Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Scan.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_857268874fb81feb3bb95a5bbe71d6fa48e6822_82810a17_09097fb6\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6047.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Apr 20 22:04:47 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER63D3.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6589.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_857268874fb81feb3bb95a5bbe71d6fa48e6822_82810a17_190f7671\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF6B2.tmp.dmp
|
Mini DuMP crash report, 14 streams, Wed Apr 20 12:54:53 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFA2D.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFB96.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\Scan.dll",#1
|
 |
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\Scan.dll",#1
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\Scan.dll,DllRegisterServer
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\Scan.dll,DllUnregisterServer
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\Scan.dll,PlugInMain
|
|
|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\Scan.dll"
|
||
|
C:\Windows\SysWOW64\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\Scan.dll
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 6136 -s 680
|
||
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 6384 -s 680
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.aiim.org/pdfa/ns/property#
|
unknown
|
||
|
http://www.aiim.org/pdfa/ns/extension/
|
unknown
|
||
|
http://www.aiim.org/pdfa/ns/id/partconformanceAIDS_LearnMoreScan_EventGTS_PDFA1sRGBIEC
|
unknown
|
||
|
http://www.color.orgOutputIntentsSOutputConditionOutputConditionIdentifierRegistryNameFilterNDestOut
|
unknown
|
||
|
http://www.aiim.org/pdfa/ns/id/
|
unknown
|
||
|
http://www.color.org
|
unknown
|
||
|
http://www.aiim.org/pdfa/ns/schema#
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{353C4F99-870A-4DEB-81E9-FEB091883DF1}\1.0
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{353C4F99-870A-4DEB-81E9-FEB091883DF1}\1.0\FLAGS
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{353C4F99-870A-4DEB-81E9-FEB091883DF1}\1.0\0\win32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{353C4F99-870A-4DEB-81E9-FEB091883DF1}\1.0\HELPDIR
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E8E1F43-522A-48B6-BB19-E8F9273095E6}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E8E1F43-522A-48B6-BB19-E8F9273095E6}\ProxyStubClsid32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E8E1F43-522A-48B6-BB19-E8F9273095E6}\TypeLib
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E8E1F43-522A-48B6-BB19-E8F9273095E6}\TypeLib
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3E8E1F43-522A-48B6-BB19-E8F9273095E6}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3E8E1F43-522A-48B6-BB19-E8F9273095E6}\ProxyStubClsid32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3E8E1F43-522A-48B6-BB19-E8F9273095E6}\TypeLib
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3E8E1F43-522A-48B6-BB19-E8F9273095E6}\TypeLib
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{353C4F99-870A-4DEB-81E9-FEB091883DF1}\1.0
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{353C4F99-870A-4DEB-81E9-FEB091883DF1}\1.0\FLAGS
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{353C4F99-870A-4DEB-81E9-FEB091883DF1}\1.0\0\win32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{353C4F99-870A-4DEB-81E9-FEB091883DF1}\1.0\HELPDIR
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E8E1F43-522A-48B6-BB19-E8F9273095E6}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E8E1F43-522A-48B6-BB19-E8F9273095E6}\ProxyStubClsid32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E8E1F43-522A-48B6-BB19-E8F9273095E6}\TypeLib
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E8E1F43-522A-48B6-BB19-E8F9273095E6}\TypeLib
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3E8E1F43-522A-48B6-BB19-E8F9273095E6}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3E8E1F43-522A-48B6-BB19-E8F9273095E6}\ProxyStubClsid32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3E8E1F43-522A-48B6-BB19-E8F9273095E6}\TypeLib
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3E8E1F43-522A-48B6-BB19-E8F9273095E6}\TypeLib
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
|
AmiHivePermissionsCorrect
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
|
AmiHiveOwnerCorrect
|
||
|
\REGISTRY\A\{0c31137e-5c1d-74cc-5695-df264930defc}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
ProgramId
|
||
|
\REGISTRY\A\{0c31137e-5c1d-74cc-5695-df264930defc}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
