Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
wgJ5YjI2QO.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
MPEG-4 LOAS
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0xfaee3432, page size 16384, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_wgJ_e06ee120fc2caa8a6b5839bb9d970592ab273f3_0a0ccb00_15dea10e\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER90A3.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sat May 14 11:57:40 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9651.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9846.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\wgJ5YjI2QO.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\wgJ5YjI2QO.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\wgJ5YjI2QO.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\wgJ5YjI2QO.dll,DllUnregisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\KiAiForPK\zlxWteloxtTITR.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\OtCXm\kDbCLHDWWfGFPvP.dll"
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\wgJ5YjI2QO.dll"
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\wgJ5YjI2QO.dll",#1
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 6224 -s 328
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 6224 -s 328
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
There are 6 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://23.239.0.12/efault
|
unknown
|
|
|
|
https://23.239.0.12/
|
23.239.0.12
|
|
|
|
https://23.239.0.12/I
|
unknown
|
|
|
|
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
|
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
|
https://www.hotspotshield.com/terms/
|
unknown
|
||
|
https://www.pango.co/privacy
|
unknown
|
||
|
https://disneyplus.com/legal.
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
|
http://help.disneyplus.com.
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressin
|
unknown
|
||
|
https://support.hotspotshield.com/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/add
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/200
|
unknown
|
||
|
https://displaycatalog.mp.microsoft.c80
|
unknown
|
There are 6 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
23.239.0.12
|
unknown
|
United States
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
||
|
\REGISTRY\A\{6ac0b319-21d0-c82c-1f9d-ecdeb385a479}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProgramId
|
||
|
\REGISTRY\A\{6ac0b319-21d0-c82c-1f9d-ecdeb385a479}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
FileId
|
||
|
\REGISTRY\A\{6ac0b319-21d0-c82c-1f9d-ecdeb385a479}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{6ac0b319-21d0-c82c-1f9d-ecdeb385a479}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LongPathHash
|
||
|
\REGISTRY\A\{6ac0b319-21d0-c82c-1f9d-ecdeb385a479}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Name
|
||
|
\REGISTRY\A\{6ac0b319-21d0-c82c-1f9d-ecdeb385a479}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Publisher
|
||
|
\REGISTRY\A\{6ac0b319-21d0-c82c-1f9d-ecdeb385a479}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Version
|
||
|
\REGISTRY\A\{6ac0b319-21d0-c82c-1f9d-ecdeb385a479}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinFileVersion
|
||
|
\REGISTRY\A\{6ac0b319-21d0-c82c-1f9d-ecdeb385a479}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinaryType
|
||
|
\REGISTRY\A\{6ac0b319-21d0-c82c-1f9d-ecdeb385a479}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductName
|
||
|
\REGISTRY\A\{6ac0b319-21d0-c82c-1f9d-ecdeb385a479}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductVersion
|
||
|
\REGISTRY\A\{6ac0b319-21d0-c82c-1f9d-ecdeb385a479}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LinkDate
|
||
|
\REGISTRY\A\{6ac0b319-21d0-c82c-1f9d-ecdeb385a479}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinProductVersion
|
||
|
\REGISTRY\A\{6ac0b319-21d0-c82c-1f9d-ecdeb385a479}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Size
|
||
|
\REGISTRY\A\{6ac0b319-21d0-c82c-1f9d-ecdeb385a479}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Language
|
||
|
\REGISTRY\A\{6ac0b319-21d0-c82c-1f9d-ecdeb385a479}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsPeFile
|
||
|
\REGISTRY\A\{6ac0b319-21d0-c82c-1f9d-ecdeb385a479}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsOsComponent
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug
|
ExceptionRecord
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
0018C005C62C4D85
|
There are 21 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
