|
|
|
|
4EC2AFF000
|
stack
|
page read and write
|
|
|
|
3315000
|
heap default
|
page read and write
|
|
|
|
3350000
|
unkown image
|
page readonly
|
|
|
|
2C3A000
|
heap default
|
page read and write
|
|
|
|
21CA6260000
|
unkown
|
page read and write
|
|
|
|
24EA000
|
unkown image
|
page readonly
|
|
|
|
21CA5704000
|
unkown
|
page read and write
|
|
|
|
351E000
|
stack
|
page read and write
|
|
|
|
72BB2000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7FF572C22000
|
unkown image
|
page readonly
|
|
|
|
24F3000
|
unkown image
|
page readonly
|
|
|
|
7F9D2000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4484000
|
unkown image
|
page readonly
|
|
|
|
7FF572C30000
|
unkown image
|
page readonly
|
|
|
|
7FF549480000
|
unkown image
|
page readonly
|
|
|
|
72B90000
|
unkown image
|
page readonly
|
|
|
|
2FB0000
|
unkown image
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
227E2CD0000
|
unkown image
|
page readonly
|
|
|
|
227E2800000
|
unkown
|
page read and write
|
|
|
|
7DF5A5BE2000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD4D1000
|
unkown image
|
page readonly
|
|
|
|
7F820000
|
unkown image
|
page readonly
|
|
|
|
24FF000
|
unkown
|
page read and write
|
|
|
|
1D1EC051000
|
unkown
|
page read and write
|
|
|
|
1D1EC050000
|
unkown
|
page read and write
|
|
|
|
7FA90000
|
unkown image
|
page readonly
|
|
|
|
27C0000
|
unkown image
|
page read and write
|
|
|
|
21CAA600000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7FF55F118000
|
unkown image
|
page readonly
|
|
|
|
21CAA410000
|
unkown
|
page read and write
|
|
|
|
7DF53F332000
|
unkown image
|
page readonly
|
|
|
|
7FF5D688C000
|
unkown image
|
page readonly
|
|
|
|
226BB213000
|
unkown
|
page read and write
|
|
|
|
C80000
|
unkown image
|
page readonly
|
|
|
|
7FF549546000
|
unkown image
|
page readonly
|
|
|
|
2780000
|
unkown image
|
page readonly
|
|
|
|
2B27000
|
unkown image
|
page readonly
|
|
|
|
7FF5D68F2000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
227E2813000
|
unkown
|
page read and write
|
|
|
|
6FACEFF000
|
stack
|
page read and write
|
|
|
|
23EC000
|
unkown image
|
page readonly
|
|
|
|
7FF5A46B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4664000
|
unkown image
|
page readonly
|
|
|
|
2B31000
|
unkown image
|
page readonly
|
|
|
|
72BAC000
|
unkown image
|
page write copy
|
|
|
|
7FF55F124000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
33DFDFA000
|
stack
|
page read and write
|
|
|
|
2D54000
|
unkown image
|
page readonly
|
|
|
|
7FF55F157000
|
unkown image
|
page readonly
|
|
|
|
21CA5718000
|
unkown
|
page read and write
|
|
|
|
331B000
|
unkown
|
page read and write
|
|
|
|
7FF53DE42000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD5A3000
|
unkown image
|
page readonly
|
|
|
|
2DB0000
|
unkown image
|
page readonly
|
|
|
|
5B4F000
|
stack
|
page read and write
|
|
|
|
21CA4F02000
|
unkown
|
page read and write
|
|
|
|
72B90000
|
unkown image
|
page readonly
|
|
|
|
7DF5BE9F0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D6895000
|
unkown image
|
page readonly
|
|
|
|
2D65000
|
stack
|
page execute and read and write
|
|
|
|
227E2790000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
2446000
|
unkown image
|
page readonly
|
|
|
|
7FF5D68B1000
|
unkown image
|
page readonly
|
|
|
|
72B91000
|
unkown image
|
page execute read
|
|
|
|
72BA1000
|
unkown image
|
page readonly
|
|
|
|
2496000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4724000
|
unkown image
|
page readonly
|
|
|
|
7FF573004000
|
unkown image
|
page readonly
|
|
|
|
1F10000
|
unkown
|
page read and write
|
|
|
|
226BB6D0000
|
unkown image
|
page readonly
|
|
|
|
7F260000
|
unkown image
|
page readonly
|
|
|
|
1D1EC270000
|
unkown
|
page read and write
|
|
|
|
72BAC000
|
unkown image
|
page write copy
|
|
|
|
21CAA6A2000
|
unkown
|
page read and write
|
|
|
|
7DF560650000
|
unkown image
|
page readonly
|
|
|
|
F7B000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
24DC000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
2C00000
|
unkown image
|
page readonly
|
|
|
|
72BAE000
|
unkown image
|
page read and write
|
|
|
|
7FF5BD464000
|
unkown image
|
page readonly
|
|
|
|
31AF000
|
unkown image
|
page readonly
|
|
|
|
7DF4D5CA0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D6966000
|
unkown image
|
page readonly
|
|
|
|
F75000
|
unkown
|
page read and write
|
|
|
|
7FF5BD4B8000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
4240000
|
unkown
|
page read and write
|
|
|
|
5549000
|
heap private
|
page read and write
|
|
|
|
7FF573073000
|
unkown image
|
page readonly
|
|
|
|
2871000
|
unkown image
|
page readonly
|
|
|
|
24B8000
|
unkown image
|
page readonly
|
|
|
|
2991000
|
unkown image
|
page readonly
|
|
|
|
32B5000
|
unkown
|
page read and write
|
|
|
|
7FF55F16C000
|
unkown image
|
page readonly
|
|
|
|
17D82E42000
|
unkown
|
page read and write
|
|
|
|
17D82DE0000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
27D0000
|
unkown image
|
page readonly
|
|
|
|
3339000
|
heap default
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7DF560670000
|
unkown image
|
page readonly
|
|
|
|
72B90000
|
unkown image
|
page readonly
|
|
|
|
1330000
|
unkown image
|
page read and write
|
|
|
|
191F000
|
stack
|
page read and write
|
|
|
|
21CA4E7C000
|
unkown
|
page read and write
|
|
|
|
7FF549475000
|
unkown image
|
page readonly
|
|
|
|
4EC20EC000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
7FF572D5D000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7DF5744D0000
|
unkown image
|
page readonly
|
|
|
|
21A38BF0000
|
heap private
|
page read and write
|
|
|
|
15CB000
|
unkown
|
page read and write
|
|
|
|
238C000
|
stack
|
page read and write
|
|
|
|
226BB860000
|
unkown image
|
page readonly
|
|
|
|
21CA5713000
|
unkown
|
page read and write
|
|
|
|
7F822000
|
unkown image
|
page readonly
|
|
|
|
5AB0000
|
unkown
|
page read and write
|
|
|
|
59DD000
|
stack
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
7FF572FA1000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
4180000
|
unkown
|
page read and write
|
|
|
|
4180000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
33DF9EB000
|
unkown
|
page read and write
|
|
|
|
27BA000
|
heap default
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
4B3F000
|
unkown
|
page read and write
|
|
|
|
17D82E6A000
|
unkown
|
page read and write
|
|
|
|
7FF572F90000
|
unkown image
|
page readonly
|
|
|
|
17D82E45000
|
unkown
|
page read and write
|
|
|
|
2A5C000
|
unkown image
|
page readonly
|
|
|
|
2747000
|
unkown
|
page read and write
|
|
|
|
4B98000
|
heap private
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
32A8000
|
heap default
|
page read and write
|
|
|
|
C4D2EFE000
|
stack
|
page read and write
|
|
|
|
33DFE79000
|
stack
|
page read and write
|
|
|
|
