Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
TSvDnT6fkE.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
MPEG-4 LOAS
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x97040d86, page size 16384, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
|
Little-endian UTF-16 Unicode text, with CRLF, CR line terminators
|
modified
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_TSv_52bb2ff8749739655ef8ce7a55875e6631c6f4c1_cf813574_19b6376d\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1D3E.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sat May 14 11:43:37 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER20BA.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2280.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\TSvDnT6fkE.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\TSvDnT6fkE.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\TSvDnT6fkE.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\TSvDnT6fkE.dll,DllUnregisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\LqleYRChPKuppQ\QMAA.dll"
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k NetworkService -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k unistacksvcgroup
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\ErRMcfUGTVTj\myfGzaHssmULBwf.dll"
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\TSvDnT6fkE.dll"
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\TSvDnT6fkE.dll",#1
|
||
|
C:\Windows\System32\SgrmBroker.exe
|
C:\Windows\system32\SgrmBroker.exe
|
||
|
C:\Program Files\Windows Defender\MpCmdRun.exe
|
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 6416 -s 316
|
There are 13 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://23.239.0.12/K
|
unknown
|
|
|
|
https://23.239.0.12/0
|
unknown
|
|
|
|
https://23.239.0.12/
|
23.239.0.12
|
|
|
|
https://23.239.0.12/ionT
|
unknown
|
|
|
|
https://23.239.0.12/$
|
unknown
|
|
|
|
https://dev.ditu.live.com/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Driving
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
https://t0.tiles.ditu.live.com/tiles/gen
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Walking
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/logging.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?entry=
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Transit/Schedules/
|
unknown
|
||
|
https://www.hotspotshield.com/terms/
|
unknown
|
||
|
https://www.pango.co/privacy
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/mapcontrol/roadshield.ashx?bucket=
|
unknown
|
||
|
http://www.bingmapsportal.com
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
|
unknown
|
||
|
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Transit/Stops/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Transit/Stops/
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
|
unknown
|
||
|
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
|
unknown
|
||
|
https://%s.xboxlive.com
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Locations
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/logging.ashx
|
unknown
|
||
|
https://support.hotspotshield.com/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
https://dynamic.t
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Transit
|
unknown
|
||
|
https://disneyplus.com/legal.
|
unknown
|
||
|
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://activity.windows.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Locations
|
unknown
|
||
|
http://help.disneyplus.com.
|
unknown
|
||
|
https://%s.dnet.xboxlive.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
|
unknown
|
||
|
https://activity.windows.comr
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
http://schemas.xmlso
|
unknown
|
There are 48 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
23.239.0.12
|
unknown
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Usage
|
MonthID
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProgramId
|
||
|
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
FileId
|
||
|
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LongPathHash
|
||
|
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Name
|
||
|
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Publisher
|
||
|
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Version
|
||
|
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinFileVersion
|
||
|
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinaryType
|
||
|
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductName
|
||
|
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductVersion
|
||
|
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LinkDate
|
||
|
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinProductVersion
|
||
|
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Size
|
||
|
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Language
|
||
|
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsPeFile
|
||
|
\REGISTRY\A\{c84b8eb1-4df0-ff14-192e-a209b83fc278}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsOsComponent
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug
|
ExceptionRecord
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
0018800453F4626F
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
There are 32 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
6E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
EB0000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
26C83780000
|
direct allocation
|
page execute and read and write
|
|
|
|
1BF264F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
1BADFC02000
|
trusted library allocation
|
page read and write
|
||
|
22905CF9000
|
heap
|
page read and write
|
||
|
29768EAB000
|
heap
|
page read and write
|
||
|
AC5D47D000
|
stack
|
page read and write
|
||
|
2976E6B0000
|
trusted library allocation
|
