Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
3j6e3XaMWM.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x5444998a, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_3j6_fba2cce65653fd470a47b32105056b8d0cbec86_8bb0f05f_08946e59\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERDCD7.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sat May 14 11:44:53 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERDFC6.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE18C.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE245.tmp.csv
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE4C7.tmp.txt
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\3j6e3XaMWM.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\3j6e3XaMWM.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\3j6e3XaMWM.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\3j6e3XaMWM.dll,DllUnregisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\OuJdDSrmhvdmo\XuUuFKSi.dll"
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\system32\svchost.exe -k wusvcs -p -s WaaSMedicSvc
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\THydtigNYD\IHlj.dll"
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\3j6e3XaMWM.dll"
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\3j6e3XaMWM.dll",#1
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k WerSvcGroup
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -pss -s 468 -p 4308 -ip 4308
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 4308 -s 328
|
There are 9 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://23.239.0.12/c
|
unknown
|
|
|
|
https://23.239.0.12/
|
23.239.0.12
|
|
|
|
https://23.239.0.12/k
|
unknown
|
|
|
|
https://23.239.0.12/i
|
unknown
|
|
|
|
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
|
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
|
https://www.hotspotshield.com/terms/
|
unknown
|
||
|
https://www.pango.co/privacy
|
unknown
|
||
|
https://disneyplus.com/legal.
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
|
http://help.disneyplus.com.
|
unknown
|
||
|
https://support.hotspotshield.com/
|
unknown
|
||
|
http://schemas.xmlsoap.o
|
unknown
|
There are 4 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
23.239.0.12
|
unknown
|
United States
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\WaaS\WaaSMedic\State
|
BlockUntilTimeStatus
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\WaaS\WaaSMedic\Configuration
|
refreshAfter
|
||
|
\REGISTRY\A\{a41d64f6-1f13-a828-b12a-8a93160e0d61}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProgramId
|
||
|
\REGISTRY\A\{a41d64f6-1f13-a828-b12a-8a93160e0d61}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
FileId
|
||
|
\REGISTRY\A\{a41d64f6-1f13-a828-b12a-8a93160e0d61}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{a41d64f6-1f13-a828-b12a-8a93160e0d61}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LongPathHash
|
||
|
\REGISTRY\A\{a41d64f6-1f13-a828-b12a-8a93160e0d61}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Name
|
||
|
\REGISTRY\A\{a41d64f6-1f13-a828-b12a-8a93160e0d61}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Publisher
|
||
|
\REGISTRY\A\{a41d64f6-1f13-a828-b12a-8a93160e0d61}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Version
|
||
|
\REGISTRY\A\{a41d64f6-1f13-a828-b12a-8a93160e0d61}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinFileVersion
|
||
|
\REGISTRY\A\{a41d64f6-1f13-a828-b12a-8a93160e0d61}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinaryType
|
||
|
\REGISTRY\A\{a41d64f6-1f13-a828-b12a-8a93160e0d61}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductName
|
||
|
\REGISTRY\A\{a41d64f6-1f13-a828-b12a-8a93160e0d61}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductVersion
|
||
|
\REGISTRY\A\{a41d64f6-1f13-a828-b12a-8a93160e0d61}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LinkDate
|
||
|
\REGISTRY\A\{a41d64f6-1f13-a828-b12a-8a93160e0d61}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinProductVersion
|
||
|
\REGISTRY\A\{a41d64f6-1f13-a828-b12a-8a93160e0d61}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Size
|
||
|
\REGISTRY\A\{a41d64f6-1f13-a828-b12a-8a93160e0d61}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Language
|
||
|
\REGISTRY\A\{a41d64f6-1f13-a828-b12a-8a93160e0d61}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsPeFile
|
||
|
\REGISTRY\A\{a41d64f6-1f13-a828-b12a-8a93160e0d61}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsOsComponent
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug
|
ExceptionRecord
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
15B32F70000
|
direct allocation
|
page execute and read and write
|
|
|
|
1EAD22B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
1D50000
|
direct allocation
|
page execute and read and write
|
|
|
|
2750000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
22CC163C000
|
heap
|
page read and write
|
||
|
246C138A000
|
heap
|
page read and write
|
||
|
2CE9C024000
|
heap
|
page read and write
|
||
|
484000
|
heap
|
page read and write
|
||
|
22CC1638000
|
heap
|
page read and write
|
||
|
22CC168A000
|
heap
|
page read and write
|
||
|
12173A2F000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
246C084E000
|
heap
|
page read and write
|
||
|
24E29D80000
|
trusted library allocation
|
page read and write
|
||
|
22CC211A000
|
heap
|
page read and write
|
||
|
246C1382000
|
heap
|
page read and write
|
||
|
246C1390000
|
heap
|
page read and write
|
||
|
246C13A1000
|
heap
|
page read and write
|
||
|
ED1000
|
heap
|
page read and write