FileId
|
||
|
\REGISTRY\A\{0c31137e-5c1d-74cc-5695-df264930defc}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{0c31137e-5c1d-74cc-5695-df264930defc}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
LongPathHash
|
||
|
\REGISTRY\A\{0c31137e-5c1d-74cc-5695-df264930defc}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Name
|
||
|
\REGISTRY\A\{0c31137e-5c1d-74cc-5695-df264930defc}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Publisher
|
||
|
\REGISTRY\A\{0c31137e-5c1d-74cc-5695-df264930defc}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Version
|
||
|
\REGISTRY\A\{0c31137e-5c1d-74cc-5695-df264930defc}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
BinFileVersion
|
||
|
\REGISTRY\A\{0c31137e-5c1d-74cc-5695-df264930defc}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
BinaryType
|
||
|
\REGISTRY\A\{0c31137e-5c1d-74cc-5695-df264930defc}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
ProductName
|
||
|
\REGISTRY\A\{0c31137e-5c1d-74cc-5695-df264930defc}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
ProductVersion
|
||
|
\REGISTRY\A\{0c31137e-5c1d-74cc-5695-df264930defc}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
LinkDate
|
||
|
\REGISTRY\A\{0c31137e-5c1d-74cc-5695-df264930defc}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
BinProductVersion
|
||
|
\REGISTRY\A\{0c31137e-5c1d-74cc-5695-df264930defc}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Size
|
||
|
\REGISTRY\A\{0c31137e-5c1d-74cc-5695-df264930defc}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Language
|
||
|
\REGISTRY\A\{0c31137e-5c1d-74cc-5695-df264930defc}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
IsPeFile
|
||
|
\REGISTRY\A\{0c31137e-5c1d-74cc-5695-df264930defc}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
IsOsComponent
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\Windows Error Reporting\Debug
|
ExceptionRecord
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
00180008F3870B0F
|
||
|
\REGISTRY\A\{6c65f033-40ac-0755-3893-ea792a252b7a}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
ProgramId
|
||
|
\REGISTRY\A\{6c65f033-40ac-0755-3893-ea792a252b7a}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
FileId
|
||
|
\REGISTRY\A\{6c65f033-40ac-0755-3893-ea792a252b7a}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{6c65f033-40ac-0755-3893-ea792a252b7a}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
LongPathHash
|
||
|
\REGISTRY\A\{6c65f033-40ac-0755-3893-ea792a252b7a}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Name
|
||
|
\REGISTRY\A\{6c65f033-40ac-0755-3893-ea792a252b7a}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Publisher
|
||
|
\REGISTRY\A\{6c65f033-40ac-0755-3893-ea792a252b7a}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Version
|
||
|
\REGISTRY\A\{6c65f033-40ac-0755-3893-ea792a252b7a}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
BinFileVersion
|
||
|
\REGISTRY\A\{6c65f033-40ac-0755-3893-ea792a252b7a}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
BinaryType
|
||
|
\REGISTRY\A\{6c65f033-40ac-0755-3893-ea792a252b7a}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
ProductName
|
||
|
\REGISTRY\A\{6c65f033-40ac-0755-3893-ea792a252b7a}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
ProductVersion
|
||
|
\REGISTRY\A\{6c65f033-40ac-0755-3893-ea792a252b7a}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
LinkDate
|
||
|
\REGISTRY\A\{6c65f033-40ac-0755-3893-ea792a252b7a}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
BinProductVersion
|
||
|
\REGISTRY\A\{6c65f033-40ac-0755-3893-ea792a252b7a}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Size
|
||
|
\REGISTRY\A\{6c65f033-40ac-0755-3893-ea792a252b7a}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
Language
|
||
|
\REGISTRY\A\{6c65f033-40ac-0755-3893-ea792a252b7a}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
IsPeFile
|
||
|
\REGISTRY\A\{6c65f033-40ac-0755-3893-ea792a252b7a}\Root\InventoryApplicationFile\rundll32.exe|ab97b57a
|
IsOsComponent
|
There are 55 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2549BF47000
|
heap
|
page read and write
|
||
|
291DEA02000
|
heap
|
page read and write
|
||
|
690A6FE000
|
stack
|
page read and write
|
||
|
23A6C061000
|
heap
|
page read and write
|
||
|
291DEA02000
|
heap
|
page read and write
|
||
|
1FBDC27B000
|
heap
|
page read and write
|
||
|
3590000
|
heap
|
page read and write
|
||
|
6E05B000
|
unkown
|
page readonly
|
||
|
2549BE80000
|
heap
|
page read and write
|
||
|
3590000
|
heap
|
page read and write
|
||
|
20A6AF58000
|
heap
|
page read and write
|
||
|
D1CF9FE000
|
unkown