page read and write
|
||
|
1A4F62FE000
|
heap
|
page read and write
|
||
|
1F55CC90000
|
trusted library allocation
|
page read and write
|
||
|
EFF33FB000
|
stack
|
page read and write
|
||
|
1F55C463000
|
heap
|
page read and write
|
||
|
2290658A000
|
heap
|
page read and write
|
||
|
EFF35FA000
|
stack
|
page read and write
|
||
|
23870A30000
|
heap
|
page read and write
|
||
|
22906587000
|
heap
|
page read and write
|
||
|
2976E3E0000
|
trusted library allocation
|
page read and write
|
||
|
29768F00000
|
heap
|
page read and write
|
||
|
22906A02000
|
heap
|
page read and write
|
||
|
15D15858000
|
heap
|
page read and write
|
||
|
1E561002000
|
trusted library allocation
|
page read and write
|
||
|
15D15872000
|
heap
|
page read and write
|
||
|
1F55C390000
|
heap
|
page read and write
|
||
|
22906570000
|
heap
|
page read and write
|
||
|
2976E3F0000
|
trusted library allocation
|
page read and write
|
||
|
29768E8F000
|
heap
|
page read and write
|
||
|
1E560650000
|
heap
|
page read and write
|
||
|
8570C7E000
|
stack
|
page read and write
|
||
|
22906583000
|
heap
|
page read and write
|
||
|
7FFFF0C51000
|
unkown
|
page execute read
|
||
|
1FE0000
|
trusted library allocation
|
page read and write
|
||
|
3A929FD000
|
stack
|
page read and write
|
||
|
22906587000
|
heap
|
page read and write
|
||
|
E18000
|
heap
|
page read and write
|
||
|
214063F0000
|
heap
|
page read and write
|
||
|
22905CB5000
|
heap
|
page read and write
|
||
|
22905CA4000
|
heap
|
page read and write
|
||
|
1BF26775000
|
heap
|
page read and write
|
||
|
ACD63FD000
|
stack
|
page read and write
|
||
|
1F55C4C7000
|
heap
|
page read and write
|
||
|
AC5D57E000
|
stack
|
page read and write
|
||
|
20C9A429000
|
heap
|
page read and write
|
||
|
1E56064F000
|
heap
|
page read and write
|
||
|
7FFFF0CA2000
|
unkown
|
page readonly
|
||
|
2976E4D7000
|
heap
|
page read and write
|
||
|
1BF2654E000
|
heap
|
page read and write
|
||
|
475000
|
stack
|
page read and write
|
||
|
23870781000
|
heap
|
page read and write
|
||
|
2DDB000
|
stack
|
page read and write
|
||
|
10BFC7B000
|
stack
|
page read and write
|
||
|
15D15847000
|
heap
|
page read and write
|
||
|
22905B50000
|
trusted library allocation
|
page read and write
|
||
|
22906583000
|
heap
|
page read and write
|
||
|
238707AE000
|
heap
|
page read and write
|
||
|
85706FE000
|
stack
|
page read and write
|
||
|
1BADF271000
|
heap
|
page read and write
|
||
|
297695F0000
|
trusted library allocation
|
page read and write
|
||
|
5D709F8000
|
stack
|
page read and write
|
||
|
26C83770000
|
direct allocation
|
page execute and read and write
|
||
|
22905C53000
|
heap
|
page read and write
|
||
|
1A4F65B5000
|
heap
|
page read and write
|
||
|
297695E0000
|
trusted library allocation
|
page read and write
|
||
|
180000
|
heap
|
page read and write
|
||
|
3A927FC000
|
stack
|
page read and write
|
||
|
1E560648000
|
heap
|
page read and write
|
||
|
229065A0000
|
heap
|
page read and write
|
||
|
15D15857000
|
heap
|
page read and write
|
||
|
10DAB3C000
|
stack
|
page read and write
|
||
|
22905C29000
|
heap
|
page read and write
|
||
|
1BADF308000
|
heap
|
page read and write
|
||
|
30426FE000
|
stack
|
page read and write
|
||
|
22906586000
|
heap
|
page read and write
|
||
|
22906A02000
|
heap
|
page read and write
|
||
|
1A4F8060000
|
heap
|
page read and write
|
||
|
22905C54000
|
heap
|
page read and write
|
||
|
22906585000
|
heap
|
page read and write
|
||
|
22906583000
|
heap
|
page read and write
|
||
|
17563190000
|
trusted library allocation
|
page read and write
|
||
|
1F55C47F000
|
heap
|
page read and write
|
||
|
1F55C429000
|
heap
|
page read and write
|
||
|
AC5CC7E000
|
stack
|
page read and write
|
||
|
F44F7F000
|
stack
|
page read and write
|
||
|
2290657B000
|
heap
|
page read and write
|
||
|
22906589000
|
heap
|
page read and write
|
||
|
5A6000
|
heap
|
page read and write
|
||
|
2290657B000
|
heap
|
page read and write
|
||
|
F44D77000
|
stack
|
page read and write
|
||
|
2387079E000
|
heap
|
page read and write
|
||
|
1E560645000
|
heap
|
page read and write
|
||
|
22905C88000
|
heap
|
page read and write
|
||
|
20C9A220000
|
heap
|
page read and write
|
||
|
23870740000
|
heap
|
page read and write
|
||
|
22906587000
|
heap
|
page read and write
|
||
|
7FFFF0CA9000
|
unkown
|
page readonly
|
||
|
1A4F65B0000
|
heap
|
page read and write
|
||
|
2976E503000
|
heap
|
page read and write
|
||
|
1A4F6309000
|
heap
|
page read and write
|
||
|
EFF36F7000
|
stack
|
page read and write
|
||
|
17563200000
|
heap
|
page read and write
|
||
|
2290657A000
|
heap
|
page read and write
|
||
|
213B000
|
stack
|
page read and write
|
||
|
22906595000
|
heap
|
page read and write
|
||
|
29768E78000
|
heap
|
page read and write
|
||
|
6D0000
|
direct allocation
|
page execute and read and write
|
||
|
2290658B000
|
heap
|
page read and write
|
||
|
21C4000
|
heap
|
page read and write
|
||
|
29768E96000
|
heap
|
page read and write
|
||
|
B66E979000
|
stack
|
page read and write
|
||
|
26C837C0000
|
heap
|
page read and write
|
||
|
22906562000
|
heap
|
page read and write
|
||
|
22906589000
|
heap
|
page read and write
|
||
|
22906583000
|
heap
|
page read and write
|
||
|
AC5CEFC000
|
stack
|
page read and write
|
||
|
22906590000
|
heap
|
page read and write
|
||
|
1756325C000
|
heap
|
page read and write
|
||
|
1F55CF00000
|
heap
|
page read and write
|
||
|
22906A02000
|
heap
|
page read and write
|
||
|
1BADF229000
|
heap
|
page read and write
|
||
|
22906599000
|
heap
|
page read and write
|
||
|
2976E60E000
|
trusted library allocation
|
page read and write
|
||
|
1E56066F000
|
heap
|
page read and write
|
||
|
29768F02000
|
heap
|
page read and write
|
||
|
22906584000
|
heap
|
page read and write
|
||
|
15D15918000
|
heap
|
page read and write
|
||
|
29769704000
|
heap
|
