Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
pago12_14299038859.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\~DF56158A8C389C0AF7.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
 |
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\pago12_14299038859.exe
|
"C:\Users\user\Desktop\pago12_14299038859.exe"
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\subideal\Eyeliners
|
HARNISKKLDT
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4D20000
|
unkown
|
page execute and read and write
|
|
|
|
20E14CE1000
|
unkown
|
page read and write
|
|
|
|
7FF5AB560000
|
unkown image
|
page readonly
|
|
|
|
7DF5E91F2000
|
unkown image
|
page readonly
|
|
|
|
210F5113000
|
unkown
|
page read and write
|
|
|
|
18C757A0000
|
unkown image
|
page readonly
|
|
|
|
7DF5C06E0000
|
unkown image
|
page readonly
|
|
|
|
2100000
|
heap private
|
page read and write
|
|
|
|
7FF5AB5C8000
|
unkown image
|
page readonly
|
|
|
|
22135E4D000
|
unkown
|
page read and write
|
|
|
|
7FFC0000
|
unkown image
|
page readonly
|
|
|
|
22135E58000
|
unkown
|
page read and write
|
|
|
|
2462E850000
|
unkown image
|
page readonly
|
|
|
|
20E15561000
|
unkown
|
page read and write
|
|
|
|
7FF5AB175000
|
unkown image
|
page readonly
|
|
|
|
2462EBA0000
|
unkown image
|
page readonly
|
|
|
|
7FF58B3FE000
|
unkown image
|
page readonly
|
|
|
|
7DF5C06F0000
|
unkown image
|
page readonly
|
|
|
|
7FF53EE65000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB513000
|
unkown image
|
page readonly
|
|
|
|
1A0000
|
unkown image
|
page readonly
|
|
|
|
7FFC2000
|
unkown image
|
page readonly
|
|
|
|
3C2A4FF000
|
stack
|
page read and write
|
|
|
|
7FF53EF51000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB0CE000
|
unkown image
|
page readonly
|
|
|
|
7FF58B417000
|
unkown image
|
page readonly
|
|
|
|
2462E8E0000
|
unkown
|
page read and write
|
|
|
|
7FF5AB58F000
|
unkown image
|
page readonly
|
|
|
|
20E155A4000
|
unkown
|
page read and write
|
|
|
|
20E155A2000
|
unkown
|
page read and write
|
|
|
|
2EB0000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB5D9000
|
unkown image
|
page readonly
|
|
|
|
7DF5C06D0000
|
unkown image
|
page readonly
|
|
|
|
D318C7F000
|
stack
|
page read and write
|
|
|
|
210F505F000
|
unkown
|
page read and write
|
|
|
|
210F5100000
|
unkown
|
page read and write
|
|
|
|
9EA487F000
|
stack
|
page read and write
|
|
|
|
7DF506AE0000
|
unkown image
|
page readonly
|
|
|
|
210F5000000
|
unkown
|
page read and write
|
|
|
|
2462E8D0000
|
unkown
|
page read and write
|
|
|
|
210F5013000
|
unkown
|
page read and write
|
|
|
|
20E15A02000
|
unkown
|
page read and write
|
|
|
|
7FF4F1851000
|
unkown image
|
page readonly
|
|
|
|
20E15A6A000
|
unkown
|
page read and write
|
|
|
|
1F0000
|
unkown
|
page read and write
|
|
|
|
2462E810000
|
heap private
|
page read and write
|
|
|
|
3C2AAF7000
|
stack
|
page read and write
|
|
|
|
2462E8DF000
|
unkown
|
page read and write
|
|
|
|
7FF4F199C000
|
unkown image
|
page readonly
|
|
|
|
20E14C4D000
|
unkown
|
page read and write
|
|
|
|
20E15530000
|
unkown
|
page read and write
|
|
|
|
7DF5C06D0000
|
unkown image
|
page readonly
|
|
|
|
22135CA0000
|
unkown image
|
page read and write
|
|
|
|
7FF4F19E6000
|
unkown image
|
page readonly
|
|
|
|
7FF4F196E000
|
unkown image
|
page readonly
|
|
|
|
7FF58B2A3000
|
unkown image
|
page readonly
|
|
|
|
2120000
|
unkown image
|
page read and write
|
|
|
|
22135CB0000
|
heap private
|
page read and write
|
|
|
|
210F5102000
|
unkown
|
page read and write
|
|
|
|
20E1555F000
|
unkown
|
page read and write
|
|
|
|
210F4F60000
|
unkown image
|
page readonly
|
|
|
|
22136602000
|
unkown
|
page read and write
|
|
|
|
7FFB0000
|
unkown image
|
page readonly
|
|
|
|
20E155C4000
|
unkown
|
page read and write
|
|
|
|
7FF5D40E6000
|
unkown image
|
page readonly
|
|
|
|
21E5000
|
heap private
|
page read and write
|
|
|
|
2070000
|
unkown
|
page execute read
|
|
|
|
40000
|
unkown image
|
