IOC Report

loading gif

Files

File Path
Type
Category
Malicious
RFQ_Order_PO_TAE5203E.xlsx
CDFV2 Encrypted
initial sample
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\hnmy[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
downloaded
 malicious
C:\Users\user\AppData\Local\Temp\Cielert.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Desktop\~$RFQ_Order_PO_TAE5203E.xlsx
data
dropped
 malicious
C:\Users\Public\vbc.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\136D0B4A.jpeg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x160, frames 3
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\1C87F836.png
PNG image data, 458 x 211, 8-bit/color RGB, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\215471E8.png
PNG image data, 413 x 220, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\765438C9.jpeg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x160, frames 3
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\89430EC3.png
PNG image data, 458 x 211, 8-bit/color RGB, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\BCAAC72D.emf
Windows Enhanced Metafile (EMF) image data version 0x10000
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\DD131EBF.png
PNG image data, 413 x 220, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\~DF07CC82DF0855DA38.TMP
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\~DF2396DECF927A66A1.TMP
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\~DF90CE48132EA3580B.TMP
CDFV2 Encrypted
dropped
 clean
C:\Users\user\AppData\Local\Temp\~DFCD6368038830CEF2.TMP
data
dropped
 clean
There are 6 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE
"C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE" -Embedding
 malicious
C:\Users\Public\vbc.exe
"C:\Users\Public\vbc.exe"
malicious
C:\Users\Public\vbc.exe
C:\Users\Public\vbc.exe
 malicious
C:\Windows\explorer.exe
C:\Windows\Explorer.EXE
 malicious
C:\Windows\SysWOW64\msiexec.exe
C:\Windows\SysWOW64\msiexec.exe
 malicious
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
"C:\Program Files\Microsoft Office\Office14\EXCEL.EXE" /automation -Embedding
 clean
C:\Windows\SysWOW64\cmd.exe
/c del "C:\Users\Public\vbc.exe"
 clean

URLs

Name
IP
Malicious
http://209.141.37.110/hnmy.exe
209.141.37.110
 malicious
http://www.aloebiotics.com/b80i/?XXAT9NU=u8CFGDbLa+paDYPUt2HIfZvLGaLNzu7WkG1ejV9QOUI0TwLOmLGNbUmrlgsvnY/sa5UfOA==&bFQL=2dJLx4-Hc4v
64.190.62.111
 malicious
www.dreamschools.online/b80i/
malicious
http://www.sjljtzsls.com/b80i/?XXAT9NU=S1GZrcUjP6Mqu1rkaE68XUwdav2ZAuLdhfc3NoUcKUpIPYlLOeb3MkcjdHuyJHfoxw3F9Q==&bFQL=2dJLx4-Hc4v
163.197.71.43
 malicious
http://www.windows.com/pctv.
unknown
 clean
http://investor.msn.com
unknown
 clean
http://www.msnbc.com/news/ticker.txt
unknown
 clean
http://wellformedweb.org/CommentAPI/
unknown
 clean
http://www.iis.fhg.de/audioPA
unknown
 clean
http://windowsmedia.com/redir/services.asp?WMPFriendly=true
unknown
 clean
http://www.hotmail.com/oe
unknown
 clean
http://treyresearch.net
unknown
 clean
https://sedo.com/search/details/?partnerid=324561&language=it&domain=aloebiotics.com&origin=sales_la
unknown
 clean
http://services.msn.com/svcs/oe/certpage.asp?name=%s&email=%s&&Check
unknown
 clean
http://www.piriform.com/ccleanerhttp://www.pir
unknown
 clean
http://java.sun.com
unknown
 clean
http://www.icra.org/vocabulary/.
unknown
 clean
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous.
unknown
 clean
http://www.piriform.com/ccleanerhttp://www.piriform.com/ccleanerv
unknown
 clean
http://investor.msn.com/
unknown
 clean
http://www.piriform.com/ccleaner
unknown
 clean
http://computername/printers/printername/.printer
unknown
 clean
http://www.%s.comPA
unknown
 clean
http://www.autoitscript.com/autoit3
unknown
 clean
https://support.mozilla.org
unknown
 clean
http://sogou.9898top1.com/sscx.html
unknown
 clean
http://servername/isapibackend.dll
unknown
 clean
There are 17 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
www.aloebiotics.com
64.190.62.111
 malicious
www.sjljtzsls.com
163.197.71.43
 malicious
www.mediafyagency.com
unknown
 malicious

IPs

IP
Domain
Country
Malicious
209.141.37.110
unknown
United States
malicious
64.190.62.111
www.aloebiotics.com
United States
malicious
163.197.71.43
www.sjljtzsls.com
South Africa
malicious

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
6+-
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel
MTTT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\ReviewCycle
ReviewToken
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\30FAA
30FAA
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
VBAFiles
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
)2-
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\35A21
35A21
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\36F94
36F94
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
Max Display
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
Item 1
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Max Display
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 1
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 2
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 3
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 4
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 5
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 6
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 7
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 8
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 9
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 10
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 11
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 12
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 13
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 14
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 15
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 16
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 17
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 18
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 19
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 20
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 21
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Security\Trusted Documents
LastPurgeTime
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
1033
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
1033
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
EXCELFiles
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
ProductFiles
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\35A21
35A21
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109E60090400100000000F01FEC\Usage
EquationEditorFilesIntl_1033
 clean
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
 clean
There are 30 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
9317000
unkown image
page execute and read and write
 malicious
2F0000
unkown image
page execute and read and write
 malicious
9317000
unkown image
page execute and read and write
 malicious
401000
unkown image
page execute read
 malicious
8D0000
unkown
page read and write
 malicious
430000
unkown image
page execute and read and write
 malicious
60D000
heap default
page read and write
 malicious
D0000
unkown image
page execute and read and write
 malicious
401000
unkown image
page execute read
 malicious
3D0000
