Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
TSvDnT6fkE.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
||
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
MPEG-4 LOAS
|
dropped
|
||
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x88899bbb, page size 16384, Windows version 10.0
|
dropped
|
||
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_TSv_52bb2ff8749739655ef8ce7a55875e6631c6f4c1_cf813574_19b6376d\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1D3E.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sat May 14 11:43:37 2022, 0x1205a4 type
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER20BA.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2280.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
|
Little-endian UTF-16 Unicode text, with CRLF, CR line terminators
|
modified
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\TSvDnT6fkE.dll
|
||
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\TSvDnT6fkE.dll",#1
|
||
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\TSvDnT6fkE.dll,DllRegisterServer
|
||
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\TSvDnT6fkE.dll,DllUnregisterServer
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\ErRMcfUGTVTj\myfGzaHssmULBwf.dll"
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
||
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
|
||
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k NetworkService -p
|
||
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\TSvDnT6fkE.dll"
|
||
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\TSvDnT6fkE.dll",#1
|
||
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 6416 -s 316
|
||
C:\Windows\System32\SgrmBroker.exe
|
C:\Windows\system32\SgrmBroker.exe
|
||
C:\Program Files\Windows Defender\MpCmdRun.exe
|
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 11 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://23.239.0.12/ionT
|
unknown
|
||
https://23.239.0.12/$
|
unknown
|
||
https://23.239.0.12/
|
23.239.0.12
|
||
https://dev.ditu.live.com/REST/v1/Routes/
|
unknown
|
||
https://dev.virtualearth.net/REST/v1/Routes/Driving
|
unknown
|
||
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
|
unknown
|
||
https://dev.ditu.live.com/REST/v1/Traffic/Incidents/
|
unknown
|
||
https://t0.tiles.ditu.live.com/tiles/gen
|
unknown
|
||
https://dev.virtualearth.net/REST/v1/Routes/Walking
|
unknown
|
||
https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=
|
unknown
|
||
https://dev.ditu.live.com/mapcontrol/logging.ashx
|
unknown
|
||
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
|
unknown
|
||
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
|
unknown
|
||
https://dev.virtualearth.net/REST/v1/Transit/Schedules/
|
unknown
|
||
https://www.hotspotshield.com/terms/
|
unknown
|
||
https://www.pango.co/privacy
|
unknown
|
||
http://www.bingmapsportal.com
|
unknown
|
||
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
|
unknown
|
||
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=
|
unknown
|
||
https://dev.ditu.live.com/REST/v1/Transit/Stops/
|
unknown
|
||
https://dev.virtualearth.net/REST/v1/Routes/
|
unknown
|
||
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
|
unknown
|
||
http://crl.ver)
|
unknown
|
||
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
|
unknown
|
||
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
https://activity.windows.comr
|
unknown
|
||
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
|
unknown
|
||
https://%s.xboxlive.com
|
unknown
|
||
https://dev.ditu.live.com/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
https://dev.virtualearth.net/REST/v1/Locations
|
unknown
|
||
https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
https://dev.virtualearth.net/mapcontrol/logging.ashx
|
unknown
|
||
https://support.hotspotshield.com/
|
unknown
|
||
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
|
unknown
|
||
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
https://dev.virtualearth.net/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
https://dynamic.t
|
unknown
|
||
https://dev.virtualearth.net/REST/v1/Routes/Transit
|
unknown
|
||
http://schemas.xmlso
|
unknown
|
||
https://disneyplus.com/legal.
|
unknown
|
||
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
|
unknown
|
||
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
|
unknown
|
||
https://activity.windows.com
|
unknown
|
||
https://dev.ditu.live.com/REST/v1/Locations
|
unknown
|
||
http://help.disneyplus.com.
|
unknown
|
||
https://%s.dnet.xboxlive.com
|
unknown
|
||
https://dev.ditu.live.com/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
|
unknown
|
There are 40 hidden URLs, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
23.239.0.12
|
unknown
|
United States
|
||
127.0.0.1
|
unknown
|
unknown
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
||
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProgramId
|
||
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
FileId
|
||
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LowerCaseLongPath
|
||
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LongPathHash
|
||
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Name
|
||
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Publisher
|
||
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Version
|
||
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinFileVersion
|
||
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinaryType
|
||
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductName
|
||
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductVersion
|
||
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LinkDate
|
||
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinProductVersion
|
||
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Size
|
||
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Language
|
||
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsPeFile
|
||
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsOsComponent
|
||
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug
|
ExceptionRecord
|
||
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
0018800453F4626F
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Usage
|
MonthID
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
There are 24 hidden registries, click here to show them.
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
2560000
|
direct allocation
|
page execute and read and write
|
||
180001000
|
direct allocation
|
page execute read
|
||
180001000
|
direct allocation
|
page execute read
|
||
164C9870000
|
direct allocation
|
page execute and read and write
|
||
164C9870000
|
direct allocation
|