page readonly
|
|
|
|
20F0000
|
unkown image
|
page readonly
|
|
|
|
20E14CA7000
|
unkown
|
page read and write
|
|
|
|
7FF5D3F51000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB360000
|
unkown image
|
page readonly
|
|
|
|
7FF53EF4A000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB56B000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB45B000
|
unkown image
|
page readonly
|
|
|
|
7DF506AF2000
|
unkown image
|
page readonly
|
|
|
|
7FF4F19E9000
|
unkown image
|
page readonly
|
|
|
|
20D0000
|
unkown image
|
page readonly
|
|
|
|
20B0000
|
unkown image
|
page readonly
|
|
|
|
480000
|
heap default
|
page read and write
|
|
|
|
7DF5E91E2000
|
unkown image
|
page readonly
|
|
|
|
20E14AF0000
|
unkown image
|
page readonly
|
|
|
|
22136000000
|
unkown image
|
page readonly
|
|
|
|
7DF506AE0000
|
unkown image
|
page readonly
|
|
|
|
7FF4F1605000
|
unkown image
|
page readonly
|
|
|
|
7FF4F1536000
|
unkown image
|
page readonly
|
|
|
|
20E15B00000
|
unkown
|
page read and write
|
|
|
|
7FF4F18DC000
|
unkown image
|
page readonly
|
|
|
|
2059000
|
heap private
|
page read and write
|
|
|
|
7FF4F1975000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB5D6000
|
unkown image
|
page readonly
|
|
|
|
2462E700000
|
unkown image
|
page readonly
|
|
|
|
20E15561000
|
unkown
|
page read and write
|
|
|
|
22135E4C000
|
unkown
|
page read and write
|
|
|
|
2462E815000
|
heap private
|
page read and write
|
|
|
|
41837F000
|
stack
|
page read and write
|
|
|
|
2462E820000
|
unkown
|
page read and write
|
|
|
|
7FF4F1A5A000
|
unkown image
|
page readonly
|
|
|
|
210F4EE0000
|
unkown image
|
page read and write
|
|
|
|
7FF58B468000
|
unkown image
|
page readonly
|
|
|
|
D318CFC000
|
stack
|
page read and write
|
|
|
|
3C2A8FF000
|
stack
|
page read and write
|
|
|
|
19C000
|
unkown
|
page read and write
|
|
|
|
7FF5D4087000
|
unkown image
|
page readonly
|
|
|
|
7FF58B42C000
|
unkown image
|
page readonly
|
|
|
|
20E14C59000
|
unkown
|
page read and write
|
|
|
|
20E1554D000
|
unkown
|
page read and write
|
|
|
|
210F4F00000
|
unkown image
|
page readonly
|
|
|
|
7DF506AE2000
|
unkown image
|
page readonly
|
|
|
|
7FF53EED9000
|
unkown image
|
page readonly
|
|
|
|
7DF5C06F0000
|
unkown image
|
page readonly
|
|
|
|
20E15A02000
|
unkown
|
page read and write
|
|
|
|
7DF5E91E0000
|
unkown image
|
page readonly
|
|
|
|
18C75660000
|
heap private
|
page read and write
|
|
|
|
210F4F50000
|
heap default
|
page read and write
|
|
|
|
20E14C55000
|
unkown
|
page read and write
|
|
|
|
7FF4F19BA000
|
unkown image
|
page readonly
|
|
|
|
20E15B63000
|
unkown
|
page read and write
|
|
|
|
22135E57000
|
unkown
|
page read and write
|
|
|
|
7FF5D3F13000
|
unkown image
|
page readonly
|
|
|
|
2462E6E0000
|
unkown image
|
page readonly
|
|
|
|
20E15A00000
|
unkown
|
page read and write
|
|
|
|
7FF58B405000
|
unkown image
|
page readonly
|
|
|
|
560000
|
unkown
|
page read and write
|
|
|
|
20E155C4000
|
unkown
|
page read and write
|
|
|
|
7FF5D3C45000
|
unkown image
|
page readonly
|
|
|
|
2930000
|
unkown
|
page read and write
|
|
|
|
210F5064000
|
unkown
|
page read and write
|
|
|
|
7FF5D409F000
|
unkown image
|
page readonly
|
|
|
|
7FF58AFC0000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB31B000
|
unkown image
|
page readonly
|
|
|
|
20E1559A000
|
unkown
|
page read and write
|
|
|
|
18C76002000
|
unkown
|
page read and write
|
|
|
|
20E14C5B000
|
unkown
|
page read and write
|
|
|
|
7DF5E91F0000
|
unkown image
|
page readonly
|
|
|
|
D3187DA000
|
unkown
|
page read and write
|
|
|
|
20E1552E000
|
unkown
|
page read and write
|
|
|
|
20E14B10000
|
unkown image
|
page readonly
|
|
|
|
20E14B40000
|
heap default
|
page read and write
|
|
|
|
7FF4F199F000
|
unkown image
|
page readonly
|
|
|
|
30000
|
unkown image
|
page read and write
|
|
|
|
7FF5AB3A1000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB52F000
|
unkown image
|
page readonly
|
|
|
|
7FF5D405C000
|
unkown image
|