|
||
|
1CF14451000
|
heap
|
page read and write
|
||
|
24E29B41000
|
heap
|
page read and write
|
||
|
25F4025F000
|
heap
|
page read and write
|
||
|
1CAB8A66000
|
heap
|
page read and write
|
||
|
87EFD7E000
|
stack
|
page read and write
|
||
|
12173A54000
|
heap
|
page read and write
|
||
|
1EA50A7A000
|
heap
|
page read and write
|
||
|
246C137B000
|
heap
|
page read and write
|
||
|
12173A56000
|
heap
|
page read and write
|
||
|
245B000
|
stack
|
page read and write
|
||
|
1E74000
|
heap
|
page read and write
|
||
|
121739B7000
|
heap
|
page read and write
|
||
|
246C10E0000
|
remote allocation
|
page read and write
|
||
|
1633D950000
|
heap
|
page read and write
|
||
|
246C13A1000
|
heap
|
page read and write
|
||
|
246C0849000
|
heap
|
page read and write
|
||
|
7FF8BB911000
|
unkown
|
page execute read
|
||
|
1CF14190000
|
heap
|
page read and write
|
||
|
19607B0E000
|
trusted library allocation
|
page read and write
|
||
|
1CAB8A51000
|
heap
|
page read and write
|
||
|
19607823000
|
heap
|
page read and write
|
||
|
24E29B15000
|
heap
|
page read and write
|
||
|
1CAB8A4A000
|
heap
|
page read and write
|
||
|
1EAD20E0000
|
heap
|
page read and write
|
||
|
E4A46FE000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
24E29AD0000
|
heap
|
page read and write
|
||
|
246C1372000
|
heap
|
page read and write
|
||
|
246C1372000
|
heap
|
page read and write
|
||
|
196078A0000
|
heap
|
page read and write
|
||
|
1FD28283000
|
heap
|
page read and write
|
||
|
19603663000
|
trusted library allocation
|
page read and write
|
||
|
EA9B67E000
|
stack
|
page read and write
|
||
|
E4F357F000
|
stack
|
page read and write
|
||
|
246C0821000
|
heap
|
page read and write
|
||
|
246C1382000
|
heap
|
page read and write
|
||
|
22CC17A9000
|
heap
|
page read and write
|
||
|
1CF14413000
|
heap
|
page read and write
|
||
|
246C1356000
|
heap
|
page read and write
|
||
|
19602295000
|
heap
|
page read and write
|
||
|
246C1390000
|
heap
|
page read and write
|
||
|
4335FF000
|
stack
|
page read and write
|
||
|
E4F347F000
|
stack
|
page read and write
|
||
|
7FF8BB910000
|
unkown
|
page readonly
|
||
|
5FFD97F000
|
stack
|
page read and write
|
||
|
246C087E000
|
heap
|
page read and write
|
||
|
25F40313000
|
heap
|
page read and write
|
||
|
246C0780000
|
heap
|
page read and write
|
||
|
EA9B97F000
|
stack
|
page read and write
|
||
|
EA9B777000
|
stack
|
page read and write
|
||
|
24E29B1D000
|
heap
|
page read and write
|
||
|
1FD2503B000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
19607720000
|
trusted library allocation
|
page read and write
|
||
|
7EF0B7E000
|
stack
|
page read and write
|
||
|
15B32E61000
|
heap
|
page read and write
|
||
|
F48000
|
heap
|
page read and write
|
||
|
19602A00000
|
heap
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
246C1802000
|
heap
|
page read and write
|
||
|
1FD24FF0000
|
heap
|
page read and write
|
||
|
12173A2D000
|
heap
|
page read and write
|
||
|
25F40229000
|
heap
|
page read and write
|
||
|
22CC2100000
|
heap
|
page read and write
|
||
|
196032D0000
|
trusted library section
|
page readonly
|
||
|
246C087E000
|
heap
|
page read and write
|
||
|
1EA50A13000
|
heap
|
page read and write
|
||
|
121738C0000
|
heap
|
page read and write
|
||
|
246C084F000
|
heap
|
page read and write
|
||
|
4334FB000
|
stack
|
page read and write
|
||
|
1CF1444F000
|
heap
|
page read and write
|
||
|
372797F000
|
stack
|
page read and write
|
||
|
40416FF000
|
stack
|
page read and write
|
||
|
1FD2504F000
|
heap
|
page read and write
|
||
|
246C1370000
|
heap
|
page read and write
|
||
|
1CF14470000
|
heap
|
page read and write
|
||
|
246C084A000
|
heap
|
page read and write
|
||
|
19602B02000
|
heap
|
page read and write
|
||
|
66D2F7E000
|
stack
|
page read and write
|
||
|
1CAB8A29000
|
heap
|
page read and write
|
||
|
19607B00000
|
trusted library allocation
|
page read and write
|
||
|
19602B00000
|
heap
|
page read and write
|
||
|
246C1802000
|
heap
|
page read and write
|
||
|
196078FC000
|
heap
|
page read and write
|
||
|
E4F2DAE000
|
stack
|
page read and write
|
||
|
66D2DFE000
|
stack
|
page read and write
|
||
|
24E29A40000
|
heap
|
page read and write
|
||
|
7FF8BB910000
|
unkown
|
page readonly
|
||
|
15B32FA4000
|
heap
|
page read and write
|
||
|
2CE9C102000
|
heap
|
page read and write
|
||
|
404130E000
|
stack
|
page read and write
|
||
|
246C138A000
|
heap
|
page read and write
|
||
|
25F40252000
|
heap
|
page read and write
|
||
|
246C1375000
|
heap
|
page read and write
|
||
|
1CAB8A3C000
|
heap
|
page read and write
|
||
|
246C1311000
|
heap
|
page read and write
|
||
|
246C1382000
|
heap
|
page read and write
|
||
|
12173960000
|
heap
|
page read and write
|
||
|
246C1373000
|
heap
|
page read and write
|
||
|
246C13BD000
|
heap
|
page read and write
|
||
|
19602258000
|
heap
|
page read and write
|
||
|
15B32F60000
|
direct allocation
|
page execute and read and write
|
||
|
2CE9BF60000
|
trusted library allocation
|
page read and write
|
||
|
1633D6FE000
|
heap
|
page read and write
|
||
|
246C138F000
|
heap
|
page read and write
|
||
|
1FD26B20000
|
heap
|
page read and write
|
||
|
66D2FFE000
|
stack
|
page read and write
|
||
|
1AC8E3A0000
|
heap
|
page read and write
|
||
|
12173A52000
|
heap
|
page read and write
|
||
|
19607740000
|
trusted library allocation
|
page read and write
|
||
|
1EAD2060000
|
heap
|
page read and write
|
||
|
246C1822000
|
heap
|
page read and write
|
||
|
2CE9BE00000
|
heap
|
page read and write
|
||
|
1EE07120000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1EE07160000
