Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
vur7t4SumQ.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
||
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
MPEG-4 LOAS
|
dropped
|
||
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x26183b80, page size 16384, Windows version 10.0
|
dropped
|
||
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_vur_4cd58e58b1e637f1367f31dafe24a2e5d883329_67e37b4c_19aab41b\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER90C4.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sat May 14 11:57:05 2022, 0x1205a4 type
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9BF0.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WERAB24.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
|
Little-endian UTF-16 Unicode text, with CRLF, CR line terminators
|
modified
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\vur7t4SumQ.dll
|
||
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\vur7t4SumQ.dll",#1
|
||
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\vur7t4SumQ.dll,DllRegisterServer
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
||
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\vur7t4SumQ.dll,DllUnregisterServer
|
||
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\JZAnomWmMqlc\LxifZH.dll"
|
||
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
|
||
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k NetworkService -p
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
||
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\system32\svchost.exe -k wusvcs -p -s WaaSMedicSvc
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\vur7t4SumQ.dll"
|
||
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\vur7t4SumQ.dll",#1
|
||
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 6444 -s 316
|
||
C:\Windows\System32\SgrmBroker.exe
|
C:\Windows\system32\SgrmBroker.exe
|
||
C:\Program Files\Windows Defender\MpCmdRun.exe
|
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 12 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://23.239.0.12/:
|
unknown
|
||
https://23.239.0.12/
|
23.239.0.12
|
||
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
|
unknown
|
||
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=
|
unknown
|
||
https://dev.ditu.live.com/REST/v1/Routes/
|
unknown
|
||
https://dev.virtualearth.net/REST/v1/Routes/Driving
|
unknown
|
||
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
|
unknown
|
||
https://dev.ditu.live.com/REST/v1/Transit/Stops/
|
unknown
|
||
https://t0.tiles.ditu.live.com/tiles/gen
|
unknown
|
||
https://dev.virtualearth.net/REST/v1/Routes/
|
unknown
|
||
https://dev.virtualearth.net/REST/v1/Traffic/Incidents/
|
unknown
|
||
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
|
unknown
|
||
https://dev.virtualearth.net/REST/v1/Routes/Walking
|
unknown
|
||
http://crl.ver)
|
unknown
|
||
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
|
unknown
|
||
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
|
unknown
|
||
https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=
|
unknown
|
||
https://%s.xboxlive.com
|
unknown
|
||
https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
https://dev.virtualearth.net/mapcontrol/logging.ashx
|
unknown
|
||
https://support.hotspotshield.com/
|
unknown
|
||
https://dev.ditu.live.com/mapcontrol/logging.ashx
|
unknown
|
||
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
|
unknown
|
||
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
|
unknown
|
||
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
|
unknown
|
||
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
https://dev.virtualearth.net/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
https://dev.virtualearth.net/REST/v1/Transit/Schedules/
|
unknown
|
||
https://dynamic.t
|
unknown
|
||
https://dev.virtualearth.net/REST/v1/Routes/Transit
|
unknown
|
||
https://www.hotspotshield.com/terms/
|
unknown
|
||
https://www.pango.co/privacy
|
unknown
|
||
https://disneyplus.com/legal.
|
unknown
|
||
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
|
unknown
|
||
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
|
unknown
|
||
https://activity.windows.com
|
unknown
|
||
http://www.bingmapsportal.com
|
unknown
|
||
https://dev.ditu.live.com/REST/v1/Locations
|
unknown
|
||
http://help.disneyplus.com.
|
unknown
|
||
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
https://%s.dnet.xboxlive.com
|
unknown
|
||
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
|
unknown
|
There are 34 hidden URLs, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
23.239.0.12
|
unknown
|
United States
|
||
192.168.2.1
|
unknown
|
unknown
|
||
127.0.0.1
|
unknown
|
unknown
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Usage
|
MonthID
|
||
\REGISTRY\A\{716106eb-4c16-3a41-7175-039016bd5bee}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProgramId
|
||
\REGISTRY\A\{716106eb-4c16-3a41-7175-039016bd5bee}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
FileId
|
||
\REGISTRY\A\{716106eb-4c16-3a41-7175-039016bd5bee}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LowerCaseLongPath
|
||
\REGISTRY\A\{716106eb-4c16-3a41-7175-039016bd5bee}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LongPathHash
|
||
\REGISTRY\A\{716106eb-4c16-3a41-7175-039016bd5bee}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Name
|
||
\REGISTRY\A\{716106eb-4c16-3a41-7175-039016bd5bee}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Publisher
|
||
\REGISTRY\A\{716106eb-4c16-3a41-7175-039016bd5bee}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Version
|
||
\REGISTRY\A\{716106eb-4c16-3a41-7175-039016bd5bee}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinFileVersion
|
||
\REGISTRY\A\{716106eb-4c16-3a41-7175-039016bd5bee}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinaryType
|
||
\REGISTRY\A\{716106eb-4c16-3a41-7175-039016bd5bee}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductName
|
||
\REGISTRY\A\{716106eb-4c16-3a41-7175-039016bd5bee}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductVersion
|
||
\REGISTRY\A\{716106eb-4c16-3a41-7175-039016bd5bee}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LinkDate
|
||
\REGISTRY\A\{716106eb-4c16-3a41-7175-039016bd5bee}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinProductVersion
|
||
\REGISTRY\A\{716106eb-4c16-3a41-7175-039016bd5bee}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Size
|
||
\REGISTRY\A\{716106eb-4c16-3a41-7175-039016bd5bee}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Language
|
||
\REGISTRY\A\{716106eb-4c16-3a41-7175-039016bd5bee}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsPeFile
|
||
\REGISTRY\A\{716106eb-4c16-3a41-7175-039016bd5bee}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsOsComponent
|
||
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug
|
ExceptionRecord
|
||
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
0018800453F4626F
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
HKEY_LOCAL_MACHINE\SYSTEM\WaaS\WaaSMedic\TaskStore
|
Schedule Scan
|
||
HKEY_LOCAL_MACHINE\SYSTEM\WaaS\WaaSMedic\State
|
BlockUntilTimeStatus
|
||
HKEY_LOCAL_MACHINE\SYSTEM\WaaS\WaaSMedic\Configuration
|
refreshAfter
|
There are 27 hidden registries, click here to show them.