20B82310000
|
direct allocation
|
page execute and read and write
|
|
|
|
830000
|
direct allocation
|
page execute and read and write
|
|
|
|
20B82310000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
258B05E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
20B82310000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
23E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
17E42090000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
A40000
|
heap
|
page read and write
|
||
|
1E8490FB000
|
heap
|
page read and write
|
||
|
263ADC80000
|
heap
|
page read and write
|
||
|
1FD50C49000
|
heap
|
page read and write
|
||
|
8A395D6000
|
stack
|
page read and write
|
||
|
1E8499CE000
|
heap
|
page read and write
|
||
|
1FD5095D000
|
heap
|
page read and write
|
||
|
263ADEA4000
|
heap
|
page read and write
|
||
|
7FFA531D1000
|
unkown
|
page execute read
|
||
|
1E849E02000
|
heap
|
page read and write
|
||
|
1E849000000
|
heap
|
page read and write
|
||
|
263ADEB3000
|
heap
|
page read and write
|
||
|
21058859000
|
heap
|
page read and write
|
||
|
6BD7DFF000
|
stack
|
page read and write
|
||
|
1FD50920000
|
heap
|
page read and write
|
||
|
1E848E10000
|
heap
|
page read and write
|
||
|
1E84999D000
|
heap
|
page read and write
|
||
|
2306DC5F000
|
heap
|
page read and write
|
||
|
20C10308000
|
heap
|
page read and write
|
||
|
2306DC8A000
|
heap
|
page read and write
|
||
|
1E849995000
|
heap
|
page read and write
|
||
|
263B33F0000
|
trusted library allocation
|
page read and write
|
||
|
38D257E000
|
stack
|
page read and write
|
||
|
7FFA531D1000
|
unkown
|
page execute read
|
||
|
1E849029000
|
heap
|
page read and write
|
||
|
263B3740000
|
trusted library allocation
|
page read and write
|
||
|
860000
|
heap
|
page readonly
|
||
|
1FD50918000
|
heap
|
page read and write
|
||
|
A7B000
|
heap
|
page read and write
|
||
|
263B3506000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
7FFA53226000
|
unkown
|
page read and write
|
||
|
1FD50979000
|
heap
|
page read and write
|
||
|
263B38A0000
|
trusted library allocation
|
page read and write
|
||
|
1E8499B8000
|
heap
|
page read and write
|
||
|
1E849979000
|
heap
|
page read and write
|
||
|
263B3300000
|
trusted library allocation
|
page read and write
|
||
|
D555AFE000
|
stack
|
page read and write
|
||
|
1E8499A1000
|
heap
|
page read and write
|
||
|
1E84906F000
|
heap
|
page read and write
|
||
|
9C53F7E000
|
stack
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
1E849978000
|
heap
|
page read and write
|
||
|
1E848E20000
|
heap
|
page read and write
|
||
|
17E42040000
|
heap
|
page read and write
|
||
|
7FFA53226000
|
unkown
|
page read and write
|
||
|
263B342E000
|
heap
|
page read and write
|
||
|
1E8490E1000
|
heap
|
page read and write
|
||
|
9FF807B000
|
stack
|
page read and write
|
||
|
263B3360000
|
trusted library allocation
|
page read and write
|
||
|
7FFA53222000
|
unkown
|
page readonly
|
||
|
263AF280000
|
trusted library allocation
|
page read and write
|
||
|
2306DC51000
|
heap
|
page read and write
|
||
|
263B3330000
|
trusted library allocation
|
page read and write
|
||
|
7E5000
|
heap
|
page read and write
|
||
|
BD22478000
|
stack
|
page read and write
|
||
|
7FFA53229000
|
unkown
|
page readonly
|
||
|
1E84998A000
|
heap
|
page read and write
|
||
|
1E849051000
|
heap
|
page read and write
|
||
|
1E849998000
|
heap
|
page read and write
|
||
|
1E8499A5000
|
heap
|
page read and write
|
||
|
263B3700000
|
trusted library allocation
|
page read and write
|
||
|
7FFA531D0000
|
unkown
|
page readonly
|
||
|
223D9700000
|
heap
|
page read and write
|
||
|
20C10200000
|
heap
|
page read and write
|
||
|
1E8490AF000
|
heap
|
page read and write
|
||
|
934000
|
heap
|
page read and write
|
||
|
17E4211E000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
7FFA531D1000
|
unkown
|
page execute read
|
||
|
20B82350000
|
heap
|
page readonly
|
||
|
2105883C000
|
heap
|
page read and write
|
||
|
263ADDF3000
|
trusted library allocation
|
page read and write
|
||
|
1A881640000
|
heap
|
page read and write
|
||
|
258B0421000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
20C10270000
|
heap
|
page read and write
|
||
|
8A395D6000
|
stack
|
page read and write
|
||
|
1E849013000
|
heap
|
page read and write
|
||
|
6BD7D7E000
|
stack
|
page read and write
|
||
|
1E84999C000
|
heap
|
page read and write
|
||
|
1FD50C40000
|
heap
|
page read and write
|
||
|
20C1025C000
|
heap
|
page read and write
|
||
|
9C53EFC000
|
stack
|
page read and write
|
||
|