|
heap
|
page read and write
|
||
|
E9E000
|
heap
|
page read and write
|
||
|
121739EB000
|
heap
|
page read and write
|
||
|
40000
|
heap
|
page read and write
|
||
|
121739EB000
|
heap
|
page read and write
|
||
|
12173CA0000
|
heap
|
page read and write
|
||
|
87F0077000
|
stack
|
page read and write
|
||
|
121739A5000
|
heap
|
page read and write
|
||
|
7FF8BB911000
|
unkown
|
page execute read
|
||
|
246C0848000
|
heap
|
page read and write
|
||
|
12173A52000
|
heap
|
page read and write
|
||
|
404138F000
|
stack
|
page read and write
|
||
|
1CF1444E000
|
heap
|
page read and write
|
||
|
1FD25058000
|
heap
|
page read and write
|
||
|
1FD25060000
|
heap
|
page read and write
|
||
|
15B34930000
|
heap
|
page read and write
|
||
|
F41000
|
heap
|
page read and write
|
||
|
24E2AB50000
|
trusted library allocation
|
page read and write
|
||
|
493000
|
heap
|
page read and write
|
||
|
246C138A000
|
heap
|
page read and write
|
||
|
19602277000
|
heap
|
page read and write
|
||
|
1EAD213D000
|
heap
|
page read and write
|
||
|
22CC166D000
|
heap
|
page read and write
|
||
|
196032C0000
|
trusted library section
|
page readonly
|
||
|
246C08F2000
|
heap
|
page read and write
|
||
|
246C1383000
|
heap
|
page read and write
|
||
|
1EAD22E0000
|
heap
|
page readonly
|
||
|
246C1377000
|
heap
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
E6CA50C000
|
stack
|
page read and write
|
||
|
19607750000
|
trusted library allocation
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
22CC17DB000
|
heap
|
page read and write
|
||
|
1EA50A3E000
|
heap
|
page read and write
|
||
|
2CE9C04A000
|
heap
|
page read and write
|
||
|
22CC1686000
|
heap
|
page read and write
|
||
|
246C08DF000
|
heap
|
page read and write
|
||
|
1EAD3CE4000
|
heap
|
page read and write
|
||
|
246C1802000
|
heap
|
page read and write
|
||
|
1960784E000
|
heap
|
page read and write
|
||
|
EFD000
|
heap
|
page read and write
|
||
|
121739EB000
|
heap
|
page read and write
|
||
|
19602A02000
|
heap
|
page read and write
|
||
|
121739B7000
|
heap
|
page read and write
|
||
|
246C1384000
|
heap
|
page read and write
|
||
|
1CF14449000
|
heap
|
page read and write
|
||
|
1633D660000
|
heap
|
page read and write
|
||
|
19602272000
|
heap
|
page read and write
|
||
|
2890000
|
heap
|
page read and write
|
||
|
246C1388000
|
heap
|
page read and write
|
||
|
246C0908000
|
heap
|
page read and write
|
||
|
1CAB8A13000
|
heap
|
page read and write
|
||
|
19607680000
|
trusted library allocation
|
page read and write
|
||
|
1CAB8B00000
|
heap
|
page read and write
|
||
|
233C000
|
stack
|
page read and write
|
||
|
12173A56000
|
heap
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
246C13A9000
|
heap
|
page read and write
|
||
|
246C137A000
|
heap
|
page read and write
|
||
|
19607B20000
|
trusted library allocation
|
page read and write
|
||
|
2CE9BDF0000
|
heap
|
page read and write
|
||
|
1EA50B13000
|
heap
|
page read and write
|
||
|
246C133F000
|
heap
|
page read and write
|
||
|
246C13B0000
|
heap
|
page read and write
|
||
|
246C0916000
|
heap
|
page read and write
|
||
|
1CAB8A70000
|
heap
|
page read and write
|
||
|
7BEA2FE000
|
stack
|
page read and write
|
||
|
1FD25010000
|
heap
|
page read and write
|
||
|
1CAB8A00000
|
heap
|
page read and write
|
||
|
15B32DF0000
|
heap
|
page read and write
|
||
|
1CAB8B02000
|
heap
|
page read and write
|
||
|
19607710000
|
trusted library allocation
|
page read and write
|
||
|
246C13B2000
|
heap
|
page read and write
|
||
|
1217398C000
|
heap
|
page read and write
|
||
|
22CC2002000
|
heap
|
page read and write
|
||
|
2CE9C081000
|
heap
|
page read and write
|
||
|
1FD2506D000
|
heap
|
page read and write
|
||
|
19607831000
|
heap
|
page read and write
|
||
|
7EF0F7E000
|
stack
|
page read and write
|
||
|
246C138F000
|
heap
|
page read and write
|
||
|
1633D955000
|
heap
|
page read and write
|
||
|
19602213000
|
heap
|
page read and write
|
||
|
7FF8BB966000
|
unkown
|
page read and write
|
||
|
7BE9EFF000
|
stack
|
page read and write
|
||
|
F2A000
|
heap
|
page read and write
|
||
|
246C08B2000
|
heap
|
page read and write
|
||
|
E4F30FB000
|
stack
|
page read and write
|
||
|
246C13D8000
|
heap
|
page read and write
|
||
|
1FD25030000
|
heap
|
page read and write
|
||
|
E68000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
246C137A000
|
heap
|
page read and write
|
||
|
196077E0000
|
trusted library allocation
|
page read and write
|
||
|
12173A2D000
|
heap
|
page read and write
|
||
|
22CC1540000
|
heap
|
page read and write
|
||
|
19607B50000
|
trusted library allocation
|
page read and write
|
||
|
246C0870000
|
heap
|
page read and write
|
||
|
5FFD8FF000
|
stack
|
page read and write
|
||
|
1CAB8A7A000
|
heap
|
page read and write
|
||
|
EA9B10E000
|
stack
|
page read and write
|
||
|
246C1818000
|
heap
|
page read and write
|
||
|
246C1388000
|
heap
|
page read and write
|
||
|
1EFF000
|
stack
|
page read and write
|
||
|
246C1379000
|
heap
|
page read and write
|
||
|
246C137A000
|
heap
|
page read and write
|
||
|
22CC1600000
|
heap
|
page read and write
|
||
|
4333FB000
|
stack
|
page read and write
|
||
|
2CE9C076000
|
heap
|
page read and write
|
||
|
E4A487E000
|
stack
|
page read and write
|
||
|
2E8F000
|
stack
|
page read and write
|
||
|
1EA507F0000
|
heap
|
page read and write
|
||
|
246C138E000
|
heap
|
page read and write
|
||
|
1CAB8A56000
|
heap
|
page read and write
|
||
|
196078A3000
|
heap
|
page read and write
|
||
|
2CE9C055000
|
heap
|
page read and write
|
||
|
246C08F8000
|
heap