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
180001000
|
direct allocation
|
page execute read
|
||
180001000
|
direct allocation
|
page execute read
|
||
C20000
|
direct allocation
|
page execute and read and write
|
||
180001000
|
direct allocation
|
page execute read
|
||
2C00000
|
direct allocation
|
page execute and read and write
|
||
180001000
|
direct allocation
|
page execute read
|
||
180001000
|
direct allocation
|
page execute read
|
||
1CC60A20000
|
direct allocation
|
page execute and read and write
|
||
1BFBC3F0000
|
direct allocation
|
page execute and read and write
|
||
1CC60A20000
|
direct allocation
|
page execute and read and write
|
||
1C078260000
|
direct allocation
|
page execute and read and write
|
||
180001000
|
direct allocation
|
page execute read
|
||
1CC60A20000
|
direct allocation
|
page execute and read and write
|
||
180001000
|
direct allocation
|
page execute read
|
||
7FFC67216000
|
unkown
|
page read and write
|
||
1848BA00000
|
heap
|
page read and write
|
||
16409002000
|
trusted library allocation
|
page read and write
|
||
214F3847000
|
heap
|
page read and write
|
||
18002F000
|
direct allocation
|
page readonly
|
||
1A85A021000
|
heap
|
page read and write
|
||
20B5CFD000
|
stack
|
page read and write
|
||
72AEBFE000
|
stack
|
page read and write
|
||
1848C379000
|
heap
|
page read and write
|
||
1848B7E0000
|
heap
|
page read and write
|
||
1CF887E000
|
stack
|
page read and write
|
||
7FFC67212000
|
unkown
|
page readonly
|
||
C3BF475000
|
stack
|
page read and write
|
||
2D6EDFE000
|
stack
|
page read and write
|
||
25D89E90000
|
heap
|
page read and write
|
||
1CC60A50000
|
heap
|
page readonly
|
||
27679234000
|
heap
|
page read and write
|
||
7FFC67216000
|
unkown
|
page read and write
|
||
C0C9D7E000
|
stack
|
page read and write
|
||
27679234000
|
heap
|
page read and write
|
||
1848C3BF000
|
heap
|
page read and write
|
||
1A859F6E000
|
trusted library allocation
|
page read and write
|
||
1848BAAA000
|
heap
|
page read and write
|
||
23175E41000
|
heap
|
page read and write
|
||
218C4B00000
|
heap
|
page read and write
|
||
276791EE000
|
heap
|
page read and write
|
||
27679292000
|
heap
|
page read and write
|
||
276792B4000
|
heap
|
page read and write
|
||
376067E000
|
stack
|
page read and write
|
||
1CA62170000
|
heap
|
page read and write
|
||
16408A60000
|
heap
|
page read and write
|
||
218C4B02000
|
heap
|
page read and write
|
||
1848C202000
|
heap
|
page read and write
|
||
1CC60A78000
|
heap
|
page read and write
|
||
218C4A29000
|
heap
|
page read and write
|
||
C3BF57F000
|
stack
|
page read and write
|
||
16408830000
|
heap
|
page read and write
|
||
C6712F9000
|
stack
|
page read and write
|
||
1848C397000
|
heap
|
page read and write
|
||
1848C397000
|
heap
|
page read and write
|
||
14CFCC8C000
|
heap
|
page read and write
|
||
27679260000
|
heap
|
page read and write
|
||
1848C376000
|
heap
|
page read and write
|
||
19E150B5000
|
heap
|
page read and write
|
||
25D8ADE0000
|
trusted library allocation
|
page read and write
|
||
1CC60BF0000
|
heap
|
page read and write
|
||
31AF000
|
stack
|
page read and write
|
||
1A85A0FA000
|
heap
|
page read and write
|
||
1848BA29000
|
heap
|
page read and write
|
||
214F3810000
|
heap
|
page read and write
|
||
15FFD6C0000
|
heap
|
page read and write
|
||
72AEA7E000
|
stack
|
page read and write
|
||
14CFCC7E000
|
heap
|
page read and write
|
||
1C076870000
|
heap
|
page read and write
|
||
214F3840000
|
heap
|
page read and write
|
||
25D8A060000
|
heap
|
page read and write
|
||
1C0768AD000
|
heap
|
page read and write
|
||
30D6CFF000
|
stack
|
page read and write
|
||
1A8548A0000
|
heap
|
page read and write
|
||
CEE000
|
heap
|
page read and write
|
||
1CF8675000
|
stack
|
page read and write
|
||
1CA62445000
|
heap
|
page read and write
|
||
15FFDE80000
|
trusted library allocation
|
page read and write
|
||
26EC000
|
stack
|
page read and write
|
||
1A855359000
|
heap
|
page read and write
|
||
1BFBAB1A000
|
heap
|
page read and write
|
||
16408A84000
|
heap
|
page read and write
|
||
25D8AB50000
|
trusted library allocation
|
page read and write
|
||
19E16006000
|
heap
|
page read and write
|
||
25D89EDC000
|
heap
|
page read and write
|
||
131D000
|
heap
|
page read and write
|
||
25D89E98000
|
heap
|
page read and write
|
||
16408A5C000
|
heap
|
page read and write
|
||
20B5FFE000
|
stack
|
page read and write
|
||
3130000
|
trusted library allocation
|
page read and write
|
||
214F384D000
|
heap
|
page read and write
|
||
1848BA57000
|
heap
|
page read and write
|
||
25D89EF4000
|
heap
|
page read and write
|
||
27679227000
|
heap
|
page read and write
|
||
19E150BC000
|
heap
|
page read and write
|
||
12C3000
|
heap
|
page read and write
|
||
1CC609F0000
|
heap
|
page read and write
|
||
20801702000
|
heap
|
page read and write
|
||
1C076878000
|
heap
|
page read and write
|
||
134B000
|
heap
|
page read and write
|
||
1A859DD0000
|
trusted library allocation
|
page read and write
|
||
1848C399000
|
heap
|
page read and write
|
||
13DEF4FF000
|
heap
|
page read and write
|
||
1CC609A0000
|
heap
|
page read and write
|
||
214F384E000
|
heap
|
page read and write
|
||
19E14FD0000
|
trusted library allocation
|
page read and write
|
||
131D000
|
heap
|
page read and write
|
||
1848C380000
|
heap
|
page read and write
|
||
25D8A080000
|
heap
|
page read and write
|
||
C0C9C7E000
|
stack
|
page read and write
|
||
1848C380000
|
heap
|
page read and write
|
||
1A854A8E000
|
heap
|
page read and write
|
||
CB7CDFE000
|
stack
|
page read and write
|
||
CF7452C000
|
stack
|
page read and write
|
||
1A85A2C0000
|
remote allocation
|
page read and write
|
||
BE0000
|
direct allocation
|
page execute and read and write
|
||
1BFBAAF0000
|
heap
|
page read and write
|
||
1848C380000
|
heap
|
page read and write
|
||
1310000
|
heap
|
page read and write
|
||
23176602000
|
trusted library allocation
|
page read and write
|
||
135E000
|
heap
|
page read and write
|
||
27679294000
|
heap
|
page read and write
|
||
12F0000
|
heap
|
page read and write
|
||
7FFC67219000
|
unkown
|
page readonly
|
||
31F487E000
|
stack
|
page read and write
|
||
7FFC67219000
|
unkown
|
page readonly
|
||
1A85A0ED000
|
heap
|
page read and write
|
||
19E16002000
|
heap
|
page read and write
|
||
2104E454000
|
heap
|
page read and write
|
||
19E15113000
|
heap
|
page read and write
|
||
16408A5E000
|
heap
|
page read and write
|
||
164087C0000
|
heap
|
page read and write
|
||
5BC5A7B000
|
stack
|
page read and write
|
||
218C47F0000
|
heap
|
page read and write
|
||
7FFC67212000