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
23A6C07C000
|
heap
|
page read and write
|
||
|
291DE59A000
|
heap
|
page read and write
|
||
|
291DDAB4000
|
heap
|
page read and write
|
||
|
20A6A513000
|
heap
|
page read and write
|
||
|
439957F000
|
stack
|
page read and write
|
||
|
4ED0000
|
trusted library allocation
|
page read and write
|
||
|
2DBCF0B0000
|
trusted library allocation
|
page read and write
|
||
|
4ED0000
|
trusted library allocation
|
page read and write
|
||
|
2549BF25000
|
heap
|
page read and write
|
||
|
291DE572000
|
heap
|
page read and write
|
||
|
24B88410000
|
heap
|
page read and write
|
||
|
D1CF677000
|
stack
|
page read and write
|
||
|
20A6FA10000
|
trusted library allocation
|
page read and write
|
||
|
2FBC000
|
stack
|
page read and write
|
||
|
20A6FB20000
|
trusted library allocation
|
page read and write
|
||
|
23A6C002000
|
heap
|
page read and write
|
||
|
291DE5AB000
|
heap
|
page read and write
|
||
|
317F000
|
stack
|
page read and write
|
||
|
24B88E02000
|
trusted library allocation
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
9CE4CFD000
|
stack
|
page read and write
|
||
|
7BB4EFE000
|
stack
|
page read and write
|
||
|
6DF31000
|
unkown
|
page execute read
|
||
|
20A6FEF4000
|
heap
|
page read and write
|
||
|
ADC000
|
stack
|
page read and write
|
||
|
20A6FC50000
|
trusted library allocation
|
page read and write
|
||
|
23A6C000000
|
heap
|
page read and write
|
||
|
291DDA4E000
|
heap
|
page read and write
|
||
|
D1CEF8B000
|
stack
|
page read and write
|
||
|
20A6AF13000
|
heap
|
page read and write
|
||
|
1CEA8A02000
|
unkown
|
page read and write
|
||
|
2549BF30000
|
heap
|
page read and write
|
||
|
F9C000
|
stack
|
page read and write
|
||
|
6DF30000
|
unkown
|
page readonly
|
||
|
20A6B610000
|
trusted library section
|
page readonly
|
||
|
20A6FE55000
|
heap
|
page read and write
|
||
|
291DDAC1000
|
heap
|
page read and write
|
||
|
20A6B600000
|
trusted library section
|
page readonly
|
||
|
24B88670000
|
heap
|
page read and write
|
||
|
291DD9F0000
|
remote allocation
|
page read and write
|
||
|
20A6A459000
|
heap
|
page read and write
|
||
|
2549BF6C000
|
heap
|
page read and write
|
||
|
1CEA8F00000
|
heap
|
page read and write
|
||
|
24B88602000
|
heap
|
page read and write
|
||
|
1CEA8B15000
|
trusted library allocation
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
291DE51E000
|
heap
|
page read and write
|
||
|
291DEA02000
|
heap
|
page read and write
|
||
|
291DD9F0000
|
remote allocation
|
page read and write
|
||
|
24042C02000
|
trusted library allocation
|
page read and write
|
||
|
20A6FBF0000
|
remote allocation
|
page read and write
|
||
|
D1CF97D000
|
stack
|
page read and write
|
||
|
7BB4D7F000
|
stack
|
page read and write
|
||
|
6DF30000
|
unkown
|
page readonly
|
||
|
20A6A478000
|
heap
|
page read and write
|
||
|
3460000
|
heap
|
page read and write
|
||
|
690A77E000
|
stack
|
page read and write
|
||
|
2DBCF370000
|
trusted library allocation
|
page read and write
|
||
|
690AB7F000
|
stack
|
page read and write
|
||
|
FE0000
|
trusted library allocation
|
page read and write
|
||
|
1FBDC213000
|
heap
|
page read and write
|
||
|
34DF000
|
stack
|
page read and write
|
||
|
291DDAE7000
|
heap
|
page read and write
|
||
|
8C1000
|
heap
|
page read and write
|
||
|
291DE5A2000
|
heap
|
page read and write
|
||
|
6DF31000
|
unkown
|
page execute read
|
||
|
4399077000
|
stack
|
page read and write
|
||
|
291DD950000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
20A6FE49000
|
heap
|
page read and write
|
||
|
313F000
|
stack
|
page read and write
|
||
|
20A6B001000
|
trusted library allocation
|
page read and write
|
||
|
109F000
|
stack
|
page read and write
|
||
|
291DE58E000
|
heap
|
page read and write
|
||
|
2C70000
|
trusted library allocation
|
page read and write
|
||
|
24042476000
|
heap
|
page read and write
|
||
|
EB9159B000
|
stack
|
page read and write
|
||
|
20A6AF18000
|
heap
|
page read and write
|
||
|
291DE59E000
|
heap
|
page read and write
|
||
|
6DFE8000
|
unkown
|
page readonly
|
||
|
24042220000
|
heap
|
page read and write
|
||
|
291DDAB1000
|
heap
|
page read and write
|
||
|
291DEA03000
|
heap
|
page read and write
|
||
|
291DE59A000
|
heap
|
page read and write
|
||
|
291DE59A000
|
heap
|
page read and write
|
||
|
20A6A3B0000
|
trusted library allocation
|
page read and write
|
||
|
291DDA51000
|
heap
|
page read and write
|
||
|
20A6FB50000
|
trusted library allocation
|
page read and write
|
||
|
1CEA8A0D000
|
unkown
|
page read and write
|
||
|
343F000
|
stack
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
2549BF73000
|
heap
|