2306DC13000
|
heap
|
page read and write
|
||
|
1E8490ED000
|
heap
|
page read and write
|
||
|
20C10A02000
|
trusted library allocation
|
page read and write
|
||
|
21058855000
|
heap
|
page read and write
|
||
|
1E849970000
|
heap
|
page read and write
|
||
|
1FD50900000
|
trusted library allocation
|
page read and write
|
||
|
8A3987F000
|
stack
|
page read and write
|
||
|
1E8490C5000
|
heap
|
page read and write
|
||
|
38D1DDE000
|
stack
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
263B3280000
|
trusted library allocation
|
page read and write
|
||
|
20C1027E000
|
heap
|
page read and write
|
||
|
1E8490EB000
|
heap
|
page read and write
|
||
|
20C10130000
|
trusted library allocation
|
page read and write
|
||
|
1E849990000
|
heap
|
page read and write
|
||
|
20B82300000
|
direct allocation
|
page execute and read and write
|
||
|
17E420D8000
|
heap
|
page read and write
|
||
|
1E8499C5000
|
heap
|
page read and write
|
||
|
BD22177000
|
stack
|
page read and write
|
||
|
263B3724000
|
trusted library allocation
|
page read and write
|
||
|
263ADE13000
|
heap
|
page read and write
|
||
|
258B1FF0000
|
heap
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
1E849989000
|
heap
|
page read and write
|
||
|
1A8813F0000
|
heap
|
page read and write
|
||
|
20B82340000
|
heap
|
page read and write
|
||
|
7FFA53222000
|
unkown
|
page readonly
|
||
|
2105882A000
|
heap
|
page read and write
|
||
|
250F000
|
stack
|
page read and write
|
||
|
20B82300000
|
direct allocation
|
page execute and read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
263ADE58000
|
heap
|
page read and write
|
||
|
1FD50880000
|
heap
|
page read and write
|
||
|
1E84998C000
|
heap
|
page read and write
|
||
|
263ADE76000
|
heap
|
page read and write
|
||
|
25DB3B7D000
|
heap
|
page read and write
|
||
|
263B3502000
|
heap
|
page read and write
|
||
|
20B823D0000
|
heap
|
page read and write
|
||
|
1E849116000
|
heap
|
page read and write
|
||
|
1E8499BD000
|
heap
|
page read and write
|
||
|
1E8499CE000
|
heap
|
page read and write
|
||
|
258B0370000
|
heap
|
page read and write
|
||
|
BD2237F000
|
stack
|
page read and write
|
||
|
7FFA53226000
|
unkown
|
page read and write
|
||
|
38D217C000
|
stack
|
page read and write
|
||
|
21058908000
|
heap
|
page read and write
|
||
|
223D98C8000
|
heap
|
page read and write
|
||
|
17E43B40000
|
heap
|
page read and write
|
||
|
20C10213000
|
heap
|
page read and write
|
||
|
263ADF02000
|
heap
|
page read and write
|
||
|
1A881629000
|
heap
|
page read and write
|
||
|
7FFA531D0000
|
unkown
|
page readonly
|
||
|
263AE600000
|
heap
|
page read and write
|
||
|
1E849102000
|
heap
|
page read and write
|
||
|
7FFA531D0000
|
unkown
|
page readonly
|
||
|
20C0FFC0000
|
heap
|
page read and write
|
||
|
975BBF9000
|
stack
|
page read and write
|
||
|
263ADEFE000
|
heap
|
page read and write
|
||
|
7FFA531D0000
|
unkown
|
page readonly
|
||
|
1E848FF0000
|
remote allocation
|
page read and write
|
||
|
223D98A0000
|
heap
|
page read and write
|
||
|
210586F0000
|
heap
|
page read and write
|
||
|
29A0000
|
remote allocation
|
page read and write
|
||
|
1E849981000
|
heap
|
page read and write
|
||
|
9C542FB000
|
stack
|
page read and write
|
||
|
2306DC3C000
|
heap
|
page read and write
|
||
|
AF5000
|
heap
|
page read and write
|
||
|
263ADE55000
|
heap
|
page read and write
|
||
|
D5320FF000
|
stack
|
page read and write
|
||
|
1E849053000
|
heap
|
page read and write
|
||
|
263AE718000
|
heap
|
page read and write
|
||
|
7FFA53226000
|
unkown
|
page read and write
|
||
|
BB4EFFE000
|
stack
|
page read and write
|
||
|
1E8499B2000
|
heap
|
page read and write
|
||
|
1FD5095D000
|
heap
|
page read and write
|
||
|
20B821E8000
|
heap
|
page read and write
|
||
|
1FD50955000
|
heap
|
page read and write
|
||
|
20C0FFD0000
|
heap
|
page read and write
|
||
|
20B822E0000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1E84904C000
|
heap
|
page read and write
|
||
|
263B3760000
|
trusted library allocation
|
page read and write
|
||
|
1E849E02000
|
heap
|
page read and write
|
||
|
938000
|
heap
|
page read and write
|
||
|
1FD50BA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFA53226000
|
unkown
|
page read and write
|
||
|
1E8499A2000
|
heap
|
page read and write
|
||
|
21058856000
|
heap
|
page read and write
|
||
|
2306DA90000
|
heap
|
page read and write
|
||
|
1E849968000
|
heap
|
page read and write
|
||
|
20B821E0000
|
heap
|
page read and write
|
||
|
29A0000
|
remote allocation
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