|
unkown
|
page readonly
|
||
27679294000
|
heap
|
page read and write
|
||
16408F90000
|
trusted library allocation
|
page read and write
|
||
1848BA4E000
|
heap
|
page read and write
|
||
1848C386000
|
heap
|
page read and write
|
||
343E000
|
stack
|
page read and write
|
||
72AE71C000
|
stack
|
page read and write
|
||
7FFC67219000
|
unkown
|
page readonly
|
||
375FE7F000
|
stack
|
page read and write
|
||
218C4B13000
|
heap
|
page read and write
|
||
1416D840000
|
heap
|
page read and write
|
||
1A854900000
|
heap
|
page read and write
|
||
25D8A1C0000
|
trusted library allocation
|
page read and write
|
||
C5B000
|
heap
|
page read and write
|
||
2BDC000
|
stack
|
page read and write
|
||
1A855200000
|
heap
|
page read and write
|
||
276792B5000
|
heap
|
page read and write
|
||
1CC60C75000
|
heap
|
page read and write
|
||
16408A30000
|
heap
|
page read and write
|
||
2104E447000
|
heap
|
page read and write
|
||
1848C380000
|
heap
|
page read and write
|
||
1A854B07000
|
heap
|
page read and write
|
||
1848C315000
|
heap
|
page read and write
|
||
208016E2000
|
heap
|
page read and write
|
||
20B559B000
|
stack
|
page read and write
|
||
1848BA3A000
|
heap
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
1848C070000
|
remote allocation
|
page read and write
|
||
19E1590C000
|
heap
|
page read and write
|
||
218C4A5D000
|
heap
|
page read and write
|
||
23175E13000
|
heap
|
page read and write
|
||
276792B3000
|
heap
|
page read and write
|
||
CF74C7D000
|
stack
|
page read and write
|
||
1C076840000
|
heap
|
page read and write
|
||
134B000
|
heap
|
page read and write
|
||
1848C375000
|
heap
|
page read and write
|
||
1A859F90000
|
trusted library allocation
|
page read and write
|
||
19E15087000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
1A855313000
|
heap
|
page read and write
|
||
2810000
|
heap
|
page read and write
|
||
2104E47B000
|
heap
|
page read and write
|
||
23175E02000
|
heap
|
page read and write
|
||
2104E370000
|
trusted library allocation
|
page read and write
|
||
19E16100000
|
heap
|
page read and write
|
||
23175E55000
|
heap
|
page read and write
|
||
1416D902000
|
heap
|
page read and write
|
||
332B000
|
stack
|
page read and write
|
||
25D89ED3000
|
heap
|
page read and write
|
||
214F3834000
|
heap
|
page read and write
|
||
1848C385000
|
heap
|
page read and write
|
||
BF0000
|
heap
|
page read and write
|
||
1CC60A50000
|
heap
|
page readonly
|
||
1848C379000
|
heap
|
page read and write
|
||
1848BAC9000
|
heap
|
page read and write
|
||
C0C9CF9000
|
stack
|
page read and write
|
||
27679AB1000
|
heap
|
page read and write
|
||
1C0767D0000
|
heap
|
page read and write
|
||
1CC62554000
|
heap
|
page read and write
|
||
16408A5A000
|
heap
|
page read and write
|
||
C3BF57F000
|
stack
|
page read and write
|
||
5BC5F7F000
|
stack
|
page read and write
|
||
1250000
|
heap
|
page read and write
|
||
16408A5F000
|
heap
|
page read and write
|
||
1A8551F0000
|
trusted library allocation
|
page read and write
|
||
BF007C000
|
stack
|
page read and write
|
||
19E16054000
|
heap
|
page read and write
|
||
1848C35F000
|
heap
|
page read and write
|
||
C0C9DFC000
|
stack
|
page read and write
|
||
1848C380000
|
heap
|
page read and write
|
||
16408A55000
|
heap
|
page read and write
|
||
16408A7B000
|
heap
|
page read and write
|
||
1848C300000
|
heap
|
page read and write
|
||
15FFD85F000
|
heap
|
page read and write
|
||
214F3848000
|
heap
|
page read and write
|
||
1848BA52000
|
heap
|
page read and write
|
||
1215000
|
heap
|
page read and write
|
||
1848C3A0000
|
heap
|
page read and write
|
||
214F3770000
|
heap
|
page read and write
|
||
214F3853000
|
heap
|
page read and write
|
||
1C0782E4000
|
heap
|
page read and write
|
||
2814000
|
heap
|
page read and write
|
||
1848C3B0000
|
heap
|
page read and write
|
||
72AECFB000
|
stack
|
page read and write
|
||
3656E7E000
|
stack
|
page read and write
|
||
19E151FD000
|
heap
|
page read and write
|
||
1848C39E000
|
heap
|
page read and write
|
||
7FFC67212000
|
unkown
|
page readonly
|
||
72AEDF7000
|
stack
|
page read and write
|
||
1848BB02000
|
heap
|
page read and write
|
||
5BC5577000
|
stack
|
page read and write
|
||
18002E000
|
direct allocation
|
page read and write
|
||
1A855302000
|
heap
|
page read and write
|
||
1A85A0F8000
|
heap
|
page read and write
|
||
CB7CAFE000
|
stack
|
page read and write
|
||
1A85A2A0000
|
trusted library allocation
|
page read and write
|
||
1A859FF0000
|
trusted library allocation
|
page read and write
|
||
3480000
|
remote allocation
|
page read and write
|
||
7FFC671C1000
|
unkown
|
page execute read
|
||
30D6C7F000
|
stack
|
page read and write
|
||
19E15750000
|
trusted library allocation
|
page read and write
|
||
1416E002000
|
trusted library allocation
|
page read and write
|
||
218C4A4E000
|
heap
|
page read and write
|
||
131D000
|
heap
|
page read and write
|
||
1CC60A70000
|
heap
|
page read and write
|
||
2104E44D000
|
heap
|
page read and write
|
||
23175F02000
|
heap
|
page read and write
|
||
BF027E000
|
stack
|
page read and write
|
||
20B5E7D000
|
stack
|
page read and write
|
||
1BFBADA0000
|
heap
|
page read and write
|
||
19E15088000
|
heap
|
page read and write
|
||
C0C98CA000
|
stack
|
page read and write
|
||
1A854A58000
|
heap
|
page read and write
|
||
1848C37B000
|
heap
|
page read and write
|
||
1A854B02000
|
heap
|
page read and write
|
||
1848C379000
|
heap
|
page read and write
|
||
1A855215000
|
heap
|
page read and write
|
||
19E15013000
|
heap
|
page read and write
|
||
23175CB0000
|
heap
|
page read and write
|
||
12BD000
|
heap
|
page read and write
|
||
D50000
|
heap
|
page readonly
|
||
1848C37A000
|
heap
|
page read and write
|
||
1848BAAF000
|
heap
|
page read and write
|
||
FD0000
|
heap
|
page read and write
|
||
1848C380000
|
heap
|
page read and write
|
||
19E1595D000
|
heap
|
page read and write
|
||
1A85A3D0000
|
trusted library allocation
|
page read and write
|
||
19E16015000
|
heap
|
page read and write
|
||
375FCFB000
|
stack
|
page read and write
|
||
365707E000
|
stack
|
page read and write
|
||
C8E1C7E000
|
stack
|
page read and write
|
||
218C4A53000
|
heap
|
page read and write
|
||
18002F000
|
direct allocation
|
page readonly
|
||
1848C361000
|
heap
|
page read and write
|
||
1848C380000
|
heap
|
page read and write
|
||
2104E488000
|
heap
|
page read and write
|
||
1A855300000
|
heap
|
page read and write
|
||
2104E500000
|
heap
|
page read and write
|
||
B70000
|
heap
|
page read and write
|
||
1A855318000
|
heap
|
page read and write
|
||
27679227000
|
heap
|
page read and write
