Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Ns2al4764F.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
MPEG-4 LOAS
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x203e0985, page size 16384, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
|
Little-endian UTF-16 Unicode text, with CRLF, CR line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\Ns2al4764F.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\Ns2al4764F.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\Ns2al4764F.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\GfWDwmUjKsXua\cGZwFaJkDV.dll"
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\Ns2al4764F.dll,DllUnregisterServer
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k NetworkService -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k unistacksvcgroup
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\Ns2al4764F.dll"
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\Ns2al4764F.dll",#1
|
||
|
C:\Windows\System32\SgrmBroker.exe
|
C:\Windows\system32\SgrmBroker.exe
|
||
|
C:\Program Files\Windows Defender\MpCmdRun.exe
|
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 11 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://23.239.0.12/C
|
unknown
|
|
|
|
https://23.239.0.12/
|
23.239.0.12
|
|
|
|
https://23.239.0.12/#mWwn
|
unknown
|
|
|
|
https://23.239.0.12/D
|
unknown
|
|
|
|
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
|
unknown
|
||
|
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Driving
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Transit/Stops/
|
unknown
|
||
|
https://t0.tiles.ditu.live.com/tiles/gen
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Walking
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
|
unknown
|
||
|
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=
|
unknown
|
||
|
https://%s.xboxlive.com
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Locations
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/logging.ashx
|
unknown
|
||
|
https://support.hotspotshield.com/
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/logging.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Transit/Schedules/
|
unknown
|
||
|
https://dynamic.t
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Transit
|
unknown
|
||
|
https://www.hotspotshield.com/terms/
|
unknown
|
||
|
https://www.pango.co/privacy
|
unknown
|
||
|
https://disneyplus.com/legal.
|
unknown
|
||
|
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://activity.windows.com
|
unknown
|
||
|
http://www.bingmapsportal.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Locations
|
unknown
|
||
|
http://help.disneyplus.com.
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://%s.dnet.xboxlive.com
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
|
unknown
|
There are 36 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
23.239.0.12
|
unknown
|
United States
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Usage
|
MonthID
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
There are 2 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
620000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
CA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
14E051B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
2BE35AA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
18002E000
|
direct allocation
|
page read and write
|
||
|
61BC13B000
|
stack
|
page read and write
|
||
|
1521A27B000
|
heap
|
page read and write
|
||
|
17541C15000
|
heap
|
page read and write
|
||
|
6AA69DE000
|
stack
|
page read and write
|
||
|
21A897AD000
|
heap
|
page read and write
|
||
|
20C7AFFD000
|
heap
|
page read and write
|
||
|
257C2A58000
|
heap
|
page read and write
|
||
|
2D637D10000
|
heap
|
page read and write
|
||
|
29A5C790000
|
trusted library allocation
|
page read and write
|
||
|
1E53625B000
|
heap
|
page read and write
|
||
|
C19FD7E000
|
stack
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1DC41E2A000
|
heap
|
page read and write
|
||
|
175412A0000
|
heap
|
page read and write
|
||
|
1521A247000
|
heap
|
page read and write
|
||
|
1A0000
|
heap
|
page read and write
|
||
|
14E06AB0000
|
heap
|
page read and write
|
||
|
263A9FE000
|
stack
|
page read and write
|
||
|
C0B415E000
|
stack
|
page read and write
|
||
|
21EE4CDC000
|
heap
|
page read and write
|
||
|
175410E0000
|
heap
|
page read and write
|
||
|
17541276000
|
heap
|
page read and write
|
||
|
2D637E13000
|
heap
|
page read and write
|
||
|
2D637EB9000
|
heap
|
page read and write
|
||
|
C0B447E000
|
stack
|
page read and write
|
||
|
175422E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFFEFBA2000
|
unkown
|
page readonly
|
||
|
17546B02000
|
heap
|
page read and write
|
||
|
1DC41E4A000
|
heap
|
page read and write
|
||
|
21A89C00000
|
heap
|
page read and write
|
||
|
797207E000
|
stack
|
page read and write
|
||
|
17541D02000
|
heap
|
page read and write
|
||
|
1E536070000
|
heap
|
page read and write
|
||
|
257C2A4C000
|
heap
|
