Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
yj81rxDZIp.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
MPEG-4 LOAS
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0xe9bd06a2, page size 16384, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
|
Little-endian UTF-16 Unicode text, with CRLF, CR line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\yj81rxDZIp.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\yj81rxDZIp.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\yj81rxDZIp.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\yj81rxDZIp.dll,DllUnregisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\NaMuLvbxXsNvT\LkWax.dll"
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k NetworkService -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\system32\svchost.exe -k wusvcs -p -s WaaSMedicSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\KZsiDdn\sdxQuTDjzsbvXJ.dll"
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\yj81rxDZIp.dll"
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\yj81rxDZIp.dll",#1
|
||
|
C:\Windows\System32\SgrmBroker.exe
|
C:\Windows\system32\SgrmBroker.exe
|
||
|
C:\Program Files\Windows Defender\MpCmdRun.exe
|
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 12 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://23.239.0.12/
|
23.239.0.12
|
|
|
|
https://150.95.66.124:8080/
|
unknown
|
|
|
|
https://23.239.0.12/x
|
unknown
|
|
|
|
https://23.239.0.12/?
|
unknown
|
|
|
|
https://23.239.0.12/=
|
unknown
|
|
|
|
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
|
unknown
|
||
|
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Driving
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Transit/Stops/
|
unknown
|
||
|
https://t0.tiles.ditu.live.com/tiles/gen
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Walking
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
|
unknown
|
||
|
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=
|
unknown
|
||
|
https://%s.xboxlive.com
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Locations
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/logging.ashx
|
unknown
|
||
|
https://support.hotspotshield.com/
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/logging.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Transit/Schedules/
|
unknown
|
||
|
https://dynamic.t
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Transit
|
unknown
|
||
|
https://www.hotspotshield.com/terms/
|
unknown
|
||
|
https://www.pango.co/privacy
|
unknown
|
||
|
https://disneyplus.com/legal.
|
unknown
|
||
|
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
|
unknown
|
||
|
http://www.bingmapsportal.comx
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://activity.windows.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Locations
|
unknown
|
||
|
http://help.disneyplus.com.
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://%s.dnet.xboxlive.com
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
|
unknown
|
||
|
https://150.95.66.124/
|
unknown
|
There are 37 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
23.239.0.12
|
unknown
|
United States
|
|
|
|
150.95.66.124
|
unknown
|
Singapore
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Usage
|
MonthID
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\WaaS\WaaSMedic\TaskStore
|
Schedule Scan
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\WaaS\WaaSMedic\State
|
BlockUntilTimeStatus
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\WaaS\WaaSMedic\Configuration
|
refreshAfter
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
26800000000
|
direct allocation
|
page execute and read and write
|
|
|
|
1FD0000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
12F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
198952A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
1CF6CBD0000
|
heap
|
page read and write
|
||
|
1E993E80000
|
trusted library allocation
|
page read and write
|
||
|
19C95646000
|
heap
|
page read and write
|
||
|
2473C780000
|
heap
|
page read and write
|
||
|
2B243063000
|
heap
|
page read and write
|
||
|
25190CD6000
|
heap
|
page read and write
|
||
|
286F0482000
|
heap
|
page read and write
|
||
|
25E0722A000
|
heap
|
page read and write
|
||
|
13B7000
|
heap
|
page read and write
|
||
|
2B243102000
|
heap
|
page read and write
|
||
|
207F000
|
stack
|
page read and write
|
||
|
24610532000
|
heap
|
page read and write
|
||
|
446C5FC000
|
stack
|
page read and write
|
||
|
286F0660000
|
remote allocation
|
page read and write
|
||
|
286F04FE000
|
heap
|
page read and write
|
||
|
255F2EC4000
|
heap
|
page read and write
|
||
|
286F04DD000
|
heap
|
page read and write
|
||
|
178ADE47000
|
heap
|
page read and write
|
||
|
286F0660000
|
remote allocation
|
page read and write
|
||
|
F6DCF4B000
|
stack
|
page read and write
|
||
|
1C89A2B7000
|
heap
|
page read and write
|
||
|
1E9932C0000
|
heap
|
page read and write
|
||
|
286F0463000
|
heap
|
page read and write
|
||
|
446CE7B000
|
stack
|
page read and write
|
||
|
33AF5FB000
|
stack
|
page read and write
|
||
|
178ADE42000
|
heap
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
B29F47E000
|
stack
|
page read and write
|
||
|
7FFC66D82000
|
unkown
|
page readonly
|
||
|
DFF7FF000
|
stack
|
page read and write
|
||
|
B29F14B000
|
stack
|
page read and write
|
||
|
255F2EDB000
|
heap
|
page read and write
|
||
|
1C899F30000
|
trusted library allocation
|
page read and write
|
||
|
2460FD13000
|
heap
|
page read and write
|
||
|
1C895359000
|
heap
|
page read and write
|
||
|
25190CFF000
|
heap
|
page read and write
|
||
|
286F0D70000
|
heap
|
page read and write
|
||
|
65B000
|
heap
|
page read and write
|
||
|
2460FC13000
|
heap
|
page read and write
|
||
|
7FFC66D89000
|
unkown
|
page readonly
|
||
|
1C899F30000
|
trusted library allocation
|
page read and write
|
||
|