|
||
2C30000
|
heap
|
page readonly
|
||
B90000
|
heap
|
page read and write
|
||
19E150B1000
|
heap
|
page read and write
|
||
CF7497B000
|
stack
|
page read and write
|
||
12D5000
|
heap
|
page read and write
|
||
2D6EAFB000
|
stack
|
page read and write
|
||
1848C37C000
|
heap
|
page read and write
|
||
15FFD86F000
|
heap
|
page read and write
|
||
19E159F0000
|
heap
|
page read and write
|
||
5A9D3FE000
|
stack
|
page read and write
|
||
1C0768BD000
|
heap
|
page read and write
|
||
1848C380000
|
heap
|
page read and write
|
||
25D89EF8000
|
heap
|
page read and write
|
||
214F3853000
|
heap
|
page read and write
|
||
2104E470000
|
heap
|
page read and write
|
||
1A85A0F7000
|
heap
|
page read and write
|
||
1848BA65000
|
heap
|
page read and write
|
||
1A854A00000
|
heap
|
page read and write
|
||
1A85A0E2000
|
heap
|
page read and write
|
||
1CA62150000
|
heap
|
page read and write
|
||
19E1601D000
|
heap
|
page read and write
|
||
1A85A061000
|
heap
|
page read and write
|
||
1CF877F000
|
stack
|
page read and write
|
||
31F43FB000
|
stack
|
page read and write
|
||
276791F2000
|
heap
|
page read and write
|
||
16408B02000
|
heap
|
page read and write
|
||
19E14F50000
|
heap
|
page read and write
|
||
376047F000
|
stack
|
page read and write
|
||
CB7C97C000
|
stack
|
page read and write
|
||
5A9CDCE000
|
stack
|
page read and write
|
||
1CC60A10000
|
direct allocation
|
page execute and read and write
|
||
1CC609A0000
|
heap
|
page read and write
|
||
1CC60A50000
|
heap
|
page readonly
|
||
1A85A0A3000
|
heap
|
page read and write
|
||
1848BAFB000
|
heap
|
page read and write
|
||
1BFBAAC0000
|
heap
|
page read and write
|
||
376037F000
|
stack
|
page read and write
|
||
1848BA7B000
|
heap
|
page read and write
|
||
20801F00000
|
heap
|
page read and write
|
||
23175C50000
|
heap
|
page read and write
|
||
27679261000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
14CFCD13000
|
heap
|
page read and write
|
||
20B5D7F000
|
stack
|
page read and write
|
||
1BFBAB3C000
|
heap
|
page read and write
|
||
218C4950000
|
trusted library allocation
|
page read and write
|
||
1A85A02E000
|
heap
|
page read and write
|
||
1848C39B000
|
heap
|
page read and write
|
||
214F3832000
|
heap
|
page read and write
|
||
1A854A65000
|
heap
|
page read and write
|
||
BF03FE000
|
stack
|
page read and write
|
||
72AF0FA000
|
stack
|
page read and write
|
||
18002F000
|
direct allocation
|
page readonly
|
||
1A859F60000
|
trusted library allocation
|
page read and write
|
||
1C0768AD000
|
heap
|
page read and write
|
||
27679245000
|
heap
|
page read and write
|
||
C8E1A7B000
|
stack
|
page read and write
|
||
7FFC67219000
|
unkown
|
page readonly
|
||
218C4850000
|
heap
|
page read and write
|
||
1CC62554000
|
heap
|
page read and write
|
||
218C4A8A000
|
heap
|
page read and write
|
||
1848C3AD000
|
heap
|
page read and write
|
||
218C4A49000
|
heap
|
page read and write
|
||
1C0782E0000
|
heap
|
page read and write
|
||
C3BF57F000
|
stack
|
page read and write
|
||
1848C379000
|
heap
|
page read and write
|
||
12ED000
|
heap
|
page read and write
|
||
7FFC671C1000
|
unkown
|
page execute read
|
||
1A855359000
|
heap
|
page read and write
|
||
19E14F40000
|
heap
|
page read and write
|
||
1CF87FE000
|
stack
|
page read and write
|
||
2104E210000
|
heap
|
page read and write
|
||
1CC60BF0000
|
heap
|
page read and write
|
||
1416D710000
|
heap
|
page read and write
|
||
208016BF000
|
heap
|
page read and write
|
||
1848C384000
|
heap
|
page read and write
|
||
15FFD802000
|
heap
|
page read and write
|
||
1A85A2C0000
|
remote allocation
|
page read and write
|
||
1A855940000
|
trusted library allocation
|
page read and write
|
||
19E15913000
|
heap
|
page read and write
|
||
1CC62554000
|
heap
|
page read and write
|
||
5BC510B000
|
stack
|
page read and write
|
||
1BFBAAA0000
|
heap
|
page read and write
|
||
23175E58000
|
heap
|
page read and write
|
||
218C4A6E000
|
heap
|
page read and write
|
||
1A85A0C0000
|
trusted library allocation
|
page read and write
|
||
19E15084000
|
heap
|
page read and write
|
||
DDF000
|
stack
|
page read and write
|
||
1A854AB3000
|
heap
|
page read and write
|
||
1A859FD0000
|
trusted library allocation
|
page read and write
|
||
CF74D7E000
|
stack
|
page read and write
|
||
1848BAE5000
|
heap
|
page read and write
|
||
14CFD402000
|
trusted library allocation
|
page read and write
|
||
1CC60840000
|
unkown
|
page read and write
|
||
15FFD800000
|
heap
|
page read and write
|
||
2767924B000
|
heap
|
page read and write
|
||
5A9D2F7000
|
stack
|
page read and write
|
||
214F384F000
|
heap
|
page read and write
|
||
1416DEA0000
|
remote allocation
|
page read and write
|
||
13DEF490000
|
heap
|
page read and write
|
||
7FFC671C0000
|
unkown
|
page readonly
|
||
365717E000
|
stack
|
page read and write
|
||
C67127F000
|
stack
|
page read and write
|
||
1848C387000
|
heap
|
page read and write
|
||
32AE000
|
stack
|
page read and write
|
||
1A854890000
|
heap
|
page read and write
|
||
19E1509E000
|
heap
|
page read and write
|
||
EC5000
|
heap
|
page read and write
|
||
208014D0000
|
heap
|
page read and write
|
||
1CC60BB0000
|
remote allocation
|
page read and write
|
||
1848C343000
|
heap
|
page read and write
|
||
BF037F000
|
stack
|
page read and write
|
||
1848C380000
|
heap
|
page read and write
|
||
23175E5B000
|
heap
|
page read and write
|
||
1848C385000
|
heap
|
page read and write
|
||
25D8A220000
|
trusted library allocation
|
page read and write
|
||
CB7CCFD000
|
stack
|
page read and write
|
||
214F3B15000
|
heap
|
page read and write
|
||
19E1503A000
|
heap
|
page read and write
|
||
25D89EDA000
|
heap
|
page read and write
|
||
18002E000
|
direct allocation
|
page read and write
|
||
1A854A9F000
|
heap
|
page read and write
|
||
1848C398000
|
heap
|
page read and write
|
||
C0C994F000
|
stack
|
page read and write
|
||
1A859FA0000
|
trusted library allocation
|
page read and write
|
||
1848C802000
|
heap
|
page read and write
|
||
23175E29000
|
heap
|
page read and write
|
||
C3BF4FE000
|
stack
|
page read and write
|
||
BF02FB000
|
stack
|
page read and write
|
||
13DEF470000
|
heap
|
page read and write
|
||
1349000
|
heap
|
page read and write
|
||
2D6E97B000
|
stack
|
page read and write
|
||
19E1507D000
|
heap
|
page read and write
|
||
16408A77000
|
heap
|
page read and write
|
||
1848C800000
|
heap
|
page read and write
|
||
1CC60C70000
|
heap
|
page read and write
|
||
1BFBAB3C000
|
heap
|
page read and write
|
||
27679AB0000
|
heap
|
page read and write
|
||
1CA62010000
|
heap
|
page read and write
|
||
218C4A5D000