page read and write
|
||
|
217A3E5000
|
stack
|
page read and write
|
||
|
1E29077000
|
stack
|
page read and write
|
||
|
CD0000
|
heap
|
page readonly
|
||
|
2B7220A0000
|
heap
|
page read and write
|
||
|
21A897AB000
|
heap
|
page read and write
|
||
|
257C2A59000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
21A897D3000
|
heap
|
page read and write
|
||
|
29A5C900000
|
heap
|
page read and write
|
||
|
1521A26F000
|
heap
|
page read and write
|
||
|
21A8979B000
|
heap
|
page read and write
|
||
|
5E8000
|
heap
|
page read and write
|
||
|
20C7AFF0000
|
heap
|
page read and write
|
||
|
20C7AF20000
|
heap
|
page read and write
|
||
|
21A88DD0000
|
remote allocation
|
page read and write
|
||
|
C19FC7C000
|
stack
|
page read and write
|
||
|
29A5C83D000
|
heap
|
page read and write
|
||
|
262F000
|
stack
|
page read and write
|
||
|
2BE35AD0000
|
heap
|
page read and write
|
||
|
20C7AFE7000
|
heap
|
page read and write
|
||
|
21A88EB5000
|
heap
|
page read and write
|
||
|
21EE8920000
|
heap
|
page read and write
|
||
|
8B51CFB000
|
stack
|
page read and write
|
||
|
257C2A4B000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page readonly
|
||
|
B70000
|
heap
|
page read and write
|
||
|
DA9E0FC000
|
stack
|
page read and write
|
||
|
7FFFEFB51000
|
unkown
|
page execute read
|
||
|
8B51AFB000
|
stack
|
page read and write
|
||
|
7FFFEFBA6000
|
unkown
|
page read and write
|
||
|
58B000
|
heap
|
page read and write
|
||
|
19B2C7E000
|
stack
|
page read and write
|
||
|
1E28E7C000
|
stack
|
page read and write
|
||
|
1521A090000
|
heap
|
page read and write
|
||
|
29A5C84E000
|
heap
|
page read and write
|
||
|
21A89602000
|
heap
|
page read and write
|
||
|
5AC000
|
heap
|
page read and write
|
||
|
199A4200000
|
heap
|
page read and write
|
||
|
20C7B2C5000
|
heap
|
page read and write
|
||
|
21A88F02000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
199A4070000
|
heap
|
page read and write
|
||
|
175468E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFFEFBA2000
|
unkown
|
page readonly
|
||
|
17546AD9000
|
heap
|
page read and write
|
||
|
C0B40D6000
|
stack
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
561000
|
heap
|
page read and write
|
||
|
17541140000
|
heap
|
page read and write
|
||
|
7F5000
|
stack
|
page read and write
|
||
|
14B13880000
|
heap
|
page read and write
|
||
|
199A4300000
|
heap
|
page read and write
|
||
|
257C28E0000
|
heap
|
page read and write
|
||
|
17546AED000
|
heap
|
page read and write
|
||
|
2B2E000
|
stack
|
page read and write
|
||
|
21A89C02000
|
heap
|
page read and write
|
||
|
5E8000
|
heap
|
page read and write
|
||
|
17541326000
|
heap
|
page read and write
|
||
|
1E2997C000
|
stack
|
page read and write
|
||
|
7FFFEFB50000
|
unkown
|
page readonly
|
||
|
21A88F13000
|
heap
|
page read and write
|
||
|
C0B44FE000
|
stack
|
page read and write
|
||
|
21EE4CC9000
|
heap
|
page read and write
|
||
|
257C2B00000
|
heap
|
page read and write
|
||
|
193327E000
|
stack
|
page read and write
|
||
|
BF5000
|
heap
|
page read and write
|
||
|
1521A080000
|
heap
|
page read and write
|
||
|
20C7AFFE000
|
heap
|
page read and write
|
||
|
1521A0F0000
|
heap
|
page read and write
|
||
|
29A5C902000
|
heap
|
page read and write
|
||
|
193307E000
|
stack
|
page read and write
|
||
|
175412FC000
|
heap
|
page read and write
|
||
|
21EE4EBB000
|
heap
|
page read and write
|
||
|
20C7B007000
|
heap
|
page read and write
|
||
|
5B7000
|
heap
|
page read and write
|
||
|
1521A23A000
|
heap
|
page read and write
|
||
|
1521A1F0000
|
trusted library allocation
|
page read and write
|
||
|
257C2B08000
|
heap
|
page read and write
|
||
|
1521A242000
|
heap
|
page read and write
|
||
|
14E04F70000
|
heap
|
page read and write
|
||
|
17546B00000
|
heap
|
page read and write
|
||
|
17541BF0000
|
trusted library allocation
|
page read and write
|
||
|
2BE357E0000
|
heap
|
page read and write
|
||
|
1521A269000
|
heap
|
page read and write
|
||
|
17546AF7000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
1521AA02000
|
trusted library allocation
|
page read and write
|
||
|
1E536274000
|
heap
|
page read and write
|
||
|
17541D13000
|
heap
|
page read and write
|
||
|
DA9E3FE000
|
stack
|
page read and write
|
||
|
1521A275000
|
heap
|
page read and write
|
||
|
20C7B003000
|
heap
|
page read and write
|
||
|
1521A263000
|
heap
|
page read and write
|
||
|
17541D00000
|
heap
|
page read and write
|
||
|
19B276C000
|
stack
|
page read and write
|
||
|
20C7AFF0000
|
heap
|
page read and write
|
||
|
257C2A51000
|
heap
|
page read and write
|
||
|
1754128B000
|
heap
|
page read and write
|
||
|
175410D0000
|
heap
|
page read and write
|
||
|
257C2940000
|
heap
|
page read and write
|
||
|
2223F113000
|
heap
|
page read and write
|
||
|
199A4213000
|
heap
|
page read and write
|
||
|
20C7AFE0000
|
heap
|
page read and write
|
||
|
175467D0000
|
trusted library allocation
|
page read and write
|
||
|
2223F06F000
|
heap
|
page read and write
|
||
|
2223F102000
|
heap
|