296BA7E000
|
stack
|
page read and write
|
||
|
697FC79000
|
stack
|
page read and write
|
||
|
2B243060000
|
heap
|
page read and write
|
||
|
25191C02000
|
heap
|
page read and write
|
||
|
7FFC66D30000
|
unkown
|
page readonly
|
||
|
21112BF0000
|
trusted library allocation
|
page read and write
|
||
|
1971A413000
|
heap
|
page read and write
|
||
|
C61D1AE000
|
stack
|
page read and write
|
||
|
1E993490000
|
trusted library allocation
|
page read and write
|
||
|
1C895D60000
|
trusted library allocation
|
page read and write
|
||
|
255F2EE7000
|
heap
|
page read and write
|
||
|
2B24399B000
|
heap
|
page read and write
|
||
|
8F3E67F000
|
stack
|
page read and write
|
||
|
1C89A020000
|
trusted library allocation
|
page read and write
|
||
|
835C47B000
|
stack
|
page read and write
|
||
|
697F8FC000
|
stack
|
page read and write
|
||
|
178ADE67000
|
heap
|
page read and write
|
||
|
25190C37000
|
heap
|
page read and write
|
||
|
A6A93FF000
|
stack
|
page read and write
|
||
|
2B2439BA000
|
heap
|
page read and write
|
||
|
2B2439BA000
|
heap
|
page read and write
|
||
|
286F0D79000
|
heap
|
page read and write
|
||
|
2B243993000
|
heap
|
page read and write
|
||
|
1C89A2B6000
|
heap
|
page read and write
|
||
|
19C95677000
|
heap
|
page read and write
|
||
|
19C9564B000
|
heap
|
page read and write
|
||
|
286F046C000
|
heap
|
page read and write
|
||
|
1C89A302000
|
heap
|
page read and write
|
||
|
2B243997000
|
heap
|
page read and write
|
||
|
2B2439BE000
|
heap
|
page read and write
|
||
|
2B487877000
|
heap
|
page read and write
|
||
|
2B487864000
|
heap
|
page read and write
|
||
|
2B2430EE000
|
heap
|
page read and write
|
||
|
21112C63000
|
heap
|
page read and write
|
||
|
F7974FE000
|
stack
|
page read and write
|
||
|
19893C70000
|
heap
|
page read and write
|
||
|
1C89A200000
|
heap
|
page read and write
|
||
|
31DE000
|
stack
|
page read and write
|
||
|
25E07200000
|
heap
|
page read and write
|
||
|
19C955E0000
|
trusted library allocation
|
page read and write
|
||
|
286F0463000
|
heap
|
page read and write
|
||
|
25E06FB5000
|
heap
|
page read and write
|
||
|
286F049D000
|
heap
|
page read and write
|
||
|
D3998C000
|
stack
|
page read and write
|
||
|
286F0447000
|
heap
|
page read and write
|
||
|
1C894AB1000
|
heap
|
page read and write
|
||
|
25E07248000
|
heap
|
page read and write
|
||
|
2B243975000
|
heap
|
page read and write
|
||
|
1971A3F0000
|
trusted library allocation
|
page read and write
|
||
|
2B243059000
|
heap
|
page read and write
|
||
|
286F0D74000
|
heap
|
page read and write
|
||
|
2519155E000
|
heap
|
page read and write
|
||
|
7FFC66D31000
|
unkown
|
page execute read
|
||
|
1EB0EA00000
|
heap
|
page read and write
|
||
|
33AF8FF000
|
stack
|
page read and write
|
||
|
1C899D70000
|
trusted library allocation
|
page read and write
|
||
|
2473C3D0000
|
heap
|
page read and write
|
||
|
1C89A2FD000
|
heap
|
page read and write
|
||
|
2C9FCDC0000
|
heap
|
page read and write
|
||
|
21112C85000
|
heap
|
page read and write
|
||
|
2687B796000
|
heap
|
page read and write
|
||
|
2B487813000
|
heap
|
page read and write
|
||
|
2B24396E000
|
heap
|
page read and write
|
||
|
2B2430AA000
|
heap
|
page read and write
|
||
|
21112C29000
|
heap
|
page read and write
|
||
|
1C89A256000
|
heap
|
page read and write
|
||
|
1989391E000
|
heap
|
page read and write
|
||
|
1393000
|
heap
|
page read and write
|
||
|
1C8958E0000
|
trusted library allocation
|
page read and write
|
||
|
2B2439D0000
|
heap
|
page read and write
|
||
|
178ADE58000
|
heap
|
page read and write
|
||
|
697F97E000
|
stack
|
page read and write
|
||
|
2C9FD070000
|
heap
|
page read and write
|
||
|
25190DE1000
|
heap
|
page read and write
|
||
|
DFF77E000
|
stack
|
page read and write
|
||
|
1971AB50000
|
remote allocation
|
page read and write
|
||
|
26FE13B000
|
stack
|
page read and write
|
||
|
2B243993000
|
heap
|
page read and write
|
||
|
1E9846D0000
|
heap
|
page read and write
|
||
|
8F3E6FE000
|
stack
|
page read and write
|
||
|
2B24399B000
|
heap
|
page read and write
|
||
|
2B2439A4000
|
heap
|
page read and write
|
||
|
2460FCC7000
|
heap
|
page read and write
|
||
|
178ADC60000
|
heap
|
page read and write
|
||
|
F796ADB000
|
stack
|
page read and write
|
||
|
286F0660000
|
remote allocation
|
page read and write
|
||
|
2B243982000
|
heap
|
page read and write
|
||
|
296B8FE000
|
stack
|
page read and write
|
||
|
2B243E02000
|
heap
|
page read and write
|
||
|
198938D8000
|
heap
|
page read and write
|
||
|
F7977FF000
|
stack
|
page read and write
|
||
|
F7973FF000
|
stack
|
page read and write
|
||
|
2B4875B0000
|
heap
|
page read and write
|
||
|
1E993310000
|
heap
|
page read and write
|
||
|
2B24397C000
|
heap
|
page read and write
|
||
|
1EB0EB08000
|
heap
|
page read and write
|
||
|
178ADE60000
|
heap
|
page read and write
|
||
|
8914ADB000
|
stack
|
page read and write
|
||
|
630000
|
heap
|
page readonly
|
||
|
25190D13000
|
heap
|
page read and write
|
||
|
25E06FBB000
|
heap
|
page read and write
|
||
|
2687B650000
|
heap
|
page read and write
|
||
|
25191D02000
|
heap
|
page read and write
|
||
|
25191C43000
|
heap
|
page read and write
|
||
|
446D07E000
|
stack
|
page read and write
|
||
|
25190BC0000
|
trusted library allocation
|
page read and write
|
||
|
286F0482000
|
heap
|
page read and write
|
||
|
1C8951F3000
|
trusted library allocation
|
page read and write
|
||
|
25E07232000
|
heap
|
page read and write
|
||
|
255F2ECB000
|
heap
|
page read and write
|
||
|
2B243993000
|
heap
|
page read and write
|
||
|
286F0D8B000
|
heap
|
page read and write
|
||
|
2B2430E2000
|
heap
|
page read and write
|
||
|
2260000
|
heap
|
page read and write
|
||
|
2B487802000
|
heap
|
page read and write
|
||
|
1C89A2F7000
|
heap
|
page read and write
|
||
|
1396000
|
heap
|
page read and write
|
||
|
1381000
|
heap
|
page read and write
|
||
|
2DFB000
