Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
G47wmLn8uy.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\~DFAFA5F207726209AF.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
 |
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\G47wmLn8uy.exe
|
"C:\Users\user\Desktop\G47wmLn8uy.exe"
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\subideal\Eyeliners
|
HARNISKKLDT
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4D10000
|
unkown
|
page execute and read and write
|
|
|
|
7FF5A7368000
|
unkown image
|
page readonly
|
|
|
|
2D5AF38D000
|
unkown
|
page read and write
|
|
|
|
7FF50ACB4000
|
unkown image
|
page readonly
|
|
|
|
7DF51E112000
|
unkown image
|
page readonly
|
|
|
|
7FF51B1E2000
|
unkown image
|
page readonly
|
|
|
|
2D5AF38E000
|
unkown
|
page read and write
|
|
|
|
610000
|
heap private
|
page read and write
|
|
|
|
1DEE284B000
|
unkown
|
page read and write
|
|
|
|
DF6C67F000
|
stack
|
page read and write
|
|
|
|
1E2C4230000
|
unkown image
|
page readonly
|
|
|
|
7FF5A73CC000
|
unkown image
|
page readonly
|
|
|
|
1DEE2900000
|
unkown
|
page read and write
|
|
|
|
2D5AF202000
|
unkown
|
page read and write
|
|
|
|
2D5AF391000
|
unkown
|
page read and write
|
|
|
|
2D5AEA00000
|
unkown
|
page read and write
|
|
|
|
7FF5842C8000
|
unkown image
|
page readonly
|
|
|
|
2050000
|
unkown
|
page read and write
|
|
|
|
2D5AF366000
|
unkown
|
page read and write
|
|
|
|
7FF5A72A1000
|
unkown image
|
page readonly
|
|
|
|
1DEE2886000
|
unkown
|
page read and write
|
|
|
|
1D790B30000
|
unkown image
|
page readonly
|
|
|
|
2B59000
|
heap private
|
page read and write
|
|
|
|
2D5AF35D000
|
unkown
|
page read and write
|
|
|
|
7FF51B107000
|
unkown image
|
page readonly
|
|
|
|
1E2C3DB0000
|
unkown image
|
page readonly
|
|
|
|
2D5AEA48000
|
unkown
|
page read and write
|
|
|
|
2D5AF802000
|
unkown
|
page read and write
|
|
|
|
7FF5841C4000
|
unkown image
|
page readonly
|
|
|
|
29A000
|
unkown
|
page read and write
|
|
|
|
1D51E83C000
|
unkown
|
page read and write
|
|
|
|
1E2C3E86000
|
heap default
|
page read and write
|
|
|
|
7FF51B11F000
|
unkown image
|
page readonly
|
|
|
|
2D5AF366000
|
unkown
|
page read and write
|
|
|
|
7FF50A820000
|
unkown image
|
page readonly
|
|
|
|
7DF5BC5D0000
|
unkown image
|
page readonly
|
|
|
|
2D5AF120000
|
unkown
|
page read and write
|
|
|
|
1D790E00000
|
unkown image
|
page readonly
|
|
|
|
19C000
|
unkown
|
page read and write
|
|
|
|
7FF51B0FB000
|
unkown image
|
page readonly
|
|
|
|
7FF50ABAD000
|
unkown image
|
page readonly
|
|
|
|
2D5AF388000
|
unkown
|
page read and write
|
|
|
|
7FF50AC4C000
|
unkown image
|
page readonly
|
|
|
|
7FF51B158000
|
unkown image
|
page readonly
|
|
|
|
2D5AF364000
|
unkown
|
page read and write
|
|
|
|
2D5AE8A0000
|
heap private
|
page read and write
|
|
|
|
1D791402000
|
unkown
|
page read and write
|
|
|
|
7FF509008000
|
unkown image
|
page readonly
|
|
|
|
1D51ED80000
|
unkown image
|
page readonly
|
|
|
|
7FF50AAB1000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7026000
|
unkown image
|
page readonly
|
|
|
|
20B0000
|
heap private
|
page read and write
|
|
|
|
2D5AF38E000
|
unkown
|
page read and write
|
|
|
|
2C336CC000
|
unkown
|
page read and write
|
|
|
|
1D790C7B000
|
unkown
|
page read and write
|
|
|
|
7FF5A744A000
|
unkown image
|
page readonly
|
|
|
|
1D51E640000
|
heap private
|
page read and write
|
|
|
|
1D790C50000
|
unkown
|
page read and write
|
|
|
|
2D5AF397000
|
unkown
|
page read and write
|
|
|
|
1DEE2879000
|
unkown
|
page read and write
|
|
|
|
2C33CF7000
|
stack
|
page read and write
|
|
|
|
1D790C13000
|
unkown
|
page read and write
|
|
|
|
2D5AF380000
|
unkown
|
page read and write
|
|
|
|
7FF51B0DC000
|
unkown image
|
page readonly
|
|
|
|
2204000
|
heap private
|
page read and write
|
|
|
|
7FF5A6DB3000
|
unkown image
|
page readonly
|
|
|
|
234D07B000
|
unkown
|
page read and write
|
|
|
|
2060000
|
unkown
|
page execute read
|
|
|
|
7FF50ACBF000
|
unkown image
|
page readonly
|
|
|
|
1DEE2650000
|
unkown image
|
page read and write
|