29E8000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7FF573073000
|
unkown image
|
page readonly
|
|
|
|
3AE0000
|
unkown
|
page read and write
|
|
|
|
2867000
|
unkown image
|
page readonly
|
|
|
|
2C95000
|
unkown image
|
page readonly
|
|
|
|
2439000
|
unkown image
|
page readonly
|
|
|
|
508A000
|
unkown
|
page read and write
|
|
|
|
4C7B000
|
stack
|
page read and write
|
|
|
|
2750000
|
unkown
|
page read and write
|
|
|
|
3230000
|
heap private
|
page read and write
|
|
|
|
4B9C000
|
heap private
|
page read and write
|
|
|
|
203F000
|
unkown image
|
page readonly
|
|
|
|
325A000
|
heap default
|
page read and write
|
|
|
|
78A86FA000
|
stack
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
1D1ECEA0000
|
unkown
|
page read and write
|
|
|
|
21CAA649000
|
unkown
|
page read and write
|
|
|
|
1060000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
DB000
|
unkown
|
page read and write
|
|
|
|
21CA5702000
|
unkown
|
page read and write
|
|
|
|
7DF53F320000
|
unkown image
|
page readonly
|
|
|
|
21CA4EA2000
|
unkown
|
page read and write
|
|
|
|
7F1C0000
|
unkown image
|
page readonly
|
|
|
|
331A000
|
unkown
|
page read and write
|
|
|
|
72B90000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
5A5E000
|
stack
|
page read and write
|
|
|
|
226BB0E0000
|
unkown image
|
page read and write
|
|
|
|
226BB170000
|
unkown
|
page read and write
|
|
|
|
2D80000
|
unkown image
|
page readonly
|
|
|
|
7FF53DCFE000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7FF5A46D1000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
72B90000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
7FF5D66E2000
|
unkown image
|
page readonly
|
|
|
|
21CA4E8C000
|
unkown
|
page read and write
|
|
|
|
17D82E4C000
|
unkown
|
page read and write
|
|
|
|
7FF5D61E7000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
226BB200000
|
unkown
|
page read and write
|
|
|
|
17D82E73000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
21A38C30000
|
unkown image
|
page readonly
|
|
|
|
7FA92000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
29D5000
|
unkown image
|
page readonly
|
|
|
|
21CA4E40000
|
unkown
|
page read and write
|
|
|
|
17D82E64000
|
unkown
|
page read and write
|
|
|
|
41DE000
|
stack
|
page read and write
|
|
|
|
2509000
|
unkown
|
page read and write
|
|
|
|
7F272000
|
unkown image
|
page readonly
|
|
|
|
33DFF79000
|
stack
|
page read and write
|
|
|
|
17D83460000
|
unkown
|
page read and write
|
|
|
|
72BB2000
|
unkown image
|
page readonly
|
|
|
|
7DF4A3AB0000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD4F5000
|
unkown image
|
page readonly
|
|
|
|
226BB0F0000
|
heap private
|
page read and write
|
|
|
|
27B3000
|
unkown
|
page read and write
|
|
|
|
4EF0000
|
unkown
|
page read and write
|
|
|
|
21CA4E8E000
|
unkown
|
page read and write
|
|
|
|
7FF5A4793000
|
unkown image
|
page readonly
|
|
|
|
2398000
|
unkown image
|
page readonly
|
|
|
|
1D6F000
|
unkown image
|
page readonly
|
|
|
|
17D82E63000
|
unkown
|
page read and write
|
|
|
|
17D82E5C000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
17D82E77000
|
unkown
|
page read and write
|
|
|
|
29BD000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
46F0000
|
unkown
|
page read and write
|
|
|
|
7F810000
|
unkown image
|
page readonly
|
|
|
|
2014000
|
unkown image
|
page readonly
|
|
|
|
55CB000
|
heap private
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
7FF5A4459000
|
unkown image
|
page readonly
|
|
|
|
1D1EC049000
|
unkown
|
page read and write
|
|
|
|
7DF5D7DD0000
|
unkown image
|
page readonly
|
|
|
|
34D0000
|
unkown image
|
page readonly
|
|
|
|
72BA1000
|
unkown image
|
page readonly
|
|
|
|
3250000
|
heap default
|
page read and write
|
|
|
|
2FE0000
|
unkown image
|
page readonly
|
|
|
|
72BB2000
|
unkown image
|
page readonly
|
|
|
|
2340000
|
unkown image
|
page readonly
|
|
|
|
55C8000
|
heap private
|
page read and write
|
|
|
|
DF0000
|
unkown image
|
page readonly
|
|
|
|
154E000
|
stack
|
page read and write
|
|
|
|
1617000
|
unkown
|
page read and write
|
|
|
|
1618000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7FF5A469F000
|
unkown image
|
page readonly
|
|
|
|
1D1EBEF0000
|
unkown image
|
page readonly
|
|
|
|
1E17000
|
unkown image
|
page readonly
|
|
|
|
2474000
|
unkown image
|
page readonly
|
|
|
|
1E7A000
|
unkown image
|
page readonly
|
|
|
|
2C51000
|
unkown image
|
page readonly
|
|
|
|
7DF560662000
|
unkown image
|
page readonly
|
|
|
|
1F70000
|
unkown image
|
page readonly
|
|
|
|
B5B6BFC000
|
stack
|
page read and write
|
|
|
|
7DF54A9B2000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
F81000
|
unkown
|
page read and write
|
|
|
|
1F64E8D0000
|
unkown image
|
page readonly
|
|
|
|
29A4000
|
unkown image
|
page readonly
|
|
|
|
17D82E5F000
|
unkown
|
page read and write
|
|
|
|
227E2E60000
|
unkown image
|
page readonly
|
|
|
|
7DF53F340000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
1F31000
|
unkown image
|
page readonly
|
|
|
|
1F41000
|
unkown image
|
page readonly
|
|
|
|
21CA4EFE000
|
unkown
|
page read and write
|
|
|
|
7FF5D679A000
|
unkown image
|
page readonly
|
|
|
|
202E000
|
unkown image
|
page readonly
|
|
|
|
26E7000
|
heap private
|
page read and write
|
|
|
|
331A000
|
unkown
|
page read and write
|
|
|
|
160000
|
unkown image
|
page readonly
|
|
|
|
1D1EBEE0000
|
unkown
|
page read and write
|
|
|
|
7FF5BD586000
|
unkown image
|
page readonly
|
|
|
|
2A7B000
|
unkown
|
page read and write
|
|
|
|
B5B6A7F000
|
stack
|
page read and write
|
|
|
|
7FA80000
|
unkown image
|
page readonly
|
|
|
|
227E27F0000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
1D1EBFE0000
|
unkown
|
page read and write
|
|
|
|
2DFD000
|
unkown
|
page read and write
|
|
|
|
40CB000
|
stack
|
page read and write
|
|
|
|
133C000
|
unkown image
|
page readonly
|
|
|
|
27F0000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
7FF5494D9000
|
unkown image
|
page readonly
|
|
|
|
7F280000
|
unkown image
|
page readonly
|
|
|
|
2461000
|
unkown image
|
page readonly
|
|
|
|
7FF572C06000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
33DFC7E000
|
stack
|
page read and write
|
|
|
|
1D7B000
|
unkown image
|
page readonly
|
|
|
|
1D1EC4B0000
|
unkown image
|
page readonly
|
|
|
|
6F2DFFF000
|
stack
|
page read and write
|
|
|
|
1F98000
|
unkown image
|
page readonly
|
|
|
|
21CA4E7A000
|
unkown
|
page read and write
|
|
|
|
7F270000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7FF5D674D000
|
unkown image
|
page readonly
|
|
|
|
7FF55F179000
|
unkown image
|
page readonly
|
|
|
|
202E000
|
heap private
|
page read and write
|
|
|
|
7DF5D7DE2000
|
unkown image
|
page readonly
|
|
|
|
404D000
|
stack
|
page read and write
|
|
|
|
232C000
|
heap private
|
page read and write
|
|
|
|
268F000
|
stack
|
page read and write
|
|
|
|
17D82E57000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