|
stack
|
page read and write
|
||
|
2473C4B7000
|
heap
|
page read and write
|
||
|
25191526000
|
heap
|
page read and write
|
||
|
2B24397E000
|
heap
|
page read and write
|
||
|
446C7FE000
|
stack
|
page read and write
|
||
|
2B24399D000
|
heap
|
page read and write
|
||
|
1EB0EA49000
|
heap
|
page read and write
|
||
|
286F0495000
|
heap
|
page read and write
|
||
|
25E07219000
|
heap
|
page read and write
|
||
|
178ADE13000
|
heap
|
page read and write
|
||
|
2B2430CB000
|
heap
|
page read and write
|
||
|
2B2437D0000
|
remote allocation
|
page read and write
|
||
|
2B243993000
|
heap
|
page read and write
|
||
|
C61D12E000
|
stack
|
page read and write
|
||
|
8F3E87B000
|
stack
|
page read and write
|
||
|
C61D47E000
|
stack
|
page read and write
|
||
|
8F3E77C000
|
stack
|
page read and write
|
||
|
8F3E7FF000
|
stack
|
page read and write
|
||
|
255F2ED0000
|
heap
|
page read and write
|
||
|
1C89A2AA000
|
heap
|
page read and write
|
||
|
286F0493000
|
heap
|
page read and write
|
||
|
2C9FD067000
|
heap
|
page read and write
|
||
|
F7975FE000
|
stack
|
page read and write
|
||
|
21112C52000
|
heap
|
page read and write
|
||
|
1C89A2E1000
|
heap
|
page read and write
|
||
|
F7970FD000
|
stack
|
page read and write
|
||
|
255F2ECB000
|
heap
|
page read and write
|
||
|
2C9FD602000
|
trusted library allocation
|
page read and write
|
||
|
2687B737000
|
heap
|
page read and write
|
||
|
286F0495000
|
heap
|
page read and write
|
||
|
25190C5B000
|
heap
|
page read and write
|
||
|
1C899FD0000
|
trusted library allocation
|
page read and write
|
||
|
2B243E00000
|
heap
|
page read and write
|
||
|
1E993270000
|
heap
|
page read and write
|
||
|
178ADE75000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1E993290000
|
heap
|
page read and write
|
||
|
25190D24000
|
heap
|
page read and write
|
||
|
2B2439AD000
|
heap
|
page read and write
|
||
|
2B243994000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
286F0469000
|
heap
|
page read and write
|
||
|
A49CBCC000
|
stack
|
page read and write
|
||
|
25190DB8000
|
heap
|
page read and write
|
||
|
1C895359000
|
heap
|
page read and write
|
||
|
2687B790000
|
heap
|
page read and write
|
||
|
2687B4F0000
|
heap
|
page read and write
|
||
|
A6A927A000
|
stack
|
page read and write
|
||
|
286F0690000
|
heap
|
page read and write
|
||
|
1E993EF0000
|
trusted library allocation
|
page read and write
|
||
|
178ADE7A000
|
heap
|
page read and write
|
||
|
2B2439BA000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
2B2439AD000
|
heap
|
page read and write
|
||
|
25191C1D000
|
heap
|
page read and write
|
||
|
1E9844C8000
|
heap
|
page read and write
|
||
|
7FFC66D82000
|
unkown
|
page readonly
|
||
|
25191500000
|
heap
|
page read and write
|
||
|
178ADE5C000
|
heap
|
page read and write
|
||
|
1C89A140000
|
trusted library allocation
|
page read and write
|
||
|
255F2EE2000
|
heap
|
page read and write
|
||
|
19893900000
|
heap
|
page read and write
|
||
|
286F0500000
|
heap
|
page read and write
|
||
|
88AEA7E000
|
stack
|
page read and write
|
||
|
2B2430EF000
|
heap
|
page read and write
|
||
|
2B487840000
|
heap
|
page read and write
|
||
|
178ADE61000
|
heap
|
page read and write
|
||
|
D39C7E000
|
stack
|
page read and write
|
||
|
25190C99000
|
heap
|
page read and write
|
||
|
296B97C000
|
stack
|
page read and write
|
||
|
A49D2FE000
|
stack
|
page read and write
|
||
|
2A0000
|
heap
|
page read and write
|
||
|
1E9931F0000
|
trusted library allocation
|
page read and write
|
||
|
178ADE00000
|
heap
|
page read and write
|
||
|
25E0A473000
|
heap
|
page read and write
|
||
|
3B0000
|
heap
|
page read and write
|
||
|
835C7FC000
|
stack
|
page read and write
|
||
|
1362000
|
heap
|
page read and write
|
||
|
2687B79F000
|
heap
|
page read and write
|
||
|
F60000
|
remote allocation
|
page read and write
|
||
|
19C95613000
|
heap
|
page read and write
|
||
|
2B2437D0000
|
remote allocation
|
page read and write
|
||
|
697FCF9000
|
stack
|
page read and write
|
||
|
19895290000
|
direct allocation
|
page execute and read and write
|
||
|
FC5000
|
heap
|
page read and write
|
||
|
1C895215000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
255F2E10000
|
heap
|
page read and write
|
||
|
1989391E000
|
heap
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
19893810000
|
heap
|
page read and write
|
||
|
2C9FD000000
|
heap
|
page read and write
|
||
|
2473C490000
|
heap
|
page read and write
|
||
|
A6A9478000
|
stack
|
page read and write
|
||
|
835C57F000
|
stack
|
page read and write
|
||
|
25191C00000
|
heap
|
page read and write
|
||
|
1EB0E7D0000
|
heap
|
page read and write
|
||
|
697FD7F000
|
stack
|
page read and write
|
||
|
1C894B16000
|
heap
|
page read and write
|
||
|
251915D6000
|
heap
|
page read and write
|
||
|
286F046F000
|
heap
|
page read and write
|
||
|
354000
|
stack
|
page read and write
|
||
|
296B7FE000
|
stack
|
page read and write
|
||
|
2B243975000
|
heap
|
page read and write
|
||
|
A6A937E000
|
stack
|
page read and write
|
||
|
286F0D78000
|
heap
|
page read and write
|
||
|
286F0695000
|
heap
|
page read and write
|
||
|
1C899F00000
|
trusted library allocation
|
page read and write
|
||
|
19C95649000
|
heap
|
page read and write
|
||
|
8F3E3AF000
|
stack
|
page read and write
|
||
|
286F0D7A000
|
heap
|
page read and write
|
||
|
F796EFB000
|
stack
|
page read and write
|
||
|
2B24397C000
|
heap
|
page read and write
|
||
|
21112D02000
|
heap
|
page read and write
|
||
|
1C894A92000
|
heap
|
page read and write
|
||
|
2B243999000
|
heap
|
page read and write
|
||
|
2B243983000
|
heap
|
page read and write
|
||
|
2460FCBE000
|
heap
|
page read and write
|
||
|
286F0469000
|
heap
|
page read and write
|
||
|
1EB0EA4F000
|
heap
|
page read and write
|
||
|
1C89A220000
|
heap
|
page read and write
|
||
|
2B243982000
|
heap
|
page read and write
|
||
|
25190CCE000
|
heap
|
