Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PvaOeKqrBs.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
MPEG-4 LOAS
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x79d04c26, page size 16384, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
|
Little-endian UTF-16 Unicode text, with CRLF, CR line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\PvaOeKqrBs.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\PvaOeKqrBs.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\PvaOeKqrBs.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\PvaOeKqrBs.dll,DllUnregisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\YRMNUhHMATANP\Chucqcozulnvx.dll"
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k NetworkService -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\system32\svchost.exe -k wusvcs -p -s WaaSMedicSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\PvaOeKqrBs.dll"
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\PvaOeKqrBs.dll",#1
|
||
|
C:\Windows\System32\SgrmBroker.exe
|
C:\Windows\system32\SgrmBroker.exe
|
||
|
C:\Program Files\Windows Defender\MpCmdRun.exe
|
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 11 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://23.239.0.12/y
|
unknown
|
|
|
|
https://23.239.0.12/U
|
unknown
|
|
|
|
https://23.239.0.12/
|
23.239.0.12
|
|
|
|
https://dev.ditu.live.com/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Driving
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
|
unknown
|
||
|
https://t0.tiles.ditu.live.com/tiles/gen
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Walking
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=
|
unknown
|
||
|
http://schemas.microft8
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/logging.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Transit/Schedules/
|
unknown
|
||
|
https://www.hotspotshield.com/terms/
|
unknown
|
||
|
https://www.pango.co/privacy
|
unknown
|
||
|
http://www.bingmapsportal.com
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
|
unknown
|
||
|
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Transit/Stops/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
|
unknown
|
||
|
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
|
https://activity.windows.comr
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
|
unknown
|
||
|
http://universalstore.streaming.mediaservices.windows
|
unknown
|
||
|
https://%s.xboxlive.com
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Locations
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/logging.ashx
|
unknown
|
||
|
https://support.hotspotshield.com/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://dynamic.t
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Transit
|
unknown
|
||
|
https://disneyplus.com/legal.
|
unknown
|
||
|
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://activity.windows.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Locations
|
unknown
|
||
|
http://help.disneyplus.com.
|
unknown
|
||
|
https://%s.dnet.xboxlive.com
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
|
unknown
|
There are 40 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
23.239.0.12
|
unknown
|
United States
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Usage
|
MonthID
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\WaaS\WaaSMedic\TaskStore
|
Schedule Scan
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\WaaS\WaaSMedic\State
|
BlockUntilTimeStatus
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\WaaS\WaaSMedic\Configuration
|
refreshAfter
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2740000
|
direct allocation
|
page execute and read and write
|
|
|
|
183B38F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
22FCAD50000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
2350000
|
direct allocation
|
page execute and read and write
|
|
|
|
1AECC530000
|
heap
|
page read and write
|
||
|
1F852C4E000
|
heap
|
page read and write
|
||
|
227E9023000
|
heap
|
page read and write
|
||
|
259FEAF8000
|
heap
|
page read and write
|
||
|
E2FF87E000
|
stack
|
page read and write
|
||
|
259FE8B0000
|
remote allocation
|
page read and write
|
||
|
23964C60000
|
heap
|
page read and write
|
||
|
259F9273000
|
heap
|
page read and write
|
||
|
259F9229000
|
heap
|
page read and write
|
||
|
1AECC65B000
|
heap
|
page read and write
|
||
|
259F928F000
|
heap
|
page read and write
|
||
|
22C9AFE000
|
stack
|
page read and write
|
||
|
23DFF037000
|
heap
|
page read and write
|
||
|
23DFF029000
|
heap
|
page read and write
|
||
|
7FFC67219000
|
unkown
|
page readonly
|
||
|
22C97DE000
|
stack
|
page read and write
|
||
|
22FCAC0B000
|
heap
|
page read and write
|
||
|
7FFC671C0000
|
unkown
|
page readonly
|
||
|
227E8B1C000
|
heap
|
page read and write
|
||
|
E2FF77B000
|
stack
|
page read and write
|
||
|
259F9090000
|
heap
|
page read and write
|
||
|
1F852C56000
|
heap
|
page read and write
|
||
|
27E12C00000
|
heap
|
page read and write
|
||
|
BE7A97E000
|
stack
|
page read and write
|
||
|
17BFB9C0000
|
heap
|
page read and write
|
||
|
B04000
|
heap
|
page read and write
|
||
|
259F9A15000
|
heap
|
page read and write
|
||
|
18A34925000
|
heap
|
page read and write
|
||
|
1A926FE000
|
stack
|
page read and write
|
||
|
259FE890000
|
trusted library allocation
|
page read and write
|
||
|
22C9B7B000
|
stack
|
page read and write
|
||
|
227E8B72000
|
heap
|
page read and write
|
||
|
1A9238B000
|
stack
|
page read and write
|
||
|
1C0E1645000
|
heap
|
page read and write
|
||
|
183B396F000
|
heap
|
page read and write
|
||
|
1F23104F000
|
heap
|
page read and write
|
||
|
17BFC1C0000
|
remote allocation
|
page read and write
|
||
|
259FEA4B000
|
heap
|
page read and write
|
||
|
1F231013000
|
heap
|
page read and write
|
||
|
2E6F977000
|
stack
|
page read and write
|
||
|
22FCACE0000
|
heap
|
page read and write
|
||
|
227E8B75000
|
heap
|
page read and write
|
||
|
259F9307000
|
heap
|
page read and write
|
||
|
227E8B89000
|
heap
|
page read and write
|
||
|
227E8B6F000
|
heap
|
page read and write