|
|
|
2D5AF802000
|
unkown
|
page read and write
|
|
|
|
7FF5A7465000
|
unkown image
|
page readonly
|
|
|
|
2D5AF38E000
|
unkown
|
page read and write
|
|
|
|
2D5AEA49000
|
unkown
|
page read and write
|
|
|
|
8B0000
|
unkown image
|
page readonly
|
|
|
|
1E2C4225000
|
heap private
|
page read and write
|
|
|
|
7FEB0000
|
unkown image
|
page readonly
|
|
|
|
430000
|
heap default
|
page read and write
|
|
|
|
2D5AEE00000
|
unkown image
|
page readonly
|
|
|
|
DF6C4FE000
|
stack
|
page read and write
|
|
|
|
2210000
|
unkown
|
page read and write
|
|
|
|
7FF5A7434000
|
unkown image
|
page readonly
|
|
|
|
7FF5842DD000
|
unkown image
|
page readonly
|
|
|
|
2D5AF36C000
|
unkown
|
page read and write
|
|
|
|
1D790D13000
|
unkown
|
page read and write
|
|
|
|
2C33EFF000
|
stack
|
page read and write
|
|
|
|
2D5AF36F000
|
unkown
|
page read and write
|
|
|
|
1DEE26A0000
|
unkown image
|
page readonly
|
|
|
|
7FF51B0F5000
|
unkown image
|
page readonly
|
|
|
|
2D5AF800000
|
unkown
|
page read and write
|
|
|
|
1D51E670000
|
unkown image
|
page readonly
|
|
|
|
7FF5A74C8000
|
unkown image
|
page readonly
|
|
|
|
1D51E870000
|
unkown
|
page read and write
|
|
|
|
7FF50A9D7000
|
unkown image
|
page readonly
|
|
|
|
2D5AEAA8000
|
unkown
|
page read and write
|
|
|
|
2D5AF39F000
|
unkown
|
page read and write
|
|
|
|
2D5AF38E000
|
unkown
|
page read and write
|
|
|
|
1D51E854000
|
unkown
|
page read and write
|
|
|
|
2D5AF375000
|
unkown
|
page read and write
|
|
|
|
2D5AF3B0000
|
unkown
|
page read and write
|
|
|
|
1A0000
|
unkown image
|
page readonly
|
|
|
|
7FF509019000
|
unkown image
|
page readonly
|
|
|
|
1E2C41C0000
|
unkown image
|
page readonly
|
|
|
|
1DEE2A00000
|
unkown image
|
page readonly
|
|
|
|
7FF50A826000
|
unkown image
|
page readonly
|
|
|
|
7FF58426B000
|
unkown image
|
page readonly
|
|
|
|
7DF51E122000
|
unkown image
|
page readonly
|
|
|
|
7FF5842D6000
|
unkown image
|
page readonly
|
|
|
|
1D790C4F000
|
unkown
|
page read and write
|
|
|
|
1D51F002000
|
unkown
|
page read and write
|
|
|
|
7FF51B127000
|
unkown image
|
page readonly
|
|
|
|
2D5AF38E000
|
unkown
|
page read and write
|
|
|
|
1D51E650000
|
unkown image
|
page readonly
|
|
|
|
EC0CBF7000
|
stack
|
page read and write
|
|
|
|
7FF5A743F000
|
unkown image
|
page readonly
|
|
|
|
1D51E858000
|
unkown
|
page read and write
|
|
|
|
2D5AEB16000
|
unkown
|
page read and write
|
|
|
|
2C33DFF000
|
stack
|
page read and write
|
|
|
|
7FF508FF4000
|
unkown image
|
page readonly
|
|
|
|
2D5AEB13000
|
unkown
|
page read and write
|
|
|
|
1D790A30000
|
unkown image
|
page readonly
|
|
|
|
7FFC2000
|
unkown image
|
page readonly
|
|
|
|
1D51E800000
|
unkown
|
page read and write
|
|
|
|
7FF58425A000
|
unkown image
|
page readonly
|
|
|
|
2D5AEA88000
|
unkown
|
page read and write
|
|
|
|
1E2C3E97000
|
unkown
|
page read and write
|
|
|
|
2D5AF39F000
|
unkown
|
page read and write
|
|
|
|
2D5AF37B000
|
unkown
|
page read and write
|
|
|
|
7FF50AC8C000
|
unkown image
|
page readonly
|
|
|
|
7FF50AB03000
|
unkown image
|
page readonly
|
|
|
|
7DF4972A0000
|
unkown image
|
page readonly
|
|
|
|
7FF58424A000
|
unkown image
|
page readonly
|
|
|
|
2D5AF120000
|
unkown
|
page read and write
|
|
|
|
2D5AF38E000
|
unkown
|
page read and write
|
|
|
|
1D7909E0000
|
unkown image
|
page read and write
|
|
|
|
2D5AEA54000
|
unkown
|
page read and write
|
|
|
|
7DF5BC5F0000
|
unkown image
|
page readonly
|
|
|
|
2D5AF375000
|
unkown
|
page read and write
|
|
|
|
1E2C3E9E000
|
unkown
|
page read and write
|
|
|
|
7DF5BC5F0000
|
unkown image
|
page readonly
|
|
|
|
1DEE2857000
|
unkown
|
page read and write
|
|
|
|
7FF51ACB0000
|
unkown image
|
page readonly
|
|
|
|
7DF530260000
|
unkown image
|
page readonly
|
|
|
|
1D790A20000
|
unkown image
|
page readonly
|
|
|
|
1E2C3D70000
|
unkown image
|
page read and write
|
|
|
|
2230000
|
unkown
|
page read and write
|
|
|
|
2D5AF38E000
|
unkown
|
page read and write
|
|
|
|
DF6C5FE000
|
stack
|
page read and write
|
|
|
|
2D5AE9E0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7400000
