Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
1V4gPPcQvB.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
MPEG-4 LOAS
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0xf3be4723, page size 16384, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
|
Little-endian UTF-16 Unicode text, with CRLF, CR line terminators
|
modified
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_1V4_3fa5d2ed68e853c9942ac69dff8c73423072db_8e513626_1045fbad\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE9BC.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sat May 14 03:01:32 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WEREC4D.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WEREDA6.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\1V4gPPcQvB.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\1V4gPPcQvB.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\1V4gPPcQvB.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\1V4gPPcQvB.dll,DllUnregisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\TvcDyJjJQ\NcAvRfvDRbwLFn.dll"
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k NetworkService -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k unistacksvcgroup
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\IaRzYtpo\ezkFGDxqYAZSnHs.dll"
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservice -s W32Time
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\1V4gPPcQvB.dll"
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\1V4gPPcQvB.dll",#1
|
||
|
C:\Windows\System32\SgrmBroker.exe
|
C:\Windows\system32\SgrmBroker.exe
|
||
|
C:\Program Files\Windows Defender\MpCmdRun.exe
|
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 5648 -s 328
|
There are 14 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://23.239.0.12/
|
23.239.0.12
|
|
|
|
https://23.239.0.12/#mWwn
|
unknown
|
|
|
|
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
|
unknown
|
||
|
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Driving
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Transit/Stops/
|
unknown
|
||
|
https://t0.tiles.ditu.live.com/tiles/gen
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Walking
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
|
unknown
|
||
|
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=
|
unknown
|
||
|
https://%s.xboxlive.com
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Locations
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/logging.ashx
|
unknown
|
||
|
https://support.hotspotshield.com/
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/logging.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Transit/Schedules/
|
unknown
|
||
|
https://dynamic.t
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Transit
|
unknown
|
||
|
https://www.hotspotshield.com/terms/
|
unknown
|
||
|
https://www.pango.co/privacy
|
unknown
|
||
|
https://disneyplus.com/legal.
|
unknown
|
||
|
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
|
unknown
|
||
|
https://www.tiktok.com/legal/report
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://activity.windows.com
|
unknown
|
||
|
http://www.bingmapsportal.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Locations
|
unknown
|
||
|
http://help.disneyplus.com.
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://%s.dnet.xboxlive.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/an
|
unknown
|
There are 40 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
time.windows.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
23.239.0.12
|
unknown
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
||
|
192.168.2.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Usage
|
MonthID
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProgramId
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
FileId
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LongPathHash
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Name
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Publisher
