Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
1V4gPPcQvB.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
MPEG-4 LOAS
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0xd6242f42, page size 16384, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_1V4_3fa5d2ed68e853c9942ac69dff8c73423072db_8e513626_1045fbad\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE9BC.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sat May 14 03:01:32 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WEREC4D.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WEREDA6.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
|
Little-endian UTF-16 Unicode text, with CRLF, CR line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\1V4gPPcQvB.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\1V4gPPcQvB.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\1V4gPPcQvB.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\1V4gPPcQvB.dll,DllUnregisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\IaRzYtpo\ezkFGDxqYAZSnHs.dll"
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k NetworkService -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservice -s W32Time
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\1V4gPPcQvB.dll"
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\1V4gPPcQvB.dll",#1
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 5648 -s 328
|
||
|
C:\Windows\System32\SgrmBroker.exe
|
C:\Windows\system32\SgrmBroker.exe
|
||
|
C:\Program Files\Windows Defender\MpCmdRun.exe
|
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 12 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://23.239.0.12/
|
23.239.0.12
|
|
|
|
https://23.239.0.12/#mWwn
|
unknown
|
|
|
|
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
|
unknown
|
||
|
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Driving
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Transit/Stops/
|
unknown
|
||
|
https://t0.tiles.ditu.live.com/tiles/gen
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Walking
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
|
unknown
|
||
|
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/an
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=
|
unknown
|
||
|
https://%s.xboxlive.com
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Locations
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/logging.ashx
|
unknown
|
||
|
https://support.hotspotshield.com/
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/logging.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Transit/Schedules/
|
unknown
|
||
|
https://dynamic.t
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Transit
|
unknown
|
||
|
https://www.hotspotshield.com/terms/
|
unknown
|
||
|
https://www.pango.co/privacy
|
unknown
|
||
|
https://disneyplus.com/legal.
|
unknown
|
||
|
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://activity.windows.com
|
unknown
|
||
|
http://www.bingmapsportal.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Locations
|
unknown
|
||
|
http://help.disneyplus.com.
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://%s.dnet.xboxlive.com
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
|
unknown
|
There are 37 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
time.windows.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
23.239.0.12
|
unknown
|
United States
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProgramId
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
FileId
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LongPathHash
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Name
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Publisher
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Version
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinFileVersion
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinaryType
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductName
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductVersion
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LinkDate
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinProductVersion
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Size
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Language
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsPeFile
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsOsComponent
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug
|
ExceptionRecord
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
00184006417502B9
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Usage
|
MonthID
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\W32Time\Config
|
LastKnownGoodTime
|
There are 25 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
28684BB0000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
2250000
|
direct allocation
|
page execute and read and write
|
|
|
|
17EE83E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
2CDD9AE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
2650000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
17EE83E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
17EE83E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
151FA7F000
|
stack
|
page read and write
|
||
|
169F6513000
|
heap
|
page read and write
|
||
|
22770D8B000
|
heap
|
page read and write
|
||
|
27EBD8A8000
|
heap
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
27EBD899000
|
heap
|
page read and write
|
||
|
25ABA136000
|
heap
|
page read and write
|
||
|
27EC302B000
|
heap
|
page read and write
|
||
|
1A5F17F000
|
stack
|
page read and write
|
||
|
25ABA140000
|
heap
|
page read and write
|
||
|
2DD63A28000
|
heap
|
page read and write
|
||
|
151FE7E000
|
stack
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
262D3002000
|
heap
|
page read and write
|
||
|
27EC2F54000
|
trusted library allocation
|
page read and write
|
||
|
17EE6DC5000