page readonly
|
|
|
|
22136470000
|
unkown
|
page read and write
|
|
|
|
7FF5AB0D2000
|
unkown image
|
page readonly
|
|
|
|
210F503C000
|
unkown
|
page read and write
|
|
|
|
C30000
|
unkown image
|
page readonly
|
|
|
|
7DF5A0570000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB3B1000
|
unkown image
|
page readonly
|
|
|
|
7FF58B2FB000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB463000
|
unkown image
|
page readonly
|
|
|
|
2E30000
|
unkown
|
page read and write
|
|
|
|
20E155A2000
|
unkown
|
page read and write
|
|
|
|
7DF5C06E0000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB0C2000
|
unkown image
|
page readonly
|
|
|
|
20E14C52000
|
unkown
|
page read and write
|
|
|
|
20E0000
|
unkown
|
page read and write
|
|
|
|
7FF5D3F31000
|
unkown image
|
page readonly
|
|
|
|
7FF5D3DE7000
|
unkown image
|
page readonly
|
|
|
|
7FF5D40C4000
|
unkown image
|
page readonly
|
|
|
|
22135DF0000
|
unkown image
|
page readonly
|
|
|
|
41847F000
|
stack
|
page read and write
|
|
|
|
7FF5D407B000
|
unkown image
|
page readonly
|
|
|
|
20E15B02000
|
unkown
|
page read and write
|
|
|
|
7FF5AB126000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB534000
|
unkown image
|
page readonly
|
|
|
|
D318BF9000
|
stack
|
page read and write
|
|
|
|
470000
|
unkown image
|
page readonly
|
|
|
|
401000
|
unkown image
|
page execute read
|
|
|
|
7DF4E70B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D3FBD000
|
unkown image
|
page readonly
|
|
|
|
210F52D0000
|
unkown image
|
page readonly
|
|
|
|
20E155A3000
|
unkown
|
page read and write
|
|
|
|
2050000
|
heap private
|
page read and write
|
|
|
|
20E14C58000
|
unkown
|
page read and write
|
|
|
|
20E14CFA000
|
unkown
|
page read and write
|
|
|
|
22135F13000
|
unkown
|
page read and write
|
|
|
|
20E155A2000
|
unkown
|
page read and write
|
|
|
|
18C756A0000
|
unkown image
|
page readonly
|
|
|
|
20E155C5000
|
unkown
|
page read and write
|
|
|
|
7FF4F17C1000
|
unkown image
|
page readonly
|
|
|
|
210F4F00000
|
unkown image
|
page readonly
|
|
|
|
7FF5D40B4000
|
unkown image
|
page readonly
|
|
|
|
20E14C3C000
|
unkown
|
page read and write
|
|
|
|
20E15583000
|
unkown
|
page read and write
|
|
|
|
7DF5A0572000
|
unkown image
|
page readonly
|
|
|
|
20E1555A000
|
unkown
|
page read and write
|
|
|
|
18C75908000
|
unkown
|
page read and write
|
|
|
|
7FF53EEA4000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB55E000
|
unkown image
|
page readonly
|
|
|
|
7FF58B4E4000
|
unkown image
|
page readonly
|
|
|
|
20E1556F000
|
unkown
|
page read and write
|
|
|
|
7FF53EE6B000
|
unkown image
|
page readonly
|
|
|
|
2462E8B6000
|
heap default
|
page read and write
|
|
|
|
21A0000
|
unkown
|
page read and write
|
|
|
|
7FF53EC09000
|
unkown image
|
page readonly
|
|
|
|
AB0000
|
unkown image
|
page readonly
|
|
|
|
20E155A2000
|
unkown
|
page read and write
|
|
|
|
7FF53EEB4000
|
unkown image
|
page readonly
|
|
|
|
18C75850000
|
unkown
|
page read and write
|
|
|
|
7DF5C06E2000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB644000
|
unkown image
|
page readonly
|
|
|
|
50B51EF000
|
stack
|
page read and write
|
|
|
|
2110000
|
heap private
|
page read and write
|
|
|
|
20E155A4000
|
unkown
|
page read and write
|
|
|
|
22135E3C000
|
unkown
|
page read and write
|
|
|
|
2462E8D0000
|
unkown
|
page read and write
|
|
|
|
20E14C4B000
|
unkown
|
page read and write
|
|
|
|
7FF5AB45E000
|
unkown image
|
page readonly
|
|
|
|
417E7C000
|
unkown
|
page read and write
|
|
|
|
18C75900000
|
unkown
|
page read and write
|
|
|
|
20E1555A000
|
unkown
|
page read and write
|
|
|
|
401000
|
unkown image
|
page execute read
|
|
|
|
20E14D13000
|
unkown
|
page read and write
|
|
|
|
20E14CC6000
|
unkown
|
page read and write
|
|
|
|
210F508D000
|
unkown
|
page read and write
|
|
|
|
20E14B50000
|
unkown image
|
page readonly
|
|
|
|
7FF58B34D000
|
unkown image
|
page readonly
|
|
|
|
C40000
|
unkown image
|
page readonly
|
|
|
|
2462E6C0000
|