page read and write
|
||
|
24042320000
|
trusted library allocation
|
page read and write
|
||
|
2549BF6C000
|
heap
|
page read and write
|
||
|
291DE513000
|
heap
|
page read and write
|
||
|
24B88628000
|
heap
|
page read and write
|
||
|
24042475000
|
heap
|
page read and write
|
||
|
6E05B000
|
unkown
|
page readonly
|
||
|
2404242A000
|
heap
|
page read and write
|
||
|
1CEA8F02000
|
heap
|
page read and write
|
||
|
EB91B7F000
|
stack
|
page read and write
|
||
|
24B88400000
|
heap
|
page read and write
|
||
|
7BB4DF8000
|
stack
|
page read and write
|
||
|
23A6C03C000
|
heap
|
page read and write
|
||
|
291DE576000
|
heap
|
page read and write
|
||
|
291DDA49000
|
heap
|
page read and write
|
||
|
24042502000
|
heap
|
page read and write
|
||
|
DACF07F000
|
stack
|
page read and write
|
||
|
6DFE8000
|
unkown
|
page readonly
|
||
|
31BF000
|
stack
|
page read and write
|
||
|
1FBDC302000
|
heap
|
page read and write
|
||
|
3290000
|
heap
|
page read and write
|
||
|
2549BF77000
|
heap
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
3EA92FF000
|
stack
|
page read and write
|
||
|
DACF4FB000
|
stack
|
page read and write
|
||
|
291DE55D000
|
heap
|
page read and write
|
||
|
291DE598000
|
heap
|
page read and write
|
||
|
20A6FE1E000
|
heap
|
page read and write
|
||
|
291DE53D000
|
heap
|
page read and write
|
||
|
291DE59E000
|
heap
|
page read and write
|
||
|
291DE58E000
|
heap
|
page read and write
|
||
|
1FBDC308000
|
heap
|
page read and write
|
||
|
291DE59A000
|
heap
|
page read and write
|
||
|
20A6A476000
|
heap
|
page read and write
|
||
|
20A6A492000
|
heap
|
page read and write
|
||
|
291DDA3C000
|
heap
|
page read and write
|
||
|
291DE59A000
|
heap
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
346A000
|
heap
|
page read and write
|
||
|
291DE58B000
|
heap
|
page read and write
|
||
|
10DD000
|
stack
|
page read and write
|
||
|
355F000
|
stack
|
page read and write
|
||
|
24B88470000
|
heap
|
page read and write
|
||
|
2DBCF26F000
|
heap
|
page read and write
|
||
|
1FBDC130000
|
trusted library allocation
|
page read and write
|
||
|
291DD980000
|
trusted library allocation
|
page read and write
|
||
|
291DDB08000
|
heap
|
page read and write
|
||
|
291DE58C000
|
heap
|
page read and write
|
||
|
23A6C113000
|
heap
|
page read and write
|
||
|
7BB4F7F000
|
stack
|
page read and write
|
||
|
105E000
|
stack
|
page read and write
|
||
|
24042500000
|
heap
|
page read and write
|
||
|
3450000
|
heap
|
page read and write
|
||
|
20A6ADF3000
|
trusted library allocation
|
page read and write
|
||
|
291DDAC3000
|
heap
|
page read and write
|
||
|
2DBCF0A0000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
20A6FB60000
|
trusted library allocation
|
page read and write
|
||
|
291DE53D000
|
heap
|
page read and write
|
||
|
23A6C029000
|
heap
|
page read and write
|
||
|
43997FF000
|
stack
|
page read and write
|
||
|
23A6C013000
|
heap
|
page read and write
|
||
|
7BB4C7A000
|
stack
|
page read and write
|
||
|
2549BF61000
|
heap
|
page read and write
|
||
|
43993FF000
|
stack
|
page read and write
|
||
|
43994FB000
|
stack
|
page read and write
|
||
|
20A6A310000
|
heap
|
page read and write
|
||
|
2DBCF450000
|
trusted library allocation
|
page read and write
|
||
|
F9C000
|
stack
|
page read and write
|
||
|
291DE53D000
|
heap
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
1CEA8920000
|
trusted library allocation
|
page read and write
|
||
|
291DE58E000
|
heap
|
page read and write
|
||
|
291DEA02000
|
heap
|
page read and write
|
||
|
356E000
|
stack
|
page read and write
|
||
|
291DDB16000
|
heap
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
20A6A3C0000
|
trusted library section
|
page read and write
|
||
|
20A6FB64000
|
trusted library allocation
|
page read and write
|
||
|
291DDB02000
|
heap
|
page read and write
|
||
|
20A6A49E000
|
heap
|
page read and write
|
||
|
329A000
|
heap
|
page read and write
|
||
|
291DD8E0000
|
heap
|
page read and write
|
||
|
1CEA8B02000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
trusted library allocation
|
page read and write
|
||
|
20A6A320000
|
heap
|
page read and write
|
||
|
34DF000
|
stack
|
page read and write
|
||
|
E6634FB000
|
stack
|
page read and write
|
||
|
7BB4CFE000
|
stack
|
page read and write
|
||
|
291DE587000
|
heap
|
page read and write
|
||
|
6E012000
|
unkown
|
page read and write
|
||
|
20A6FE61000
|
heap
|
page read and write
|
||
|
2549BF75000
|
heap
|
page read and write
|
||
|
291DEA02000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
1FBDC030000
|
heap
|
page read and write
|
||
|
FDB000
|
stack
|
page read and write
|
||
|
24B8863C000
|
heap
|