unkown image
page execute and read and write
 malicious
401000
unkown image
page execute read
 malicious
1B60000
heap private
page read and write
 clean
3298000
unkown
page read and write
 clean
43B0000
unkown image
page readonly
 clean
43F000
unkown image
page readonly
 clean
60000
unkown image
page readonly
 clean
449C000
unkown
page read and write
 clean
9C000
unkown
page read and write
 clean
43B0000
unkown image
page readonly
 clean
9553000
unkown
page read and write
 clean
3130000
heap private
page read and write
 clean
1B50000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
8CF8000
unkown
page read and write
 clean
6D40000
unkown
page read and write
 clean
2AA0000
unkown
page read and write
 clean
4AF0000
unkown image
page readonly
 clean
2F20000
unkown
page read and write
 clean
4DC0000
unkown
page read and write
 clean
3270000
unkown
page read and write
 clean
45CF000
unkown
page read and write
 clean
1B0000
unkown
page read and write
 clean
1D0000
unkown image
page readonly
 clean
73B9000
unkown
page read and write
 clean
25C0000
unkown
page read and write
 clean
7D20000
heap private
page read and write
 clean
255000
heap default
page read and write
 clean
456000
unkown image
page write copy
 clean
690000
heap default
page read and write
 clean
34E000
unkown
page read and write
 clean
2F70000
unkown
page read and write
 clean
45B000
unkown image
page read and write
 clean
457A000
unkown
page read and write
 clean
30F0000
unkown image
page readonly
 clean
4308000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
7EFC0000
unkown image
page readonly
 clean
83EA000
unkown
page read and write
 clean
99D3000
heap private
page read and write
 clean
2AE0000
unkown image
page readonly
 clean
2EC1000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
4D60000
unkown image
page readonly
 clean
7E1E000
unkown
page read and write
 clean
7FFFFFC0000
unkown image
page readonly
 clean
43F000
unkown image
page execute and read and write
 clean
457A000
unkown
page read and write
 clean
34E000
unkown
page read and write
 clean
25C3000
unkown
page read and write
 clean
9650000
unkown
page read and write
 clean
45CF000
unkown
page read and write
 clean
F0000
unkown image
page read and write
 clean
E0000
heap private
page read and write
 clean
44E7000
unkown
page read and write
 clean
2EC1000
unkown
page read and write
 clean
43B0000
unkown image
page readonly
 clean
6B4000
heap default
page read and write
 clean
457A000
unkown
page read and write
 clean
5360000
unkown image
page read and write
 clean
211B000
unkown image
page read and write
 clean
461000
unkown image
page readonly
 clean
45B4000
unkown
page read and write
 clean
73B9000
unkown
page read and write
 clean
430000
unkown image
page readonly
 clean
301E000
unkown
page read and write
 clean
8374000
unkown
page read and write
 clean
3130000
heap private
page read and write
 clean
330000
unkown
page read and write
 clean
790000
unkown image
page readonly
 clean
29C0000
unkown
page read and write
 clean
21BF000
unkown
page read and write
 clean
23D000
heap default
page read and write
 clean
9713000
unkown
page read and write
 clean
4308000
unkown
page read and write
 clean
4200000
unkown image
page readonly
 clean
3D40000
unkown
page read and write
 clean
27E0000
unkown
page read and write
 clean
79D8000
unkown
page read and write
 clean
6C49000
unkown
page read and write
 clean
2CC7000
unkown image
page readonly
 clean
2F70000
unkown
page read and write
 clean
EC0000
unkown image
page readonly
 clean
8B0000
unkown
page execute and read and write
 clean
263C000
unkown
page read and write
 clean
74B0000
heap private
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
40000
unkown image
page readonly
 clean
29B000
heap default
page read and write
 clean
40000
unkown image
page readonly
 clean
3C90000
unkown image
page read and write
 clean
3FF000
stack
page read and write
 clean
140000
unkown image
page readonly
 clean
29D0000
unkown
page read and write
 clean
29B000
heap default
page read and write
 clean
20B6000
unkown
page read and write
 clean
30E0000
unkown image
page readonly
 clean
AEF000
stack
page read and write
 clean
50000
unkown image
page readonly
 clean
43C0000
heap private
page read and write
 clean
292F000
unkown
page read and write
 clean
2A80000
unkown
page read and write
 clean
7B40000
unkown
page read and write
 clean
4B9D000
unkown
page read and write
 clean
3DF8000
unkown
page read and write
 clean
430000
unkown image
page readonly
 clean
73C000
stack
page read and write
 clean
292F000
unkown
page read and write
 clean
20DA000
unkown
page read and write
 clean
4E5E000
unkown
page read and write
 clean
6A60000
heap private
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
7FFFFFD0000
unkown image
page readonly
 clean
29E0000
unkown
page read and write
 clean
69CB000
unkown
page read and write
 clean
460000
unkown image
page readonly
 clean
7E1E000
unkown
page read and write
 clean
36D000
unkown
page read and write
 clean
2A60000
unkown
page read and write
 clean
45D6000
unkown
page read and write
 clean
32AE000
heap private
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
5C0000
unkown image
page readonly
 clean
45D6000
unkown
page read and write
 clean
9694000
unkown
page read and write
 clean
400000
unkown image
page readonly
 clean
2120000
unkown image
page read and write
 clean
6A60000
heap private
page read and write
 clean
25A0000
unkown
page read and write
 clean
230000
heap default
page read and write
 clean
2BA000
unkown
page read and write
 clean
2CC7000
unkown image
page readonly
 clean
8405000
unkown
page read and write
 clean
3140000
unkown
page read and write
 clean
8374000
unkown
page read and write
 clean
8405000
unkown
page read and write
 clean
1B50000
unkown
page read and write
 clean
30E0000
unkown image
page readonly
 clean
29B0000
unkown
page read and write
 clean
4FD000
heap default
page read and write
 clean
43B0000
unkown image
page readonly
 clean
4575000
unkown
page read and write
 clean
243000
heap default
page read and write
 clean
E4000
heap private
page read and write
 clean
2CC7000
unkown image
page readonly
 clean
4650000
unkown image
page readonly
 clean
8CF0000
unkown
page read and write
 clean
10000
unkown image
page read and write
 clean
2110000
unkown image
page read and write
 clean
79D0000
unkown
page read and write
 clean
2EC1000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
5390000
heap private
page read and write
 clean
28C7000
unkown
page execute and read and write
 clean
371000
unkown
page read and write
 clean
8391000
unkown
page read and write
 clean
D0000
unkown image
page readonly
 clean
2AC0000
unkown
page read and write
 clean
4D40000
unkown image
page readonly
 clean
460000
unkown image
page execute and read and write
 clean
2C7000
heap default
page read and write
 clean
10000
unkown image
page read and write
 clean
CAF000
unkown image
page execute and read and write
 clean
2740000
unkown
page execute and read and write
 clean
213B000
unkown image
page read and write
 clean
D0000
unkown image
page readonly
 clean
20000
unkown image
page readonly
 clean
3E50000
unkown image
page readonly
 clean
2A60000
unkown
page read and write
 clean
3DF8000
unkown
page read and write
 clean
8420000
unkown
page read and write
 clean
6D40000
unkown
page read and write
 clean
3D40000
unkown