|
unkown image
|
page readonly
|
|
|
|
1D51E829000
|
unkown
|
page read and write
|
|
|
|
1D51E902000
|
unkown
|
page read and write
|
|
|
|
2A70000
|
unkown image
|
page readonly
|
|
|
|
1D7909F0000
|
heap private
|
page read and write
|
|
|
|
7FFB2000
|
unkown image
|
page readonly
|
|
|
|
2D5AF802000
|
unkown
|
page read and write
|
|
|
|
7FF5A7020000
|
unkown image
|
page readonly
|
|
|
|
7FFB0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A745E000
|
unkown image
|
page readonly
|
|
|
|
7FF50ACA4000
|
unkown image
|
page readonly
|
|
|
|
7FF5A74D9000
|
unkown image
|
page readonly
|
|
|
|
1E2C3E9E000
|
unkown
|
page read and write
|
|
|
|
7FFC0000
|
unkown image
|
page readonly
|
|
|
|
7FF51B169000
|
unkown image
|
page readonly
|
|
|
|
7DF4BA4A0000
|
unkown image
|
page readonly
|
|
|
|
2B50000
|
heap private
|
page read and write
|
|
|
|
7FF5A6C6F000
|
unkown image
|
page readonly
|
|
|
|
7FF50AB21000
|
unkown image
|
page readonly
|
|
|
|
7FF583E35000
|
unkown image
|
page readonly
|
|
|
|
2225000
|
heap private
|
page read and write
|
|
|
|
7FF5A742B000
|
unkown image
|
page readonly
|
|
|
|
7FFD0000
|
unkown image
|
page readonly
|
|
|
|
7FF583FD7000
|
unkown image
|
page readonly
|
|
|
|
2D5AF38E000
|
unkown
|
page read and write
|
|
|
|
7FF51AFEB000
|
unkown image
|
page readonly
|
|
|
|
42B000
|
unkown image
|
page readonly
|
|
|
|
2D5AF381000
|
unkown
|
page read and write
|
|
|
|
1DEE2D80000
|
unkown image
|
page readonly
|
|
|
|
7FF5A71D7000
|
unkown image
|
page readonly
|
|
|
|
7FF51AEA0000
|
unkown image
|
page readonly
|
|
|
|
2D5AEA4E000
|
unkown
|
page read and write
|
|
|
|
30000
|
unkown image
|
page read and write
|
|
|
|
7FF51B15E000
|
unkown image
|
page readonly
|
|
|
|
1D790C4B000
|
unkown
|
page read and write
|
|
|
|
2D5AF395000
|
unkown
|
page read and write
|
|
|
|
7FF50AC6B000
|
unkown image
|
page readonly
|
|
|
|
2D5AF36A000
|
unkown
|
page read and write
|
|
|
|
7FF5841B3000
|
unkown image
|
page readonly
|
|
|
|
7DF5993E0000
|
unkown image
|
page readonly
|
|
|
|
2D5AF38E000
|
unkown
|
page read and write
|
|
|
|
1DEE2690000
|
unkown image
|
page readonly
|
|
|
|
1E2C3E30000
|
unkown image
|
page readonly
|
|
|
|
7FF5A74AA000
|
unkown image
|
page readonly
|
|
|
|
7DF51E130000
|
unkown image
|
page readonly
|
|
|
|
7FF5841AD000
|
unkown image
|
page readonly
|
|
|
|
1D51E84D000
|
unkown
|
page read and write
|
|
|
|
7FF584297000
|
unkown image
|
page readonly
|
|
|
|
7DF5993F0000
|
unkown image
|
page readonly
|
|
|
|
7DF51FDE0000
|
unkown image
|
page readonly
|
|
|
|
7DF42E130000
|
unkown image
|
page readonly
|
|
|
|
2D5AF863000
|
unkown
|
page read and write
|
|
|
|
7FF5A74CE000
|
unkown image
|
page readonly
|
|
|
|
7DF530270000
|
unkown image
|
page readonly
|
|
|
|
1DEE284F000
|
unkown
|
page read and write
|
|
|
|
4D0F000
|
stack
|
page read and write
|
|
|
|
2C33AFB000
|
stack
|
page read and write
|
|
|
|
7FF584344000
|
unkown image
|
page readonly
|
|
|
|
7FF50ACC8000
|
unkown image
|
page readonly
|
|
|
|
A343CF000
|
stack
|
page read and write
|
|
|
|
7FF50AC5A000
|
unkown image
|
page readonly
|
|
|
|
7FF58428F000
|
unkown image
|
page readonly
|
|
|
|
2D5AF31F000
|
unkown
|
page read and write
|
|
|
|
2D5AF39F000
|
unkown
|
page read and write
|
|
|
|
400000
|
unkown image
|
page readonly
|
|
|
|
7FF51B134000
|
unkown image
|
page readonly
|
|
|
|
296000
|
unkown
|
page read and write
|
|
|
|
21D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5840B1000
|
unkown image
|
page readonly
|
|
|
|
2D5AEA2E000
|
unkown
|
page read and write
|
|
|
|
1E2C3DF0000
|
unkown
|
page read and write
|
|
|
|
7FF50AD4A000
|
unkown image
|
page readonly
|
|
|
|
1E2C3E9E000
|
unkown
|
page read and write
|
|
|
|
1D51EC00000
|
unkown image
|
page readonly
|
|
|
|
7FF508FA5000
|
unkown image
|
page readonly
|
|
|
|
7DF5993D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7363000
|
unkown image
|
page readonly
|
|
|
|
620000
|
heap default
|
page read and write
|
|
|
|
1D790C4D000
|
unkown
|
page read and write
|
|
|
|
2D5AE900000