B5B717E000
|
stack
|
page read and write
|
|
|
|
22F1000
|
unkown image
|
page readonly
|
|
|
|
40000
|
unkown image
|
page readonly
|
|
|
|
2D33000
|
unkown image
|
page readonly
|
|
|
|
1D0000
|
heap default
|
page read and write
|
|
|
|
489E000
|
heap private
|
page read and write
|
|
|
|
4EF1000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
2C86000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD595000
|
unkown image
|
page readonly
|
|
|
|
21A38BE0000
|
unkown image
|
page read and write
|
|
|
|
4666000
|
unkown
|
page read and write
|
|
|
|
2C61000
|
unkown image
|
page readonly
|
|
|
|
2503000
|
unkown
|
page read and write
|
|
|
|
31A0000
|
unkown image
|
page read and write
|
|
|
|
72B91000
|
unkown image
|
page execute read
|
|
|
|
21CAA454000
|
unkown
|
page read and write
|
|
|
|
348F000
|
stack
|
page read and write
|
|
|
|
1F64EF00000
|
unkown
|
page read and write
|
|
|
|
21CA5600000
|
unkown
|
page read and write
|
|
|
|
7FA82000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7FF5494DC000
|
unkown image
|
page readonly
|
|
|
|
7F810000
|
unkown image
|
page readonly
|
|
|
|
7FF572F94000
|
unkown image
|
page readonly
|
|
|
|
32A8000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7FF572FE2000
|
unkown image
|
page readonly
|
|
|
|
21A39200000
|
unkown image
|
page readonly
|
|
|
|
21CAA63C000
|
unkown
|
page read and write
|
|
|
|
52CE000
|
heap private
|
page read and write
|
|
|
|
2B88000
|
unkown image
|
page readonly
|
|
|
|
2341000
|
unkown image
|
page readonly
|
|
|
|
2BA0000
|
unkown
|
page read and write
|
|
|
|
21A38E83000
|
unkown
|
page read and write
|
|
|
|
46E8000
|
heap private
|
page read and write
|
|
|
|
251F000
|
unkown image
|
page readonly
|
|
|
|
1C5000
|
unkown
|
page execute and read and write
|
|
|
|
21CAA300000
|
unkown
|
page read and write
|
|
|
|
7DF54A9C2000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
29F0000
|
unkown image
|
page readonly
|
|
|
|
72B90000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
1D1EC050000
|
unkown
|
page read and write
|
|
|
|
1F64E6E1000
|
unkown
|
page read and write
|
|
|
|
7FF51B8D6000
|
unkown image
|
page readonly
|
|
|
|
21CA5758000
|
unkown
|
page read and write
|
|
|
|
17D82E5D000
|
unkown
|
page read and write
|
|
|
|
21CAA570000
|
unkown
|
page read and write
|
|
|
|
23EF000
|
unkown image
|
page readonly
|
|
|
|
7F9C2000
|
unkown image
|
page readonly
|
|
|
|
7F980000
|
unkown image
|
page readonly
|
|
|
|
7FF572FA9000
|
unkown image
|
page readonly
|
|
|
|
2C79000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
78A88FA000
|
stack
|
page read and write
|
|
|
|
7FF5D68F9000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
226BBA00000
|
unkown
|
page read and write
|
|
|
|
7FF572E20000
|
unkown image
|
page readonly
|
|
|
|
2484000
|
unkown image
|
page readonly
|
|
|
|
2CA8000
|
unkown image
|
page readonly
|
|
|
|
21A38E02000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
7FF5D68C1000
|
unkown image
|
page readonly
|
|
|
|
7FF55F17C000
|
unkown image
|
page readonly
|
|
|
|
7FF5494B5000
|
unkown image
|
page readonly
|
|
|
|
7FF5D6715000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
272C000
|
heap default
|
page read and write
|
|
|
|
2A64000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD2BB000
|
unkown image
|
page readonly
|
|
|
|
2524000
|
unkown image
|
page readonly
|
|
|
|
2A56000
|
unkown image
|
page readonly
|
|
|
|
7FF5D64E5000
|
unkown image
|
page readonly
|
|
|
|
F72000
|
unkown
|
page read and write
|
|
|
|
1960000
|
unkown
|
page read and write
|
|
|
|
21CA4DB0000
|
heap default
|
page read and write
|
|
|
|
7F830000
|
unkown image
|
page readonly
|
|
|
|
2468000
|
unkown image
|
page readonly
|
|
|
|
7F032000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
21CAA430000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
21CAA702000
|
unkown
|
page read and write
|
|
|
|
299A000
|
unkown image
|
page readonly
|
|
|
|
2CDE000
|
stack
|
page read and write
|
|
|
|
7FF572BC8000
|
unkown image
|
page readonly
|
|
|
|
14DC000
|
stack
|
page read and write
|
|
|
|
21CA4F14000
|
unkown
|
page read and write
|
|
|
|
7FF5BD4AF000
|
unkown image
|
page readonly
|
|
|
|
2421000
|
unkown image
|
page readonly
|
|
|
|
29B4000
|
unkown image
|
page readonly
|
|
|
|
29C0000
|
unkown image
|
page readonly
|
|
|
|
1960000
|
unkown
|
page read and write
|
|
|
|
17D0000
|
unkown
|
page read and write
|
|
|
|
17D82E3D000
|
unkown
|
page read and write
|
|
|
|
7F1A0000
|
unkown image
|
page readonly
|
|
|
|
72BB2000
|
unkown image
|
page readonly
|
|
|
|
32A4000
|
unkown
|
page read and write
|
|
|
|
27B8000
|
unkown
|
page read and write
|
|
|
|
7DF53F322000
|
unkown image
|
page readonly
|
|
|
|
7F280000
|
unkown image
|
page readonly
|
|
|
|
2B70000
|
unkown image
|
page readonly
|
|
|
|
1F6D000
|
unkown image
|
page readonly
|
|
|
|
33B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D665A000
|
unkown image
|
page readonly
|
|
|
|
21CAA450000
|
unkown
|
page read and write
|
|
|
|
7FF53DD45000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4581000
|
unkown image
|
page readonly
|
|
|
|
7FF572FB1000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
2C10000
|
unkown
|
page read and write
|
|
|
|
7FF5BD49C000
|
unkown image
|
page readonly
|
|
|
|
227E2E50000
|
unkown image
|
page readonly
|
|
|
|
7FF5D68D5000
|
unkown image
|
page readonly
|
|
|
|
7FF53DE01000
|
unkown image
|
page readonly
|
|
|
|
5A9F000
|
stack
|
page read and write
|
|
|
|
226BB229000
|
unkown
|
page read and write
|
|
|
|
17D82CE0000
|
unkown image
|
page readonly
|
|
|
|
2DA0000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
17D82E72000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7FF55E98A000
|
unkown image
|
page readonly
|
|
|
|
2471000
|
unkown image
|
page readonly
|
|
|
|
441D000
|
stack
|
page read and write
|
|
|
|
7DF5BEA02000
|
unkown image
|
page readonly
|
|
|
|
1355000
|
heap default
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
2D70000
|
heap private
|
page read and write
|
|
|
|
227E27C0000
|
unkown image
|
page readonly
|
|
|
|
17D82E56000
|
unkown
|
page read and write
|
|
|
|
29AB000
|
unkown
|
page read and write
|
|
|
|
17D82E65000
|
unkown
|
page read and write
|
|
|
|
1D1EC000000
|
heap default
|
page read and write
|
|
|
|
72BA1000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD58C000
|
unkown image
|
page readonly
|
|
|
|
F78000
|
unkown
|
page read and write
|
|
|
|
2490000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
226BB202000
|
unkown
|
page read and write
|
|
|
|
227E2F70000
|
unkown
|
page read and write
|
|
|
|
C4D317E000
|
stack
|
page read and write
|
|
|
|
1D1EC830000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
28C8000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4545000
|