|
heap
|
page read and write
|
||
|
25ABA169000
|
heap
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
25ABA166000
|
heap
|
page read and write
|
||
|
B3A377E000
|
stack
|
page read and write
|
||
|
7FFFE2E96000
|
unkown
|
page read and write
|
||
|
98D000
|
heap
|
page read and write
|
||
|
1BC2F303000
|
heap
|
page read and write
|
||
|
22770D8A000
|
heap
|
page read and write
|
||
|
1778B7E000
|
stack
|
page read and write
|
||
|
17EE6940000
|
unkown
|
page read and write
|
||
|
2AD0000
|
remote allocation
|
page read and write
|
||
|
17EE6B10000
|
heap
|
page read and write
|
||
|
9DE000
|
heap
|
page read and write
|
||
|
7FFFE2E92000
|
unkown
|
page readonly
|
||
|
22770D94000
|
heap
|
page read and write
|
||
|
7FFFE2E99000
|
unkown
|
page readonly
|
||
|
1B251F70000
|
heap
|
page read and write
|
||
|
22770429000
|
heap
|
page read and write
|
||
|
22770DAE000
|
heap
|
page read and write
|
||
|
22770D83000
|
heap
|
page read and write
|
||
|
1B25207B000
|
heap
|
page read and write
|
||
|
27EC2F74000
|
trusted library allocation
|
page read and write
|
||
|
EBDEAFF000
|
stack
|
page read and write
|
||
|
2DD63B13000
|
heap
|
page read and write
|
||
|
1B252000000
|
heap
|
page read and write
|
||
|
B9E027F000
|
stack
|
page read and write
|
||
|
27EC2F60000
|
trusted library allocation
|
page read and write
|
||
|
227704CA000
|
heap
|
page read and write
|
||
|
1EB39A40000
|
trusted library allocation
|
page read and write
|
||
|
22770DCD000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
2764000
|
heap
|
page read and write
|
||
|
1EB3A550000
|
trusted library allocation
|
page read and write
|
||
|
27EBD800000
|
heap
|
page read and write
|
||
|
25ABA16A000
|
heap
|
page read and write
|
||
|
27EBED80000
|
trusted library allocation
|
page read and write
|
||
|
227704B6000
|
heap
|
page read and write
|
||
|
17EE6DC0000
|
heap
|
page read and write
|
||
|
942000
|
heap
|
page read and write
|
||
|
227704C1000
|
heap
|
page read and write
|
||
|
22770D1A000
|
heap
|
page read and write
|
||
|
22771202000
|
heap
|
page read and write
|
||
|
80F37B000
|
stack
|
page read and write
|
||
|
17EE6DB0000
|
heap
|
page readonly
|
||
|
2CDD9AD0000
|
direct allocation
|
page execute and read and write
|
||
|
1F6FE570000
|
heap
|
page read and write
|
||
|
96C000
|
heap
|
page read and write
|
||
|
227704C4000
|
heap
|
page read and write
|
||
|
22770D68000
|
heap
|
page read and write
|
||
|
151FF7E000
|
stack
|
page read and write
|
||
|
6E56AF5000
|
stack
|
page read and write
|
||
|
1610DD08000
|
heap
|
page read and write
|
||
|
1F6FE5A0000
|
trusted library allocation
|
page read and write
|
||
|
61CF8F9000
|
stack
|
page read and write
|
||
|
1E151490000
|
heap
|
page read and write
|
||
|
22E0000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
A65000
|
heap
|
page read and write
|
||
|
1EB3997C000
|
heap
|
page read and write
|
||
|
2DD63A79000
|
heap
|
page read and write
|
||
|
27EC3290000
|
remote allocation
|
page read and write
|
||
|
1610DD13000
|
heap
|
page read and write
|
||
|
22770DA0000
|
heap
|
page read and write
|
||
|
22771202000
|
heap
|
page read and write
|
||
|
22770D90000
|
heap
|
page read and write
|
||
|
2D0B577000
|
stack
|
page read and write
|
||
|
6E56B7F000
|
stack
|
page read and write
|
||
|
27EC30EE000
|
heap
|
page read and write
|
||
|
22771202000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
1B252A02000
|
trusted library allocation
|
page read and write
|
||
|
1E151420000
|
heap
|
page read and write
|
||
|
194DB0F0000
|
remote allocation
|
page read and write
|
||
|
22770DAD000
|
heap
|
page read and write
|
||
|
194D9686000
|
heap
|
page read and write
|
||
|
2CDD9A50000
|
heap
|
page read and write
|
||
|
1E151613000
|
heap
|
page read and write
|
||
|
22770DAE000
|
heap
|
page read and write
|
||
|
22770DAD000
|
heap
|
page read and write
|
||
|
25ABA15F000
|
heap
|
page read and write
|
||
|
17EE6AA0000
|
heap
|
page read and write
|
||
|
17EE6AF0000
|
heap
|
page read and write
|
||
|
7FFFE2E41000
|
unkown
|
page execute read
|
||
|
169F6190000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
7FFFE2E96000
|
unkown
|
page read and write
|
||
|
22770C02000
|
heap
|
page read and write
|
||
|
9DE000
|
heap
|
page read and write
|
||
|
1F18B040000
|
heap
|
page read and write
|
||
|
B3A397D000
|
stack
|
page read and write
|
||
|
194D9540000
|
heap
|
page read and write
|
||
|
28683280000
|
heap
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
7FFFE2E40000
|
unkown
|
page readonly
|
||
|
25ABA090000
|
heap
|
page read and write
|
||
|
2214000
|
heap
|
page read and write
|
||
|
61CF9F9000
|
stack
|
page read and write
|
||
|
177897F000
|
stack
|
page read and write
|
||
|
22770D79000
|
heap
|
page read and write
|
||
|
22770D62000
|
heap
|
page read and write
|
||
|
F13950F000
|
stack
|
page read and write
|
||
|
22770DAD000
|
heap
|
page read and write
|
||
|
1778F7D000
|
stack
|
page read and write
|
||
|
1F6FE63E000
|
heap
|
page read and write
|
||
|
22770D91000
|
heap
|
page read and write
|
||
|
2CDD9950000
|
heap
|
page read and write
|
||
|
C6DE3FF000
|
stack
|
page read and write
|
||
|
169F6448000
|
heap
|
page read and write
|
||
|
1F6FE625000
|
heap
|
page read and write
|
||
|
22770D8A000
|
heap
|
page read and write
|
||
|
2DD63A68000
|
heap
|
page read and write
|
||
|
22770D6D000
|
heap
|
page read and write
|
||
|
22770D86000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
810000
|
remote allocation
|
page read and write
|
||
|
1F18B002000
|
heap
|
page read and write
|
||
|
90B000
|
heap
|
page read and write
|
||
|
1610DC50000
|
heap
|
page read and write
|
||
|
227704F1000
|
heap
|
page read and write
|
||
|
27EBD790000
|
heap
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
262D3024000
|
heap
|
page read and write
|
||
|
169F647B000
|
heap
|
page read and write
|
||
|
2DD63A56000
|
heap
|