|
heap default
|
page read and write
|
|
|
|
2D5AF364000
|
unkown
|
page read and write
|
|
|
|
7DF5BC5D2000
|
unkown image
|
page readonly
|
|
|
|
7FF5A730A000
|
unkown image
|
page readonly
|
|
|
|
7DF5993D0000
|
unkown image
|
page readonly
|
|
|
|
1DEE2829000
|
unkown
|
page read and write
|
|
|
|
7FF58415B000
|
unkown image
|
page readonly
|
|
|
|
EC0C6BC000
|
unkown
|
page read and write
|
|
|
|
EC0CFF9000
|
stack
|
page read and write
|
|
|
|
1D51E855000
|
unkown
|
page read and write
|
|
|
|
40000
|
unkown image
|
page readonly
|
|
|
|
7DF5BC5E2000
|
unkown image
|
page readonly
|
|
|
|
1D51E680000
|
unkown image
|
page readonly
|
|
|
|
7DF41BFE0000
|
unkown image
|
page readonly
|
|
|
|
1DEE2913000
|
unkown
|
page read and write
|
|
|
|
1D790A50000
|
heap default
|
page read and write
|
|
|
|
7FF5A744C000
|
unkown image
|
page readonly
|
|
|
|
7FF584103000
|
unkown image
|
page readonly
|
|
|
|
7FF5A6FCE000
|
unkown image
|
page readonly
|
|
|
|
7FF584352000
|
unkown image
|
page readonly
|
|
|
|
7FF51AF41000
|
unkown image
|
page readonly
|
|
|
|
7DF5993E2000
|
unkown image
|
page readonly
|
|
|
|
2D5AF39F000
|
unkown
|
page read and write
|
|
|
|
7DF530280000
|
unkown image
|
page readonly
|
|
|
|
2D5AF3B5000
|
unkown
|
page read and write
|
|
|
|
7FF58415E000
|
unkown image
|
page readonly
|
|
|
|
2D5AF385000
|
unkown
|
page read and write
|
|
|
|
401000
|
unkown image
|
page execute read
|
|
|
|
7DF5BC5E0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A72B1000
|
unkown image
|
page readonly
|
|
|
|
7FF5A746B000
|
unkown image
|
page readonly
|
|
|
|
2D5AF39F000
|
unkown
|
page read and write
|
|
|
|
7FF508FCF000
|
unkown image
|
page readonly
|
|
|
|
7FF583E20000
|
unkown image
|
page readonly
|
|
|
|
2D5AE890000
|
unkown image
|
page read and write
|
|
|
|
1D790D02000
|
unkown
|
page read and write
|
|
|
|
2D5AEAC7000
|
unkown
|
page read and write
|
|
|
|
42B000
|
unkown image
|
page readonly
|
|
|
|
1E2C3DD0000
|
unkown
|
page read and write
|
|
|
|
2D5AEAE2000
|
unkown
|
page read and write
|
|
|
|
7DF51FDE2000
|
unkown image
|
page readonly
|
|
|
|
7FF51AF93000
|
unkown image
|
page readonly
|
|
|
|
21F0000
|
unkown image
|
page readonly
|
|
|
|
7FF50AD52000
|
unkown image
|
page readonly
|
|
|
|
7DF51E110000
|
unkown image
|
page readonly
|
|
|
|
7FF50ACAA000
|
unkown image
|
page readonly
|
|
|
|
7FF50ACD9000
|
unkown image
|
page readonly
|
|
|
|
1D790A00000
|
unkown image
|
page readonly
|
|
|
|
2D5AEAA9000
|
unkown
|
page read and write
|
|
|
|
7DF51E110000
|
unkown image
|
page readonly
|
|
|
|
2970000
|
unkown image
|
page read and write
|
|
|
|
2D5AF359000
|
unkown
|
page read and write
|
|
|
|
2D5AEC00000
|
unkown image
|
page readonly
|
|
|
|
1E2C3E96000
|
unkown
|
page read and write
|
|
|
|
2D5AF060000
|
unkown
|
page read and write
|
|
|
|
2D5AF377000
|
unkown
|
page read and write
|
|
|
|
7FF50AB5B000
|
unkown image
|
page readonly
|
|
|
|
1D51E852000
|
unkown
|
page read and write
|
|
|
|
2D5AF38E000
|
unkown
|
page read and write
|
|
|
|
7FF50A469000
|
unkown image
|
page readonly
|
|
|
|
7DF51FDE2000
|
unkown image
|
page readonly
|
|
|
|
2D5AF3B2000
|
unkown
|
page read and write
|
|
|
|
2D5AF38E000
|
unkown
|
page read and write
|
|
|
|
2C33BFB000
|
stack
|
page read and write
|
|
|
|
1DEE2800000
|
unkown
|
page read and write
|
|
|
|
3040000
|
unkown
|
page read and write
|
|
|
|
A348F7000
|
stack
|
page read and write
|
|
|
|
7FF51B14F000
|
unkown image
|
page readonly
|
|
|
|
2D5AEF80000
|
unkown image
|
page readonly
|
|
|
|
2D5AEA3C000
|
unkown
|
page read and write
|
|
|
|
7DF530280000
|
unkown image
|
page readonly
|
|
|
|
1E2C3E81000
|
unkown
|
page read and write
|
|
|
|
7FF5A74B4000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7460000
|
unkown image
|
page readonly
|
|
|
|
1DEE2670000
|
unkown image
|
page readonly
|
|
|
|
7FF5842CE000
|
unkown image
|
page readonly
|
|
|
|
7FF50AB41000
|
unkown image
|
page readonly
|
|
|
|
7DF51FDD0000
|
unkown image
|
page readonly
|
|
|
|
7FF5841CC000
|
unkown image
|
page readonly
|