page read and write
 clean
7FFFFFB2000
unkown image
page readonly
 clean
46E000
unkown image
page write copy
 clean
45BE000
unkown
page read and write
 clean
36B000
unkown
page read and write
 clean
3120000
unkown image
page readonly
 clean
8320000
unkown
page read and write
 clean
30F0000
unkown image
page readonly
 clean
7E1E000
unkown
page read and write
 clean
750000
unkown image
page readonly
 clean
24F0000
unkown image
page readonly
 clean
371000
unkown
page read and write
 clean
24B000
heap private
page read and write
 clean
29B0000
unkown
page read and write
 clean
2940000
unkown
page execute and read and write
 clean
24B0000
unkown
page read and write
 clean
309E000
unkown
page read and write
 clean
449C000
unkown
page read and write
 clean
8320000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
5B0000
unkown image
page readonly
 clean
4D70000
unkown image
page readonly
 clean
5E0000
unkown image
page readonly
 clean
7FFFFFD0000
unkown image
page readonly
 clean
36B000
unkown
page read and write
 clean
29A000
heap default
page read and write
 clean
46E000
unkown image
page write copy
 clean
2100000
unkown image
page readonly
 clean
2110000
unkown image
page read and write
 clean
1B60000
heap private
page read and write
 clean
360000
heap private
page read and write
 clean
3135000
heap private
page read and write
 clean
1B60000
heap private
page read and write
 clean
841D000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
2130000
unkown image
page read and write
 clean
160000
unkown
page read and write
 clean
2CD2000
unkown image
page read and write
 clean
3120000
unkown image
page readonly
 clean
3298000
unkown
page read and write
 clean
30A8000
unkown
page read and write
 clean
9750000
unkown
page read and write
 clean
7B50000
heap private
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
7EFB0000
unkown image
page readonly
 clean
6B7000
unkown
page read and write
 clean
30000
unkown image
page readonly
 clean
32A0000
heap private
page read and write
 clean
729A000
unkown
page read and write
 clean
9BD000
unkown
page read and write
 clean
3278000
unkown
page read and write
 clean
B6F000
stack
page read and write
 clean
430000
unkown image
page readonly
 clean
7D20000
heap private
page read and write
 clean
6D40000
unkown
page read and write
 clean
50000
unkown image
page readonly
 clean
7839000
unkown
page read and write
 clean
35F000
stack
page read and write
 clean
447A000
unkown
page read and write
 clean
A30000
unkown
page execute and read and write
 clean
7EFB0000
unkown image
page readonly
 clean
930000
heap private
page read and write
 clean
1D7000
unkown
page read and write
 clean
2646000
unkown
page read and write
 clean
512000
heap private
page read and write
 clean
7FFFFFB2000
unkown image
page readonly
 clean
41E000
unkown image
page execute read
 clean
EB0000
unkown image
page readonly
 clean
2760000
heap private
page read and write
 clean
8355000
unkown
page read and write
 clean
3D40000
unkown
page read and write
 clean
4AF0000
unkown image
page readonly
 clean
237000
heap default
page read and write
 clean
2130000
unkown image
page readonly
 clean
3140000
unkown
page read and write
 clean
4308000
unkown
page read and write
 clean
1EC0000
unkown image
page readonly
 clean
456F000
unkown
page read and write
 clean
23D000
heap default
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
7EFE0000
unkown image
page readonly
 clean
2533000
unkown
page read and write
 clean
2990000
unkown
page read and write
 clean
401000
unkown image
page execute read
 clean
2A90000
unkown
page read and write
 clean
20C0000
unkown image
page readonly
 clean
4D4000
heap default
page read and write
 clean
45B4000
unkown
page read and write
 clean
1FA0000
heap private
page read and write
 clean
3298000
unkown
page read and write
 clean
2AE0000
unkown image
page readonly
 clean
30C0000
unkown
page read and write
 clean
6A60000
heap private
page read and write
 clean
9650000
unkown
page read and write
 clean
8466000
unkown
page read and write
 clean
990000
heap private
page read and write
 clean
4C7A000
heap private
page read and write
 clean
4450000
unkown
page read and write
 clean
532E000
unkown
page read and write
 clean
82B8000
unkown
page read and write
 clean
7B4B000
unkown
page read and write
 clean
9750000
unkown
page read and write
 clean
461000
unkown image
page readonly
 clean
32A5000
heap private
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
10000
unkown image
page read and write
 clean
2AD0000
unkown
page read and write
 clean
24F0000
unkown image
page readonly
 clean
1EB0000
heap private
page read and write
 clean
3CA0000
unkown
page read and write
 clean
1FD0000
unkown image
page readonly
 clean
2AB0000
unkown
page read and write
 clean
1E0000
unkown
page read and write
 clean
2A60000
unkown
page read and write
 clean
400000
unkown image
page readonly
 clean
23C000
unkown
page read and write
 clean
295A000
unkown image
page read and write
 clean
50000
unkown image
page readonly
 clean
4450000
unkown
page read and write
 clean
3DF8000
unkown
page read and write
 clean
834B000
unkown
page read and write
 clean
590000
heap default
page read and write
 clean
3D40000
unkown
page read and write
 clean
74B4000
heap private
page read and write
 clean
3120000
unkown image
page readonly
 clean
212B000
unkown image
page read and write
 clean
32AE000
heap private
page read and write
 clean
9357000
unkown image
page execute and read and write
 clean
3E50000
unkown image
page readonly
 clean
400000
unkown image
page readonly
 clean
750000
unkown image
page readonly
 clean
8720000
unkown
page read and write
 clean
8C0000
unkown
page execute and read and write
 clean
29C0000
unkown
page read and write
 clean
255000
heap default
page read and write
 clean
7EFE0000
unkown image
page readonly
 clean
456000
heap private
page read and write
 clean
230000
heap default
page read and write
 clean
45BE000
unkown
page read and write
 clean
2750000
unkown
page execute and read and write
 clean
4450000
unkown
page read and write
 clean
2F60000
unkown
page read and write
 clean
190000
unkown image
page readonly
 clean
2760000
heap private
page read and write
 clean
460B000
unkown
page read and write
 clean
82B8000
unkown
page read and write
 clean
1ED0000
unkown image
page readonly
 clean
3270000
unkown
page read and write
 clean
74B4000
heap private
page read and write
 clean
400000
unkown image
page readonly
 clean
95D0000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
34E000
unkown
page read and write
 clean
6B1000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
7EFDF000
unkown
page read and write
 clean
782F000
unkown
page read and write
 clean
45BE000
unkown
page read and write
 clean
5B4000
heap default
page read and write
 clean
2646000
unkown
page read and write
 clean
2130000
unkown image
page read and write
 clean
2646000
unkown
page read and write
 clean
4B00000
unkown image
page readonly
 clean
74D3000
heap private
page read and write
 clean
4E60000
unkown
page read and write
 clean
7FFFFFB2000
unkown image
page readonly
 clean
1E0000
unkown
page read and write
 clean
7FFFFFC2000
unkown image
page readonly
 clean
45A000
unkown image
page write copy
 clean
7EFE0000
unkown image
page readonly
 clean
31D000
heap default
page read and write
 clean
3CA0000
unkown
page read and write
 clean