|
||
|
800FE7F000
|
stack
|
page read and write
|
||
|
22FCABB0000
|
heap
|
page read and write
|
||
|
2480000
|
remote allocation
|
page read and write
|
||
|
18A34696000
|
heap
|
page read and write
|
||
|
23DFF95E000
|
heap
|
page read and write
|
||
|
1617B808000
|
heap
|
page read and write
|
||
|
227E9002000
|
heap
|
page read and write
|
||
|
800FDFB000
|
stack
|
page read and write
|
||
|
259FEAFC000
|
heap
|
page read and write
|
||
|
18CE1A00000
|
heap
|
page read and write
|
||
|
800FF7F000
|
stack
|
page read and write
|
||
|
227E8B76000
|
heap
|
page read and write
|
||
|
18CE1B08000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page readonly
|
||
|
1AECC641000
|
heap
|
page read and write
|
||
|
227E8B8A000
|
heap
|
page read and write
|
||
|
259FEB00000
|
heap
|
page read and write
|
||
|
17BFBC13000
|
heap
|
page read and write
|
||
|
20753CCC000
|
heap
|
page read and write
|
||
|
259FEAFC000
|
heap
|
page read and write
|
||
|
22FCAC11000
|
heap
|
page read and write
|
||
|
9A2CA7F000
|
stack
|
page read and write
|
||
|
227E8BBA000
|
heap
|
page read and write
|
||
|
259F9B18000
|
heap
|
page read and write
|
||
|
1F231102000
|
heap
|
page read and write
|
||
|
227E8B7A000
|
heap
|
page read and write
|
||
|
2BE1F290000
|
trusted library allocation
|
page read and write
|
||
|
D8627B000
|
stack
|
page read and write
|
||
|
1617B7D0000
|
heap
|
page read and write
|
||
|
227E8B7A000
|
heap
|
page read and write
|
||
|
1AECC613000
|
heap
|
page read and write
|
||
|
16668F13000
|
heap
|
page read and write
|
||
|
259F90F0000
|
heap
|
page read and write
|
||
|
BE7A5B6000
|
stack
|
page read and write
|
||
|
18CE1B00000
|
heap
|
page read and write
|
||
|
2BE1F32A000
|
heap
|
page read and write
|
||
|
1C0E1702000
|
heap
|
page read and write
|
||
|
227E8B89000
|
heap
|
page read and write
|
||
|
227E9004000
|
heap
|
page read and write
|
||
|
1AECCE02000
|
trusted library allocation
|
page read and write
|
||
|
7FFC67212000
|
unkown
|
page readonly
|
||
|
B2B000
|
heap
|
page read and write
|
||
|
183B38E0000
|
direct allocation
|
page execute and read and write
|
||
|
1F852A00000
|
heap
|
page read and write
|
||
|
1C0E1669000
|
heap
|
page read and write
|
||
|
1617B8EC000
|
heap
|
page read and write
|
||
|
23DFF936000
|
heap
|
page read and write
|
||
|
28AF000
|
stack
|
page read and write
|
||
|
227E8229000
|
heap
|
page read and write
|
||
|
259FE774000
|
trusted library allocation
|
page read and write
|
||
|
259FE770000
|
trusted library allocation
|
page read and write
|
||
|
259FE630000
|
trusted library allocation
|
page read and write
|
||
|
A1AB5F9000
|
stack
|
page read and write
|
||
|
1AECC713000
|
heap
|
page read and write
|
||
|
259F9B04000
|
heap
|
page read and write
|
||
|
1617C160000
|
heap
|
page read and write
|
||
|
227E8B9D000
|
heap
|
page read and write
|
||
|
95982FC000
|
stack
|
page read and write
|
||
|
1F23103C000
|
heap
|
page read and write
|
||
|
7FFC67212000
|
unkown
|
page readonly
|
||
|
E2FF67F000
|
stack
|
page read and write
|
||
|
183B3B15000
|
heap
|
page read and write
|
||
|
227E8B9F000
|
heap
|
page read and write
|
||
|
227E8B74000
|
heap
|
page read and write
|
||
|
259FEA83000
|
heap
|
page read and write
|
||
|
18CE1A51000
|
heap
|
page read and write
|
||
|
259FE780000
|
trusted library allocation
|
page read and write
|
||
|
23E0011B000
|
heap
|
page read and write
|
||
|
1D5F1C58000
|
heap
|
page read and write
|
||
|
227E82AB000
|
heap
|
page read and write
|
||
|
1C0E1644000
|
heap
|
page read and write
|
||
|
2C9E000
|
stack
|
page read and write
|
||
|
1617B845000
|
heap
|
page read and write
|
||
|
259FE840000
|
trusted library allocation
|
page read and write
|
||
|
22C9BFD000
|
stack
|
page read and write
|
||
|
1617B86B000
|
heap
|
page read and write
|
||
|
227E824D000
|
heap
|
page read and write
|
||
|
227E8249000
|
heap
|
page read and write
|
||
|
2BE20020000
|
heap
|
page readonly
|
||
|
B2B000
|
heap
|
page read and write
|
||
|
18A346A4000
|
heap
|
page read and write
|
||
|
259F9A02000
|
heap
|
page read and write
|
||
|
18A34694000
|
heap
|
page read and write
|
||
|
259F9253000
|
heap
|
page read and write
|
||
|
C7187C000
|
stack
|
page read and write
|
||
|
259FE8A0000
|
trusted library allocation
|
page read and write
|
||
|
23E00102000
|
heap
|
page read and write
|
||
|
227E9004000
|
heap
|
page read and write
|
||
|
C71CF7000
|
stack
|
page read and write
|
||
|
183B38C0000
|
heap
|
page read and write
|
||
|
FF704FE000
|
stack
|
page read and write
|
||
|
20753B80000
|
heap
|
page read and write
|
||
|
BE7AA7F000
|
stack
|
page read and write
|
||
|
7FFC67212000
|
unkown
|
page readonly
|
||
|
16668E02000
|
heap
|
page read and write
|
||
|
1F855DA0000
|
heap
|
page read and write
|
||
|
2E3B000
|
stack
|
page read and write
|
||
|
1D5F1C8F000
|
heap
|
page read and write
|
||
|
23964CFB000
|
heap
|
page read and write
|
||
|
16668E40000
|
heap
|
page read and write
|
||
|
1617B853000
|
heap
|
page read and write
|
||
|
227E8B95000
|
heap
|
page read and write
|
||
|
8983AFF000
|
stack
|
page read and write
|
||
|
7FFC67219000
|
unkown
|
page readonly
|
||
|
23E00006000
|
heap
|
page read and write
|
||
|
227E9004000
|
heap
|
page read and write
|
||
|
1617B8EE000
|
heap
|
page read and write
|
||
|
183B3B10000
|
heap
|
page read and write
|
||
|
2820000
|
heap
|
page read and write
|
||
|
21F0A7B000
|
stack
|
page read and write
|
||
|
1617C163000
|
heap
|
page read and write
|
||
|
227E8B6F000
|
heap
|
page read and write
|
||
|
1617B960000
|
remote allocation
|
page read and write
|
||
|
20F464E0000
|
heap
|
page read and write
|
||
|
17BFBC40000
|
heap
|
page read and write
|
||
|
1F852C33000
|
heap
|
page read and write
|
||
|
23DFF03C000
|
heap
|
page read and write
|
||
|
17BFBC02000
|
heap
|
page read and write
|
||
|
259FEA3E000
|
heap
|
page read and write
|
||
|
23DFF088000
|
heap
|
page read and write
|
||
|
227E82EB000
|
heap
|
page read and write
|
||
|
23DFF07B000
|
heap
|
page read and write
|
||
|
227E8BC7000
|
heap
|
page read and write
|
||
|