1E848FF0000
|
remote allocation
|
page read and write
|
||
|
20C1024E000
|
heap
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
223D9B50000
|
heap
|
page read and write
|
||
|
263B3320000
|
trusted library allocation
|
page read and write
|
||
|
483E2FE000
|
stack
|
page read and write
|
||
|
20B82190000
|
heap
|
page read and write
|
||
|
20C10229000
|
heap
|
page read and write
|
||
|
BB4EDF7000
|
stack
|
page read and write
|
||
|
263B34AF000
|
heap
|
page read and write
|
||
|
880000
|
trusted library allocation
|
page read and write
|
||
|
1E8499D8000
|
heap
|
page read and write
|
||
|
6BD7EF9000
|
stack
|
page read and write
|
||
|
1E84996D000
|
heap
|
page read and write
|
||
|
2306DBF0000
|
trusted library allocation
|
page read and write
|
||
|
263B3500000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
9C5447B000
|
stack
|
page read and write
|
||
|
263B3400000
|
heap
|
page read and write
|
||
|
BB4EEFF000
|
stack
|
page read and write
|
||
|
1E84996D000
|
heap
|
page read and write
|
||
|
483DED6000
|
stack
|
page read and write
|
||
|
263ADE3E000
|
heap
|
page read and write
|
||
|
7FFA53229000
|
unkown
|
page readonly
|
||
|
1E84998D000
|
heap
|
page read and write
|
||
|
1A881600000
|
heap
|
page read and write
|
||
|
1A881658000
|
heap
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
1E8499AD000
|
heap
|
page read and write
|
||
|
263B345D000
|
heap
|
page read and write
|
||
|
1E849995000
|
heap
|
page read and write
|
||
|
2105885E000
|
heap
|
page read and write
|
||
|
29FE000
|
stack
|
page read and write
|
||
|
BB4E78E000
|
stack
|
page read and write
|
||
|
258B0390000
|
heap
|
page read and write
|
||
|
D5552FF000
|
stack
|
page read and write
|
||
|
20B82445000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
BD21E7E000
|
stack
|
page read and write
|
||
|
20B821E8000
|
heap
|
page read and write
|
||
|
263B3350000
|
trusted library allocation
|
page read and write
|
||
|
483E37F000
|
stack
|
page read and write
|
||
|
223D98DF000
|
heap
|
page read and write
|
||
|
21058902000
|
heap
|
page read and write
|
||
|
1E8499A1000
|
heap
|
page read and write
|
||
|
1E849990000
|
heap
|
page read and write
|
||
|
263B3780000
|
remote allocation
|
page read and write
|
||
|
1E849968000
|
heap
|
page read and write
|
||
|
17E41EA0000
|
heap
|
page read and write
|
||
|
223D98C5000
|
heap
|
page read and write
|
||
|
20B82440000
|
heap
|
page read and write
|
||
|
38D1D5B000
|
stack
|
page read and write
|
||
|
223D9830000
|
heap
|
page read and write
|
||
|
1E849050000
|
heap
|
page read and write
|
||
|
28CE000
|
stack
|
page read and write
|
||
|
1E84997A000
|
heap
|
page read and write
|
||
|
1FD5095F000
|
heap
|
page read and write
|
||
|
38D207E000
|
stack
|
page read and write
|
||
|
17E42080000
|
direct allocation
|
page execute and read and write
|
||
|
223D98E0000
|
heap
|
page read and write
|
||
|
1FD5095D000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
6BD7CFE000
|
stack
|
page read and write
|
||
|
1E84997A000
|
heap
|
page read and write
|
||
|
1A881613000
|
heap
|
page read and write
|
||
|
1E84998A000
|
heap
|
page read and write
|
||
|
263B3502000
|
heap
|
page read and write
|
||
|
248F000
|
stack
|
page read and write
|
||
|
1FD50BF0000
|
trusted library allocation
|
page read and write
|
||
|
263B3710000
|
trusted library allocation
|
page read and write
|
||
|
263B3320000
|
trusted library allocation
|
page read and write
|
||
|
1E84996D000
|
heap
|
page read and write
|
||
|
21058780000
|
trusted library allocation
|
page read and write
|
||
|
263ADDF0000
|
trusted library allocation
|
page read and write
|
||
|
258B2004000
|
heap
|
page read and write
|
||
|
20C10302000
|
heap
|
page read and write
|
||
|
20B82445000
|
heap
|
page read and write
|
||
|
2306E402000
|
trusted library allocation
|
page read and write
|
||
|
20B821E0000
|
heap
|
page read and write
|
||
|
975B6FC000
|
stack
|
page read and write
|
||
|
263B34A4000
|
heap
|
page read and write
|
||
|
1E849108000
|
heap
|
page read and write
|
||
|
BB4ECFE000
|
stack
|
page read and write
|
||
|
1E84998D000
|
heap
|
page read and write
|
||
|
1A88167A000
|
heap
|
page read and write
|
||
|
9C54577000
|
stack
|
page read and write
|
||
|
1E849978000
|
heap
|
page read and write
|
||
|
1E84998B000
|
heap
|
page read and write
|
||
|
1E8499A5000
|
heap
|
page read and write
|
||
|
6BD7C7A000
|
stack
|
page read and write
|
||
|
7FFA53222000
|
unkown
|
page readonly
|
||
|