page read and write
|
||
|
1EB0EA3C000
|
heap
|
page read and write
|
||
|
2B243997000
|
heap
|
page read and write
|
||
|
FF0000
|
direct allocation
|
page execute and read and write
|
||
|
25190C29000
|
heap
|
page read and write
|
||
|
DFF87E000
|
stack
|
page read and write
|
||
|
286F04AA000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
1E993E70000
|
trusted library allocation
|
page read and write
|
||
|
1C89A030000
|
trusted library allocation
|
page read and write
|
||
|
2B2439C1000
|
heap
|
page read and write
|
||
|
697FDF9000
|
stack
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1E993250000
|
heap
|
page read and write
|
||
|
1E9932C8000
|
heap
|
page read and write
|
||
|
1C894AFD000
|
heap
|
page read and write
|
||
|
2B243986000
|
heap
|
page read and write
|
||
|
25191402000
|
heap
|
page read and write
|
||
|
2B243000000
|
heap
|
page read and write
|
||
|
2B243116000
|
heap
|
page read and write
|
||
|
1C895202000
|
heap
|
page read and write
|
||
|
286F04DF000
|
heap
|
page read and write
|
||
|
7FFC66D30000
|
unkown
|
page readonly
|
||
|
2B243057000
|
heap
|
page read and write
|
||
|
1C8949A0000
|
trusted library allocation
|
page read and write
|
||
|
25190C73000
|
heap
|
page read and write
|
||
|
25190CC9000
|
heap
|
page read and write
|
||
|
1C899F21000
|
trusted library allocation
|
page read and write
|
||
|
2473C360000
|
heap
|
page read and write
|
||
|
1C894A8B000
|
heap
|
page read and write
|
||
|
2B2430AD000
|
heap
|
page read and write
|
||
|
2B243972000
|
heap
|
page read and write
|
||
|
2C9FCDD0000
|
heap
|
page read and write
|
||
|
B29F1CE000
|
stack
|
page read and write
|
||
|
1C89A060000
|
remote allocation
|
page read and write
|
||
|
25190C59000
|
heap
|
page read and write
|
||
|
24610402000
|
heap
|
page read and write
|
||
|
26FE6FE000
|
stack
|
page read and write
|
||
|
1C895318000
|
heap
|
page read and write
|
||
|
2687B950000
|
heap
|
page read and write
|
||
|
19C9568E000
|
heap
|
page read and write
|
||
|
25190C2F000
|
heap
|
page read and write
|
||
|
2C9FD040000
|
heap
|
page read and write
|
||
|
1C894A00000
|
heap
|
page read and write
|
||
|
7FFC66D30000
|
unkown
|
page readonly
|
||
|
2B243999000
|
heap
|
page read and write
|
||
|
1C899F20000
|
trusted library allocation
|
page read and write
|
||
|
263E000
|
stack
|
page read and write
|
||
|
2C9FD002000
|
heap
|
page read and write
|
||
|
EE1A47B000
|
stack
|
page read and write
|
||
|
19C95651000
|
heap
|
page read and write
|
||
|
1C894A76000
|
heap
|
page read and write
|
||
|
2B243E02000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
2B24305E000
|
heap
|
page read and write
|
||
|
F6DD47B000
|
stack
|
page read and write
|
||
|
19893C50000
|
heap
|
page read and write
|
||
|
2687B7A7000
|
heap
|
page read and write
|
||
|
8914B5E000
|
stack
|
page read and write
|
||
|
25E0722D000
|
heap
|
page read and write
|
||
|
19C95627000
|
heap
|
page read and write
|
||
|
2B243064000
|
heap
|
page read and write
|
||
|
1C894A8D000
|
heap
|
page read and write
|
||
|
A328B2C000
|
stack
|
page read and write
|
||
|
25190A60000
|
heap
|
page read and write
|
||
|
C61D0AA000
|
stack
|
page read and write
|
||
|
33AF6F7000
|
stack
|
page read and write
|
||
|
1971A502000
|
heap
|
page read and write
|
||
|
255F2ED0000
|
heap
|
page read and write
|
||
|
198953D0000
|
heap
|
page read and write
|
||
|
178ADE31000
|
heap
|
page read and write
|
||
|
25191536000
|
heap
|
page read and write
|
||
|
1EB0EB02000
|
heap
|
page read and write
|
||
|
1971A3C0000
|
heap
|
page read and write
|
||
|
25190AC0000
|
heap
|
page read and write
|
||
|
1C899F40000
|
trusted library allocation
|
page read and write
|
||
|
7FFC66D86000
|
unkown
|
page read and write
|
||
|
7FFC66D31000
|
unkown
|
page execute read
|
||
|
F796FFE000
|
stack
|
page read and write
|
||
|
255F2E70000
|
heap
|
page read and write
|
||
|
25E07100000
|
heap
|
page read and write
|
||
|
1EB0EA13000
|
heap
|
page read and write
|
||
|
EE1A27E000
|
stack
|
page read and write
|
||
|
835CAFF000
|
stack
|
page read and write
|
||
|
198953F4000
|
heap
|
page read and write
|
||
|
255F2EB1000
|
heap
|
page read and write
|
||
|
33AF37E000
|
stack
|
page read and write
|
||
|
2B487620000
|
heap
|
page read and write
|
||
|
19C953B0000
|
heap
|
page read and write
|
||
|
2687B955000
|
heap
|
page read and write
|
||
|
222E000
|
stack
|
page read and write
|
||
|
21112B60000
|
heap
|
page read and write
|
||
|
D3A1FF000
|
stack
|
page read and write
|
||
|
A328FFE000
|
stack
|
page read and write
|
||
|
255F2EB6000
|
heap
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
21112D00000
|
heap
|
page read and write
|
||
|
178ADE55000
|
heap
|
page read and write
|
||
|
1C899F00000
|
trusted library allocation
|
page read and write
|
||
|
1989390E000
|
heap
|
page read and write
|
||
|
2C60000
|
trusted library allocation
|
page read and write
|
||
|
F6DD67B000
|
stack
|
page read and write
|
||
|
2B487800000
|
heap
|
page read and write
|
||
|
286F0D8B000
|
heap
|
page read and write
|
||
|
25190C78000
|
heap
|
page read and write
|
||
|
286F04DF000
|
heap
|
page read and write
|
||
|
286F0408000
|
heap
|
page read and write
|
||
|
25191D1B000
|
heap
|
page read and write
|
||
|
21112D13000
|
heap
|
page read and write
|
||
|
33AF27B000
|
stack
|
page read and write
|
||
|
2B2430FC000
|
heap
|
page read and write
|
||
|
C61D4FB000
|
stack
|
page read and write
|
||
|
D39FF7000
|
stack
|
page read and write
|
||
|
19C95700000
|
heap
|
page read and write
|
||
|
A6A94FE000
|
stack
|
page read and write
|
||
|
25190C3E000
|
heap
|
page read and write
|
||
|
1C89A060000
|
remote allocation
|
page read and write
|
||
|
2B243986000
|
heap
|
page read and write
|
||
|
F60000
|
remote allocation
|
page read and write
|
||
|
2460FCCF000
|
heap
|
page read and write
|
||
|
2B24397C000
|
heap
|
page read and write