unkown image
|
page readonly
|
|
|
|
7FF53DDE8000
|
unkown image
|
page readonly
|
|
|
|
1F64E669000
|
unkown
|
page read and write
|
|
|
|
1D1EBFD0000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
5B0E000
|
stack
|
page read and write
|
|
|
|
2BF0000
|
heap default
|
page read and write
|
|
|
|
1D1EC2A0000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7FF572E1B000
|
unkown image
|
page readonly
|
|
|
|
1810000
|
heap private
|
page read and write
|
|
|
|
40F0000
|
heap private
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
413E000
|
stack
|
page read and write
|
|
|
|
2A88000
|
unkown image
|
page readonly
|
|
|
|
CDD000
|
unkown
|
page read and write
|
|
|
|
7FF5D68A0000
|
unkown image
|
page readonly
|
|
|
|
2564000
|
unkown image
|
page readonly
|
|
|
|
7FF55F1F6000
|
unkown image
|
page readonly
|
|
|
|
7F1A2000
|
unkown image
|
page readonly
|
|
|
|
72B90000
|
unkown image
|
page readonly
|
|
|
|
21CAA62F000
|
unkown
|
page read and write
|
|
|
|
4EC29FF000
|
stack
|
page read and write
|
|
|
|
7DF54A9B2000
|
unkown image
|
page readonly
|
|
|
|
33DFCFE000
|
stack
|
page read and write
|
|
|
|
7DF5D7DD2000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
21A38E13000
|
unkown
|
page read and write
|
|
|
|
17D82E69000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7FF5D6865000
|
unkown image
|
page readonly
|
|
|
|
7FF572F60000
|
unkown image
|
page readonly
|
|
|
|
4700000
|
unkown
|
page read and write
|
|
|
|
2328000
|
heap private
|
page read and write
|
|
|
|
15A5000
|
heap default
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
24CB000
|
unkown image
|
page readonly
|
|
|
|
1F64E66B000
|
unkown
|
page read and write
|
|
|
|
78A85FB000
|
stack
|
page read and write
|
|
|
|
244F000
|
unkown image
|
page readonly
|
|
|
|
F87000
|
unkown
|
page read and write
|
|
|
|
7FF5A46A5000
|
unkown image
|
page readonly
|
|
|
|
255F000
|
unkown image
|
page readonly
|
|
|
|
4B9B000
|
heap private
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7DF5BE9F2000
|
unkown image
|
page readonly
|
|
|
|
190000
|
unkown
|
page read and write
|
|
|
|
515E000
|
stack
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
21CA4F02000
|
unkown
|
page read and write
|
|
|
|
21CA4D90000
|
unkown image
|
page readonly
|
|
|
|
21A38E00000
|
unkown
|
page read and write
|
|
|
|
21A38E5E000
|
unkown
|
page read and write
|
|
|
|
7FF5A469B000
|
unkown image
|
page readonly
|
|
|
|
2D2A000
|
unkown image
|
page readonly
|
|
|
|
12DE000
|
stack
|
page read and write
|
|
|
|
1D1EC04A000
|
unkown
|
page read and write
|
|
|
|
226BB850000
|
unkown image
|
page readonly
|
|
|
|
226BB302000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
21CA6270000
|
unkown
|
page read and write
|
|
|
|
1F64E530000
|
unkown image
|
page read and write
|
|
|
|
247B000
|
unkown image
|
page readonly
|
|
|
|
C4D327D000
|
stack
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7FF572E3D000
|
unkown image
|
page readonly
|
|
|
|
21CA4F07000
|
unkown
|
page read and write
|
|
|
|
272B000
|
unkown
|
page read and write
|
|
|
|
7FF55F0C5000
|
unkown image
|
page readonly
|
|
|
|
7FF55F10B000
|
unkown image
|
page readonly
|
|
|
|
21CAB000000
|
unkown
|
page read and write
|
|
|
|
F7E000
|
unkown
|
page read and write
|
|
|
|
7FF53D706000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4793000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD1B0000
|
unkown image
|
page readonly
|
|
|
|
226BBA02000
|
unkown
|
page read and write
|
|
|
|
7FF572D7E000
|
unkown image
|
page readonly
|
|
|
|
15B4000
|
heap default
|
page read and write
|
|
|
|
322D000
|
stack
|
page read and write
|
|
|
|
2D07000
|
unkown image
|
page readonly
|
|
|
|
7FF5A46B4000
|
unkown image
|
page readonly
|
|
|
|
21CAA440000
|
unkown
|
page read and write
|
|
|
|
7FF5D696C000
|
unkown image
|
page readonly
|
|
|
|
1F64E580000
|
unkown image
|
page readonly
|
|
|
|
7FAA0000
|
unkown image
|
page readonly
|
|
|
|
7FF549563000
|
unkown image
|
page readonly
|
|
|
|
1F64E5D0000
|
unkown
|
page read and write
|
|
|
|
7F270000
|
unkown image
|
page readonly
|
|
|
|
36D0000
|
unkown image
|
page readonly
|
|
|
|
72BAE000
|
unkown image
|
page read and write
|
|
|
|
B5B707C000
|
stack
|
page read and write
|
|
|
|
27F0000
|
unkown image
|
page readonly
|
|
|
|
7FF572D6F000
|
unkown image
|
page readonly
|
|
|
|
7FF53DE49000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
5030000
|
heap private
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
4B9A000
|
heap private
|
page read and write
|
|
|
|
250F000
|
unkown image
|
page readonly
|
|
|
|
7FF5D6983000
|
unkown image
|
page readonly
|
|
|
|
28AA000
|
unkown image
|
page readonly
|
|
|
|
7FF5D6983000
|
unkown image
|
page readonly
|
|
|
|
7DF5BEA10000
|
unkown image
|
page readonly
|
|
|
|
1F64E6D2000
|
unkown
|
page read and write
|
|
|
|
1340000
|
unkown image
|
page readonly
|
|
|
|
6F2DDFD000
|
stack
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
4CC0000
|
unkown
|
page read and write
|
|
|
|
7F9E0000
|
unkown image
|
page readonly
|
|
|
|
2512000
|
unkown
|
page read and write
|
|
|
|
226BB1A0000
|
unkown
|
page readonly
|
|
|
|
2A80000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
21CAA860000
|
unkown
|
page read and write
|
|
|
|
7FF5A4623000
|
unkown image
|
page readonly
|
|
|
|
7FF572CDD000
|
unkown image
|
page readonly
|
|
|
|
7FF5494E6000
|
unkown image
|
page readonly
|
|
|
|
327B000
|
unkown
|
page read and write
|
|
|
|
253A000
|
unkown image
|
page readonly
|
|
|
|
5A1C000
|
stack
|
page read and write
|
|
|
|
5BD0000
|
unkown
|
page read and write
|
|
|
|
4B9D000
|
heap private
|
page read and write
|
|
|
|
E0000
|
unkown image
|
page readonly
|
|
|
|
7DF53F330000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
78A84F7000
|
stack
|
page read and write
|
|
|
|
2750000
|
unkown
|
page read and write
|
|
|
|
1F64E5A0000
|
heap default
|
page read and write
|
|
|
|
7FF5BD4AB000
|
unkown image
|
page readonly
|
|
|
|
21CA4D60000
|
unkown image
|
page readonly
|
|
|
|
27DC000
|
unkown
|
page read and write
|
|
|
|
1D1EBF10000
|
unkown image
|
page readonly
|
|
|
|
2A8F000
|
unkown image
|
page readonly
|
|
|
|
1F64EC50000
|
unkown image
|
page readonly
|
|
|
|
1F69000
|
unkown image
|
page readonly
|
|
|
|
78A8EFE000
|
stack
|
page read and write
|
|
|
|
29B9000
|
unkown image
|
page readonly
|
|
|
|
21CA4EB1000
|
unkown
|
page read and write
|
|
|
|
431D000
|
stack
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
72BAB000
|
unkown image
|
page read and write
|
|
|
|
22E7000
|
unkown image
|
page readonly
|
|
|
|
72B91000
|
unkown image
|
page execute read
|
|
|
|
1F64E550000
|
unkown image
|
page readonly
|
|
|
|
24D4000
|
unkown image
|
page readonly
|
|
|
|
29F6000
|
unkown image
|
page readonly
|
|
|
|
1F64E5B0000
|
unkown image
|
page readonly
|
|