|
page read and write
|
||
|
1EAD3BF0000
|
heap
|
page read and write
|
||
|
1EA51202000
|
trusted library allocation
|
page read and write
|
||
|
246C131C000
|
heap
|
page read and write
|
||
|
AC42EFE000
|
stack
|
page read and write
|
||
|
2880000
|
heap
|
page read and write
|
||
|
19607710000
|
trusted library allocation
|
page read and write
|
||
|
19607B40000
|
trusted library allocation
|
page read and write
|
||
|
1AC8E3A7000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
1CF14200000
|
heap
|
page read and write
|
||
|
246C1372000
|
heap
|
page read and write
|
||
|
7FF8BB962000
|
unkown
|
page readonly
|
||
|
25F40308000
|
heap
|
page read and write
|
||
|
22CC2902000
|
heap
|
page read and write
|
||
|
EA2000
|
heap
|
page read and write
|
||
|
E4F327E000
|
stack
|
page read and write
|
||
|
AC42E7F000
|
stack
|
page read and write
|
||
|
247FFFF000
|
stack
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
87F037A000
|
stack
|
page read and write
|
||
|
19602000000
|
heap
|
page read and write
|
||
|
196031E0000
|
trusted library allocation
|
page read and write
|
||
|
22CC16A2000
|
heap
|
page read and write
|
||
|
25F40130000
|
heap
|
page read and write
|
||
|
22CC1646000
|
heap
|
page read and write
|
||
|
EA2000
|
heap
|
page read and write
|
||
|
246C1388000
|
heap
|
page read and write
|
||
|
66D2EFE000
|
stack
|
page read and write
|
||
|
246C0854000
|
heap
|
page read and write
|
||
|
432F9A000
|
stack
|
page read and write
|
||
|
246C1395000
|
heap
|
page read and write
|
||
|
19607720000
|
trusted library allocation
|
page read and write
|
||
|
19602B59000
|
heap
|
page read and write
|
||
|
1633D6D7000
|
heap
|
page read and write
|
||
|
19602291000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
246C1390000
|
heap
|
page read and write
|
||
|
246C0856000
|
heap
|
page read and write
|
||
|
F2C000
|
heap
|
page read and write
|
||
|
3727CFF000
|
stack
|
page read and write
|
||
|
246C13A3000
|
heap
|
page read and write
|
||
|
1EA50A24000
|
heap
|
page read and write
|
||
|
246C085C000
|
heap
|
page read and write
|
||
|
23DE000
|
stack
|
page read and write
|
||
|
7FF8BB969000
|
unkown
|
page readonly
|
||
|
121739C4000
|
heap
|
page read and write
|
||
|
87EFF78000
|
stack
|
page read and write
|
||
|
246C0851000
|
heap
|
page read and write
|
||
|
1633D6E5000
|
heap
|
page read and write
|
||
|
87EFC7C000
|
stack
|
page read and write
|
||
|
1EAD20B0000
|
heap
|
page read and write
|
||
|
246C1388000
|
heap
|
page read and write
|
||
|
121739CA000
|
heap
|
page read and write
|
||
|
1633D6C0000
|
heap
|
page read and write
|
||
|
246C084D000
|
heap
|
page read and write
|
||
|
24E29B1D000
|
heap
|
page read and write
|
||
|
246C137B000
|
heap
|
page read and write
|
||
|
7FF8BB911000
|
unkown
|
page execute read
|
||
|
246C1390000
|
heap
|
page read and write
|
||
|
246C1372000
|
heap
|
page read and write
|
||
|
22CC17EB000
|
heap
|
page read and write
|
||
|
1633D6E8000
|
heap
|
page read and write
|
||
|
246C085B000
|
heap
|
page read and write
|
||
|
2CE9C070000
|
heap
|
page read and write
|
||
|
2CE9C113000
|
heap
|
page read and write
|
||
|
7BEA3FE000
|
stack
|
page read and write
|
||
|
7BEA1F7000
|
stack
|
page read and write
|
||
|
1AC8E605000
|
heap
|
page read and write
|
||
|
F80000
|
direct allocation
|
page execute and read and write
|
||
|
AC4307F000
|
stack
|
page read and write
|
||
|
24E29AB0000
|
heap
|
page read and write
|
||
|
24802FE000
|
stack
|
page read and write
|
||
|
246C0829000
|
heap
|
page read and write
|
||
|
13B4AFE000
|
stack
|
page read and write
|
||
|
246C181A000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
1CF14300000
|
trusted library allocation
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
1CF14500000
|
heap
|
page read and write
|
||
|
1CF14502000
|
heap
|
page read and write
|
||
|
19607818000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
246C138A000
|
heap
|
page read and write
|
||
|
1CF1444B000
|
heap
|
page read and write
|
||
|
1FD252AB000
|
heap
|
page read and write
|
||
|
66D2D7B000
|
stack
|
page read and write
|
||
|
4332FE000
|
stack
|
page read and write
|
||
|
1633D700000
|
heap
|
page read and write
|
||
|
24E29D70000
|
heap
|
page read and write
|
||
|
1CAB8B08000
|
heap
|
page read and write
|
||
|
25F4023C000
|
heap
|
page read and write
|
||
|
2D6B000
|
stack
|
page read and write
|
||
|
B10000
|
remote allocation
|
page read and write
|
||
|
22CC210A000
|
heap
|
page read and write
|
||
|
37279FE000
|
stack
|
page read and write
|
||
|
246C139F000
|
heap
|
page read and write
|
||
|
246C138F000
|
heap
|
page read and write
|
||
|
19607B21000
|
trusted library allocation
|
page read and write
|
||
|
246C137A000
|
heap
|
page read and write
|
||
|
24E29D10000
|
trusted library allocation
|
page read and write
|
||
|
1EAD1FD0000
|
heap
|
page read and write
|
||
|
12173CA5000
|
heap
|
page read and write
|
||
|
246C1390000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
1CAB8A72000
|
heap
|
page read and write
|
||
|
12173A4E000
|
heap
|
page read and write
|
||
|
43337E000
|
stack
|
page read and write
|
||
|
7BEA0FC000
|
stack
|
page read and write
|
||
|
87EFE7C000
|
stack
|
page read and write
|
||
|
2F2E000
|
stack
|
page read and write
|
||
|
246C138A000
|
heap
|
page read and write
|
||
|
19603310000
|
trusted library section
|
page readonly
|
||
|
2F50000
|
remote allocation
|
page read and write
|
||
|
1EAD2360000
|
heap
|
page read and write
|
||
|
246C13A1000
|
heap
|
page read and write
|
||
|
E4A47FF000
|
stack
|