unkown image
|
page read and write
|
|
|
|
20E150D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB2D7000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB502000
|
unkown image
|
page readonly
|
|
|
|
D318A7F000
|
stack
|
page read and write
|
|
|
|
7FF4F19C4000
|
unkown image
|
page readonly
|
|
|
|
20E1558A000
|
unkown
|
page read and write
|
|
|
|
7FF53EE98000
|
unkown image
|
page readonly
|
|
|
|
7DF506AE2000
|
unkown image
|
page readonly
|
|
|
|
20E14C4C000
|
unkown
|
page read and write
|
|
|
|
7DF4BE5A0000
|
unkown image
|
page readonly
|
|
|
|
7FF58B4EA000
|
unkown image
|
page readonly
|
|
|
|
18C7584D000
|
unkown
|
page read and write
|
|
|
|
7FFD0000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB652000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB394000
|
unkown image
|
page readonly
|
|
|
|
20E14D08000
|
unkown
|
page read and write
|
|
|
|
20E14C54000
|
unkown
|
page read and write
|
|
|
|
20E14AF0000
|
unkown image
|
page readonly
|
|
|
|
20E155A2000
|
unkown
|
page read and write
|
|
|
|
20E15B63000
|
unkown
|
page read and write
|
|
|
|
20E14C5C000
|
unkown
|
page read and write
|
|
|
|
7FF58B437000
|
unkown image
|
page readonly
|
|
|
|
20E14C70000
|
unkown
|
page read and write
|
|
|
|
210F5082000
|
unkown
|
page read and write
|
|
|
|
20E1559A000
|
unkown
|
page read and write
|
|
|
|
7FF4F186E000
|
unkown image
|
page readonly
|
|
|
|
50B50EB000
|
unkown
|
page read and write
|
|
|
|
7DF553FE0000
|
unkown image
|
page readonly
|
|
|
|
2462E8C6000
|
unkown
|
page read and write
|
|
|
|
7FF58B3EA000
|
unkown image
|
page readonly
|
|
|
|
7FFB2000
|
unkown image
|
page readonly
|
|
|
|
20E15A02000
|
unkown
|
page read and write
|
|
|
|
7FF4F19A7000
|
unkown image
|
page readonly
|
|
|
|
20E14ED0000
|
unkown image
|
page readonly
|
|
|
|
20E15A02000
|
unkown
|
page read and write
|
|
|
|
7FF4F1545000
|
unkown image
|
page readonly
|
|
|
|
7FF58AFC6000
|
unkown image
|
page readonly
|
|
|
|
208000
|
unkown
|
page read and write
|
|
|
|
9EA477B000
|
stack
|
page read and write
|
|
|
|
20E155A4000
|
unkown
|
page read and write
|
|
|
|
7DF5A0570000
|
unkown image
|
page readonly
|
|
|
|
21E0000
|
heap private
|
page read and write
|
|
|
|
20E155C4000
|
unkown
|
page read and write
|
|
|
|
7FF5D3FC3000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB597000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB5AA000
|
unkown image
|
page readonly
|
|
|
|
20E155A2000
|
unkown
|
page read and write
|
|
|
|
210F4F20000
|
unkown image
|
page readonly
|
|
|
|
22135E7D000
|
unkown
|
page read and write
|
|
|
|
7FF53EF52000
|
unkown image
|
page readonly
|
|
|
|
41817B000
|
stack
|
page read and write
|
|
|
|
2462E8B1000
|
unkown
|
page read and write
|
|
|
|
20E1554C000
|
unkown
|
page read and write
|
|
|
|
20E15330000
|
unkown image
|
page write copy
|
|
|
|
7FF5AB310000
|
unkown image
|
page readonly
|
|
|
|
20E15562000
|
unkown
|
page read and write
|
|
|
|
22135E52000
|
unkown
|
page read and write
|
|
|
|
20E1557D000
|
unkown
|
page read and write
|
|
|
|
7FF5D4070000
|
unkown image
|
page readonly
|
|
|
|
7FF58B47D000
|
unkown image
|
page readonly
|
|
|
|
22135E63000
|
unkown
|
page read and write
|
|
|
|
20E155D6000
|
unkown
|
page read and write
|
|
|
|
2462E8C7000
|
unkown
|
page read and write
|
|
|
|
20E1553B000
|
unkown
|
page read and write
|
|
|
|
20E15583000
|
unkown
|
page read and write
|
|
|
|
7FF5D3F6B000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB403000
|
unkown image
|
page readonly
|
|
|
|
18C75800000
|
unkown
|
page read and write
|
|
|
|
7FF5AB1FB000
|
unkown image
|
page readonly
|
|
|
|
7FF58B251000
|
unkown image
|
page readonly
|
|
|
|
418277000
|
stack
|
page read and write
|
|
|
|
20E15572000
|
unkown
|
page read and write
|
|
|
|
7FF5D40E9000
|
unkown image
|
page readonly
|
|
|
|
50B57FF000
|
stack
|
page read and write
|
|
|
|
42B000
|
unkown image
|
page readonly
|
|
|
|
21E8000
|
heap private
|
page read and write