|
|
51A0000
|
unkown
|
page read and write
|
|
|
|
1D1EC295000
|
heap private
|
page read and write
|
|
|
|
251E000
|
unkown
|
page read and write
|
|
|
|
32A4000
|
heap default
|
page read and write
|
|
|
|
7FF53DE56000
|
unkown image
|
page readonly
|
|
|
|
27CB000
|
unkown image
|
page readonly
|
|
|
|
2743000
|
heap default
|
page read and write
|
|
|
|
C4D2E7C000
|
stack
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
7F9D0000
|
unkown image
|
page readonly
|
|
|
|
2515000
|
unkown
|
page read and write
|
|
|
|
3314000
|
unkown
|
page read and write
|
|
|
|
133F000
|
unkown image
|
page readonly
|
|
|
|
180000
|
unkown image
|
page readonly
|
|
|
|
7FF549170000
|
unkown image
|
page readonly
|
|
|
|
4180000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
2C74000
|
unkown image
|
page readonly
|
|
|
|
7FF572C36000
|
unkown image
|
page readonly
|
|
|
|
161A000
|
unkown
|
page read and write
|
|
|
|
7DF5D7DF0000
|
unkown image
|
page readonly
|
|
|
|
7DF5744D2000
|
unkown image
|
page readonly
|
|
|
|
7DF5A5C00000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
4600000
|
unkown image
|
page readonly
|
|
|
|
21A38C00000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
200C000
|
unkown image
|
page readonly
|
|
|
|
2424000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7FF55F120000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
329D000
|
heap default
|
page read and write
|
|
|
|
21CA4EA8000
|
unkown
|
page read and write
|
|
|
|
25F000
|
stack
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
2D4F000
|
unkown image
|
page readonly
|
|
|
|
7FF53DED3000
|
unkown image
|
page readonly
|
|
|
|
7FF572828000
|
unkown image
|
page readonly
|
|
|
|
2743000
|
unkown
|
page read and write
|
|
|
|
174E000
|
stack
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7FF53D75A000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7FF573065000
|
unkown image
|
page readonly
|
|
|
|
55CC000
|
heap private
|
page read and write
|
|
|
|
33DFEFF000
|
stack
|
page read and write
|
|
|
|
21CA5450000
|
unkown image
|
page readonly
|
|
|
|
1F64E613000
|
unkown
|
page read and write
|
|
|
|
133D000
|
unkown image
|
page read and write
|
|
|
|
21CAA280000
|
unkown
|
page read and write
|
|
|
|
226BB235000
|
unkown
|
page read and write
|
|
|
|
331C000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
2517000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD4C0000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
17D82E62000
|
unkown
|
page read and write
|
|
|
|
1E7E000
|
unkown image
|
page readonly
|
|
|
|
2D48000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
3530000
|
unkown image
|
page readonly
|
|
|
|
1E5E000
|
unkown image
|
page readonly
|
|
|
|
1D1EBF40000
|
unkown
|
page read and write
|
|
|
|
252C000
|
unkown image
|
page readonly
|
|
|
|
7FF55F115000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
7FF5BD255000
|
unkown image
|
page readonly
|
|
|
|
7FF5D687B000
|
unkown image
|
page readonly
|
|
|
|
15A5000
|
unkown
|
page read and write
|
|
|
|
31AC000
|
unkown image
|
page readonly
|
|
|
|
2D42000
|
unkown image
|
page readonly
|
|
|
|
2A3C000
|
unkown
|
page read and write
|
|
|
|
2502000
|
unkown image
|
page readonly
|
|
|
|
7FF53DC57000
|
unkown image
|
page readonly
|
|
|
|
331D000
|
unkown
|
page read and write
|
|
|
|
17D82CD0000
|
unkown image
|
page readonly
|
|
|
|
21CA5602000
|
unkown
|
page read and write
|
|
|
|
7F260000
|
unkown image
|
page readonly
|
|
|
|
7FF5494D2000
|
unkown image
|
page readonly
|
|
|
|
7FF572F34000
|
unkown image
|
page readonly
|
|
|
|
7F1B0000
|
unkown image
|
page readonly
|
|
|
|
15CB000
|
unkown
|
page read and write
|
|
|
|
7FF572F55000
|
unkown image
|
page readonly
|
|
|
|
42F0000
|
heap private
|
page read and write
|
|
|
|
1F64EAD0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D6870000
|
unkown image
|
page readonly
|
|
|
|
7FF572FF6000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
3390000
|
unkown
|
page read and write
|
|
|
|
C4D33FE000
|
stack
|
page read and write
|
|
|
|
288F000
|
unkown image
|
page readonly
|
|
|
|
1D1EC260000
|
unkown
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
1FAB000
|
unkown image
|
page readonly
|
|
|
|
7FF5D64E1000
|
unkown image
|
page readonly
|
|
|
|
7FF572FE9000
|
unkown image
|
page readonly
|
|
|
|
7FF5D68EB000
|
unkown image
|
page readonly
|
|
|
|
1D1ECE60000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
15CB000
|
unkown
|
page read and write
|
|
|
|
3A50000
|
unkown image
|
page readonly
|
|
|
|
24A5000
|
unkown image
|
page readonly
|
|
|
|
23E1000
|
unkown image
|
page execute read
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
2D5B000
|
unkown image
|
page readonly
|
|
|
|
21A39380000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
2770000
|
unkown image
|
page read and write
|
|
|
|
21CAA6FC000
|
unkown
|
page read and write
|
|
|
|
2F65000
|
unkown
|
page read and write
|
|
|
|
7FF55F111000
|
unkown image
|
page readonly
|
|
|
|
2A47000
|
unkown image
|
page readonly
|
|
|
|
2C30000
|
heap default
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
1D5000
|
heap default
|
page read and write
|
|
|
|
7FF5D6975000
|
unkown image
|
page readonly
|
|
|
|
1F64E6C9000
|
unkown
|
page read and write
|
|
|
|
2747000
|
heap default
|
page read and write
|
|
|
|
7DF5BE9F0000
|
unkown image
|
page readonly
|
|
|
|
7FF572D81000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
27BD000
|
unkown
|
page read and write
|
|
|
|
5F5F000
|
unkown
|
page read and write
|
|
|
|
7F030000
|
unkown image
|
page readonly
|
|
|
|
7FF53DEB6000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7DF5A5BF2000
|
unkown image
|
page readonly
|
|
|
|
7FF5D6906000
|
unkown image
|
page readonly
|
|
|
|
7FF572825000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
7F042000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
6FACE7F000
|
stack
|
page read and write
|
|
|
|
7FF5A470C000
|
unkown image
|
page readonly
|
|
|
|
232C000
|
heap private
|
page read and write
|
|
|
|
2D00000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
4666000
|
unkown
|
page read and write
|
|
|
|
7FF55F203000
|
unkown image
|
page readonly
|
|
|
|
7FF572D64000
|
unkown image
|
page readonly
|
|
|
|
2A3B000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
7DF560652000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
21A39390000
|
unkown image
|
page readonly
|
|
|
|
7DF5744D2000
|
unkown image
|
page readonly
|
|
|
|
7FF5A46C1000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
1D1EC840000
|
unkown image
|
page readonly
|
|
|
|
15C2000
|
unkown
|
page read and write
|
|
|
|
9C000
|
unkown
|
page read and write
|
|
|
|
2B80000
|
unkown image
|
page readonly
|
|
|
|
78A87FE000
|
stack
|
page read and write
|
|
|
|
17D82F02000
|
unkown
|
page read and write