page read and write
|
||
|
1E56064C000
|
heap
|
page read and write
|
||
|
559000
|
heap
|
page read and write
|
||
|
22906A02000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
7FFFF0CA9000
|
unkown
|
page readonly
|
||
|
2976E624000
|
trusted library allocation
|
page read and write
|
||
|
1E56067D000
|
heap
|
page read and write
|
||
|
22906583000
|
heap
|
page read and write
|
||
|
1F55C4BD000
|
heap
|
page read and write
|
||
|
B66E37E000
|
stack
|
page read and write
|
||
|
22905C70000
|
heap
|
page read and write
|
||
|
2976E4DD000
|
heap
|
page read and write
|
||
|
22906586000
|
heap
|
page read and write
|
||
|
20C9A400000
|
heap
|
page read and write
|
||
|
229063B0000
|
remote allocation
|
page read and write
|
||
|
1BADF23C000
|
heap
|
page read and write
|
||
|
29768D40000
|
trusted library allocation
|
page read and write
|
||
|
D5BCC7E000
|
stack
|
page read and write
|
||
|
22906589000
|
heap
|
page read and write
|
||
|
22905C49000
|
heap
|
page read and write
|
||
|
2976E600000
|
trusted library allocation
|
page read and write
|
||
|
AC5D17B000
|
stack
|
page read and write
|
||
|
22906587000
|
heap
|
page read and write
|
||
|
2720000
|
remote allocation
|
page read and write
|
||
|
22906583000
|
heap
|
page read and write
|
||
|
1BF2658C000
|
heap
|
page read and write
|
||
|
1DD72602000
|
heap
|
page read and write
|
||
|
1A4F62A0000
|
heap
|
page read and write
|
||
|
52B000
|
heap
|
page read and write
|
||
|
1F55C3F0000
|
heap
|
page read and write
|
||
|
168ED908000
|
heap
|
page read and write
|
||
|
22905C27000
|
heap
|
page read and write
|
||
|
10DB0FE000
|
stack
|
page read and write
|
||
|
1F55C400000
|
heap
|
page read and write
|
||
|
10C02FD000
|
stack
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
2290658B000
|
heap
|
page read and write
|
||
|
238707B8000
|
heap
|
page read and write
|
||
|
2A740D40000
|
heap
|
page read and write
|
||
|
2290657F000
|
heap
|
page read and write
|
||
|
22906589000
|
heap
|
page read and write
|
||
|
1B794008000
|
heap
|
page read and write
|
||
|
29768EB8000
|
heap
|
page read and write
|
||
|
229065DA000
|
heap
|
page read and write
|
||
|
857097B000
|
stack
|
page read and write
|
||
|
175631C0000
|
remote allocation
|
page read and write
|
||
|
22906574000
|
heap
|
page read and write
|
||
|
21406E02000
|
trusted library allocation
|
page read and write
|
||
|
229065AE000
|
heap
|
page read and write
|
||
|
7FFFF0CA9000
|
unkown
|
page readonly
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
5D7097E000
|
stack
|
page read and write
|
||
|
2976E2D0000
|
trusted library allocation
|
page read and write
|
||
|
1B794280000
|
trusted library allocation
|
page read and write
|
||
|
1E560600000
|
heap
|
page read and write
|
||
|
2ECCE7E000
|
stack
|
page read and write
|
||
|
2976E840000
|
trusted library allocation
|
page read and write
|
||
|
22905CED000
|
heap
|
page read and write
|
||
|
1BADF24F000
|
heap
|
page read and write
|
||
|
2976E740000
|
remote allocation
|
page read and write
|
||
|
29768EAD000
|
heap
|
page read and write
|
||
|
F6E000
|
stack
|
page read and write
|
||
|
23870795000
|
heap
|
page read and write
|
||
|
B66DFF7000
|
stack
|
page read and write
|
||
|
238705F0000
|
heap
|
page read and write
|
||
|
23870792000
|
heap
|
page read and write
|
||
|
268F000
|
stack
|
page read and write
|
||
|
1A4F7EC0000
|
heap
|
page read and write
|
||
|
F44A7E000
|
stack
|
page read and write
|
||
|
15D155C0000
|
heap
|
page read and write
|
||
|
20C9A44F000
|
heap
|
page read and write
|
||
|
1BADF1F0000
|
heap
|
page read and write
|
||
|
1F55C43E000
|
heap
|
page read and write
|
||
|
22905C61000
|
heap
|
page read and write
|
||
|
1E5605C0000
|
heap
|
page read and write
|
||
|
857067B000
|
stack
|
page read and write
|
||
|
22905C4D000
|
heap
|
page read and write
|
||
|
1E56063E000
|
heap
|
page read and write
|
||
|
29768E25000
|
heap
|
page read and write
|
||
|
1DD72667000
|
heap
|
page read and write
|
||
|
15D15780000
|
trusted library allocation
|
page read and write
|
||
|
1F55CE02000
|
heap
|
page read and write
|
||
|
1BADF28B000
|
heap
|
page read and write
|
||
|
2976E3F0000
|
trusted library allocation
|
page read and write
|
||
|
15D157C0000
|
trusted library allocation
|
page read and write
|
||
|
21406513000
|
heap
|
page read and write
|
||
|
22906576000
|
heap
|
page read and write
|
||
|
238707AE000
|
heap
|
page read and write
|
||
|
229059E0000
|
heap
|
page read and write
|
||
|
15D15889000
|
heap
|
page read and write
|
||
|
2A740E80000
|
heap
|
page read and write
|
||
|
1DD72E02000
|
trusted library allocation
|
page read and write
|
||
|
229063B0000
|
remote allocation
|
page read and write
|
||
|
22905C59000
|
heap
|
page read and write
|
||
|
10BFEFC000
|
stack
|
page read and write
|
||
|
EFF3A7E000
|
stack
|
page read and write
|
||
|
10DAF7C000
|
stack
|
page read and write
|
||
|
2290657B000
|
heap
|
page read and write
|
||
|
1A4F6312000
|
heap
|
page read and write
|
||
|
EFF327E000
|
stack
|
page read and write
|
||
|
2030000
|
heap
|
page read and write
|
||
|
1A4F6318000
|
heap
|
page read and write
|
||
|
7FFFF0CA6000
|
unkown
|
page read and write
|
||
|
229065AC000
|
heap
|
page read and write
|
||
|
22905CC7000
|
heap
|
page read and write
|
||
|
87323A6000
|
stack
|
page read and write
|
||
|
22906500000
|
heap
|
page read and write
|
||
|
B66E27A000
|
stack
|
page read and write
|
||
|
2976E417000
|
heap
|
page read and write
|
||
|
22906599000
|
heap
|
page read and write
|
||
|
1E560649000
|
heap
|
page read and write
|
||
|
B66E47D000
|
stack
|
page read and write
|
||
|
2976E500000
|
heap
|
page read and write
|
||
|
1B794E10000
|
trusted library allocation
|
page read and write
|
||
|
17563229000
|
heap
|
page read and write
|
||
|
22906599000
|
heap
|
page read and write
|
||
|
22906574000