page read and write
|
||
|
17546C10000
|
trusted library allocation
|
page read and write
|
||
|
1521A27E000
|
heap
|
page read and write
|
||
|
257C2A53000
|
heap
|
page read and write
|
||
|
20C7AFE3000
|
heap
|
page read and write
|
||
|
17546900000
|
trusted library allocation
|
page read and write
|
||
|
1E2917A000
|
stack
|
page read and write
|
||
|
257C2A00000
|
heap
|
page read and write
|
||
|
1521A283000
|
heap
|
page read and write
|
||
|
2B7222E0000
|
heap
|
page read and write
|
||
|
19330FE000
|
stack
|
page read and write
|
||
|
21A89713000
|
heap
|
page read and write
|
||
|
14B13A29000
|
heap
|
page read and write
|
||
|
2BE35840000
|
heap
|
page read and write
|
||
|
C19FCFE000
|
stack
|
page read and write
|
||
|
20C7B006000
|
heap
|
page read and write
|
||
|
193347E000
|
stack
|
page read and write
|
||
|
19B2BF9000
|
stack
|
page read and write
|
||
|
21A88E13000
|
heap
|
page read and write
|
||
|
170000
|
remote allocation
|
page read and write
|
||
|
14E05140000
|
heap
|
page read and write
|
||
|
1DC41E00000
|
heap
|
page read and write
|
||
|
14E051A0000
|
direct allocation
|
page execute and read and write
|
||
|
2B722110000
|
heap
|
page read and write
|
||
|
257C2B02000
|
heap
|
page read and write
|
||
|
1932DAB000
|
stack
|
page read and write
|
||
|
17546A00000
|
heap
|
page read and write
|
||
|
20C7AF40000
|
heap
|
page read and write
|
||
|
6AA695A000
|
stack
|
page read and write
|
||
|
21A8978A000
|
heap
|
page read and write
|
||
|
21862232000
|
heap
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
29A5E202000
|
trusted library allocation
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
257C2B13000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
21EE4CD2000
|
heap
|
page read and write
|
||
|
17546A30000
|
trusted library allocation
|
page read and write
|
||
|
29A5C700000
|
trusted library allocation
|
page read and write
|
||
|
29A5C89F000
|
heap
|
page read and write
|
||
|
1521A246000
|
heap
|
page read and write
|
||
|
7FFFEFB50000
|
unkown
|
page readonly
|
||
|
7971EFB000
|
stack
|
page read and write
|
||
|
21EE8120000
|
trusted library allocation
|
page read and write
|
||
|
17541274000
|
heap
|
page read and write
|
||
|
170000
|
remote allocation
|
page read and write
|
||
|
17546AF8000
|
heap
|
page read and write
|
||
|
21862150000
|
heap
|
page read and write
|
||
|
660000
|
trusted library allocation
|
page read and write
|
||
|
237C000
|
stack
|
page read and write
|
||
|
1521A26D000
|
heap
|
page read and write
|
||
|
21A88E59000
|
heap
|
page read and write
|
||
|
1E536259000
|
heap
|
page read and write
|
||
|
7972477000
|
stack
|
page read and write
|
||
|
21A8978A000
|
heap
|
page read and write
|
||
|
695000
|
heap
|
page read and write
|
||
|
5B7000
|
heap
|
page read and write
|
||
|
C19FF7B000
|
stack
|
page read and write
|
||
|
29A5C86E000
|
heap
|
page read and write
|
||
|
21A88EE1000
|
heap
|
page read and write
|
||
|
17546D50000
|
trusted library allocation
|
page read and write
|
||
|
17546A54000
|
heap
|
page read and write
|
||
|
7971B8E000
|
stack
|
page read and write
|
||
|
1E536213000
|
heap
|
page read and write
|
||
|
2D638900000
|
heap
|
page read and write
|
||
|
199A427D000
|
heap
|
page read and write
|
||
|
8B51DFE000
|
stack
|
page read and write
|
||
|
2223F108000
|
heap
|
page read and write
|
||
|
21A88E4D000
|
heap
|
page read and write
|
||
|
21A897CF000
|
heap
|
page read and write
|
||
|
14B138E0000
|
heap
|
page read and write
|
||
|
2223EFF0000
|
trusted library allocation
|
page read and write
|
||
|
1521A261000
|
heap
|
page read and write
|
||
|
DA9E67D000
|
stack
|
page read and write
|
||
|
2D637F13000
|
heap
|
page read and write
|
||
|
199A4253000
|
heap
|
page read and write
|
||
|
247B000
|
stack
|
page read and write
|
||
|
26AE000
|
stack
|
page read and write
|
||
|
23099FF000
|
stack
|
page read and write
|
||
|
7FFFEFBA6000
|
unkown
|
page read and write
|
||
|
20C7AFE6000
|
heap
|
page read and write
|
||
|
1DC41F02000
|
heap
|
page read and write
|
||
|
58E000
|
heap
|
page read and write
|
||
|
2D637E40000
|
heap
|
page read and write
|
||
|
29A5C750000
|
trusted library allocation
|
page read and write
|
||
|
14E04F78000
|
heap
|
page read and write
|
||
|
218624F0000
|
trusted library allocation
|
page read and write
|
||
|
5E6000
|
heap
|
page read and write
|
||
|
2BE3582C000
|
heap
|
page read and write
|
||
|
21A88EB1000
|
heap
|
page read and write
|
||
|
21A89C02000
|
heap
|
page read and write
|
||
|
2BE37470000
|
heap
|
page read and write
|
||
|
21A88E49000
|
heap
|
page read and write
|
||
|
21A88BB0000
|
heap
|
page read and write
|
||
|
1521A277000
|
heap
|
page read and write
|
||
|
5AB7E7E000
|
stack
|
page read and write
|
||
|
17541302000
|
heap
|
page read and write
|
||
|
2223F053000
|
heap
|
page read and write
|
||
|
1E29A7C000
|
stack
|
page read and write
|
||
|
2D637EE3000
|
heap
|
page read and write
|
||
|
199A41D0000
|
trusted library allocation
|
page read and write