16668E79000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
227E8B9F000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
710000
|
remote allocation
|
page read and write
|
||
|
4E2477F000
|
stack
|
page read and write
|
||
|
17BFC1C0000
|
remote allocation
|
page read and write
|
||
|
1F852C2E000
|
heap
|
page read and write
|
||
|
2E6F1BB000
|
stack
|
page read and write
|
||
|
183B3920000
|
heap
|
page readonly
|
||
|
259FE820000
|
trusted library allocation
|
page read and write
|
||
|
1617B863000
|
heap
|
page read and write
|
||
|
227E8140000
|
heap
|
page read and write
|
||
|
20753C65000
|
heap
|
page read and write
|
||
|
227E8BD2000
|
heap
|
page read and write
|
||
|
9A2C4BC000
|
stack
|
page read and write
|
||
|
A1AB1FB000
|
stack
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
2E6F5FB000
|
stack
|
page read and write
|
||
|
1C0E1647000
|
heap
|
page read and write
|
||
|
227E8280000
|
heap
|
page read and write
|
||
|
23DFF077000
|
heap
|
page read and write
|
||
|
23DFF0F1000
|
heap
|
page read and write
|
||
|
1617B845000
|
heap
|
page read and write
|
||
|
FFB000
|
heap
|
page read and write
|
||
|
1C0E166B000
|
heap
|
page read and write
|
||
|
1F852C2A000
|
heap
|
page read and write
|
||
|
227E8B52000
|
heap
|
page read and write
|
||
|
227E9004000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
E2FEF4B000
|
stack
|
page read and write
|
||
|
16668E64000
|
heap
|
page read and write
|
||
|
1AECC670000
|
heap
|
page read and write
|
||
|
9A2CE7D000
|
stack
|
page read and write
|
||
|
20753CE1000
|
heap
|
page read and write
|
||
|
23DFF06A000
|
heap
|
page read and write
|
||
|
22FCAC11000
|
heap
|
page read and write
|
||
|
AF3000
|
heap
|
page read and write
|
||
|
20753CBB000
|
heap
|
page read and write
|
||
|
DBF1FF000
|
stack
|
page read and write
|
||
|
4E23FFC000
|
stack
|
page read and write
|
||
|
23DFF1B8000
|
heap
|
page read and write
|
||
|
1F231108000
|
heap
|
page read and write
|
||
|
1F231071000
|
heap
|
page read and write
|
||
|
259FEA1C000
|
heap
|
page read and write
|
||
|
259FE794000
|
trusted library allocation
|
page read and write
|
||
|
B2B000
|
heap
|
page read and write
|
||
|
227E8BA4000
|
heap
|
page read and write
|
||
|
1C0E1646000
|
heap
|
page read and write
|
||
|
1C0E1649000
|
heap
|
page read and write
|
||
|
18CE1A46000
|
heap
|
page read and write
|
||
|
183B3AC4000
|
heap
|
page read and write
|
||
|
2480000
|
remote allocation
|
page read and write
|
||
|
227E8B86000
|
heap
|
page read and write
|
||
|
227E8B99000
|
heap
|
page read and write
|
||
|
18CE1A70000
|
heap
|
page read and write
|
||
|
C718FE000
|
stack
|
page read and write
|
||
|
227E8BB4000
|
heap
|
page read and write
|
||
|
21F15FF000
|
stack
|
page read and write
|
||
|
E2FF97B000
|
stack
|
page read and write
|
||
|
20753B20000
|
heap
|
page read and write
|
||
|
17BFBC5C000
|
heap
|
page read and write
|
||
|
2E6F47E000
|
stack
|
page read and write
|
||
|
259F99C1000
|
trusted library allocation
|
page read and write
|
||
|
227E8B9A000
|
heap
|
page read and write
|
||
|
18A34686000
|
heap
|
page read and write
|
||
|
227E8253000
|
heap
|
page read and write
|
||
|
1617B88F000
|
heap
|
page read and write
|
||
|
A1AB6FC000
|
stack
|
page read and write
|
||
|
1C0E1664000
|
heap
|
page read and write
|
||
|
259F9256000
|
heap
|
page read and write
|
||
|
23DFF0CD000
|
heap
|
page read and write
|
||
|
A83027F000
|
stack
|
page read and write
|
||
|
259F929A000
|
heap
|
page read and write
|
||
|
7FFC67216000
|
unkown
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
7FFC67219000
|
unkown
|
page readonly
|
||
|
1A9267E000
|
stack
|
page read and write
|
||
|
259F9B00000
|
heap
|
page read and write
|
||
|
259FA5F0000
|
trusted library allocation
|
page read and write
|
||
|
B7D000
|
heap
|
page read and write
|
||
|
1F231029000
|
heap
|
page read and write
|
||
|
1617B853000
|
heap
|
page read and write
|
||
|
227E8B90000
|
heap
|
page read and write
|
||
|
1617B9B0000
|
heap
|
page read and write
|
||
|
1617B960000
|
remote allocation
|
page read and write
|
||
|
227E8A02000
|
heap
|
page read and write
|
||
|
259FA060000
|
trusted library allocation
|
page read and write
|
||
|
1D5F1AA0000
|
heap
|
page read and write
|
||
|
1F231602000
|
trusted library allocation
|
page read and write
|
||
|
227E8B72000
|
heap
|
page read and write
|
||
|
2770000
|
heap
|
page readonly
|
||
|
2BE1F310000
|
heap
|
page read and write
|
||
|
2710000
|
heap
|
page read and write
|
||
|
227E8B75000
|
heap
|
page read and write
|
||
|
1617B8D3000
|
heap
|
page read and write
|
||
|
8983CFE000
|
stack
|
page read and write
|
||
|
259FE771000
|
trusted library allocation
|
page read and write
|
||
|
227E8B10000
|
heap
|
page read and write
|
||
|
E6DE8F9000
|
stack
|
page read and write
|
||
|
1D5F1C62000
|
heap
|
page read and write
|
||
|
227E8B99000
|
heap
|
page read and write
|
||
|
9A2CF7F000
|
stack
|
page read and write
|
||
|
183B3937000
|
heap
|
page read and write
|
||
|
16668E55000
|
heap
|
page read and write
|
||
|
95985F7000
|
stack
|
page read and write
|
||
|
1C0E1640000
|
heap
|
page read and write
|
||
|
2390000
|
trusted library allocation
|
page read and write
|
||
|
23E00054000
|
heap
|
page read and write
|
||
|
7FFC67219000
|
unkown
|
page readonly
|
||
|
1C0E1631000
|
heap
|
page read and write
|
||
|
2BE20010000
|
trusted library allocation
|
page read and write
|
||
|
259F9302000
|
heap
|
page read and write
|
||
|
1F852B80000
|
heap
|
page read and write
|
||
|
1D5F1C70000
|
heap
|
page read and write
|
||
|
227E8B86000
|
heap
|
page read and write
|
||
|
1F852C18000
|
heap
|
page read and write
|
||
|
227E9005000
|
heap
|
page read and write
|
||
|
16669402000
|
trusted library allocation
|
page read and write
|
||
|
1617B8D1000
|
heap
|
page read and write
|
||
|
227E8BA3000
|
heap
|
page read and write
|
||
|
2E6FA7E000
|
stack
|
page read and write
|
||
|
1075000
|
heap
|
page read and write
|
||
|
259F9A00000
|
heap
|
page read and write
|
||
|
2E6F4FE000
|
stack
|
page read and write
|
||
|
23DFF073000
|
heap
|