|
heap
|
page read and write
|
||
1848C3D7000
|
heap
|
page read and write
|
||
1848C39A000
|
heap
|
page read and write
|
||
1CC60C75000
|
heap
|
page read and write
|
||
19E15802000
|
heap
|
page read and write
|
||
1848BB16000
|
heap
|
page read and write
|
||
14CFCD08000
|
heap
|
page read and write
|
||
218C4A4B000
|
heap
|
page read and write
|
||
27678FF0000
|
heap
|
page read and write
|
||
1848C803000
|
heap
|
page read and write
|
||
214F3856000
|
heap
|
page read and write
|
||
218C5202000
|
trusted library allocation
|
page read and write
|
||
1848BB13000
|
heap
|
page read and write
|
||
19E150C8000
|
heap
|
page read and write
|
||
16408A61000
|
heap
|
page read and write
|
||
18002E000
|
direct allocation
|
page read and write
|
||
1848C802000
|
heap
|
page read and write
|
||
CB7C7FF000
|
stack
|
page read and write
|
||
1210000
|
heap
|
page read and write
|
||
1848BA48000
|
heap
|
page read and write
|
||
1848BA82000
|
heap
|
page read and write
|
||
2104E200000
|
heap
|
page read and write
|
||
1848BA65000
|
heap
|
page read and write
|
||
1416DEA0000
|
remote allocation
|
page read and write
|
||
1A854A6B000
|
heap
|
page read and write
|
||
27679234000
|
heap
|
page read and write
|
||
1A85A280000
|
trusted library allocation
|
page read and write
|
||
1A854B14000
|
heap
|
page read and write
|
||
1A859F80000
|
trusted library allocation
|
page read and write
|
||
CB7C6FE000
|
stack
|
page read and write
|
||
1848C3BD000
|
heap
|
page read and write
|
||
1848C802000
|
heap
|
page read and write
|
||
1CA62440000
|
heap
|
page read and write
|
||
C3BF475000
|
stack
|
page read and write
|
||
1848BA13000
|
heap
|
page read and write
|
||
1A854A13000
|
heap
|
page read and write
|
||
25D8A219000
|
heap
|
page read and write
|
||
1C076A40000
|
heap
|
page read and write
|
||
27679294000
|
heap
|
page read and write
|
||
1848C379000
|
heap
|
page read and write
|
||
14CFCC89000
|
heap
|
page read and write
|
||
7B0000
|
heap
|
page read and write
|
||
30D6D7E000
|
stack
|
page read and write
|
||
1C078410000
|
heap
|
page read and write
|
||
3663A9B000
|
stack
|
page read and write
|
||
14CFCD00000
|
heap
|
page read and write
|
||
19E1590E000
|
heap
|
page read and write
|
||
19E15931000
|
heap
|
page read and write
|
||
376057F000
|
stack
|
page read and write
|
||
1848C385000
|
heap
|
page read and write
|
||
16408A74000
|
heap
|
page read and write
|
||
27FE000
|
stack
|
page read and write
|
||
25D8A210000
|
heap
|
page read and write
|
||
322C000
|
stack
|
page read and write
|
||
1BFBAB1F000
|
heap
|
page read and write
|
||
1A859F90000
|
trusted library allocation
|
page read and write
|
||
13DEF340000
|
heap
|
page read and write
|
||
19E15195000
|
heap
|
page read and write
|
||
16408A58000
|
heap
|
page read and write
|
||
7FFC67212000
|
unkown
|
page readonly
|
||
1848C070000
|
remote allocation
|
page read and write
|
||
1848C31F000
|
heap
|
page read and write
|
||
1CC62550000
|
heap
|
page read and write
|
||
25D8A215000
|
heap
|
page read and write
|
||
C3BF4FE000
|
stack
|
page read and write
|
||
2104E42A000
|
heap
|
page read and write
|
||
1CC60C75000
|
heap
|
page read and write
|
||
2D6EBF7000
|
stack
|
page read and write
|
||
1416D802000
|
heap
|
page read and write
|
||
1848C385000
|
heap
|
page read and write
|
||
214F3840000
|
heap
|
page read and write
|
||
1A854A29000
|
heap
|
page read and write
|
||
1848C3CB000
|
heap
|
page read and write
|
||
C8E1BFF000
|
stack
|
page read and write
|
||
1288000
|
heap
|
page read and write
|
||
2104E451000
|
heap
|
page read and write
|
||
36642FB000
|
stack
|
page read and write
|
||
19E150AB000
|
heap
|
page read and write
|
||
14CFCC13000
|
heap
|
page read and write
|
||
1CA6217B000
|
heap
|
page read and write
|
||
C3BF475000
|
stack
|
page read and write
|
||
1848BA39000
|
heap
|
page read and write
|
||
1848BA54000
|
heap
|
page read and write
|
||
27679230000
|
heap
|
page read and write
|
||
19E15000000
|
heap
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
CF74B77000
|
stack
|
page read and write
|
||
1CC60A10000
|
direct allocation
|
page execute and read and write
|
||
1848C3A8000
|
heap
|
page read and write
|
||
214F3835000
|
heap
|
page read and write
|
||
1CC60C70000
|
heap
|
page read and write
|
||
C0C99CE000
|
stack
|
page read and write
|
||
214F37F0000
|
heap
|
page read and write
|
||
66D257C000
|
stack
|
page read and write
|
||
16408A4D000
|
heap
|
page read and write
|
||
31F477E000
|
stack
|
page read and write
|
||
16408A66000
|
heap
|
page read and write
|
||
FC0000
|
remote allocation
|
page read and write
|
||
1848B850000
|
heap
|
page read and write
|
||
1416DEA0000
|
remote allocation
|
page read and write
|
||
7FFC671C1000
|
unkown
|
page execute read
|
||
1A85A0DC000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
1BFBC610000
|
heap
|
page read and write
|
||
214F37D0000
|
heap
|
page read and write
|
||
19E15937000
|
heap
|
page read and write
|
||
14CFCC29000
|
heap
|
page read and write
|
||
214F3821000
|
heap
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
1848C3B0000
|
heap
|
page read and write
|
||
1CC60A10000
|
direct allocation
|
page execute and read and write
|
||
3663FFB000
|
stack
|
page read and write
|
||
13DEF4D0000
|
heap
|
page read and write
|
||
15FFD87C000
|
heap
|
page read and write
|
||
19E16102000
|
heap
|
page read and write
|
||
1A854AFF000
|
heap
|
page read and write
|
||
15FFD855000
|
heap
|
page read and write
|
||
66D297A000
|
stack
|
page read and write
|
||
66D237E000
|
stack
|
page read and write
|
||
27679253000
|
heap
|
page read and write
|
||
27679495000
|
heap
|
page read and write
|
||
1416D813000
|
heap
|
page read and write
|
||
5BC5979000
|
stack
|
page read and write
|
||
3480000
|
remote allocation
|
page read and write
|
||
16408A42000
|
heap
|
page read and write
|
||
20801530000
|
heap
|
page read and write
|
||
1BFBC484000
|
heap
|
page read and write
|
||
1A859F81000
|
trusted library allocation
|
page read and write
|
||
36641FE000
|
stack
|
page read and write
|
||
66D287C000
|
stack
|
page read and write
|
||
1848C36F000
|
heap
|
page read and write
|
||
19E150A8000
|
heap
|
page read and write
|
||
20801629000
|
heap
|
page read and write
|
||
72AEB7B000
|
stack
|
page read and write
|
||
20B5AFC000
|
stack
|
page read and write
|
||
1848C347000
|
heap
|
page read and write
|
||
18002F000
|
direct allocation
|
page readonly
|
||
218C4A3C000
|
heap
|
page read and write
|
||
1848C802000
|
heap
|
page read and write
|
||
15FFD6B0000
|
heap
|
page read and write
|
||
25D89E10000
|
heap