263B3290000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
263AEE00000
|
trusted library allocation
|
page read and write
|
||
|
8EA000
|
heap
|
page read and write
|
||
|
1E8499D8000
|
heap
|
page read and write
|
||
|
92C000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
92C000
|
heap
|
page read and write
|
||
|
8E2000
|
heap
|
page read and write
|
||
|
1E8490B3000
|
heap
|
page read and write
|
||
|
7FFA53229000
|
unkown
|
page readonly
|
||
|
1A881700000
|
heap
|
page read and write
|
||
|
25DB3B83000
|
heap
|
page read and write
|
||
|
263ADE8B000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
1E849978000
|
heap
|
page read and write
|
||
|
1E84904B000
|
heap
|
page read and write
|
||
|
483DF5F000
|
stack
|
page read and write
|
||
|
6BD7F7F000
|
stack
|
page read and write
|
||
|
263B3462000
|
heap
|
page read and write
|
||
|
1E849978000
|
heap
|
page read and write
|
||
|
5F0000
|
direct allocation
|
page execute and read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
2306DA80000
|
heap
|
page read and write
|
||
|
9FF7B5C000
|
stack
|
page read and write
|
||
|
263ADE92000
|
heap
|
page read and write
|
||
|
9C5437E000
|
stack
|
page read and write
|
||
|
2A1E000
|
stack
|
page read and write
|
||
|
7FFA53222000
|
unkown
|
page readonly
|
||
|
20B82030000
|
heap
|
page read and write
|
||
|
975BAF9000
|
stack
|
page read and write
|
||
|
7FFA531D1000
|
unkown
|
page execute read
|
||
|
20C10313000
|
heap
|
page read and write
|
||
|
263B34A6000
|
heap
|
page read and write
|
||
|
1E8490E8000
|
heap
|
page read and write
|
||
|
1E848FF0000
|
remote allocation
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
D532075000
|
stack
|
page read and write
|
||
|
BD22279000
|
stack
|
page read and write
|
||
|
21058860000
|
heap
|
page read and write
|
||
|
2105887D000
|
heap
|
page read and write
|
||
|
8EA000
|
heap
|
page read and write
|
||
|
7FFA53222000
|
unkown
|
page readonly
|
||
|
9FF827E000
|
stack
|
page read and write
|
||
|
1E84996D000
|
heap
|
page read and write
|
||
|
1E84998D000
|
heap
|
page read and write
|
||
|
8A398FE000
|
stack
|
page read and write
|
||
|
1A881713000
|
heap
|
page read and write
|
||
|
8A395D6000
|
stack
|
page read and write
|
||
|
1FD50973000
|
heap
|
page read and write
|
||
|
223D9B55000
|
heap
|
page read and write
|
||
|
1E84997A000
|
heap
|
page read and write
|
||
|
1E849E02000
|
heap
|
page read and write
|
||
|
20C10253000
|
heap
|
page read and write
|
||
|
1E849E00000
|
heap
|
page read and write
|
||
|
20C10030000
|
heap
|
page read and write
|
||
|
483E27E000
|
stack
|
page read and write
|
||
|
258B03F8000
|
heap
|
page read and write
|
||
|
D5551F9000
|
stack
|
page read and write
|
||
|
1E849978000
|
heap
|
page read and write
|
||
|
263ADF02000
|
heap
|
page read and write
|
||
|
1E848E80000
|
heap
|
page read and write
|
||
|
258B06D0000
|
heap
|
page read and write
|
||
|
1A881E02000
|
trusted library allocation
|
page read and write
|
||
|
BD21B1C000
|
stack
|
page read and write
|
||
|
1E849970000
|
heap
|
page read and write
|
||
|
20B82445000
|
heap
|
page read and write
|
||
|
263B3364000
|
trusted library allocation
|
page read and write
|
||
|
258B06D5000
|
heap
|
page read and write
|
||
|
1E84999D000
|
heap
|
page read and write
|
||
|
20B82350000
|
heap
|
page readonly
|
||
|
1E8499A1000
|
heap
|
page read and write
|
||
|
7FFA53226000
|
unkown
|
page read and write
|
||
|
1A881623000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
20B821E8000
|
heap
|
page read and write
|
||
|
20B821E0000
|
heap
|
page read and write
|
||
|
1E849048000
|
heap
|
page read and write
|
||
|
1E849950000
|
heap
|
page read and write
|
||
|
263B34FC000
|
heap
|
page read and write
|
||
|
263AE759000
|
heap
|
page read and write
|
||
|
20B82344000
|
heap
|
page read and write
|
||
|
1E849E02000
|
heap
|
page read and write
|
||
|
17E4212D000
|
heap
|
page read and write
|
||
|
20B82030000
|
unkown
|
page read and write
|
||
|
1A881450000
|
heap
|
page read and write
|
||
|
1A881602000
|
heap
|
page read and write
|
||
|
38D227B000
|
stack
|
page read and write
|
||
|
1E84996D000
|
heap
|
page read and write
|
||
|
BB4EA7E000
|
stack
|
page read and write
|
||
|
263ADC10000
|
heap
|
page read and write
|
||
|
263B3310000
|
trusted library allocation
|
page read and write
|
||
|
1E849989000
|
heap
|
page read and write
|
||
|
263B3420000
|
heap
|
page read and write
|
||
|
1FD50860000
|
heap
|
page read and write
|
||
|
263B370E000
|
trusted library allocation
|
page read and write
|
||
|