page read and write
|
||
|
23DFF113000
|
heap
|
page read and write
|
||
|
95987FF000
|
stack
|
page read and write
|
||
|
227E8248000
|
heap
|
page read and write
|
||
|
1C0E1641000
|
heap
|
page read and write
|
||
|
2BE1F4A0000
|
heap
|
page read and write
|
||
|
23964CF0000
|
heap
|
page read and write
|
||
|
7FFC671C0000
|
unkown
|
page readonly
|
||
|
18CE17A0000
|
heap
|
page read and write
|
||
|
1617B9B5000
|
heap
|
page read and write
|
||
|
18A3469E000
|
heap
|
page read and write
|
||
|
259FE8B0000
|
remote allocation
|
page read and write
|
||
|
7F5000
|
heap
|
page read and write
|
||
|
22FCC780000
|
heap
|
page read and write
|
||
|
227E8B88000
|
heap
|
page read and write
|
||
|
22FCAC1F000
|
heap
|
page read and write
|
||
|
A1AA97C000
|
stack
|
page read and write
|
||
|
1C0E1560000
|
heap
|
page read and write
|
||
|
1D5F2402000
|
trusted library allocation
|
page read and write
|
||
|
1C0E1661000
|
heap
|
page read and write
|
||
|
9A2D07D000
|
stack
|
page read and write
|
||
|
259FE8B0000
|
trusted library allocation
|
page read and write
|
||
|
1C0E1642000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
23E00000000
|
heap
|
page read and write
|
||
|
227E8BCE000
|
heap
|
page read and write
|
||
|
95986FF000
|
stack
|
page read and write
|
||
|
18A34920000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
1D5F1B00000
|
heap
|
page read and write
|
||
|
16668E28000
|
heap
|
page read and write
|
||
|
1D5F1C3C000
|
heap
|
page read and write
|
||
|
FF703FE000
|
stack
|
page read and write
|
||
|
227E8B86000
|
heap
|
page read and write
|
||
|
1AECC629000
|
heap
|
page read and write
|
||
|
1F855E70000
|
trusted library allocation
|
page read and write
|
||
|
259F928A000
|
heap
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
227E8B99000
|
heap
|
page read and write
|
||
|
1F856670000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
227E82AA000
|
heap
|
page read and write
|
||
|
18CE1A53000
|
heap
|
page read and write
|
||
|
21F12FF000
|
stack
|
page read and write
|
||
|
2BE1F0D0000
|
trusted library allocation
|
page read and write
|
||
|
23DFF04C000
|
heap
|
page read and write
|
||
|
7FFC67216000
|
unkown
|
page read and write
|
||
|
E35000
|
heap
|
page read and write
|
||
|
22C9A7E000
|
stack
|
page read and write
|
||
|
227E82C7000
|
heap
|
page read and write
|
||
|
2BE1F4B0000
|
trusted library allocation
|
page read and write
|
||
|
227E8BB3000
|
heap
|
page read and write
|
||
|
18CE1810000
|
heap
|
page read and write
|
||
|
227E8B9D000
|
heap
|
page read and write
|
||
|
2480000
|
remote allocation
|
page read and write
|
||
|
227E8B7E000
|
heap
|
page read and write
|
||
|
227E8B9D000
|
heap
|
page read and write
|
||
|
227E8150000
|
heap
|
page read and write
|
||
|
227E82C0000
|
heap
|
page read and write
|
||
|
1AECC5A0000
|
heap
|
page read and write
|
||
|
1617B8F1000
|
heap
|
page read and write
|
||
|
20F464ED000
|
heap
|
page read and write
|
||
|
227E8270000
|
heap
|
page read and write
|
||
|
22FCABE8000
|
heap
|
page read and write
|
||
|
B7D000
|
heap
|
page read and write
|
||
|
1C0E1663000
|
heap
|
page read and write
|
||
|
23DFF750000
|
trusted library allocation
|
page read and write
|
||
|
21F10FD000
|
stack
|
page read and write
|
||
|
227E9004000
|
heap
|
page read and write
|
||
|
1617B87C000
|
heap
|
page read and write
|
||
|
1617B853000
|
heap
|
page read and write
|
||
|
227E8B97000
|
heap
|
page read and write
|
||
|
23DFF0B6000
|
heap
|
page read and write
|
||
|
1C0E1660000
|
heap
|
page read and write
|
||
|
17BFBA30000
|
heap
|
page read and write
|
||
|
227E82E8000
|
heap
|
page read and write
|
||
|
227E8B9D000
|
heap
|
page read and write
|
||
|
9A2CCFD000
|
stack
|
page read and write
|
||
|
23DFF053000
|
heap
|
page read and write
|
||
|
1F852B85000
|
heap
|
page read and write
|
||
|
227E81B0000
|
heap
|
page read and write
|
||
|
227E8BB5000
|
heap
|
page read and write
|
||
|
259FE860000
|
trusted library allocation
|
page read and write
|
||
|
1C0E165F000
|
heap
|
page read and write
|
||
|
AD4000
|
stack
|
page read and write
|
||
|
259F9288000
|
heap
|
page read and write
|
||
|
17BFC190000
|
trusted library allocation
|
page read and write
|
||
|
27FE000
|
stack
|
page read and write
|
||
|
1F852B40000
|
heap
|
page read and write
|
||
|
A82FBAE000
|
stack
|
page read and write
|
||
|
1F23108B000
|
heap
|
page read and write
|
||
|
2BE1F2B0000
|
trusted library allocation
|
page read and write
|
||
|
710000
|
remote allocation
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
227E8B6D000
|
heap
|
page read and write
|
||
|
23DFF9D4000
|
heap
|
page read and write
|
||
|
227E82E3000
|
heap
|
page read and write
|
||
|
95983FB000
|
stack
|
page read and write
|
||
|
20753B10000
|
heap
|
page read and write
|
||
|
7FFC671C1000
|
unkown
|
page execute read
|
||
|
16668E00000
|
heap
|
page read and write
|
||
|
259FE640000
|
trusted library allocation
|
page read and write
|
||
|
2BE1F30F000
|
heap
|
page read and write
|
||
|
7FFC671C1000
|
unkown
|
page execute read
|
||
|
E6DEA79000
|
stack
|
page read and write
|
||
|
A82FF7E000
|
stack
|
page read and write
|
||
|
1D5F1C29000
|
heap
|
page read and write
|
||
|
259FE9A0000
|
trusted library allocation
|
page read and write
|
||
|
A83007E000
|
stack
|
page read and write
|
||
|
227E8200000
|
heap
|
page read and write
|
||
|
227E8B76000
|
heap
|
page read and write
|
||
|
22C975A000
|
stack
|
page read and write
|
||
|
1F231002000
|
heap
|
page read and write
|
||
|
1A928FB000
|
stack
|
page read and write
|
||
|
2700000
|
direct allocation
|
page execute and read and write
|
||
|
22C9D7F000
|
stack
|
page read and write
|
||
|
21F0DFE000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
259FEAE6000
|
heap
|
page read and write
|
||
|
DBF07F000
|
stack
|
page read and write
|
||
|
8983C7E000
|
stack
|
page read and write
|
||
|
259FEAF4000
|
heap
|
page read and write
|
||
|
227E8B78000
|
heap
|
page read and write
|
||
|
17BFBC00000
|
heap
|
page read and write
|
||
|
227E82AE000
|
heap
|
page read and write
|
||
|
1C0E15F0000
|