|
|
|
|
7DF5A5BE0000
|
unkown image
|
page readonly
|
|
|
|
1610000
|
unkown
|
page read and write
|
|
|
|
7FF5A46A8000
|
unkown image
|
page readonly
|
|
|
|
201A000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD4B1000
|
unkown image
|
page readonly
|
|
|
|
7DF5744D0000
|
unkown image
|
page readonly
|
|
|
|
21CAA8A0000
|
unkown
|
page read and write
|
|
|
|
227E2902000
|
unkown
|
page read and write
|
|
|
|
7F710000
|
unkown image
|
page readonly
|
|
|
|
256B000
|
unkown image
|
page readonly
|
|
|
|
3100000
|
unkown image
|
page readonly
|
|
|
|
2984000
|
unkown image
|
page readonly
|
|
|
|
1617000
|
unkown
|
page read and write
|
|
|
|
24C7000
|
unkown image
|
page readonly
|
|
|
|
131D000
|
stack
|
page read and write
|
|
|
|
4EC2BFE000
|
stack
|
page read and write
|
|
|
|
1D1EC250000
|
unkown
|
page read and write
|
|
|
|
7F042000
|
unkown image
|
page readonly
|
|
|
|
7FF5A468C000
|
unkown image
|
page readonly
|
|
|
|
7FA80000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7F830000
|
unkown image
|
page readonly
|
|
|
|
6FAD0FF000
|
stack
|
page read and write
|
|
|
|
2FC0000
|
unkown image
|
page readonly
|
|
|
|
2032000
|
unkown image
|
page readonly
|
|
|
|
B5B6B7F000
|
stack
|
page read and write
|
|
|
|
7FF5BD4B5000
|
unkown image
|
page readonly
|
|
|
|
4EC24FB000
|
stack
|
page read and write
|
|
|
|
1636000
|
unkown
|
page read and write
|
|
|
|
7FF5494A1000
|
unkown image
|
page readonly
|
|
|
|
7DF5A5BF2000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
21A38C20000
|
unkown image
|
page readonly
|
|
|
|
31AD000
|
unkown image
|
page read and write
|
|
|
|
29A1000
|
unkown image
|
page readonly
|
|
|
|
7FF53DCE5000
|
unkown image
|
page readonly
|
|
|
|
4B40000
|
unkown image
|
page readonly
|
|
|
|
7FF55F0CC000
|
unkown image
|
page readonly
|
|
|
|
36C0000
|
heap private
|
page read and write
|
|
|
|
B5B6F7E000
|
stack
|
page read and write
|
|
|
|
21CAA41E000
|
unkown
|
page read and write
|
|
|
|
21CAA500000
|
unkown
|
page read and write
|
|
|
|
411F000
|
stack
|
page read and write
|
|
|
|
F0000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
5BE1000
|
unkown
|
page read and write
|
|
|
|
232B000
|
heap private
|
page read and write
|
|
|
|
3440000
|
heap default
|
page read and write
|
|
|
|
32B1000
|
heap default
|
page read and write
|
|
|
|
C4D29FC000
|
unkown
|
page read and write
|
|
|
|
3000000
|
unkown
|
page read and write
|
|
|
|
4CBE000
|
stack
|
page read and write
|
|
|
|
7FAA0000
|
unkown image
|
page readonly
|
|
|
|
6F2DC7E000
|
stack
|
page read and write
|
|
|
|
7FF55F186000
|
unkown image
|
page readonly
|
|
|
|
7FF5A44A9000
|
unkown image
|
page readonly
|
|
|
|
2023000
|
unkown image
|
page readonly
|
|
|
|
3520000
|
heap private
|
page read and write
|
|
|
|
21CAA2F0000
|
unkown
|
page read and write
|
|
|
|
78A808C000
|
unkown
|
page read and write
|
|
|
|
7FF5D666C000
|
unkown image
|
page readonly
|
|
|
|
31F0000
|
unkown image
|
page readonly
|
|
|
|
17D83380000
|
unkown image
|
page readonly
|
|
|
|
7FF5A447D000
|
unkown image
|
page readonly
|
|
|
|
256B000
|
unkown image
|
page readonly
|
|
|
|
7FF573056000
|
unkown image
|
page readonly
|
|
|
|
227E2F40000
|
unkown
|
page read and write
|
|
|
|
27BF000
|
unkown image
|
page readonly
|
|
|
|
7FF572F44000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7FF53DE4C000
|
unkown image
|
page readonly
|
|
|
|
7FF55EFB0000
|
unkown image
|
page readonly
|
|
|
|
7F1A2000
|
unkown image
|
page readonly
|
|
|
|
7DF5BE9F2000
|
unkown image
|
page readonly
|
|
|
|
1F64E671000
|
unkown
|
page read and write
|
|
|
|
1F64E702000
|
unkown
|
page read and write
|
|
|
|
3BD0000
|
heap private
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7F1B0000
|
unkown image
|
page readonly
|
|
|
|
3339000
|
unkown
|
page read and write
|
|
|
|
204B000
|
unkown image
|
page readonly
|
|
|
|
7FF5A445F000
|
unkown image
|
page readonly
|
|
|
|
7F820000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
1F64E629000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
2747000
|
unkown
|
page read and write
|
|
|
|
2D3E000
|
unkown image
|
page readonly
|
|
|
|
2CF0000
|
unkown image
|
page read and write
|
|
|
|
7FF5D6914000
|
unkown image
|
page readonly
|
|
|
|
21CAA570000
|
unkown
|
page read and write
|
|
|
|
7FF5A46C9000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
C80000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
226BB120000
|
unkown image
|
page readonly
|
|
|
|
226BB23D000
|
unkown
|
page read and write
|
|
|
|
17D82E59000
|
unkown
|
page read and write
|
|
|
|
1D78000
|
heap private
|
page read and write
|
|
|
|
7FF572EEC000
|
unkown image
|
page readonly
|
|
|
|
38D0000
|
unkown image
|
page readonly
|
|
|
|
7DF560652000
|
unkown image
|
page readonly
|
|
|
|
331B000
|
unkown
|
page read and write
|
|
|
|
21A38D50000
|
unkown
|
page read and write
|
|
|
|
7FF572BD9000
|
unkown image
|
page readonly
|
|
|
|
7DF5D7DF0000
|
unkown image
|
page readonly
|
|
|
|
1615000
|
unkown
|
page read and write
|
|
|
|
7FF572DD2000
|
unkown image
|
page readonly
|
|
|
|
6F2DCFF000
|
stack
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
2753000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7DF472390000
|
unkown image
|
page readonly
|
|
|
|
7DF5744C2000
|
unkown image
|
page readonly
|
|
|
|
23ED000
|
unkown image
|
page read and write
|
|
|
|
1E3F000
|
unkown image
|
page readonly
|
|
|
|
5BE1000
|
unkown
|
page read and write
|
|
|
|
27C1000
|
unkown image
|
page readonly
|
|
|
|
149E000
|
stack
|
page read and write
|
|
|
|
7FF5BD512000
|
unkown image
|
page readonly
|
|
|
|
7FF53DCEA000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7FF549484000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
31A1000
|
unkown image
|
page execute read
|
|
|
|
2C64000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
26D0000
|
unkown image
|
page readonly
|
|
|
|
227E285C000
|
unkown
|
page read and write
|
|
|
|
160E000
|
unkown
|
page read and write
|
|
|
|
1F51000
|
unkown image
|
page readonly
|
|
|
|
4EC26FD000
|
stack
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
31E0000
|
unkown image
|
page readonly
|
|
|
|
27D0000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
17D82E58000
|
unkown
|
page read and write
|
|
|
|
7F262000
|
unkown image
|
page readonly
|
|
|
|
4CD0000
|
heap private
|
page read and write
|
|
|
|
7DF448880000
|
unkown image
|
page readonly
|
|
|
|
7FF572EE5000
|
unkown image
|
page readonly
|
|
|
|
7DF54A9D0000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
3339000
|
unkown
|
page read and write
|
|
|
|
21CA52D0000
|
unkown image
|
page readonly
|
|
|
|
7DF5D7DE0000
|
unkown image
|
page readonly
|
|
|
|
17D82E70000
|
unkown
|
page read and write
|
|
|
|
29A7000
|
unkown
|
page read and write
|
|
|
|
3490000
|
unkown image
|
page readonly