|
heap
|
page read and write
|
||
|
168ED888000
|
heap
|
page read and write
|
||
|
EE0000
|
heap
|
page readonly
|
||
|
29769718000
|
heap
|
page read and write
|
||
|
22906583000
|
heap
|
page read and write
|
||
|
2290658B000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
26C83995000
|
heap
|
page read and write
|
||
|
1B794315000
|
heap
|
page read and write
|
||
|
715000
|
heap
|
page read and write
|
||
|
1E560550000
|
heap
|
page read and write
|
||
|
229065D0000
|
heap
|
page read and write
|
||
|
1F55C488000
|
heap
|
page read and write
|
||
|
7FFFF0C51000
|
unkown
|
page execute read
|
||
|
2ECD07E000
|
stack
|
page read and write
|
||
|
2290657A000
|
heap
|
page read and write
|
||
|
26C83700000
|
heap
|
page read and write
|
||
|
297695D0000
|
trusted library allocation
|
page read and write
|
||
|
20C9A280000
|
heap
|
page read and write
|
||
|
1BADF190000
|
heap
|
page read and write
|
||
|
15D15848000
|
heap
|
page read and write
|
||
|
1BADF313000
|
heap
|
page read and write
|
||
|
168ED84F000
|
heap
|
page read and write
|
||
|
22906A02000
|
heap
|
page read and write
|
||
|
22906572000
|
heap
|
page read and write
|
||
|
1A4F62C0000
|
heap
|
page read and write
|
||
|
22905C58000
|
heap
|
page read and write
|
||
|
26C837B0000
|
heap
|
page readonly
|
||
|
1E56066B000
|
heap
|
page read and write
|
||
|
1F55C413000
|
heap
|
page read and write
|
||
|
22906589000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
22905C50000
|
heap
|
page read and write
|
||
|
2290657B000
|
heap
|
page read and write
|
||
|
2976E624000
|
trusted library allocation
|
page read and write
|
||
|
229063B0000
|
remote allocation
|
page read and write
|
||
|
AC5D0FC000
|
stack
|
page read and write
|
||
|
22905C3C000
|
heap
|
page read and write
|
||
|
291C000
|
stack
|
page read and write
|
||
|
501000
|
heap
|
page read and write
|
||
|
23870770000
|
heap
|
page read and write
|
||
|
1BADF24B000
|
heap
|
page read and write
|
||
|
1DD72702000
|
heap
|
page read and write
|
||
|
FB4000
|
heap
|
page read and write
|
||
|
23870786000
|
heap
|
page read and write
|
||
|
2140646A000
|
heap
|
page read and write
|
||
|
21406413000
|
heap
|
page read and write
|
||
|
ACD62FE000
|
stack
|
page read and write
|
||
|
26C837F3000
|
heap
|
page read and write
|
||
|
873267E000
|
stack
|
page read and write
|
||
|
20C9A210000
|
heap
|
page read and write
|
||
|
4F90DFF000
|
stack
|
page read and write
|
||
|
1B79404F000
|
heap
|
page read and write
|
||
|
2976E430000
|
heap
|
page read and write
|
||
|
22906599000
|
heap
|
page read and write
|
||
|
22906576000
|
heap
|
page read and write
|
||
|
501000
|
heap
|
page read and write
|
||
|
22906574000
|
heap
|
page read and write
|
||
|
279E000
|
stack
|
page read and write
|
||
|
1BF2658F000
|
heap
|
page read and write
|
||
|
2290657D000
|
heap
|
page read and write
|
||
|
29768E72000
|
heap
|
page read and write
|
||
|
22906584000
|
heap
|
page read and write
|
||
|
2976E700000
|
trusted library allocation
|
page read and write
|
||
|
10DB6FE000
|
stack
|
page read and write
|
||
|
1A4F6309000
|
heap
|
page read and write
|
||
|
21BE000
|
stack
|
page read and write
|
||
|
26C85200000
|
heap
|
page read and write
|
||
|
20C9A488000
|
heap
|
page read and write
|
||
|
F44E7E000
|
stack
|
page read and write
|
||
|
1EC0000
|
heap
|
page readonly
|
||
|
1A4F62F0000
|
heap
|
page read and write
|
||
|
1B79404F000
|
heap
|
page read and write
|
||
|
22906595000
|
heap
|
page read and write
|
||
|
15D15630000
|
heap
|
page read and write
|
||
|
87327FE000
|
stack
|
page read and write
|
||
|
10DB4FD000
|
stack
|
page read and write
|
||
|
1A4F8063000
|
heap
|
page read and write
|
||
|
7FFFF0C50000
|
unkown
|
page readonly
|
||
|
297695B1000
|
trusted library allocation
|
page read and write
|
||
|
22905C4A000
|
heap
|
page read and write
|
||
|
22906583000
|
heap
|
page read and write
|
||
|
29768F07000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
1BADF251000
|
heap
|
page read and write
|
||
|
87328FB000
|
stack
|
page read and write
|
||
|
ACD5F8B000
|
stack
|
page read and write
|
||
|
1BF26724000
|
heap
|
page read and write
|
||
|
52E000
|
heap
|
page read and write
|
||
|
22906583000
|
heap
|
page read and write
|
||
|
29768F00000
|
heap
|
page read and write
|
||
|
4F9000
|
heap
|
page read and write
|
||
|
AC5CFFF000
|
stack
|
page read and write
|
||
|
29768EB1000
|
heap
|
page read and write
|
||
|
21406502000
|
heap
|
page read and write
|
||
|
22906574000
|
heap
|
page read and write
|
||
|
29768BE0000
|
heap
|
page read and write
|
||
|
21406428000
|
heap
|
page read and write
|
||
|
4F9167E000
|
stack
|
page read and write
|
||
|
7FFFF0CA2000
|
unkown
|
page readonly
|
||
|
15D15800000
|
heap
|
page read and write
|
||
|
229065AD000
|
heap
|
page read and write
|
||
|
15D1582A000
|
heap
|
page read and write
|
||
|
17563C02000
|
trusted library allocation
|
page read and write
|
||
|
23870720000
|
heap
|
page read and write
|
||
|
22905CB3000
|
heap
|
page read and write
|
||
|
168ED902000
|
heap
|
page read and write
|
||
|
168ED87D000
|
heap
|
page read and write
|
||
|
E42000
|
heap
|
page read and write
|
||
|
22906599000
|
heap
|
page read and write
|
||
|
EFF39FA000
|
stack
|
page read and write
|
||
|
15D15848000
|
heap
|
page read and write
|
||
|
2976E400000
|
heap
|
page read and write
|
||
|
58C000
|
heap
|
page read and write
|
||
|
168ED926000
|
heap
|
page read and write
|
||
|
1F55C46B000
|
heap
|
page read and write
|
||
|
1B7942A0000
|
trusted library allocation
|
page read and write
|
||
|
22906583000
|
heap
|
page read and write
|
||
|
EFF32FE000
|
stack
|
page read and write
|
||
|
4F9117F000
|
stack
|
page read and write
|
||
|
21406457000
|
heap
|
page read and write
|
||
|
7FFFF0CA2000
|
unkown
|
page readonly
|
||
|
238707B5000
|
heap
|