page execute and read and write
|
||
180001000
|
direct allocation
|
page execute read
|
||
180001000
|
direct allocation
|
page execute read
|
||
1E20000
|
direct allocation
|
page execute and read and write
|
||
180001000
|
direct allocation
|
page execute read
|
||
180001000
|
direct allocation
|
page execute read
|
||
164C9870000
|
direct allocation
|
page execute and read and write
|
||
2451D890000
|
direct allocation
|
page execute and read and write
|
||
18475EF0000
|
direct allocation
|
page execute and read and write
|
||
180001000
|
direct allocation
|
page execute read
|
||
256D7F81000
|
heap
|
page read and write
|
||
20EAE25E000
|
heap
|
page read and write
|
||
1CF09102000
|
heap
|
page read and write
|
||
1A814486000
|
heap
|
page read and write
|
||
1A814B00000
|
heap
|
page read and write
|
||
2DDE000
|
stack
|
page read and write
|
||
266E7F02000
|
heap
|
page read and write
|
||
164C7E70000
|
heap
|
page read and write
|
||
256D7F7F000
|
heap
|
page read and write
|
||
256D7F8A000
|
heap
|
page read and write
|
||
7FFC671C1000
|
unkown
|
page execute read
|
||
7FFC67219000
|
unkown
|
page readonly
|
||
266E7E13000
|
heap
|
page read and write
|
||
32C2CAB000
|
stack
|
page read and write
|
||
20423890000
|
heap
|
page read and write
|
||
256D7F9C000
|
heap
|
page read and write
|
||
BD2077F000
|
stack
|
page read and write
|
||
3AC947A000
|
stack
|
page read and write
|
||
266E7B90000
|
heap
|
page read and write
|
||
1CB4A61A000
|
heap
|
page read and write
|
||
32C367D000
|
stack
|
page read and write
|
||
1EFBFA3C000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
18002D000
|
direct allocation
|
page readonly
|
||
1CF08FB0000
|
trusted library allocation
|
page read and write
|
||
1D5C3A13000
|
heap
|
page read and write
|
||
256D7F72000
|
heap
|
page read and write
|
||
A5410FB000
|
stack
|
page read and write
|
||
10E485B0000
|
remote allocation
|
page read and write
|
||
1D5C3800000
|
heap
|
page read and write
|
||
216E6BF0000
|
heap
|
page read and write
|
||
BD9EF79000
|
stack
|
page read and write
|
||
1CB4A580000
|
heap
|
page read and write
|
||
1CF04102000
|
heap
|
page read and write
|
||
1A814413000
|
heap
|
page read and write
|
||
1CF09100000
|
heap
|
page read and write
|
||
256D7F7F000
|
heap
|
page read and write
|
||
1CF04113000
|
heap
|
page read and write
|
||
256D8402000
|
heap
|
page read and write
|
||
164C7DD0000
|
unkown
|
page read and write
|
||
BD9EBF7000
|
stack
|
page read and write
|
||
1D5C3A62000
|
heap
|
page read and write
|
||
20423B02000
|
heap
|
page read and write
|
||
580000
|
heap
|
page read and write
|
||
164C9990000
|
heap
|
page read and write
|
||
18475D10000
|
heap
|
page read and write
|
||
1CB4A61F000
|
heap
|
page read and write
|
||
32C327F000
|
stack
|
page read and write
|
||
1CB4A611000
|
heap
|
page read and write
|
||
239133F0000
|
heap
|
page read and write
|
||
32C3A7E000
|
stack
|
page read and write
|
||
256D7FD0000
|
heap
|
page read and write
|
||
7FFC671C0000
|
unkown
|
page readonly
|
||
20423B00000
|
heap
|
page read and write
|
||
256D7600000
|
heap
|
page read and write
|
||
1EFBFA4F000
|
heap
|
page read and write
|
||
1CF08F90000
|
trusted library allocation
|
page read and write
|
||
256D7713000
|
heap
|
page read and write
|
||
1CF08E90000
|
trusted library allocation
|
page read and write
|
||
239136E3000
|
heap
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
2451BFB8000
|
heap
|
page read and write
|
||
256D7F79000
|
heap
|
page read and write
|
||
2451DC10000
|
heap
|
page read and write
|
||
1CB4A611000
|
heap
|
page read and write
|
||
CCB000
|
heap
|
page read and write
|
||
256D7F79000
|
heap
|
page read and write
|
||
7FFC67216000
|
unkown
|
page read and write
|
||
E8D14FB000
|
stack
|
page read and write
|
||
1D5C3A91000
|
heap
|
page read and write
|
||
7FFC671C0000
|
unkown
|
page readonly
|
||
830000
|
heap
|
page read and write
|
||
1CF04015000
|
heap
|
page read and write
|
||
256D7FD0000
|
heap
|
page read and write
|
||
256D7F86000
|
heap
|
page read and write
|
||
256D7F86000
|
heap
|
page read and write
|
||
1D34FE02000
|
trusted library allocation
|
page read and write
|
||
20EAE302000
|
heap
|
page read and write
|
||
23914400000
|
heap
|
page read and write
|
||
1CB4A5F6000
|
heap
|
page read and write
|
||
1D34F677000
|
heap
|
page read and write
|
||
A540CAC000
|
stack
|
page read and write
|
||
1E4BABB000
|
stack
|
page read and write
|
||
10E48613000
|
heap
|
page read and write
|
||
D00167F000
|
stack
|
page read and write
|
||
209EFFE000
|
stack
|
page read and write
|
||
23913680000
|
heap
|
page read and write
|
||
2451DA24000
|
heap
|
page read and write
|
||
2C5D000
|
stack
|
page read and write
|
||
1CB4A607000
|
heap
|
page read and write
|
||
22EB2CF0000
|
heap
|
page read and write
|
||
164C7E70000
|
heap
|
page read and write
|
||
23913656000
|
heap
|
page read and write
|
||
2391451B000
|
heap
|
page read and write
|
||
20EAE258000
|
heap
|
page read and write
|
||
256D7F9B000
|
heap
|
page read and write
|
||
CA2000
|
heap
|
page read and write
|
||
256D7E02000
|
heap
|
page read and write
|
||
256D7F70000
|
heap
|
page read and write
|
||
18475FBB000
|
heap
|
page read and write
|
||
164C9AB0000
|
heap
|
page read and write
|
||
239137E1000
|
heap
|
page read and write
|
||
56087C000
|
stack
|
page read and write
|
||
D0015FE000
|
stack
|
page read and write
|
||
1CB4A607000
|
heap
|
page read and write
|
||
256D7F81000
|
heap
|
page read and write
|
||
256D7F94000
|
heap
|
page read and write
|
||
256D7689000
|
heap
|
page read and write
|
||
1A3E0A60000
|
heap
|
page read and write
|
||
23913600000
|
heap
|
page read and write
|
||
1CB4A631000
|
heap
|
page read and write
|
||
256D7F89000
|
heap
|
page read and write
|
||
BD202AA000
|
stack
|
page read and write
|
||
2136D81D000
|
heap
|
page read and write
|
||
256D8402000
|
heap
|
page read and write
|
||
1CB4A62B000
|
heap
|
page read and write
|
||
256D7F9E000
|
heap
|
page read and write
|
||
573AB7E000
|
stack
|
page read and write
|
||
1CF03925000
|
heap
|
page read and write
|
||
2391365B000
|
heap
|
page read and write
|
||
1CF08E80000
|
trusted library allocation
|
page read and write
|
||
239136AB000
|
heap
|
page read and write
|
||
2C4547F000
|
stack
|
page read and write
|
||
266E7DD0000
|
trusted library allocation
|
page read and write
|
||
256D7CE0000
|
remote allocation
|
page read and write
|
||
1CF08E90000
|
trusted library allocation
|
page read and write
|
||
513CAFE000
|
stack
|
page read and write
|
||
23914513000
|
heap
|
page read and write
|
||
20EAE259000
|
heap
|
page read and write
|
||
209E72E000
|
stack
|
page read and write
|
||
1CB4A825000
|
heap
|