page read and write
|
||
|
291DE402000
|
heap
|
page read and write
|
||
|
20A6A42A000
|
heap
|
page read and write
|
||
|
20A6A400000
|
heap
|
page read and write
|
||
|
3EA93FE000
|
stack
|
page read and write
|
||
|
1CEA8980000
|
heap
|
page read and write
|
||
|
23A6BDC0000
|
heap
|
page read and write
|
||
|
291DE59A000
|
heap
|
page read and write
|
||
|
291DDA55000
|
heap
|
page read and write
|
||
|
291DE59A000
|
heap
|
page read and write
|
||
|
2549BF61000
|
heap
|
page read and write
|
||
|
349E000
|
stack
|
page read and write
|
||
|
20A6A4FD000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
20A6FC60000
|
trusted library allocation
|
page read and write
|
||
|
291DDAE9000
|
heap
|
page read and write
|
||
|
291DE53D000
|
heap
|
page read and write
|
||
|
24B88700000
|
heap
|
page read and write
|
||
|
291DE598000
|
heap
|
page read and write
|
||
|
4AA000
|
stack
|
page read and write
|
||
|
23A6C102000
|
heap
|
page read and write
|
||
|
2DBD01B0000
|
trusted library allocation
|
page read and write
|
||
|
2DBCF430000
|
heap
|
page readonly
|
||
|
291DE54D000
|
heap
|
page read and write
|
||
|
20A6B430000
|
trusted library allocation
|
page read and write
|
||
|
3450000
|
heap
|
page read and write
|
||
|
20A6FB40000
|
trusted library allocation
|
page read and write
|
||
|
20A6B9A0000
|
trusted library allocation
|
page read and write
|
||
|
EB91979000
|
stack
|
page read and write
|
||
|
291DE58E000
|
heap
|
page read and write
|
||
|
43996FF000
|
stack
|
page read and write
|
||
|
20A6B640000
|
trusted library section
|
page readonly
|
||
|
E6632FE000
|
stack
|
page read and write
|
||
|
23A6BE20000
|
heap
|
page read and write
|
||
|
359A000
|
heap
|
page read and write
|
||
|
8C1000
|
heap
|
page read and write
|
||
|
20A6FB41000
|
trusted library allocation
|
page read and write
|
||
|
439967F000
|
stack
|
page read and write
|
||
|
291DE59A000
|
heap
|
page read and write
|
||
|
291DE58A000
|
heap
|
page read and write
|
||
|
24042453000
|
heap
|
page read and write
|
||
|
291DE58B000
|
heap
|
page read and write
|
||
|
20A6FEA2000
|
heap
|
page read and write
|
||
|
4EB000
|
stack
|
page read and write
|
||
|
5AA0000
|
trusted library allocation
|
page read and write
|
||
|
2DBCF380000
|
trusted library allocation
|
page read and write
|
||
|
4398E7B000
|
stack
|
page read and write
|
||
|
2DBCF231000
|
heap
|
page read and write
|
||
|
6DFE8000
|
unkown
|
page readonly
|
||
|
291DE59C000
|
heap
|
page read and write
|
||
|
24B88666000
|
heap
|
page read and write
|
||
|
1FBDC313000
|
heap
|
page read and write
|
||
|
439977F000
|
stack
|
page read and write
|
||
|
291DEA02000
|
heap
|
page read and write
|
||
|
E50000
|
trusted library allocation
|
page read and write
|
||
|
24B88613000
|
heap
|
page read and write
|
||
|
1FBDC23A000
|
heap
|
page read and write
|
||
|
6E042000
|
unkown
|
page read and write
|
||
|
349E000
|
stack
|
page read and write
|
||
|
20A6B630000
|
trusted library section
|
page readonly
|
||
|
B80000
|
trusted library allocation
|
page read and write
|
||
|
291DEA02000
|
heap
|
page read and write
|
||
|
291DE5CF000
|
heap
|
page read and write
|
||
|
ACC000
|
stack
|
page read and write
|
||
|
2549BE20000
|
heap
|
page read and write
|
||
|
43999FB000
|
stack
|
page read and write
|
||
|
1CEA8A22000
|
unkown
|
page read and write
|
||
|
2404243C000
|
heap
|
page read and write
|
||
|
2DBCF200000
|
heap
|
page read and write
|
||
|
F0E000
|
stack
|
page read and write
|
||
|
2549BEA0000
|
heap
|
page read and write
|
||
|
4399BFE000
|
stack
|
page read and write
|
||
|
1FBDC288000
|
heap
|
page read and write
|
||
|
2549BF6C000
|
heap
|
page read and write
|
||
|
291DE5A6000
|
heap
|
page read and write
|
||
|
291DDA47000
|
heap
|
page read and write
|
||
|
2DBCF28A000
|
heap
|
page read and write
|
||
|
2549BF20000
|
heap
|
page read and write
|
||
|
DACF3FB000
|
stack
|
page read and write
|
||
|
20A6AE02000
|
heap
|
page read and write
|
||
|
20A6FEF2000
|
heap
|
page read and write
|
||
|
343F000
|
stack
|
page read and write
|
||
|
291DEA21000
|
heap
|
page read and write
|
||
|
E6635F7000
|
stack
|
page read and write
|
||
|
43992FA000
|
stack
|
page read and write
|
||
|
24042508000
|
heap
|
page read and write
|
||
|
D1CF2FE000
|
stack
|
page read and write
|
||
|
24042413000
|
heap
|
page read and write
|
||
|
2DBCF420000
|
trusted library allocation
|
page read and write
|
||
|
20A6A502000
|
heap
|
page read and write
|
||
|
2DBCF286000
|
heap
|
page read and write
|
||
|
3570000
|
remote allocation
|
page read and write
|
||
|
1FBDC24F000
|
heap
|
page read and write
|
||
|
1CEA8E13000
|
heap
|
page read and write