|
|
|
|
22136380000
|
unkown image
|
page readonly
|
|
|
|
22135F08000
|
unkown
|
page read and write
|
|
|
|
2462ED20000
|
unkown image
|
page readonly
|
|
|
|
7FF4F196A000
|
unkown image
|
page readonly
|
|
|
|
7FF58B2C1000
|
unkown image
|
page readonly
|
|
|
|
7DF49E440000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB651000
|
unkown image
|
page readonly
|
|
|
|
20E14B20000
|
unkown image
|
page readonly
|
|
|
|
20E15594000
|
unkown
|
page read and write
|
|
|
|
210F4F30000
|
unkown image
|
page readonly
|
|
|
|
7FF53EE60000
|
unkown image
|
page readonly
|
|
|
|
7FF4F1813000
|
unkown image
|
page readonly
|
|
|
|
7FF5D3EC1000
|
unkown image
|
page readonly
|
|
|
|
7DF5E91E2000
|
unkown image
|
page readonly
|
|
|
|
22135E50000
|
unkown
|
page read and write
|
|
|
|
20E14C57000
|
unkown
|
page read and write
|
|
|
|
7FF4F1A62000
|
unkown image
|
page readonly
|
|
|
|
7FF5D405A000
|
unkown image
|
page readonly
|
|
|
|
7FF4F1970000
|
unkown image
|
page readonly
|
|
|
|
3C2AC79000
|
stack
|
page read and write
|
|
|
|
18C75829000
|
unkown
|
page read and write
|
|
|
|
20E14C4F000
|
unkown
|
page read and write
|
|
|
|
7FF5AB03E000
|
unkown image
|
page readonly
|
|
|
|
7FF4F186B000
|
unkown image
|
page readonly
|
|
|
|
18C75670000
|
unkown image
|
page readonly
|
|
|
|
18C75852000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown image
|
page readonly
|
|
|
|
20E155A4000
|
unkown
|
page read and write
|
|
|
|
20E15500000
|
unkown
|
page read and write
|
|
|
|
18C75690000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB396000
|
unkown image
|
page readonly
|
|
|
|
7FF4F19B4000
|
unkown image
|
page readonly
|
|
|
|
7FF4F1A54000
|
unkown image
|
page readonly
|
|
|
|
7FF5D3C36000
|
unkown image
|
page readonly
|
|
|
|
3C2A9FA000
|
stack
|
page read and write
|
|
|
|
7DF506B00000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB52B000
|
unkown image
|
page readonly
|
|
|
|
D318AFF000
|
stack
|
page read and write
|
|
|
|
20E14CA8000
|
unkown
|
page read and write
|
|
|
|
7DF5C06D2000
|
unkown image
|
page readonly
|
|
|
|
20E14C00000
|
unkown
|
page read and write
|
|
|
|
7FF5AB468000
|
unkown image
|
page readonly
|
|
|
|
22135CC0000
|
unkown image
|
page readonly
|
|
|
|
22135CE0000
|
unkown image
|
page readonly
|
|
|
|
18C75650000
|
unkown image
|
page read and write
|
|
|
|
7FF5AB1F5000
|
unkown image
|
page readonly
|
|
|
|
7DF5A0590000
|
unkown image
|
page readonly
|
|
|
|
22135E4F000
|
unkown
|
page read and write
|
|
|
|
20E14C2C000
|
unkown
|
page read and write
|
|
|
|
9EA44FF000
|
stack
|
page read and write
|
|
|
|
7FF5AB4C4000
|
unkown image
|
page readonly
|
|
|
|
7FF5D415A000
|
unkown image
|
page readonly
|
|
|
|
7FF5D40ED000
|
unkown image
|
page readonly
|
|
|
|
7FF58B2E1000
|
unkown image
|
page readonly
|
|
|
|
7FF4F195A000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB421000
|
unkown image
|
page readonly
|
|
|
|
7FF53EEC8000
|
unkown image
|
page readonly
|
|
|
|
22135E9A000
|
unkown
|
page read and write
|
|
|
|
7FF5AB40A000
|
unkown image
|
page readonly
|
|
|
|
7DF5C06D2000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB500000
|
unkown image
|
page readonly
|
|
|
|
7DF553FE2000
|
unkown image
|
page readonly
|
|
|
|
22135E29000
|
unkown
|
page read and write
|
|
|
|
7DF5A0582000
|
unkown image
|
page readonly
|
|
|
|
20E15A02000
|
unkown
|
page read and write
|
|
|
|
210F54D0000
|
unkown image
|
page readonly
|
|
|
|
20E14BE0000
|
unkown
|
page read and write
|
|
|
|
4BDF000
|
stack
|
page read and write
|
|
|
|
20E155B5000
|
unkown
|
page read and write
|
|
|
|
22135CF0000
|
unkown image
|
page readonly
|
|
|
|
22135E46000
|
unkown
|
page read and write
|
|
|
|
50B56F7000
|
stack
|
page read and write
|
|
|
|
18C75D80000
|
unkown image
|
page readonly
|
|
|
|
7DF5C06E2000
|
unkown image
|
page readonly
|
|
|
|
7DF5A0572000
|
unkown image
|
page readonly
|
|
|
|
20E14AE0000
|
heap private
|
page read and write
|
|
