Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
REVGKXx6Ns.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\~DF6497174BCC55AD21.TMP
|
Unknown
|
dropped
|
 |
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\REVGKXx6Ns.exe
|
"C:\Users\user\Desktop\REVGKXx6Ns.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://topqualityfreeware.com
|
unknown
|
|
|
|
http://www.topqualityfreeware.com/
|
unknown
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2180000
|
unkown
|
page execute and read and write
|
|
|
|
23417C02000
|
unkown
|
page read and write
|
|
|
|
7FF50F6CA000
|
unkown image
|
page readonly
|
|
|
|
23418250000
|
unkown image
|
page readonly
|
|
|
|
23417C4E000
|
unkown
|
page read and write
|
|
|
|
1941C392000
|
unkown
|
page read and write
|
|
|
|
1941C395000
|
unkown
|
page read and write
|
|
|
|
23418402000
|
unkown
|
page read and write
|
|
|
|
1941C963000
|
unkown
|
page read and write
|
|
|
|
1941C39D000
|
unkown
|
page read and write
|
|
|
|
7FF50F6C4000
|
unkown image
|
page readonly
|
|
|
|
7FFD0000
|
unkown image
|
page readonly
|
|
|
|
7FF54E2BB000
|
unkown image
|
page readonly
|
|
|
|
1941BA78000
|
unkown
|
page read and write
|
|
|
|
1941BB13000
|
unkown
|
page read and write
|
|
|
|
620000
|
unkown
|
page read and write
|
|
|
|
23417BE0000
|
unkown image
|
page readonly
|
|
|
|
7FF569BAD000
|
unkown image
|
page readonly
|
|
|
|
7FF54E38F000
|
unkown image
|
page readonly
|
|
|
|
27A160FE000
|
unkown
|
page read and write
|
|
|
|
23417C4A000
|
unkown
|
page read and write
|
|
|
|
7FF50F4C1000
|
unkown image
|
page readonly
|
|
|
|
1941BA4B000
|
unkown
|
page read and write
|
|
|
|
7DF57F4E0000
|
unkown image
|
page readonly
|
|
|
|
1CDAF04B000
|
unkown
|
page read and write
|
|
|
|
7FF5A854E000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD697000
|
unkown image
|
page readonly
|
|
|
|
4BDF000
|
stack
|
page read and write
|
|
|
|
7DF5BD680000
|
unkown image
|
page readonly
|
|
|
|
1CDAF802000
|
unkown
|
page read and write
|
|
|
|
CBA7DCF000
|
stack
|
page read and write
|
|
|
|
1CDAF108000
|
unkown
|
page read and write
|
|
|
|
7FF54DF86000
|
unkown image
|
page readonly
|
|
|
|
7FF54DC0D000
|
unkown image
|
page readonly
|
|
|
|
7DF57F4E0000
|
unkown image
|
page readonly
|
|
|
|
4B0000
|
unkown image
|
page readonly
|
|
|
|
1941BA70000
|
unkown
|
page read and write
|
|
|
|
21C0000
|
heap private
|
page read and write
|
|
|
|
7FF54E40A000
|
unkown image
|
page readonly
|
|
|
|
CBA817F000
|
stack
|
page read and write
|
|
|
|
CBA80FE000
|
stack
|
page read and write
|
|
|
|
1EE68FB000
|
stack
|
page read and write
|
|
|
|
1A0000
|
unkown image
|
page readonly
|
|
|
|
7DF5BD660000
|
unkown image
|
page readonly
|
|
|
|
7FF50F659000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD5D3000
|
unkown image
|
page readonly
|
|
|
|
1941C39F000
|
unkown
|
page read and write
|
|
|
|
7FFC2000
|
unkown image
|
page readonly
|
|
|
|
7FF56A3DD000
|
unkown image
|
page readonly
|
|
|
|
334000
|
unkown
|
page read and write
|
|
|
|
7FF4FD6F9000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD6DF000
|
unkown image
|
page readonly
|
|
|
|
7FF54E3C0000
|
unkown image
|
page readonly
|
|
|
|
7FF54E439000
|
unkown image
|
page readonly
|
|
|
|
7DF512802000
|
unkown image
|
page readonly
|
|
|
|
7FEB0000
|
unkown image
|
page readonly
|
|
|
|
1941C3A7000
|
unkown
|
page read and write
|
|
|
|
7DF563532000
|
unkown image
|
page readonly
|
|
|
|
1941B870000
|
unkown image
|
page readonly
|
|
|
|
1941C963000
|
unkown
|
page read and write
|
|
|
|
1941B850000
|
unkown image
|
page read and write
|
|
|
|
A79007F000
|
stack
|
page read and write
|
|
|
|
23417ED0000
|
unkown image
|
page readonly
|
|
|
|
1941C39F000
|
unkown
|
page read and write
|
|
|
|
4D1F000
|
stack
|
page read and write
|
|
|
|
2AC8177000
|
stack
|
page read and write
|
|
|
|
1CDAEF80000
|
unkown image
|
page readonly
|
|
|
|
4C0000
|
unkown
|
page read and write
|
|
|
|
23417B70000
|
heap private
|
page read and write