page read and write
|
||
|
246C1380000
|
heap
|
page read and write
|
||
|
248027E000
|
stack
|
page read and write
|
||
|
246C134E000
|
heap
|
page read and write
|
||
|
2CE9C000000
|
heap
|
page read and write
|
||
|
1E70000
|
heap
|
page read and write
|
||
|
19602B59000
|
heap
|
page read and write
|
||
|
2FCF000
|
stack
|
page read and write
|
||
|
22CC2813000
|
heap
|
page read and write
|
||
|
4CE000
|
heap
|
page read and write
|
||
|
15B32E72000
|
heap
|
page read and write
|
||
|
121739A5000
|
heap
|
page read and write
|
||
|
19607B70000
|
remote allocation
|
page read and write
|
||
|
22CC1652000
|
heap
|
page read and write
|
||
|
25F40265000
|
heap
|
page read and write
|
||
|
15B32C90000
|
heap
|
page read and write
|
||
|
1960223E000
|
heap
|
page read and write
|
||
|
1EA50A02000
|
heap
|
page read and write
|
||
|
66D2E7F000
|
stack
|
page read and write
|
||
|
1AC8E2F0000
|
heap
|
page read and write
|
||
|
2CE9C108000
|
heap
|
page read and write
|
||
|
3727C79000
|
stack
|
page read and write
|
||
|
1EA507E0000
|
heap
|
page read and write
|
||
|
13B49FB000
|
stack
|
page read and write
|
||
|
E6CA8F9000
|
stack
|
page read and write
|
||
|
12173968000
|
heap
|
page read and write
|
||
|
EA9B87E000
|
stack
|
page read and write
|
||
|
22CC21B4000
|
heap
|
page read and write
|
||
|
7EF0AFF000
|
stack
|
page read and write
|
||
|
196032F0000
|
trusted library section
|
page readonly
|
||
|
7FF8BB969000
|
unkown
|
page readonly
|
||
|
246C1397000
|
heap
|
page read and write
|
||
|
22BE000
|
stack
|
page read and write
|
||
|
19602070000
|
heap
|
page read and write
|
||
|
22CC21EF000
|
heap
|
page read and write
|
||
|
2CE9C802000
|
trusted library allocation
|
page read and write
|
||
|
15B32FA0000
|
heap
|
page read and write
|
||
|
196078AC000
|
heap
|
page read and write
|
||
|
121739C4000
|
heap
|
page read and write
|
||
|
24E2AB00000
|
trusted library allocation
|
page read and write
|
||
|
22CC1713000
|
heap
|
page read and write
|
||
|
1EE07175000
|
heap
|
page read and write
|
||
|
E4A467E000
|
stack
|
page read and write
|
||
|
19602B18000
|
heap
|
page read and write
|
||
|
246C137C000
|
heap
|
page read and write
|
||
|
246C07B0000
|
trusted library allocation
|
page read and write
|
||
|
24E29D30000
|
trusted library allocation
|
page read and write
|
||
|
7FF8BB966000
|
unkown
|
page read and write
|
||
|
400000
|
heap
|
page read and write
|
||
|
1633D6CB000
|
heap
|
page read and write
|
||
|
19607670000
|
trusted library allocation
|
page read and write
|
||
|
19602313000
|
heap
|
page read and write
|
||
|
246C137C000
|
heap
|
page read and write
|
||
|
87EFCFD000
|
stack
|
page read and write
|
||
|
1EAD2365000
|
heap
|
page read and write
|
||
|
1EA50B00000
|
heap
|
page read and write
|
||
|
4B3000
|
heap
|
page read and write
|
||
|
7FF8BB910000
|
unkown
|
page readonly
|
||
|
EA9B5FB000
|
stack
|
page read and write
|
||
|
565000
|
heap
|
page read and write
|
||
|
19602329000
|
heap
|
page read and write
|
||
|
19607855000
|
heap
|
page read and write
|
||
|
1D20000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
12173930000
|
remote allocation
|
page read and write
|
||
|
1CF1444C000
|
heap
|
page read and write
|
||
|
24E29D75000
|
heap
|
page read and write
|
||
|
246C13BD000
|
heap
|
page read and write
|
||
|
404167E000
|
stack
|
page read and write
|
||
|
24E29CA0000
|
heap
|
page read and write
|
||
|
22CC17E3000
|
heap
|
page read and write
|
||
|
247FEF5000
|
stack
|
page read and write
|
||
|
1CF1444A000
|
heap
|
page read and write
|
||
|
22CC2125000
|
heap
|
page read and write
|
||
|
AC42BFC000
|
stack
|
page read and write
|
||
|
1CF14508000
|
heap
|
page read and write
|
||
|
1CAB8980000
|
heap
|
page read and write
|
||
|
1CF14482000
|
heap
|
page read and write
|
||
|
19602229000
|
heap
|
page read and write
|
||
|
19607B70000
|
remote allocation
|
page read and write
|
||
|
2CE9C100000
|
heap
|
page read and write
|
||
|
246C181A000
|
heap
|
page read and write
|
||
|
22CC16A7000
|
heap
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
12173B31000
|
heap
|
page read and write
|
||
|
12173A4E000
|
heap
|
page read and write
|
||
|
1D90000
|
heap
|
page read and write
|
||
|
40417FB000
|
stack
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
66D307F000
|
stack
|
page read and write
|
||
|
2F50000
|
remote allocation
|
page read and write
|
||
|
246C138F000
|
heap
|
page read and write
|
||
|
22CC1672000
|
heap
|
page read and write
|
||
|
2CEC000
|
stack
|
page read and write
|
||
|
1EA50A00000
|
heap
|
page read and write
|
||
|
E4F2D2E000
|
stack
|
page read and write
|
||
|
246C1374000
|
heap
|
page read and write
|
||
|
246C1379000
|
heap
|
page read and write
|
||
|
F2A000
|
heap
|
page read and write
|
||
|
87F047F000
|
unkown
|
page read and write
|
||
|
246C0889000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
22CC2132000
|
heap
|
page read and write
|
||
|
2F50000
|
remote allocation
|
page read and write
|
||
|
22CC1679000
|
heap
|
page read and write
|
||
|
E4A4CFF000
|
stack
|
page read and write
|
||
|
22CC164B000
|
heap
|
page read and write
|
||
|
1AC8E3CE000
|
heap
|
page read and write
|
||
|
19602200000
|
heap
|
page read and write
|
||
|
1CAB8910000
|
heap
|
page read and write
|
||
|
22CC16CB000
|
heap
|
page read and write
|
||
|
1CAB8A66000
|
heap
|
page read and write
|
||
|
1CAB8920000
|
heap
|
page read and write
|
||
|
66D337F000
|
stack
|
page read and write
|
||
|
246C1802000
|
heap
|
page read and write
|
||
|
13B43AB000
|
stack
|
page read and write
|
||
|