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Version
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinFileVersion
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinaryType
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductName
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductVersion
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LinkDate
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinProductVersion
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Size
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Language
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsPeFile
|
||
|
\REGISTRY\A\{9aae6428-8c5b-ba5a-39cc-3f6e81d12d20}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsOsComponent
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug
|
ExceptionRecord
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
00184006417502B9
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\W32Time\Config
|
LastKnownGoodTime
|
There are 25 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
760000
|
direct allocation
|
page execute and read and write
|
|
|
|
23396DC0000
|
direct allocation
|
page execute and read and write
|
|
|
|
20701410000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
22E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
1D2BDAA0000
|
trusted library allocation
|
page read and write
|
||
|
25632470000
|
heap
|
page read and write
|
||
|
750000
|
direct allocation
|
page execute and read and write
|
||
|
1F508CEB000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
57D7D7C000
|
stack
|
page read and write
|
||
|
69BE5DF000
|
stack
|
page read and write
|
||
|
243CC45E000
|
heap
|
page read and write
|
||
|
1D2B8D59000
|
heap
|
page read and write
|
||
|
1CCF8402000
|
heap
|
page read and write
|
||
|
1D2BDA60000
|
trusted library allocation
|
page read and write
|
||
|
1D2B82F9000
|
heap
|
page read and write
|
||
|
25632502000
|
heap
|
page read and write
|
||
|
14932508000
|
heap
|
page read and write
|
||
|
1D2BDCB0000
|
heap
|
page read and write
|
||
|
32D2AFD000
|
stack
|
page read and write
|
||
|
1F508CC1000
|
heap
|
page read and write
|
||
|
1D2BD990000
|
trusted library allocation
|
page read and write
|
||
|
1F508D13000
|
heap
|
page read and write
|
||
|
1F508CED000
|
heap
|
page read and write
|
||
|
2C4D98F0000
|
heap
|
page read and write
|
||
|
241F000
|
stack
|
page read and write
|
||
|
CDD4B7E000
|
stack
|
page read and write
|
||
|
1D2B8277000
|
heap
|
page read and write
|
||
|
1F509796000
|
heap
|
page read and write
|
||
|
2F461810000
|
heap
|
page read and write
|
||
|
1D2B82A1000
|
heap
|
page read and write
|
||
|
6AB1E7E000
|
stack
|
page read and write
|
||
|
1D2BD800000
|
trusted library allocation
|
page read and write
|
||
|
2F461C95000
|
heap
|
page read and write
|
||
|
1D2BDC22000
|
heap
|
page read and write
|
||
|
26E7EE4A000
|
heap
|
page read and write
|
||
|
26E7ED80000
|
trusted library allocation
|
page read and write
|
||
|
1F509C02000
|
heap
|
page read and write
|
||
|
1E1EAC3C000
|
heap
|
page read and write
|
||
|
6AB17FB000
|
stack
|
page read and write
|
||
|
6AB1F7E000
|
stack
|
page read and write
|
||
|
22A0000
|
heap
|
page read and write
|
||
|
25773413000
|
heap
|
page read and write
|
||
|
982000
|
heap
|
page read and write
|
||
|
243CC502000
|
heap
|
page read and write
|
||
|
88DAEFF000
|
stack
|
page read and write
|
||
|
A6F367E000
|
stack
|
page read and write
|
||
|
26E7EDF0000
|
remote allocation
|
page read and write
|
||
|
1537977000
|
stack
|
page read and write
|
||
|
CDD45AC000
|
stack
|
page read and write
|
||
|
A4AEFE000
|
stack
|
page read and write
|
||
|
1F509C02000
|
heap
|
page read and write
|
||
|
88DA4FD000
|
stack
|
page read and write
|
||
|
23682C50000
|
heap
|
page read and write
|
||
|
26E7EE5A000
|
heap
|
page read and write
|
||
|
1D2B8307000
|
heap
|
page read and write
|
||
|
7FFFE2329000
|
unkown
|
page readonly
|
||
|
1D2BDB20000
|
remote allocation