|
page read and write
|
||
27679490000
|
heap
|
page read and write
|
||
1A8551F3000
|
trusted library allocation
|
page read and write
|
||
19E1503C000
|
heap
|
page read and write
|
||
19E1611B000
|
heap
|
page read and write
|
||
20B5A7C000
|
stack
|
page read and write
|
||
1848BB08000
|
heap
|
page read and write
|
||
7FFC671C0000
|
unkown
|
page readonly
|
||
1848C3AC000
|
heap
|
page read and write
|
||
1CC60980000
|
heap
|
page read and write
|
||
13DEF4D8000
|
heap
|
page read and write
|
||
72AEFF8000
|
stack
|
page read and write
|
||
20801613000
|
heap
|
page read and write
|
||
19E15037000
|
heap
|
page read and write
|
||
18002F000
|
direct allocation
|
page readonly
|
||
18002D000
|
direct allocation
|
page readonly
|
||
16408A6B000
|
heap
|
page read and write
|
||
16408A29000
|
heap
|
page read and write
|
||
218C4A00000
|
heap
|
page read and write
|
||
66D267F000
|
stack
|
page read and write
|
||
2767922A000
|
heap
|
page read and write
|
||
1C078290000
|
heap
|
page readonly
|
||
1848C383000
|
heap
|
page read and write
|
||
1848C3B2000
|
heap
|
page read and write
|
||
7FFC67216000
|
unkown
|
page read and write
|
||
1A859FD0000
|
trusted library allocation
|
page read and write
|
||
1A854AFF000
|
heap
|
page read and write
|
||
19E1508F000
|
heap
|
page read and write
|
||
CB7C13B000
|
stack
|
page read and write
|
||
27679205000
|
heap
|
page read and write
|
||
375FF7C000
|
stack
|
page read and write
|
||
1CC60980000
|
heap
|
page read and write
|
||
1848BA55000
|
heap
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
CA3000
|
heap
|
page read and write
|
||
1A859E40000
|
trusted library allocation
|
page read and write
|
||
5BC577A000
|
stack
|
page read and write
|
||
25D8A1D0000
|
trusted library allocation
|
page read and write
|
||
19E150A8000
|
heap
|
page read and write
|
||
218C4A7F000
|
heap
|
page read and write
|
||
2104E48F000
|
heap
|
page read and write
|
||
208016D0000
|
heap
|
page read and write
|
||
2080168A000
|
heap
|
page read and write
|
||
276791C0000
|
heap
|
page read and write
|
||
CF7487E000
|
stack
|
page read and write
|
||
16408A7E000
|
heap
|
page read and write
|
||
1A859F68000
|
trusted library allocation
|
page read and write
|
||
1848C802000
|
heap
|
page read and write
|
||
23175E75000
|
heap
|
page read and write
|
||
2D50000
|
trusted library allocation
|
page read and write
|
||
1C078230000
|
heap
|
page read and write
|
||
2BF0000
|
direct allocation
|
page execute and read and write
|
||
2D6E50C000
|
stack
|
page read and write
|
||
19E151E1000
|
heap
|
page read and write
|
||
7FFC671C0000
|
unkown
|
page readonly
|
||
12C3000
|
heap
|
page read and write
|
||
F94000
|
stack
|
page read and write
|
||
276792B2000
|
heap
|
page read and write
|
||
208014C0000
|
heap
|
page read and write
|
||
14CFCC3C000
|
heap
|
page read and write
|
||
1CC60980000
|
heap
|
page read and write
|
||
1A854A3E000
|
heap
|
page read and write
|
||
1848C380000
|
heap
|
page read and write
|
||
16408A00000
|
heap
|
page read and write
|
||
1C078250000
|
direct allocation
|
page execute and read and write
|
||
1416D800000
|
heap
|
page read and write
|
||
1848C398000
|
heap
|
page read and write
|
||
EE0000
|
heap
|
page read and write
|
||
36640FE000
|
stack
|
page read and write
|
||
16408A7A000
|
heap
|
page read and write
|
||
1848C379000
|
heap
|
page read and write
|
||
19E1502E000
|
heap
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
1848BA49000
|
heap
|
page read and write
|
||
15FFD828000
|
heap
|
page read and write
|
||
218C47E0000
|
heap
|
page read and write
|
||
13DEF735000
|
heap
|
page read and write
|
||
1848C386000
|
heap
|
page read and write
|
||
276E000
|
stack
|
page read and write
|
||
1A85A0F5000
|
heap
|
page read and write
|
||
1A854A90000
|
heap
|
page read and write
|
||
14CFCC51000
|
heap
|
page read and write
|
||
19E150DB000
|
heap
|
page read and write
|
||
5A9D4FF000
|
stack
|
page read and write
|
||
19E16002000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
1CC609A0000
|
heap
|
page read and write
|
||
1A859FD0000
|
trusted library allocation
|
page read and write
|
||
1254000
|
heap
|
page read and write
|
||
C8E1B7B000
|
stack
|
page read and write
|
||
72AE79F000
|
stack
|
page read and write
|
||
15FFD720000
|
heap
|
page read and write
|
||
1CC60BB0000
|
remote allocation
|
page read and write
|
||
1848C38D000
|
heap
|
page read and write
|
||
25D89E20000
|
trusted library allocation
|
page read and write
|
||
1C0768A1000
|
heap
|
page read and write
|
||
208016CE000
|
heap
|
page read and write
|
||
1CC60A70000
|
heap
|
page read and write
|
||
7FFC67216000
|
unkown
|
page read and write
|
||
1848C350000
|
heap
|
page read and write
|
||
1848C803000
|
heap
|
page read and write
|
||
1848C38A000
|
heap
|
page read and write
|
||
1848C802000
|
heap
|
page read and write
|
||
1848B7F0000
|
heap
|
page read and write
|
||
14CFCC55000
|
heap
|
page read and write
|
||
1848B950000
|
trusted library allocation
|
page read and write
|
||
1A859F84000
|
trusted library allocation
|
page read and write
|
||
1848C070000
|
remote allocation
|
page read and write
|
||
1CC60C70000
|
heap
|
page read and write
|
||
1848C37C000
|
heap
|
page read and write
|
||
214F3840000
|
heap
|
page read and write
|
||
1CC60840000
|
unkown
|
page read and write
|
||
2104E270000
|
heap
|
page read and write
|
||
19E16000000
|
heap
|
page read and write
|
||
C8E197E000
|
stack
|
page read and write
|
||
1A85A0D6000
|
heap
|
page read and write
|
||
18002E000
|
direct allocation
|
page read and write
|
||
1349000
|
heap
|
page read and write
|
||
25D8A1B0000
|
trusted library allocation
|
page read and write
|
||
1BFBADA5000
|
heap
|
page read and write
|
||
1416D829000
|
heap
|
page read and write
|
||
19E16043000
|
heap
|
page read and write
|
||
214F3853000
|
heap
|
page read and write
|
||
27679253000
|
heap
|
page read and write
|
||
1CF86FF000
|
stack
|
page read and write
|
||
7FFC67212000
|
unkown
|
page readonly
|
||
1848C39B000
|
heap
|
page read and write
|
||
19E150E2000
|
heap
|
page read and write
|
||
1220000
|
heap
|
page read and write
|
||
1416DE70000
|
trusted library allocation
|
page read and write
|
||
1CC62550000
|
heap
|
page read and write
|
||
1C0768BD000
|
heap
|
page read and write
|
||
1848C399000
|
heap
|
page read and write
|
||
276791C8000
|
heap
|
page read and write
|
||
1C0768BD000
|
heap
|
page read and write
|
||
2104E513000
|
heap
|
page read and write
|
||
1848C39B000
|
heap
|
page read and write
|
||
2104E508000
|
heap
|
page read and write
|
||
25D89EDA000
|