223D98B3000
|
heap
|
page read and write
|
||
|
17E41FE0000
|
heap
|
page read and write
|
||
|
223D98C6000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
1E8499CF000
|
heap
|
page read and write
|
||
|
983000
|
heap
|
page read and write
|
||
|
263ADF14000
|
heap
|
page read and write
|
||
|
20B82340000
|
heap
|
page read and write
|
||
|
7FFA531D0000
|
unkown
|
page readonly
|
||
|
1E849997000
|
heap
|
page read and write
|
||
|
D5550FA000
|
stack
|
page read and write
|
||
|
1FD507F0000
|
heap
|
page read and write
|
||
|
2306DD02000
|
heap
|
page read and write
|
||
|
1E849900000
|
heap
|
page read and write
|
||
|
7FFA53222000
|
unkown
|
page readonly
|
||
|
258B0300000
|
heap
|
page read and write
|
||
|
1E84998D000
|
heap
|
page read and write
|
||
|
7FFA53222000
|
unkown
|
page readonly
|
||
|
20B82344000
|
heap
|
page read and write
|
||
|
263ADE9D000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
1FD50B90000
|
trusted library allocation
|
page read and write
|
||
|
263ADEA8000
|
heap
|
page read and write
|
||
|
D554FF7000
|
stack
|
page read and write
|
||
|
20B82190000
|
heap
|
page read and write
|
||
|
1E849113000
|
heap
|
page read and write
|
||
|
1E8490A9000
|
heap
|
page read and write
|
||
|
20B82350000
|
heap
|
page readonly
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
20B82340000
|
heap
|
page read and write
|
||
|
263B3750000
|
trusted library allocation
|
page read and write
|
||
|
21058800000
|
heap
|
page read and write
|
||
|
938000
|
heap
|
page read and write
|
||
|
9FF837E000
|
stack
|
page read and write
|
||
|
223D9850000
|
heap
|
page read and write
|
||
|
258B043E000
|
heap
|
page read and write
|
||
|
258B2000000
|
heap
|
page read and write
|
||
|
D53217F000
|
stack
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
938000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
263B3860000
|
trusted library allocation
|
page read and write
|
||
|
27FB000
|
stack
|
page read and write
|
||
|
20C10248000
|
heap
|
page read and write
|
||
|
25DB3A50000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
1E849802000
|
heap
|
page read and write
|
||
|
D53227E000
|
stack
|
page read and write
|
||
|
1E84998B000
|
heap
|
page read and write
|
||
|
1E849049000
|
heap
|
page read and write
|
||
|
263AED01000
|
trusted library allocation
|
page read and write
|
||
|
1E84996D000
|
heap
|
page read and write
|
||
|
20B823B0000
|
remote allocation
|
page read and write
|
||
|
7FFA531D1000
|
unkown
|
page execute read
|
||
|
20C1028A000
|
heap
|
page read and write
|
||
|
BB4E70B000
|
stack
|
page read and write
|
||
|
17E42060000
|
heap
|
page read and write
|
||
|
263B343F000
|
heap
|
page read and write
|
||
|
1A8813E0000
|
heap
|
page read and write
|
||
|
6BB61AD000
|
stack
|
page read and write
|
||
|
263AE758000
|
heap
|
page read and write
|
||
|
D5554FB000
|
stack
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
263B33F0000
|
trusted library allocation
|
page read and write
|
||
|
263ADF07000
|
heap
|
page read and write
|
||
|
1E84990D000
|
heap
|
page read and write
|
||
|
1E849998000
|
heap
|
page read and write
|
||
|
29A0000
|
remote allocation
|
page read and write
|
||
|
263ADEFE000
|
heap
|
page read and write
|
||
|
294C000
|
stack
|
page read and write
|
||
|
258B05C0000
|
heap
|
page read and write
|
||
|
21058813000
|
heap
|
page read and write
|
||
|
D554E7F000
|
stack
|
page read and write
|
||
|
263B3721000
|
trusted library allocation
|
page read and write
|
||
|
20B82030000
|
unkown
|
page read and write
|
||
|
AD2000
|
heap
|
page read and write
|
||
|
17E42000000
|
heap
|
page read and write
|
||
|
258B043E000
|
heap
|
page read and write
|
||
|
6BD7FFC000
|
stack
|
page read and write
|
||
|
1E84998A000
|
heap
|
page read and write
|
||
|
1E849916000
|
heap
|
page read and write
|
||
|
263AE700000
|
heap
|
page read and write
|
||
|
1E84998B000
|
heap
|
page read and write
|
||
|
2306DD08000
|
heap
|
page read and write
|
||
|
714000
|
stack
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
263AE615000
|
heap
|
page read and write
|
||
|
7FFA53229000
|
unkown
|
page readonly
|
||
|
25DB3B70000
|
heap
|
page read and write
|
||
|
1E84998D000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
25DB3AC0000
|
heap
|
page read and write
|
||
|
21058852000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page readonly
|
||
|
1E849992000
|
heap
|
page read and write
|
||
|
20B822E0000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
263AE718000
|
heap
|
page read and write