page read and write
|
||
|
7FFFE2E99000
|
unkown
|
page readonly
|
||
|
3FF2AFE000
|
stack
|
page read and write
|
||
|
262D2F60000
|
heap
|
page read and write
|
||
|
194D9674000
|
heap
|
page read and write
|
||
|
22770D91000
|
heap
|
page read and write
|
||
|
22770D96000
|
heap
|
page read and write
|
||
|
2D0AD4B000
|
stack
|
page read and write
|
||
|
1EB39A59000
|
heap
|
page read and write
|
||
|
1F18B102000
|
heap
|
page read and write
|
||
|
7FFFE2E40000
|
unkown
|
page readonly
|
||
|
22770D64000
|
heap
|
page read and write
|
||
|
282C000
|
stack
|
page read and write
|
||
|
56FBBFC000
|
stack
|
page read and write
|
||
|
B9DFB7F000
|
stack
|
page read and write
|
||
|
2CDD9980000
|
heap
|
page read and write
|
||
|
22770D9C000
|
heap
|
page read and write
|
||
|
194D9590000
|
trusted library allocation
|
page read and write
|
||
|
2DD63B00000
|
heap
|
page read and write
|
||
|
169F642A000
|
heap
|
page read and write
|
||
|
27EC30FA000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1610DA30000
|
heap
|
page read and write
|
||
|
27EBE940000
|
trusted library allocation
|
page read and write
|
||
|
27EBE358000
|
heap
|
page read and write
|
||
|
27EC3011000
|
heap
|
page read and write
|
||
|
262D3A02000
|
trusted library allocation
|
page read and write
|
||
|
27EBD813000
|
heap
|
page read and write
|
||
|
194D9700000
|
heap
|
page read and write
|
||
|
25ABA167000
|
heap
|
page read and write
|
||
|
C6DDDFF000
|
stack
|
page read and write
|
||
|
262D2FF0000
|
trusted library allocation
|
page read and write
|
||
|
17EE85E0000
|
heap
|
page read and write
|
||
|
7FFFE2E92000
|
unkown
|
page readonly
|
||
|
1E151682000
|
heap
|
page read and write
|
||
|
25ABA15F000
|
heap
|
page read and write
|
||
|
1F18B024000
|
heap
|
page read and write
|
||
|
22770DD3000
|
heap
|
page read and write
|
||
|
262D3076000
|
heap
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
22770DA0000
|
heap
|
page read and write
|
||
|
1EB3A800000
|
trusted library allocation
|
page read and write
|
||
|
1610DC4A000
|
heap
|
page read and write
|
||
|
22770D83000
|
heap
|
page read and write
|
||
|
A552BFD000
|
stack
|
page read and write
|
||
|
22770D8A000
|
heap
|
page read and write
|
||
|
1778A7E000
|
stack
|
page read and write
|
||
|
1610DC4E000
|
heap
|
page read and write
|
||
|
17EE6DC0000
|
heap
|
page read and write
|
||
|
23F18900000
|
heap
|
page read and write
|
||
|
2DD63790000
|
heap
|
page read and write
|
||
|
3FF2D7B000
|
stack
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
17EE6DA0000
|
direct allocation
|
page execute and read and write
|
||
|
968000
|
heap
|
page read and write
|
||
|
23F18670000
|
trusted library allocation
|
page read and write
|
||
|
194D9648000
|
heap
|
page read and write
|
||
|
1EB39910000
|
heap
|
page read and write
|
||
|
D9BB79E000
|
stack
|
page read and write
|
||
|
194D95C0000
|
trusted library allocation
|
page read and write
|
||
|
27EBD8A8000
|
heap
|
page read and write
|
||
|
1A5EC7E000
|
stack
|
page read and write
|
||
|
1B252045000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
28684D04000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
1B252046000
|
heap
|
page read and write
|
||
|
27EBD902000
|
heap
|
page read and write
|
||
|
22770471000
|
heap
|
page read and write
|
||
|
B9E0079000
|
stack
|
page read and write
|
||
|
27EC3380000
|
trusted library allocation
|
page read and write
|
||
|
1F6FE702000
|
heap
|
page read and write
|
||
|
1B252048000
|
heap
|
page read and write
|
||
|
23F17E8A000
|
heap
|
page read and write
|
||
|
7FFFE2E99000
|
unkown
|
page readonly
|
||
|
61CF87A000
|
stack
|
page read and write
|
||
|
1B252061000
|
heap
|
page read and write
|
||
|
22771202000
|
heap
|
page read and write
|
||
|
27EC3290000
|
remote allocation
|
page read and write
|
||
|
25ABA148000
|
heap
|
page read and write
|
||
|
C6DE2FE000
|
stack
|
page read and write
|
||
|
1A5E96C000
|
stack
|
page read and write
|
||
|
2D0B6F8000
|
stack
|
page read and write
|
||
|
22770DAD000
|
heap
|
page read and write
|
||
|
22770513000
|
heap
|
page read and write
|
||
|
22771222000
|
heap
|
page read and write
|
||
|
27EC3260000
|
trusted library allocation
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
151FB7A000
|
stack
|
page read and write
|
||
|
28683238000
|
heap
|
page read and write
|
||
|
17EE8484000
|
heap
|
page read and write
|
||
|
7FFFE2E40000
|
unkown
|
page readonly
|
||
|
2D0B5FF000
|
unkown
|
page read and write
|
||
|
25AB9F60000
|
heap
|
page read and write
|
||
|
23F17E29000
|
heap
|
page read and write
|
||
|
2AAF000
|
stack
|
page read and write
|
||
|
22770D8B000
|
heap
|
page read and write
|
||
|
7FFFE2E41000
|
unkown
|
page execute read
|
||
|
194D964B000
|
heap
|
page read and write
|
||
|
1E151E02000
|
trusted library allocation
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
194D964B000
|
heap
|
page read and write
|
||
|
27EC3220000
|
trusted library allocation
|
page read and write
|
||
|
22770D83000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1F18ADB0000
|
heap
|
page read and write
|
||
|
1B25203D000
|
heap
|
page read and write
|
||
|
227702E0000
|
heap
|
page read and write
|
||
|
2CDD997B000
|
heap
|
page read and write
|
||
|
27EC3200000
|
trusted library allocation
|
page read and write
|
||
|
22770D6A000
|
heap
|
page read and write
|
||
|
2277121A000
|
heap
|
page read and write
|
||
|
22770D82000
|
heap
|
page read and write
|
||
|
9A7000
|
heap
|
page read and write
|
||
|
22770D83000
|
heap
|
page read and write
|
||
|
2DD63A13000
|
heap
|
page read and write
|
||
|
1EB39956000
|
heap
|
page read and write
|
||
|
2D2B000
|
stack
|
page read and write
|
||
|
22770D8B000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
80F477000
|
stack
|
page read and write
|
||
|
1F6FE654000
|
heap
|
page read and write
|
||
|
56FBEFC000
|
stack
|
page read and write
|
||
|
1B252059000