heap
|
page read and write
|
||
14CFCB90000
|
heap
|
page read and write
|
||
1260000
|
heap
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
1848BA4C000
|
heap
|
page read and write
|
||
20801F12000
|
heap
|
page read and write
|
||
2C2CEDED000
|
heap
|
page read and write
|
||
1A85A2C0000
|
remote allocation
|
page read and write
|
||
2104E44B000
|
heap
|
page read and write
|
||
1A85A0F3000
|
heap
|
page read and write
|
||
14CFCD02000
|
heap
|
page read and write
|
||
1A859E50000
|
trusted library allocation
|
page read and write
|
||
7FFC671C0000
|
unkown
|
page readonly
|
||
1848C396000
|
heap
|
page read and write
|
||
1BFBAB3C000
|
heap
|
page read and write
|
||
1848C384000
|
heap
|
page read and write
|
||
1A859DC0000
|
trusted library allocation
|
page read and write
|
||
1A855202000
|
heap
|
page read and write
|
||
16408A40000
|
heap
|
page read and write
|
||
23175E00000
|
heap
|
page read and write
|
||
E5F000
|
stack
|
page read and write
|
||
1A854A6D000
|
heap
|
page read and write
|
||
1BFBC420000
|
heap
|
page readonly
|
||
1848BAA3000
|
heap
|
page read and write
|
||
7FFC671C1000
|
unkown
|
page execute read
|
||
208016C8000
|
heap
|
page read and write
|
||
7FFC671C1000
|
unkown
|
page execute read
|
||
3656BAE000
|
stack
|
page read and write
|
||
1416D6A0000
|
heap
|
page read and write
|
||
1848C3A8000
|
heap
|
page read and write
|
||
15FFD83E000
|
heap
|
page read and write
|
||
19E15900000
|
heap
|
page read and write
|
||
1848C38B000
|
heap
|
page read and write
|
||
1848BA3C000
|
heap
|
page read and write
|
||
1CC60A78000
|
heap
|
page read and write
|
||
C670D7B000
|
stack
|
page read and write
|
||
1A859FA4000
|
trusted library allocation
|
page read and write
|
||
C8E19FE000
|
stack
|
page read and write
|
||
19E16113000
|
heap
|
page read and write
|
||
1848C398000
|
heap
|
page read and write
|
||
1848C384000
|
heap
|
page read and write
|
||
1848BAC3000
|
heap
|
page read and write
|
||
1310000
|
heap
|
page read and write
|
||
2104E449000
|
heap
|
page read and write
|
||
1A85A3B0000
|
trusted library allocation
|
page read and write
|
||
27679450000
|
remote allocation
|
page read and write
|
||
27679292000
|
heap
|
page read and write
|
||
1848C821000
|
heap
|
page read and write
|
||
1848C399000
|
heap
|
page read and write
|
||
376017D000
|
stack
|
page read and write
|
||
C3BF4FE000
|
stack
|
page read and write
|
||
1BFBA960000
|
heap
|
page read and write
|
||
214F384D000
|
heap
|
page read and write
|
||
CB7C87C000
|
stack
|
page read and write
|
||
7FFC67219000
|
unkown
|
page readonly
|
||
27679150000
|
heap
|
page read and write
|
||
5A9D1FB000
|
stack
|
page read and write
|
||
1BFBC3E0000
|
direct allocation
|
page execute and read and write
|
||
CB7CBFE000
|
stack
|
page read and write
|
||
27679292000
|
heap
|
page read and write
|
||
14CFCB80000
|
heap
|
page read and write
|
||
1BFBAAF7000
|
heap
|
page read and write
|
||
A75000
|
stack
|
page read and write
|
||
27679253000
|
heap
|
page read and write
|
||
66D277B000
|
stack
|
page read and write
|
||
1848C39B000
|
heap
|
page read and write
|
||
2C2CED80000
|
heap
|
page read and write
|
||
14CFCC70000
|
heap
|
page read and write
|
||
214F381B000
|
heap
|
page read and write
|
||
7FFC671C0000
|
unkown
|
page readonly
|
||
18002D000
|
direct allocation
|
page readonly
|
||
2767924B000
|
heap
|
page read and write
|
||
25D8AD70000
|
heap
|
page readonly
|
||
15FFD813000
|
heap
|
page read and write
|
||
214F3836000
|
heap
|
page read and write
|
||
180000000
|
direct allocation
|
page read and write
|
||
5BC567A000
|
stack
|
page read and write
|
||
1A85A04D000
|
heap
|
page read and write
|
||
1848C3A8000
|
heap
|
page read and write
|
||
1416D857000
|
heap
|
page read and write
|
||
1848C399000
|
heap
|
page read and write
|
||
7FFC671C1000
|
unkown
|
page execute read
|
||
16408A59000
|
heap
|
page read and write
|
||
19E14FA0000
|
heap
|
page read and write
|
||
1CA62270000
|
heap
|
page read and write
|
||
7FFC67219000
|
unkown
|
page readonly
|
||
16408A75000
|
heap
|
page read and write
|
||
1319000
|
heap
|
page read and write
|
||
2D6ECFF000
|
stack
|
page read and write
|
||
214F384D000
|
heap
|
page read and write
|
||
16408A3C000
|
heap
|
page read and write
|
||
1848C397000
|
heap
|
page read and write
|
||
1848C802000
|
heap
|
page read and write
|
||
66D29FF000
|
stack
|
page read and write
|
||
16408A41000
|
heap
|
page read and write
|
||
1A855060000
|
trusted library allocation
|
page read and write
|
||
1CC62550000
|
heap
|
page read and write
|
||
1848C36F000
|
heap
|
page read and write
|
||
1848C384000
|
heap
|
page read and write
|
||
19E1506A000
|
heap
|
page read and write
|
||
2104E413000
|
heap
|
page read and write
|
||
CB0000
|
heap
|
page read and write
|
||
15FFD868000
|
heap
|
page read and write
|
||
15FFD902000
|
heap
|
page read and write
|
||
1848C386000
|
heap
|
page read and write
|
||
27679AB3000
|
heap
|
page read and write
|
||
1848BA4A000
|
heap
|
page read and write
|
||
1CC609F0000
|
heap
|
page read and write
|
||
19E15085000
|
heap
|
page read and write
|
||
1C076C05000
|
heap
|
page read and write
|
||
2C2CEC40000
|
heap
|
page read and write
|
||
1848C389000
|
heap
|
page read and write
|
||
2D6E9FE000
|
stack
|
page read and write
|
||
1848C399000
|
heap
|
page read and write
|
||
218C4A8D000
|
heap
|
page read and write
|
||
1A854A6F000
|
heap
|
page read and write
|
||
19E15029000
|
heap
|
page read and write
|
||
19E159D7000
|
heap
|
page read and write
|
||
14CFD350000
|
trusted library allocation
|
page read and write
|
||
5BC587E000
|
stack
|
page read and write
|
||
7FFC67216000
|
unkown
|
page read and write
|
||
12F0000
|
heap
|
page read and write
|
||
376027F000
|
stack
|
page read and write
|
||
C67117D000
|
stack
|
page read and write
|
||
14CFCC4C000
|
heap
|
page read and write
|
||
1A85A290000
|
trusted library allocation
|
page read and write
|
||
7FFC67216000
|
unkown
|
page read and write
|
||
7FFC671C0000
|
unkown
|
page readonly
|
||
1CC60840000
|
heap
|
page read and write
|
||
CF745AD000
|
stack
|
page read and write
|
||
1848C383000
|
heap
|
page read and write
|
||
1349000
|
heap
|
page read and write
|
||
1A854A94000
|
heap
|
page read and write
|
||
1BFBC480000
|
heap
|
page read and write
|
||
7FFC671C0000
|
unkown
|
page readonly
|
||
CF74A7B000
|
stack
|
page read and write
|
||
1A85A270000
|
trusted library allocation
|
page read and write
|
||
1C0768A0000
|
heap
|
page read and write
|
||
375F8DB000
|
stack
|
page read and write
|
||
7FFC67216000
|
unkown
|
page read and write
|