|
|
|
|
7DF57F4E2000
|
unkown image
|
page readonly
|
|
|
|
426000
|
unkown image
|
page readonly
|
|
|
|
1941B860000
|
heap private
|
page read and write
|
|
|
|
7FF54E394000
|
unkown image
|
page readonly
|
|
|
|
23417B80000
|
unkown image
|
page readonly
|
|
|
|
2AC81FE000
|
stack
|
page read and write
|
|
|
|
1941C38D000
|
unkown
|
page read and write
|
|
|
|
7DF563530000
|
unkown image
|
page readonly
|
|
|
|
7FF50F4DE000
|
unkown image
|
page readonly
|
|
|
|
64A000
|
heap default
|
page read and write
|
|
|
|
296F6980000
|
unkown image
|
page readonly
|
|
|
|
7FF50F60F000
|
unkown image
|
page readonly
|
|
|
|
27A160F7000
|
unkown
|
page read and write
|
|
|
|
7FF54E17B000
|
unkown image
|
page readonly
|
|
|
|
1941C902000
|
unkown
|
page read and write
|
|
|
|
1941BADF000
|
unkown
|
page read and write
|
|
|
|
A78FCF7000
|
stack
|
page read and write
|
|
|
|
1CDAF047000
|
unkown
|
page read and write
|
|
|
|
27A160E1000
|
unkown
|
page read and write
|
|
|
|
296F6488000
|
unkown
|
page read and write
|
|
|
|
7FF56A241000
|
unkown image
|
page readonly
|
|
|
|
940000
|
unkown image
|
page readonly
|
|
|
|
23417C6D000
|
unkown
|
page read and write
|
|
|
|
7FF56A38C000
|
unkown image
|
page readonly
|
|
|
|
27A16010000
|
heap private
|
page read and write
|
|
|
|
A78FD7F000
|
stack
|
page read and write
|
|
|
|
7FF4FD685000
|
unkown image
|
page readonly
|
|
|
|
296F6502000
|
unkown
|
page read and write
|
|
|
|
20E0000
|
unkown image
|
page read and write
|
|
|
|
22D0000
|
unkown
|
page read and write
|
|
|
|
1941C389000
|
unkown
|
page read and write
|
|
|
|
7FF50F5F7000
|
unkown image
|
page readonly
|
|
|
|
7FF5A85E1000
|
unkown image
|
page readonly
|
|
|
|
7FF54E2C8000
|
unkown image
|
page readonly
|
|
|
|
1941B9A0000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD66A000
|
unkown image
|
page readonly
|
|
|
|
1941C802000
|
unkown
|
page read and write
|
|
|
|
7DF5127F0000
|
unkown image
|
page readonly
|
|
|
|
7FF56A38F000
|
unkown image
|
page readonly
|
|
|
|
7FF50F4DB000
|
unkown image
|
page readonly
|
|
|
|
1CDAF070000
|
unkown
|
page read and write
|
|
|
|
7FF50EE2D000
|
unkown image
|
page readonly
|
|
|
|
1941C39F000
|
unkown
|
page read and write
|
|
|
|
1CDAF000000
|
unkown
|
page read and write
|
|
|
|
7FF5A8528000
|
unkown image
|
page readonly
|
|
|
|
7FFB2000
|
unkown image
|
page readonly
|
|
|
|
1941BAAC000
|
unkown
|
page read and write
|
|
|
|
23417C13000
|
unkown
|
page read and write
|
|
|
|
1941C38C000
|
unkown
|
page read and write
|
|
|
|
27A15FD0000
|
unkown
|
page read and write
|
|
|
|
23417C4B000
|
unkown
|
page read and write
|
|
|
|
1941BF80000
|
unkown image
|
page readonly
|
|
|
|
7FF56A221000
|
unkown image
|
page readonly
|
|
|
|
27A16040000
|
unkown image
|
page readonly
|
|
|
|
22C5000
|
heap private
|
page read and write
|
|
|
|
7DF524750000
|
unkown image
|
page readonly
|
|
|
|
1941C38E000
|
unkown
|
page read and write
|
|
|
|
296F6452000
|
unkown
|
page read and write
|
|
|
|
7DF57F4D2000
|
unkown image
|
page readonly
|
|
|
|
1941C300000
|
unkown
|
page read and write
|
|
|
|
1941BAD6000
|
unkown
|
page read and write
|
|
|
|
7FF5A85DA000
|
unkown image
|
page readonly
|
|
|
|
7FF50F1B5000
|
unkown image
|
page readonly
|
|
|
|
7FF54E4B2000
|
unkown image
|
page readonly
|
|
|
|
1941C318000
|
unkown
|
page read and write
|
|
|
|
7FF54E414000
|
unkown image
|
page readonly
|
|
|
|
1CDAEF50000
|
unkown image
|
page readonly
|
|
|
|
7FF56A36B000
|
unkown image
|
page readonly
|
|
|
|
296F62A0000
|
unkown image
|
page readonly
|
|
|
|
7DF57F4D0000
|
unkown image
|
page readonly
|
|
|
|
7FF50F1A0000
|
unkown image
|
page readonly
|
|
|
|
7DF57F4E2000
|
unkown image
|
page readonly
|
|
|
|
4E0000
|
heap default
|
page read and write
|
|
|
|
1941BA50000
|
unkown
|
page read and write
|
|
|
|
7DF563550000
|
unkown image
|
page readonly
|
|
|
|
7FF54E186000
|
unkown image
|
page readonly
|
|
|
|
7FFB2000
|
unkown image
|
page readonly
|
|
|
|
296F6508000
|
unkown
|