trusted library allocation
|
page read and write
|
||
|
2BE1F30F000
|
heap
|
page read and write
|
||
|
9597F8F000
|
stack
|
page read and write
|
||
|
291F000
|
stack
|
page read and write
|
||
|
1F852C2F000
|
heap
|
page read and write
|
||
|
259F9200000
|
heap
|
page read and write
|
||
|
4E2437E000
|
stack
|
page read and write
|
||
|
1F231027000
|
heap
|
page read and write
|
||
|
1AECC540000
|
heap
|
page read and write
|
||
|
227E8308000
|
heap
|
page read and write
|
||
|
259F92FB000
|
heap
|
page read and write
|
||
|
1C0E164B000
|
heap
|
page read and write
|
||
|
1C0E163A000
|
heap
|
page read and write
|
||
|
227E8B86000
|
heap
|
page read and write
|
||
|
800F9EC000
|
stack
|
page read and write
|
||
|
227E8B9F000
|
heap
|
page read and write
|
||
|
1F23104B000
|
heap
|
page read and write
|
||
|
227E8BB5000
|
heap
|
page read and write
|
||
|
183B3930000
|
heap
|
page read and write
|
||
|
227E8B8B000
|
heap
|
page read and write
|
||
|
227E8BBA000
|
heap
|
page read and write
|
||
|
227E824E000
|
heap
|
page read and write
|
||
|
1AECC676000
|
heap
|
page read and write
|
||
|
227E8256000
|
heap
|
page read and write
|
||
|
1C0E1600000
|
heap
|
page read and write
|
||
|
23DFEFF0000
|
heap
|
page read and write
|
||
|
2BE20040000
|
trusted library allocation
|
page read and write
|
||
|
227E8B99000
|
heap
|
page read and write
|
||
|
22C9C7C000
|
stack
|
page read and write
|
||
|
1A929F7000
|
stack
|
page read and write
|
||
|
227E81E0000
|
trusted library allocation
|
page read and write
|
||
|
227E8213000
|
heap
|
page read and write
|
||
|
1617B960000
|
remote allocation
|
page read and write
|
||
|
1C0E1674000
|
heap
|
page read and write
|
||
|
22FCABE0000
|
heap
|
page read and write
|
||
|
AB8000
|
heap
|
page read and write
|
||
|
259FEA54000
|
heap
|
page read and write
|
||
|
259F9276000
|
heap
|
page read and write
|
||
|
800FEFF000
|
stack
|
page read and write
|
||
|
1C0E1602000
|
heap
|
page read and write
|
||
|
259F926E000
|
heap
|
page read and write
|
||
|
A1AB0FE000
|
stack
|
page read and write
|
||
|
259F9B02000
|
heap
|
page read and write
|
||
|
2BE1F318000
|
heap
|
page read and write
|
||
|
1617B863000
|
heap
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
C7197E000
|
stack
|
page read and write
|
||
|
16668E68000
|
heap
|
page read and write
|
||
|
E2FF9FE000
|
stack
|
page read and write
|
||
|
227E8B9C000
|
heap
|
page read and write
|
||
|
1F231113000
|
heap
|
page read and write
|
||
|
1617B845000
|
heap
|
page read and write
|
||
|
18A34681000
|
heap
|
page read and write
|
||
|
DBED36000
|
stack
|
page read and write
|
||
|
E6DE9FE000
|
stack
|
page read and write
|
||
|
227E82FD000
|
heap
|
page read and write
|
||
|
227E8B28000
|
heap
|
page read and write
|
||
|
2714000
|
heap
|
page read and write
|
||
|
1617B87C000
|
heap
|
page read and write
|
||
|
9597E8B000
|
stack
|
page read and write
|
||
|
B93000
|
heap
|
page read and write
|
||
|
23DFF062000
|
heap
|
page read and write
|
||
|
20753C87000
|
heap
|
page read and write
|
||
|
2390000
|
trusted library allocation
|
page read and write
|
||
|
20754532000
|
heap
|
page read and write
|
||
|
259FEB02000
|
heap
|
page read and write
|
||
|
1617B857000
|
heap
|
page read and write
|
||
|
1F852B60000
|
heap
|
page read and write
|
||
|
1AECC702000
|
heap
|
page read and write
|
||
|
1F231081000
|
heap
|
page read and write
|
||
|
1617B857000
|
heap
|
page read and write
|
||
|
21F0C7B000
|
stack
|
page read and write
|
||
|
259FE870000
|
trusted library allocation
|
page read and write
|
||
|
227E8B75000
|
heap
|
page read and write
|
||
|
20F463D0000
|
heap
|
page read and write
|
||
|
7FFC67216000
|
unkown
|
page read and write
|
||
|
7FFC67212000
|
unkown
|
page readonly
|
||
|
1617B800000
|
heap
|
page read and write
|
||
|
1C0E1662000
|
heap
|
page read and write
|
||
|
227E8B9E000
|
heap
|
page read and write
|
||
|
18A34580000
|
heap
|
page read and write
|
||
|
1D5F1C66000
|
heap
|
page read and write
|
||
|
1F230DB0000
|
heap
|
page read and write
|
||
|
2E6FBF8000
|
stack
|
page read and write
|
||
|
227E8BAB000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
A1AAFFA000
|
stack
|
page read and write
|
||
|
1C0E162A000
|
heap
|
page read and write
|
||
|
BE7A87F000
|
stack
|
page read and write
|
||
|
227E8B7F000
|
heap
|
page read and write
|
||
|
2E6FAFF000
|
unkown
|
page read and write
|
||
|
18CE1A57000
|
heap
|
page read and write
|
||
|
227E8B8E000
|
heap
|
page read and write
|
||
|
22FCAE70000
|
heap
|
page read and write
|
||
|
1F852C10000
|
heap
|
page read and write
|
||
|
1F852C42000
|
heap
|
page read and write
|
||
|
259F91F0000
|
trusted library allocation
|
page read and write
|
||
|
227E8B4A000
|
heap
|
page read and write
|
||
|
A1AAD77000
|
stack
|
page read and write
|
||
|
227E89D0000
|
remote allocation
|
page read and write
|
||
|
23DFF0A9000
|
heap
|
page read and write
|
||
|
B1C000
|
heap
|
page read and write
|
||
|
1F852C3D000
|
heap
|
page read and write
|
||
|
6E5000
|
stack
|
page read and write
|
||
|
1C0E1675000
|
heap
|
page read and write
|
||
|
227E824B000
|
heap
|
page read and write
|
||
|
23DFF046000
|
heap
|
page read and write
|
||
|
E2FF57C000
|
stack
|
page read and write
|
||
|
27E12960000
|
heap
|
page read and write
|
||
|
259FEAFC000
|
heap
|
page read and write
|
||
|
183B398A000
|
heap
|
page read and write
|
||
|
227E8B84000
|
heap
|
page read and write
|
||
|
2BE1FDE0000
|
trusted library allocation
|
page read and write
|
||
|
17BFC202000
|
trusted library allocation
|
page read and write
|
||
|
23DFF913000
|
heap
|
page read and write
|
||
|
18CE1A29000
|
heap
|
page read and write
|
||
|
2BE1F307000
|
heap
|
page read and write
|
||
|
4E2447D000
|
stack
|
page read and write
|
||
|
B1F000
|
heap
|
page read and write
|
||
|
1617C161000
|
heap
|
page read and write
|
||
|
18CE19E0000
|
trusted library allocation
|
page read and write
|
||
|
1617B8D1000
|
heap
|
page read and write
|
||
|
23DFF0AD000
|
heap
|
page read and write
|
||
|
16668F02000
|
heap
|
page read and write
|
||
|