|
||
|
20B823D0000
|
heap
|
page read and write
|
||
|
17E42045000
|
heap
|
page read and write
|
||
|
2306DD13000
|
heap
|
page read and write
|
||
|
263B344C000
|
heap
|
page read and write
|
||
|
1E84903C000
|
heap
|
page read and write
|
||
|
20B82170000
|
heap
|
page read and write
|
||
|
560000
|
remote allocation
|
page read and write
|
||
|
1E84997A000
|
heap
|
page read and write
|
||
|
7F0000
|
direct allocation
|
page execute and read and write
|
||
|
287D000
|
stack
|
page read and write
|
||
|
951000
|
heap
|
page read and write
|
||
|
7FFA531D0000
|
unkown
|
page readonly
|
||
|
8E2000
|
heap
|
page read and write
|
||
|
1FD5095B000
|
heap
|
page read and write
|
||
|
1E849991000
|
heap
|
page read and write
|
||
|
1E849976000
|
heap
|
page read and write
|
||
|
223D98B8000
|
heap
|
page read and write
|
||
|
21058750000
|
heap
|
page read and write
|
||
|
1FD50973000
|
heap
|
page read and write
|
||
|
1E849081000
|
heap
|
page read and write
|
||
|
263B3780000
|
remote allocation
|
page read and write
|
||
|
1E84996E000
|
heap
|
page read and write
|
||
|
1FD50B30000
|
trusted library allocation
|
page read and write
|
||
|
1E849970000
|
heap
|
page read and write
|
||
|
A24000
|
heap
|
page read and write
|
||
|
8A3987F000
|
stack
|
page read and write
|
||
|
263AE713000
|
heap
|
page read and write
|
||
|
223D98AB000
|
heap
|
page read and write
|
||
|
263ADC20000
|
heap
|
page read and write
|
||
|
210586E0000
|
heap
|
page read and write
|
||
|
8A8000
|
heap
|
page read and write
|
||
|
20B82170000
|
heap
|
page read and write
|
||
|
983000
|
heap
|
page read and write
|
||
|
983000
|
heap
|
page read and write
|
||
|
1FD50B80000
|
heap
|
page readonly
|
||
|
263AE602000
|
heap
|
page read and write
|
||
|
20B82190000
|
heap
|
page read and write
|
||
|
21058900000
|
heap
|
page read and write
|
||
|
BD21B9E000
|
stack
|
page read and write
|
||
|
20C1023C000
|
heap
|
page read and write
|
||
|
1E849054000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1E8499AE000
|
heap
|
page read and write
|
||
|
17E420C0000
|
heap
|
page read and write
|
||
|
258B03E0000
|
direct allocation
|
page execute and read and write
|
||
|
1E8499D0000
|
heap
|
page read and write
|
||
|
824000
|
heap
|
page read and write
|
||
|
258B041C000
|
heap
|
page read and write
|
||
|
1E8490D4000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
263ADE74000
|
heap
|
page read and write
|
||
|
7FFA531D1000
|
unkown
|
page execute read
|
||
|
1E849978000
|
heap
|
page read and write
|
||
|
277C000
|
stack
|
page read and write
|
||
|
1E84997F000
|
heap
|
page read and write
|
||
|
17E43970000
|
heap
|
page readonly
|
||
|
7FFA531D1000
|
unkown
|
page execute read
|
||
|
297F000
|
stack
|
page read and write
|
||
|
8A398FE000
|
stack
|
page read and write
|
||
|
263B3730000
|
trusted library allocation
|
page read and write
|
||
|
20B82440000
|
heap
|
page read and write
|
||
|
1E84990C000
|
heap
|
page read and write
|
||
|
1FD50C45000
|
heap
|
page read and write
|
||
|
263B3780000
|
remote allocation
|
page read and write
|
||
|
21059202000
|
trusted library allocation
|
page read and write
|
||
|
D5553FD000
|
stack
|
page read and write
|
||
|
38D2377000
|
stack
|
page read and write
|
||
|
20B822E0000
|
heap
|
page read and write
|
||
|
263B3350000
|
trusted library allocation
|
page read and write
|
||
|
483E3FB000
|
stack
|
page read and write
|
||
|
1E849047000
|
heap
|
page read and write
|
||
|
1E848F80000
|
trusted library allocation
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
263B3708000
|
trusted library allocation
|
page read and write
|
||
|
483DFDF000
|
stack
|
page read and write
|
||
|
2306DC65000
|
heap
|
page read and write
|
||
|
9C53FFD000
|
stack
|
page read and write
|
||
|
263ADEBC000
|
heap
|
page read and write
|
||
|
263ADE00000
|
heap
|
page read and write
|
||
|
951000
|
heap
|
page read and write
|
||
|
20B82440000
|
heap
|
page read and write
|
||
|
263B34E2000
|
heap
|
page read and write
|
||
|
1A881550000
|
trusted library allocation
|
page read and write
|
||
|
2680000
|
trusted library allocation
|
page read and write
|
||
|
263AE702000
|
heap
|
page read and write
|
||
|
263ADE79000
|
heap
|
page read and write
|
||
|
9FF817B000
|
stack
|
page read and write
|
||
|
20B82170000
|
heap
|
page read and write
|
||
|
1A881702000
|
heap
|
page read and write
|
||
|
1E849978000
|
heap
|
page read and write
|
||
|
2105888A000
|
heap
|
page read and write
|
||
|
21058848000
|
heap
|
page read and write
|
||
|