7B4B000
unkown
page read and write
 clean
3DF8000
unkown
page read and write
 clean
10000
unkown image
page read and write
 clean
1BE0000
unkown image
page readonly
 clean
45CB000
unkown
page read and write
 clean
1BE0000
unkown image
page readonly
 clean
50000
unkown image
page readonly
 clean
2AE0000
unkown image
page readonly
 clean
3140000
unkown
page read and write
 clean
F0000
unkown image
page read and write
 clean
21BF000
unkown
page read and write
 clean
6D48000
unkown
page read and write
 clean
4160000
unkown
page read and write
 clean
4F0000
heap private
page read and write
 clean
237000
heap default
page read and write
 clean
95D0000
unkown
page read and write
 clean
4D30000
unkown image
page readonly
 clean
249000
heap default
page read and write
 clean
211B000
unkown image
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
834B000
unkown
page read and write
 clean
9A0000
unkown
page read and write
 clean
4C70000
heap private
page read and write
 clean
4450000
unkown
page read and write
 clean
7FFFFFB0000
unkown image
page readonly
 clean
3CC0000
unkown image
page readonly
 clean
3E50000
unkown image
page readonly
 clean
3270000
unkown
page read and write
 clean
2540000
unkown
page read and write
 clean
2F60000
unkown
page read and write
 clean
7EFDF000
unkown
page read and write
 clean
9592000
unkown
page read and write
 clean
8CD0000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
4DB1000
unkown image
page read and write
 clean
2533000
unkown
page read and write
 clean
31FF000
unkown
page read and write
 clean
7EFDF000
unkown
page read and write
 clean
D30000
unkown image
page readonly
 clean
79F0000
heap private
page read and write
 clean
6E50000
heap private
page read and write
 clean
20000
unkown image
page readonly
 clean
2A70000
unkown
page read and write
 clean
729A000
unkown
page read and write
 clean
30D0000
unkown image
page readonly
 clean
4308000
unkown
page read and write
 clean
4650000
unkown image
page readonly
 clean
220000
unkown
page read and write
 clean
243000
heap default
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
2B1000
unkown
page read and write
 clean
2A80000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
2F20000
unkown
page read and write
 clean
370000
unkown
page read and write
 clean
1BE0000
unkown image
page readonly
 clean
8CF8000
unkown
page read and write
 clean
7FFFFFD0000
unkown image
page readonly
 clean
45B4000
unkown
page read and write
 clean
4160000
unkown
page read and write
 clean
4D30000
unkown image
page readonly
 clean
1C0000
unkown
page read and write
 clean
4300000
unkown
page read and write
 clean
4AF0000
unkown image
page readonly
 clean
8D000
unkown
page read and write
 clean
32A5000
heap private
page read and write
 clean
5390000
heap private
page read and write
 clean
50000
unkown image
page readonly
 clean
7FFFFFB0000
unkown image
page readonly
 clean
B90000
unkown
page execute and read and write
 clean
31D000
heap default
page read and write
 clean
2520000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
7B50000
heap private
page read and write
 clean
2BC000
heap default
page read and write
 clean
45CB000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
2640000
unkown
page execute and read and write
 clean
43F000
unkown image
page readonly
 clean
556F000
unkown
page read and write
 clean
32A0000
heap private
page read and write
 clean
841D000
unkown
page read and write
 clean
2A0000
heap default
page read and write
 clean
2740000
unkown image
page readonly
 clean
936000
heap private
page read and write
 clean
50000
unkown image
page readonly
 clean
E4000
heap private
page read and write
 clean
2AD0000
unkown
page read and write
 clean
330000
unkown
page read and write
 clean
4D80000
unkown image
page readonly
 clean
30000
unkown image
page readonly
 clean
5410000
heap private
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
2520000
unkown
page read and write
 clean
212B000
unkown image
page read and write
 clean
23D000
heap default
page read and write
 clean
92D0000
unkown image
page execute and read and write
 clean
461000
unkown image
page readonly
 clean
99B0000
heap private
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
255000
heap default
page read and write
 clean
8420000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
2A90000
unkown
page read and write
 clean
728E000
unkown
page read and write
 clean
7FFFFFB0000
unkown image
page readonly
 clean
460B000
unkown
page read and write
 clean
2AC0000
unkown
page read and write
 clean
1B83000
heap private
page read and write
 clean
30000
unkown image
page readonly
 clean
4DD0000
heap private
page read and write
 clean
5410000
heap private
page read and write
 clean
296A000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
7EFB2000
unkown image
page readonly
 clean
40000
unkown image
page readonly
 clean
41D000
unkown image
page execute and read and write
 clean
2750000
unkown
page read and write
 clean
371000
unkown
page read and write
 clean
6C47000
unkown
page read and write
 clean
4D50000
unkown image
page readonly
 clean
844000
unkown
page execute and read and write
 clean
B7A000
unkown
page read and write
 clean
20B6000
unkown
page read and write
 clean
60000
unkown image
page readonly
 clean
28C4000
unkown
page execute and read and write
 clean
3130000
heap private
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
4D40000
unkown image
page readonly
 clean
32A5000
heap private
page read and write
 clean
237000
heap default
page read and write
 clean
910000
unkown image
page readonly
 clean
267000
heap default
page read and write
 clean
31D000
heap default
page read and write
 clean
782F000
unkown
page read and write
 clean
83EA000
unkown
page read and write
 clean
9713000
unkown
page read and write
 clean
249000
heap default
page read and write
 clean
401000
unkown image
page execute read
 clean
74D3000
heap private
page read and write
 clean
7FFFFFC0000
unkown image
page readonly
 clean
25C3000
unkown
page read and write
 clean
2120000
unkown image
page read and write
 clean
2B7000
heap default
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
430000
unkown image
page readonly
 clean
2550000
unkown
page read and write
 clean
45CF000
unkown
page read and write
 clean
9694000
unkown
page read and write
 clean
6C0000
unkown
page read and write
 clean
27D0000
unkown
page execute and read and write
 clean
3CC0000
unkown image
page readonly
 clean
697000
heap default
page read and write
 clean
1D7000
unkown
page read and write
 clean
CB1000
unkown image
page execute and read and write
 clean
4E5E000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
AA0000
unkown
page execute and read and write
 clean
27E0000
unkown
page read and write
 clean
D0000
unkown image
page readonly
 clean
30D0000
unkown image
page readonly
 clean
6BBE000
unkown
page read and write
 clean
30A8000
unkown
page read and write
 clean
2AD0000
unkown
page read and write
 clean
2B0000
heap default
page read and write
 clean
2CC7000
unkown image
page readonly
 clean
301E000
unkown
page read and write
 clean
4EA000
heap default
page read and write
 clean
8720000
unkown
page read and write
 clean
4DC0000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
4D20000
unkown
page execute and read and write
 clean
1DB0000
unkown
page read and write
 clean