|
|
|
|
7DF560662000
|
unkown image
|
page readonly
|
|
|
|
7F030000
|
unkown image
|
page readonly
|
|
|
|
1619000
|
unkown
|
page read and write
|
|
|
|
417F000
|
stack
|
page read and write
|
|
|
|
17D82E55000
|
unkown
|
page read and write
|
|
|
|
7DF53F320000
|
unkown image
|
page readonly
|
|
|
|
7F040000
|
unkown image
|
page readonly
|
|
|
|
226BB140000
|
heap default
|
page read and write
|
|
|
|
21CAA612000
|
unkown
|
page read and write
|
|
|
|
307C000
|
unkown
|
page read and write
|
|
|
|
226BB150000
|
unkown image
|
page readonly
|
|
|
|
7F9C0000
|
unkown image
|
page readonly
|
|
|
|
21A39602000
|
unkown
|
page read and write
|
|
|
|
7FF5491E8000
|
unkown image
|
page readonly
|
|
|
|
1F64E600000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7FF53DDE0000
|
unkown image
|
page readonly
|
|
|
|
7DF54A9B0000
|
unkown image
|
page readonly
|
|
|
|
21CA4DC0000
|
unkown image
|
page readonly
|
|
|
|
7FF549491000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
DE0000
|
unkown image
|
page readonly
|
|
|
|
17D82E80000
|
unkown
|
page read and write
|
|
|
|
17D82E13000
|
unkown
|
page read and write
|
|
|
|
2ADA000
|
heap default
|
page read and write
|
|
|
|
2514000
|
unkown image
|
page readonly
|
|
|
|
7FF53D5DC000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
2C80000
|
unkown image
|
page readonly
|
|
|
|
7FF53DDD8000
|
unkown image
|
page readonly
|
|
|
|
7F272000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
1FF7000
|
unkown image
|
page readonly
|
|
|
|
2748000
|
unkown
|
page read and write
|
|
|
|
7F1A0000
|
unkown image
|
page readonly
|
|
|
|
6F2D9BB000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
1331000
|
unkown image
|
page execute read
|
|
|
|
7FF5A4680000
|
unkown image
|
page readonly
|
|
|
|
21CA4E74000
|
unkown
|
page read and write
|
|
|
|
323C000
|
unkown
|
page read and write
|
|
|
|
4FC7000
|
unkown
|
page read and write
|
|
|
|
4665000
|
unkown
|
page read and write
|
|
|
|
7FF572E0A000
|
unkown image
|
page readonly
|
|
|
|
7FF54946F000
|
unkown image
|
page readonly
|
|
|
|
4B9C000
|
heap private
|
page read and write
|
|
|
|
45E0000
|
heap private
|
page read and write
|
|
|
|
21CAA520000
|
unkown
|
page read and write
|
|
|
|
3020000
|
unkown image
|
page readonly
|
|
|
|
26C0000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
1F64EE02000
|
unkown
|
page read and write
|
|
|
|
2FC0000
|
unkown image
|
page readonly
|
|
|
|
2D1C000
|
unkown image
|
page readonly
|
|
|
|
2753000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
21CA55E1000
|
unkown
|
page read and write
|
|
|
|
4EC28FD000
|
stack
|
page read and write
|
|
|
|
156B000
|
heap default
|
page read and write
|
|
|
|
243D000
|
unkown image
|
page readonly
|
|
|
|
55CC000
|
heap private
|
page read and write
|
|
|
|
C70000
|
unkown image
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7DF5744C0000
|
unkown image
|
page readonly
|
|
|
|
7FF548DE4000
|
unkown image
|
page readonly
|
|
|
|
21CAA6DF000
|
unkown
|
page read and write
|
|
|
|
21CA5615000
|
unkown
|
page read and write
|
|
|
|
B5B6E7D000
|
stack
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
7F9D2000
|
unkown image
|
page readonly
|
|
|
|
4220000
|
unkown
|
page read and write
|
|
|
|
7DF5A5BE2000
|
unkown image
|
page readonly
|
|
|
|
4720000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
21CAA661000
|
unkown
|
page read and write
|
|
|
|
232D000
|
heap private
|
page read and write
|
|
|
|
32D8000
|
unkown
|
page read and write
|
|
|
|
227E2840000
|
unkown
|
page read and write
|
|
|
|
227E2770000
|
unkown image
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
1D1EBF20000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD50C000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
28CE000
|
unkown image
|
page readonly
|
|
|
|
42CC000
|
stack
|
page read and write
|
|
|
|
7FF572FEC000
|
unkown image
|
page readonly
|
|
|
|
21A39000000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
2440000
|
unkown image
|
page readonly
|
|
|
|
145F000
|
stack
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
F84000
|
unkown
|
page read and write
|
|
|
|
23CC000
|
stack
|
page read and write
|
|
|
|
2AD0000
|
heap default
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
2C84000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
7F812000
|
unkown image
|
page readonly
|
|
|
|
7DF560660000
|
unkown image
|
page readonly
|
|
|
|
1F64EC60000
|
unkown image
|
page readonly
|
|
|
|
21CAA410000
|
unkown
|
page read and write
|
|
|
|
1D1EBF60000
|
unkown
|
page read and write
|
|
|
|
7DF53F330000
|
unkown image
|
page readonly
|
|
|
|
1F0E000
|
stack
|
page read and write
|
|
|
|
7F050000
|
unkown image
|
page readonly
|
|
|
|
226BB190000
|
unkown
|
page read and write
|
|
|
|
2C7D000
|
unkown image
|
page readonly
|
|
|
|
2DB0000
|
unkown image
|
page readonly
|
|
|
|
2D50000
|
unkown image
|
page readonly
|
|
|
|
7F9C2000
|
unkown image
|
page readonly
|
|
|
|
2411000
|
unkown image
|
page readonly
|
|
|
|
7FF572FC5000
|
unkown image
|
page readonly
|
|
|
|
7FF572FDB000
|
unkown image
|
page readonly
|
|
|
|
1295000
|
unkown
|
page execute and read and write
|
|
|
|
21CA4E58000
|
unkown
|
page read and write
|
|
|
|
F62000
|
unkown
|
page read and write
|
|
|
|
15D4000
|
unkown
|
page read and write
|
|
|
|
3080000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7FF572C2C000
|
unkown image
|
page readonly
|
|
|
|
7F1B2000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7DF54A9B0000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
1ECD000
|
stack
|
page read and write
|
|
|
|
3078000
|
unkown
|
page read and write
|
|
|
|
21CAA440000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
1E21000
|
unkown image
|
page readonly
|
|
|
|
7DF5A5BE0000
|
unkown image
|
page readonly
|
|
|
|
7FF53DE25000
|
unkown image
|
page readonly
|
|
|
|
241A000
|
unkown image
|
page readonly
|
|
|
|
1040000
|
unkown
|
page read and write
|
|
|
|
246A000
|
unkown image
|
page readonly
|
|
|
|
55CA000
|
heap private
|
page read and write
|
|
|
|
4F3A000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
3730000
|
unkown image
|
page readonly
|
|
|
|
15CC000
|
unkown
|
page read and write
|
|
|
|
6F2DEFD000
|
stack
|
page read and write
|
|
|
|
7FF572C63000
|
unkown image
|
page readonly
|
|
|
|
7FF55F0FC000
|
unkown image
|
page readonly
|
|
|
|
1D1EC06F000
|
unkown
|
page read and write
|
|
|
|
3316000
|
unkown
|
page read and write
|
|
|
|
34E0000
|
heap default
|
page read and write
|
|
|
|
1F64E550000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
5CE1000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
3040000
|
stack
|
page read and write
|
|
|
|
72BAC000
|
unkown image
|
page write copy
|
|
|
|
2540000
|
unkown image
|
page readonly
|
|
|
|
7F812000
|
unkown image
|
page readonly
|
|