page read and write
|
||
256D7FBA000
|
heap
|
page read and write
|
||
25CDABAE000
|
heap
|
page read and write
|
||
18002F000
|
direct allocation
|
page readonly
|
||
256D7F75000
|
heap
|
page read and write
|
||
256D7F9C000
|
heap
|
page read and write
|
||
2E395C000
|
stack
|
page read and write
|
||
25CDABAC000
|
heap
|
page read and write
|
||
4D0000
|
heap
|
page read and write
|
||
256D7F86000
|
heap
|
page read and write
|
||
25CDAC50000
|
remote allocation
|
page read and write
|
||
1A81443C000
|
heap
|
page read and write
|
||
25CDAB28000
|
heap
|
page read and write
|
||
7FFC67212000
|
unkown
|
page readonly
|
||
256D8422000
|
heap
|
page read and write
|
||
204239F0000
|
trusted library allocation
|
page read and write
|
||
23913D13000
|
heap
|
page read and write
|
||
256D7F7E000
|
heap
|
page read and write
|
||
20EAE000000
|
heap
|
page read and write
|
||
64947A6000
|
stack
|
page read and write
|
||
1E50000
|
heap
|
page readonly
|
||
164C80C0000
|
heap
|
page read and write
|
||
2136E290000
|
trusted library allocation
|
page read and write
|
||
910000
|
remote allocation
|
page read and write
|
||
1CF08F20000
|
trusted library allocation
|
page read and write
|
||
7FFC67216000
|
unkown
|
page read and write
|
||
20EAE26A000
|
heap
|
page read and write
|
||
1CB4A628000
|
heap
|
page read and write
|
||
23913613000
|
heap
|
page read and write
|
||
256D7663000
|
heap
|
page read and write
|
||
164C80A0000
|
direct allocation
|
page execute and read and write
|
||
20423A02000
|
heap
|
page read and write
|
||
560305000
|
stack
|
page read and write
|
||
164C80B0000
|
heap
|
page readonly
|
||
3AC917A000
|
stack
|
page read and write
|
||
1E4C37D000
|
stack
|
page read and write
|
||
216E6AD0000
|
heap
|
page read and write
|
||
239136CD000
|
heap
|
page read and write
|
||
7FFC67212000
|
unkown
|
page readonly
|
||
CE5000
|
heap
|
page read and write
|
||
23913684000
|
heap
|
page read and write
|
||
256D7F89000
|
heap
|
page read and write
|
||
1EFBFA29000
|
heap
|
page read and write
|
||
1CF08E94000
|
trusted library allocation
|
page read and write
|
||
2136D770000
|
trusted library allocation
|
page read and write
|
||
1CF08F70000
|
trusted library allocation
|
page read and write
|
||
1CF092C0000
|
trusted library allocation
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
1E4BF7E000
|
stack
|
page read and write
|
||
1EFBFA02000
|
heap
|
page read and write
|
||
1CF04118000
|
heap
|
page read and write
|
||
1CF03829000
|
heap
|
page read and write
|
||
256D7668000
|
heap
|
page read and write
|
||
256D7667000
|
heap
|
page read and write
|
||
23913662000
|
heap
|
page read and write
|
||
CF8F9DE000
|
stack
|
page read and write
|
||
164C9994000
|
heap
|
page read and write
|
||
18002F000
|
direct allocation
|
page readonly
|
||
256D7629000
|
heap
|
page read and write
|
||
256D7F71000
|
heap
|
page read and write
|
||
239136B1000
|
heap
|
page read and write
|
||
32C397F000
|
stack
|
page read and write
|
||
E8D0FFB000
|
stack
|
page read and write
|
||
4F0000
|
heap
|
page read and write
|
||
5607FE000
|
stack
|
page read and write
|
||
1EFBF910000
|
heap
|
page read and write
|
||
1CB4A61A000
|
heap
|
page read and write
|
||
256D7F86000
|
heap
|
page read and write
|
||
1CB4A5E6000
|
heap
|
page read and write
|
||
1FEF000
|
stack
|
page read and write
|
||
256D7F80000
|
heap
|
page read and write
|
||
1CF090FC000
|
heap
|
page read and write
|
||
256D7FAB000
|
heap
|
page read and write
|
||
1CB4A500000
|
heap
|
page read and write
|
||
1EA4000
|
heap
|
page read and write
|
||
256D76DB000
|
heap
|
page read and write
|
||
18475F20000
|
heap
|
page readonly
|
||
20EAE242000
|
heap
|
page read and write
|
||
256D7F9E000
|
heap
|
page read and write
|
||
1CF08E5E000
|
trusted library allocation
|
page read and write
|
||
BD2067F000
|
stack
|
page read and write
|
||
2136E280000
|
trusted library allocation
|
page read and write
|
||
164C8040000
|
heap
|
page read and write
|
||
2136D784000
|
trusted library allocation
|
page read and write
|
||
266E7E3C000
|
heap
|
page read and write
|
||
7FFC671C1000
|
unkown
|
page execute read
|
||
18002F000
|
direct allocation
|
page readonly
|
||
256D7FDF000
|
heap
|
page read and write
|
||
256D7660000
|
heap
|
page read and write
|
||
2C4517D000
|
stack
|
page read and write
|
||
1A8144E3000
|
heap
|
page read and write
|
||
7FFC671C0000
|
unkown
|
page readonly
|
||
1D34F671000
|
heap
|
page read and write
|
||
6494AFF000
|
stack
|
page read and write
|
||
CF900FF000
|
stack
|
page read and write
|
||
256D7FB0000
|
heap
|
page read and write
|
||
10E48600000
|
heap
|
page read and write
|
||
2E40FF000
|
stack
|
page read and write
|
||
110000
|
heap
|
page read and write
|
||
D0013FE000
|
stack
|
page read and write
|
||
D56000
|
heap
|
page read and write
|
||
164C7E78000
|
heap
|
page read and write
|
||
256D7F81000
|
heap
|
page read and write
|
||
1CF03FE0000
|
trusted library allocation
|
page read and write
|
||
209EAFC000
|
stack
|
page read and write
|
||
7FFC671C0000
|
unkown
|
page readonly
|
||
256D7FAD000
|
heap
|
page read and write
|
||
1EFBFA55000
|
heap
|
page read and write
|
||
10E48658000
|
heap
|
page read and write
|
||
20EAE213000
|
heap
|
page read and write
|
||
256D7666000
|
heap
|
page read and write
|
||
256D7450000
|
heap
|
page read and write
|
||
256D7F9A000
|
heap
|
page read and write
|
||
7FFC67219000
|
unkown
|
page readonly
|
||
23914500000
|
heap
|
page read and write
|
||
1A3E0A40000
|
heap
|
page read and write
|
||
256D7CE0000
|
remote allocation
|
page read and write
|
||
22EB2E10000
|
heap
|
page read and write
|
||
256D76B3000
|
heap
|
page read and write
|
||
18475FAC000
|
heap
|
page read and write
|
||
256D7613000
|
heap
|
page read and write
|
||
20423A66000
|
heap
|
page read and write
|
||
7FFC671C1000
|
unkown
|
page execute read
|
||
1CB4A611000
|
heap
|
page read and write
|
||
256D7F8E000
|
heap
|
page read and write
|
||
256D7665000
|
heap
|
page read and write
|
||
1CF0388F000
|
heap
|
page read and write
|
||
1CF092A0000
|
trusted library allocation
|
page read and write
|
||
256D7F9C000
|
heap
|
page read and write
|
||
2136D81E000
|
heap
|
page read and write
|
||
164C7DD0000
|
heap
|
page read and write
|
||
1D34F500000
|
heap
|
page read and write
|
||
216E69A0000
|
heap
|
page read and write
|
||
1CF09089000
|
heap
|
page read and write
|
||
1CF09104000
|
heap
|
page read and write
|
||
164C80A0000
|
direct allocation
|
page execute and read and write
|
||
1CB4A611000
|
heap
|
page read and write
|
||
164C7E40000
|
heap
|
page read and write
|
||
2451BF60000
|
heap
|
page read and write
|
||
1CF03813000
|
heap
|
page read and write
|
||
2700000
|