1C0000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
A40000
unkown
page execute and read and write
 clean
2AB0000
unkown
page read and write
 clean
263C000
unkown
page read and write
 clean
30D0000
unkown image
page readonly
 clean
7EFC2000
unkown image
page readonly
 clean
6C40000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
4B00000
unkown image
page readonly
 clean
400000
unkown image
page readonly
 clean
36F000
unkown
page read and write
 clean
4593000
unkown
page read and write
 clean
190000
unkown image
page readonly
 clean
4D20000
unkown
page execute and read and write
 clean
2980000
unkown
page read and write
 clean
43F000
stack
page read and write
 clean
9750000
unkown
page read and write
 clean
309E000
unkown
page read and write
 clean
2980000
unkown
page read and write
 clean
17D000
unkown
page read and write
 clean
CA0000
unkown image
page execute and read and write
 clean
6F57000
unkown
page read and write
 clean
20DA000
unkown
page read and write
 clean
8B000
unkown
page read and write
 clean
7CFE000
unkown
page read and write
 clean
1CE000
unkown
page read and write
 clean
750000
unkown image
page readonly
 clean
3D4B000
unkown
page read and write
 clean
79D8000
unkown
page read and write
 clean
457A000
unkown
page read and write
 clean
23D000
heap default
page read and write
 clean
25C3000
unkown
page read and write
 clean
253E000
stack
page read and write
 clean
2110000
unkown image
page read and write
 clean
25CE000
stack
page read and write
 clean
C2F000
stack
page read and write
 clean
2AB0000
unkown
page read and write
 clean
2F70000
unkown
page read and write
 clean
30000
unkown image
page readonly
 clean
2980000
unkown
page read and write
 clean
E0000
heap private
page read and write
 clean
45B4000
unkown
page read and write
 clean
45A1000
unkown
page read and write
 clean
456F000
unkown
page read and write
 clean
A0000
unkown image
page readonly
 clean
3135000
heap private
page read and write
 clean
5360000
unkown image
page read and write
 clean
140000
unkown image
page readonly
 clean
1CE000
stack
page read and write
 clean
8391000
unkown
page read and write
 clean
4D60000
unkown image
page readonly
 clean
810000
unkown image
page readonly
 clean
2AA0000
unkown
page read and write
 clean
3D50000
unkown
page read and write
 clean
27E0000
unkown
page read and write
 clean
30A8000
unkown
page read and write
 clean
7D20000
heap private
page read and write
 clean
9793000
unkown
page read and write
 clean
30000
unkown image
page readonly
 clean
2B0000
heap default
page read and write
 clean
6AF000
stack
page read and write
 clean
28B0000
unkown
page execute and read and write
 clean
447A000
unkown
page read and write
 clean
2A10000
unkown
page read and write
 clean
5270000
unkown
page execute read
 clean
32A9000
heap private
page read and write
 clean
29B0000
unkown
page read and write
 clean
3298000
unkown
page read and write
 clean
50000
unkown image
page readonly
 clean
E0000
heap private
page read and write
 clean
F0000
unkown image
page read and write
 clean
2120000
unkown image
page read and write
 clean
371000
unkown
page read and write
 clean
45BE000
unkown
page read and write
 clean
29D0000
unkown
page read and write
 clean
CAF000
unkown image
page execute and read and write
 clean
25B4000
unkown
page read and write
 clean
2560000
unkown
page read and write
 clean
79D8000
unkown
page read and write
 clean
29C0000
unkown
page read and write
 clean
4C0000
heap default
page read and write
 clean
79D0000
unkown
page read and write
 clean
750000
unkown
page execute and read and write
 clean
40000
unkown image
page readonly
 clean
4160000
unkown
page read and write
 clean
7FFFFFC0000
unkown image
page readonly
 clean
2F20000
unkown
page read and write
 clean
34E000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
20B6000
unkown
page read and write
 clean
460B000
unkown
page read and write
 clean
2A0000
heap default
page read and write
 clean
96D3000
unkown
page read and write
 clean
3C90000
unkown image
page read and write
 clean
81AE000
unkown
page read and write
 clean
460B000
unkown
page read and write
 clean
3D90000
unkown
page read and write
 clean
8CEE000
unkown
page read and write
 clean
69C0000
unkown
page read and write
 clean
99B5000
heap private
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
7EFB2000
unkown image
page readonly
 clean
8BBE000
unkown
page read and write
 clean
190000
unkown image
page readonly
 clean
2550000
unkown
page read and write
 clean
1B65000
heap private
page read and write
 clean
20DA000
unkown
page read and write
 clean
2533000
unkown
page read and write
 clean
490E000
stack
page read and write
 clean
7DE000
stack
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
8466000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
3CC0000
unkown image
page readonly
 clean
449C000
unkown
page read and write
 clean
2747000
unkown
page execute and read and write
 clean
96D3000
unkown
page read and write
 clean
213B000
unkown image
page read and write
 clean
2620000
unkown
page read and write
 clean
1B50000
unkown
page read and write
 clean
211B000
unkown image
page read and write
 clean
29D0000
unkown
page read and write
 clean
73B9000
unkown
page read and write
 clean
212B000
unkown image
page read and write
 clean
459000
unkown image
page read and write
 clean
7FFFFFB2000
unkown image
page readonly
 clean
30A8000
unkown
page read and write
 clean
2EC1000
unkown
page read and write
 clean
729A000
unkown
page read and write
 clean
8391000
unkown
page read and write
 clean
12C000
unkown
page read and write
 clean
7FFFFFB2000
unkown image
page readonly
 clean
7EFB0000
unkown image
page readonly
 clean
43C0000
heap private
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
3C90000
unkown image
page read and write
 clean
36F000
unkown
page read and write
 clean
36F000
unkown
page read and write
 clean
24C0000
unkown
page read and write
 clean
7CFE000
unkown
page read and write
 clean
850000
unkown
page execute and read and write
 clean
9610000
unkown
page read and write
 clean
2550000
unkown
page read and write
 clean
140000
unkown image
page readonly
 clean
7B4B000
unkown
page read and write
 clean
30C0000
unkown
page read and write
 clean
237000
heap default
page read and write
 clean
2740000
unkown image
page readonly
 clean
1D7000
unkown
page read and write
 clean
4300000
unkown
page read and write
 clean
2750000
unkown
page read and write
 clean
2F8000
heap default
page read and write
 clean
6C40000
unkown
page read and write
 clean
728E000
unkown
page read and write
 clean
4C7A000
heap private
page read and write
 clean
4D40000
unkown image
page readonly
 clean
4D30000
unkown image
page readonly
 clean
7EFE0000
unkown image
page readonly
 clean
1B50000
unkown
page read and write
 clean
4DC0000
unkown
page read and write
 clean
20000
unkown image
page readonly
 clean
7EFE0000
unkown image
page readonly
 clean
2C0000
unkown
page read and write
 clean
A0000
unkown image
page readonly
 clean
690000
unkown image
page readonly
 clean
9650000
unkown
page read and write
 clean
456F000
unkown
page read and write
 clean
720000
unkown
page read and write
 clean
2C7000
heap default
page read and write
 clean
249000
heap default
page read and write
 clean
2500000
unkown image
page readonly
 clean
A0000
unkown image
page readonly
 clean
4B9000
unkown
page read and write
 clean