1633D5E0000
|
heap
|
page read and write
|
||
|
AC430FE000
|
stack
|
page read and write
|
||
|
AC42FFB000
|
stack
|
page read and write
|
||
|
196078FA000
|
heap
|
page read and write
|
||
|
246C138A000
|
heap
|
page read and write
|
||
|
7FF8BB911000
|
unkown
|
page execute read
|
||
|
12173A56000
|
heap
|
page read and write
|
||
|
246C138F000
|
heap
|
page read and write
|
||
|
1EA50A5A000
|
heap
|
page read and write
|
||
|
25F40120000
|
heap
|
page read and write
|
||
|
12173A52000
|
heap
|
page read and write
|
||
|
196078FE000
|
heap
|
page read and write
|
||
|
246C1388000
|
heap
|
page read and write
|
||
|
19602B18000
|
heap
|
page read and write
|
||
|
19603300000
|
trusted library section
|
page readonly
|
||
|
196078E1000
|
heap
|
page read and write
|
||
|
7FF8BB910000
|
unkown
|
page readonly
|
||
|
246C1818000
|
heap
|
page read and write
|
||
|
66D2877000
|
stack
|
page read and write
|
||
|
1EAD3CE0000
|
heap
|
page read and write
|
||
|
2CE9C088000
|
heap
|
page read and write
|
||
|
246C138F000
|
heap
|
page read and write
|
||
|
12173A2F000
|
heap
|
page read and write
|
||
|
87F017F000
|
stack
|
page read and write
|
||
|
3727D7E000
|
stack
|
page read and write
|
||
|
1CF14C02000
|
trusted library allocation
|
page read and write
|
||
|
246C1377000
|
heap
|
page read and write
|
||
|
F47000
|
heap
|
page read and write
|
||
|
2CE9BE60000
|
heap
|
page read and write
|
||
|
24E2AAE0000
|
heap
|
page readonly
|
||
|
15B32E61000
|
heap
|
page read and write
|
||
|
1FD25037000
|
heap
|
page read and write
|
||
|
196076F0000
|
trusted library allocation
|
page read and write
|
||
|
7BE9E7E000
|
stack
|
page read and write
|
||
|
22CC21B0000
|
heap
|
page read and write
|
||
|
19607902000
|
heap
|
page read and write
|
||
|
246C13CD000
|
heap
|
page read and write
|
||
|
1AC8E600000
|
heap
|
page read and write
|
||
|
196032E0000
|
trusted library section
|
page readonly
|
||
|
1FD28390000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
7EF0A7B000
|
stack
|
page read and write
|
||
|
15B32E30000
|
heap
|
page read and write
|
||
|
66D2C7A000
|
stack
|
page read and write
|
||
|
22CC1613000
|
heap
|
page read and write
|
||
|
246C1300000
|
heap
|
page read and write
|
||
|
E6CA979000
|
stack
|
page read and write
|
||
|
43327E000
|
stack
|
page read and write
|
||
|
1633D6E7000
|
heap
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
19607905000
|
heap
|
page read and write
|
||
|
404177E000
|
stack
|
page read and write
|
||
|
12173A4E000
|
heap
|
page read and write
|
||
|
22CC164D000
|
heap
|
page read and write
|
||
|
1CF141A0000
|
heap
|
page read and write
|
||
|
7EF0D7B000
|
stack
|
page read and write
|
||
|
246C138C000
|
heap
|
page read and write
|
||
|
1EE07168000
|
heap
|
page read and write
|
||
|
22CC14F0000
|
heap
|
page read and write
|
||
|
FA5000
|
heap
|
page read and write
|
||
|
246C138A000
|
heap
|
page read and write
|
||
|
246C138A000
|
heap
|
page read and write
|
||
|
1FD25069000
|
heap
|
page read and write
|
||
|
7BE9BEB000
|
stack
|
page read and write
|
||
|
25F4024E000
|
heap
|
page read and write
|
||
|
25F40302000
|
heap
|
page read and write
|
||
|
7FF8BB966000
|
unkown
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
15B32F40000
|
heap
|
page read and write
|
||
|
66D267C000
|
stack
|
page read and write
|
||
|
1FD25062000
|
heap
|
page read and write
|
||
|
22CC162F000
|
heap
|
page read and write
|
||
|
246C1399000
|
heap
|
page read and write
|
||
|
22CC1643000
|
heap
|
page read and write
|
||
|
1FD2504E000
|
heap
|
page read and write
|
||
|
1EA50B02000
|
heap
|
page read and write
|
||
|
E4A4C7A000
|
stack
|
page read and write
|
||
|
43357F000
|
stack
|
page read and write
|
||
|
12173A58000
|
heap
|
page read and write
|
||
|
22CC2830000
|
heap
|
page read and write
|
||
|
22CC210C000
|
heap
|
page read and write
|
||
|
246C1377000
|
heap
|
page read and write
|
||
|
15B32E5C000
|
heap
|
page read and write
|
||
|
1CAB89B0000
|
trusted library allocation
|
page read and write
|
||
|
12173A2F000
|
heap
|
page read and write
|
||
|
22CC16C2000
|
heap
|
page read and write
|
||
|
121739C7000
|
heap
|
page read and write
|
||
|
246C1313000
|
heap
|
page read and write
|
||
|
1FD25049000
|
heap
|
page read and write
|
||
|
22CC1629000
|
heap
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
15B32FB0000
|
heap
|
page readonly
|
||
|
19602300000
|
heap
|
page read and write
|
||
|
24E2A8C0000
|
trusted library allocation
|
page read and write
|
||
|
13B47FE000
|
stack
|
page read and write
|
||
|
1633D640000
|
heap
|
page read and write
|
||
|
1CAB9402000
|
trusted library allocation
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
E4A497C000
|
stack
|
page read and write
|
||
|
196022AE000
|
heap
|
page read and write
|
||
|
1FD25064000
|
heap
|
page read and write
|
||
|
66D2B7F000
|
stack
|
page read and write
|
||
|
19607754000
|
trusted library allocation
|
page read and write
|
||
|
24E29D20000
|
trusted library allocation
|
page read and write
|
||
|
246C133F000
|
heap
|
page read and write
|
||
|
1CF14513000
|
heap
|
page read and write
|
||
|
196078DB000
|
heap
|
page read and write
|
||
|
246C1382000
|
heap
|
page read and write
|
||
|
F2C000
|
heap
|
page read and write
|
||
|
2884000
|
heap
|
page read and write
|
||
|
19602170000
|
trusted library allocation
|
page read and write
|
||
|
246C13B2000
|
heap
|
page read and write
|
||
|
15B32FD0000
|
heap
|
page read and write
|
||
|
24E29AD8000
|
heap
|
page read and write
|
||
|
246C0800000
|
heap
|
page read and write
|
||
|