remote allocation
|
page read and write
|
||
EF1A6FE000
|
stack
|
page read and write
|
||
1CF03857000
|
heap
|
page read and write
|
||
164C80C5000
|
heap
|
page read and write
|
||
18475EE0000
|
direct allocation
|
page execute and read and write
|
||
24AF000
|
stack
|
page read and write
|
||
2451C001000
|
heap
|
page read and write
|
||
18475F67000
|
heap
|
page read and write
|
||
256D7716000
|
heap
|
page read and write
|
||
256D7F4E000
|
heap
|
page read and write
|
||
2136E500000
|
trusted library allocation
|
page read and write
|
||
7FFC671C1000
|
unkown
|
page execute read
|
||
31D63DD000
|
stack
|
page read and write
|
||
1EFBF920000
|
heap
|
page read and write
|
||
A5412FA000
|
stack
|
page read and write
|
||
18476250000
|
heap
|
page read and write
|
||
20423B13000
|
heap
|
page read and write
|
||
2136D7D0000
|
heap
|
page read and write
|
||
20EAE296000
|
heap
|
page read and write
|
||
164C7E40000
|
heap
|
page read and write
|
||
256D7F80000
|
heap
|
page read and write
|
||
239136D1000
|
heap
|
page read and write
|
||
256D7708000
|
heap
|
page read and write
|
||
164C80C0000
|
heap
|
page read and write
|
||
1D5C4002000
|
trusted library allocation
|
page read and write
|
||
25CDABAC000
|
heap
|
page read and write
|
||
7FFC67216000
|
unkown
|
page read and write
|
||
D00157C000
|
stack
|
page read and write
|
||
256D75C0000
|
trusted library allocation
|
page read and write
|
||
1D34F624000
|
heap
|
page read and write
|
||
1CF0388B000
|
heap
|
page read and write
|
||
256D7F81000
|
heap
|
page read and write
|
||
164C8080000
|
heap
|
page read and write
|
||
256D7F89000
|
heap
|
page read and write
|
||
1CF0383D000
|
heap
|
page read and write
|
||
1D5C3A29000
|
heap
|
page read and write
|
||
1A8143E0000
|
trusted library allocation
|
page read and write
|
||
256D7F7F000
|
heap
|
page read and write
|
||
EF1A4F7000
|
stack
|
page read and write
|
||
25CDAB2E000
|
heap
|
page read and write
|
||
256D7F6C000
|
heap
|
page read and write
|
||
266E7E53000
|
heap
|
page read and write
|
||
256D7F89000
|
heap
|
page read and write
|
||
20EAEA02000
|
trusted library allocation
|
page read and write
|
||
10E48624000
|
heap
|
page read and write
|
||
2C44BFB000
|
stack
|
page read and write
|
||
256D7F89000
|
heap
|
page read and write
|
||
1CB4A601000
|
heap
|
page read and write
|
||
C68000
|
heap
|
page read and write
|
||
266E7E02000
|
heap
|
page read and write
|
||
2136E4E0000
|
heap
|
page readonly
|
||
20423A28000
|
heap
|
page read and write
|
||
1CB4A628000
|
heap
|
page read and write
|
||
1CB4A61F000
|
heap
|
page read and write
|
||
20EAE257000
|
heap
|
page read and write
|
||
1CF04002000
|
heap
|
page read and write
|
||
7FFC67216000
|
unkown
|
page read and write
|
||
2E407D000
|
stack
|
page read and write
|
||
D60000
|
direct allocation
|
page execute and read and write
|
||
256D7F13000
|
heap
|
page read and write
|
||
1E4C077000
|
stack
|
page read and write
|
||
1D34F613000
|
heap
|
page read and write
|
||
1CF03FF0000
|
trusted library allocation
|
page read and write
|
||
256D8403000
|
heap
|
page read and write
|
||
2700000
|
remote allocation
|
page read and write
|
||
25CDABAD000
|
heap
|
page read and write
|
||
256D76D7000
|
heap
|
page read and write
|
||
256D7F81000
|
heap
|
page read and write
|
||
2E60000
|
heap
|
page read and write
|
||
256D76DB000
|
heap
|
page read and write
|
||
7FFC67216000
|
unkown
|
page read and write
|
||
20EAE246000
|
heap
|
page read and write
|
||
2136D78A000
|
trusted library allocation
|
page read and write
|
||
2136D590000
|
heap
|
page read and write
|
||
CF8FEFE000
|
stack
|
page read and write
|
||
1D5C3B02000
|
heap
|
page read and write
|
||
2136D81D000
|
heap
|
page read and write
|
||
20EAE256000
|
heap
|
page read and write
|
||
216E6C27000
|
heap
|
page read and write
|
||
2C4527F000
|
stack
|
page read and write
|
||
209EBFB000
|
stack
|
page read and write
|
||
256D765E000
|
heap
|
page read and write
|
||
256D7F86000
|
heap
|
page read and write
|
||
256D8400000
|
heap
|
page read and write
|
||
1D5C3A68000
|
heap
|
page read and write
|
||
209E6AC000
|
stack
|
page read and write
|
||
1CF03894000
|
heap
|
page read and write
|
||
256D7F86000
|
heap
|
page read and write
|
||
25CDAC95000
|
heap
|
page read and write
|
||
256D7F73000
|
heap
|
page read and write
|
||
1A8144E8000
|
heap
|
page read and write
|
||
20EAE262000
|
heap
|
page read and write
|
||
513CB7E000
|
stack
|
page read and write
|
||
25CDABAC000
|
heap
|
page read and write
|
||
239137FF000
|
heap
|
page read and write
|
||
1CF090F4000
|
heap
|
page read and write
|
||
2136D780000
|
trusted library allocation
|
page read and write
|
||
23913688000
|
heap
|
page read and write
|
||
CE5000
|
heap
|
page read and write
|
||
2391440A000
|
heap
|
page read and write
|
||
8E5000
|
stack
|
page read and write
|
||
20EAE200000
|
heap
|
page read and write
|
||
25CDAB48000
|
heap
|
page read and write
|
||
F40C4FF000
|
stack
|
page read and write
|
||
1D5C3790000
|
heap
|
page read and write
|
||
6494B7F000
|
stack
|
page read and write
|
||
5E5000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
BD9E57B000
|
stack
|
page read and write
|
||
256D7658000
|
heap
|
page read and write
|
||
1CF038FD000
|
heap
|
page read and write
|
||
256D765D000
|
heap
|
page read and write
|
||
266E7E8A000
|
heap
|
page read and write
|
||
1D5C3A7B000
|
heap
|
page read and write
|
||
25CDA980000
|
heap
|
page read and write
|
||
2136E550000
|
trusted library allocation
|
page read and write
|
||
256D7F7D000
|
heap
|
page read and write
|
||
20EAE23D000
|
heap
|
page read and write
|
||
1CF0902D000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
20EAE263000
|
heap
|
page read and write
|
||
575000
|
heap
|
page read and write
|
||
25CDAC90000
|
heap
|
page read and write
|
||
256D7680000
|
heap
|
page read and write
|
||
256D765B000
|
heap
|
page read and write
|
||
26A0000
|
trusted library allocation
|
page read and write
|
||
2136E4D0000
|
trusted library allocation
|
page read and write
|
||
256D7F9C000
|
heap
|
page read and write
|
||
256D7FA4000
|
heap
|
page read and write
|
||
10E4865E000
|
heap
|
page read and write
|
||
256D7F8B000
|
heap
|
page read and write
|
||
1CF08E70000
|
trusted library allocation
|
page read and write
|
||
256D7FBA000
|
heap
|
page read and write
|
||
1CF03879000
|
heap
|
page read and write
|
||
2391368B000
|
heap
|
page read and write
|
||
A5414FC000
|
stack
|
page read and write
|
||
23913BF0000
|
trusted library allocation
|
page read and write
|
||
216E6AF0000
|
heap
|
page read and write
|
||
CF8FC7E000
|
stack
|
page read and write
|
||
5606FE000
|
stack
|
page read and write
|
||
2451C00D000