99D3000
heap private
page read and write
 clean
2A70000
unkown
page read and write
 clean
73BB000
unkown
page read and write
 clean
9610000
unkown
page read and write
 clean
2BA000
unkown
page read and write
 clean
96D3000
unkown
page read and write
 clean
2A80000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
220000
unkown image
page readonly
 clean
74B0000
heap private
page read and write
 clean
4DD0000
heap private
page read and write
 clean
9C7000
unkown
page execute and read and write
 clean
7EFC2000
unkown image
page readonly
 clean
830000
unkown
page read and write
 clean
6BBE000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
2990000
unkown
page read and write
 clean
2744000
unkown
page execute and read and write
 clean
D2F000
stack
page read and write
 clean
5B0000
unkown
page read and write
 clean
21BF000
unkown
page read and write
 clean
25B7000
unkown
page read and write
 clean
2520000
unkown
page read and write
 clean
2C0000
unkown
page read and write
 clean
3D4B000
unkown
page read and write
 clean
3D90000
unkown
page read and write
 clean
5390000
heap private
page read and write
 clean
782F000
unkown
page read and write
 clean
370000
heap private
page read and write
 clean
4593000
unkown
page read and write
 clean
2AD0000
unkown
page read and write
 clean
8374000
unkown
page read and write
 clean
301E000
unkown
page read and write
 clean
7EFE0000
unkown image
page readonly
 clean
7EFD0000
unkown image
page readonly
 clean
8CF0000
unkown
page read and write
 clean
2A70000
unkown
page read and write
 clean
2100000
unkown image
page readonly
 clean
6C42000
unkown
page read and write
 clean
5AF000
stack
page read and write
 clean
840000
unkown
page execute and read and write
 clean
10000
unkown image
page read and write
 clean
36B000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
9713000
unkown
page read and write
 clean
2650000
unkown
page execute and read and write
 clean
213B000
unkown image
page read and write
 clean
6C49000
unkown
page read and write
 clean
211B000
unkown image
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
9610000
unkown
page read and write
 clean
2550000
unkown
page read and write
 clean
4150000
unkown image
page readonly
 clean
8CF8000
unkown
page read and write
 clean
1CE000
unkown
page read and write
 clean
6C42000
unkown
page read and write
 clean
6D48000
unkown
page read and write
 clean
10000
unkown image
page read and write
 clean
A50000
unkown image
page execute and read and write
 clean
841D000
unkown
page read and write
 clean
29E0000
unkown
page read and write
 clean
CA0000
unkown image
page execute and read and write
 clean
36F000
unkown
page read and write
 clean
1E0000
unkown
page read and write
 clean
1B65000
heap private
page read and write
 clean
6C40000
unkown
page read and write
 clean
220000
unkown image
page readonly
 clean
2130000
unkown image
page read and write
 clean
1BE0000
unkown image
page readonly
 clean
3C90000
unkown image
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
7CFE000
unkown
page read and write
 clean
43A0000
unkown image
page readonly
 clean
110000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
110000
unkown
page read and write
 clean
31D000
heap default
page read and write
 clean
45A1000
unkown
page read and write
 clean
2100000
unkown image
page readonly
 clean
5C0000
unkown
page read and write
 clean
4650000
unkown image
page readonly
 clean
4D70000
unkown image
page readonly
 clean
1E0000
unkown
page read and write
 clean
1B60000
heap private
page read and write
 clean
9C4000
unkown
page execute and read and write
 clean
400000
unkown image
page readonly
 clean
79F0000
heap private
page read and write
 clean
AA0000
unkown
page read and write
 clean
2540000
unkown
page read and write
 clean
30E0000
unkown image
page readonly
 clean
4C70000
heap private
page read and write
 clean
2C7000
heap default
page read and write
 clean
30F0000
unkown image
page readonly
 clean
309E000
unkown
page read and write
 clean
10000
unkown image
page read and write
 clean
2740000
unkown image
page readonly
 clean
456F000
unkown
page read and write
 clean
45A1000
unkown
page read and write
 clean
50000
unkown image
page readonly
 clean
3D90000
unkown
page read and write
 clean
40000
unkown image
page readonly
 clean
7B50000
heap private
page read and write
 clean
3D4B000
unkown
page read and write
 clean
2540000
unkown
page read and write
 clean
1B65000
heap private
page read and write
 clean
230000
heap default
page read and write
 clean
4D70000
unkown image
page readonly
 clean
6FD7000
unkown
page read and write
 clean
447A000
unkown
page read and write
 clean
7FFFFFC2000
unkown image
page readonly
 clean
744D000
unkown
page read and write
 clean
4D9000
heap default
page read and write
 clean
28D0000
unkown
page execute and read and write
 clean
99B0000
heap private
page read and write
 clean
110000
unkown
page read and write
 clean
2760000
heap private
page read and write
 clean
69C0000
unkown
page read and write
 clean
9B0000
unkown
page execute and read and write
 clean
4B0000
heap default
page read and write
 clean
7FFFFFB0000
unkown image
page readonly
 clean
2500000
unkown image
page readonly
 clean
3D4B000
unkown
page read and write
 clean
249000
heap default
page read and write
 clean
9694000
unkown
page read and write
 clean
2990000
unkown
page read and write
 clean
8CD0000
unkown
page read and write
 clean
5360000
unkown image
page read and write
 clean
2110000
unkown image
page read and write
 clean
2AB0000
unkown
page read and write
 clean
8D0000
unkown
page execute and read and write
 clean
9553000
unkown
page read and write
 clean
498E000
stack
page read and write
 clean
4D50000
unkown image
page readonly
 clean
4AAD000
unkown
page read and write
 clean
99B5000
heap private
page read and write
 clean
2EF000
stack
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
29B000
heap default
page read and write
 clean
230000
heap default
page read and write
 clean
4D80000
unkown image
page readonly
 clean
2646000
unkown
page read and write
 clean
7FFFFFD0000
unkown image
page readonly
 clean
447000
unkown image
page execute and write copy
 clean
20DA000
unkown
page read and write
 clean
45CB000
unkown
page read and write
 clean
220000
unkown image
page readonly
 clean
3B0000
unkown
page read and write
 clean
4AC0000
unkown
page read and write
 clean
30000
unkown image
page readonly
 clean
73BB000
unkown
page read and write
 clean
27C0000
unkown
page execute and read and write
 clean
2ED000
heap default
page read and write
 clean
532E000
unkown
page read and write
 clean
401000
unkown image
page execute read
 clean
44E7000
unkown
page read and write
 clean
5B0000
unkown image
page readonly
 clean
7BD0000
heap private
page read and write
 clean
260000
heap default
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
8405000
unkown
page read and write
 clean
296A000
unkown
page read and write
 clean
2500000
unkown image
page readonly
 clean
20B6000
unkown
page read and write
 clean
44E7000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
5C0000
unkown image
page readonly
 clean
7B40000
unkown
page read and write
 clean
2F6000
heap default
page read and write
 clean
7FFFFFB0000
unkown image
page readonly
 clean
74D3000
heap private
page read and write
 clean
4AAD000
unkown
page read and write
 clean
4C7A000