|
||
|
2B242FB0000
|
heap
|
page read and write
|
||
|
2C9FD076000
|
heap
|
page read and write
|
||
|
13C1000
|
heap
|
page read and write
|
||
|
7FFC66D86000
|
unkown
|
page read and write
|
||
|
2460FC00000
|
heap
|
page read and write
|
||
|
1971A360000
|
heap
|
page read and write
|
||
|
2B487828000
|
heap
|
page read and write
|
||
|
341F000
|
stack
|
page read and write
|
||
|
19C95713000
|
heap
|
page read and write
|
||
|
255F2EA0000
|
heap
|
page read and write
|
||
|
835C9FE000
|
stack
|
page read and write
|
||
|
1C89A160000
|
trusted library allocation
|
page read and write
|
||
|
1EB0EA50000
|
heap
|
page read and write
|
||
|
286F02C0000
|
heap
|
page read and write
|
||
|
1971A350000
|
heap
|
page read and write
|
||
|
2B24305B000
|
heap
|
page read and write
|
||
|
296BCFD000
|
stack
|
page read and write
|
||
|
1E179BD000
|
stack
|
page read and write
|
||
|
25190C8D000
|
heap
|
page read and write
|
||
|
286F04DD000
|
heap
|
page read and write
|
||
|
7FFC66D30000
|
unkown
|
page readonly
|
||
|
B29F9F8000
|
stack
|
page read and write
|
||
|
2460FC40000
|
heap
|
page read and write
|
||
|
F6DD57E000
|
stack
|
page read and write
|
||
|
DFF3EB000
|
stack
|
page read and write
|
||
|
2687B730000
|
heap
|
page read and write
|
||
|
1C895318000
|
heap
|
page read and write
|
||
|
A49D3FB000
|
stack
|
page read and write
|
||
|
2B487859000
|
heap
|
page read and write
|
||
|
24610280000
|
trusted library allocation
|
page read and write
|
||
|
1CF6CA90000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
33AF4FE000
|
stack
|
page read and write
|
||
|
2B24391D000
|
heap
|
page read and write
|
||
|
2B243986000
|
heap
|
page read and write
|
||
|
EE19F2C000
|
stack
|
page read and write
|
||
|
2B24397C000
|
heap
|
page read and write
|
||
|
2687B7C2000
|
heap
|
page read and write
|
||
|
25191C02000
|
heap
|
page read and write
|
||
|
19C95629000
|
heap
|
page read and write
|
||
|
21AE000
|
stack
|
page read and write
|
||
|
2B243950000
|
heap
|
page read and write
|
||
|
286F0443000
|
heap
|
page read and write
|
||
|
2B242FE0000
|
trusted library allocation
|
page read and write
|
||
|
B29FB7F000
|
unkown
|
page read and write
|
||
|
19C95702000
|
heap
|
page read and write
|
||
|
2B24305A000
|
heap
|
page read and write
|
||
|
25190CE4000
|
heap
|
page read and write
|
||
|
446C4F8000
|
stack
|
page read and write
|
||
|
1EB0EA4D000
|
heap
|
page read and write
|
||
|
1C899DF0000
|
trusted library allocation
|
page read and write
|
||
|
1C89A302000
|
heap
|
page read and write
|
||
|
1EB0EA4C000
|
heap
|
page read and write
|
||
|
F35000
|
stack
|
page read and write
|
||
|
1E993295000
|
heap
|
page read and write
|
||
|
13EB000
|
heap
|
page read and write
|
||
|
1C899F44000
|
trusted library allocation
|
page read and write
|
||
|
21112BC0000
|
heap
|
page read and write
|
||
|
178ADE57000
|
heap
|
page read and write
|
||
|
335E000
|
stack
|
page read and write
|
||
|
1C895304000
|
heap
|
page read and write
|
||
|
178ADE74000
|
heap
|
page read and write
|
||
|
2B243E02000
|
heap
|
page read and write
|
||
|
255F2EE6000
|
heap
|
page read and write
|
||
|
178ADE77000
|
heap
|
page read and write
|
||
|
1C895300000
|
heap
|
page read and write
|
||
|
A32907E000
|
stack
|
page read and write
|
||
|
835C07B000
|
stack
|
page read and write
|
||
|
19C95708000
|
heap
|
page read and write
|
||
|
2B243802000
|
heap
|
page read and write
|
||
|
2C9FD03D000
|
heap
|
page read and write
|
||
|
7FFC66D89000
|
unkown
|
page readonly
|
||
|
296BBFF000
|
stack
|
page read and write
|
||
|
1C894A79000
|
heap
|
page read and write
|
||
|
1C899FD0000
|
trusted library allocation
|
page read and write
|
||
|
1971AC02000
|
trusted library allocation
|
page read and write
|
||
|
2687B6C0000
|
direct allocation
|
page execute and read and write
|
||
|
B29F8FF000
|
stack
|
page read and write
|
||
|
A49D0F9000
|
stack
|
page read and write
|
||
|
25190C9F000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
1C8951F0000
|
trusted library allocation
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
25E07248000
|
heap
|
page read and write
|
||
|
EE1A67E000
|
stack
|
page read and write
|
||
|
21113402000
|
trusted library allocation
|
page read and write
|
||
|
1C895313000
|
heap
|
page read and write
|
||
|
178ADE6D000
|
heap
|
page read and write
|
||
|
2473C49E000
|
heap
|
page read and write
|
||
|
25190CD9000
|
heap
|
page read and write
|
||
|
88AE6B5000
|
stack
|
page read and write
|
||
|
1E994130000
|
trusted library allocation
|
page read and write
|
||
|
25190C43000
|
heap
|
page read and write
|
||
|
1E993EE0000
|
trusted library allocation
|
page read and write
|
||
|
1C899F0E000
|
trusted library allocation
|
page read and write
|
||
|
178ADE3C000
|
heap
|
page read and write
|
||
|
835C8FF000
|
stack
|
page read and write
|
||
|
26800030000
|
heap
|
page readonly
|
||
|
25190CB8000
|
heap
|
page read and write
|
||
|
1328000
|
heap
|
page read and write
|
||
|
178ADE41000
|
heap
|
page read and write
|
||
|
F7972FD000
|
stack
|
page read and write
|
||
|
25E0A470000
|
heap
|
page read and write
|
||
|
2B24397C000
|
heap
|
page read and write
|
||
|
255F2EE1000
|
heap
|
page read and write
|
||
|
7FFC66D31000
|
unkown
|
page execute read
|
||
|
2B2439BA000
|
heap
|
page read and write
|
||
|
2B2430B4000
|
heap
|
page read and write
|
||
|
25190CBC000
|
heap
|
page read and write
|
||
|
211F000
|
stack
|
page read and write
|
||
|
1971A400000
|
heap
|
page read and write
|
||
|
446C08C000
|
stack
|
page read and write
|
||
|
286F04A9000
|
heap
|
page read and write
|
||
|
13C1000
|
heap
|
page read and write
|
||
|
2B243E02000
|
heap
|
page read and write
|
||
|
26800130000
|
heap
|
page read and write
|
||
|
286F04FD000
|
heap
|
page read and write
|
||
|
25191D13000
|
heap
|
page read and write
|
||
|
178ADE56000
|
heap
|
page read and write
|
||
|