227E8BA3000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
18A346A2000
|
heap
|
page read and write
|
||
|
AC2737F000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
259FEAAA000
|
heap
|
page read and write
|
||
|
259F9302000
|
heap
|
page read and write
|
||
|
227E82ED000
|
heap
|
page read and write
|
||
|
18CE1A4C000
|
heap
|
page read and write
|
||
|
1C0E163B000
|
heap
|
page read and write
|
||
|
2BE1F30F000
|
heap
|
page read and write
|
||
|
D8647E000
|
stack
|
page read and write
|
||
|
FF7027A000
|
stack
|
page read and write
|
||
|
259F9B58000
|
heap
|
page read and write
|
||
|
1C0E1684000
|
heap
|
page read and write
|
||
|
27E12C05000
|
heap
|
page read and write
|
||
|
9597F0E000
|
stack
|
page read and write
|
||
|
23E00100000
|
heap
|
page read and write
|
||
|
227E8BA4000
|
heap
|
page read and write
|
||
|
23DFF802000
|
heap
|
page read and write
|
||
|
259FEA9C000
|
heap
|
page read and write
|
||
|
227E8288000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
17BFB9D0000
|
heap
|
page read and write
|
||
|
227E8BA3000
|
heap
|
page read and write
|
||
|
1F231050000
|
heap
|
page read and write
|
||
|
7FFC671C0000
|
unkown
|
page readonly
|
||
|
9A2C8FB000
|
stack
|
page read and write
|
||
|
FF7047F000
|
stack
|
page read and write
|
||
|
1617B8D3000
|
heap
|
page read and write
|
||
|
1A927FB000
|
stack
|
page read and write
|
||
|
22C9CFF000
|
stack
|
page read and write
|
||
|
227E8B9B000
|
heap
|
page read and write
|
||
|
22FCC784000
|
heap
|
page read and write
|
||
|
23E0001D000
|
heap
|
page read and write
|
||
|
1A92BFF000
|
stack
|
page read and write
|
||
|
227E8B00000
|
heap
|
page read and write
|
||
|
20753D13000
|
heap
|
page read and write
|
||
|
1C0E167B000
|
heap
|
page read and write
|
||
|
2BE1F318000
|
heap
|
page read and write
|
||
|
8983A7A000
|
stack
|
page read and write
|
||
|
227E824A000
|
heap
|
page read and write
|
||
|
23D4000
|
heap
|
page read and write
|
||
|
18A34692000
|
heap
|
page read and write
|
||
|
1D5F1C50000
|
heap
|
page read and write
|
||
|
259F99F0000
|
trusted library allocation
|
page read and write
|
||
|
2BE1F2C0000
|
heap
|
page read and write
|
||
|
E2FF479000
|
stack
|
page read and write
|
||
|
16668BA0000
|
heap
|
page read and write
|
||
|
227E8B99000
|
heap
|
page read and write
|
||
|
27E12940000
|
heap
|
page read and write
|
||
|
1617B863000
|
heap
|
page read and write
|
||
|
259FE750000
|
trusted library allocation
|
page read and write
|
||
|
1617B866000
|
heap
|
page read and write
|
||
|
18A34686000
|
heap
|
page read and write
|
||
|
20753CCA000
|
heap
|
page read and write
|
||
|
22FCAE75000
|
heap
|
page read and write
|
||
|
23DFF1FD000
|
heap
|
page read and write
|
||
|
1F852C3D000
|
heap
|
page read and write
|
||
|
27E129A0000
|
heap
|
page read and write
|
||
|
1AECC679000
|
heap
|
page read and write
|
||
|
259FE758000
|
trusted library allocation
|
page read and write
|
||
|
27E128E0000
|
heap
|
page read and write
|
||
|
BE7A9FE000
|
stack
|
page read and write
|
||
|
22FCAD80000
|
heap
|
page readonly
|
||
|
B7D000
|
heap
|
page read and write
|
||
|
23DFF90F000
|
heap
|
page read and write
|
||
|
259FE790000
|
trusted library allocation
|
page read and write
|
||
|
259FEA00000
|
heap
|
page read and write
|
||
|
23964ED0000
|
heap
|
page read and write
|
||
|
227E9000000
|
heap
|
page read and write
|
||
|
23DFF0ED000
|
heap
|
page read and write
|
||
|
183B3AC0000
|
heap
|
page read and write
|
||
|
AC273FE000
|
stack
|
page read and write
|
||
|
16668C10000
|
heap
|
page read and write
|
||
|
18A34450000
|
heap
|
page read and write
|
||
|
18CE1A74000
|
heap
|
page read and write
|
||
|
227E823C000
|
heap
|
page read and write
|
||
|
259FE75E000
|
trusted library allocation
|
page read and write
|
||
|
A82FAAB000
|
stack
|
page read and write
|
||
|
23DFF0C8000
|
heap
|
page read and write
|
||
|
1C0E166F000
|
heap
|
page read and write
|
||
|
1D5F1C62000
|
heap
|
page read and write
|
||
|
18CE1A8D000
|
heap
|
page read and write
|
||
|
1F230E10000
|
heap
|
page read and write
|
||
|
20753C29000
|
heap
|
page read and write
|
||
|
E2FF37E000
|
stack
|
page read and write
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
183B3870000
|
heap
|
page read and write
|
||
|
1D5F1C00000
|
heap
|
page read and write
|
||
|
259FEAEE000
|
heap
|
page read and write
|
||
|
259F9278000
|
heap
|
page read and write
|
||
|
17BFBC29000
|
heap
|
page read and write
|
||
|
1AECC600000
|
heap
|
page read and write
|
||
|
20753C43000
|
heap
|
page read and write
|
||
|
1D5F1C79000
|
heap
|
page read and write
|
||
|
D85E7B000
|
stack
|
page read and write
|
||
|
259F9B59000
|
heap
|
page read and write
|
||
|
227E8254000
|
heap
|
page read and write
|
||
|
16668BB0000
|
heap
|
page read and write
|
||
|
23E00043000
|
heap
|
page read and write
|
||
|
23E00002000
|
heap
|
page read and write
|
||
|
259FEB03000
|
heap
|
page read and write
|
||
|
2B9F000
|
stack
|
page read and write
|
||
|
227E8B84000
|
heap
|
page read and write
|
||
|
259F92B9000
|
heap
|
page read and write
|
||
|
A83017E000
|
stack
|
page read and write
|
||
|
DBEDBF000
|
stack
|
page read and write
|
||
|
DBF17E000
|
stack
|
page read and write
|
||
|
227E8B40000
|
heap
|
page read and write
|
||
|
1617B88F000
|
heap
|
page read and write
|
||
|
95984FD000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
A82FB2E000
|
stack
|
page read and write
|
||
|
1617B8EE000
|
heap
|
page read and write
|
||
|
16668E13000
|
heap
|
page read and write
|
||
|
259F9080000
|
heap
|
page read and write
|
||
|
23DFEFA0000
|
heap
|
page read and write
|
||
|
A1AA9FF000
|
stack
|
page read and write
|
||
|
227E8316000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
16668DE0000
|
trusted library allocation
|
page read and write
|
||
|
21F13FF000
|
stack
|
page read and write
|
||
|
23DFF7A0000
|
trusted library allocation
|
page read and write
|
||
|
259FEA61000
|
heap
|
page read and write
|
||
|
18A346A4000
|
heap
|
page read and write
|
||
|
259F99E3000
|
trusted library allocation
|
page read and write
|
||
|
227E89D0000
|