heap private
page read and write
 clean
4B7000
heap default
page read and write
 clean
29E0000
unkown
page read and write
 clean
244000
heap private
page read and write
 clean
597000
heap default
page read and write
 clean
2730000
unkown
page execute and read and write
 clean
2740000
unkown image
page readonly
 clean
3278000
unkown
page read and write
 clean
AD7000
unkown image
page execute and read and write
 clean
4150000
unkown image
page readonly
 clean
7EFC0000
unkown image
page readonly
 clean
3E6000
unkown
page read and write
 clean
450000
heap private
page read and write
 clean
556F000
unkown
page read and write
 clean
2A60000
unkown
page read and write
 clean
5F0000
unkown image
page readonly
 clean
2F60000
unkown
page read and write
 clean
B7D000
unkown
page read and write
 clean
9357000
unkown image
page execute and read and write
 clean
7EFB2000
unkown image
page readonly
 clean
82B8000
unkown
page read and write
 clean
5270000
unkown
page execute read
 clean
448000
unkown image
page readonly
 clean
2120000
unkown image
page read and write
 clean
4D20000
unkown
page execute and read and write
 clean
330000
unkown
page read and write
 clean
2AE0000
unkown image
page readonly
 clean
24F0000
unkown image
page readonly
 clean
940000
unkown image
page readonly
 clean
3CA0000
unkown
page read and write
 clean
45D6000
unkown
page read and write
 clean
30000
unkown image
page read and write
 clean
30F0000
unkown image
page readonly
 clean
9793000
unkown
page read and write
 clean
110000
unkown
page read and write
 clean
20000
unkown image
page readonly
 clean
6F57000
unkown
page read and write
 clean
32A9000
heap private
page read and write
 clean
4200000
unkown image
page readonly
 clean
1FD0000
unkown image
page readonly
 clean
8420000
unkown
page read and write
 clean
99B0000
heap private
page read and write
 clean
3270000
unkown
page read and write
 clean
4650000
unkown image
page readonly
 clean
7EFDF000
unkown
page read and write
 clean
456000
unkown image
page write copy
 clean
7F0000
heap private
page read and write
 clean
2AC0000
unkown
page read and write
 clean
43A0000
unkown image
page readonly
 clean
7FFFFFC0000
unkown image
page readonly
 clean
29B000
heap default
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
8466000
unkown
page read and write
 clean
6C42000
unkown
page read and write
 clean
31FF000
unkown
page read and write
 clean
744D000
unkown
page read and write
 clean
38A000
unkown
page read and write
 clean
32A0000
heap private
page read and write
 clean
740000
unkown
page execute and read and write
 clean
45CB000
unkown
page read and write
 clean
309E000
unkown
page read and write
 clean
5410000
heap private
page read and write
 clean
10000
unkown image
page read and write
 clean
4593000
unkown
page read and write
 clean
30D0000
unkown image
page readonly
 clean
2AC0000
unkown
page read and write
 clean
43C0000
heap private
page read and write
 clean
2AF000
unkown
page read and write
 clean
3A0000
unkown
page execute and read and write
 clean
46F000
unkown image
page execute and read and write
 clean
4AAD000
unkown
page read and write
 clean
1E0000
unkown image
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
A0000
unkown image
page readonly
 clean
920000
heap private
page read and write
 clean
2AA0000
unkown
page read and write
 clean
834B000
unkown
page read and write
 clean
45CF000
unkown
page read and write
 clean
43A0000
unkown image
page readonly
 clean
1C0000
unkown
page read and write
 clean
69CB000
unkown
page read and write
 clean
2B57000
unkown image
page read and write
 clean
24F0000
unkown image
page readonly
 clean
120000
heap default
page read and write
 clean
7EFE0000
unkown image
page readonly
 clean
2990000
unkown
page read and write
 clean
364000
heap private
page read and write
 clean
220000
unkown image
page readonly
 clean
260000
heap private
page read and write
 clean
140000
unkown
page read and write
 clean
32A9000
heap private
page read and write
 clean
4D60000
unkown image
page readonly
 clean
6B4000
unkown
page read and write
 clean
8BBE000
unkown
page read and write
 clean
32AE000
heap private
page read and write
 clean
6BBE000
unkown
page read and write
 clean
1FD0000
unkown image
page readonly
 clean
83EA000
unkown
page read and write
 clean
243000
heap default
page read and write
 clean
301E000
unkown
page read and write
 clean
1CE000
unkown
page read and write
 clean
8355000
unkown
page read and write
 clean
8CEE000
unkown
page read and write
 clean
1D0000
heap private
page read and write
 clean
25B1000
unkown
page read and write
 clean
8BBE000
unkown
page read and write
 clean
31FF000
unkown
page read and write
 clean
4575000
unkown
page read and write
 clean
456000
unkown image
page write copy
 clean
7EFB0000
unkown image
page readonly
 clean
4D50000
unkown image
page readonly
 clean
2B0000
unkown
page read and write
 clean
4DB1000
unkown image
page read and write
 clean
4200000
unkown image
page readonly
 clean
7EFC0000
unkown image
page readonly
 clean
45A1000
unkown
page read and write
 clean
3135000
heap private
page read and write
 clean
B8E000
stack
page read and write
 clean
1C0000
unkown
page read and write
 clean
1B83000
heap private
page read and write
 clean
4BE000
unkown
page read and write
 clean
8CEE000
unkown
page read and write
 clean
8355000
unkown
page read and write
 clean
20000
unkown
page read and write
 clean
30C0000
unkown
page read and write
 clean
43A0000
unkown image
page readonly
 clean
4C6E000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
1B65000
heap private
page read and write
 clean
44E7000
unkown
page read and write
 clean
830000
unkown
page execute and read and write
 clean
81AE000
unkown
page read and write
 clean
D0000
unkown image
page readonly
 clean
7EFB0000
unkown image
page readonly
 clean
7EFB0000
unkown image
page readonly
 clean
1FD0000
unkown image
page readonly
 clean
3E50000
unkown image
page readonly
 clean
73BB000
unkown
page read and write
 clean
6A0000
unkown
page read and write
 clean
212B000
unkown image
page read and write
 clean
4A9E000
stack
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
7EFB2000
unkown image
page readonly
 clean
263C000
unkown
page read and write
 clean
4B00000
unkown image
page readonly
 clean
30C0000
unkown
page read and write
 clean
4B9D000
unkown
page read and write
 clean
296A000
unkown
page read and write
 clean
79D0000
unkown
page read and write
 clean
2BB000
unkown
page read and write
 clean
240000
heap private
page read and write
 clean
7839000
unkown
page read and write
 clean
9553000
unkown
page read and write
 clean
4F4000
heap private
page read and write
 clean
296A000
unkown
page read and write
 clean
43C0000
heap private
page read and write
 clean
3278000
unkown
page read and write
 clean
F0000
unkown image
page read and write
 clean
7319000
unkown
page read and write
 clean
7319000
unkown
page read and write
 clean
6FD7000
unkown
page read and write
 clean
4E60000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
556F000
unkown
page read and write
 clean
284000
heap default
page read and write
 clean
400000
unkown image
page readonly
 clean
20000
unkown image
page read and write
 clean
728E000
unkown
page read and write
 clean
29E0000
unkown
page read and write
 clean
32A9000
heap private
page read and write
 clean
4575000
unkown
page read and write