page read and write
|
||
|
ACD64FE000
|
stack
|
page read and write
|
||
|
22906A02000
|
heap
|
page read and write
|
||
|
20C9AC02000
|
trusted library allocation
|
page read and write
|
||
|
A60607E000
|
stack
|
page read and write
|
||
|
1E560652000
|
heap
|
page read and write
|
||
|
A605DFE000
|
stack
|
page read and write
|
||
|
238707AE000
|
heap
|
page read and write
|
||
|
168ED855000
|
heap
|
page read and write
|
||
|
22905C56000
|
heap
|
page read and write
|
||
|
22906574000
|
heap
|
page read and write
|
||
|
29768E3D000
|
heap
|
page read and write
|
||
|
22906A02000
|
heap
|
page read and write
|
||
|
10C017D000
|
stack
|
page read and write
|
||
|
1A4F6306000
|
heap
|
page read and write
|
||
|
1BADF256000
|
heap
|
page read and write
|
||
|
F4477B000
|
stack
|
page read and write
|
||
|
22906402000
|
heap
|
page read and write
|
||
|
FF5000
|
heap
|
page read and write
|
||
|
1B794047000
|
heap
|
page read and write
|
||
|
4F90D7E000
|
stack
|
page read and write
|
||
|
168ED83C000
|
heap
|
page read and write
|
||
|
21406C90000
|
trusted library allocation
|
page read and write
|
||
|
ACD6479000
|
stack
|
page read and write
|
||
|
17563213000
|
heap
|
page read and write
|
||
|
229065AC000
|
heap
|
page read and write
|
||
|
10BFF7D000
|
stack
|
page read and write
|
||
|
2D5E000
|
stack
|
page read and write
|
||
|
2290657B000
|
heap
|
page read and write
|
||
|
2290651D000
|
heap
|
page read and write
|
||
|
22906596000
|
heap
|
page read and write
|
||
|
29768C40000
|
heap
|
page read and write
|
||
|
2290657F000
|
heap
|
page read and write
|
||
|
1B793F00000
|
heap
|
page read and write
|
||
|
15D171E0000
|
remote allocation
|
page read and write
|
||
|
22905C00000
|
heap
|
page read and write
|
||
|
22906584000
|
heap
|
page read and write
|
||
|
15D15750000
|
trusted library allocation
|
page read and write
|
||
|
22905CAB000
|
heap
|
page read and write
|
||
|
58C000
|
heap
|
page read and write
|
||
|
1F55CF32000
|
heap
|
page read and write
|
||
|
20C9A413000
|
heap
|
page read and write
|
||
|
168ED870000
|
heap
|
page read and write
|
||
|
1B794300000
|
trusted library allocation
|
page read and write
|
||
|
26C836E0000
|
heap
|
page read and write
|
||
|
1A4F630E000
|
heap
|
page read and write
|
||
|
1BF26470000
|
heap
|
page read and write
|
||
|
15D155D0000
|
heap
|
page read and write
|
||
|
2976A260000
|
trusted library allocation
|
page read and write
|
||
|
55D000
|
heap
|
page read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
2976E4EE000
|
heap
|
page read and write
|
||
|
22906583000
|
heap
|
page read and write
|
||
|
E02000
|
heap
|
page read and write
|
||
|
22906583000
|
heap
|
page read and write
|
||
|
22906589000
|
heap
|
page read and write
|
||
|
22905C13000
|
heap
|
page read and write
|
||
|
2976E2C0000
|
trusted library allocation
|
page read and write
|
||
|
29768F02000
|
heap
|
page read and write
|
||
|
304267B000
|
stack
|
page read and write
|
||
|
22906599000
|
heap
|
page read and write
|
||
|
551000
|
heap
|
page read and write
|
||
|
3A921DB000
|
stack
|
page read and write
|
||
|
2976E600000
|
trusted library allocation
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
3A92AFF000
|
stack
|
page read and write
|
||
|
857077E000
|
stack
|
page read and write
|
||
|
20C9A43C000
|
heap
|
page read and write
|
||
|
1B794240000
|
trusted library allocation
|
page read and write
|
||
|
4F90CFB000
|
stack
|
page read and write
|
||
|
AC5CCFC000
|
stack
|
page read and write
|
||
|
22905C55000
|
heap
|
page read and write
|
||
|
ACD627D000
|
stack
|
page read and write
|
||
|
2976E3E0000
|
trusted library allocation
|
page read and write
|
||
|
1B794290000
|
heap
|
page readonly
|
||
|
52E000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
22906583000
|
heap
|
page read and write
|
||
|
21406390000
|
heap
|
page read and write
|
||
|
1BF264C0000
|
heap
|
page read and write
|
||
|
2976E465000
|
heap
|
page read and write
|
||
|
2976E4FA000
|
heap
|
page read and write
|
||
|
873277E000
|
stack
|
page read and write
|
||
|
229065B8000
|
heap
|
page read and write
|
||
|
22906584000
|
heap
|
page read and write
|
||
|
2387077B000
|
heap
|
page read and write
|
||
|
22906581000
|
heap
|
page read and write
|
||
|
22905CE4000
|
heap
|
page read and write
|
||
|
EFF37FE000
|
stack
|
page read and write
|
||
|
289E000
|
stack
|
page read and write
|
||
|
4F9157F000
|
stack
|
page read and write
|
||
|
D5BC96F000
|
stack
|
page read and write
|
||
|
1B7941E0000
|
trusted library allocation
|
page read and write
|
||
|
23870A35000
|
heap
|
page read and write
|
||
|
168ED857000
|
heap
|
page read and write
|
||
|
29768EB1000
|
heap
|
page read and write
|
||
|
1E560560000
|
heap
|
page read and write
|
||
|
22905CC3000
|
heap
|
page read and write
|
||
|
168ED913000
|
heap
|
page read and write
|
||
|
168ED7C0000
|
trusted library allocation
|
page read and write
|
||
|
168ED890000
|
heap
|
page read and write
|
||
|
2976E621000
|
trusted library allocation
|
page read and write
|
||
|
2A740FA3000
|
heap
|
page read and write
|
||
|
EFF2FDC000
|
stack
|
page read and write
|
||
|
29769718000
|
heap
|
page read and write
|
||
|
58C000
|
heap
|
page read and write
|
||
|
22906A03000
|
heap
|
page read and write
|
||
|
4CB000
|
heap
|
page read and write
|
||
|
1E560668000
|
heap
|
page read and write
|
||
|
168ED720000
|
heap
|
page read and write
|
||
|
3A92CFE000
|
stack
|
page read and write
|
||
|
1DD72641000
|
heap
|
page read and write
|
||
|
10BFDFF000
|
stack
|
page read and write
|
||
|
27B0000
|
heap
|
page read and write
|
||
|
ACD65F9000
|
stack
|
page read and write
|
||
|
20C9A44C000
|
heap
|
page read and write
|
||
|
1F55C4CE000
|
heap
|
page read and write
|
||
|
1E560666000
|
heap
|
page read and write
|
||
|
229065AC000
|
heap
|
page read and write
|
||
|