|
|
7FF5AB309000
|
unkown image
|
page readonly
|
|
|
|
22135CC0000
|
unkown image
|
page readonly
|
|
|
|
7DF553FE0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D3C30000
|
unkown image
|
page readonly
|
|
|
|
22135E6F000
|
unkown
|
page read and write
|
|
|
|
7FF5D406A000
|
unkown image
|
page readonly
|
|
|
|
18C756C0000
|
heap default
|
page read and write
|
|
|
|
7FF58B44A000
|
unkown image
|
page readonly
|
|
|
|
7FF5D406E000
|
unkown image
|
page readonly
|
|
|
|
7FF5D4075000
|
unkown image
|
page readonly
|
|
|
|
50B516F000
|
stack
|
page read and write
|
|
|
|
7FF4F18D4000
|
unkown image
|
page readonly
|
|
|
|
7FF4F18BD000
|
unkown image
|
page readonly
|
|
|
|
98000
|
unkown
|
page read and write
|
|
|
|
18C7582C000
|
unkown
|
page read and write
|
|
|
|
7FF5D4154000
|
unkown image
|
page readonly
|
|
|
|
7FF58B09B000
|
unkown image
|
page readonly
|
|
|
|
210F5029000
|
unkown
|
page read and write
|
|
|
|
7FF4F19CF000
|
unkown image
|
page readonly
|
|
|
|
7FF5D3E20000
|
unkown image
|
page readonly
|
|
|
|
7FF4F16E7000
|
unkown image
|
page readonly
|
|
|
|
18C75813000
|
unkown
|
page read and write
|
|
|
|
427000
|
unkown image
|
page read and write
|
|
|
|
20E14B90000
|
unkown image
|
page readonly
|
|
|
|
7DF506B00000
|
unkown image
|
page readonly
|
|
|
|
7FF53EE8F000
|
unkown image
|
page readonly
|
|
|
|
400000
|
unkown image
|
page readonly
|
|
|
|
7FF4F195C000
|
unkown image
|
page readonly
|
|
|
|
20E1559A000
|
unkown
|
page read and write
|
|
|
|
7FF53E7B7000
|
unkown image
|
page readonly
|
|
|
|
21F0000
|
unkown
|
page read and write
|
|
|
|
20E14CDF000
|
unkown
|
page read and write
|
|
|
|
2462E8D0000
|
unkown
|
page read and write
|
|
|
|
18C7586F000
|
unkown
|
page read and write
|
|
|
|
20E14BE0000
|
unkown
|
page read and write
|
|
|
|
9EA447B000
|
unkown
|
page read and write
|
|
|
|
7FF58B400000
|
unkown image
|
page readonly
|
|
|
|
7DF5E9200000
|
unkown image
|
page readonly
|
|
|
|
7FF58B454000
|
unkown image
|
page readonly
|
|
|
|
3C2A6F9000
|
stack
|
page read and write
|
|
|
|
20E1555E000
|
unkown
|
page read and write
|
|
|
|
210F4EF0000
|
heap private
|
page read and write
|
|
|
|
7FF5AB64A000
|
unkown image
|
page readonly
|
|
|
|
7DF5A0590000
|
unkown image
|
page readonly
|
|
|
|
2F7E000
|
unkown image
|
page read and write
|
|
|
|
7FF5D4161000
|
unkown image
|
page readonly
|
|
|
|
7FFC2000
|
unkown image
|
page readonly
|
|
|
|
7FF58B353000
|
unkown image
|
page readonly
|
|
|
|
7FF53EECE000
|
unkown image
|
page readonly
|
|
|
|
204000
|
unkown
|
page read and write
|
|
|
|
7DF5E9200000
|
unkown image
|
page readonly
|
|
|
|
20E14C83000
|
unkown
|
page read and write
|
|
|
|
7FF5D4162000
|
unkown image
|
page readonly
|
|
|
|
7FF58B46E000
|
unkown image
|
page readonly
|
|
|
|
7FFD0000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB58C000
|
unkown image
|
page readonly
|
|
|
|
7FF4F160B000
|
unkown image
|
page readonly
|
|
|
|
18C75913000
|
unkown
|
page read and write
|
|
|
|
7DF5A0582000
|
unkown image
|
page readonly
|
|
|
|
7DF5A0580000
|
unkown image
|
page readonly
|
|
|
|
9EA457E000
|
stack
|
page read and write
|
|
|
|
22135E55000
|
unkown
|
page read and write
|
|
|
|
20E15583000
|
unkown
|
page read and write
|
|
|
|
7FF5AB177000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB53F000
|
unkown image
|
page readonly
|
|
|
|
2064000
|
heap private
|
page read and write
|
|
|
|
7FF4F18C3000
|
unkown image
|
page readonly
|
|
|
|
7FF5AAEB3000
|
unkown image
|
page readonly
|
|
|
|
7DF506AF0000
|
unkown image
|
page readonly
|
|
|
|
18C7584B000
|
unkown
|
page read and write
|
|
|
|
417F7F000
|
stack
|
page read and write
|
|
|
|
210F5650000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB4CC000
|
unkown image
|
page readonly
|
|
|
|
7FF4F19ED000
|
unkown image
|
page readonly
|
|
|
|
417EFE000
|
stack
|
page read and write
|
|
|
|
20E15592000
|
unkown
|
page read and write
|
|
|
|
7FF4F1720000
|
unkown image
|