178AE602000
|
trusted library allocation
|
page read and write
|
||
|
255F2ED0000
|
heap
|
page read and write
|
||
|
178ADE3A000
|
heap
|
page read and write
|
||
|
296B67B000
|
stack
|
page read and write
|
||
|
2C9FD590000
|
trusted library allocation
|
page read and write
|
||
|
255F3070000
|
heap
|
page read and write
|
||
|
25191C0A000
|
heap
|
page read and write
|
||
|
255F3195000
|
heap
|
page read and write
|
||
|
21112C3C000
|
heap
|
page read and write
|
||
|
25190DFD000
|
heap
|
page read and write
|
||
|
286F04DD000
|
heap
|
page read and write
|
||
|
25E0721E000
|
heap
|
page read and write
|
||
|
25E07208000
|
heap
|
page read and write
|
||
|
286F0443000
|
heap
|
page read and write
|
||
|
2B24399D000
|
heap
|
page read and write
|
||
|
2B24397C000
|
heap
|
page read and write
|
||
|
1E993299000
|
heap
|
page read and write
|
||
|
835C27C000
|
stack
|
page read and write
|
||
|
A49D5FA000
|
stack
|
page read and write
|
||
|
2B243972000
|
heap
|
page read and write
|
||
|
25190CE1000
|
heap
|
page read and write
|
||
|
1E984410000
|
heap
|
page read and write
|
||
|
2460FD02000
|
heap
|
page read and write
|
||
|
2C9FCE30000
|
heap
|
page read and write
|
||
|
255F2EC2000
|
heap
|
page read and write
|
||
|
2B2439BE000
|
heap
|
page read and write
|
||
|
7FFC66D31000
|
unkown
|
page execute read
|
||
|
2BC0000
|
heap
|
page readonly
|
||
|
13EB000
|
heap
|
page read and write
|
||
|
1EB0EA70000
|
heap
|
page read and write
|
||
|
25190C52000
|
heap
|
page read and write
|
||
|
2B243993000
|
heap
|
page read and write
|
||
|
1C89A040000
|
trusted library allocation
|
page read and write
|
||
|
2473C785000
|
heap
|
page read and write
|
||
|
19C95600000
|
heap
|
page read and write
|
||
|
25E07219000
|
heap
|
page read and write
|
||
|
1E993310000
|
heap
|
page read and write
|
||
|
1989390E000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
7FFC66D86000
|
unkown
|
page read and write
|
||
|
1EB0EA29000
|
heap
|
page read and write
|
||
|
88AEAFF000
|
stack
|
page read and write
|
||
|
8914BDE000
|
stack
|
page read and write
|
||
|
1971A429000
|
heap
|
page read and write
|
||
|
2C9FD113000
|
heap
|
page read and write
|
||
|
1C89A240000
|
heap
|
page read and write
|
||
|
C61D6FF000
|
stack
|
page read and write
|
||
|
2B2439DA000
|
heap
|
page read and write
|
||
|
178ADE64000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
178ADE63000
|
heap
|
page read and write
|
||
|
178ADD60000
|
trusted library allocation
|
page read and write
|
||
|
1971A45C000
|
heap
|
page read and write
|
||
|
1C894B07000
|
heap
|
page read and write
|
||
|
1C894A58000
|
heap
|
page read and write
|
||
|
620000
|
direct allocation
|
page execute and read and write
|
||
|
1C89A304000
|
heap
|
page read and write
|
||
|
1E9846D5000
|
heap
|
page read and write
|
||
|
178ADE29000
|
heap
|
page read and write
|
||
|
446C8FB000
|
stack
|
page read and write
|
||
|
286F04DF000
|
heap
|
page read and write
|
||
|
286F049D000
|
heap
|
page read and write
|
||
|
C61D57C000
|
stack
|
page read and write
|
||
|
1CF6CC3D000
|
heap
|
page read and write
|
||
|
255F2ECB000
|
heap
|
page read and write
|
||
|
2B24399D000
|
heap
|
page read and write
|
||
|
1C894A6F000
|
heap
|
page read and write
|
||
|
A6A92FF000
|
stack
|
page read and write
|
||
|
1C894A74000
|
heap
|
page read and write
|
||
|
255F2ECB000
|
heap
|
page read and write
|
||
|
1C89A060000
|
remote allocation
|
page read and write
|
||
|
EE1A77D000
|
stack
|
page read and write
|
||
|
2687B796000
|
heap
|
page read and write
|
||
|
2B243082000
|
heap
|
page read and write
|
||
|
1C89A215000
|
heap
|
page read and write
|
||
|
2C9FD05B000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
835C1FF000
|
stack
|
page read and write
|
||
|
C61D67E000
|
stack
|
page read and write
|
||
|
8914E7E000
|
stack
|
page read and write
|
||
|
D39EFB000
|
stack
|
page read and write
|
||
|
1C894830000
|
heap
|
page read and write
|
||
|
26FE8FE000
|
stack
|
page read and write
|
||
|
25190C49000
|
heap
|
page read and write
|
||
|
1EB0F002000
|
trusted library allocation
|
page read and write
|
||
|
19C95682000
|
heap
|
page read and write
|
||
|
2B243066000
|
heap
|
page read and write
|
||
|
2687B630000
|
heap
|
page read and write
|
||
|
B29F57B000
|
stack
|
page read and write
|
||
|
286F0441000
|
heap
|
page read and write
|
||
|
21112C66000
|
heap
|
page read and write
|
||
|
24610500000
|
heap
|
page read and write
|
||
|
697F9FE000
|
stack
|
page read and write
|
||
|
A328F7B000
|
stack
|
page read and write
|
||
|
1E9842E0000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
178ADBF0000
|
heap
|
page read and write
|
||
|
1C89A22E000
|
heap
|
page read and write
|
||
|
25190CFC000
|
heap
|
page read and write
|
||
|
2B243971000
|
heap
|
page read and write
|
||
|
A49CE7F000
|
stack
|
page read and write
|
||
|
2B242F40000
|
heap
|
page read and write
|
||
|
1C895200000
|
heap
|
page read and write
|
||
|
1C899D60000
|
trusted library allocation
|
page read and write
|
||
|
A49D67F000
|
stack
|
page read and write
|
||
|
198953F0000
|
heap
|
page read and write
|
||
|
19893C75000
|
heap
|
page read and write
|
||
|
2460FAB0000
|
heap
|
page read and write
|
||
|
25E06FB0000
|
heap
|
page read and write
|
||
|
7FFC66D82000
|
unkown
|
page readonly
|
||
|
1C89A2A0000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
25E07223000
|
heap
|
page read and write
|
||
|
2B2439D2000
|
heap
|
page read and write
|
||
|
286F0453000
|
heap
|
page read and write
|
||
|
3430000
|
heap
|
page read and write
|
||
|
2B2439D0000
|
heap
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
2B2430C6000
|
heap
|
page read and write
|
||
|
1C894AAC000
|
heap
|
page read and write
|
||
|
19C953A0000
|
heap
|
page read and write
|
||
|
198938A0000
|
heap
|
page read and write
|
||
|
286F0520000
|
heap
|
page read and write
|
||
|
D39DFB000