3A92EFF000
|
stack
|
page read and write
|
||
|
2ECCA7B000
|
stack
|
page read and write
|
||
|
22906574000
|
heap
|
page read and write
|
||
|
58E000
|
heap
|
page read and write
|
||
|
270E000
|
stack
|
page read and write
|
||
|
21406380000
|
heap
|
page read and write
|
||
|
1BF26310000
|
heap
|
page read and write
|
||
|
B66E17A000
|
stack
|
page read and write
|
||
|
1E56067C000
|
heap
|
page read and write
|
||
|
E27000
|
heap
|
page read and write
|
||
|
1DD723D0000
|
heap
|
page read and write
|
||
|
1BF264E0000
|
direct allocation
|
page execute and read and write
|
||
|
2290657A000
|
heap
|
page read and write
|
||
|
22906585000
|
heap
|
page read and write
|
||
|
10C01FE000
|
stack
|
page read and write
|
||
|
22906583000
|
heap
|
page read and write
|
||
|
22905D13000
|
heap
|
page read and write
|
||
|
2ECCD7B000
|
stack
|
page read and write
|
||
|
1A4F9930000
|
trusted library allocation
|
page read and write
|
||
|
2290659B000
|
heap
|
page read and write
|
||
|
B66E57B000
|
stack
|
page read and write
|
||
|
29769702000
|
heap
|
page read and write
|
||
|
1BF26520000
|
heap
|
page readonly
|
||
|
F447FE000
|
stack
|
page read and write
|
||
|
2720000
|
remote allocation
|
page read and write
|
||
|
229065B8000
|
heap
|
page read and write
|
||
|
20C9A508000
|
heap
|
page read and write
|
||
|
29769759000
|
heap
|
page read and write
|
||
|
1BADF200000
|
heap
|
page read and write
|
||
|
2976E620000
|
trusted library allocation
|
page read and write
|
||
|
26C83954000
|
heap
|
page read and write
|
||
|
22905A50000
|
heap
|
page read and write
|
||
|
22906519000
|
heap
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
22906574000
|
heap
|
page read and write
|
||
|
1B793F10000
|
trusted library allocation
|
page read and write
|
||
|
238707B6000
|
heap
|
page read and write
|
||
|
58E000
|
heap
|
page read and write
|
||
|
229065AC000
|
heap
|
page read and write
|
||
|
2290657A000
|
heap
|
page read and write
|
||
|
17563160000
|
heap
|
page read and write
|
||
|
7FFFF0C50000
|
unkown
|
page readonly
|
||
|
1BADF300000
|
heap
|
page read and write
|
||
|
2290659E000
|
heap
|
page read and write
|
||
|
229059F0000
|
heap
|
page read and write
|
||
|
15D15858000
|
heap
|
page read and write
|
||
|
2290657F000
|
heap
|
page read and write
|
||
|
10DB5FE000
|
stack
|
page read and write
|
||
|
AC5C8DB000
|
stack
|
page read and write
|
||
|
8570B7E000
|
stack
|
page read and write
|
||
|
1E560680000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
15D15913000
|
heap
|
page read and write
|
||
|
A60627E000
|
stack
|
page read and write
|
||
|
15D15802000
|
heap
|
page read and write
|
||
|
26C83800000
|
heap
|
page read and write
|
||
|
A60637E000
|
stack
|
page read and write
|
||
|
15D15730000
|
trusted library allocation
|
page read and write
|
||
|
22906575000
|
heap
|
page read and write
|
||
|
1B793F90000
|
heap
|
page read and write
|
||
|
21406441000
|
heap
|
page read and write
|
||
|
17563240000
|
heap
|
page read and write
|
||
|
168ED827000
|
heap
|
page read and write
|
||
|
1E560641000
|
heap
|
page read and write
|
||
|
229065A2000
|
heap
|
page read and write
|
||
|
2976E4A0000
|
heap
|
page read and write
|
||
|
2976E423000
|
heap
|
page read and write
|
||
|
1E560642000
|
heap
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
1A4F6321000
|
heap
|
page read and write
|
||
|
1BADF27F000
|
heap
|
page read and write
|
||
|
29768EA4000
|
heap
|
page read and write
|
||
|
22906517000
|
heap
|
page read and write
|
||
|
15D15900000
|
heap
|
page read and write
|
||
|
29769700000
|
heap
|
page read and write
|
||
|
1F55C502000
|
heap
|
page read and write
|
||
|
26C837ED000
|
heap
|
page read and write
|
||
|
A60647F000
|
stack
|
page read and write
|
||
|
297695D3000
|
trusted library allocation
|
page read and write
|
||
|
229065BD000
|
heap
|
page read and write
|
||
|
7FFFF0CA6000
|
unkown
|
page read and write
|
||
|
15D1583D000
|
heap
|
page read and write
|
||
|
2976E4AA000
|
heap
|
page read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
1B79406E000
|
heap
|
page read and write
|
||
|
1E56064A000
|
heap
|
page read and write
|
||
|
2976E6F0000
|
trusted library allocation
|
page read and write
|
||
|
23870796000
|
heap
|
page read and write
|
||
|
857087C000
|
stack
|
page read and write
|
||
|
15D15862000
|
heap
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
20C9A46F000
|
heap
|
page read and write
|
||
|
5D70B7C000
|
stack
|
page read and write
|
||
|
2290659B000
|
heap
|
page read and write
|
||
|
87326FF000
|
stack
|
page read and write
|
||
|
7FFFF0C50000
|
unkown
|
page readonly
|
||
|
229065B1000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
3A926FF000
|
stack
|
page read and write
|
||
|
1A4F6230000
|
heap
|
page read and write
|
||
|
1B79404F000
|
heap
|
page read and write
|
||
|
551000
|
heap
|
page read and write
|
||
|
22906583000
|
heap
|
page read and write
|
||
|
1DD72430000
|
heap
|
page read and write
|
||
|
AC5D37E000
|
stack
|
page read and write
|
||
|
10DB2FE000
|
stack
|
page read and write
|
||
|
22906583000
|
heap
|
page read and write
|
||
|
3A92BFE000
|
stack
|
page read and write
|
||
|
2976E3F0000
|
trusted library allocation
|
page read and write
|
||
|
22906589000
|
heap
|
page read and write
|
||
|
2290657E000
|
heap
|
page read and write
|
||
|
26C83750000
|
heap
|
page read and write
|
||
|
EA0000
|
direct allocation
|
page execute and read and write
|
||
|
2290657E000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1BF26450000
|
heap
|
page read and write
|
||
|
1E560646000
|
heap
|
page read and write
|
||
|
1B794011000
|
heap
|
page read and write
|
||
|
1DD72713000
|
heap
|
page read and write
|
||
|
10DB1FE000
|
stack
|
page read and write
|
||
|
21406402000
|
heap
|
page read and write
|
||
|
29768E00000
|
heap
|
page read and write