22CC21DE000
|
heap
|
page read and write
|
||
|
19607800000
|
heap
|
page read and write
|
||
|
12173B31000
|
heap
|
page read and write
|
||
|
19602256000
|
heap
|
page read and write
|
||
|
246C1202000
|
heap
|
page read and write
|
||
|
19607B30000
|
trusted library allocation
|
page read and write
|
||
|
B10000
|
remote allocation
|
page read and write
|
||
|
F47000
|
heap
|
page read and write
|
||
|
1CF1443C000
|
heap
|
page read and write
|
||
|
7FF8BB962000
|
unkown
|
page readonly
|
||
|
22CC14E0000
|
heap
|
page read and write
|
||
|
196022A1000
|
heap
|
page read and write
|
||
|
246C08C8000
|
heap
|
page read and write
|
||
|
246C1374000
|
heap
|
page read and write
|
||
|
246C1372000
|
heap
|
page read and write
|
||
|
EA9B18E000
|
stack
|
page read and write
|
||
|
43B000
|
heap
|
page read and write
|
||
|
12173930000
|
remote allocation
|
page read and write
|
||
|
4041286000
|
stack
|
page read and write
|
||
|
7FF8BB969000
|
unkown
|
page readonly
|
||
|
1AC8E3AE000
|
heap
|
page read and write
|
||
|
1FD2505C000
|
heap
|
page read and write
|
||
|
E4A43CB000
|
stack
|
page read and write
|
||
|
246C1372000
|
heap
|
page read and write
|
||
|
24E29A50000
|
trusted library allocation
|
page read and write
|
||
|
246C138F000
|
heap
|
page read and write
|
||
|
246C13A3000
|
heap
|
page read and write
|
||
|
1633D6E3000
|
heap
|
page read and write
|
||
|
246C0813000
|
heap
|
page read and write
|
||
|
66D297C000
|
stack
|
page read and write
|
||
|
13B48FB000
|
stack
|
page read and write
|
||
|
19602302000
|
heap
|
page read and write
|
||
|
E4A4B7F000
|
stack
|
page read and write
|
||
|
15B32DD0000
|
heap
|
page read and write
|
||
|
C6183BD000
|
stack
|
page read and write
|
||
|
19602316000
|
heap
|
page read and write
|
||
|
19602180000
|
trusted library section
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
196078F2000
|
heap
|
page read and write
|
||
|
ED3000
|
heap
|
page read and write
|
||
|
12173930000
|
remote allocation
|
page read and write
|
||
|
246C0855000
|
heap
|
page read and write
|
||
|
1CAB8B13000
|
heap
|
page read and write
|
||
|
246C13B4000
|
heap
|
page read and write
|
||
|
246C0902000
|
heap
|
page read and write
|
||
|
246C1386000
|
heap
|
page read and write
|
||
|
1CF14475000
|
heap
|
page read and write
|
||
|
2CE9C013000
|
heap
|
page read and write
|
||
|
1EAD212C000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
246C1377000
|
heap
|
page read and write
|
||
|
19607B08000
|
trusted library allocation
|
page read and write
|
||
|
19602A15000
|
heap
|
page read and write
|
||
|
25F4027E000
|
heap
|
page read and write
|
||
|
19603670000
|
trusted library allocation
|
page read and write
|
||
|
1EAD2040000
|
heap
|
page read and write
|
||
|
25F40200000
|
heap
|
page read and write
|
||
|
246C1822000
|
heap
|
page read and write
|
||
|
19602D01000
|
trusted library allocation
|
page read and write
|
||
|
246C0852000
|
heap
|
page read and write
|
||
|
2C6F000
|
stack
|
page read and write
|
||
|
1FD25052000
|
heap
|
page read and write
|
||
|
246C13CC000
|
heap
|
page read and write
|
||
|
247FF7F000
|
stack
|
page read and write
|
||
|
1CAB8A53000
|
heap
|
page read and write
|
||
|
1633D6D2000
|
heap
|
page read and write
|
||
|
246C1364000
|
heap
|
page read and write
|
||
|
246C137B000
|
heap
|
page read and write
|
||
|
ED3000
|
heap
|
page read and write
|
||
|
25F401C0000
|
trusted library allocation
|
page read and write
|
||
|
22CC17F4000
|
heap
|
page read and write
|
||
|
22CC2900000
|
heap
|
page read and write
|
||
|
121738A0000
|
heap
|
page read and write
|
||
|
F4000
|
stack
|
page read and write
|
||
|
1EA50950000
|
trusted library allocation
|
page read and write
|
||
|
24E29D79000
|
heap
|
page read and write
|
||
|
1FD24EB0000
|
heap
|
page read and write
|
||
|
37278FA000
|
stack
|
page read and write
|
||
|
246C0857000
|
heap
|
page read and write
|
||
|
3727DFC000
|
stack
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
246C1800000
|
heap
|
page read and write
|
||
|
7BE9FFB000
|
stack
|
page read and write
|
||
|
1633D706000
|
heap
|
page read and write
|
||
|
22CC16B7000
|
heap
|
page read and write
|
||
|
1FD252A5000
|
heap
|
page read and write
|
||
|
1FD252A0000
|
heap
|
page read and write
|
||
|
246C138F000
|
heap
|
page read and write
|
||
|
E4F3377000
|
stack
|
page read and write
|
||
|
196078EB000
|
heap
|
page read and write
|
||
|
19607700000
|
trusted library allocation
|
page read and write
|
||
|
246C13B4000
|
heap
|
page read and write
|
||
|
1CF14400000
|
heap
|
page read and write
|
||
|
E4A4A7A000
|
stack
|
page read and write
|
||
|
E6CAAF9000
|
stack
|
page read and write
|
||
|
1633D6EF000
|
heap
|
page read and write
|
||
|
1EE070B0000
|
heap
|
page read and write
|
||
|
246C137A000
|
heap
|
page read and write
|
||
|
246C0913000
|
heap
|
page read and write
|
||
|
246C08B5000
|
heap
|
page read and write
|
||
|
121739CB000
|
heap
|
page read and write
|
||
|
43347D000
|
stack
|
page read and write
|
||
|
246C137E000
|
heap
|
page read and write
|
||
|
24E2AAD0000
|
trusted library allocation
|
page read and write
|
||
|
19607B24000
|
trusted library allocation
|
page read and write
|
||
|
246C13B3000
|
heap
|
page read and write
|
||
|
19602279000
|
heap
|
page read and write
|
||
|
1EAD20D0000
|
direct allocation
|
page execute and read and write
|
||
|
66D2A7A000
|
stack
|
page read and write
|
||
|
25F40300000
|
heap
|
page read and write
|
||
|
1960228F000
|
heap
|
page read and write
|
||
|
7EF0E77000
|
stack
|
page read and write
|
||
|
25F40213000