|
||
|
21A88EC3000
|
heap
|
page read and write
|
||
|
2B722123000
|
heap
|
page read and write
|
||
|
1DC41DE0000
|
trusted library allocation
|
page read and write
|
||
|
14E051E5000
|
heap
|
page read and write
|
||
|
262F000
|
stack
|
page read and write
|
||
|
21A88C10000
|
heap
|
page read and write
|
||
|
17541302000
|
heap
|
page read and write
|
||
|
1E536010000
|
heap
|
page read and write
|
||
|
257C2A4F000
|
heap
|
page read and write
|
||
|
175412FC000
|
heap
|
page read and write
|
||
|
1DC41C70000
|
heap
|
page read and write
|
||
|
17541D59000
|
heap
|
page read and write
|
||
|
25B0000
|
remote allocation
|
page read and write
|
||
|
20C7B003000
|
heap
|
page read and write
|
||
|
1521A302000
|
heap
|
page read and write
|
||
|
DA9E97F000
|
stack
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
797227F000
|
stack
|
page read and write
|
||
|
14B139E0000
|
trusted library allocation
|
page read and write
|
||
|
21A8978C000
|
heap
|
page read and write
|
||
|
175467C0000
|
trusted library allocation
|
page read and write
|
||
|
2223FA02000
|
trusted library allocation
|
page read and write
|
||
|
193337E000
|
stack
|
page read and write
|
||
|
199A423C000
|
heap
|
page read and write
|
||
|
21862020000
|
trusted library allocation
|
page read and write
|
||
|
21A8978A000
|
heap
|
page read and write
|
||
|
7FFFEFBA2000
|
unkown
|
page readonly
|
||
|
1521A244000
|
heap
|
page read and write
|
||
|
175469F0000
|
trusted library allocation
|
page read and write
|
||
|
1521A213000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
21A88E4E000
|
heap
|
page read and write
|
||
|
21EE8020000
|
heap
|
page read and write
|
||
|
21A88E00000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
1521A245000
|
heap
|
page read and write
|
||
|
29A5C85E000
|
heap
|
page read and write
|
||
|
14E04F40000
|
heap
|
page read and write
|
||
|
17541D18000
|
heap
|
page read and write
|
||
|
17541279000
|
heap
|
page read and write
|
||
|
DA9E2FC000
|
stack
|
page read and write
|
||
|
23098FF000
|
stack
|
page read and write
|
||
|
14B13A70000
|
heap
|
page read and write
|
||
|
1DC41E3D000
|
heap
|
page read and write
|
||
|
199A4247000
|
heap
|
page read and write
|
||
|
21EE4EB0000
|
heap
|
page read and write
|
||
|
21A89798000
|
heap
|
page read and write
|
||
|
C0B41DF000
|
stack
|
page read and write
|
||
|
1E29C7E000
|
stack
|
page read and write
|
||
|
2D637E00000
|
heap
|
page read and write
|
||
|
257C2A71000
|
heap
|
page read and write
|
||
|
5AB827E000
|
stack
|
page read and write
|
||
|
1E53626A000
|
heap
|
page read and write
|
||
|
21A897BC000
|
heap
|
page read and write
|
||
|
1DC425B0000
|
remote allocation
|
page read and write
|
||
|
C1A0077000
|
stack
|
page read and write
|
||
|
21EE4E80000
|
heap
|
page read and write
|
||
|
21A89783000
|
heap
|
page read and write
|
||
|
23095FF000
|
stack
|
page read and write
|
||
|
21A88DD0000
|
remote allocation
|
page read and write
|
||
|
257C2A49000
|
heap
|
page read and write
|
||
|
21A88E29000
|
heap
|
page read and write
|
||
|
5AB7F7B000
|
stack
|
page read and write
|
||
|
21A89741000
|
heap
|
page read and write
|
||
|
175468E0000
|
trusted library allocation
|
page read and write
|
||
|
1521A25F000
|
heap
|
page read and write
|
||
|
17541256000
|
heap
|
page read and write
|
||
|
257C2A99000
|
heap
|
page read and write
|
||
|
20C7AFD6000
|
heap
|
page read and write
|
||
|
17546901000
|
trusted library allocation
|
page read and write
|
||
|
29A5C913000
|
heap
|
page read and write
|
||
|
21EE4CDC000
|
heap
|
page read and write
|
||
|
FEA0B7C000
|
stack
|
page read and write
|
||
|
17546AF1000
|
heap
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
21EE4EB5000
|
heap
|
page read and write
|
||
|
2308FFA000
|
stack
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
21862010000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1DC41CE0000
|
heap
|
page read and write
|
||
|
257E000
|
stack
|
page read and write
|
||
|
20C7AFF0000
|
heap
|
page read and write
|
||
|
C33B2FD000
|
stack
|
page read and write
|
||
|
21862170000
|
heap
|
page read and write
|
||
|
263A87C000
|
stack
|
page read and write
|
||
|
1E536313000
|
heap
|
page read and write
|
||
|
1521A279000
|
heap
|
page read and write
|
||
|
1E536000000
|
heap
|
page read and write
|
||
|
1521A24B000
|
heap
|
page read and write
|
||
|
1E53623C000
|
heap
|
page read and write
|
||
|
2D637ECA000
|
heap
|
page read and write
|
||
|
D5E000
|
stack
|
page read and write
|
||
|
52B000
|
heap
|
page read and write
|
||
|
23091FE000
|
stack
|
page read and write
|
||
|
58E000
|
heap
|
page read and write
|
||
|
21A8978A000
|
heap
|
page read and write
|
||
|
1521A241000
|
heap
|
page read and write
|
||
|
21A897B5000
|
heap
|
page read and write
|
||
|
29A5C7D0000
|
remote allocation
|
page read and write
|
||
|
21A89798000
|
heap
|
page read and write
|
||
|
2186225F000
|
heap
|
page read and write
|
||
|
21A897D3000
|
heap
|
page read and write
|
||
|
C18000
|
heap