page read and write
|
|
|
|
7FF50F5CA000
|
unkown image
|
page readonly
|
|
|
|
A78FE7D000
|
stack
|
page read and write
|
|
|
|
296F644D000
|
unkown
|
page read and write
|
|
|
|
3050000
|
unkown
|
page read and write
|
|
|
|
1941C39D000
|
unkown
|
page read and write
|
|
|
|
A78FF7E000
|
stack
|
page read and write
|
|
|
|
7FF56A360000
|
unkown image
|
page readonly
|
|
|
|
296F6600000
|
unkown image
|
page readonly
|
|
|
|
1941C3C1000
|
unkown
|
page read and write
|
|
|
|
1CDAEF50000
|
unkown image
|
page readonly
|
|
|
|
1941C39D000
|
unkown
|
page read and write
|
|
|
|
7FF5A8270000
|
unkown image
|
page readonly
|
|
|
|
296F6280000
|
unkown image
|
page readonly
|
|
|
|
CBA8079000
|
stack
|
page read and write
|
|
|
|
7FFC0000
|
unkown image
|
page readonly
|
|
|
|
7FF50F5CC000
|
unkown image
|
page readonly
|
|
|
|
7FF50F6D1000
|
unkown image
|
page readonly
|
|
|
|
7FF56A397000
|
unkown image
|
page readonly
|
|
|
|
296F6470000
|
unkown
|
page read and write
|
|
|
|
7FF54E3EF000
|
unkown image
|
page readonly
|
|
|
|
1941C362000
|
unkown
|
page read and write
|
|
|
|
7FF4FD240000
|
unkown image
|
page readonly
|
|
|
|
23417C51000
|
unkown
|
page read and write
|
|
|
|
7FF54DF80000
|
unkown image
|
page readonly
|
|
|
|
7FF54E201000
|
unkown image
|
page readonly
|
|
|
|
7DF524760000
|
unkown image
|
page readonly
|
|
|
|
23417D13000
|
unkown
|
page read and write
|
|
|
|
7FF56A444000
|
unkown image
|
page readonly
|
|
|
|
7DF524760000
|
unkown image
|
page readonly
|
|
|
|
22C0000
|
heap private
|
page read and write
|
|
|
|
296F6400000
|
unkown
|
page read and write
|
|
|
|
7FF50F64E000
|
unkown image
|
page readonly
|
|
|
|
7DF524770000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD4D1000
|
unkown image
|
page readonly
|
|
|
|
610000
|
heap private
|
page read and write
|
|
|
|
7DF461400000
|
unkown image
|
page readonly
|
|
|
|
7FF54E1F6000
|
unkown image
|
page readonly
|
|
|
|
1941C902000
|
unkown
|
page read and write
|
|
|
|
7FF54E3BA000
|
unkown image
|
page readonly
|
|
|
|
1941BA57000
|
unkown
|
page read and write
|
|
|
|
7FF54DFD5000
|
unkown image
|
page readonly
|
|
|
|
1941C3A9000
|
unkown
|
page read and write
|
|
|
|
40000
|
unkown image
|
page readonly
|
|
|
|
4D0000
|
unkown
|
page execute read
|
|
|
|
7FF4FD400000
|
unkown image
|
page readonly
|
|
|
|
1CDAF03C000
|
unkown
|
page read and write
|
|
|
|
7DF563540000
|
unkown image
|
page readonly
|
|
|
|
7FF50F656000
|
unkown image
|
page readonly
|
|
|
|
1941C313000
|
unkown
|
page read and write
|
|
|
|
1941C800000
|
unkown
|
page read and write
|
|
|
|
23417C70000
|
unkown
|
page read and write
|
|
|
|
1941C362000
|
unkown
|
page read and write
|
|
|
|
7FFC0000
|
unkown image
|
page readonly
|
|
|
|
7FF54E32C000
|
unkown image
|
page readonly
|
|
|
|
1941C398000
|
unkown
|
page read and write
|
|
|
|
1941BA29000
|
unkown
|
page read and write
|
|
|
|
7DF4106C0000
|
unkown image
|
page readonly
|
|
|
|
1941BA55000
|
unkown
|
page read and write
|
|
|
|
1941C202000
|
unkown
|
page read and write
|
|
|
|
23417C8A000
|
unkown
|
page read and write
|
|
|
|
1941BA67000
|
unkown
|
page read and write
|
|
|
|
7FF5A8558000
|
unkown image
|
page readonly
|
|
|
|
A78F7AB000
|
unkown
|
page read and write
|
|
|
|
7FF50F648000
|
unkown image
|
page readonly
|
|
|
|
7FF56A3D6000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD6B7000
|
unkown image
|
page readonly
|
|
|
|
7FF56A3BF000
|
unkown image
|
page readonly
|
|
|
|
1941BA4C000
|
unkown
|
page read and write
|
|
|
|
1941C34A000
|
unkown
|
page read and write
|
|
|
|
7FF4FD67E000
|
unkown image
|
page readonly
|
|
|
|
23417BB0000
|
unkown image
|
page readonly
|
|
|
|
7FF56A3C8000
|
unkown image
|
page readonly
|
|
|
|
CD0000
|
unkown image
|
page readonly
|
|
|
|
7FFC2000
|
unkown image
|
page readonly
|
|
|
|
7DF524762000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD771000
|
unkown image
|
page readonly
|
|
|
|
1EE667F000
|
stack
|
page read and write
|
|
|
|
7FF569F26000
|