|
heap
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
27EBD914000
|
heap
|
page read and write
|
||
|
7FFFE2E92000
|
unkown
|
page readonly
|
||
|
7FFFE2E92000
|
unkown
|
page readonly
|
||
|
22770DA4000
|
heap
|
page read and write
|
||
|
22770516000
|
heap
|
page read and write
|
||
|
B3A3AFD000
|
stack
|
page read and write
|
||
|
1B25207D000
|
heap
|
page read and write
|
||
|
22770D87000
|
heap
|
page read and write
|
||
|
151FC7A000
|
stack
|
page read and write
|
||
|
27EBD857000
|
heap
|
page read and write
|
||
|
27EC3080000
|
trusted library allocation
|
page read and write
|
||
|
1B252063000
|
heap
|
page read and write
|
||
|
1778D7C000
|
stack
|
page read and write
|
||
|
28684BE0000
|
heap
|
page readonly
|
||
|
1EB39982000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
1B251F10000
|
heap
|
page read and write
|
||
|
23F17E6E000
|
heap
|
page read and write
|
||
|
22771218000
|
heap
|
page read and write
|
||
|
1F6FE500000
|
heap
|
page read and write
|
||
|
27EBD902000
|
heap
|
page read and write
|
||
|
22770D9C000
|
heap
|
page read and write
|
||
|
169F644E000
|
heap
|
page read and write
|
||
|
993C7E000
|
stack
|
page read and write
|
||
|
17EE6A80000
|
heap
|
page read and write
|
||
|
1A5F07F000
|
stack
|
page read and write
|
||
|
EBDE7FB000
|
stack
|
page read and write
|
||
|
3FF2E77000
|
stack
|
page read and write
|
||
|
27EC2F60000
|
trusted library allocation
|
page read and write
|
||
|
6E56BFF000
|
stack
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
7FFFE2E96000
|
unkown
|
page read and write
|
||
|
22770DAE000
|
heap
|
page read and write
|
||
|
17783CB000
|
stack
|
page read and write
|
||
|
169F6500000
|
heap
|
page read and write
|
||
|
B3A347B000
|
stack
|
page read and write
|
||
|
1BC2F1D0000
|
heap
|
page read and write
|
||
|
B9DF97A000
|
stack
|
page read and write
|
||
|
227704A9000
|
heap
|
page read and write
|
||
|
262D306C000
|
heap
|
page read and write
|
||
|
2220000
|
heap
|
page read and write
|
||
|
7FFFE2E92000
|
unkown
|
page readonly
|
||
|
1E151655000
|
heap
|
page read and write
|
||
|
22A0000
|
trusted library allocation
|
page read and write
|
||
|
27EBE318000
|
heap
|
page read and write
|
||
|
169F648E000
|
heap
|
page read and write
|
||
|
1B252102000
|
heap
|
page read and write
|
||
|
56FC07B000
|
stack
|
page read and write
|
||
|
27EBD7C0000
|
trusted library allocation
|
page read and write
|
||
|
22770DBF000
|
heap
|
page read and write
|
||
|
17EE8484000
|
heap
|
page read and write
|
||
|
56FC37D000
|
stack
|
page read and write
|
||
|
1B252064000
|
heap
|
page read and write
|
||
|
27EBED61000
|
trusted library allocation
|
page read and write
|
||
|
22770D85000
|
heap
|
page read and write
|
||
|
27EC2F30000
|
trusted library allocation
|
page read and write
|
||
|
27EC3053000
|
heap
|
page read and write
|
||
|
1B252075000
|
heap
|
page read and write
|
||
|
C6DDFFF000
|
stack
|
page read and write
|
||
|
194D94E0000
|
heap
|
page read and write
|
||
|
22770D9C000
|
heap
|
page read and write
|
||
|
2A2B000
|
stack
|
page read and write
|
||
|
22770D83000
|
heap
|
page read and write
|
||
|
810000
|
remote allocation
|
page read and write
|
||
|
27EBE300000
|
heap
|
page read and write
|
||
|
22770D94000
|
heap
|
page read and write
|
||
|
DA1000
|
heap
|
page read and write
|
||
|
1610DC7B000
|
heap
|
page read and write
|
||
|
1F6FE64A000
|
heap
|
page read and write
|
||
|
7FFFE2E99000
|
unkown
|
page readonly
|
||
|
27EBE313000
|
heap
|
page read and write
|
||
|
98D000
|
heap
|
page read and write
|
||
|
27EC3270000
|
trusted library allocation
|
page read and write
|
||
|
1F6FE65A000
|
heap
|
page read and write
|
||
|
27EBED90000
|
trusted library allocation
|
page read and write
|
||
|
B9DFA7A000
|
stack
|
page read and write
|
||
|
C5D92FC000
|
stack
|
page read and write
|
||
|
27EBE200000
|
heap
|
page read and write
|
||
|
27EBD8A4000
|
heap
|
page read and write
|
||
|
22770BF0000
|
remote allocation
|
page read and write
|
||
|
22770DA1000
|
heap
|
page read and write
|
||
|
2D0B07E000
|
stack
|
page read and write
|
||
|
22770DB8000
|
heap
|
page read and write
|
||
|
28684BA0000
|
direct allocation
|
page execute and read and write
|
||
|
1F18ADA0000
|
heap
|
page read and write
|
||
|
17EE6A80000
|
heap
|
page read and write
|
||
|
25ABA16A000
|
heap
|
page read and write
|
||
|
194D9613000
|
heap
|
page read and write
|
||
|
194D9718000
|
heap
|
page read and write
|
||
|
2CDD9A70000
|
heap
|
page read and write
|
||
|
2868327C000
|
heap
|
page read and write
|
||
|
151F72B000
|
stack
|
page read and write
|
||
|
27EC30A1000
|
heap
|
page read and write
|
||
|
23F17D70000
|
heap
|
page read and write
|
||
|
25ABA405000
|
heap
|
page read and write
|
||
|
27EC2F3E000
|
trusted library allocation
|
page read and write
|
||
|
1B25206D000
|
heap
|
page read and write
|
||
|
C6DE0FF000
|
stack
|
page read and write
|
||
|
17EE6B10000
|
heap
|
page read and write
|
||
|
1B251F00000
|
heap
|
page read and write
|
||
|
993B7E000
|
stack
|
page read and write
|
||
|
1E151663000
|
heap
|
page read and write
|
||
|
17EE6B18000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
22770270000
|
heap
|
page read and write
|
||
|
194DB070000
|
trusted library allocation
|
page read and write
|
||
|
22770489000
|
heap
|
page read and write
|
||
|
7FFFE2E99000
|
unkown
|
page readonly
|
||
|
22770D6F000
|
heap
|
page read and write
|
||
|
3FF2A7E000
|
stack
|
page read and write
|
||
|
27EC30F2000
|
heap
|
page read and write
|
||
|
2D0B47F000
|
stack
|
page read and write
|
||
|
22770D5E000
|
heap
|
page read and write
|
||
|
2DD64202000
|
trusted library allocation
|
page read and write
|
||
|
27EBD907000
|
heap
|
page read and write
|
||
|
1EB39A55000
|
heap
|
page read and write
|
||
|
1EB398D0000
|
heap
|
page read and write
|
||
|
151F7AE000
|
stack
|
page read and write
|
||
|
22770D20000
|
heap