remote allocation
|
page read and write
|
||
|
1051000
|
heap
|
page read and write
|
||
|
8983BF9000
|
stack
|
page read and write
|
||
|
D8617B000
|
stack
|
page read and write
|
||
|
18A3469E000
|
heap
|
page read and write
|
||
|
1D5F1D13000
|
heap
|
page read and write
|
||
|
23DFF900000
|
heap
|
page read and write
|
||
|
1C0E15C0000
|
heap
|
page read and write
|
||
|
23DFF911000
|
heap
|
page read and write
|
||
|
20753C13000
|
heap
|
page read and write
|
||
|
2C7E000
|
stack
|
page read and write
|
||
|
A1AB8FE000
|
stack
|
page read and write
|
||
|
22FCAA70000
|
heap
|
page read and write
|
||
|
1F23104C000
|
heap
|
page read and write
|
||
|
1D5F1C54000
|
heap
|
page read and write
|
||
|
21F0EFB000
|
stack
|
page read and write
|
||
|
259FE820000
|
trusted library allocation
|
page read and write
|
||
|
1034000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
C71DFF000
|
stack
|
page read and write
|
||
|
227E8B88000
|
heap
|
page read and write
|
||
|
7FFC67216000
|
unkown
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
23DFF013000
|
heap
|
page read and write
|
||
|
AC2727B000
|
stack
|
page read and write
|
||
|
227E8B76000
|
heap
|
page read and write
|
||
|
27E129A8000
|
heap
|
page read and write
|
||
|
1F852B8B000
|
heap
|
page read and write
|
||
|
2A9B000
|
stack
|
page read and write
|
||
|
21F14FE000
|
stack
|
page read and write
|
||
|
20754500000
|
heap
|
page read and write
|
||
|
7FFC671C0000
|
unkown
|
page readonly
|
||
|
23DFEF90000
|
heap
|
page read and write
|
||
|
259F923D000
|
heap
|
page read and write
|
||
|
18A346B6000
|
heap
|
page read and write
|
||
|
4E2487D000
|
stack
|
page read and write
|
||
|
1F23104A000
|
heap
|
page read and write
|
||
|
A1AAEFA000
|
stack
|
page read and write
|
||
|
21F11FE000
|
stack
|
page read and write
|
||
|
1D5F1D00000
|
heap
|
page read and write
|
||
|
A90000
|
direct allocation
|
page execute and read and write
|
||
|
B4C000
|
heap
|
page read and write
|
||
|
227E8B5C000
|
heap
|
page read and write
|
||
|
2BE1F4A9000
|
heap
|
page read and write
|
||
|
1F230DA0000
|
heap
|
page read and write
|
||
|
D8637B000
|
stack
|
page read and write
|
||
|
1D5F1C4D000
|
heap
|
page read and write
|
||
|
DBF0FE000
|
stack
|
page read and write
|
||
|
20753C00000
|
heap
|
page read and write
|
||
|
227E8B74000
|
heap
|
page read and write
|
||
|
23DFF060000
|
heap
|
page read and write
|
||
|
22FCAD20000
|
heap
|
page read and write
|
||
|
1C0E166D000
|
heap
|
page read and write
|
||
|
B3F000
|
heap
|
page read and write
|
||
|
20753CC4000
|
heap
|
page read and write
|
||
|
20753BB0000
|
trusted library allocation
|
page read and write
|
||
|
C71BFF000
|
stack
|
page read and write
|
||
|
B1F000
|
heap
|
page read and write
|
||
|
1F231000000
|
heap
|
page read and write
|
||
|
23DFF094000
|
heap
|
page read and write
|
||
|
1617B87C000
|
heap
|
page read and write
|
||
|
23DFF02E000
|
heap
|
page read and write
|
||
|
1A92AFE000
|
stack
|
page read and write
|
||
|
1617B690000
|
heap
|
page read and write
|
||
|
23DFF099000
|
heap
|
page read and write
|
||
|
20753D02000
|
heap
|
page read and write
|
||
|
1F852C33000
|
heap
|
page read and write
|
||
|
227E8B84000
|
heap
|
page read and write
|
||
|
23964C40000
|
heap
|
page read and write
|
||
|
23DFF0B1000
|
heap
|
page read and write
|
||
|
2BE1F4A5000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
227E8B74000
|
heap
|
page read and write
|
||
|
18A346A2000
|
heap
|
page read and write
|
||
|
1C0E167D000
|
heap
|
page read and write
|
||
|
23DFF195000
|
heap
|
page read and write
|
||
|
7FFC671C1000
|
unkown
|
page execute read
|
||
|
1C0E1550000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
2BE20090000
|
trusted library allocation
|
page read and write
|
||
|
1D5F2260000
|
trusted library allocation
|
page read and write
|
||
|
1D5F1C53000
|
heap
|
page read and write
|
||
|
227E89D0000
|
remote allocation
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
259FE750000
|
trusted library allocation
|
page read and write
|
||
|
1C0E163D000
|
heap
|
page read and write
|
||
|
B4C000
|
heap
|
page read and write
|
||
|
B4C000
|
heap
|
page read and write
|
||
|
1617B900000
|
heap
|
page read and write
|
||
|
23964B00000
|
heap
|
page read and write
|
||
|
259FEAE3000
|
heap
|
page read and write
|
||
|
23DFF1E1000
|
heap
|
page read and write
|
||
|
227E8BD0000
|
heap
|
page read and write
|
||
|
22FCAD40000
|
direct allocation
|
page execute and read and write
|
||
|
23E00002000
|
heap
|
page read and write
|
||
|
18A34695000
|
heap
|
page read and write
|
||
|
B3F000
|
heap
|
page read and write
|
||
|
227E8B6D000
|
heap
|
page read and write
|
||
|
259FE9C0000
|
trusted library allocation
|
page read and write
|
||
|
259F99E0000
|
trusted library allocation
|
page read and write
|
||
|
2BE1F2C8000
|
heap
|
page read and write
|
||
|
227E8BA3000
|
heap
|
page read and write
|
||
|
18CE1A3C000
|
heap
|
page read and write
|
||
|
23D0000
|
heap
|
page read and write
|
||
|
18A346A4000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
18A345A0000
|
heap
|
page read and write
|
||
|
18A346B4000
|
heap
|
page read and write
|
||
|
2BE20030000
|
trusted library allocation
|
page read and write
|
||
|
1D5F1D08000
|
heap
|
page read and write
|
||
|
24D0000
|
heap
|
page read and write
|
||
|
227E8B84000
|
heap
|
page read and write
|
||
|
259F9213000
|
heap
|
page read and write
|
||
|
227E8BBD000
|
heap
|
page read and write
|
||
|
259F9314000
|
heap
|
page read and write
|
||
|
20F46290000
|
heap
|
page read and write
|
||
|
1F230FE0000
|
trusted library allocation
|
page read and write
|
||
|
2BE1F0C0000
|
heap
|
page read and write
|
||
|
8983D7C000
|
stack
|
page read and write
|
||
|
259FEB03000
|
heap
|
page read and write
|
||
|
BE7A8FF000
|
stack
|
page read and write
|
||
|
AEF000
|
heap
|
page read and write
|
||
|
18CE17B0000
|
heap
|
page read and write
|
||
|
227E8B88000
|
heap
|
page read and write
|
||
|
23DFF04E000
|
heap
|
page read and write
|
||
|
1C0E164C000
|
heap
|
page read and write
|
||
|
DA28DFD000
|
stack
|