|
|
|
1D51EA00000
|
unkown image
|
page readonly
|
|
|
|
2D5AF38E000
|
unkown
|
page read and write
|
|
|
|
7DF51E130000
|
unkown image
|
page readonly
|
|
|
|
7FF508FE4000
|
unkown image
|
page readonly
|
|
|
|
2D5AF38E000
|
unkown
|
page read and write
|
|
|
|
2D5AEA13000
|
unkown
|
page read and write
|
|
|
|
7FF50AB5E000
|
unkown image
|
page readonly
|
|
|
|
7FF51B03D000
|
unkown image
|
page readonly
|
|
|
|
43A000
|
heap default
|
page read and write
|
|
|
|
DF6C579000
|
stack
|
page read and write
|
|
|
|
1DEE2813000
|
unkown
|
page read and write
|
|
|
|
7FF5A748C000
|
unkown image
|
page readonly
|
|
|
|
1D790C00000
|
unkown
|
page read and write
|
|
|
|
7FFB2000
|
unkown image
|
page readonly
|
|
|
|
7DF5BC5E2000
|
unkown image
|
page readonly
|
|
|
|
2D5AF3C1000
|
unkown
|
page read and write
|
|
|
|
2D5AF364000
|
unkown
|
page read and write
|
|
|
|
1DEE2660000
|
heap private
|
page read and write
|
|
|
|
7FF5842BF000
|
unkown image
|
page readonly
|
|
|
|
1D791000000
|
unkown image
|
page readonly
|
|
|
|
2D5AEA4A000
|
unkown
|
page read and write
|
|
|
|
1D51E84F000
|
unkown
|
page read and write
|
|
|
|
2D5AF3B6000
|
unkown
|
page read and write
|
|
|
|
2D5AF802000
|
unkown
|
page read and write
|
|
|
|
7FF584260000
|
unkown image
|
page readonly
|
|
|
|
40000
|
unkown image
|
page readonly
|
|
|
|
7FFD0000
|
unkown image
|
page readonly
|
|
|
|
1D51E650000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7210000
|
unkown image
|
page readonly
|
|
|
|
7FF51AFB1000
|
unkown image
|
page readonly
|
|
|
|
2D5AEA70000
|
unkown
|
page read and write
|
|
|
|
1E2C3E70000
|
heap default
|
page read and write
|
|
|
|
7FF5A73B3000
|
unkown image
|
page readonly
|
|
|
|
1E2C3D90000
|
unkown image
|
page readonly
|
|
|
|
1D790D08000
|
unkown
|
page read and write
|
|
|
|
2D5AEA29000
|
unkown
|
page read and write
|
|
|
|
1D790A00000
|
unkown image
|
page readonly
|
|
|
|
2D5AF0B0000
|
unkown image
|
page write copy
|
|
|
|
1D51E908000
|
unkown
|
page read and write
|
|
|
|
7FF50ACD6000
|
unkown image
|
page readonly
|
|
|
|
1DEE287D000
|
unkown
|
page read and write
|
|
|
|
1E2C3E86000
|
unkown
|
page read and write
|
|
|
|
7FF5A6D62000
|
unkown image
|
page readonly
|
|
|
|
7DF51E120000
|
unkown image
|
page readonly
|
|
|
|
7DF51FDD2000
|
unkown image
|
page readonly
|
|
|
|
2D5AE8B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7035000
|
unkown image
|
page readonly
|
|
|
|
2D5AF397000
|
unkown
|
page read and write
|
|
|
|
1D51E780000
|
unkown image
|
page readonly
|
|
|
|
2D5AF32C000
|
unkown
|
page read and write
|
|
|
|
1D51E84B000
|
unkown
|
page read and write
|
|
|
|
7FF50AA10000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7497000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7402000
|
unkown image
|
page readonly
|
|
|
|
7FF51B0EA000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7260000
|
unkown image
|
page readonly
|
|
|
|
1D51E7A0000
|
unkown
|
page read and write
|
|
|
|
7FF50901D000
|
unkown image
|
page readonly
|
|
|
|
401000
|
unkown image
|
page execute read
|
|
|
|
7FF508FEA000
|
unkown image
|
page readonly
|
|
|
|
2D5AF3C1000
|
unkown
|
page read and write
|
|
|
|
7FF51B054000
|
unkown image
|
page readonly
|
|
|
|
1E2C3D90000
|
unkown image
|
page readonly
|
|
|
|
7FF51B1D4000
|
unkown image
|
page readonly
|
|
|
|
7FF51B043000
|
unkown image
|
page readonly
|
|
|
|
7FF583E26000
|
unkown image
|
page readonly
|
|
|
|
400000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7077000
|
unkown image
|
page readonly
|
|
|
|
2D5AE8D0000
|
unkown image
|
page readonly
|
|
|
|
1D790D00000
|
unkown
|
page read and write
|
|
|
|
7FF50A835000
|
unkown image
|
page readonly
|
|
|
|
2D5AEA51000
|
unkown
|
page read and write
|
|
|
|
7FF509084000
|
unkown image
|
page readonly
|
|
|
|
2D5AE8B0000
|
unkown image
|
page readonly
|
|
|
|
2D5AF3B6000
|
unkown
|
page read and write
|
|
|
|
7FF5A7341000
|
unkown image
|
page readonly
|
|
|
|
20C0000
|
unkown
|
page read and write
|
|
|
|
7FF50AC65000
|
unkown image
|
page readonly
|
|
|
|