unkown image
|
page readonly
|
|
|
|
1941BE00000
|
unkown image
|
page readonly
|
|
|
|
2AC7C7F000
|
stack
|
page read and write
|
|
|
|
7FF54DFD7000
|
unkown image
|
page readonly
|
|
|
|
7FF54E4B1000
|
unkown image
|
page readonly
|
|
|
|
7FF56A0E0000
|
unkown image
|
page readonly
|
|
|
|
7FF56A203000
|
unkown image
|
page readonly
|
|
|
|
1941C0E0000
|
unkown
|
page read and write
|
|
|
|
22C8000
|
heap private
|
page read and write
|
|
|
|
2200000
|
heap private
|
page read and write
|
|
|
|
7FF50F389000
|
unkown image
|
page readonly
|
|
|
|
7FF50F52D000
|
unkown image
|
page readonly
|
|
|
|
7DF512810000
|
unkown image
|
page readonly
|
|
|
|
1941B9F0000
|
unkown image
|
page readonly
|
|
|
|
296F6450000
|
unkown
|
page read and write
|
|
|
|
7DF524750000
|
unkown image
|
page readonly
|
|
|
|
7FF54DD13000
|
unkown image
|
page readonly
|
|
|
|
296F6C02000
|
unkown
|
page read and write
|
|
|
|
400000
|
unkown image
|
page readonly
|
|
|
|
B40000
|
unkown image
|
page readonly
|
|
|
|
7FF56A3D9000
|
unkown image
|
page readonly
|
|
|
|
1CDAEF70000
|
unkown image
|
page readonly
|
|
|
|
1941C39F000
|
unkown
|
page read and write
|
|
|
|
1941C37C000
|
unkown
|
page read and write
|
|
|
|
1CDAF650000
|
unkown image
|
page readonly
|
|
|
|
23417C3C000
|
unkown
|
page read and write
|
|
|
|
7FF56A25E000
|
unkown image
|
page readonly
|
|
|
|
23417D02000
|
unkown
|
page read and write
|
|
|
|
7FF54E140000
|
unkown image
|
page readonly
|
|
|
|
1941C86A000
|
unkown
|
page read and write
|
|
|
|
1941C3A9000
|
unkown
|
page read and write
|
|
|
|
2AC7E79000
|
stack
|
page read and write
|
|
|
|
1941BA13000
|
unkown
|
page read and write
|
|
|
|
1941C3CE000
|
unkown
|
page read and write
|
|
|
|
1941C3C0000
|
unkown
|
page read and write
|
|
|
|
1941BAC5000
|
unkown
|
page read and write
|
|
|
|
1941C3A1000
|
unkown
|
page read and write
|
|
|
|
1941B870000
|
unkown image
|
page readonly
|
|
|
|
7DF57F4F0000
|
unkown image
|
page readonly
|
|
|
|
1CDAF04D000
|
unkown
|
page read and write
|
|
|
|
27A1610F000
|
unkown
|
page read and write
|
|
|
|
7DF5BD670000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD541000
|
unkown image
|
page readonly
|
|
|
|
7FF50F5DA000
|
unkown image
|
page readonly
|
|
|
|
7FF50F4A1000
|
unkown image
|
page readonly
|
|
|
|
1CDAEFD0000
|
unkown
|
page read and write
|
|
|
|
7FF54E324000
|
unkown image
|
page readonly
|
|
|
|
1941C37E000
|
unkown
|
page read and write
|
|
|
|
7FF5A85E2000
|
unkown image
|
page readonly
|
|
|
|
7FF5A85D4000
|
unkown image
|
page readonly
|
|
|
|
7DF512810000
|
unkown image
|
page readonly
|
|
|
|
1941BC00000
|
unkown image
|
page readonly
|
|
|
|
7FF54E3D7000
|
unkown image
|
page readonly
|
|
|
|
1941BAFB000
|
unkown
|
page read and write
|
|
|
|
296F6500000
|
unkown
|
page read and write
|
|
|
|
7FF4FD57E000
|
unkown image
|
page readonly
|
|
|
|
7FF54E281000
|
unkown image
|
page readonly
|
|
|
|
7DF5BD680000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD6EE000
|
unkown image
|
page readonly
|
|
|
|
1941C3A7000
|
unkown
|
page read and write
|
|
|
|
1CDAF100000
|
unkown
|
page read and write
|
|
|
|
296F6800000
|
unkown image
|
page readonly
|
|
|
|
7FF56A0D7000
|
unkown image
|
page readonly
|
|
|
|
1941C380000
|
unkown
|
page read and write
|
|
|
|
7DF524752000
|
unkown image
|
page readonly
|
|
|
|
EB7F0FF000
|
stack
|
page read and write
|
|
|
|
1CDAF102000
|
unkown
|
page read and write
|
|
|
|
7FF4FD680000
|
unkown image
|
page readonly
|
|
|
|
7FF54E3AC000
|
unkown image
|
page readonly
|
|
|
|
7FF50F5EB000
|
unkown image
|
page readonly
|
|
|
|
27A16015000
|
heap private
|
page read and write
|
|
|
|
630000
|
unkown
|
page read and write
|
|
|
|
7DF512800000
|
unkown image
|
page readonly
|
|
|
|
23417C00000
|
unkown
|
page read and write
|
|
|
|
7DF57F4F0000
|
unkown image
|
page readonly
|
|
|
|
7FF54DF22000
|
unkown image
|
page readonly
|
|
|
|
338000
|
unkown
|
page read and write
|
|
|
|
1CDAF4D0000
|
unkown image
|
page readonly
|
|