|
heap
|
page read and write
|
||
D0012FE000
|
stack
|
page read and write
|
||
23914458000
|
heap
|
page read and write
|
||
18002E000
|
direct allocation
|
page read and write
|
||
C60000
|
heap
|
page read and write
|
||
CCE000
|
heap
|
page read and write
|
||
10E485B0000
|
remote allocation
|
page read and write
|
||
2710000
|
heap
|
page read and write
|
||
10E48410000
|
heap
|
page read and write
|
||
560000
|
direct allocation
|
page execute and read and write
|
||
25CDABAA000
|
heap
|
page read and write
|
||
1CF08F60000
|
trusted library allocation
|
page read and write
|
||
209E7AE000
|
stack
|
page read and write
|
||
23913665000
|
heap
|
page read and write
|
||
256D7F8E000
|
heap
|
page read and write
|
||
164C8040000
|
heap
|
page read and write
|
||
573ABF9000
|
stack
|
page read and write
|
||
D56000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
2391451B000
|
heap
|
page read and write
|
||
C20000
|
heap
|
page read and write
|
||
20423A13000
|
heap
|
page read and write
|
||
1D34F702000
|
heap
|
page read and write
|
||
2E3E7E000
|
stack
|
page read and write
|
||
1CF090A1000
|
heap
|
page read and write
|
||
6494A7E000
|
stack
|
page read and write
|
||
58B000
|
heap
|
page read and write
|
||
209ECF7000
|
stack
|
page read and write
|
||
EF1A3FF000
|
stack
|
page read and write
|
||
1CF0904A000
|
heap
|
page read and write
|
||
256D7F79000
|
heap
|
page read and write
|
||
1CF08FB0000
|
remote allocation
|
page read and write
|
||
256D7654000
|
heap
|
page read and write
|
||
BD203AF000
|
stack
|
page read and write
|
||
256D7F8B000
|
heap
|
page read and write
|
||
6494B7F000
|
stack
|
page read and write
|
||
1EFBFA89000
|
heap
|
page read and write
|
||
23AC000
|
stack
|
page read and write
|
||
32C30FB000
|
stack
|
page read and write
|
||
256D7F7B000
|
heap
|
page read and write
|
||
1CB4A5F6000
|
heap
|
page read and write
|
||
1CB4A61F000
|
heap
|
page read and write
|
||
1D34F65A000
|
heap
|
page read and write
|
||
CA2000
|
heap
|
page read and write
|
||
1CF08CC0000
|
trusted library allocation
|
page read and write
|
||
266E7E7E000
|
heap
|
page read and write
|
||
1CF04100000
|
heap
|
page read and write
|
||
20EAE25D000
|
heap
|
page read and write
|
||
20EAE267000
|
heap
|
page read and write
|
||
256D7F92000
|
heap
|
page read and write
|
||
1CF08E58000
|
trusted library allocation
|
page read and write
|
||
7FFC67212000
|
unkown
|
page readonly
|
||
180000000
|
direct allocation
|
page read and write
|
||
256D7662000
|
heap
|
page read and write
|
||
2136D760000
|
trusted library allocation
|
page read and write
|
||
BD9EE7F000
|
unkown
|
page read and write
|
||
20EAE233000
|
heap
|
page read and write
|
||
2700000
|
remote allocation
|
page read and write
|
||
BD9EAFA000
|
stack
|
page read and write
|
||
164C7E70000
|
heap
|
page read and write
|
||
164C7E40000
|
heap
|
page read and write
|
||
2136D782000
|
trusted library allocation
|
page read and write
|
||
256D76D3000
|
heap
|
page read and write
|
||
256D8419000
|
heap
|
page read and write
|
||
18475E50000
|
heap
|
page read and write
|
||
1CF08D40000
|
trusted library allocation
|
page read and write
|
||
2136D820000
|
heap
|
page read and write
|
||
256D7F80000
|
heap
|
page read and write
|
||
1D5C39D0000
|
trusted library allocation
|
page read and write
|
||
256D7F61000
|
heap
|
page read and write
|
||
3AC957B000
|
stack
|
page read and write
|
||
2451BE10000
|
heap
|
page read and write
|
||
3AC8BCB000
|
stack
|
page read and write
|
||
256D7460000
|
heap
|
page read and write
|
||
1D5C3B13000
|
heap
|
page read and write
|
||
164C7DD0000
|
unkown
|
page read and write
|
||
18476210000
|
heap
|
page read and write
|
||
23913659000
|
heap
|
page read and write
|
||
1CF04CC0000
|
trusted library allocation
|
page read and write
|
||
25CDB441000
|
heap
|
page read and write
|
||
2C44EFC000
|
stack
|
page read and write
|
||
1CB4A61A000
|
heap
|
page read and write
|
||
20EAE27F000
|
heap
|
page read and write
|
||
23913BA0000
|
trusted library allocation
|
page read and write
|
||
1EFBF980000
|
heap
|
page read and write
|
||
1D5C3A89000
|
heap
|
page read and write
|
||
A5417FE000
|
stack
|
page read and write
|
||
18475F6E000
|
heap
|
page read and write
|
||
23913647000
|
heap
|
page read and write
|
||
BD9E87E000
|
stack
|
page read and write
|
||
1CB4A5E0000
|
heap
|
page read and write
|
||
7FFC67219000
|
unkown
|
page readonly
|
||
32C357D000
|
stack
|
page read and write
|
||
2451D880000
|
direct allocation
|
page execute and read and write
|
||
1CB4A603000
|
heap
|
page read and write
|
||
256D7F86000
|
heap
|
page read and write
|
||
6494A7E000
|
stack
|
page read and write
|
||
2136D595000
|
heap
|
page read and write
|
||
CF8FFFE000
|
stack
|
page read and write
|
||
3AC9A7D000
|
stack
|
page read and write
|
||
7FFC67212000
|
unkown
|
page readonly
|
||
F40C37F000
|
stack
|
page read and write
|
||
10E48702000
|
heap
|
page read and write
|
||
25CDABC0000
|
heap
|
page read and write
|
||
F40C276000
|
stack
|
page read and write
|
||
1D5C3A4D000
|
heap
|
page read and write
|
||
239133E0000
|
heap
|
page read and write
|
||
2136E4F0000
|
trusted library allocation
|
page read and write
|
||
256D7F7F000
|
heap
|
page read and write
|
||
25CDAB56000
|
heap
|
page read and write
|
||
18475E70000
|
heap
|
page read and write
|
||
1A3E0C30000
|
heap
|
page read and write
|
||
256D7F89000
|
heap
|
page read and write
|
||
1A8144BA000
|
heap
|
page read and write
|
||
D01000
|
heap
|
page read and write
|
||
1D34F510000
|
heap
|
page read and write
|
||
256D8422000
|
heap
|
page read and write
|
||
7FFC671C0000
|
unkown
|
page readonly
|
||
570000
|
heap
|
page read and write
|
||
1CB4A61A000
|
heap
|
page read and write
|
||
10E48580000
|
trusted library allocation
|
page read and write
|
||
164C9994000
|
heap
|
page read and write
|
||
256D7FC2000
|
heap
|
page read and write
|
||
256D7F87000
|
heap
|
page read and write
|
||
1A8141B0000
|
heap
|
page read and write
|
||
E8D15FB000
|
stack
|
page read and write
|
||
256D7FAB000
|
heap
|
page read and write
|
||
1CB4A61A000
|
heap
|
page read and write
|
||
164C8080000
|
heap
|
page read and write
|
||
256D76F5000
|
heap
|
page read and write
|
||
20EAE27A000
|
heap
|
page read and write
|
||
256D7F73000
|
heap
|
page read and write
|
||
1CF04840000
|
trusted library allocation
|
page read and write
|
||
1CB4A61F000
|
heap
|
page read and write
|
||
256D7F7B000
|
heap
|
page read and write
|
||
266E7F00000
|
heap
|
page read and write
|
||
1CF09000000
|
heap
|
page read and write
|
||
1CB4A611000
|
heap
|
page read and write
|
||
256D7F80000
|
heap
|
page read and write
|
||
23913795000
|
heap
|
page read and write