page read and write
|
||
|
2720000
|
heap
|
page read and write
|
||
|
259FE8B0000
|
remote allocation
|
page read and write
|
||
|
259FE880000
|
trusted library allocation
|
page read and write
|
||
|
227E8B75000
|
heap
|
page read and write
|
||
|
20753C67000
|
heap
|
page read and write
|
||
|
1F231080000
|
heap
|
page read and write
|
||
|
299C000
|
stack
|
page read and write
|
||
|
2E6F778000
|
stack
|
page read and write
|
||
|
18CE1A81000
|
heap
|
page read and write
|
||
|
183B3AB0000
|
heap
|
page read and write
|
||
|
1D5F1A90000
|
heap
|
page read and write
|
||
|
227E82D6000
|
heap
|
page read and write
|
||
|
23964ED5000
|
heap
|
page read and write
|
||
|
1F852C2A000
|
heap
|
page read and write
|
||
|
4E246FD000
|
stack
|
page read and write
|
||
|
259FEAFA000
|
heap
|
page read and write
|
||
|
1F231100000
|
heap
|
page read and write
|
||
|
259FEB02000
|
heap
|
page read and write
|
||
|
1C0E1667000
|
heap
|
page read and write
|
||
|
2E6F877000
|
stack
|
page read and write
|
||
|
1F231052000
|
heap
|
page read and write
|
||
|
1AECC5D0000
|
trusted library allocation
|
page read and write
|
||
|
227E8302000
|
heap
|
page read and write
|
||
|
1D5F1C13000
|
heap
|
page read and write
|
||
|
18A346A2000
|
heap
|
page read and write
|
||
|
227E8B9E000
|
heap
|
page read and write
|
||
|
1F855DA3000
|
heap
|
page read and write
|
||
|
1D5F1C4A000
|
heap
|
page read and write
|
||
|
227E8BA5000
|
heap
|
page read and write
|
||
|
1D5F1D02000
|
heap
|
page read and write
|
||
|
1C0E1613000
|
heap
|
page read and write
|
||
|
C71EFE000
|
stack
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
AC272FE000
|
stack
|
page read and write
|
||
|
1AECC665000
|
heap
|
page read and write
|
||
|
2C1F000
|
stack
|
page read and write
|
||
|
259FEB02000
|
heap
|
page read and write
|
||
|
227E8BA7000
|
heap
|
page read and write
|
||
|
1617B8D3000
|
heap
|
page read and write
|
||
|
17BFC1C0000
|
remote allocation
|
page read and write
|
||
|
227E8BAE000
|
heap
|
page read and write
|
||
|
2BE1F220000
|
heap
|
page read and write
|
||
|
183B3850000
|
heap
|
page read and write
|
||
|
20754402000
|
heap
|
page read and write
|
||
|
18CE1B13000
|
heap
|
page read and write
|
||
|
9A2D17E000
|
stack
|
page read and write
|
||
|
1617B8D1000
|
heap
|
page read and write
|
||
|
2BE1F308000
|
heap
|
page read and write
|
||
|
23DFF9F1000
|
heap
|
page read and write
|
||
|
1C0E1648000
|
heap
|
page read and write
|
||
|
18CE1A13000
|
heap
|
page read and write
|
||
|
1617B857000
|
heap
|
page read and write
|
||
|
227E8BC4000
|
heap
|
page read and write
|
||
|
1617B8EE000
|
heap
|
page read and write
|
||
|
C71B7B000
|
stack
|
page read and write
|
||
|
B2B000
|
heap
|
page read and write
|
||
|
7FFC671C1000
|
unkown
|
page execute read
|
||
|
1C0E1655000
|
heap
|
page read and write
|
||
|
259FEAD6000
|
heap
|
page read and write
|
||
|
22FCC730000
|
heap
|
page read and write
|
||
|
9A2CD7B000
|
stack
|
page read and write
|
||
|
227E8B88000
|
heap
|
page read and write
|
||
|
9A2CBFC000
|
stack
|
page read and write
|
||
|
259F92AB000
|
heap
|
page read and write
|
||
|
9A2CB7E000
|
stack
|
page read and write
|
||
|
227E8B4E000
|
heap
|
page read and write
|
||
|
23DFF0E5000
|
heap
|
page read and write
|
||
|
2BE1F2A0000
|
trusted library allocation
|
page read and write
|
||
|
AF3000
|
heap
|
page read and write
|
||
|
259F9B13000
|
heap
|
page read and write
|
||
|
227E8313000
|
heap
|
page read and write
|
||
|
259F92FB000
|
heap
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
227E82B5000
|
heap
|
page read and write
|
||
|
2BE1F200000
|
heap
|
page read and write
|
||
|
23964CFE000
|
heap
|
page read and write
|
||
|
227E8B60000
|
heap
|
page read and write
|
||
|
1C0E1630000
|
heap
|
page read and write
|
||
|
23DFF000000
|
heap
|
page read and write
|
||
|
20753C6E000
|
heap
|
page read and write
|
||
|
1C0E1639000
|
heap
|
page read and write
|
||
|
DBF27C000
|
stack
|
page read and write
|
||
|
2CFC000
|
stack
|
page read and write
|
||
|
259FE820000
|
trusted library allocation
|
page read and write
|
||
|
1C0E164F000
|
heap
|
page read and write
|
||
|
259FA170000
|
trusted library allocation
|
page read and write
|
||
|
23DFF05E000
|
heap
|
page read and write
|
||
|
227E8247000
|
heap
|
page read and write
|
||
|
1617B88F000
|
heap
|
page read and write
|
||
|
108F000
|
heap
|
page read and write
|
||
|
227E8B50000
|
heap
|
page read and write
|
||
|
18CE2002000
|
trusted library allocation
|
page read and write
|
||
|
8983B7F000
|
stack
|
page read and write
|
||
|
17BFBD02000
|
heap
|
page read and write
|
||
|
2E6F67E000
|
stack
|
page read and write
|
||
|
2A1E000
|
stack
|
page read and write
|
||
|
183B3710000
|
heap
|
page read and write
|
||
|
1F852BF0000
|
heap
|
page read and write
|
||
|
18A34670000
|
heap
|
page read and write
|
||
|
16668F00000
|
heap
|
page read and write
|
||
|
227E8251000
|
heap
|
page read and write
|
||
|
23E00113000
|
heap
|
page read and write
|
||
|
18CE1B02000
|
heap
|
page read and write
|
||
|
1D5F1C81000
|
heap
|
page read and write
|
||
|
259FEA2A000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
E6DE4CB000
|
stack
|
page read and write
|
||
|
4E244FE000
|
stack
|
page read and write
|
||
|
1C0E167E000
|
heap
|
page read and write
|
||
|
227E8BB1000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
E6DE97C000
|
stack
|
page read and write
|
||
|
1F852C39000
|
heap
|
page read and write
|
||
|
227E8BAB000
|
heap
|
page read and write
|
||
|
259FE780000
|
trusted library allocation
|
page read and write
|
||
|
1AECC602000
|
heap
|
page read and write
|
||
|
1F23104D000
|
heap
|
page read and write
|
||
|
259F9B18000
|
heap
|
page read and write
|
||
|
227E8BA5000
|
heap
|
page read and write
|
||
|
259FEA13000
|
heap
|
page read and write
|
||
|
227E8B89000
|
heap
|
page read and write
|
||
|
1C0E1E02000
|
trusted library allocation
|
page read and write
|
||
|
227E8B86000
|
heap
|
page read and write
|
||
|
259FEAF6000
|
heap
|
page read and write
|
There are 918 hidden memdumps, click here to show them.