|
|
7DF5BD672000
|
unkown image
|
page readonly
|
|
|
|
7FF56A1B1000
|
unkown image
|
page readonly
|
|
|
|
7FF50F60C000
|
unkown image
|
page readonly
|
|
|
|
1941BA4D000
|
unkown
|
page read and write
|
|
|
|
7FF50F5E0000
|
unkown image
|
page readonly
|
|
|
|
23417C29000
|
unkown
|
page read and write
|
|
|
|
7FF54E3EC000
|
unkown image
|
page readonly
|
|
|
|
7FF56A365000
|
unkown image
|
page readonly
|
|
|
|
296F643C000
|
unkown
|
page read and write
|
|
|
|
1941BB16000
|
unkown
|
page read and write
|
|
|
|
1EE6BFE000
|
stack
|
page read and write
|
|
|
|
1941BAA1000
|
unkown
|
page read and write
|
|
|
|
7FF54DD17000
|
unkown image
|
page readonly
|
|
|
|
27A160E6000
|
heap default
|
page read and write
|
|
|
|
7FF54E26A000
|
unkown image
|
page readonly
|
|
|
|
27A15EE0000
|
unkown image
|
page readonly
|
|
|
|
401000
|
unkown image
|
page execute read
|
|
|
|
2AC7F77000
|
stack
|
page read and write
|
|
|
|
7FF54E1F4000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD6D4000
|
unkown image
|
page readonly
|
|
|
|
5E0000
|
unkown
|
page read and write
|
|
|
|
7FF5A8569000
|
unkown image
|
page readonly
|
|
|
|
1941C802000
|
unkown
|
page read and write
|
|
|
|
7FF56A3B4000
|
unkown image
|
page readonly
|
|
|
|
2FD8000
|
unkown image
|
page read and write
|
|
|
|
23418330000
|
unkown
|
page read and write
|
|
|
|
7FF569F35000
|
unkown image
|
page readonly
|
|
|
|
296F648E000
|
unkown
|
page read and write
|
|
|
|
7FF54E3C5000
|
unkown image
|
page readonly
|
|
|
|
1CDAF04F000
|
unkown
|
page read and write
|
|
|
|
1941BABE000
|
unkown
|
page read and write
|
|
|
|
296F6280000
|
unkown image
|
page readonly
|
|
|
|
1941BB08000
|
unkown
|
page read and write
|
|
|
|
7DF5BD672000
|
unkown image
|
page readonly
|
|
|
|
7FF54DF95000
|
unkown image
|
page readonly
|
|
|
|
7FF50F544000
|
unkown image
|
page readonly
|
|
|
|
23417D00000
|
unkown
|
page read and write
|
|
|
|
7FF54E4A4000
|
unkown image
|
page readonly
|
|
|
|
7DF5127F2000
|
unkown image
|
page readonly
|
|
|
|
2A10000
|
unkown
|
page read and write
|
|
|
|
1941C3A3000
|
unkown
|
page read and write
|
|
|
|
7FF4FD772000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD6FD000
|
unkown image
|
page readonly
|
|
|
|
7FF56A377000
|
unkown image
|
page readonly
|
|
|
|
7FF54E373000
|
unkown image
|
page readonly
|
|
|
|
7FF56A452000
|
unkown image
|
page readonly
|
|
|
|
1941BAB2000
|
unkown
|
page read and write
|
|
|
|
7FF50F5DE000
|
unkown image
|
page readonly
|
|
|
|
296F6270000
|
heap private
|
page read and write
|
|
|
|
7FF5A851C000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD3F7000
|
unkown image
|
page readonly
|
|
|
|
CBA7CCA000
|
unkown
|
page read and write
|
|
|
|
27A16550000
|
unkown image
|
page readonly
|
|
|
|
424000
|
unkown image
|
page read and write
|
|
|
|
EB7F5FF000
|
stack
|
page read and write
|
|
|
|
7DF57F4D2000
|
unkown image
|
page readonly
|
|
|
|
23417C7F000
|
unkown
|
page read and write
|
|
|
|
7DF512800000
|
unkown image
|
page readonly
|
|
|
|
1EE6AF7000
|
stack
|
page read and write
|
|
|
|
7FF4FD5CD000
|
unkown image
|
page readonly
|
|
|
|
7DF5127F2000
|
unkown image
|
page readonly
|
|
|
|
7FF54E137000
|
unkown image
|
page readonly
|
|
|
|
7FF50F1A6000
|
unkown image
|
page readonly
|
|
|
|
CBA81FE000
|
stack
|
page read and write
|
|
|
|
1941BA59000
|
unkown
|
page read and write
|
|
|
|
1941BAF1000
|
unkown
|
page read and write
|
|
|
|
1CDAEF30000
|
unkown image
|
page read and write
|
|
|
|
7DF563530000
|
unkown image
|
page readonly
|
|
|
|
296F6458000
|
unkown
|
page read and write
|
|
|
|
7DF5127F0000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD5EC000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD6F6000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD764000
|
unkown image
|
page readonly
|
|
|
|
EB7F3F7000
|
stack
|
page read and write
|
|
|
|
7DF563550000
|
unkown image
|
page readonly
|
|
|
|
7DF563542000
|
unkown image
|
page readonly
|
|
|
|
7FF54E3CB000
|
unkown image