||
16408A13000
|
heap
|
page read and write
|
||
1A85A040000
|
heap
|
page read and write
|
||
15FFD900000
|
heap
|
page read and write
|
||
5A9CD4E000
|
stack
|
page read and write
|
||
27679450000
|
remote allocation
|
page read and write
|
||
72AEEFF000
|
stack
|
page read and write
|
||
16408A57000
|
heap
|
page read and write
|
||
23175C40000
|
heap
|
page read and write
|
||
2104EC02000
|
trusted library allocation
|
page read and write
|
||
1A855318000
|
heap
|
page read and write
|
||
2C2CEDE0000
|
heap
|
page read and write
|
||
1A85A0A8000
|
heap
|
page read and write
|
||
31F47FF000
|
stack
|
page read and write
|
||
15FFD913000
|
heap
|
page read and write
|
||
19E150CF000
|
heap
|
page read and write
|
||
20801713000
|
heap
|
page read and write
|
||
18002F000
|
direct allocation
|
page readonly
|
||
7FFC67212000
|
unkown
|
page readonly
|
||
27679292000
|
heap
|
page read and write
|
||
214F3854000
|
heap
|
page read and write
|
||
66D247A000
|
stack
|
page read and write
|
||
1848C3A8000
|
heap
|
page read and write
|
||
19E15063000
|
heap
|
page read and write
|
||
164087D0000
|
heap
|
page read and write
|
||
2080166E000
|
heap
|
page read and write
|
||
1CC60A78000
|
heap
|
page read and write
|
||
214F3826000
|
heap
|
page read and write
|
||
27679294000
|
heap
|
page read and write
|
||
18002F000
|
direct allocation
|
page readonly
|
||
19E15044000
|
heap
|
page read and write
|
||
7FFC67212000
|
unkown
|
page readonly
|
||
1A854B02000
|
heap
|
page read and write
|
||
2104E43C000
|
heap
|
page read and write
|
||
1848BA4D000
|
heap
|
page read and write
|
||
1848C389000
|
heap
|
page read and write
|
||
1A855DC0000
|
trusted library allocation
|
page read and write
|
||
1A854AA7000
|
heap
|
page read and write
|
||
365727F000
|
stack
|
page read and write
|
||
19E15061000
|
heap
|
page read and write
|
||
13DEF730000
|
heap
|
page read and write
|
||
1C076C00000
|
heap
|
page read and write
|
||
1848BACE000
|
heap
|
page read and write
|
||
30D69B6000
|
stack
|
page read and write
|
||
1280000
|
heap
|
page read and write
|
||
218C4A02000
|
heap
|
page read and write
|
||
1BFBC3C0000
|
heap
|
page read and write
|
||
7FFC671C1000
|
unkown
|
page execute read
|
||
1848BA71000
|
heap
|
page read and write
|
||
1848C819000
|
heap
|
page read and write
|
||
1848C391000
|
heap
|
page read and write
|
||
14CFCC00000
|
heap
|
page read and write
|
||
1A854ABD000
|
heap
|
page read and write
|
||
27679130000
|
heap
|
page read and write
|
||
30D6DFE000
|
stack
|
page read and write
|
||
2104E400000
|
heap
|
page read and write
|
||
C8E187A000
|
stack
|
page read and write
|
||
FB5CCFD000
|
stack
|
page read and write
|
||
19E15031000
|
heap
|
page read and write
|
||
C00000
|
heap
|
page read and write
|
||
14CFCC8F000
|
heap
|
page read and write
|
||
CD4000
|
heap
|
page read and write
|
||
CB7C9FB000
|
stack
|
page read and write
|
||
C6711F9000
|
stack
|
page read and write
|
||
1CC609F0000
|
heap
|
page read and write
|
||
72AF17F000
|
unkown
|
page read and write
|
||
27679260000
|
heap
|
page read and write
|
||
18002D000
|
direct allocation
|
page readonly
|
||
1C07689C000
|
heap
|
page read and write
|
||
2104E44F000
|
heap
|
page read and write
|
||
1A85A0B0000
|
trusted library allocation
|
page read and write
|
||
3480000
|
remote allocation
|
page read and write
|
||
27679292000
|
heap
|
page read and write
|
||
16408A6D000
|
heap
|
page read and write
|
||
214F3B10000
|
heap
|
page read and write
|
||
23175F13000
|
heap
|
page read and write
|
||
25D89EDA000
|
heap
|
page read and write
|
||
27679450000
|
remote allocation
|
page read and write
|
||
2767924B000
|
heap
|
page read and write
|
||
FC0000
|
remote allocation
|
page read and write
|
||
218C4A7E000
|
heap
|
page read and write
|
||
34FE000
|
stack
|
page read and write
|
||
19E151B8000
|
heap
|
page read and write
|
||
1A855304000
|
heap
|
page read and write
|
||
25D8AD60000
|
trusted library allocation
|
page read and write
|
||
23175DB0000
|
trusted library allocation
|
page read and write
|
||
EC0000
|
heap
|
page read and write
|
||
2D6E87E000
|
stack
|
page read and write
|
||
7FFC67219000
|
unkown
|
page readonly
|
||
CB7C57C000
|
stack
|
page read and write
|
||
25D8AD90000
|
trusted library allocation
|
page read and write
|
||
218C4A13000
|
heap
|
page read and write
|
||
27679205000
|
heap
|
page read and write
|
||
1A859F60000
|
trusted library allocation
|
page read and write
|
||
1848C3A8000
|
heap
|
page read and write
|
||
19E1509E000
|
heap
|
page read and write
|
||
214F3826000
|
heap
|
page read and write
|
||
C50000
|
heap
|
page read and write
|
||
20801E02000
|
heap
|
page read and write
|
||
1A85A000000
|
heap
|
page read and write
|
||
25D89EFE000
|
heap
|
page read and write
|
||
66D1F0B000
|
stack
|
page read and write
|
||
1848BAB4000
|
heap
|
page read and write
|
||
1848C3C3000
|
heap
|
page read and write
|
||
1BFBAB2E000
|
heap
|
page read and write
|
||
1416D6B0000
|
heap
|
page read and write
|
||
20801560000
|
trusted library allocation
|
page read and write
|
||
15FFE002000
|
trusted library allocation
|
page read and write
|
||
20801644000
|
heap
|
page read and write
|
||
1848C315000
|
heap
|
page read and write
|
||
C8E1AFB000
|
stack
|
page read and write
|
||
1CC60BF0000
|
heap
|
page read and write
|
||
2104E502000
|
heap
|
page read and write
|
||
1848C3B2000
|
heap
|
page read and write
|
||
2D6E58E000
|
stack
|
page read and write
|
||
19E15052000
|
heap
|
page read and write
|
||
14CFCBF0000
|
heap
|
page read and write
|
||
2D60000
|
heap
|
page read and write
|
||
1848BAF9000
|
heap
|
page read and write
|
||
3656B2B000
|
stack
|
page read and write
|
||
27679294000
|
heap
|
page read and write
|
||
16408A46000
|
heap
|
page read and write
|
||
5A9CCCB000
|
stack
|
page read and write
|
||
1A85A013000
|
heap
|
page read and write
|
||
25D8AD80000
|
trusted library allocation
|
page read and write
|
||
1848C30A000
|
heap
|
page read and write
|
||
16408A69000
|
heap
|
page read and write
|
||
214F3853000
|
heap
|
page read and write
|
||
1CC60A70000
|
heap
|
page read and write
|
||
16408A56000
|
heap
|
page read and write
|
||
20801600000
|
heap
|
page read and write
|
||
218C4B08000
|
heap
|
page read and write
|
||
214F384D000
|
heap
|
page read and write
|
||
1848C39E000
|
heap
|
page read and write
|
||
1848C3A2000
|
heap
|
page read and write
|
||
C8E18FE000
|
stack
|
page read and write
|
||
1848C384000
|
heap
|
page read and write
|
||
134B000
|
heap
|
page read and write
|
There are 958 hidden memdumps, click here to show them.