|
page read and write
|
||
|
8B51BFF000
|
stack
|
page read and write
|
||
|
21A88BA0000
|
heap
|
page read and write
|
||
|
1E536302000
|
heap
|
page read and write
|
||
|
199A4290000
|
heap
|
page read and write
|
||
|
23097FF000
|
stack
|
page read and write
|
||
|
175412BA000
|
heap
|
page read and write
|
||
|
263A4CC000
|
stack
|
page read and write
|
||
|
5AB79CC000
|
stack
|
page read and write
|
||
|
218624E9000
|
heap
|
page read and write
|
||
|
2223F04E000
|
heap
|
page read and write
|
||
|
21A89751000
|
heap
|
page read and write
|
||
|
29A5C5A0000
|
heap
|
page read and write
|
||
|
17546AA2000
|
heap
|
page read and write
|
||
|
21A89700000
|
heap
|
page read and write
|
||
|
5E6000
|
heap
|
page read and write
|
||
|
21EE4CC6000
|
heap
|
page read and write
|
||
|
199A4060000
|
heap
|
page read and write
|
||
|
6AA6DFE000
|
stack
|
page read and write
|
||
|
263AD7D000
|
stack
|
page read and write
|
||
|
14B13A40000
|
heap
|
page read and write
|
||
|
29A5C85E000
|
heap
|
page read and write
|
||
|
175468EE000
|
trusted library allocation
|
page read and write
|
||
|
21A89794000
|
heap
|
page read and write
|
||
|
1DC41E02000
|
heap
|
page read and write
|
||
|
218630A0000
|
trusted library allocation
|
page read and write
|
||
|
2223F029000
|
heap
|
page read and write
|
||
|
257C2A4E000
|
heap
|
page read and write
|
||
|
17541C00000
|
heap
|
page read and write
|
||
|
19B2B79000
|
stack
|
page read and write
|
||
|
6AA6C7E000
|
stack
|
page read and write
|
||
|
5E6000
|
heap
|
page read and write
|
||
|
199A4313000
|
heap
|
page read and write
|
||
|
79724FF000
|
unkown
|
page read and write
|
||
|
21A89C02000
|
heap
|
page read and write
|
||
|
20C7AFD1000
|
heap
|
page read and write
|
||
|
61BC1BE000
|
stack
|
page read and write
|
||
|
1521A23D000
|
heap
|
page read and write
|
||
|
21A88EAB000
|
heap
|
page read and write
|
||
|
7FFFEFBA6000
|
unkown
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
7FFFEFBA9000
|
unkown
|
page readonly
|
||
|
2BE37290000
|
heap
|
page read and write
|
||
|
23096FF000
|
stack
|
page read and write
|
||
|
660000
|
trusted library allocation
|
page read and write
|
||
|
17546910000
|
trusted library allocation
|
page read and write
|
||
|
21A897BD000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
21EE4CED000
|
heap
|
page read and write
|
||
|
21A8978C000
|
heap
|
page read and write
|
||
|
17546C40000
|
remote allocation
|
page read and write
|
||
|
21A89783000
|
heap
|
page read and write
|
||
|
23093FE000
|
stack
|
page read and write
|
||
|
21A8978C000
|
heap
|
page read and write
|
||
|
29A5C802000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
199A4249000
|
heap
|
page read and write
|
||
|
21A88E5B000
|
heap
|
page read and write
|
||
|
14B13B13000
|
heap
|
page read and write
|
||
|
21EE4CB0000
|
heap
|
page read and write
|
||
|
1521A249000
|
heap
|
page read and write
|
||
|
2186225F000
|
heap
|
page read and write
|
||
|
FEA097C000
|
stack
|
page read and write
|
||
|
C33000
|
heap
|
page read and write
|
||
|
22FE000
|
stack
|
page read and write
|
||
|
21A89796000
|
heap
|
page read and write
|
||
|
21EE4C40000
|
heap
|
page read and write
|
||
|
17546D30000
|
trusted library allocation
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
199A40D0000
|
heap
|
page read and write
|
||
|
1521A267000
|
heap
|
page read and write
|
||
|
7FFFEFB51000
|
unkown
|
page execute read
|
||
|
218621F0000
|
trusted library allocation
|
page read and write
|
||
|
2223F07A000
|
heap
|
page read and write
|
||
|
199A4229000
|
heap
|
page read and write
|
||
|
2BE35A90000
|
direct allocation
|
page execute and read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
21A8979D000
|
heap
|
page read and write
|
||
|
1521A225000
|
heap
|
page read and write
|
||
|
218621E0000
|
trusted library allocation
|
page read and write
|
||
|
17541290000
|
heap
|
page read and write
|
||
|
21A88F08000
|
heap
|
page read and write
|
||
|
21A8978C000
|
heap
|
page read and write
|
||
|
21A88EC8000
|
heap
|
page read and write
|
||
|
2223EF60000
|
heap
|
page read and write
|
||
|
2764000
|
heap
|
page read and write
|
||
|
17546924000
|
trusted library allocation
|
page read and write
|
||
|
1521A295000
|
heap
|
page read and write
|
||
|
21A89764000
|
heap
|
page read and write
|
||
|
23094FD000
|
stack
|
page read and write
|
||
|
175469C0000
|
trusted library allocation
|
page read and write
|
||
|
14E04F9C000
|
heap
|
page read and write
|
||
|
2BE35808000
|
heap
|
page read and write
|
||
|
14B13A00000
|
heap
|
page read and write
|
||
|
2223F000000
|
heap
|
page read and write
|
||
|
257C2A2A000
|
heap
|
page read and write
|
||
|
61BC97E000
|
stack
|
page read and write
|
||
|
2D637D20000
|
heap
|
page read and write
|
||
|
20C7AFE5000
|
heap
|
page read and write
|
||
|
1E536300000
|
heap
|
page read and write
|
||
|
21A89798000
|
heap
|
page read and write
|
||
|
21A89798000
|
heap
|
page read and write
|
||
|
21EE4CD8000
|
heap
|
page read and write