|
page readonly
|
|
|
|
1941C39D000
|
unkown
|
page read and write
|
|
|
|
7FF4FD5E4000
|
unkown image
|
page readonly
|
|
|
|
7FF56A2AD000
|
unkown image
|
page readonly
|
|
|
|
1941C070000
|
unkown image
|
page write copy
|
|
|
|
296F647C000
|
unkown
|
page read and write
|
|
|
|
296F6429000
|
unkown
|
page read and write
|
|
|
|
23417C4D000
|
unkown
|
page read and write
|
|
|
|
EB7F07F000
|
stack
|
page read and write
|
|
|
|
7DF563542000
|
unkown image
|
page readonly
|
|
|
|
296F644C000
|
unkown
|
page read and write
|
|
|
|
1941C802000
|
unkown
|
page read and write
|
|
|
|
7FF50F5E5000
|
unkown image
|
page readonly
|
|
|
|
640000
|
heap default
|
page read and write
|
|
|
|
7FF54DF2E000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD6AC000
|
unkown image
|
page readonly
|
|
|
|
7FF54E41F000
|
unkown image
|
page readonly
|
|
|
|
7FF54E30D000
|
unkown image
|
page readonly
|
|
|
|
7FF50F357000
|
unkown image
|
page readonly
|
|
|
|
7DF4BB530000
|
unkown image
|
page readonly
|
|
|
|
1941BA67000
|
unkown
|
page read and write
|
|
|
|
1941C390000
|
unkown
|
page read and write
|
|
|
|
296F644F000
|
unkown
|
page read and write
|
|
|
|
1941C802000
|
unkown
|
page read and write
|
|
|
|
1941C900000
|
unkown
|
page read and write
|
|
|
|
27A15EA0000
|
unkown image
|
page read and write
|
|
|
|
7FF4FD68B000
|
unkown image
|
page readonly
|
|
|
|
1941C39C000
|
unkown
|
page read and write
|
|
|
|
401000
|
unkown image
|
page execute read
|
|
|
|
1941C0F0000
|
unkown image
|
page read and write
|
|
|
|
1941C38E000
|
unkown
|
page read and write
|
|
|
|
7FF54E2C3000
|
unkown image
|
page readonly
|
|
|
|
7FF56A34C000
|
unkown image
|
page readonly
|
|
|
|
7FF50F533000
|
unkown image
|
page readonly
|
|
|
|
1941C396000
|
unkown
|
page read and write
|
|
|
|
1CDAF04C000
|
unkown
|
page read and write
|
|
|
|
1941C0E0000
|
unkown
|
page read and write
|
|
|
|
7FF5A7E43000
|
unkown image
|
page readonly
|
|
|
|
7FF50F483000
|
unkown image
|
page readonly
|
|
|
|
7FF54DF32000
|
unkown image
|
page readonly
|
|
|
|
661000
|
heap default
|
page read and write
|
|
|
|
400000
|
unkown image
|
page readonly
|
|
|
|
7FF5A84F0000
|
unkown image
|
page readonly
|
|
|
|
1CDAEFB0000
|
unkown image
|
page readonly
|
|
|
|
7DF5BD670000
|
unkown image
|
page readonly
|
|
|
|
1941BB02000
|
unkown
|
page read and write
|
|
|
|
7FF4FD66C000
|
unkown image
|
page readonly
|
|
|
|
1CDAF113000
|
unkown
|
page read and write
|
|
|
|
7FF54E436000
|
unkown image
|
page readonly
|
|
|
|
27A1610E000
|
unkown
|
page read and write
|
|
|
|
CC0000
|
unkown image
|
page readonly
|
|
|
|
23417B60000
|
unkown image
|
page read and write
|
|
|
|
1941C3CE000
|
unkown
|
page read and write
|
|
|
|
30000
|
unkown image
|
page read and write
|
|
|
|
7DF5BD660000
|
unkown image
|
page readonly
|
|
|
|
1941BA4F000
|
unkown
|
page read and write
|
|
|
|
23417BA0000
|
unkown image
|
page readonly
|
|
|
|
7FF56A25B000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD6CA000
|
unkown image
|
page readonly
|
|
|
|
EB7F4FE000
|
stack
|
page read and write
|
|
|
|
7DF57F4D0000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD67A000
|
unkown image
|
page readonly
|
|
|
|
23417D08000
|
unkown
|
page read and write
|
|
|
|
23417B80000
|
unkown image
|
page readonly
|
|
|
|
7FF54DCC2000
|
unkown image
|
page readonly
|
|
|
|
1941BA54000
|
unkown
|
page read and write
|
|
|
|
9A000
|
unkown
|
page read and write
|
|
|
|
1941BA7A000
|
unkown
|
page read and write
|
|
|
|
7DF524762000
|
unkown image
|
page readonly
|
|
|
|
EB7F2FB000
|
stack
|
page read and write
|
|
|
|
23417C4F000
|
unkown
|
page read and write
|
|
|
|
7FFB0000
|
unkown image
|
page readonly
|
|
|
|
7FF54E3BE000
|
unkown image
|
page readonly
|
|
|
|
7FF569F20000
|
unkown image
|
page readonly
|
|
|
|
7FF56A2C4000
|
unkown image
|
page readonly
|
|
|
|
7DF563532000
|
unkown image
|
page readonly
|
|
|
|
27A160FE000
|
unkown
|
page read and write
|
|
|
|
1941B9C0000
|
unkown
|
page read and write