2D5AF3B0000
|
unkown
|
page read and write
|
|
|
|
7FF51A941000
|
unkown image
|
page readonly
|
|
|
|
1DEE2C00000
|
unkown image
|
page readonly
|
|
|
|
2D5AF35E000
|
unkown
|
page read and write
|
|
|
|
7FF584277000
|
unkown image
|
page readonly
|
|
|
|
7FF50AC4A000
|
unkown image
|
page readonly
|
|
|
|
2D5AEB02000
|
unkown
|
page read and write
|
|
|
|
7FF5A735E000
|
unkown image
|
page readonly
|
|
|
|
2D5AF3B0000
|
unkown
|
page read and write
|
|
|
|
DF6C17A000
|
unkown
|
page read and write
|
|
|
|
7FF51B1E1000
|
unkown image
|
page readonly
|
|
|
|
7FF5A748F000
|
unkown image
|
page readonly
|
|
|
|
1DEE2902000
|
unkown
|
page read and write
|
|
|
|
1DEE27A0000
|
unkown image
|
page readonly
|
|
|
|
EC0C7BF000
|
stack
|
page read and write
|
|
|
|
7FF5842B4000
|
unkown image
|
page readonly
|
|
|
|
7FF50AD51000
|
unkown image
|
page readonly
|
|
|
|
2D5AF38E000
|
unkown
|
page read and write
|
|
|
|
7DF5993E0000
|
unkown image
|
page readonly
|
|
|
|
A342CB000
|
unkown
|
page read and write
|
|
|
|
7FF5842D9000
|
unkown image
|
page readonly
|
|
|
|
7FF584351000
|
unkown image
|
page readonly
|
|
|
|
2D5AF3A1000
|
unkown
|
page read and write
|
|
|
|
7FF583A69000
|
unkown image
|
page readonly
|
|
|
|
2D5AF38E000
|
unkown
|
page read and write
|
|
|
|
4C0E000
|
stack
|
page read and write
|
|
|
|
2D5AF372000
|
unkown
|
page read and write
|
|
|
|
2D5AEB08000
|
unkown
|
page read and write
|
|
|
|
7DF5993D2000
|
unkown image
|
page readonly
|
|
|
|
7FF5A721B000
|
unkown image
|
page readonly
|
|
|
|
EC0CCF8000
|
stack
|
page read and write
|
|
|
|
EC0CEFF000
|
stack
|
page read and write
|
|
|
|
1D790C86000
|
unkown
|
page read and write
|
|
|
|
1D51E900000
|
unkown
|
page read and write
|
|
|
|
7DF5BC5E0000
|
unkown image
|
page readonly
|
|
|
|
98000
|
unkown
|
page read and write
|
|
|
|
1D51E888000
|
unkown
|
page read and write
|
|
|
|
1DEE2908000
|
unkown
|
page read and write
|
|
|
|
7FF5A7477000
|
unkown image
|
page readonly
|
|
|
|
7FF58428C000
|
unkown image
|
page readonly
|
|
|
|
A347FB000
|
stack
|
page read and write
|
|
|
|
A34AFE000
|
stack
|
page read and write
|
|
|
|
2D5AEA56000
|
unkown
|
page read and write
|
|
|
|
1D790B50000
|
unkown
|
page read and write
|
|
|
|
2D5AF802000
|
unkown
|
page read and write
|
|
|
|
2D5AF378000
|
unkown
|
page read and write
|
|
|
|
1D790C70000
|
unkown
|
page read and write
|
|
|
|
7FF5A7075000
|
unkown image
|
page readonly
|
|
|
|
1D51E859000
|
unkown
|
page read and write
|
|
|
|
7DF51FDE0000
|
unkown image
|
page readonly
|
|
|
|
1D51E87A000
|
unkown
|
page read and write
|
|
|
|
7DF51E120000
|
unkown image
|
page readonly
|
|
|
|
7FF5A6C69000
|
unkown image
|
page readonly
|
|
|
|
7FF5A745A000
|
unkown image
|
page readonly
|
|
|
|
234D57F000
|
stack
|
page read and write
|
|
|
|
1D790C29000
|
unkown
|
page read and write
|
|
|
|
7FF5A7303000
|
unkown image
|
page readonly
|
|
|
|
7FF508FFE000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7551000
|
unkown image
|
page readonly
|
|
|
|
7FF508D50000
|
unkown image
|
page readonly
|
|
|
|
7DF51FDF0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A6FC2000
|
unkown image
|
page readonly
|
|
|
|
7FF584141000
|
unkown image
|
page readonly
|
|
|
|
A3434F000
|
stack
|
page read and write
|
|
|
|
452000
|
heap default
|
page read and write
|
|
|
|
7FF5A6FD2000
|
unkown image
|
page readonly
|
|
|
|
7FF5842A4000
|
unkown image
|
page readonly
|
|
|
|
7FF50900E000
|
unkown image
|
page readonly
|
|
|
|
1D790C52000
|
unkown
|
page read and write
|
|
|
|
7FF508FD8000
|
unkown image
|
page readonly
|
|
|
|
21E0000
|
unkown
|
page read and write
|
|
|
|
1DEE284C000
|
unkown
|
page read and write
|
|
|
|
2C337CF000
|
stack
|
page read and write
|
|
|
|
A349FE000
|
stack
|
page read and write
|
|
|
|
7FF50AD44000
|
unkown image
|
page readonly
|
|
|
|
600000
|
unkown image
|
page readonly
|
|
|
|
2D5AF39F000
|
unkown
|
page read and write
|
|
|
|
7FF51B0DA000
|
unkown image
|
page readonly
|
|
|
|
234D0FF000
|
stack
|
page read and write
|
|
|
|
7FF5842AA000
|
unkown image