|
||
7FFC67216000
|
unkown
|
page read and write
|
||
25CDAAC0000
|
heap
|
page read and write
|
||
EF1A37B000
|
stack
|
page read and write
|
||
BD206F9000
|
stack
|
page read and write
|
||
256D7FD1000
|
heap
|
page read and write
|
||
26A0000
|
trusted library allocation
|
page read and write
|
||
10E48420000
|
heap
|
page read and write
|
||
1CF03875000
|
heap
|
page read and write
|
||
23913D0D000
|
heap
|
page read and write
|
||
25CDAB48000
|
heap
|
page read and write
|
||
7FFC67212000
|
unkown
|
page readonly
|
||
D23000
|
heap
|
page read and write
|
||
20EAE276000
|
heap
|
page read and write
|
||
1CF09061000
|
heap
|
page read and write
|
||
1CF08FB0000
|
remote allocation
|
page read and write
|
||
20EAE240000
|
heap
|
page read and write
|
||
5D4000
|
heap
|
page read and write
|
||
256D8402000
|
heap
|
page read and write
|
||
1EFBFB08000
|
heap
|
page read and write
|
||
20EAE264000
|
heap
|
page read and write
|
||
1A814210000
|
heap
|
page read and write
|
||
D74000
|
heap
|
page read and write
|
||
20EAE241000
|
heap
|
page read and write
|
||
2136D599000
|
heap
|
page read and write
|
||
216E6BFB000
|
heap
|
page read and write
|
||
256D7F86000
|
heap
|
page read and write
|
||
256D7F7D000
|
heap
|
page read and write
|
||
20EAE25A000
|
heap
|
page read and write
|
||
23913D38000
|
heap
|
page read and write
|
||
164C9AB0000
|
heap
|
page read and write
|
||
1CF04000000
|
heap
|
page read and write
|
||
2451BFB0000
|
heap
|
page read and write
|
||
2C44FFD000
|
stack
|
page read and write
|
||
164C80A0000
|
direct allocation
|
page execute and read and write
|
||
164C80B0000
|
heap
|
page readonly
|
||
3AC9C7F000
|
stack
|
page read and write
|
||
DB0000
|
heap
|
page read and write
|
||
573AA79000
|
stack
|
page read and write
|
||
216E69A5000
|
heap
|
page read and write
|
||
1CB4A61F000
|
heap
|
page read and write
|
||
20EAE23B000
|
heap
|
page read and write
|
||
910000
|
remote allocation
|
page read and write
|
||
256D7F73000
|
heap
|
page read and write
|
||
1EFBF9B0000
|
trusted library allocation
|
page read and write
|
||
D0B000
|
heap
|
page read and write
|
||
1CF09020000
|
heap
|
page read and write
|
||
56038E000
|
stack
|
page read and write
|
||
1CF08F80000
|
trusted library allocation
|
page read and write
|
||
25CDB442000
|
heap
|
page read and write
|
||
7FFC671C1000
|
unkown
|
page execute read
|
||
10E48602000
|
heap
|
page read and write
|
||
25CDB441000
|
heap
|
page read and write
|
||
2BDE000
|
stack
|
page read and write
|
||
2136D786000
|
trusted library allocation
|
page read and write
|
||
256D7CE0000
|
remote allocation
|
page read and write
|
||
256D76DB000
|
heap
|
page read and write
|
||
256D8418000
|
heap
|
page read and write
|
||
2E3CFC000
|
stack
|
page read and write
|
||
1D5C3A5F000
|
heap
|
page read and write
|
||
20EAE060000
|
heap
|
page read and write
|
||
64947A6000
|
stack
|
page read and write
|
||
1A3E0A68000
|
heap
|
page read and write
|
||
1A814A02000
|
heap
|
page read and write
|
||
1D34F713000
|
heap
|
page read and write
|
||
256D76D3000
|
heap
|
page read and write
|
||
23914502000
|
heap
|
page read and write
|
||
1A814502000
|
heap
|
page read and write
|
||
1CF03780000
|
heap
|
page read and write
|
||
7FFC671C0000
|
unkown
|
page readonly
|
||
209EEFD000
|
stack
|
page read and write
|
||
266E7E29000
|
heap
|
page read and write
|
||
256D7F9E000
|
heap
|
page read and write
|
||
3AC937F000
|
stack
|
page read and write
|
||
164C9990000
|
heap
|
page read and write
|
||
32C337D000
|
stack
|
page read and write
|
||
25CDAC50000
|
remote allocation
|
page read and write
|
||
256D76A9000
|
heap
|
page read and write
|
||
256D8402000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
1CB4A820000
|
heap
|
page read and write
|
||
1EFBFA7D000
|
heap
|
page read and write
|
||
242E000
|
stack
|
page read and write
|
||
DA0000
|
heap
|
page readonly
|
||
256D765F000
|
heap
|
page read and write
|
||
204238F0000
|
heap
|
page read and write
|
||
20424202000
|
trusted library allocation
|
page read and write
|
||
BD9ECFF000
|
stack
|
page read and write
|
||
1A814513000
|
heap
|
page read and write
|
||
2451DA20000
|
heap
|
page read and write
|
||
164C9AB0000
|
heap
|
page read and write
|
||
EF1A07C000
|
stack
|
page read and write
|
||
2E5E000
|
stack
|
page read and write
|
||
20EAE265000
|
heap
|
page read and write
|
||
23913DD6000
|
heap
|
page read and write
|
||
23913713000
|
heap
|
page read and write
|
||
1D5C3A53000
|
heap
|
page read and write
|
||
256D7F88000
|
heap
|
page read and write
|
||
2451BFFD000
|
heap
|
page read and write
|
||
3AC927D000
|
stack
|
page read and write
|
||
2136E4A0000
|
trusted library allocation
|
page read and write
|
||
1CF08E50000
|
trusted library allocation
|
page read and write
|
||
25CDAC50000
|
remote allocation
|
page read and write
|
||
256D7F90000
|
heap
|
page read and write
|
||
256D7F7D000
|
heap
|
page read and write
|
||
164C7E78000
|
heap
|
page read and write
|
||
1EA0000
|
heap
|
page read and write
|
||
256D7F00000
|
heap
|
page read and write
|
||
6494A7E000
|
stack
|
page read and write
|
||
7FFC67219000
|
unkown
|
page readonly
|
||
1CF09054000
|
heap
|
page read and write
|
||
604000
|
heap
|
page read and write
|
||
1A3E0C70000
|
heap
|
page read and write
|
||
20EAE261000
|
heap
|
page read and write
|
||
18475F60000
|
heap
|
page read and write
|
||
256D7F8B000
|
heap
|
page read and write
|
||
1E4C17E000
|
stack
|
page read and write
|
||
23913440000
|
heap
|
page read and write
|
||
252B000
|
stack
|
page read and write
|
||
256D7659000
|
heap
|
page read and write
|
||
A0B52DA000
|
stack
|
page read and write
|
||
1CF04118000
|
heap
|
page read and write
|
||
1A8144C2000
|
heap
|
page read and write
|
||
20EADFF0000
|
heap
|
page read and write
|
||
256D7F10000
|
heap
|
page read and write
|
||
25CDAB07000
|
heap
|
page read and write
|
||
1D5C3A5C000
|
heap
|
page read and write
|
||
2C4507B000
|
stack
|
page read and write
|
||
1CF03870000
|
heap
|
page read and write
|
||
1CF08F40000
|
trusted library allocation
|
page read and write
|
||
D70000
|
heap
|
page read and write
|
||
2136D6C0000
|
heap
|
page read and write
|
||
23913D00000
|
heap
|
page read and write
|
||
1E4C27F000
|
stack
|
page read and write
|
||
22EB2D60000
|
heap
|
page read and write
|
||
22EB2E1D000
|
heap
|
page read and write
|
||
1EFBFB00000
|
heap
|
page read and write
|
||
D80000
|
heap
|
page read and write
|
||
256D765A000
|
heap
|
page read and write
|
||
18002F000
|
direct allocation
|
page readonly
|
||
EF1A27B000
|
stack
|
page read and write
|
||
1CF08F20000
|
trusted library allocation
|
page read and write
|
||
EF1A0FE000
|
stack
|
page read and write