page readonly
|
|
|
|
2462E9A0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D409C000
|
unkown image
|
page readonly
|
|
|
|
20E15A02000
|
unkown
|
page read and write
|
|
|
|
210F5068000
|
unkown
|
page read and write
|
|
|
|
3050000
|
unkown
|
page read and write
|
|
|
|
40000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB4AD000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB54A000
|
unkown image
|
page readonly
|
|
|
|
20E155B3000
|
unkown
|
page read and write
|
|
|
|
7FF53EE8C000
|
unkown image
|
page readonly
|
|
|
|
7FF58B42F000
|
unkown image
|
page readonly
|
|
|
|
18C757C0000
|
unkown
|
page read and write
|
|
|
|
7DF5E91F2000
|
unkown image
|
page readonly
|
|
|
|
18C75670000
|
unkown image
|
page readonly
|
|
|
|
7FF58B36C000
|
unkown image
|
page readonly
|
|
|
|
570000
|
heap default
|
page read and write
|
|
|
|
7FF5D3FDC000
|
unkown image
|
page readonly
|
|
|
|
7FF58B3EC000
|
unkown image
|
page readonly
|
|
|
|
18C7583C000
|
unkown
|
page read and write
|
|
|
|
7FF5AB565000
|
unkown image
|
page readonly
|
|
|
|
7FF53EEBE000
|
unkown image
|
page readonly
|
|
|
|
20E1559E000
|
unkown
|
page read and write
|
|
|
|
18C75902000
|
unkown
|
page read and write
|
|
|
|
7FF58B45F000
|
unkown image
|
page readonly
|
|
|
|
20E14AD0000
|
unkown image
|
page read and write
|
|
|
|
7FF58B40B000
|
unkown image
|
page readonly
|
|
|
|
20E14C29000
|
unkown
|
page read and write
|
|
|
|
7DF553FD2000
|
unkown image
|
page readonly
|
|
|
|
7FF4F19DE000
|
unkown image
|
page readonly
|
|
|
|
2462E860000
|
unkown image
|
page readonly
|
|
|
|
57A000
|
heap default
|
page read and write
|
|
|
|
7FF5AB577000
|
unkown image
|
page readonly
|
|
|
|
20E155C6000
|
unkown
|
page read and write
|
|
|
|
20E14D16000
|
unkown
|
page read and write
|
|
|
|
7FF5AAE62000
|
unkown image
|
page readonly
|
|
|
|
7FF4F1A61000
|
unkown image
|
page readonly
|
|
|
|
7DF451EA0000
|
unkown image
|
page readonly
|
|
|
|
50B55FB000
|
stack
|
page read and write
|
|
|
|
7FF58B479000
|
unkown image
|
page readonly
|
|
|
|
18C75A00000
|
unkown image
|
page readonly
|
|
|
|
7DF5A0580000
|
unkown image
|
page readonly
|
|
|
|
7DF506AF2000
|
unkown image
|
page readonly
|
|
|
|
7FF58AFD5000
|
unkown image
|
page readonly
|
|
|
|
7DF5E91F0000
|
unkown image
|
page readonly
|
|
|
|
400000
|
unkown image
|
page readonly
|
|
|
|
7FF5D3FD4000
|
unkown image
|
page readonly
|
|
|
|
18C75888000
|
unkown
|
page read and write
|
|
|
|
20E15402000
|
unkown
|
page read and write
|
|
|
|
4D1F000
|
stack
|
page read and write
|
|
|
|
7FF5AB4B3000
|
unkown image
|
page readonly
|
|
|
|
7FFB2000
|
unkown image
|
page readonly
|
|
|
|
210F5108000
|
unkown
|
page read and write
|
|
|
|
7FFC0000
|
unkown image
|
page readonly
|
|
|
|
210F5056000
|
unkown
|
page read and write
|
|
|
|
400000
|
unkown image
|
page readonly
|
|
|
|
7DF4049B0000
|
unkown image
|
page readonly
|
|
|
|
22135E47000
|
unkown
|
page read and write
|
|
|
|
20E155A4000
|
unkown
|
page read and write
|
|
|
|
50B58FE000
|
stack
|
page read and write
|
|
|
|
7FEB0000
|
unkown image
|
page readonly
|
|
|
|
20E14BF0000
|
unkown image
|
page read and write
|
|
|
|
7DF553FD0000
|
unkown image
|
page readonly
|
|
|
|
210F4F80000
|
unkown
|
page read and write
|
|
|
|
7FF5AB326000
|
unkown image
|
page readonly
|
|
|
|
22135D10000
|
heap default
|
page read and write
|
|
|
|
210F5802000
|
unkown
|
page read and write
|
|
|
|
20E15250000
|
unkown image
|
page readonly
|
|
|
|
7FF4F19D8000
|
unkown image
|
page readonly
|
|
|
|
3C2A47F000
|
stack
|
page read and write
|
|
|
|
7DF553FD2000
|
unkown image
|
page readonly
|
|
|
|
22135E63000
|
unkown
|
page read and write
|
|
|
|
7FF5AB120000
|
unkown image
|
page readonly
|
|
|
|
20E14BE0000
|
unkown
|
page read and write
|
|
|
|
7FF5AB55A000
|
unkown image
|
page readonly
|
|
|
|
7FF58B2FE000
|
unkown image
|
page readonly
|
|
|
|
20E1555F000
|
unkown
|
page read and write
|
|
|
|
20E14C13000
|
unkown
|