|
page readonly
|
|
|
|
7FF51B11C000
|
unkown image
|
page readonly
|
|
|
|
7FF584010000
|
unkown image
|
page readonly
|
|
|
|
7DF5BC5D2000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7321000
|
unkown image
|
page readonly
|
|
|
|
2D5AF300000
|
unkown
|
page read and write
|
|
|
|
2D5AF38E000
|
unkown
|
page read and write
|
|
|
|
7FF5A7413000
|
unkown image
|
page readonly
|
|
|
|
7FF50AC8F000
|
unkown image
|
page readonly
|
|
|
|
7FF50ABB3000
|
unkown image
|
page readonly
|
|
|
|
1D791180000
|
unkown image
|
page readonly
|
|
|
|
7FF5A74BF000
|
unkown image
|
page readonly
|
|
|
|
7DF51FDD2000
|
unkown image
|
page readonly
|
|
|
|
7FF50AC97000
|
unkown image
|
page readonly
|
|
|
|
7DF530272000
|
unkown image
|
page readonly
|
|
|
|
7DF530270000
|
unkown image
|
page readonly
|
|
|
|
7FF51B13A000
|
unkown image
|
page readonly
|
|
|
|
7FF5A73AD000
|
unkown image
|
page readonly
|
|
|
|
2D5AE8E0000
|
unkown image
|
page readonly
|
|
|
|
7FF50ABC4000
|
unkown image
|
page readonly
|
|
|
|
7FF5A74A4000
|
unkown image
|
page readonly
|
|
|
|
400000
|
unkown image
|
page readonly
|
|
|
|
1D790C90000
|
unkown
|
page read and write
|
|
|
|
7FF50A46F000
|
unkown image
|
page readonly
|
|
|
|
4BCF000
|
stack
|
page read and write
|
|
|
|
7FF58434A000
|
unkown image
|
page readonly
|
|
|
|
7FF51B0EE000
|
unkown image
|
page readonly
|
|
|
|
4ACE000
|
stack
|
page read and write
|
|
|
|
1D51E630000
|
unkown image
|
page read and write
|
|
|
|
2D5AF130000
|
unkown image
|
page read and write
|
|
|
|
1DEE3002000
|
unkown
|
page read and write
|
|
|
|
2D5AF38E000
|
unkown
|
page read and write
|
|
|
|
2F6E000
|
unkown image
|
page read and write
|
|
|
|
7FF5A754A000
|
unkown image
|
page readonly
|
|
|
|
C40000
|
unkown image
|
page readonly
|
|
|
|
2D5AF38E000
|
unkown
|
page read and write
|
|
|
|
7FF5088F3000
|
unkown image
|
page readonly
|
|
|
|
7FF50AC5E000
|
unkown image
|
page readonly
|
|
|
|
20A0000
|
unkown image
|
page readonly
|
|
|
|
7DF5BC5D0000
|
unkown image
|
page readonly
|
|
|
|
7FF51AFEE000
|
unkown image
|
page readonly
|
|
|
|
234D477000
|
stack
|
page read and write
|
|
|
|
1DEE2670000
|
unkown image
|
page readonly
|
|
|
|
2C3374F000
|
stack
|
page read and write
|
|
|
|
DF6C47F000
|
stack
|
page read and write
|
|
|
|
7FF51AE67000
|
unkown image
|
page readonly
|
|
|
|
7FF58424C000
|
unkown image
|
page readonly
|
|
|
|
2D5AEA7F000
|
unkown
|
page read and write
|
|
|
|
2D5AEA47000
|
unkown
|
page read and write
|
|
|
|
2D5AF35E000
|
unkown
|
page read and write
|
|
|
|
2D5AF3BB000
|
unkown
|
page read and write
|
|
|
|
7DF530260000
|
unkown image
|
page readonly
|
|
|
|
7FF509092000
|
unkown image
|
page readonly
|
|
|
|
2D5AF375000
|
unkown
|
page read and write
|
|
|
|
7FF51B144000
|
unkown image
|
page readonly
|
|
|
|
2D5AF3B0000
|
unkown
|
page read and write
|
|
|
|
7DF5993D2000
|
unkown image
|
page readonly
|
|
|
|
2D5AF368000
|
unkown
|
page read and write
|
|
|
|
1D51E84C000
|
unkown
|
page read and write
|
|
|
|
7FF5A6F3E000
|
unkown image
|
page readonly
|
|
|
|
1E2C4040000
|
unkown image
|
page readonly
|
|
|
|
234D17F000
|
stack
|
page read and write
|
|
|
|
1D51E813000
|
unkown
|
page read and write
|
|
|
|
7FFC2000
|
unkown image
|
page readonly
|
|
|
|
7DF51FDD0000
|
unkown image
|
page readonly
|
|
|
|
1D790C3C000
|
unkown
|
page read and write
|
|
|
|
2D5AEA4B000
|
unkown
|
page read and write
|
|
|
|
7FF50908A000
|
unkown image
|
page readonly
|
|
|
|
2D5AEAC0000
|
unkown
|
page read and write
|
|
|
|
1DEE283C000
|
unkown
|
page read and write
|
|
|
|
2D5AF120000
|
unkown
|
page read and write
|
|
|
|
2220000
|
heap private
|
page read and write
|
|
|
|
EC0D07F000
|
stack
|
page read and write
|
|
|
|
2200000
|
heap private
|
page read and write
|
|
|
|
2D5AF372000
|
unkown
|
page read and write
|
|
|
|
7FF50ACDD000
|
unkown image
|
page readonly
|
|
|
|
7FF51B0F0000
|
unkown image
|
page readonly
|
|
|
|
1D51E913000
|
unkown
|
page read and write
|
|
|
|
1D790D26000
|
unkown
|
page read and write
|
|
|
|
7FF583A6F000
|
unkown image