|
||
|
291DDA4C000
|
heap
|
page read and write
|
||
|
D1CF4F9000
|
stack
|
page read and write
|
||
|
6E042000
|
unkown
|
page read and write
|
||
|
291DE58E000
|
heap
|
page read and write
|
||
|
E10000
|
trusted library allocation
|
page read and write
|
||
|
8B7000
|
heap
|
page read and write
|
||
|
2DBCF495000
|
heap
|
page read and write
|
||
|
6E013000
|
unkown
|
page write copy
|
||
|
F30000
|
unkown
|
page read and write
|
||
|
8BA000
|
heap
|
page read and write
|
||
|
1CEA8A68000
|
heap
|
page read and write
|
||
|
291DE5C2000
|
heap
|
page read and write
|
||
|
6DF30000
|
unkown
|
page readonly
|
||
|
20A6FC40000
|
trusted library allocation
|
page read and write
|
||
|
2549BF72000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
6DF31000
|
unkown
|
page execute read
|
||
|
1FBDC28F000
|
heap
|
page read and write
|
||
|
3EA91F7000
|
stack
|
page read and write
|
||
|
2DBCF229000
|
heap
|
page read and write
|
||
|
3EA8E7E000
|
stack
|
page read and write
|
||
|
20A6A4BB000
|
heap
|
page read and write
|
||
|
20A6B401000
|
trusted library allocation
|
page read and write
|
||
|
20A6AF59000
|
heap
|
page read and write
|
||
|
87E000
|
stack
|
page read and write
|
||
|
FDB000
|
stack
|
page read and write
|
||
|
E6C000
|
stack
|
page read and write
|
||
|
359A000
|
heap
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
1040000
|
trusted library allocation
|
page read and write
|
||
|
690A97B000
|
stack
|
page read and write
|
||
|
1CEA8A00000
|
unkown
|
page read and write
|
||
|
3590000
|
heap
|
page read and write
|
||
|
10DD000
|
stack
|
page read and write
|
||
|
20A6FBF0000
|
remote allocation
|
page read and write
|
||
|
291DDA4B000
|
heap
|
page read and write
|
||
|
5EE000
|
stack
|
page read and write
|
||
|
4990000
|
heap
|
page read and write
|
||
|
24042470000
|
heap
|
page read and write
|
||
|
23A6C05A000
|
heap
|
page read and write
|
||
|
291DDA8A000
|
heap
|
page read and write
|
||
|
20A6AE15000
|
heap
|
page read and write
|
||
|
E6637FF000
|
stack
|
page read and write
|
||
|
E60000
|
trusted library allocation
|
page read and write
|
||
|
2DBCF490000
|
heap
|
page read and write
|
||
|
291DE587000
|
heap
|
page read and write
|
||
|
20A6FE00000
|
heap
|
page read and write
|
||
|
291DDA56000
|
heap
|
page read and write
|
||
|
20A6FB50000
|
trusted library allocation
|
page read and write
|
||
|
291DE587000
|
heap
|
page read and write
|
||
|
690AA77000
|
stack
|
page read and write
|
||
|
291DE59A000
|
heap
|
page read and write
|
||
|
24042513000
|
heap
|
page read and write
|
||
|
23A6C100000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
F9C000
|
stack
|
page read and write
|
||
|
D1CF57E000
|
stack
|
page read and write
|
||
|
20A6FC80000
|
trusted library allocation
|
page read and write
|
||
|
240421B0000
|
heap
|
page read and write
|
||
|
FDB000
|
stack
|
page read and write
|
||
|
6E013000
|
unkown
|
page write copy
|
||
|
2549BF3B000
|
heap
|
page read and write
|
||
|
2549BF57000
|
heap
|
page read and write
|
||
|
291DE592000
|
heap
|
page read and write
|
||
|
291DE585000
|
heap
|
page read and write
|
||
|
6E042000
|
unkown
|
page read and write
|
||
|
20A6AE00000
|
heap
|
page read and write
|
||
|
291DEA62000
|
heap
|
page read and write
|
||
|
8B7000
|
heap
|
page read and write
|
||
|
291DDA13000
|
heap
|
page read and write
|
||
|
291DD9F0000
|
remote allocation
|
page read and write
|
||
|
291DE59A000
|
heap
|
page read and write
|
||
|
291DDA53000
|
heap
|
page read and write
|
||
|
20A6A473000
|
heap
|
page read and write
|
||
|
24B88600000
|
heap
|
page read and write
|
||
|
EE4000
|
heap
|
page read and write
|
||
|
7BB4E79000
|
stack
|
page read and write
|
||
|
23A6C052000
|
heap
|
page read and write
|
||
|
20A6B650000
|
trusted library section
|
page readonly
|
||
|
3EA8B3C000
|
stack
|
page read and write
|
||
|
1FBDCA02000
|
trusted library allocation
|
page read and write
|
||
|
20A6A380000
|
heap
|
page read and write
|
||
|
20A6FE3C000
|
heap
|
page read and write
|
||
|
291DE590000
|
heap
|
page read and write
|
||
|
349E000
|
stack
|
page read and write
|
||
|
20A6B520000
|
trusted library allocation
|
page read and write
|
||
|
8C9000
|
heap
|
page read and write
|
||
|
9CE50FF000
|
stack
|
page read and write
|
||
|
291DE51E000
|
heap
|
page read and write
|
||
|
6E05B000
|
unkown
|
page readonly
|
||
|
291DE5AD000
|
heap
|
page read and write
|
||
|
690A67B000
|
stack
|
page read and write
|
||
|
291DE587000
|
heap
|
page read and write
|
||
|
24042481000
|
heap
|
page read and write
|
||
|
23A6BF20000
|
trusted library allocation
|
page read and write
|
||
|
291DD8F0000
|
heap
|