|
page read and write
|
||
|
227704D9000
|
heap
|
page read and write
|
||
|
1B25205C000
|
heap
|
page read and write
|
||
|
2DD637A0000
|
heap
|
page read and write
|
||
|
1EB39770000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
22770D62000
|
heap
|
page read and write
|
||
|
25ABA14E000
|
heap
|
page read and write
|
||
|
1F18AF10000
|
trusted library allocation
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
169F6453000
|
heap
|
page read and write
|
||
|
23F18802000
|
heap
|
page read and write
|
||
|
22770502000
|
heap
|
page read and write
|
||
|
1F18AF40000
|
remote allocation
|
page read and write
|
||
|
93A000
|
heap
|
page read and write
|
||
|
286831D5000
|
heap
|
page read and write
|
||
|
22770D8D000
|
heap
|
page read and write
|
||
|
1B252057000
|
heap
|
page read and write
|
||
|
56FC17D000
|
stack
|
page read and write
|
||
|
9A7000
|
heap
|
page read and write
|
||
|
C6DD5EB000
|
stack
|
page read and write
|
||
|
262D3067000
|
heap
|
page read and write
|
||
|
80F0FE000
|
stack
|
page read and write
|
||
|
22770DAF000
|
heap
|
page read and write
|
||
|
D9BBA7E000
|
stack
|
page read and write
|
||
|
1610DD02000
|
heap
|
page read and write
|
||
|
151FD7F000
|
stack
|
page read and write
|
||
|
1A5E9EE000
|
stack
|
page read and write
|
||
|
1B252074000
|
heap
|
page read and write
|
||
|
1B252058000
|
heap
|
page read and write
|
||
|
7FFFE2E41000
|
unkown
|
page execute read
|
||
|
B9DFC7B000
|
stack
|
page read and write
|
||
|
25ABA140000
|
heap
|
page read and write
|
||
|
B9DF39B000
|
stack
|
page read and write
|
||
|
22770D62000
|
heap
|
page read and write
|
||
|
22770455000
|
heap
|
page read and write
|
||
|
28683190000
|
heap
|
page read and write
|
||
|
1610DC29000
|
heap
|
page read and write
|
||
|
27EC2E20000
|
trusted library allocation
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
25ABA400000
|
heap
|
page read and write
|
||
|
1E151590000
|
trusted library allocation
|
page read and write
|
||
|
1B252029000
|
heap
|
page read and write
|
||
|
D9BBAFE000
|
stack
|
page read and write
|
||
|
80F67E000
|
stack
|
page read and write
|
||
|
1E151661000
|
heap
|
page read and write
|
||
|
17EE6940000
|
heap
|
page read and write
|
||
|
22770D14000
|
heap
|
page read and write
|
||
|
22770D90000
|
heap
|
page read and write
|
||
|
27EBD730000
|
heap
|
page read and write
|
||
|
22771202000
|
heap
|
page read and write
|
||
|
27EC309E000
|
heap
|
page read and write
|
||
|
27EBD829000
|
heap
|
page read and write
|
||
|
1E15165E000
|
heap
|
page read and write
|
||
|
1B25203A000
|
heap
|
page read and write
|
||
|
25ABA136000
|
heap
|
page read and write
|
||
|
27EBD897000
|
heap
|
page read and write
|
||
|
D5F000
|
heap
|
page read and write
|
||
|
194D968C000
|
heap
|
page read and write
|
||
|
262D2F50000
|
heap
|
page read and write
|
||
|
25ABA145000
|
heap
|
page read and write
|
||
|
7FFFE2E41000
|
unkown
|
page execute read
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
9936EB000
|
stack
|
page read and write
|
||
|
56FB78B000
|
stack
|
page read and write
|
||
|
169F6470000
|
heap
|
page read and write
|
||
|
1F6FE5C0000
|
remote allocation
|
page read and write
|
||
|
22770DC2000
|
heap
|
page read and write
|
||
|
3FF27AB000
|
stack
|
page read and write
|
||
|
1610DC13000
|
heap
|
page read and write
|
||
|
1E151708000
|
heap
|
page read and write
|
||
|
17EE8480000
|
heap
|
page read and write
|
||
|
2CDDB4D0000
|
heap
|
page read and write
|
||
|
27EC2E10000
|
trusted library allocation
|
page read and write
|
||
|
22770D9C000
|
heap
|
page read and write
|
||
|
80F57E000
|
stack
|
page read and write
|
||
|
25ABA120000
|
heap
|
page read and write
|
||
|
1E151430000
|
heap
|
page read and write
|
||
|
1778C7C000
|
stack
|
page read and write
|
||
|
22770D83000
|
heap
|
page read and write
|
||
|
2277043C000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page readonly
|
||
|
942000
|
heap
|
page read and write
|
||
|
27EBED83000
|
trusted library allocation
|
page read and write
|
||
|
22770D8B000
|
heap
|
page read and write
|
||
|
23F17ECE000
|
heap
|
page read and write
|
||
|
22770D4E000
|
heap
|
page read and write
|
||
|
D9BB715000
|
stack
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
C5D9179000
|
stack
|
page read and write
|
||
|
3FF2C7E000
|
stack
|
page read and write
|
||
|
22770D8B000
|
heap
|
page read and write
|
||
|
28683290000
|
heap
|
page read and write
|
||
|
27EC30DD000
|
heap
|
page read and write
|
||
|
942000
|
heap
|
page read and write
|
||
|
194DB0F0000
|
remote allocation
|
page read and write
|
||
|
1F6FF002000
|
trusted library allocation
|
page read and write
|
||
|
1F6FE629000
|
heap
|
page read and write
|
||
|
B3A35FE000
|
stack
|
page read and write
|
||
|
1B252042000
|
heap
|
page read and write
|
||
|
1B252062000
|
heap
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
22770D83000
|
heap
|
page read and write
|
||
|
22770DBF000
|
heap
|
page read and write
|
||
|
2868326D000
|
heap
|
page read and write
|
||
|
23F17DD0000
|
heap
|
page read and write
|
||
|
1BC2F2FD000
|
heap
|
page read and write
|
||
|
1B252069000
|
heap
|
page read and write
|
||
|
17EE6DA0000
|
direct allocation
|
page execute and read and write
|
||
|
22770D00000
|
heap
|
page read and write
|
||
|
2CDDB4D4000
|
heap
|
page read and write
|
||
|
23F17EE2000
|
heap
|
page read and write
|
||
|
2CAF000
|
stack
|
page read and write
|
||
|
27EC303D000
|
heap
|
page read and write
|
||
|
27EBD83D000
|
heap
|
page read and write
|
||
|
1EB3995E000
|
heap
|
page read and write
|
||
|
25ABA140000
|
heap
|
page read and write
|
||
|
194D9570000
|
trusted library allocation
|
page read and write
|
||
|
1B25205E000
|
heap
|
page read and write
|
||
|
1E151668000
|
heap
|
page read and write
|
||
|
22770280000
|
heap
|
page read and write
|
||
|
22770D62000
|
heap
|
page read and write
|
||
|
1A5EE7B000
|
stack