|
page readonly
|
|
|
|
7DF51FDF0000
|
unkown image
|
page readonly
|
|
|
|
C30000
|
unkown image
|
page readonly
|
|
|
|
AB0000
|
unkown image
|
page readonly
|
|
|
|
427000
|
unkown image
|
page read and write
|
|
|
|
7DF41DCA0000
|
unkown image
|
page readonly
|
|
|
|
7DF530272000
|
unkown image
|
page readonly
|
|
|
|
7FF584121000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7296000
|
unkown image
|
page readonly
|
|
|
|
2D5AF802000
|
unkown
|
page read and write
|
|
|
|
29F0000
|
unkown
|
page read and write
|
|
|
|
7DF530262000
|
unkown image
|
page readonly
|
|
|
|
7FF51B166000
|
unkown image
|
page readonly
|
|
|
|
1DEE2870000
|
unkown
|
page read and write
|
|
|
|
2D5AF3B5000
|
unkown
|
page read and write
|
|
|
|
7FFB0000
|
unkown image
|
page readonly
|
|
|
|
1DEE2854000
|
unkown
|
page read and write
|
|
|
|
1D51E850000
|
unkown
|
page read and write
|
|
|
|
EC0C73F000
|
stack
|
page read and write
|
|
|
|
1D51E6A0000
|
heap default
|
page read and write
|
|
|
|
7FF5A7552000
|
unkown image
|
page readonly
|
|
|
|
7FF50AC60000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7226000
|
unkown image
|
page readonly
|
|
|
|
2D5AF090000
|
unkown image
|
page readonly
|
|
|
|
7DF530262000
|
unkown image
|
page readonly
|
|
|
|
2D5AF366000
|
unkown
|
page read and write
|
|
|
|
1DEE288C000
|
unkown
|
page read and write
|
|
|
|
EC0CDF7000
|
stack
|
page read and write
|
|
|
|
7FF50ABCC000
|
unkown image
|
page readonly
|
|
|
|
2D5AF395000
|
unkown
|
page read and write
|
|
|
|
7FF5088F7000
|
unkown image
|
page readonly
|
|
|
|
2D5AF313000
|
unkown
|
page read and write
|
|
|
|
7FF51ACB6000
|
unkown image
|
page readonly
|
|
|
|
7FF5A6DB7000
|
unkown image
|
page readonly
|
|
|
|
2D5AF38E000
|
unkown
|
page read and write
|
|
|
|
2B60000
|
unkown image
|
page read and write
|
|
|
|
7FF5A73C4000
|
unkown image
|
page readonly
|
|
|
|
2D5AEA4D000
|
unkown
|
page read and write
|
|
|
|
7FF508FA0000
|
unkown image
|
page readonly
|
|
|
|
7FF50ACCE000
|
unkown image
|
page readonly
|
|
|
|
7FF5A742F000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7544000
|
unkown image
|
page readonly
|
|
|
|
7FF58425E000
|
unkown image
|
page readonly
|
|
|
|
2D5AEAB2000
|
unkown
|
page read and write
|
|
|
|
7FF51B1DA000
|
unkown image
|
page readonly
|
|
|
|
7FF51ACC5000
|
unkown image
|
page readonly
|
|
|
|
1F0000
|
unkown
|
page read and write
|
|
|
|
2228000
|
heap private
|
page read and write
|
|
|
|
234D37B000
|
stack
|
page read and write
|
|
|
|
1DEE26C0000
|
heap default
|
page read and write
|
|
|
|
1D51E857000
|
unkown
|
page read and write
|
|
|
|
7FF5A74D6000
|
unkown image
|
page readonly
|
|
|
|
7FF51AFD1000
|
unkown image
|
page readonly
|
|
|
|
7FF50AC77000
|
unkown image
|
page readonly
|
|
|
|
7DF5993E2000
|
unkown image
|
page readonly
|
|
|
|
7FF509091000
|
unkown image
|
page readonly
|
|
|
|
234D67F000
|
stack
|
page read and write
|
|
|
|
1DEE284D000
|
unkown
|
page read and write
|
|
|
|
2D5AF366000
|
unkown
|
page read and write
|
|
|
|
2090000
|
unkown
|
page read and write
|
|
|
|
7DF5993F0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7294000
|
unkown image
|
page readonly
|
|
|
|
1DEE27C0000
|
unkown
|
page read and write
|
|
|
|
1E2C4220000
|
heap private
|
page read and write
|
|
|
|
7DF51E122000
|
unkown image
|
page readonly
|
|
|
|
DF6C1FF000
|
stack
|
page read and write
|
|
|
|
7FF51B16D000
|
unkown image
|
page readonly
|
|
|
|
7FF584265000
|
unkown image
|
page readonly
|
|
|
|
7DF51E112000
|
unkown image
|
page readonly
|
|
|
|
7FF51B05C000
|
unkown image
|
page readonly
|
|
|
|
7FF508FAB000
|
unkown image
|
page readonly
|
|
|
|
2D5AF38E000
|
unkown
|
page read and write
|
|
|
|
2D5AF86A000
|
unkown
|
page read and write
|
|
|
|
7FF5A735B000
|
unkown image
|
page readonly
|
|
|
|
7FFC0000
|
unkown image
|
page readonly
|
|
|
|
1E2C3E20000
|
unkown image
|
page readonly
|
|
|
|
429000
|
unkown image
|
page read and write
|
|
|
|
7FF508FCC000
|
unkown image
|
page readonly
|
|
There are 611 hidden memdumps, click here to show them.