|
||
|
DC5000
|
heap
|
page read and write
|
||
|
1DD7265B000
|
heap
|
page read and write
|
||
|
4F9147C000
|
stack
|
page read and write
|
||
|
DAB000
|
heap
|
page read and write
|
||
|
22906589000
|
heap
|
page read and write
|
||
|
1BF26591000
|
heap
|
page read and write
|
||
|
22906583000
|
heap
|
page read and write
|
||
|
2290657A000
|
heap
|
page read and write
|
||
|
21406466000
|
heap
|
page read and write
|
||
|
229065AC000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1BF26720000
|
heap
|
page read and write
|
||
|
2290659D000
|
heap
|
page read and write
|
||
|
B66DBBB000
|
stack
|
page read and write
|
||
|
4F9127B000
|
stack
|
page read and write
|
||
|
5D70A79000
|
stack
|
page read and write
|
||
|
29768EBB000
|
heap
|
page read and write
|
||
|
7FFFF0CA9000
|
unkown
|
page readonly
|
||
|
1A4F6312000
|
heap
|
page read and write
|
||
|
26C83950000
|
heap
|
page read and write
|
||
|
20C9A466000
|
heap
|
page read and write
|
||
|
1DD72678000
|
heap
|
page read and write
|
||
|
2976E710000
|
trusted library allocation
|
page read and write
|
||
|
22906A03000
|
heap
|
page read and write
|
||
|
2290658A000
|
heap
|
page read and write
|
||
|
C75000
|
stack
|
page read and write
|
||
|
2290659B000
|
heap
|
page read and write
|
||
|
2290657D000
|
heap
|
page read and write
|
||
|
22906A21000
|
heap
|
page read and write
|
||
|
22905CD7000
|
heap
|
page read and write
|
||
|
1A4F631C000
|
heap
|
page read and write
|
||
|
22905C4B000
|
heap
|
page read and write
|
||
|
2290657F000
|
heap
|
page read and write
|
||
|
2976E6B0000
|
trusted library allocation
|
page read and write
|
||
|
1E560679000
|
heap
|
page read and write
|
||
|
2976E6B0000
|
trusted library allocation
|
page read and write
|
||
|
168ED829000
|
heap
|
page read and write
|
||
|
2290657D000
|
heap
|
page read and write
|
||
|
1BADFA90000
|
trusted library allocation
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
1B793F70000
|
heap
|
page read and write
|
||
|
C053DED000
|
stack
|
page read and write
|
||
|
1E560647000
|
heap
|
page read and write
|
||
|
20C9A380000
|
trusted library allocation
|
page read and write
|
||
|
1E560686000
|
heap
|
page read and write
|
||
|
2290658D000
|
heap
|
page read and write
|
||
|
281F000
|
stack
|
page read and write
|
||
|
304277E000
|
stack
|
page read and write
|
||
|
2976E502000
|
heap
|
page read and write
|
||
|
22906583000
|
heap
|
page read and write
|
||
|
2290657B000
|
heap
|
page read and write
|
||
|
29768E7C000
|
heap
|
page read and write
|
||
|
168EE202000
|
trusted library allocation
|
page read and write
|
||
|
1BF26540000
|
heap
|
page read and write
|
||
|
1A4F65BB000
|
heap
|
page read and write
|
||
|
1E560630000
|
heap
|
page read and write
|
||
|
1B7942B0000
|
trusted library allocation
|
page read and write
|
||
|
22906583000
|
heap
|
page read and write
|
||
|
22906583000
|
heap
|
page read and write
|
||
|
29769602000
|
heap
|
page read and write
|
||
|
17563100000
|
heap
|
page read and write
|
||
|
168ED84C000
|
heap
|
page read and write
|
||
|
175631C0000
|
remote allocation
|
page read and write
|
||
|
1DD72530000
|
trusted library allocation
|
page read and write
|
||
|
22906592000
|
heap
|
page read and write
|
||
|
1E560613000
|
heap
|
page read and write
|
||
|
2290657B000
|
heap
|
page read and write
|
||
|
20C9A513000
|
heap
|
page read and write
|
||
|
1E0000
|
remote allocation
|
page read and write
|
||
|
2290654F000
|
heap
|
page read and write
|
||
|
2976E445000
|
heap
|
page read and write
|
||
|
1A4F631C000
|
heap
|
page read and write
|
||
|
4F91377000
|
stack
|
page read and write
|
||
|
1DD72629000
|
heap
|
page read and write
|
||
|
20C9A454000
|
heap
|
page read and write
|
||
|
7FFFF0C51000
|
unkown
|
page execute read
|
||
|
22906578000
|
heap
|
page read and write
|
||
|
5D70AFF000
|
stack
|
page read and write
|
||
|
23870786000
|
heap
|
page read and write
|
||
|
7FFFF0CA6000
|
unkown
|
page read and write
|
||
|
29768F16000
|
heap
|
page read and write
|
||
|
1A4F8070000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
10C007E000
|
stack
|
page read and write
|
||
|
20BF000
|
stack
|
page read and write
|
||
|
29768E29000
|
heap
|
page read and write
|
||
|
168ED900000
|
heap
|
page read and write
|
||
|
17563302000
|
heap
|
page read and write
|
||
|
2976E720000
|
trusted library allocation
|
page read and write
|
||
|
15D171E0000
|
remote allocation
|
page read and write
|
||
|
23870794000
|
heap
|
page read and write
|
||
|
1B794000000
|
heap
|
page read and write
|
||
|
20C9A466000
|
heap
|
page read and write
|
||
|
22905D08000
|
heap
|
page read and write
|
||
|
1BF2659B000
|
heap
|
page read and write
|
||
|
21C0000
|
heap
|
page read and write
|
||
|
2A740F90000
|
heap
|
page read and write
|
||
|
1BADF180000
|
heap
|
page read and write
|
||
|
7FFFF0C50000
|
unkown
|
page readonly
|
||
|
26C83800000
|
heap
|
page read and write
|
||
|
10DB3FC000
|
stack
|
page read and write
|
||
|
15D17202000
|
trusted library allocation
|
page read and write
|
||
|
22906589000
|
heap
|
page read and write
|
||
|
1B794319000
|
heap
|
page read and write
|
||
|
D5BC8E6000
|
stack
|
page read and write
|
||
|
175630F0000
|
heap
|
page read and write
|
||
|
1BF2657E000
|
heap
|
page read and write
|
||
|
22906A19000
|
heap
|
page read and write
|
||
|
22906589000
|
heap
|
page read and write
|
||
|
D5BC9EF000
|
stack
|
page read and write
|
||
|
3A925FB000
|
stack
|
page read and write
|
||
|
1DD723C0000
|
heap
|
page read and write
|
||
|
2976E4A4000
|
heap
|
page read and write
|
||
|
20C9A427000
|
heap
|
page read and write
|
||
|
168ED790000
|
heap
|
page read and write
|
||
|
2387079E000
|
heap
|
page read and write
|
||
|
30427FF000
|
stack
|
page read and write
|
||
|
2976E820000
|
trusted library allocation
|
page read and write
|
||