page read and write
|
||
|
20A6FEEC000
|
heap
|
page read and write
|
||
|
20A6FEFB000
|
heap
|
page read and write
|
||
|
1FBDC271000
|
heap
|
page read and write
|
||
|
291DE500000
|
heap
|
page read and write
|
||
|
20A6FF02000
|
heap
|
page read and write
|
||
|
D1CF777000
|
stack
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
550000
|
trusted library allocation
|
page read and write
|
||
|
D1CF27D000
|
stack
|
page read and write
|
||
|
2DBCF3E0000
|
trusted library allocation
|
page read and write
|
||
|
43995FF000
|
stack
|
page read and write
|
||
|
20A6B420000
|
trusted library allocation
|
page read and write
|
||
|
20A6FBF0000
|
trusted library allocation
|
page read and write
|
||
|
20A6FF00000
|
heap
|
page read and write
|
||
|
20A6AF00000
|
heap
|
page read and write
|
||
|
1CEA8E02000
|
heap
|
page read and write
|
||
|
59A000
|
heap
|
page read and write
|
||
|
8DA000
|
heap
|
page read and write
|
||
|
EAB000
|
stack
|
page read and write
|
||
|
291DE5C3000
|
heap
|
page read and write
|
||
|
EB91AF9000
|
stack
|
page read and write
|
||
|
23A6C108000
|
heap
|
page read and write
|
||
|
20A6AF18000
|
heap
|
page read and write
|
||
|
1CEA8910000
|
heap
|
page read and write
|
||
|
20A6A48B000
|
heap
|
page read and write
|
||
|
20A6FBF0000
|
remote allocation
|
page read and write
|
||
|
35AF000
|
stack
|
page read and write
|
||
|
6E013000
|
unkown
|
page write copy
|
||
|
355F000
|
stack
|
page read and write
|
||
|
2404244D000
|
heap
|
page read and write
|
||
|
2549BF47000
|
heap
|
page read and write
|
||
|
2DBCF4A0000
|
trusted library allocation
|
page read and write
|
||
|
317E000
|
stack
|
page read and write
|
||
|
8D3000
|
heap
|
page read and write
|
||
|
2549BF42000
|
heap
|
page read and write
|
||
|
20A6FB44000
|
trusted library allocation
|
page read and write
|
||
|
291DE58E000
|
heap
|
page read and write
|
||
|
1FBDC23C000
|
heap
|
page read and write
|
||
|
20A6A4A5000
|
heap
|
page read and write
|
||
|
E2E000
|
stack
|
page read and write
|
||
|
343E000
|
stack
|
page read and write
|
||
|
291DE590000
|
heap
|
page read and write
|
||
|
20A6FA00000
|
trusted library allocation
|
page read and write
|
||
|
291DDA00000
|
heap
|
page read and write
|
||
|
3570000
|
remote allocation
|
page read and write
|
||
|
FF0000
|
trusted library allocation
|
page read and write
|
||
|
291DDA29000
|
heap
|
page read and write
|
||
|
2DBCF291000
|
heap
|
page read and write
|
||
|
1FBDBFC0000
|
heap
|
page read and write
|
||
|
E6636FE000
|
stack
|
page read and write
|
||
|
8B3000
|
heap
|
page read and write
|
||
|
24042400000
|
heap
|
page read and write
|
||
|
291DE510000
|
heap
|
page read and write
|
||
|
2F50000
|
heap
|
page read and write
|
||
|
291DE58E000
|
heap
|
page read and write
|
||
|
20A6A46E000
|
heap
|
page read and write
|
||
|
20A6FEA0000
|
heap
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
3EA8BBE000
|
stack
|
page read and write
|
||
|
291DE592000
|
heap
|
page read and write
|
||
|
20A6FEAC000
|
heap
|
page read and write
|
||
|
3260000
|
trusted library allocation
|
page read and write
|
||
|
EB91A7E000
|
stack
|
page read and write
|
||
|
291DE585000
|
heap
|
page read and write
|
||
|
291DE583000
|
heap
|
page read and write
|
||
|
BCC000
|
stack
|
page read and write
|
||
|
690AC7F000
|
stack
|
page read and write
|
||
|
291DE59E000
|
heap
|
page read and write
|
||
|
291DDAAA000
|
heap
|
page read and write
|
||
|
23A6C802000
|
trusted library allocation
|
page read and write
|
||
|
291DE51E000
|
heap
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
291DDAA3000
|
heap
|
page read and write
|
||
|
2DBCF499000
|
heap
|
page read and write
|
||
|
4ED0000
|
heap
|
page read and write
|
||
|
20A6A43D000
|
heap
|
page read and write
|
||
|
2DBCF220000
|
heap
|
page read and write
|
||
|
20A6FB28000
|
trusted library allocation
|
page read and write
|
||
|
6E012000
|
unkown
|
page read and write
|
||
|
DACED8B000
|
stack
|
page read and write
|
||
|
2549BF55000
|
heap
|
page read and write
|
||
|
3450000
|
heap
|
page read and write
|
||
|
291DE51E000
|
heap
|
page read and write
|
||
|
291DDB13000
|
heap
|
page read and write
|
||
|
DACF2FB000
|
stack
|
page read and write
|
||
|
291DDAEA000
|
heap
|
page read and write
|
||
|
10DD000
|
stack
|
page read and write
|
||
|
24B88713000
|
heap
|
page read and write
|
||
|
E662FBB000
|
stack
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
2549BF58000
|
heap
|
page read and write
|
||
|
291DDADF000
|
heap
|
page read and write
|
||
|
20A6FB2E000
|
trusted library allocation
|
page read and write
|
||
|
23A6C067000
|
heap
|
page read and write
|
||
|
B1B000
|
stack