page read and write
|
|
|
|
7DF553FF0000
|
unkown image
|
page readonly
|
|
|
|
7FF58B1B0000
|
unkown image
|
page readonly
|
|
|
|
7FF58B476000
|
unkown image
|
page readonly
|
|
|
|
18C7587B000
|
unkown
|
page read and write
|
|
|
|
20E15B02000
|
unkown
|
page read and write
|
|
|
|
22135E4B000
|
unkown
|
page read and write
|
|
|
|
8B0000
|
unkown image
|
page readonly
|
|
|
|
7DF553FD0000
|
unkown image
|
page readonly
|
|
|
|
20A0000
|
unkown
|
page read and write
|
|
|
|
22135F02000
|
unkown
|
page read and write
|
|
|
|
D318B7A000
|
stack
|
page read and write
|
|
|
|
22135E59000
|
unkown
|
page read and write
|
|
|
|
7FF4F197B000
|
unkown image
|
page readonly
|
|
|
|
20E14C88000
|
unkown
|
page read and write
|
|
|
|
9EA4977000
|
stack
|
page read and write
|
|
|
|
7FF4F1530000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB54C000
|
unkown image
|
page readonly
|
|
|
|
20E14CE9000
|
unkown
|
page read and write
|
|
|
|
2462E6E0000
|
unkown image
|
page readonly
|
|
|
|
7FF58B4F1000
|
unkown image
|
page readonly
|
|
|
|
20E14CB1000
|
unkown
|
page read and write
|
|
|
|
4ADE000
|
stack
|
page read and write
|
|
|
|
7FF5AAEB7000
|
unkown image
|
page readonly
|
|
|
|
210F5002000
|
unkown
|
page read and write
|
|
|
|
3C2A1EB000
|
unkown
|
page read and write
|
|
|
|
4C1E000
|
stack
|
page read and write
|
|
|
|
9EA4A7F000
|
stack
|
page read and write
|
|
|
|
20E15A6A000
|
unkown
|
page read and write
|
|
|
|
3C2AB7E000
|
stack
|
page read and write
|
|
|
|
7FF5D40DE000
|
unkown image
|
page readonly
|
|
|
|
22136200000
|
unkown image
|
page readonly
|
|
|
|
20E14B70000
|
unkown
|
page read and write
|
|
|
|
2060000
|
heap private
|
page read and write
|
|
|
|
7FF53EF44000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB441000
|
unkown image
|
page readonly
|
|
|
|
7DF553FF0000
|
unkown image
|
page readonly
|
|
|
|
7FF58B095000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB135000
|
unkown image
|
page readonly
|
|
|
|
20E14D02000
|
unkown
|
page read and write
|
|
|
|
7FF58B364000
|
unkown image
|
page readonly
|
|
|
|
429000
|
unkown image
|
page read and write
|
|
|
|
7FF5AB5CE000
|
unkown image
|
page readonly
|
|
|
|
7FF5D40BA000
|
unkown image
|
page readonly
|
|
|
|
20E155C4000
|
unkown
|
page read and write
|
|
|
|
20E14CBF000
|
unkown
|
page read and write
|
|
|
|
7DF553FE2000
|
unkown image
|
page readonly
|
|
|
|
7FFB0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D40CF000
|
unkown image
|
page readonly
|
|
|
|
22135E00000
|
unkown
|
page read and write
|
|
|
|
7FF58B4F2000
|
unkown image
|
page readonly
|
|
|
|
7FF4F1987000
|
unkown image
|
page readonly
|
|
|
|
7FF53EEDD000
|
unkown image
|
page readonly
|
|
|
|
7FF58B177000
|
unkown image
|
page readonly
|
|
|
|
7FF4F1831000
|
unkown image
|
page readonly
|
|
|
|
20E14C50000
|
unkown
|
page read and write
|
|
|
|
7FF58B444000
|
unkown image
|
page readonly
|
|
|
|
7FF58B3FA000
|
unkown image
|
page readonly
|
|
|
|
7FF5D40D8000
|
unkown image
|
page readonly
|
|
|
|
7FF5D3F6E000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB5BF000
|
unkown image
|
page readonly
|
|
|
|
18C75C00000
|
unkown image
|
page readonly
|
|
|
|
591000
|
heap default
|
page read and write
|
|
|
|
2462E8A0000
|
heap default
|
page read and write
|
|
|
|
7FF5D40A7000
|
unkown image
|
page readonly
|
|
|
|
3C2A7F7000
|
stack
|
page read and write
|
|
|
|
22135E13000
|
unkown
|
page read and write
|
|
|
|
7FF53E7B3000
|
unkown image
|
page readonly
|
|
|
|
2462E7F0000
|
unkown
|
page read and write
|
|
|
|
7DF506AF0000
|
unkown image
|
page readonly
|
|
|
|
7DF5E91E0000
|
unkown image
|
page readonly
|
|
|
|
7FF53EEAA000
|
unkown image
|
page readonly
|
|
|
|
22135F00000
|
unkown
|
page read and write
|
|
|
|
7FF5AB5B4000
|
unkown image
|
page readonly
|
|
|
|
2A30000
|
unkown image
|
page read and write
|
|
|
|
7FF5AB5A4000
|
unkown image
|
page readonly
|
|
There are 592 hidden memdumps, click here to show them.