|
page read and write
|
||
|
17EE6DC0000
|
heap
|
page read and write
|
||
|
7FFFE2E41000
|
unkown
|
page execute read
|
||
|
27EBD88E000
|
heap
|
page read and write
|
||
|
23F17D60000
|
heap
|
page read and write
|
||
|
27EBE359000
|
heap
|
page read and write
|
||
|
27EC3290000
|
remote allocation
|
page read and write
|
||
|
1EB39780000
|
trusted library allocation
|
page read and write
|
||
|
227704FC000
|
heap
|
page read and write
|
||
|
27EBD877000
|
heap
|
page read and write
|
||
|
28683120000
|
heap
|
page read and write
|
||
|
22771222000
|
heap
|
page read and write
|
||
|
22770D8A000
|
heap
|
page read and write
|
||
|
1F6FE65E000
|
heap
|
page read and write
|
||
|
D9BBB7E000
|
stack
|
page read and write
|
||
|
22770DAD000
|
heap
|
page read and write
|
||
|
169F6402000
|
heap
|
page read and write
|
||
|
22770D8B000
|
heap
|
page read and write
|
||
|
1BC2F090000
|
heap
|
page read and write
|
||
|
22770D9C000
|
heap
|
page read and write
|
||
|
17EE6DC5000
|
heap
|
page read and write
|
||
|
29AE000
|
stack
|
page read and write
|
||
|
25ABA163000
|
heap
|
page read and write
|
||
|
194D965B000
|
heap
|
page read and write
|
||
|
23F17F02000
|
heap
|
page read and write
|
||
|
17EE6DC5000
|
heap
|
page read and write
|
||
|
1E151676000
|
heap
|
page read and write
|
||
|
2CDD9958000
|
heap
|
page read and write
|
||
|
1610DC55000
|
heap
|
page read and write
|
||
|
9937EE000
|
stack
|
page read and write
|
||
|
22A0000
|
trusted library allocation
|
page read and write
|
||
|
22771200000
|
heap
|
page read and write
|
||
|
2C2C000
|
stack
|
page read and write
|
||
|
22770D63000
|
heap
|
page read and write
|
||
|
22770D8A000
|
heap
|
page read and write
|
||
|
22770DB1000
|
heap
|
page read and write
|
||
|
169F6200000
|
heap
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
22770D8A000
|
heap
|
page read and write
|
||
|
27EC30F6000
|
heap
|
page read and write
|
||
|
1E151700000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
25ABA15F000
|
heap
|
page read and write
|
||
|
9DE000
|
heap
|
page read and write
|
||
|
17EE8460000
|
remote allocation
|
page read and write
|
||
|
1B25207E000
|
heap
|
page read and write
|
||
|
D0B000
|
heap
|
page read and write
|
||
|
2277044B000
|
heap
|
page read and write
|
||
|
27EC3090000
|
trusted library allocation
|
page read and write
|
||
|
17EE6A80000
|
heap
|
page read and write
|
||
|
27EBE302000
|
heap
|
page read and write
|
||
|
28684C40000
|
heap
|
page read and write
|
||
|
17EE85E0000
|
heap
|
page read and write
|
||
|
F139485000
|
stack
|
page read and write
|
||
|
22770BF0000
|
remote allocation
|
page read and write
|
||
|
56FC47F000
|
stack
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
2DD63900000
|
trusted library allocation
|
page read and write
|
||
|
1F6FE656000
|
heap
|
page read and write
|
||
|
227704F2000
|
heap
|
page read and write
|
||
|
1EB3A5B0000
|
trusted library allocation
|
page read and write
|
||
|
169F61A0000
|
heap
|
page read and write
|
||
|
23F17E43000
|
heap
|
page read and write
|
||
|
227704E4000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1B25205A000
|
heap
|
page read and write
|
||
|
1B252013000
|
heap
|
page read and write
|
||
|
99376E000
|
stack
|
page read and write
|
||
|
22770D1E000
|
heap
|
page read and write
|
||
|
2AD0000
|
remote allocation
|
page read and write
|
||
|
61CF67C000
|
stack
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
25ABA14E000
|
heap
|
page read and write
|
||
|
6E56B7F000
|
stack
|
page read and write
|
||
|
56FBE7E000
|
stack
|
page read and write
|
||
|
17EE85E0000
|
heap
|
page read and write
|
||
|
56FC27E000
|
stack
|
page read and write
|
||
|
56FBD7F000
|
stack
|
page read and write
|
||
|
27EC3240000
|
trusted library allocation
|
page read and write
|
||
|
27EBE304000
|
heap
|
page read and write
|
||
|
7FFFE2E99000
|
unkown
|
page readonly
|
||
|
22770D66000
|
heap
|
page read and write
|
||
|
22770451000
|
heap
|
page read and write
|
||
|
23F17F13000
|
heap
|
page read and write
|
||
|
25ABA14E000
|
heap
|
page read and write
|
||
|
6E56B7F000
|
stack
|
page read and write
|
||
|
27EBD8F9000
|
heap
|
page read and write
|
||
|
194D9702000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
22770DB8000
|
heap
|
page read and write
|
||
|
17EE6AA0000
|
heap
|
page read and write
|
||
|
22770DAF000
|
heap
|
page read and write
|
||
|
2D0ADCE000
|
stack
|
page read and write
|
||
|
22771202000
|
heap
|
page read and write
|
||
|
5E4000
|
stack
|
page read and write
|
||
|
1EB3A830000
|
trusted library allocation
|
page read and write
|
||
|
98D000
|
heap
|
page read and write
|
||
|
227703E0000
|
trusted library allocation
|
page read and write
|
||
|
1B25206B000
|
heap
|
page read and write
|
||
|
262D2FC0000
|
heap
|
page read and write
|
||
|
96B000
|
heap
|
page read and write
|
||
|
EBDE2EC000
|
stack
|
page read and write
|
||
|
C5D91F8000
|
stack
|
page read and write
|
||
|
23F17E13000
|
heap
|
page read and write
|
||
|
2CDD9800000
|
heap
|
page read and write
|
||
|
27EBD889000
|
heap
|
page read and write
|
||
|
80F27B000
|
stack
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
169F6C02000
|
trusted library allocation
|
page read and write
|
||
|
25ABA146000
|
heap
|
page read and write
|
||
|
C6DDAFF000
|
stack
|
page read and write
|
||
|
169F6300000
|
trusted library allocation
|
page read and write
|
||
|
17EE6B18000
|
heap
|
page read and write
|
||
|
152007E000
|
stack
|
page read and write
|
||
|
227704EF000
|
heap
|
page read and write
|
||
|
25ABA131000
|
heap
|
page read and write
|
||
|
22771202000
|
heap
|
page read and write
|
||
|
27EC3200000
|
trusted library allocation
|
page read and write
|
||
|
1F18B02A000
|
heap
|
page read and write
|
||
|
C6DD9FA000
|
stack
|
page read and write
|
||
|
C5D8D8F000
|
stack
|
page read and write
|
||
|
C6DDEFD000
|
stack
|
page read and write
|
||
|
22770D9C000