|
page read and write
|
||
|
88DA6FE000
|
stack
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
1D2B8302000
|
heap
|
page read and write
|
||
|
57D7DFE000
|
stack
|
page read and write
|
||
|
25773310000
|
heap
|
page read and write
|
||
|
1F509C19000
|
heap
|
page read and write
|
||
|
26E7EE8B000
|
heap
|
page read and write
|
||
|
14932460000
|
heap
|
page read and write
|
||
|
19003CE0000
|
heap
|
page read and write
|
||
|
641000
|
heap
|
page read and write
|
||
|
243CC45A000
|
heap
|
page read and write
|
||
|
1F509760000
|
heap
|
page read and write
|
||
|
25773513000
|
heap
|
page read and write
|
||
|
1F509C03000
|
heap
|
page read and write
|
||
|
7FFFE22D1000
|
unkown
|
page execute read
|
||
|
2077EE30000
|
heap
|
page read and write
|
||
|
1D2BDA70000
|
trusted library allocation
|
page read and write
|
||
|
26FE000
|
stack
|
page read and write
|
||
|
21C335F0000
|
remote allocation
|
page read and write
|
||
|
63F000
|
heap
|
page read and write
|
||
|
69BE87E000
|
stack
|
page read and write
|
||
|
243CC478000
|
heap
|
page read and write
|
||
|
1F5097BE000
|
heap
|
page read and write
|
||
|
243CC458000
|
heap
|
page read and write
|
||
|
1E1EAA30000
|
heap
|
page read and write
|
||
|
26E7EE3D000
|
heap
|
page read and write
|
||
|
1F50979F000
|
heap
|
page read and write
|
||
|
2720000
|
remote allocation
|
page read and write
|
||
|
1F508BA0000
|
trusted library allocation
|
page read and write
|
||
|
1F509760000
|
heap
|
page read and write
|
||
|
1F50975E000
|
heap
|
page read and write
|
||
|
1CCF83A0000
|
trusted library allocation
|
page read and write
|
||
|
7D05D7E000
|
stack
|
page read and write
|
||
|
26E7EF00000
|
heap
|
page read and write
|
||
|
257732A0000
|
heap
|
page read and write
|
||
|
57D7FFD000
|
stack
|
page read and write
|
||
|
2077EF32000
|
heap
|
page read and write
|
||
|
1D2B8D18000
|
heap
|
page read and write
|
||
|
257D000
|
stack
|
page read and write
|
||
|
69E000
|
heap
|
page read and write
|
||
|
20EF000
|
stack
|
page read and write
|
||
|
25632400000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
2F461A01000
|
heap
|
page read and write
|
||
|
1F509775000
|
heap
|
page read and write
|
||
|
5DB000
|
heap
|
page read and write
|
||
|
1F50971B000
|
heap
|
page read and write
|
||
|
2C4D997C000
|
heap
|
page read and write
|
||
|
88DA7FA000
|
stack
|
page read and write
|
||
|
243CC446000
|
heap
|
page read and write
|
||
|
1D6957AD000
|
heap
|
page read and write
|
||
|
1F508D16000
|
heap
|
page read and write
|
||
|
1D2B8C00000
|
heap
|
page read and write
|
||
|
1D2BD9C0000
|
trusted library allocation
|
page read and write
|
||
|
7D059C5000
|
stack
|
page read and write
|
||
|
6AB197D000
|
stack
|
page read and write
|
||
|
23396FB0000
|
heap
|
page read and write
|
||
|
1F50978C000
|
heap
|
page read and write
|
||
|
1493248A000
|
heap
|
page read and write
|
||
|
AD5000
|
heap
|
page read and write
|
||
|
1F508C58000
|
heap
|
page read and write
|
||
|
1F509791000
|
heap
|
page read and write
|
||
|
7FFFE2322000
|
unkown
|
page readonly
|
||
|
23395422000
|
heap
|
page read and write
|
||
|
F78FA7F000
|
stack
|
page read and write
|
||
|
1E1EAD13000
|
heap
|
page read and write
|
||
|
7FFFE2322000
|
unkown
|
page readonly
|
||
|
1D2BD990000
|
trusted library allocation
|
page read and write
|
||
|
1E1EAC4B000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
1D2B8C02000
|
heap
|
page read and write
|
||
|
1CCF8413000
|
heap
|
page read and write
|
||
|
23682E02000
|
heap
|
page read and write
|
||
|
F78F87F000
|
stack
|
page read and write
|
||
|
25632413000
|
heap
|
page read and write
|
||
|
62F000
|
heap
|
page read and write
|
||
|
1F509793000
|
heap
|
page read and write
|
||
|
281C000
|
stack
|
page read and write
|
||
|
1F509775000
|
heap
|
page read and write
|
||
|
257734CA000
|
heap
|
page read and write
|
||
|
2077EE50000
|
heap
|
page read and write
|
||
|
23682E13000
|
heap
|
page read and write
|
||
|
26E7EE2A000
|
heap
|
page read and write