|
heap
|
page read and write
|
||
|
246C1802000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
1633D6EF000
|
heap
|
page read and write
|
||
|
22CC2802000
|
heap
|
page read and write
|
||
|
246C084C000
|
heap
|
page read and write
|
||
|
EA9B08B000
|
stack
|
page read and write
|
||
|
12173992000
|
heap
|
page read and write
|
||
|
7FF8BB966000
|
unkown
|
page read and write
|
||
|
22CC15B0000
|
trusted library allocation
|
page read and write
|
||
|
87F027D000
|
stack
|
page read and write
|
||
|
66D317C000
|
stack
|
page read and write
|
||
|
246C1843000
|
heap
|
page read and write
|
||
|
19607841000
|
heap
|
page read and write
|
||
|
22CC1699000
|
heap
|
page read and write
|
||
|
12173830000
|
heap
|
page read and write
|
||
|
19602010000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
F47000
|
heap
|
page read and write
|
||
|
1CAB8A4F000
|
heap
|
page read and write
|
||
|
246C08E6000
|
heap
|
page read and write
|
||
|
25F40C02000
|
trusted library allocation
|
page read and write
|
||
|
87F03FF000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1CAB8A4C000
|
heap
|
page read and write
|
||
|
22CC1625000
|
heap
|
page read and write
|
||
|
7EF107F000
|
stack
|
page read and write
|
||
|
196078FC000
|
heap
|
page read and write
|
||
|
1FD28B90000
|
heap
|
page read and write
|
||
|
1FD25049000
|
heap
|
page read and write
|
||
|
1AC8E3C6000
|
heap
|
page read and write
|
||
|
19607902000
|
heap
|
page read and write
|
||
|
1FD25052000
|
heap
|
page read and write
|
||
|
19607B70000
|
remote allocation
|
page read and write
|
||
|
1633D6FF000
|
heap
|
page read and write
|
||
|
F47000
|
heap
|
page read and write
|
||
|
E4F31FB000
|
stack
|
page read and write
|
||
|
246C1802000
|
heap
|
page read and write
|
||
|
1AC8E190000
|
heap
|
page read and write
|
||
|
25F4028B000
|
heap
|
page read and write
|
||
|
22CC2800000
|
heap
|
page read and write
|
||
|
25F40190000
|
heap
|
page read and write
|
||
|
246C138E000
|
heap
|
page read and write
|
||
|
5FFD87E000
|
stack
|
page read and write
|
||
|
F2A000
|
heap
|
page read and write
|
||
|
246C0847000
|
heap
|
page read and write
|
||
|
2CE9C03C000
|
heap
|
page read and write
|
||
|
246C08C3000
|
heap
|
page read and write
|
||
|
7FF8BB969000
|
unkown
|
page readonly
|
||
|
246C13B2000
|
heap
|
page read and write
|
||
|
F2C000
|
heap
|
page read and write
|
||
|
1E1F000
|
stack
|
page read and write
|
||
|
22CC16D8000
|
heap
|
page read and write
|
||
|
196021E1000
|
trusted library allocation
|
page read and write
|
||
|
22CC1570000
|
trusted library allocation
|
page read and write
|
||
|
246C1386000
|
heap
|
page read and write
|
||
|
F42000
|
heap
|
page read and write
|
||
|
246C1375000
|
heap
|
page read and write
|
||
|
24E29B1D000
|
heap
|
page read and write
|
||
|
1FD28280000
|
heap
|
page read and write
|
||
|
246C1382000
|
heap
|
page read and write
|
||
|
15B32E3B000
|
heap
|
page read and write
|
||
|
22CC16E7000
|
heap
|
page read and write
|
||
|
246C13A8000
|
heap
|
page read and write
|
||
|
24E2AAF0000
|
trusted library allocation
|
page read and write
|
||
|
22CC1695000
|
heap
|
page read and write
|
||
|
12173A57000
|
heap
|
page read and write
|
||
|
1D80000
|
heap
|
page readonly
|
||
|
1AC8E2D0000
|
heap
|
page read and write
|
||
|
1633D6EF000
|
heap
|
page read and write
|
||
|
19607740000
|
trusted library allocation
|
page read and write
|
||
|
12173B30000
|
heap
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
AE5000
|
stack
|
page read and write
|
||
|
15B32FD5000
|
heap
|
page read and write
|
||
|
5FFD58B000
|
stack
|
page read and write
|
||
|
246C10E0000
|
remote allocation
|
page read and write
|
||
|
1EA50850000
|
heap
|
page read and write
|
||
|
1CAB8A85000
|
heap
|
page read and write
|
||
|
1D40000
|
direct allocation
|
page execute and read and write
|
||
|
22CC2913000
|
heap
|
page read and write
|
||
|
246C083C000
|
heap
|
page read and write
|
||
|
7FF8BB962000
|
unkown
|
page readonly
|
||
|
F90000
|
heap
|
page readonly
|
||
|
246C1388000
|
heap
|
page read and write
|
||
|
E6CA9FF000
|
stack
|
page read and write
|
||
|
246C13AA000
|
heap
|
page read and write
|
||
|
246C1363000
|
heap
|
page read and write
|
||
|
1960227C000
|
heap
|
page read and write
|
||
|
E4F2CAC000
|
stack
|
page read and write
|
||
|
246C138A000
|
heap
|
page read and write
|
||
|
7FF8BB962000
|
unkown
|
page readonly
|
||
|
19602B13000
|
heap
|
page read and write
|
||
|
2CE9C050000
|
heap
|
page read and write
|
||
|
19607862000
|
heap
|
page read and write
|
||
|
1633D701000
|
heap
|
page read and write
|
||
|
246C137A000
|
heap
|
page read and write
|
||
|
19603660000
|
trusted library allocation
|
page read and write
|
||
|
246C137D000
|
heap
|
page read and write
|
||
|
246C13B6000
|
heap
|
page read and write
|
||
|
12173A2D000
|
heap
|
page read and write
|
||
|
1FD25060000
|
heap
|
page read and write
|
||
|
246C13A9000
|
heap
|
page read and write
|
||
|
246C0720000
|
heap
|
page read and write
|
||
|
246C08AB000
|
heap
|
page read and write
|
||
|
2CE9C04E000
|
heap
|
page read and write
|
||
|
1633D6D7000
|
heap
|
page read and write
|
||
|
22CC219D000
|
heap
|
page read and write
|
||
|
1EAD20E8000
|
heap
|
page read and write
|
||
|
246C10E0000
|
remote allocation
|
page read and write
|
||
|
1FD25062000
|
heap
|
page read and write
|
||
|
246C0710000
|
heap
|
page read and write
|
||
|
1CF14429000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
22CC16B4000
|
heap
|
page read and write
|
There are 817 hidden memdumps, click here to show them.