|
heap
|
page read and write
|
||
|
169F643C000
|
heap
|
page read and write
|
||
|
2DD63A02000
|
heap
|
page read and write
|
||
|
1B252041000
|
heap
|
page read and write
|
||
|
28683210000
|
heap
|
page read and write
|
||
|
27EBE215000
|
heap
|
page read and write
|
||
|
17EE8480000
|
heap
|
page read and write
|
||
|
3FF2BFC000
|
stack
|
page read and write
|
||
|
1BC2F2F0000
|
heap
|
page read and write
|
||
|
22771202000
|
heap
|
page read and write
|
||
|
B3A36FD000
|
stack
|
page read and write
|
||
|
27EC2D90000
|
trusted library allocation
|
page read and write
|
||
|
1F18B802000
|
trusted library allocation
|
page read and write
|
||
|
1B252031000
|
heap
|
page read and write
|
||
|
1B252044000
|
heap
|
page read and write
|
||
|
7FFFE2E40000
|
unkown
|
page readonly
|
||
|
F13997E000
|
stack
|
page read and write
|
||
|
17EE6AF0000
|
heap
|
page read and write
|
||
|
27EF000
|
stack
|
page read and write
|
||
|
D87000
|
heap
|
page read and write
|
||
|
194DB0F0000
|
remote allocation
|
page read and write
|
||
|
1F18B000000
|
heap
|
page read and write
|
||
|
7FFFE2E96000
|
unkown
|
page read and write
|
||
|
28AD000
|
stack
|
page read and write
|
||
|
1EB3A810000
|
heap
|
page readonly
|
||
|
2CDD9991000
|
heap
|
page read and write
|
||
|
22770400000
|
heap
|
page read and write
|
||
|
27EBE318000
|
heap
|
page read and write
|
||
|
22771218000
|
heap
|
page read and write
|
||
|
1EB3A880000
|
trusted library allocation
|
page read and write
|
||
|
1610DC87000
|
heap
|
page read and write
|
||
|
7FFFE2E40000
|
unkown
|
page readonly
|
||
|
23F17E00000
|
heap
|
page read and write
|
||
|
61CF97E000
|
stack
|
page read and write
|
||
|
1610DC3C000
|
heap
|
page read and write
|
||
|
6E56AF5000
|
stack
|
page read and write
|
||
|
F13958E000
|
stack
|
page read and write
|
||
|
27EC3200000
|
trusted library allocation
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
17EE8484000
|
heap
|
page read and write
|
||
|
22770DAF000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
17EE6DB0000
|
heap
|
page readonly
|
||
|
1F18AF40000
|
remote allocation
|
page read and write
|
||
|
27EC3000000
|
heap
|
page read and write
|
||
|
1B25204E000
|
heap
|
page read and write
|
||
|
22770DA0000
|
heap
|
page read and write
|
||
|
27EC2F30000
|
trusted library allocation
|
page read and write
|
||
|
1610DD26000
|
heap
|
page read and write
|
||
|
7FFFE2E41000
|
unkown
|
page execute read
|
||
|
17EE8460000
|
remote allocation
|
page read and write
|
||
|
1F18B059000
|
heap
|
page read and write
|
||
|
2CDD9BB5000
|
heap
|
page read and write
|
||
|
7FFFE2E92000
|
unkown
|
page readonly
|
||
|
27AE000
|
stack
|
page read and write
|
||
|
C5D8D0A000
|
stack
|
page read and write
|
||
|
286831B0000
|
heap
|
page read and write
|
||
|
27EC2DA0000
|
trusted library allocation
|
page read and write
|
||
|
22770508000
|
heap
|
page read and write
|
||
|
80F17D000
|
stack
|
page read and write
|
||
|
22770D64000
|
heap
|
page read and write
|
||
|
1B25206F000
|
heap
|
page read and write
|
||
|
262D3065000
|
heap
|
page read and write
|
||
|
F1398FE000
|
stack
|
page read and write
|
||
|
169F6413000
|
heap
|
page read and write
|
||
|
1EB39A60000
|
trusted library allocation
|
page read and write
|
||
|
1EB398B0000
|
heap
|
page read and write
|
||
|
169F644C000
|
heap
|
page read and write
|
||
|
22770DAE000
|
heap
|
page read and write
|
||
|
22770BF0000
|
remote allocation
|
page read and write
|
||
|
7FFFE2E96000
|
unkown
|
page read and write
|
||
|
27EC30D7000
|
heap
|
page read and write
|
||
|
2DD63A3C000
|
heap
|
page read and write
|
||
|
17EE6AA0000
|
heap
|
page read and write
|
||
|
3FF307F000
|
stack
|
page read and write
|
||
|
1B25205F000
|
heap
|
page read and write
|
||
|
262D3102000
|
heap
|
page read and write
|
||
|
1B252040000
|
heap
|
page read and write
|
||
|
22770D6A000
|
heap
|
page read and write
|
||
|
22770DB8000
|
heap
|
page read and write
|
||
|
17EE6B18000
|
heap
|
page read and write
|
||
|
F1399FB000
|
stack
|
page read and write
|
||
|
1E151713000
|
heap
|
page read and write
|
||
|
1F6FE5C0000
|
remote allocation
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
969000
|
heap
|
page read and write
|
||
|
1F6FE5C0000
|
remote allocation
|
page read and write
|
||
|
9AC000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
2D0B377000
|
stack
|
page read and write
|
||
|
17EE6B10000
|
heap
|
page read and write
|
||
|
C5D90FF000
|
stack
|
page read and write
|
||
|
194D965B000
|
heap
|
page read and write
|
||
|
22770D97000
|
heap
|
page read and write
|
||
|
2277044E000
|
heap
|
page read and write
|
||
|
27EC3060000
|
heap
|
page read and write
|
||
|
262D303C000
|
heap
|
page read and write
|
||
|
27EBD874000
|
heap
|
page read and write
|
||
|
EA5000
|
heap
|
page read and write
|
||
|
E70000
|
direct allocation
|
page execute and read and write
|
||
|
1EB3995E000
|
heap
|
page read and write
|
||
|
1610DA20000
|
heap
|
page read and write
|
||
|
1EB39917000
|
heap
|
page read and write
|
||
|
262D3113000
|
heap
|
page read and write
|
||
|
7FFFE2E40000
|
unkown
|
page readonly
|
||
|
1F6FE613000
|
heap
|
page read and write
|
||
|
27EBD899000
|
heap
|
page read and write
|
||
|
25ABA0B0000
|
heap
|
page read and write
|
||
|
23F17EBD000
|
heap
|
page read and write
|
||
|
1A5EF77000
|
stack
|
page read and write
|
||
|
6E56BFF000
|
stack
|
page read and write
|
||
|
EBDE9FB000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
17EE8480000
|
heap
|
page read and write
|
||
|
1F6FE602000
|
heap
|
page read and write
|
||
|
2DD63800000
|
heap
|
page read and write
|
||
|
1F6FE600000
|
heap
|
page read and write
|
||
|
1B252084000
|
heap
|
page read and write
|
||
|
17787FC000
|
stack
|
page read and write
|
||
|
1610DD00000
|
heap
|
page read and write
|
||
|
194DB202000
|
trusted library allocation
|
page read and write
|
||
|
C6DDBFC000
|
stack
|