|
||
1CF08E80000
|
trusted library allocation
|
page read and write
|
||
A5416FA000
|
stack
|
page read and write
|
||
EF1A5FF000
|
stack
|
page read and write
|
||
18475EC0000
|
heap
|
page read and write
|
||
25CDAB2B000
|
heap
|
page read and write
|
||
256D76EB000
|
heap
|
page read and write
|
||
1CB4A630000
|
heap
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
1CF038FD000
|
heap
|
page read and write
|
||
256D7F90000
|
heap
|
page read and write
|
||
256D7F7D000
|
heap
|
page read and write
|
||
256D7F79000
|
heap
|
page read and write
|
||
7FFC67219000
|
unkown
|
page readonly
|
||
2E3DFE000
|
stack
|
page read and write
|
||
256D76E3000
|
heap
|
page read and write
|
||
256D7F86000
|
heap
|
page read and write
|
||
1CF09104000
|
heap
|
page read and write
|
||
7FFC67216000
|
unkown
|
page read and write
|
||
1CB4A560000
|
heap
|
page read and write
|
||
256D8402000
|
heap
|
page read and write
|
||
1CF08FB0000
|
remote allocation
|
page read and write
|
||
256D7F86000
|
heap
|
page read and write
|
||
20EAE268000
|
heap
|
page read and write
|
||
25CDAB07000
|
heap
|
page read and write
|
||
25CDAB28000
|
heap
|
page read and write
|
||
DB5000
|
heap
|
page read and write
|
||
2C44D7E000
|
stack
|
page read and write
|
||
2136D7D9000
|
heap
|
page read and write
|
||
256D7F79000
|
heap
|
page read and write
|
||
266E7C00000
|
heap
|
page read and write
|
||
1A814400000
|
heap
|
page read and write
|
||
1CB4A606000
|
heap
|
page read and write
|
||
256D763C000
|
heap
|
page read and write
|
||
1CF09012000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
1EFBFB02000
|
heap
|
page read and write
|
||
1CF03800000
|
heap
|
page read and write
|
||
18002E000
|
direct allocation
|
page read and write
|
||
1CB4A5EE000
|
heap
|
page read and write
|
||
164C8040000
|
heap
|
page read and write
|
||
266E7E6A000
|
heap
|
page read and write
|
||
2451D860000
|
heap
|
page read and write
|
||
20EAE229000
|
heap
|
page read and write
|
||
164C80C0000
|
heap
|
page read and write
|
||
23913D62000
|
heap
|
page read and write
|
||
256D7F86000
|
heap
|
page read and write
|
||
1CF090E3000
|
heap
|
page read and write
|
||
20423A7D000
|
heap
|
page read and write
|
||
1D34F570000
|
heap
|
page read and write
|
||
1CF090A3000
|
heap
|
page read and write
|
||
164C99C0000
|
remote allocation
|
page read and write
|
||
23913C02000
|
heap
|
page read and write
|
||
D00137E000
|
stack
|
page read and write
|
||
1D5C3A65000
|
heap
|
page read and write
|
||
20EAE24D000
|
heap
|
page read and write
|
||
256D7F9E000
|
heap
|
page read and write
|
||
164C9990000
|
heap
|
page read and write
|
||
2136D816000
|
heap
|
page read and write
|
||
239136BA000
|
heap
|
page read and write
|
||
20EAE260000
|
heap
|
page read and write
|
||
A0B577E000
|
stack
|
page read and write
|
||
1E4BEFB000
|
stack
|
page read and write
|
||
2B5B000
|
stack
|
page read and write
|
||
1CF08E50000
|
trusted library allocation
|
page read and write
|
||
F40C3FE000
|
stack
|
page read and write
|
||
20EAE27C000
|
heap
|
page read and write
|
||
20423A3F000
|
heap
|
page read and write
|
||
1EFBFA71000
|
heap
|
page read and write
|
||
1D34F602000
|
heap
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
573AAFE000
|
stack
|
page read and write
|
||
2136D580000
|
heap
|
page read and write
|
||
1A8141A0000
|
heap
|
page read and write
|
||
32C3B7F000
|
stack
|
page read and write
|
||
CE5000
|
heap
|
page read and write
|
||
2451D8C0000
|
heap
|
page readonly
|
||
7FFC67219000
|
unkown
|
page readonly
|
||
1CB4A600000
|
heap
|
page read and write
|
||
18002E000
|
direct allocation
|
page read and write
|
||
C00000
|
heap
|
page read and write
|
||
1D5C37A0000
|
heap
|
page read and write
|
||
1CF0903D000
|
heap
|
page read and write
|
||
1D5C3B00000
|
heap
|
page read and write
|
||
32C387E000
|
stack
|
page read and write
|
||
2C4537D000
|
stack
|
page read and write
|
||
1A3E09E0000
|
heap
|
page read and write
|
||
D01000
|
heap
|
page read and write
|
||
266E8402000
|
trusted library allocation
|
page read and write
|
||
2ADE000
|
stack
|
page read and write
|
||
256D7F7B000
|
heap
|
page read and write
|
||
1D5C3A00000
|
heap
|
page read and write
|
||
256D76A9000
|
heap
|
page read and write
|
||
10E48E02000
|
trusted library allocation
|
page read and write
|
||
20EAE232000
|
heap
|
page read and write
|
||
20EAE245000
|
heap
|
page read and write
|
||
256D7F72000
|
heap
|
page read and write
|
||
1CB4A5F1000
|
heap
|
page read and write
|
||
EF1A17E000
|
stack
|
page read and write
|
||
540000
|
heap
|
page read and write
|
||
239137FD000
|
heap
|
page read and write
|
||
7FFC67212000
|
unkown
|
page readonly
|
||
10E48480000
|
heap
|
page read and write
|
||
1EFBFB13000
|
heap
|
page read and write
|
||
25CDABE0000
|
heap
|
page read and write
|
||
164C8080000
|
heap
|
page read and write
|
||
216E6990000
|
heap
|
page read and write
|
||
1CB4A628000
|
heap
|
page read and write
|
||
3AC8FF7000
|
stack
|
page read and write
|
||
256D7F8B000
|
heap
|
page read and write
|
||
2136D8D0000
|
trusted library allocation
|
page read and write
|
||
1EFBFA00000
|
heap
|
page read and write
|
||
61F000
|
heap
|
page read and write
|
||
1CF08D30000
|
trusted library allocation
|
page read and write
|
||
2391363E000
|
heap
|
page read and write
|
||
18476255000
|
heap
|
page read and write
|
||
1A81446A000
|
heap
|
page read and write
|
||
1E4BB3E000
|
stack
|
page read and write
|
||
D0B000
|
heap
|
page read and write
|
||
18002F000
|
direct allocation
|
page readonly
|
||
10E485B0000
|
remote allocation
|
page read and write
|
||
1E4BBBE000
|
stack
|
page read and write
|
||
1CF08E71000
|
trusted library allocation
|
page read and write
|
||
164C99C0000
|
remote allocation
|
page read and write
|
||
1CF03F50000
|
trusted library allocation
|
page read and write
|
||
266E7E00000
|
heap
|
page read and write
|
||
256D7F86000
|
heap
|
page read and write
|
||
1CB4A628000
|
heap
|
page read and write
|
||
D00127A000
|
stack
|
page read and write
|
||
1F60000
|
heap
|
page read and write
|
||
256D7F79000
|
heap
|
page read and write
|
||
184779A0000
|
heap
|
page read and write
|
||
256D8402000
|
heap
|
page read and write
|
||
32C377E000
|
stack
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
CF8F95C000
|
stack
|
page read and write
|
||
1D5C3B08000
|
heap
|
page read and write
|
||
256D7702000
|
heap
|
page read and write
|
||
1CF04159000
|
heap
|
page read and write
|
||
D23000
|
heap
|
page read and write
|
||
1CF08FA0000
|
trusted library allocation
|
page read and write
|
||
D0014FC000
|
stack
|
page read and write
|
||
F40C47F000
|
stack
|
page read and write
|
||
1EFC0202000
|
trusted library allocation