 clean
CB1000
unkown image
page execute and read and write
 clean
5B0000
unkown image
page readonly
 clean
2540000
unkown
page read and write
 clean
6D48000
unkown
page read and write
 clean
1C0000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
750000
unkown image
page readonly
 clean
46E000
unkown image
page write copy
 clean
7BD0000
heap private
page read and write
 clean
DD000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
4E60000
unkown
page read and write
 clean
400000
unkown image
page readonly
 clean
5DF000
heap default
page read and write
 clean
5270000
unkown
page execute read
 clean
292F000
unkown
page read and write
 clean
5B0000
unkown image
page readonly
 clean
1B83000
heap private
page read and write
 clean
60000
unkown image
page readonly
 clean
7EFC2000
unkown image
page readonly
 clean
7EFB0000
unkown image
page readonly
 clean
6E50000
heap private
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
190000
unkown image
page readonly
 clean
330000
unkown
page read and write
 clean
1C0000
unkown
page read and write
 clean
5C0000
unkown image
page readonly
 clean
3D50000
unkown
page read and write
 clean
243000
heap default
page read and write
 clean
1D7000
unkown
page read and write
 clean
38D000
unkown
page read and write
 clean
21BF000
unkown
page read and write
 clean
92D0000
unkown image
page execute and read and write
 clean
E4000
heap private
page read and write
 clean
29D0000
unkown
page read and write
 clean
7FFFFFD0000
unkown image
page readonly
 clean
2A70000
unkown
page read and write
 clean
4AC0000
unkown
page read and write
 clean
3140000
unkown
page read and write
 clean
3D50000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
2750000
unkown
page read and write
 clean
255000
heap default
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
95D0000
unkown
page read and write
 clean
60000
unkown image
page readonly
 clean
2C7000
heap default
page read and write
 clean
9592000
unkown
page read and write
 clean
60000
unkown image
page readonly
 clean
9C1000
unkown
page execute and read and write
 clean
2F70000
unkown
page read and write
 clean
36B000
unkown
page read and write
 clean
7319000
unkown
page read and write
 clean
28C1000
unkown
page execute and read and write
 clean
190000
unkown image
page readonly
 clean
7FFFFFC0000
unkown image
page readonly
 clean
8720000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
4DD0000
heap private
page read and write
 clean
8320000
unkown
page read and write
 clean
820000
unkown image
page readonly
 clean
31FF000
unkown
page read and write
 clean
9793000
unkown
page read and write
 clean
45D6000
unkown
page read and write
 clean
E0000
heap private
page read and write
 clean
4E5E000
unkown
page read and write
 clean
4150000
unkown image
page readonly
 clean
2500000
unkown image
page readonly
 clean
2533000
unkown
page read and write
 clean
79F0000
heap private
page read and write
 clean
4150000
unkown image
page readonly
 clean
7EFC2000
unkown image
page readonly
 clean
7EFB2000
unkown image
page readonly
 clean
25C3000
unkown
page read and write
 clean
7FFFFFC2000
unkown image
page readonly
 clean
7EFD0000
unkown image
page readonly
 clean
7EFC0000
unkown image
page readonly
 clean
7EFD0000
unkown image
page readonly
 clean
CC0000
unkown image
page readonly
 clean
2AA0000
unkown
page read and write
 clean
6FD7000
unkown
page read and write
 clean
2AF000
unkown
page read and write
 clean
744D000
unkown
page read and write
 clean
50000
unkown image
page readonly
 clean
3278000
unkown
page read and write
 clean
471000
unkown image
page execute and read and write
 clean
449C000
unkown
page read and write
 clean
2A90000
unkown
page read and write
 clean
2750000
unkown
page read and write
 clean
2B4000
heap default
page read and write
 clean
74B4000
heap private
page read and write
 clean
7BD0000
heap private
page read and write
 clean
2130000
unkown image
page read and write
 clean
3D50000
unkown
page read and write
 clean
4AC0000
unkown
page read and write
 clean
96F000
stack
page read and write
 clean
8CF0000
unkown
page read and write
 clean
20000
unkown image
page readonly
 clean
6F57000
unkown
page read and write
 clean
81AE000
unkown
page read and write
 clean
6C49000
unkown
page read and write
 clean
99D3000
heap private
page read and write
 clean
4D80000
unkown image
page readonly
 clean
380000
unkown
page execute and read and write
 clean
8CD0000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
7FFFFFC2000
unkown image
page readonly
 clean
110000
unkown
page read and write
 clean
847000
unkown
page execute and read and write
 clean
18C000
unkown
page read and write
 clean
29C0000
unkown
page read and write
 clean
2A90000
unkown
page read and write
 clean
130000
unkown image
page read and write
 clean
7EFE0000
unkown image
page readonly
 clean
213B000
unkown image
page read and write
 clean
9D0000
unkown
page execute and read and write
 clean
29B0000
unkown
page read and write
 clean
532E000
unkown
page read and write
 clean
30E0000
unkown image
page readonly
 clean
4B9D000
unkown
page read and write
 clean
99B5000
heap private
page read and write
 clean
6C47000
unkown
page read and write
 clean
74B0000
heap private
page read and write
 clean
32A5000
heap private
page read and write
 clean
24FE000
stack
page read and write
 clean
4DB1000
unkown image
page read and write
 clean
4575000
unkown
page read and write
 clean
140000
unkown image
page readonly
 clean
2520000
unkown
page read and write
 clean
E4000
heap private
page read and write
 clean
3CA0000
unkown
page read and write
 clean
1CE000
unkown
page read and write
 clean
27B0000
unkown
page execute and read and write
 clean
2760000
heap private
page read and write
 clean
6C47000
unkown
page read and write
 clean
4C6E000
unkown
page read and write
 clean
4C70000
heap private
page read and write
 clean
18C000
unkown
page read and write
 clean
6E50000
heap private
page read and write
 clean
9592000
unkown
page read and write
 clean
263C000
unkown
page read and write
 clean
69CB000
unkown
page read and write
 clean
7FFFFFC2000
unkown image
page readonly
 clean
4300000
unkown
page read and write
 clean
3CC0000
unkown image
page readonly
 clean
4593000
unkown
page read and write
 clean
2100000
unkown image
page readonly
 clean
7EFB2000
unkown image
page readonly
 clean
292F000
unkown
page read and write
 clean
5C0000
unkown image
page readonly
 clean
1B83000
heap private
page read and write
 clean
230000
heap default
page read and write
 clean
4BF000
unkown
page read and write
 clean
7B40000
unkown
page read and write
 clean
1C0000
unkown
page read and write
 clean
32AE000
heap private
page read and write
 clean
69C0000
unkown
page read and write
 clean
2930000
unkown
page execute and read and write
 clean
27E0000
unkown
page read and write
 clean
32A0000
heap private
page read and write
 clean
4200000
unkown image
page readonly
 clean
4300000
unkown
page read and write
 clean
4160000
unkown
page read and write
 clean
3D90000
unkown
page read and write
 clean
7839000
unkown
page read and write
 clean
447A000
unkown
page read and write
 clean
400000
unkown image
page readonly
 clean
10000
unkown image
page read and write
 clean
2A80000
unkown
page read and write
 clean
20000
unkown
page read and write
 clean
There are 1202 hidden memdumps, click here to show them.