|
|
1E8B000
|
stack
|
page read and write
|
|
|
|
2D5C000
|
unkown
|
page read and write
|
|
|
|
72B91000
|
unkown image
|
page execute read
|
|
|
|
B5B634B000
|
unkown
|
page read and write
|
|
|
|
2868000
|
unkown
|
page read and write
|
|
|
|
21CA50D0000
|
unkown image
|
page readonly
|
|
|
|
4620000
|
unkown
|
page read and write
|
|
|
|
29C4000
|
unkown image
|
page readonly
|
|
|
|
34EA000
|
heap default
|
page read and write
|
|
|
|
7FF5BD259000
|
unkown image
|
page readonly
|
|
|
|
72BAE000
|
unkown image
|
page read and write
|
|
|
|
1E5A000
|
unkown image
|
page readonly
|
|
|
|
7F1C0000
|
unkown image
|
page readonly
|
|
|
|
7F050000
|
unkown image
|
page readonly
|
|
|
|
21CA5700000
|
unkown
|
page read and write
|
|
|
|
7FF55F203000
|
unkown image
|
page readonly
|
|
|
|
21CAA570000
|
unkown
|
page read and write
|
|
|
|
7FF5D6813000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD486000
|
unkown image
|
page readonly
|
|
|
|
1D1EC009000
|
heap default
|
page read and write
|
|
|
|
32B5000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7F9E0000
|
unkown image
|
page readonly
|
|
|
|
1F64E570000
|
unkown image
|
page readonly
|
|
|
|
21E000
|
stack
|
page read and write
|
|
|
|
421F000
|
stack
|
page read and write
|
|
|
|
7DF5D7DD2000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
32A8000
|
unkown
|
page read and write
|
|
|
|
2FF0000
|
unkown image
|
page readonly
|
|
|
|
21CA4D80000
|
unkown image
|
page readonly
|
|
|
|
7FF572F40000
|
unkown image
|
page readonly
|
|
|
|
1550000
|
heap default
|
page read and write
|
|
|
|
72BAB000
|
unkown image
|
page read and write
|
|
|
|
3B9D000
|
stack
|
page read and write
|
|
|
|
7FF572F85000
|
unkown image
|
page readonly
|
|
|
|
2BE0000
|
unkown image
|
page readonly
|
|
|
|
21CAA6E3000
|
unkown
|
page read and write
|
|
|
|
286C000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
6FAD1FE000
|
stack
|
page read and write
|
|
|
|
21CA4E90000
|
unkown
|
page read and write
|
|
|
|
7FF53D704000
|
unkown image
|
page readonly
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
1F64E6C1000
|
unkown
|
page read and write
|
|
|
|
17D82C90000
|
unkown image
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7FF5BD302000
|
unkown image
|
page readonly
|
|
|
|
21A38D30000
|
unkown image
|
page readonly
|
|
|
|
7FF55EF35000
|
unkown image
|
page readonly
|
|
|
|
1F7F000
|
unkown image
|
page readonly
|
|
|
|
7DF5A5BF0000
|
unkown image
|
page readonly
|
|
|
|
1D1EBFF0000
|
unkown
|
page read and write
|
|
|
|
3318000
|
unkown
|
page read and write
|
|
|
|
2A80000
|
unkown image
|
page readonly
|
|
|
|
C4D30FD000
|
stack
|
page read and write
|
|
|
|
1D1EC299000
|
heap private
|
page read and write
|
|
|
|
55CD000
|
heap private
|
page read and write
|
|
|
|
27BE000
|
heap default
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
401F000
|
stack
|
page read and write
|
|
|
|
32B1000
|
unkown
|
page read and write
|
|
|
|
1D1EC290000
|
heap private
|
page read and write
|
|
|
|
72BAC000
|
unkown image
|
page write copy
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
21CAA550000
|
unkown
|
page read and write
|
|
|
|
2742000
|
unkown
|
page read and write
|
|
|
|
7FF55EF9E000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
24FE000
|
unkown image
|
page readonly
|
|
|
|
511F000
|
stack
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
1D1EBED0000
|
unkown image
|
page read and write
|
|
|
|
2434000
|
unkown image
|
page readonly
|
|
|
|
7DF5BEA02000
|
unkown image
|
page readonly
|
|
|
|
7DF5BEA00000
|
unkown image
|
page readonly
|
|
|
|
30B5000
|
heap default
|
page read and write
|
|
|
|
204B000
|
unkown image
|
page readonly
|
|
|
|
7FF55E98F000
|
unkown image
|
page readonly
|
|
|
|
4C3B000
|
stack
|
page read and write
|
|
|
|
595D000
|
stack
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
1FA6000
|
unkown image
|
page readonly
|
|
|
|
1F64ED40000
|
unkown image
|
page write copy
|
|
|
|
40000
|
unkown image
|
page readonly
|
|
|
|
340E000
|
stack
|
page read and write
|
|
|
|
519F000
|
stack
|
page read and write
|
|
|
|
7FF53D768000
|
unkown image
|
page readonly
|
|
|
|
7DF54A9D0000
|
unkown image
|
page readonly
|
|
|
|
7DF5D7DE0000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
C4D2FFE000
|
stack
|
page read and write
|
|
|
|
27F0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A44F2000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
17D82E29000
|
unkown
|
page read and write
|
|
|
|
7FF5BD521000
|
unkown image
|
page readonly
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7DF5BEA00000
|
unkown image
|
page readonly
|
|
|
|
4EC25FE000
|
stack
|
page read and write
|
|
|
|
7FF572F7F000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
7FF5D6879000
|
unkown image
|
page readonly
|
|
|
|
2D14000
|
unkown image
|
page readonly
|
|
|
|
17D83200000
|
unkown image
|
page readonly
|
|
|
|
3527000
|
heap private
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
4FF0000
|
unkown
|
page read and write
|
|
|
|
3075000
|
stack
|
page execute and read and write
|
|
|
|
461D000
|
stack
|
page read and write
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
3190000
|
stack
|
page read and write
|
|
|
|
226BBA15000
|
unkown
|
page read and write
|
|
|
|
1FFF000
|
unkown image
|
page readonly
|
|
|
|
1F64E68A000
|
unkown
|
page read and write
|
|
|
|
26F0000
|
heap default
|
page read and write
|
|
|
|
7FF572BE4000
|
unkown image
|
page readonly
|
|
|
|
331D000
|
unkown
|
page read and write
|
|
|
|
7DF5744C2000
|
unkown image
|
page readonly
|
|
|
|
260000
|
unkown
|
page read and write
|
|
|
|
32B1000
|
unkown
|
page read and write
|
|
|
|
7FF5A4709000
|
unkown image
|
page readonly
|
|
|
|
17D82E40000
|
unkown
|
page read and write
|
|
|
|
7DF5A5C00000
|
unkown image
|
page readonly
|
|
|
|
7DF560650000
|
unkown image
|
page readonly
|
|
|
|
32A3000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
7FF572F50000
|
unkown image
|
page readonly
|
|
|
|
29FB000
|
unkown image
|
page readonly
|
|
|
|
248D000
|
unkown image
|
page readonly
|
|
|
|
1612000
|
unkown
|
page read and write
|
|
|
|
29CF000
|
unkown image
|
page readonly
|
|
|
|
227E2F70000
|
unkown
|
page read and write
|
|
|
|
17D82E6C000
|
unkown
|
page read and write
|
|
|
|
1D1EBF80000
|
unkown image
|
page readonly
|
|
|
|
226BB100000
|
unkown image
|
page readonly
|
|
|
|
7FF5D6795000
|
unkown image
|
page readonly
|
|
|
|
7FF55F131000
|
unkown image
|
page readonly
|
|
|
|
7DF5D7DD0000
|
unkown image
|
page readonly
|
|
|
|
7FF572E25000
|
unkown image
|
page readonly
|
|
|
|
7FF55F172000
|
unkown image
|
page readonly
|
|
|
|
158E000
|
unkown
|
page read and write
|
|
|
|
451F000
|
stack
|
page read and write
|
|
|
|
7FF5D6898000
|
unkown image
|
page readonly
|
|
There are 1634 hidden memdumps, click here to show them.