|
page read and write
|
||
2451BF40000
|
heap
|
page read and write
|
||
1CB4A62C000
|
heap
|
page read and write
|
||
1CF04159000
|
heap
|
page read and write
|
||
20EAE278000
|
heap
|
page read and write
|
||
164C9994000
|
heap
|
page read and write
|
||
23914402000
|
heap
|
page read and write
|
||
1EFBFA13000
|
heap
|
page read and write
|
||
1CF08F20000
|
trusted library allocation
|
page read and write
|
||
239136DE000
|
heap
|
page read and write
|
||
A5415FE000
|
stack
|
page read and write
|
||
256D7FB1000
|
heap
|
page read and write
|
||
23914402000
|
heap
|
page read and write
|
||
256D76C2000
|
heap
|
page read and write
|
||
2D5F000
|
stack
|
page read and write
|
||
E8D17FE000
|
stack
|
page read and write
|
||
64947A6000
|
stack
|
page read and write
|
||
1CB4A602000
|
heap
|
page read and write
|
||
266E7E4D000
|
heap
|
page read and write
|
||
BD207FC000
|
stack
|
page read and write
|
||
1CF03790000
|
heap
|
page read and write
|
||
1A814429000
|
heap
|
page read and write
|
||
2C44E7F000
|
stack
|
page read and write
|
||
1CB4A601000
|
heap
|
page read and write
|
||
1CF03FE3000
|
trusted library allocation
|
page read and write
|
||
256D7FD1000
|
heap
|
page read and write
|
||
BD9EDF7000
|
stack
|
page read and write
|
||
7FFC671C1000
|
unkown
|
page execute read
|
||
1D34F666000
|
heap
|
page read and write
|
||
1F2F000
|
stack
|
page read and write
|
||
20EAE275000
|
heap
|
page read and write
|
||
256D7F86000
|
heap
|
page read and write
|
||
266E7F13000
|
heap
|
page read and write
|
||
1EFBFA4D000
|
heap
|
page read and write
|
||
6494AFF000
|
stack
|
page read and write
|
||
2451BE00000
|
heap
|
page read and write
|
||
573A87C000
|
stack
|
page read and write
|
||
D54000
|
heap
|
page read and write
|
||
BD9E5FD000
|
stack
|
page read and write
|
||
266E7F08000
|
heap
|
page read and write
|
||
1A814B32000
|
heap
|
page read and write
|
||
5C3000
|
heap
|
page read and write
|
||
7FFC67219000
|
unkown
|
page readonly
|
||
2451BE15000
|
heap
|
page read and write
|
||
256D7F71000
|
heap
|
page read and write
|
||
256D7F9E000
|
heap
|
page read and write
|
||
2391441D000
|
heap
|
page read and write
|
||
18002F000
|
direct allocation
|
page readonly
|
||
F40C2FF000
|
stack
|
page read and write
|
||
CF8FDFE000
|
stack
|
page read and write
|
||
2391369C000
|
heap
|
page read and write
|
||
23913696000
|
heap
|
page read and write
|
||
239137B8000
|
heap
|
page read and write
|
||
7FFC671C1000
|
unkown
|
page execute read
|
||
23913DF3000
|
heap
|
page read and write
|
||
2E41FD000
|
stack
|
page read and write
|
||
164C80C5000
|
heap
|
page read and write
|
||
1D34F5A0000
|
trusted library allocation
|
page read and write
|
||
164C80B0000
|
heap
|
page readonly
|
||
20423A00000
|
heap
|
page read and write
|
||
1CF037F0000
|
heap
|
page read and write
|
||
266E7BA0000
|
heap
|
page read and write
|
||
F40C57C000
|
stack
|
page read and write
|
||
256D74C0000
|
heap
|
page read and write
|
||
25CDB440000
|
heap
|
page read and write
|
||
239136B7000
|
heap
|
page read and write
|
||
1CF03907000
|
heap
|
page read and write
|
||
A0B567E000
|
stack
|
page read and write
|
||
1CB4A628000
|
heap
|
page read and write
|
||
20EAE284000
|
heap
|
page read and write
|
||
A5411F9000
|
stack
|
page read and write
|
||
1CF09102000
|
heap
|
page read and write
|
||
20EAE27B000
|
heap
|
page read and write
|
||
20423A6A000
|
heap
|
page read and write
|
||
1A8144E0000
|
heap
|
page read and write
|
||
7FFC671C0000
|
unkown
|
page readonly
|
||
20EAE160000
|
trusted library allocation
|
page read and write
|
||
239136D6000
|
heap
|
page read and write
|
||
1CB4A607000
|
heap
|
page read and write
|
||
20423A57000
|
heap
|
page read and write
|
||
3AC98FD000
|
stack
|
page read and write
|
||
20EAE244000
|
heap
|
page read and write
|
||
1CB4A601000
|
heap
|
page read and write
|
||
1D5C3A3C000
|
heap
|
page read and write
|
||
2136D82E000
|
heap
|
page read and write
|
||
1A8144CB000
|
heap
|
page read and write
|
||
256D7FD3000
|
heap
|
page read and write
|
||
1CF03902000
|
heap
|
page read and write
|
||
1A3E0C75000
|
heap
|
page read and write
|
||
C9E000
|
heap
|
page read and write
|
||
D0B000
|
heap
|
page read and write
|
||
256D7680000
|
heap
|
page read and write
|
||
10E48640000
|
heap
|
page read and write
|
||
1CF08E74000
|
trusted library allocation
|
page read and write
|
||
E8D16FC000
|
stack
|
page read and write
|
||
2136D6E0000
|
heap
|
page read and write
|
||
1CF03902000
|
heap
|
page read and write
|
||
6494B7F000
|
stack
|
page read and write
|
||
164C80C5000
|
heap
|
page read and write
|
||
56077E000
|
stack
|
page read and write
|
||
256D7FAD000
|
heap
|
page read and write
|
||
7FFC67212000
|
unkown
|
page readonly
|
||
184779A4000
|
heap
|
page read and write
|
||
256D7F81000
|
heap
|
page read and write
|
||
A5413FE000
|
stack
|
page read and write
|
||
1CF038AF000
|
heap
|
page read and write
|
||
6494AFF000
|
stack
|
page read and write
|
||
164C7E78000
|
heap
|
page read and write
|
||
1CF0389F000
|
heap
|
page read and write
|
||
25CDAAC8000
|
heap
|
page read and write
|
||
209EDFF000
|
stack
|
page read and write
|
||
256D76C9000
|
heap
|
page read and write
|
||
513C87C000
|
stack
|
page read and write
|
||
56067F000
|
stack
|
page read and write
|
||
513CBFE000
|
stack
|
page read and write
|
||
256D7FAF000
|
heap
|
page read and write
|
||
23914443000
|
heap
|
page read and write
|
||
1CF04104000
|
heap
|
page read and write
|
||
1D34F641000
|
heap
|
page read and write
|
||
18002E000
|
direct allocation
|
page read and write
|
||
256D7F9E000
|
heap
|
page read and write
|
||
256D7F71000
|
heap
|
page read and write
|
||
1D34F600000
|
heap
|
page read and write
|
||
D23000
|
heap
|
page read and write
|
||
256D7F7F000
|
heap
|
page read and write
|
||
BD2032E000
|
stack
|
page read and write
|
||
2136D700000
|
trusted library allocation
|
page read and write
|
||
A0B56FF000
|
stack
|
page read and write
|
||
2C447CB000
|
stack
|
page read and write
|
||
20423880000
|
heap
|
page read and write
|
||
2391369A000
|
heap
|
page read and write
|
||
18002F000
|
direct allocation
|
page readonly
|
||
23913629000
|
heap
|
page read and write
|
||
1C5000
|
stack
|
page read and write
|
||
256D7F71000
|
heap
|
page read and write
|
||
BD9E9FE000
|
stack
|
page read and write
|
||
23913654000
|
heap
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
D00147B000
|
stack
|
page read and write
|
||
1EFBFA49000
|
heap
|
page read and write
|
||
513CA7B000
|
stack
|
page read and write
|
||
23913637000
|
heap
|
page read and write
|
||
23913631000
|
heap
|
page read and write
|
There are 981 hidden memdumps, click here to show them.