|
|
|
|
1EE69FD000
|
stack
|
page read and write
|
|
|
|
2AC807F000
|
stack
|
page read and write
|
|
|
|
7FF56A3A4000
|
unkown image
|
page readonly
|
|
|
|
1CDAF048000
|
unkown
|
page read and write
|
|
|
|
296F6413000
|
unkown
|
page read and write
|
|
|
|
19C000
|
unkown
|
page read and write
|
|
|
|
7FF50F65D000
|
unkown image
|
page readonly
|
|
|
|
27A160E6000
|
unkown
|
page read and write
|
|
|
|
2AC796B000
|
unkown
|
page read and write
|
|
|
|
7DF422620000
|
unkown image
|
page readonly
|
|
|
|
7FF5A84FB000
|
unkown image
|
page readonly
|
|
|
|
27A16030000
|
unkown image
|
page readonly
|
|
|
|
27A161D0000
|
unkown image
|
page readonly
|
|
|
|
1CDAEFA0000
|
heap default
|
page read and write
|
|
|
|
7FF54E169000
|
unkown image
|
page readonly
|
|
|
|
1CDAF029000
|
unkown
|
page read and write
|
|
|
|
7FF54E39F000
|
unkown image
|
page readonly
|
|
|
|
296F644B000
|
unkown
|
page read and write
|
|
|
|
1CDAF07B000
|
unkown
|
page read and write
|
|
|
|
23417C49000
|
unkown
|
page read and write
|
|
|
|
7FF54E1C0000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD6AF000
|
unkown image
|
page readonly
|
|
|
|
1941BA00000
|
unkown
|
page read and write
|
|
|
|
1941BA52000
|
unkown
|
page read and write
|
|
|
|
1941BA87000
|
unkown
|
page read and write
|
|
|
|
2F10000
|
unkown image
|
page readonly
|
|
|
|
1CDAEF40000
|
heap private
|
page read and write
|
|
|
|
7FF5A855E000
|
unkown image
|
page readonly
|
|
|
|
23417C6D000
|
unkown
|
page read and write
|
|
|
|
7FF54E428000
|
unkown image
|
page readonly
|
|
|
|
7DF563540000
|
unkown image
|
page readonly
|
|
|
|
1941C38A000
|
unkown
|
page read and write
|
|
|
|
2AC79EF000
|
stack
|
page read and write
|
|
|
|
7FF4FD6C4000
|
unkown image
|
page readonly
|
|
|
|
7FF54E362000
|
unkown image
|
page readonly
|
|
|
|
27A160FE000
|
unkown
|
page read and write
|
|
|
|
7FF56A34A000
|
unkown image
|
page readonly
|
|
|
|
296F6455000
|
unkown
|
page read and write
|
|
|
|
7FF50F624000
|
unkown image
|
page readonly
|
|
|
|
1941C802000
|
unkown
|
page read and write
|
|
|
|
7FF54E3F7000
|
unkown image
|
page readonly
|
|
|
|
1941B8C0000
|
heap default
|
page read and write
|
|
|
|
1941C38E000
|
unkown
|
page read and write
|
|
|
|
7FF54DE9E000
|
unkown image
|
page readonly
|
|
|
|
7FF5A856D000
|
unkown image
|
page readonly
|
|
|
|
296F6454000
|
unkown
|
page read and write
|
|
|
|
1941C802000
|
unkown
|
page read and write
|
|
|
|
7FF50F634000
|
unkown image
|
page readonly
|
|
|
|
1CDAF013000
|
unkown
|
page read and write
|
|
|
|
7DF512802000
|
unkown image
|
page readonly
|
|
|
|
2B10000
|
unkown image
|
page read and write
|
|
|
|
7DF47D3A0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A84F5000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD561000
|
unkown image
|
page readonly
|
|
|
|
296F6459000
|
unkown
|
page read and write
|
|
|
|
296F6457000
|
unkown
|
page read and write
|
|
|
|
1941C3AE000
|
unkown
|
page read and write
|
|
|
|
7FF56A2B3000
|
unkown image
|
page readonly
|
|
|
|
7FF54E404000
|
unkown image
|
page readonly
|
|
|
|
EB7EDFB000
|
unkown
|
page read and write
|
|
|
|
1941B890000
|
unkown image
|
page readonly
|
|
|
|
1941C0E0000
|
unkown
|
page read and write
|
|
|
|
1941C396000
|
unkown
|
page read and write
|
|
|
|
23417BD0000
|
heap default
|
page read and write
|
|
|
|
27A163D0000
|
unkown image
|
page readonly
|
|
|
|
7DF524770000
|
unkown image
|
page readonly
|
|
|
|
1941C39D000
|
unkown
|
page read and write
|
|
|
|
7FF56A3AA000
|
unkown image
|
page readonly
|
|
|
|
1941B8A0000
|
unkown image
|
page readonly
|
|
|
|
2170000
|
heap private
|
page read and write
|
|
|
|
296F6260000
|
unkown image
|
page read and write
|
|
|
|
1941C315000
|
unkown
|
page read and write
|
|
|
|
5F0000
|
unkown image
|
page readonly
|
|
|
|
1941C38C000
|
unkown
|
page read and write
|
|
|
|
7FF54E263000
|
unkown image
|
page readonly
|
|
|
|
1941BAF1000
|
unkown
|
page read and write
|
|
|
|
27A15EC0000
|
unkown image
|
page readonly