|
stack
|
page read and write
|
||
|
1E993310000
|
heap
|
page read and write
|
||
|
255F3190000
|
heap
|
page read and write
|
||
|
25E0721E000
|
heap
|
page read and write
|
||
|
33AF2FE000
|
stack
|
page read and write
|
||
|
2687D2A0000
|
heap
|
page read and write
|
||
|
1C894A13000
|
heap
|
page read and write
|
||
|
2B487879000
|
heap
|
page read and write
|
||
|
9B5000
|
heap
|
page read and write
|
||
|
2473C49B000
|
heap
|
page read and write
|
||
|
178ADE7D000
|
heap
|
page read and write
|
||
|
19C9563C000
|
heap
|
page read and write
|
||
|
178ADE6B000
|
heap
|
page read and write
|
||
|
2B24305F000
|
heap
|
page read and write
|
||
|
1EB0EFA0000
|
trusted library allocation
|
page read and write
|
||
|
1C89A050000
|
trusted library allocation
|
page read and write
|
||
|
2B243997000
|
heap
|
page read and write
|
||
|
2B24399D000
|
heap
|
page read and write
|
||
|
19C95678000
|
heap
|
page read and write
|
||
|
1396000
|
heap
|
page read and write
|
||
|
178ADE5A000
|
heap
|
page read and write
|
||
|
1971A43D000
|
heap
|
page read and write
|
||
|
7FFC66D89000
|
unkown
|
page readonly
|
||
|
A6A957C000
|
stack
|
page read and write
|
||
|
446CD7A000
|
stack
|
page read and write
|
||
|
1C89A010000
|
trusted library allocation
|
page read and write
|
||
|
2B243915000
|
heap
|
page read and write
|
||
|
1C899FD0000
|
trusted library allocation
|
page read and write
|
||
|
2B243979000
|
heap
|
page read and write
|
||
|
178ADE62000
|
heap
|
page read and write
|
||
|
2C9FD029000
|
heap
|
page read and write
|
||
|
F6DD77E000
|
stack
|
page read and write
|
||
|
25190CB4000
|
heap
|
page read and write
|
||
|
25190C50000
|
heap
|
page read and write
|
||
|
A49CFFC000
|
stack
|
page read and write
|
||
|
2B243029000
|
heap
|
page read and write
|
||
|
1C894840000
|
heap
|
page read and write
|
||
|
21112C60000
|
heap
|
page read and write
|
||
|
2B24397C000
|
heap
|
page read and write
|
||
|
286F0447000
|
heap
|
page read and write
|
||
|
2B243067000
|
heap
|
page read and write
|
||
|
1971A425000
|
heap
|
page read and write
|
||
|
25E07222000
|
heap
|
page read and write
|
||
|
2B243993000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
1EB0EA4A000
|
heap
|
page read and write
|
||
|
1C89A24D000
|
heap
|
page read and write
|
||
|
1E9941B0000
|
trusted library allocation
|
page read and write
|
||
|
198938FB000
|
heap
|
page read and write
|
||
|
2B243069000
|
heap
|
page read and write
|
||
|
2B487902000
|
heap
|
page read and write
|
||
|
1C899DE0000
|
trusted library allocation
|
page read and write
|
||
|
2B4877F0000
|
trusted library allocation
|
page read and write
|
||
|
19893880000
|
heap
|
page read and write
|
||
|
C61D5FC000
|
stack
|
page read and write
|
||
|
2B2439D2000
|
heap
|
page read and write
|
||
|
1EB0EA52000
|
heap
|
page read and write
|
||
|
B29F7F7000
|
stack
|
page read and write
|
||
|
1C899FF0000
|
trusted library allocation
|
page read and write
|
||
|
178ADE4D000
|
heap
|
page read and write
|
||
|
21112D08000
|
heap
|
page read and write
|
||
|
2B2439DA000
|
heap
|
page read and write
|
||
|
B29FAF9000
|
stack
|
page read and write
|
||
|
835C67D000
|
stack
|
page read and write
|
||
|
19C95C02000
|
trusted library allocation
|
page read and write
|
||
|
B29F5FE000
|
stack
|
page read and write
|
||
|
2460FC89000
|
heap
|
page read and write
|
||
|
255F2ED0000
|
heap
|
page read and write
|
||
|
178ADE40000
|
heap
|
page read and write
|
||
|
1C894A9E000
|
heap
|
page read and write
|
||
|
1C894AA7000
|
heap
|
page read and write
|
||
|
7FFC66D82000
|
unkown
|
page readonly
|
||
|
255F2EB6000
|
heap
|
page read and write
|
||
|
2B243972000
|
heap
|
page read and write
|
||
|
26FE5FF000
|
stack
|
page read and write
|
||
|
1EB0EB13000
|
heap
|
page read and write
|
||
|
2687B6A0000
|
heap
|
page read and write
|
||
|
2C9FD067000
|
heap
|
page read and write
|
||
|
26FE47E000
|
stack
|
page read and write
|
||
|
1CF6CC30000
|
heap
|
page read and write
|
||
|
2C9FD102000
|
heap
|
page read and write
|
||
|
286F0453000
|
heap
|
page read and write
|
||
|
1E994150000
|
trusted library allocation
|
page read and write
|
||
|
25E06FA0000
|
heap
|
page read and write
|
||
|
2460FAC0000
|
heap
|
page read and write
|
||
|
EE19FAE000
|
stack
|
page read and write
|
||
|
1C899F08000
|
trusted library allocation
|
page read and write
|
||
|
2B243E02000
|
heap
|
page read and write
|
||
|
33AF7FF000
|
stack
|
page read and write
|
||
|
21112C13000
|
heap
|
page read and write
|
||
|
A49D4FF000
|
stack
|
page read and write
|
||
|
1362000
|
heap
|
page read and write
|
||
|
25E070E0000
|
heap
|
page read and write
|
||
|
2B243997000
|
heap
|
page read and write
|
||
|
25190C00000
|
heap
|
page read and write
|
||
|
88AE7BF000
|
stack
|
page read and write
|
||
|
F7976FF000
|
stack
|
page read and write
|
||
|
A49D1FF000
|
stack
|
page read and write
|
||
|
255F2EDA000
|
heap
|
page read and write
|
||
|
835C6FB000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
25E0A330000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
19C95670000
|
heap
|
page read and write
|
||
|
21112C5D000
|
heap
|
page read and write
|
||
|
88AE73E000
|
stack
|
page read and write
|
||
|
2C9FD078000
|
heap
|
page read and write
|
||
|
178ADE84000
|
heap
|
page read and write
|
||
|
D39CFE000
|
stack
|
page read and write
|
||
|
2B243013000
|
heap
|
page read and write
|
||
|
1E994160000
|
trusted library allocation
|
page read and write
|
||
|
1E9931E0000
|
heap
|
page read and write
|
||
|
251915F1000
|
heap
|
page read and write
|
||
|
1C899F24000
|
trusted library allocation
|
page read and write
|
||
|
2B243972000
|
heap
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
2460FC6E000
|
heap
|
page read and write
|
||
|
325D000
|
stack
|
page read and write
|
||
|
19C95410000
|
heap
|
page read and write
|
||
|
178ADE5F000
|
heap
|
page read and write