|
||
|
14B13A6B000
|
heap
|
page read and write
|
||
|
17541BD0000
|
trusted library allocation
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
21A8979D000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1E2937E000
|
stack
|
page read and write
|
||
|
17546C00000
|
trusted library allocation
|
page read and write
|
||
|
1E2927A000
|
stack
|
page read and write
|
||
|
FEA057F000
|
stack
|
page read and write
|
||
|
17546AF9000
|
heap
|
page read and write
|
||
|
1DC42602000
|
trusted library allocation
|
page read and write
|
||
|
17546C40000
|
remote allocation
|
page read and write
|
||
|
20C7B2C0000
|
heap
|
page read and write
|
||
|
1521A260000
|
heap
|
page read and write
|
||
|
7FFFEFBA9000
|
unkown
|
page readonly
|
||
|
600000
|
heap
|
page read and write
|
||
|
175412A4000
|
heap
|
page read and write
|
||
|
17541200000
|
heap
|
page read and write
|
||
|
257C2A7D000
|
heap
|
page read and write
|
||
|
2BE35831000
|
heap
|
page read and write
|
||
|
C1A027F000
|
stack
|
page read and write
|
||
|
2BAB000
|
stack
|
page read and write
|
||
|
2186225C000
|
heap
|
page read and write
|
||
|
1754129E000
|
heap
|
page read and write
|
||
|
1E536228000
|
heap
|
page read and write
|
||
|
20C7B003000
|
heap
|
page read and write
|
||
|
29A5C86E000
|
heap
|
page read and write
|
||
|
1754123D000
|
heap
|
page read and write
|
||
|
29A5C85B000
|
heap
|
page read and write
|
||
|
D258B7D000
|
stack
|
page read and write
|
||
|
6AA6D79000
|
stack
|
page read and write
|
||
|
20C7AFF0000
|
heap
|
page read and write
|
||
|
199A424B000
|
heap
|
page read and write
|
||
|
21EE8110000
|
heap
|
page read and write
|
||
|
21A8979E000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
21A897C0000
|
heap
|
page read and write
|
||
|
199A424D000
|
heap
|
page read and write
|
||
|
7971FF9000
|
stack
|
page read and write
|
||
|
2186225D000
|
heap
|
page read and write
|
||
|
1521A240000
|
heap
|
page read and write
|
||
|
14B13A5A000
|
heap
|
page read and write
|
||
|
257C2970000
|
trusted library allocation
|
page read and write
|
||
|
21A8978A000
|
heap
|
page read and write
|
||
|
6AA6E7E000
|
stack
|
page read and write
|
||
|
2BE35800000
|
heap
|
page read and write
|
||
|
21A8979F000
|
heap
|
page read and write
|
||
|
21A89743000
|
heap
|
page read and write
|
||
|
21A89C02000
|
heap
|
page read and write
|
||
|
21A8978A000
|
heap
|
page read and write
|
||
|
561000
|
heap
|
page read and write
|
||
|
21A8979F000
|
heap
|
page read and write
|
||
|
8B515AB000
|
stack
|
page read and write
|
||
|
5AB8077000
|
stack
|
page read and write
|
||
|
1521A231000
|
heap
|
page read and write
|
||
|
17541BD3000
|
trusted library allocation
|
page read and write
|
||
|
14E04FA1000
|
heap
|
page read and write
|
||
|
61BC47E000
|
stack
|
page read and write
|
||
|
21A88D10000
|
trusted library allocation
|
page read and write
|
||
|
17546920000
|
trusted library allocation
|
page read and write
|
||
|
263A97E000
|
stack
|
page read and write
|
||
|
7971A8C000
|
stack
|
page read and write
|
||
|
17541C02000
|
heap
|
page read and write
|
||
|
14B13A60000
|
heap
|
page read and write
|
||
|
14E051E0000
|
heap
|
page read and write
|
||
|
1DC41E13000
|
heap
|
page read and write
|
||
|
21EE4CCE000
|
heap
|
page read and write
|
||
|
21A88E6C000
|
heap
|
page read and write
|
||
|
5AC000
|
heap
|
page read and write
|
||
|
1521A253000
|
heap
|
page read and write
|
||
|
29A5C800000
|
heap
|
page read and write
|
||
|
1DC41C80000
|
heap
|
page read and write
|
||
|
1521A262000
|
heap
|
page read and write
|
||
|
29A5C918000
|
heap
|
page read and write
|
||
|
21A897AA000
|
heap
|
page read and write
|
||
|
21EE4CB8000
|
heap
|
page read and write
|
||
|
21A89C02000
|
heap
|
page read and write
|
||
|
17546A1D000
|
heap
|
page read and write
|
||
|
20C7AFC0000
|
heap
|
page read and write
|
||
|
2223EF50000
|
heap
|
page read and write
|
||
|
2BE35630000
|
heap
|
page read and write
|
||
|
29A5C590000
|
heap
|
page read and write
|
||
|
217A7FE000
|
stack
|
page read and write
|
||
|
5AB7CFE000
|
stack
|
page read and write
|
||
|
C90000
|
direct allocation
|
page execute and read and write
|
||
|
2BE35790000
|
heap
|
page read and write
|
||
|
257C2A48000
|
heap
|
page read and write
|
||
|
19B2CF9000
|
stack
|
page read and write
|
||
|
29A5C82A000
|
heap
|
page read and write
|
||
|
1521A273000
|
heap
|
page read and write
|
||
|
2308BFC000
|
stack
|
page read and write
|
||
|
14B13A02000
|
heap
|
page read and write
|
||
|
175469B0000
|
trusted library allocation
|
page read and write
|
||
|
21863120000
|
trusted library allocation
|
page read and write
|
||
|
61BC777000
|
stack
|
page read and write
|
||
|
BB5000
|
heap
|
page read and write
|
||
|
61BC67B000
|
stack
|
page read and write
|
||
|
21A88E3C000
|
heap
|
page read and write
|
||
|
797237A000
|
stack
|
page read and write
|
||
|
21A897DC000
|
heap
|
page read and write
|
||
|
218630D0000
|
trusted library allocation
|
page read and write
|
||
|
61BC87F000