8DA000
|
heap
|
page read and write
|
||
|
8A3987F000
|
stack
|
page read and write
|
||
|
2306DC00000
|
heap
|
page read and write
|
||
|
1FD51740000
|
trusted library allocation
|
page read and write
|
||
|
263ADEAB000
|
heap
|
page read and write
|
||
|
263B34DD000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
BD225F9000
|
stack
|
page read and write
|
||
|
263ADE8D000
|
heap
|
page read and write
|
||
|
1FD50800000
|
trusted library allocation
|
page read and write
|
||
|
2A7B000
|
stack
|
page read and write
|
||
|
17E420C4000
|
heap
|
page read and write
|
||
|
1E84998A000
|
heap
|
page read and write
|
||
|
21058913000
|
heap
|
page read and write
|
||
|
D554BDC000
|
stack
|
page read and write
|
||
|
263B3508000
|
heap
|
page read and write
|
||
|
258B043E000
|
heap
|
page read and write
|
||
|
2105885C000
|
heap
|
page read and write
|
||
|
BD224FF000
|
unkown
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
1E849992000
|
heap
|
page read and write
|
||
|
9C5467F000
|
stack
|
page read and write
|
||
|
20B82300000
|
direct allocation
|
page execute and read and write
|
||
|
2105885D000
|
heap
|
page read and write
|
||
|
2306DC29000
|
heap
|
page read and write
|
||
|
1E8490BF000
|
heap
|
page read and write
|
||
|
20B823B0000
|
remote allocation
|
page read and write
|
||
|
2105885A000
|
heap
|
page read and write
|
||
|
2306DAF0000
|
heap
|
page read and write
|
||
|
975BB7E000
|
stack
|
page read and write
|
||
|
7FFA531D0000
|
unkown
|
page readonly
|
||
|
20C10300000
|
heap
|
page read and write
|
||
|
560000
|
remote allocation
|
page read and write
|
||
|
983000
|
heap
|
page read and write
|
||
|
17E420D0000
|
heap
|
page read and write
|
||
|
263ADE29000
|
heap
|
page read and write
|
||
|
7FFA53229000
|
unkown
|
page readonly
|
||
|
17E42121000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
1E8499B6000
|
heap
|
page read and write
|
||
|
263B34F9000
|
heap
|
page read and write
|
||
|
BD2207B000
|
stack
|
page read and write
|
||
|
263B3360000
|
trusted library allocation
|
page read and write
|
||
|
263ADE6F000
|
heap
|
page read and write
|
||
|
1E849056000
|
heap
|
page read and write
|
||
|
20C1024B000
|
heap
|
page read and write
|
||
|
1E849995000
|
heap
|
page read and write
|
||
|
20B82344000
|
heap
|
page read and write
|
||
|
1E849916000
|
heap
|
page read and write
|
||
|
913000
|
heap
|
page read and write
|
||
|
20B823D0000
|
heap
|
page read and write
|
||
|
975BA79000
|
stack
|
page read and write
|
||
|
1E84904D000
|
heap
|
page read and write
|
||
|
913000
|
heap
|
page read and write
|
||
|
263ADEB3000
|
heap
|
page read and write
|
||
|
263B34FB000
|
heap
|
page read and write
|
||
|
7FFA53229000
|
unkown
|
page readonly
|
||
|
1FD508F0000
|
trusted library allocation
|
page read and write
|
||
|
263ADD80000
|
trusted library allocation
|
page read and write
|
||
|
1E84907C000
|
heap
|
page read and write
|
||
|
38D247F000
|
stack
|
page read and write
|
||
|
BB4EC7B000
|
stack
|
page read and write
|
||
|
1E84991F000
|
heap
|
page read and write
|
||
|
951000
|
heap
|
page read and write
|
||
|
1FD5095A000
|
heap
|
page read and write
|
||
|
D5558FB000
|
stack
|
page read and write
|
||
|
1E849E02000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
258B03F0000
|
heap
|
page read and write
|
||
|
7FFA53226000
|
unkown
|
page read and write
|
||
|
6BD7E78000
|
stack
|
page read and write
|
||
|
223D98CA000
|
heap
|
page read and write
|
||
|
535000
|
stack
|
page read and write
|
||
|
223D98B8000
|
heap
|
page read and write
|
||
|
1FD50910000
|
heap
|
page read and write
|
||
|
26FE000
|
stack
|
page read and write
|
||
|
263B34F3000
|
heap
|
page read and write
|
||
|
258B0610000
|
heap
|
page readonly
|
||
|
263B33F0000
|
trusted library allocation
|
page read and write
|
||
|
8A398FE000
|
stack
|
page read and write
|
||
|
263B3330000
|
trusted library allocation
|
page read and write
|
||
|
20C1025C000
|
heap
|
page read and write
|
||
|
263B3415000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
2306DD00000
|
heap
|
page read and write
|
||
|
263AE704000
|
heap
|
page read and write
|
||
|
9C5477F000
|
stack
|
page read and write
|
||
|
1FD50B70000
|
trusted library allocation
|
page read and write
|
||
|
D5321FE000
|
stack
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
A95000
|
heap
|
page read and write
|
||
|
7FFA53229000
|
unkown
|
page readonly
|
||
|
1FD50C50000
|
trusted library allocation
|
page read and write
|
There are 656 hidden memdumps, click here to show them.