|
||
|
2D7F000
|
stack
|
page read and write
|
||
|
33A0000
|
remote allocation
|
page read and write
|
||
|
25E0721E000
|
heap
|
page read and write
|
||
|
2264000
|
heap
|
page read and write
|
||
|
1E9844C0000
|
heap
|
page read and write
|
||
|
2B242F50000
|
heap
|
page read and write
|
||
|
2E14000
|
heap
|
page read and write
|
||
|
25E07222000
|
heap
|
page read and write
|
||
|
7FFC66D89000
|
unkown
|
page readonly
|
||
|
178ADE7B000
|
heap
|
page read and write
|
||
|
2B243917000
|
heap
|
page read and write
|
||
|
2460FCE1000
|
heap
|
page read and write
|
||
|
33A0000
|
remote allocation
|
page read and write
|
||
|
2460FB20000
|
heap
|
page read and write
|
||
|
2B243993000
|
heap
|
page read and write
|
||
|
2B243900000
|
heap
|
page read and write
|
||
|
2687B78D000
|
heap
|
page read and write
|
||
|
2B243972000
|
heap
|
page read and write
|
||
|
2473C3F0000
|
heap
|
page read and write
|
||
|
1EB0E7E0000
|
heap
|
page read and write
|
||
|
1971A402000
|
heap
|
page read and write
|
||
|
21112B50000
|
heap
|
page read and write
|
||
|
2460FC29000
|
heap
|
page read and write
|
||
|
178ADE69000
|
heap
|
page read and write
|
||
|
1C89A2A2000
|
heap
|
page read and write
|
||
|
1EB0EA7C000
|
heap
|
page read and write
|
||
|
1EB0EA4B000
|
heap
|
page read and write
|
||
|
1C894AFD000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1E993312000
|
heap
|
page read and write
|
||
|
2B2437D0000
|
remote allocation
|
page read and write
|
||
|
D3A0FE000
|
stack
|
page read and write
|
||
|
2B2439B8000
|
heap
|
page read and write
|
||
|
1E994140000
|
heap
|
page readonly
|
||
|
25191C54000
|
heap
|
page read and write
|
||
|
2B2430EC000
|
heap
|
page read and write
|
||
|
2B243E02000
|
heap
|
page read and write
|
||
|
25190C67000
|
heap
|
page read and write
|
||
|
296BB7D000
|
stack
|
page read and write
|
||
|
25190A70000
|
heap
|
page read and write
|
||
|
2B4875C0000
|
heap
|
page read and write
|
||
|
26BB000
|
stack
|
page read and write
|
||
|
2B487900000
|
heap
|
page read and write
|
||
|
1C895302000
|
heap
|
page read and write
|
||
|
21112C00000
|
heap
|
page read and write
|
||
|
25E07190000
|
heap
|
page read and write
|
||
|
2687B77F000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
2B243993000
|
heap
|
page read and write
|
||
|
2B487E02000
|
trusted library allocation
|
page read and write
|
||
|
1C894A55000
|
heap
|
page read and write
|
||
|
26FE1BE000
|
stack
|
page read and write
|
||
|
1EB0EA8A000
|
heap
|
page read and write
|
||
|
1C89A2E6000
|
heap
|
page read and write
|
||
|
1971AB50000
|
remote allocation
|
page read and write
|
||
|
1971AB50000
|
remote allocation
|
page read and write
|
||
|
2B243108000
|
heap
|
page read and write
|
||
|
198952D0000
|
heap
|
page readonly
|
||
|
26FE7FF000
|
stack
|
page read and write
|
||
|
25191D00000
|
heap
|
page read and write
|
||
|
2E10000
|
heap
|
page read and write
|
||
|
25E07216000
|
heap
|
page read and write
|
||
|
2B243986000
|
heap
|
page read and write
|
||
|
446C6FA000
|
stack
|
page read and write
|
||
|
13EB000
|
heap
|
page read and write
|
||
|
1C8948A0000
|
heap
|
page read and write
|
||
|
2B24305C000
|
heap
|
page read and write
|
||
|
286F0493000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
1C894B02000
|
heap
|
page read and write
|
||
|
198938D0000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1381000
|
heap
|
page read and write
|
||
|
B29F6FB000
|
stack
|
page read and write
|
||
|
1E984430000
|
heap
|
page read and write
|
||
|
13B7000
|
heap
|
page read and write
|
||
|
1C89A2FF000
|
heap
|
page read and write
|
||
|
2B243961000
|
heap
|
page read and write
|
||
|
2B243971000
|
heap
|
page read and write
|
||
|
25E0A480000
|
trusted library allocation
|
page read and write
|
||
|
2B2439A8000
|
heap
|
page read and write
|
||
|
2687B7A0000
|
heap
|
page read and write
|
||
|
2B487913000
|
heap
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
33A0000
|
remote allocation
|
page read and write
|
||
|
1EB0E840000
|
heap
|
page read and write
|
||
|
25E07222000
|
heap
|
page read and write
|
||
|
25190C3B000
|
heap
|
page read and write
|
||
|
178ADE59000
|
heap
|
page read and write
|
||
|
1C89A263000
|
heap
|
page read and write
|
||
|
178ADE5E000
|
heap
|
page read and write
|
||
|
178ADF02000
|
heap
|
page read and write
|
||
|
2C9FD013000
|
heap
|
page read and write
|
||
|
286F0400000
|
heap
|
page read and write
|
||
|
1C89A060000
|
trusted library allocation
|
page read and write
|
||
|
13C1000
|
heap
|
page read and write
|
||
|
25190C13000
|
heap
|
page read and write
|
||
|
178ADC00000
|
heap
|
page read and write
|
||
|
2C9FD074000
|
heap
|
page read and write
|
||
|
25190BF0000
|
trusted library allocation
|
page read and write
|
||
|
1C894B02000
|
heap
|
page read and write
|
||
|
EE1A577000
|
stack
|
page read and write
|
||
|
1C894A3F000
|
heap
|
page read and write
|
||
|
2B243113000
|
heap
|
page read and write
|
||
|
286F0D7B000
|
heap
|
page read and write
|
||
|
8F3E325000
|
stack
|
page read and write
|
||
|
2C70000
|
heap
|
page read and write
|
||
|
19C9564E000
|
heap
|
page read and write
|
||
|
2090000
|
heap
|
page read and write
|
||
|
2B24303C000
|
heap
|
page read and write
|
||
|
1C89A2AC000
|
heap
|
page read and write
|
||
|
2687B791000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
2B243999000
|
heap
|
page read and write
|
||
|
2B243E02000
|
heap
|
page read and write
|
||
|
2B243999000
|
heap
|
page read and write
|
||
|
2687D2A4000
|
heap
|
page read and write
|
||
|
2460FCC0000
|
heap
|
page read and write
|
||
|
1C894A29000
|
heap
|
page read and write
|
||
|
1EB0EA8C000
|
heap
|
page read and write
|
||
|
2B243997000
|
heap
|
page read and write
|
||
|
1EB0EB00000
|
heap
|
page read and write
|
||
|
7FFC66D86000
|
unkown
|
page read and write
|
There are 885 hidden memdumps, click here to show them.