page read and write
|
||
|
25ABA162000
|
heap
|
page read and write
|
||
|
1610DA90000
|
heap
|
page read and write
|
||
|
7FFFE2E41000
|
unkown
|
page execute read
|
||
|
2CDD9AB0000
|
heap
|
page read and write
|
||
|
2DD63A64000
|
heap
|
page read and write
|
||
|
27EC2F50000
|
trusted library allocation
|
page read and write
|
||
|
2DD63A00000
|
heap
|
page read and write
|
||
|
993E7F000
|
stack
|
page read and write
|
||
|
80F07B000
|
stack
|
page read and write
|
||
|
25ABA16A000
|
heap
|
page read and write
|
||
|
23F17EC4000
|
heap
|
page read and write
|
||
|
194D9600000
|
heap
|
page read and write
|
||
|
262D305A000
|
heap
|
page read and write
|
||
|
262D3013000
|
heap
|
page read and write
|
||
|
1EB39982000
|
heap
|
page read and write
|
||
|
1B251FA0000
|
trusted library allocation
|
page read and write
|
||
|
286831D0000
|
heap
|
page read and write
|
||
|
1E151600000
|
heap
|
page read and write
|
||
|
27EBD720000
|
heap
|
page read and write
|
||
|
1E15163C000
|
heap
|
page read and write
|
||
|
27EC301D000
|
heap
|
page read and write
|
||
|
7FFFE2E40000
|
unkown
|
page readonly
|
||
|
1F18AF40000
|
remote allocation
|
page read and write
|
||
|
B9DF7F8000
|
stack
|
page read and write
|
||
|
22770D9F000
|
heap
|
page read and write
|
||
|
194D9713000
|
heap
|
page read and write
|
||
|
194D9658000
|
heap
|
page read and write
|
||
|
D25000
|
heap
|
page read and write
|
||
|
1610DC70000
|
heap
|
page read and write
|
||
|
262D3000000
|
heap
|
page read and write
|
||
|
27EC2F51000
|
trusted library allocation
|
page read and write
|
||
|
1B252060000
|
heap
|
page read and write
|
||
|
26FF000
|
stack
|
page read and write
|
||
|
6E56BFF000
|
stack
|
page read and write
|
||
|
227704AC000
|
heap
|
page read and write
|
||
|
1E151629000
|
heap
|
page read and write
|
||
|
1F18B013000
|
heap
|
page read and write
|
||
|
17EE6DA0000
|
direct allocation
|
page execute and read and write
|
||
|
2BAE000
|
stack
|
page read and write
|
||
|
2CDD9B10000
|
heap
|
page readonly
|
||
|
27EC2F70000
|
trusted library allocation
|
page read and write
|
||
|
27EBD8F9000
|
heap
|
page read and write
|
||
|
25ABA144000
|
heap
|
page read and write
|
||
|
1EB39A50000
|
heap
|
page read and write
|
||
|
22770481000
|
heap
|
page read and write
|
||
|
C5D927E000
|
stack
|
page read and write
|
||
|
7FFFE2E99000
|
unkown
|
page readonly
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
2CDD9BB0000
|
heap
|
page read and write
|
||
|
194D9602000
|
heap
|
page read and write
|
||
|
27EC2F38000
|
trusted library allocation
|
page read and write
|
||
|
194D9667000
|
heap
|
page read and write
|
||
|
27EC304A000
|
heap
|
page read and write
|
||
|
3FF2F7E000
|
stack
|
page read and write
|
||
|
17EE6AF0000
|
heap
|
page read and write
|
||
|
2CDDB4C0000
|
heap
|
page read and write
|
||
|
22770D85000
|
heap
|
page read and write
|
||
|
27EC33A0000
|
trusted library allocation
|
page read and write
|
||
|
2DD63B02000
|
heap
|
page read and write
|
||
|
28683230000
|
heap
|
page read and write
|
||
|
27EC3250000
|
trusted library allocation
|
page read and write
|
||
|
C6DE1FF000
|
stack
|
page read and write
|
||
|
169F6508000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1EB3A820000
|
trusted library allocation
|
page read and write
|
||
|
22770D8E000
|
heap
|
page read and write
|
||
|
22770D83000
|
heap
|
page read and write
|
||
|
169F6400000
|
heap
|
page read and write
|
||
|
F13987E000
|
stack
|
page read and write
|
||
|
22770D83000
|
heap
|
page read and write
|
||
|
169F6502000
|
heap
|
page read and write
|
||
|
194D9640000
|
heap
|
page read and write
|
||
|
28684D00000
|
heap
|
page read and write
|
||
|
1E151702000
|
heap
|
page read and write
|
||
|
22770D96000
|
heap
|
page read and write
|
||
|
EBDE8FB000
|
stack
|
page read and write
|
||
|
7FFFE2E96000
|
unkown
|
page read and write
|
||
|
1F6FE670000
|
heap
|
page read and write
|
||
|
22770DAE000
|
heap
|
page read and write
|
||
|
22770D8B000
|
heap
|
page read and write
|
||
|
C5D907F000
|
stack
|
page read and write
|
||
|
169F648A000
|
heap
|
page read and write
|
||
|
1F18AE10000
|
heap
|
page read and write
|
||
|
1B252067000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
2280000
|
heap
|
page readonly
|
||
|
22770D62000
|
heap
|
page read and write
|
||
|
1EB3995E000
|
heap
|
page read and write
|
||
|
194D9624000
|
heap
|
page read and write
|
||
|
1610E402000
|
trusted library allocation
|
page read and write
|
||
|
2240000
|
direct allocation
|
page execute and read and write
|
||
|
22770D8B000
|
heap
|
page read and write
|
||
|
7FFFE2E96000
|
unkown
|
page read and write
|
||
|
27EBD86D000
|
heap
|
page read and write
|
||
|
B3A39FF000
|
stack
|
page read and write
|
||
|
22770DA5000
|
heap
|
page read and write
|
||
|
61CFA7F000
|
stack
|
page read and write
|
||
|
17EE6940000
|
unkown
|
page read and write
|
||
|
7FFFE2E92000
|
unkown
|
page readonly
|
||
|
1610DB90000
|
trusted library allocation
|
page read and write
|
||
|
22770D68000
|
heap
|
page read and write
|
||
|
2B4E000
|
stack
|
page read and write
|
||
|
22770D8A000
|
heap
|
page read and write
|
||
|
1EB3A5C0000
|
trusted library allocation
|
page read and write
|
||
|
194D94D0000
|
heap
|
page read and write
|
||
|
27EBD872000
|
heap
|
page read and write
|
||
|
22770413000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1610DC00000
|
heap
|
page read and write
|
||
|
1F6FE510000
|
heap
|
page read and write
|
||
|
993D7E000
|
stack
|
page read and write
|
||
|
17EE6DB0000
|
heap
|
page readonly
|
||
|
2AD0000
|
remote allocation
|
page read and write
|
||
|
6E56AF5000
|
stack
|
page read and write
|
||
|
56FBFFC000
|
stack
|
page read and write
|
||
|
2D0B27B000
|
stack
|
page read and write
|
||
|
9C5000
|
stack
|
page read and write
|
||
|
27EBE202000
|
heap
|
page read and write
|
There are 871 hidden memdumps, click here to show them.