|
168ED730000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
2290657B000
|
heap
|
page read and write
|
||
|
1BADF213000
|
heap
|
page read and write
|
||
|
29768F28000
|
heap
|
page read and write
|
||
|
238707B7000
|
heap
|
page read and write
|
||
|
1E56066D000
|
heap
|
page read and write
|
||
|
1B794320000
|
trusted library allocation
|
page read and write
|
||
|
4F910FC000
|
stack
|
page read and write
|
||
|
1DD72600000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
EFF38F8000
|
stack
|
page read and write
|
||
|
1DD72613000
|
heap
|
page read and write
|
||
|
1E56063A000
|
heap
|
page read and write
|
||
|
2976E452000
|
heap
|
page read and write
|
||
|
F44C7B000
|
stack
|
page read and write
|
||
|
1E0000
|
remote allocation
|
page read and write
|
||
|
1F55C380000
|
heap
|
page read and write
|
||
|
1E560643000
|
heap
|
page read and write
|
||
|
1DD72663000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
2290657A000
|
heap
|
page read and write
|
||
|
229065A0000
|
heap
|
page read and write
|
||
|
ACD6579000
|
stack
|
page read and write
|
||
|
229065A0000
|
heap
|
page read and write
|
||
|
15D15813000
|
heap
|
page read and write
|
||
|
A605D7C000
|
stack
|
page read and write
|
||
|
22905C61000
|
heap
|
page read and write
|
||
|
2387079E000
|
heap
|
page read and write
|
||
|
21406400000
|
heap
|
page read and write
|
||
|
29768E13000
|
heap
|
page read and write
|
||
|
1E560651000
|
heap
|
page read and write
|
||
|
175631C0000
|
remote allocation
|
page read and write
|
||
|
22905D16000
|
heap
|
page read and write
|
||
|
20C9A490000
|
heap
|
page read and write
|
||
|
8570A77000
|
stack
|
page read and write
|
||
|
22905C51000
|
heap
|
page read and write
|
||
|
20C9A500000
|
heap
|
page read and write
|
||
|
22906587000
|
heap
|
page read and write
|
||
|
229065CD000
|
heap
|
page read and write
|
||
|
B66EB7E000
|
stack
|
page read and write
|
||
|
2290658A000
|
heap
|
page read and write
|
||
|
1E5605F0000
|
trusted library allocation
|
page read and write
|
||
|
258D000
|
stack
|
page read and write
|
||
|
2A740F9D000
|
heap
|
page read and write
|
||
|
1A4F632D000
|
heap
|
page read and write
|
||
|
55D000
|
heap
|
page read and write
|
||
|
1BF26770000
|
heap
|
page read and write
|
||
|
2290657C000
|
heap
|
page read and write
|
||
|
17563202000
|
heap
|
page read and write
|
||
|
7FFFF0C51000
|
unkown
|
page execute read
|
||
|
2ECCF7B000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
29768E56000
|
heap
|
page read and write
|
||
|
58E000
|
heap
|
page read and write
|
||
|
2976E6D0000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
20C9A502000
|
heap
|
page read and write
|
||
|
22906584000
|
heap
|
page read and write
|
||
|
55D000
|
heap
|
page read and write
|
||
|
229065A0000
|
heap
|
page read and write
|
||
|
29769615000
|
heap
|
page read and write
|
||
|
5D7087A000
|
stack
|
page read and write
|
||
|
26C835A0000
|
heap
|
page read and write
|
||
|
168ED800000
|
heap
|
page read and write
|
||
|
26C837C8000
|
heap
|
page read and write
|
||
|
168ED813000
|
heap
|
page read and write
|
||
|
29769758000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
1BADF202000
|
heap
|
page read and write
|
||
|
2976E740000
|
remote allocation
|
page read and write
|
||
|
1B7941D0000
|
trusted library allocation
|
page read and write
|
||
|
2720000
|
remote allocation
|
page read and write
|
||
|
DE5000
|
heap
|
page read and write
|
||
|
1A4F630D000
|
heap
|
page read and write
|
||
|
1E560702000
|
heap
|
page read and write
|
||
|
26C83990000
|
heap
|
page read and write
|
||
|
29769600000
|
heap
|
page read and write
|
||
|
229065B6000
|
heap
|
page read and write
|
||
|
2976E608000
|
trusted library allocation
|
page read and write
|
||
|
22905D02000
|
heap
|
page read and write
|
||
|
1E560629000
|
heap
|
page read and write
|
||
|
20C9A449000
|
heap
|
page read and write
|
||
|
1BADF302000
|
heap
|
page read and write
|
||
|
29768BD0000
|
heap
|
page read and write
|
||
|
22906587000
|
heap
|
page read and write
|
||
|
168ED854000
|
heap
|
page read and write
|
||
|
873287F000
|
stack
|
page read and write
|
||
|
EFF34F8000
|
stack
|
page read and write
|
||
|
2976E740000
|
remote allocation
|
page read and write
|
||
|
2290657C000
|
heap
|
page read and write
|
||
|
22906A00000
|
heap
|
page read and write
|
||
|
7FFFF0CA2000
|
unkown
|
page readonly
|
||
|
ACD637E000
|
stack
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
1FE0000
|
trusted library allocation
|
page read and write
|
||
|
AC5D27D000
|
stack
|
page read and write
|
||
|
29769DE0000
|
trusted library allocation
|
page read and write
|
||
|
22906A02000
|
heap
|
page read and write
|
||
|
22906574000
|
heap
|
page read and write
|
||
|
D5BCCFF000
|
stack
|
page read and write
|
||
|
1BF26547000
|
heap
|
page read and write
|
||
|
168ED852000
|
heap
|
page read and write
|
||
|
1BADF27E000
|
heap
|
page read and write
|
||
|
2976E4F6000
|
heap
|
page read and write
|
||
|
1F55C513000
|
heap
|
page read and write
|
||
|
1A4F62F9000
|
heap
|
page read and write
|
||
|
15D15902000
|
heap
|
page read and write
|
||
|
EFF3AFF000
|
unkown
|
page read and write
|
||
|
29768E7A000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
7FFFF0CA6000
|
unkown
|
page read and write
|
||
|
2140647B000
|
heap
|
page read and write
|
||
|
1B794310000
|
heap
|
page read and write
|
||
|
29769713000
|
heap
|
page read and write
|
||
|
5D708FE000
|
stack
|
page read and write
|
||
|
21406500000
|
heap
|
page read and write
|
||
|
3A92DFF000
|
stack
|
page read and write
|
||
|
1BF26710000
|
heap
|
page read and write
|
||
|
22906589000
|
heap
|
page read and write
|
||
|
15D171E0000
|
remote allocation
|
page read and write
|
||
|
22906589000
|
heap
|
page read and write
|
There are 842 hidden memdumps, click here to show them.