|
stack
|
page read and write
|
||
|
1E29779000
|
stack
|
page read and write
|
||
|
1DC425B0000
|
remote allocation
|
page read and write
|
||
|
23090FC000
|
stack
|
page read and write
|
||
|
FEA067F000
|
stack
|
page read and write
|
||
|
2D637EC1000
|
heap
|
page read and write
|
||
|
21A897AF000
|
heap
|
page read and write
|
||
|
1521A272000
|
heap
|
page read and write
|
||
|
1E536A02000
|
trusted library allocation
|
page read and write
|
||
|
21A89787000
|
heap
|
page read and write
|
||
|
14E06B80000
|
heap
|
page read and write
|
||
|
7FFFEFB50000
|
unkown
|
page readonly
|
||
|
218630C0000
|
trusted library allocation
|
page read and write
|
||
|
20C7AFD6000
|
heap
|
page read and write
|
||
|
21A897C3000
|
heap
|
page read and write
|
||
|
2186227C000
|
heap
|
page read and write
|
||
|
17541213000
|
heap
|
page read and write
|
||
|
17541D04000
|
heap
|
page read and write
|
||
|
7971B0D000
|
stack
|
page read and write
|
||
|
5AB7DFC000
|
stack
|
page read and write
|
||
|
5E8000
|
heap
|
page read and write
|
||
|
263ABFD000
|
stack
|
page read and write
|
||
|
2223F100000
|
heap
|
page read and write
|
||
|
1E536202000
|
heap
|
page read and write
|
||
|
21A88DD0000
|
remote allocation
|
page read and write
|
||
|
5AB817F000
|
stack
|
page read and write
|
||
|
175468E8000
|
trusted library allocation
|
page read and write
|
||
|
20C7B003000
|
heap
|
page read and write
|
||
|
1E2947B000
|
stack
|
page read and write
|
||
|
21862273000
|
heap
|
page read and write
|
||
|
21862248000
|
heap
|
page read and write
|
||
|
21A89C02000
|
heap
|
page read and write
|
||
|
14E04ED0000
|
heap
|
page read and write
|
||
|
263AC7F000
|
stack
|
page read and write
|
||
|
17546A2B000
|
heap
|
page read and write
|
||
|
29A5C877000
|
heap
|
page read and write
|
||
|
21A88E4B000
|
heap
|
page read and write
|
||
|
21A88EDA000
|
heap
|
page read and write
|
||
|
217A67F000
|
stack
|
page read and write
|
||
|
2223EFC0000
|
heap
|
page read and write
|
||
|
21862208000
|
heap
|
page read and write
|
||
|
DA9E87C000
|
stack
|
page read and write
|
||
|
21862255000
|
heap
|
page read and write
|
||
|
17541170000
|
trusted library allocation
|
page read and write
|
||
|
180000
|
heap
|
page read and write
|
||
|
7FFFEFB50000
|
unkown
|
page readonly
|
||
|
29A5C7D0000
|
remote allocation
|
page read and write
|
||
|
193357F000
|
stack
|
page read and write
|
||
|
DA9E57B000
|
stack
|
page read and write
|
||
|
23FF000
|
stack
|
page read and write
|
||
|
199A426A000
|
heap
|
page read and write
|
||
|
29A5C720000
|
trusted library allocation
|
page read and write
|
||
|
21EE4CCD000
|
heap
|
page read and write
|
||
|
17542760000
|
trusted library allocation
|
page read and write
|
||
|
90000
|
heap
|
page read and write
|
||
|
17541BE0000
|
trusted library allocation
|
page read and write
|
||
|
B9B000
|
heap
|
page read and write
|
||
|
17541D18000
|
heap
|
page read and write
|
||
|
175412A7000
|
heap
|
page read and write
|
||
|
17546A61000
|
heap
|
page read and write
|
||
|
21EE4CD2000
|
heap
|
page read and write
|
||
|
6AA6CFC000
|
stack
|
page read and write
|
||
|
21A8979F000
|
heap
|
page read and write
|
||
|
218624E5000
|
heap
|
page read and write
|
||
|
14B13B02000
|
heap
|
page read and write
|
||
|
2BE37294000
|
heap
|
page read and write
|
||
|
1521A24C000
|
heap
|
page read and write
|
||
|
20C7AFE0000
|
heap
|
page read and write
|
||
|
257C2AA0000
|
heap
|
page read and write
|
||
|
21A88E99000
|
heap
|
page read and write
|
||
|
257C2A55000
|
heap
|
page read and write
|
||
|
21A8979B000
|
heap
|
page read and write
|
||
|
C1A017F000
|
stack
|
page read and write
|
||
|
2223F048000
|
heap
|
page read and write
|
||
|
17546A3B000
|
heap
|
page read and write
|
||
|
17541314000
|
heap
|
page read and write
|
||
|
2223F086000
|
heap
|
page read and write
|
||
|
2223F013000
|
heap
|
page read and write
|
||
|
175469B0000
|
trusted library allocation
|
page read and write
|
||
|
5FE000
|
heap
|
page read and write
|
||
|
1521A248000
|
heap
|
page read and write
|
||
|
21A8979C000
|
heap
|
page read and write
|
||
|
7FFFEFBA9000
|
unkown
|
page readonly
|
||
|
14B13870000
|
heap
|
page read and write
|
||
|
21EE4CC9000
|
heap
|
page read and write
|
||
|
2D637E29000
|
heap
|
page read and write
|
||
|
FEA087C000
|
stack
|
page read and write
|
||
|
145000
|
stack
|
page read and write
|
||
|
29A5C7D0000
|
remote allocation
|
page read and write
|
||
|
1521A200000
|
heap
|
page read and write
|
||
|
7FFFEFB51000
|
unkown
|
page execute read
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
2D637D80000
|
heap
|
page read and write
|
||
|
21A88E4C000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
7972177000
|
stack
|
page read and write
|
||
|
2D637F02000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
2BE35770000
|
heap
|
page read and write
|
||
|
20C7AFE0000
|
heap
|
page read and write
|
||
|
2223F03C000
|
heap
|
page read and write
|
||
|
17546A40000
|
trusted library allocation
|