|
page read and write
|
||
|
8C5000
|
heap
|
page read and write
|
||
|
291DE58E000
|
heap
|
page read and write
|
||
|
291DE58B000
|
heap
|
page read and write
|
||
|
291DE59A000
|
heap
|
page read and write
|
||
|
1CEA8A13000
|
unkown
|
page read and write
|
||
|
24B88657000
|
heap
|
page read and write
|
||
|
2DBCF1E0000
|
heap
|
page read and write
|
||
|
291DE587000
|
heap
|
page read and write
|
||
|
291DE596000
|
heap
|
page read and write
|
||
|
20A6FE12000
|
heap
|
page read and write
|
||
|
1FBDC229000
|
heap
|
page read and write
|
||
|
4EE0000
|
heap
|
page read and write
|
||
|
20A6FC70000
|
trusted library allocation
|
page read and write
|
||
|
291DEA02000
|
heap
|
page read and write
|
||
|
291DE587000
|
heap
|
page read and write
|
||
|
2DBCFF90000
|
trusted library allocation
|
page read and write
|
||
|
D1CF87F000
|
stack
|
page read and write
|
||
|
291DE561000
|
heap
|
page read and write
|
||
|
291DEA02000
|
heap
|
page read and write
|
||
|
291DE587000
|
heap
|
page read and write
|
||
|
33DE000
|
stack
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
83E000
|
stack
|
page read and write
|
||
|
291DE58E000
|
heap
|
page read and write
|
||
|
291DE53D000
|
heap
|
page read and write
|
||
|
20A6A413000
|
heap
|
page read and write
|
||
|
23A6BDB0000
|
heap
|
page read and write
|
||
|
351E000
|
stack
|
page read and write
|
||
|
34DF000
|
stack
|
page read and write
|
||
|
2FFB000
|
stack
|
page read and write
|
||
|
1FBDC249000
|
heap
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
1CEA8A28000
|
heap
|
page read and write
|
||
|
240421C0000
|
heap
|
page read and write
|
||
|
351E000
|
stack
|
page read and write
|
||
|
24B88702000
|
heap
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
291DDAD8000
|
heap
|
page read and write
|
||
|
43991FD000
|
stack
|
page read and write
|
||
|
9CE53F9000
|
stack
|
page read and write
|
||
|
291DEA00000
|
heap
|
page read and write
|
||
|
20A6ADF0000
|
trusted library allocation
|
page read and write
|
||
|
359A000
|
heap
|
page read and write
|
||
|
EB919F9000
|
stack
|
page read and write
|
||
|
20A6FEDB000
|
heap
|
page read and write
|
||
|
DACF5FE000
|
stack
|
page read and write
|
||
|
1CEA8B00000
|
trusted library allocation
|
page read and write
|
||
|
291DDAF1000
|
heap
|
page read and write
|
||
|
F30000
|
unkown
|
page read and write
|
||
|
8C3000
|
heap
|
page read and write
|
||
|
2DBCF26F000
|
heap
|
page read and write
|
||
|
20A6AF02000
|
heap
|
page read and write
|
||
|
1FBDC300000
|
heap
|
page read and write
|
||
|
2DBCF26F000
|
heap
|
page read and write
|
||
|
20A6FB20000
|
trusted library allocation
|
page read and write
|
||
|
355F000
|
stack
|
page read and write
|
||
|
597000
|
heap
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
2DBCF440000
|
trusted library allocation
|
page read and write
|
||
|
20A6FE2B000
|
heap
|
page read and write
|
||
|
1FBDC24D000
|
heap
|
page read and write
|
||
|
10CB000
|
heap
|
page read and write
|
||
|
20A6FEE7000
|
heap
|
page read and write
|
||
|
291DE588000
|
heap
|
page read and write
|
||
|
2549BF53000
|
heap
|
page read and write
|
||
|
291DE585000
|
heap
|
page read and write
|
||
|
2549BF61000
|
heap
|
page read and write
|
||
|
89A000
|
heap
|
page read and write
|
||
|
3450000
|
heap
|
page read and write
|
||
|
20A6FC30000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
trusted library allocation
|
page read and write
|
||
|
20A6B620000
|
trusted library section
|
page readonly
|
||
|
351E000
|
stack
|
page read and write
|
||
|
8BF000
|
heap
|
page read and write
|
||
|
1CEA8B23000
|
heap
|
page read and write
|
||
|
23A6C05B000
|
heap
|
page read and write
|
||
|
313E000
|
stack
|
page read and write
|
||
|
1FBDC254000
|
heap
|
page read and write
|
||
|
1FBDC200000
|
heap
|
page read and write
|
||
|
23A6C08A000
|
heap
|
page read and write
|
||
|
343F000
|
stack
|
page read and write
|
||
|
1CEA8F13000
|
heap
|
page read and write
|
||
|
43998FA000
|
stack
|
page read and write
|
||
|
3EA90FE000
|
stack
|
page read and write
|
||
|
291DDA70000
|
heap
|
page read and write
|
||
|
1CEA8A39000
|
heap
|
page read and write
|
||
|
1FBDBFD0000
|
heap
|
page read and write
|
||
|
291DDA84000
|
heap
|
page read and write
|
||
|
291DDAC6000
|
heap
|
page read and write
|
||
|
6E012000
|
unkown
|
page read and write
|
||
|
320A000
|
heap
|
page read and write
|
||
|
3EA907B000
|
stack
|
page read and write
|
||
|
291DE596000
|
heap
|
page read and write
|
||
|
E66327E000
|
stack
|
page read and write
|
||
|
24B88570000
|
trusted library allocation
|
page read and write
|
There are 574 hidden memdumps, click here to show them.