|
|
|
|
7FF54E211000
|
unkown image
|
page readonly
|
|
|
|
1941C39F000
|
unkown
|
page read and write
|
|
|
|
7FF56A3CE000
|
unkown image
|
page readonly
|
|
|
|
7DF5BD662000
|
unkown image
|
page readonly
|
|
|
|
1EE66FF000
|
stack
|
page read and write
|
|
|
|
7FF56A44A000
|
unkown image
|
page readonly
|
|
|
|
7FF56A35E000
|
unkown image
|
page readonly
|
|
|
|
7FF5A851F000
|
unkown image
|
page readonly
|
|
|
|
7FF50F54C000
|
unkown image
|
page readonly
|
|
|
|
7FF54E2BE000
|
unkown image
|
page readonly
|
|
|
|
7FF54E360000
|
unkown image
|
page readonly
|
|
|
|
7FF5A853A000
|
unkown image
|
page readonly
|
|
|
|
27A160D0000
|
heap default
|
page read and write
|
|
|
|
7FF5A8534000
|
unkown image
|
page readonly
|
|
|
|
1F0000
|
unkown
|
page read and write
|
|
|
|
7FF5A7E47000
|
unkown image
|
page readonly
|
|
|
|
2174000
|
heap private
|
page read and write
|
|
|
|
4C1E000
|
stack
|
page read and write
|
|
|
|
234180D0000
|
unkown image
|
page readonly
|
|
|
|
296F63D0000
|
unkown
|
page read and write
|
|
|
|
4ADE000
|
stack
|
page read and write
|
|
|
|
1CDAF086000
|
unkown
|
page read and write
|
|
|
|
7FF4FD523000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD76A000
|
unkown image
|
page readonly
|
|
|
|
1941C802000
|
unkown
|
page read and write
|
|
|
|
7FF50F62A000
|
unkown image
|
page readonly
|
|
|
|
7FF4FD6E8000
|
unkown image
|
page readonly
|
|
|
|
7FFB0000
|
unkown image
|
page readonly
|
|
|
|
1941BAEE000
|
unkown
|
page read and write
|
|
|
|
7FF4FD57B000
|
unkown image
|
page readonly
|
|
|
|
296F62D0000
|
heap default
|
page read and write
|
|
|
|
7DF5BD662000
|
unkown image
|
page readonly
|
|
|
|
7FF5A8544000
|
unkown image
|
page readonly
|
|
|
|
1941BAA8000
|
unkown
|
page read and write
|
|
|
|
1941C36B000
|
unkown
|
page read and write
|
|
|
|
7FF54E38B000
|
unkown image
|
page readonly
|
|
|
|
1EE67FB000
|
stack
|
page read and write
|
|
|
|
1941BA3C000
|
unkown
|
page read and write
|
|
|
|
7FF50F617000
|
unkown image
|
page readonly
|
|
|
|
296F63B0000
|
unkown image
|
page readonly
|
|
|
|
7FF54E3AA000
|
unkown image
|
page readonly
|
|
|
|
7FF50F63F000
|
unkown image
|
page readonly
|
|
|
|
A78FA7E000
|
stack
|
page read and write
|
|
|
|
21C9000
|
heap private
|
page read and write
|
|
|
|
27A160F6000
|
unkown
|
page read and write
|
|
|
|
7FF56A35A000
|
unkown image
|
page readonly
|
|
|
|
2AC83FD000
|
stack
|
page read and write
|
|
|
|
40000
|
unkown image
|
page readonly
|
|
|
|
7FF56A2CC000
|
unkown image
|
page readonly
|
|
|
|
1941C39D000
|
unkown
|
page read and write
|
|
|
|
A78FAFE000
|
stack
|
page read and write
|
|
|
|
296F6513000
|
unkown
|
page read and write
|
|
|
|
7FF54E42E000
|
unkown image
|
page readonly
|
|
|
|
426000
|
unkown image
|
page readonly
|
|
|
|
296F62B0000
|
unkown image
|
page readonly
|
|
|
|
7FF50F431000
|
unkown image
|
page readonly
|
|
|
|
7FFD0000
|
unkown image
|
page readonly
|
|
|
|
7FF50F6D2000
|
unkown image
|
page readonly
|
|
|
|
1941C37C000
|
unkown
|
page read and write
|
|
|
|
400000
|
unkown image
|
page readonly
|
|
|
|
1CDAF2D0000
|
unkown image
|
page readonly
|
|
|
|
7FF54E4AA000
|
unkown image
|
page readonly
|
|
|
|
27A15EC0000
|
unkown image
|
page readonly
|
|
|
|
1EE63FB000
|
unkown
|
page read and write
|
|
|
|
2AC82F9000
|
stack
|
page read and write
|
|
|
|
1941C86A000
|
unkown
|
page read and write
|
|
|
|
1941C395000
|
unkown
|
page read and write
|
|
|
|
7FF4FD255000
|
unkown image
|
page readonly
|
|
|
|
7FF54E2A1000
|
unkown image
|
page readonly
|
|
|
|
7FF56A451000
|
unkown image
|
page readonly
|
|
|
|
7DF524752000
|
unkown image
|
page readonly
|
|
|
|
1941C388000
|
unkown
|
page read and write
|
|
|
|
7FF4FD246000
|
unkown image
|
page readonly
|
|
|
|
7FF54E313000
|
unkown image
|
page readonly
|
|
|
|
2210000
|
unkown
|
page read and write
|
|
|
|
27A15FF0000
|
unkown
|
page read and write
|
|
|
|
CBA7D4F000
|
stack
|
page read and write
|
|
There are 600 hidden memdumps, click here to show them.