page read and write
|
||
|
2BE370F0000
|
heap
|
page readonly
|
||
|
25B0000
|
remote allocation
|
page read and write
|
||
|
21EE4CE1000
|
heap
|
page read and write
|
||
|
DA9E77F000
|
stack
|
page read and write
|
||
|
17541307000
|
heap
|
page read and write
|
||
|
FEA077E000
|
stack
|
page read and write
|
||
|
14E06B84000
|
heap
|
page read and write
|
||
|
14B14202000
|
trusted library allocation
|
page read and write
|
||
|
17546904000
|
trusted library allocation
|
page read and write
|
||
|
199A4302000
|
heap
|
page read and write
|
||
|
218630B0000
|
heap
|
page readonly
|
||
|
D258AFE000
|
stack
|
page read and write
|
||
|
DA9DCDC000
|
stack
|
page read and write
|
||
|
5AB7C7E000
|
stack
|
page read and write
|
||
|
1521A22A000
|
heap
|
page read and write
|
||
|
257C3402000
|
trusted library allocation
|
page read and write
|
||
|
7FFFEFB51000
|
unkown
|
page execute read
|
||
|
257C2A3C000
|
heap
|
page read and write
|
||
|
1521A274000
|
heap
|
page read and write
|
||
|
1521A27A000
|
heap
|
page read and write
|
||
|
199A4A02000
|
trusted library allocation
|
page read and write
|
||
|
2BE35AD5000
|
heap
|
page read and write
|
||
|
7FFFEFBA6000
|
unkown
|
page read and write
|
||
|
FE9FFCB000
|
stack
|
page read and write
|
||
|
218624E0000
|
heap
|
page read and write
|
||
|
17546C40000
|
remote allocation
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
2186225C000
|
heap
|
page read and write
|
||
|
21862200000
|
heap
|
page read and write
|
||
|
29A5C813000
|
heap
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
14E05180000
|
heap
|
page read and write
|
||
|
1521A264000
|
heap
|
page read and write
|
||
|
E05000
|
heap
|
page read and write
|
||
|
1DC425B0000
|
remote allocation
|
page read and write
|
||
|
21A897A4000
|
heap
|
page read and write
|
||
|
1521A233000
|
heap
|
page read and write
|
||
|
14E06990000
|
heap
|
page readonly
|
||
|
7FFFEFBA2000
|
unkown
|
page readonly
|
||
|
DA9E4FC000
|
stack
|
page read and write
|
||
|
21A897B7000
|
heap
|
page read and write
|
||
|
17541D59000
|
heap
|
page read and write
|
||
|
21A88EF3000
|
heap
|
page read and write
|
||
|
21A897DC000
|
heap
|
page read and write
|
||
|
1E536170000
|
trusted library allocation
|
page read and write
|
||
|
257C2A56000
|
heap
|
page read and write
|
||
|
2B72211D000
|
heap
|
page read and write
|
||
|
2D638802000
|
heap
|
page read and write
|
||
|
17546AFC000
|
heap
|
page read and write
|
||
|
17546C20000
|
trusted library allocation
|
page read and write
|
||
|
2D637E71000
|
heap
|
page read and write
|
||
|
217A77E000
|
stack
|
page read and write
|
||
|
20C7AEC0000
|
heap
|
page read and write
|
||
|
1754126F000
|
heap
|
page read and write
|
||
|
199A4250000
|
heap
|
page read and write
|
||
|
1521A25E000
|
heap
|
page read and write
|
||
|
DA9E07E000
|
stack
|
page read and write
|
||
|
21A88E2E000
|
heap
|
page read and write
|
||
|
1E536200000
|
heap
|
page read and write
|
||
|
199A4287000
|
heap
|
page read and write
|
||
|
29A5C86B000
|
heap
|
page read and write
|
||
|
21EE4EC0000
|
heap
|
page read and write
|
||
|
21EE8113000
|
heap
|
page read and write
|
||
|
1521A25C000
|
heap
|
page read and write
|
||
|
29A5C600000
|
heap
|
page read and write
|
||
|
21A8978A000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
7FFFEFBA9000
|
unkown
|
page readonly
|
||
|
272C000
|
stack
|
page read and write
|
||
|
21A897C3000
|
heap
|
page read and write
|
||
|
1DC41E51000
|
heap
|
page read and write
|
||
|
D258A7B000
|
stack
|
page read and write
|
||
|
175469B0000
|
trusted library allocation
|
page read and write
|
||
|
21A88F16000
|
heap
|
page read and write
|
||
|
21862E50000
|
trusted library allocation
|
page read and write
|
||
|
257C2A13000
|
heap
|
page read and write
|
||
|
21A89C02000
|
heap
|
page read and write
|
||
|
14B13A13000
|
heap
|
page read and write
|
||
|
199A4308000
|
heap
|
page read and write
|
||
|
217A6FF000
|
stack
|
page read and write
|
||
|
257C28D0000
|
heap
|
page read and write
|
||
|
4F0000
|
direct allocation
|
page execute and read and write
|
||
|
17541229000
|
heap
|
page read and write
|
||
|
21862E60000
|
trusted library allocation
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
175412AC000
|
heap
|
page read and write
|
||
|
25B0000
|
remote allocation
|
page read and write
|
||
|
5B7000
|
heap
|
page read and write
|
||
|
17546A48000
|
heap
|
page read and write
|
||
|
17546A13000
|
heap
|
page read and write
|
||
|
17546910000
|
trusted library allocation
|
page read and write
|
||
|
55B000
|
heap
|
page read and write
|
||
|
17546AEB000
|
heap
|
page read and write
|
||
|
21A88EEC000
|
heap
|
page read and write
|
||
|
17546A89000
|
heap
|
page read and write
|
||
|
2223F04C000
|
heap
|
page read and write
|
||
|
20C7B003000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
20C7AFCB000
|
heap
|
page read and write
|
||
|
2D637DB0000
|
trusted library allocation
|
page read and write
|
There are 751 hidden memdumps, click here to show them.