|
||
|
1F509791000
|
heap
|
page read and write
|
||
|
243CC447000
|
heap
|
page read and write
|
||
|
1D2BDCF0000
|
heap
|
page read and write
|
||
|
2F461A20000
|
heap
|
page read and write
|
||
|
1D2B82A9000
|
heap
|
page read and write
|
||
|
AD6097E000
|
stack
|
page read and write
|
||
|
1D2B823D000
|
heap
|
page read and write
|
||
|
A4B37E000
|
stack
|
page read and write
|
||
|
21C3365C000
|
heap
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
F78F9F9000
|
stack
|
page read and write
|
||
|
668000
|
heap
|
page read and write
|
||
|
1D2B8C15000
|
heap
|
page read and write
|
||
|
A6F38FC000
|
stack
|
page read and write
|
||
|
A6F3C7C000
|
stack
|
page read and write
|
||
|
1CCF8240000
|
heap
|
page read and write
|
||
|
243CC429000
|
heap
|
page read and write
|
||
|
A6F3D7E000
|
stack
|
page read and write
|
||
|
24FB000
|
stack
|
page read and write
|
||
|
1F508CC7000
|
heap
|
page read and write
|
||
|
BBA0EFB000
|
stack
|
page read and write
|
||
|
1F509700000
|
heap
|
page read and write
|
||
|
26E7F602000
|
trusted library allocation
|
page read and write
|
||
|
21C33640000
|
heap
|
page read and write
|
||
|
1F5094D0000
|
remote allocation
|
page read and write
|
||
|
1F508C5D000
|
heap
|
page read and write
|
||
|
1F50978C000
|
heap
|
page read and write
|
||
|
1CCF8230000
|
heap
|
page read and write
|
||
|
267E000
|
stack
|
page read and write
|
||
|
243CC444000
|
heap
|
page read and write
|
||
|
1D2BDC4F000
|
heap
|
page read and write
|
||
|
2077EE70000
|
heap
|
page read and write
|
||
|
2C4D9790000
|
heap
|
page read and write
|
||
|
1F509796000
|
heap
|
page read and write
|
||
|
1D2BDC00000
|
heap
|
page read and write
|
||
|
243CC46C000
|
heap
|
page read and write
|
||
|
25632513000
|
heap
|
page read and write
|
||
|
1F50979D000
|
heap
|
page read and write
|
||
|
243CC445000
|
heap
|
page read and write
|
||
|
57D78AB000
|
stack
|
page read and write
|
||
|
F78F97F000
|
stack
|
page read and write
|
||
|
1F509775000
|
heap
|
page read and write
|
||
|
243CC44E000
|
heap
|
page read and write
|
||
|
2339543B000
|
heap
|
page read and write
|
||
|
1F50979B000
|
heap
|
page read and write
|
||
|
243CC457000
|
heap
|
page read and write
|
||
|
F78FAFC000
|
stack
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
23396D90000
|
heap
|
page read and write
|
||
|
FC1E3BE000
|
stack
|
page read and write
|
||
|
2F461A20000
|
heap
|
page read and write
|
||
|
2C4D998D000
|
heap
|
page read and write
|
||
|
149322F0000
|
heap
|
page read and write
|
||
|
A4B17B000
|
stack
|
page read and write
|
||
|
1F5094D0000
|
remote allocation
|
page read and write
|
||
|
88DA5FA000
|
stack
|
page read and write
|
||
|
2077EEE8000
|
heap
|
page read and write
|
||
|
2C4DCBA3000
|
heap
|
page read and write
|
||
|
7FFFE2326000
|
unkown
|
page read and write
|
||
|
2C4D9969000
|
heap
|
page read and write
|
||
|
1493247C000
|
heap
|
page read and write
|
||
|
1F509C02000
|
heap
|
page read and write
|
||
|
26E7EE25000
|
heap
|
page read and write
|
||
|
19003D70000
|
trusted library allocation
|
page read and write
|
||
|
1F509722000
|
heap
|
page read and write
|
||
|
295E000
|
stack
|
page read and write
|
||
|
26E7EF02000
|
heap
|
page read and write
|
||
|
AD60A7E000
|
stack
|
page read and write
|
||
|
6AB1D7F000
|
stack
|
page read and write
|
||
|
25632240000
|
heap
|
page read and write
|
||
|
1D2BDD06000
|
heap
|
page read and write
|
||
|
A5D2F4B000
|
stack
|
page read and write
|
||
|
7FFFE22D1000
|
unkown
|
page execute read
|
||
|
AD609FE000
|
stack
|
page read and write
|
||
|
23682F02000
|
heap
|
page read and write
|
||
|
19004020000
|
trusted library allocation
|
page read and write
|
||
|
A4AF7E000
|
stack
|
page read and write
|
||
|
2339542F000
|
heap
|
page read and write
|
||
|
1F508C64000
|
heap
|
page read and write
|
||
|
2077EEB0000
|
direct allocation
|
page execute and read and write
|
||
|
2C4D9A70000
|
heap
|
page read and write
|
||
|
A4B47F000
|
stack
|
page read and write
|
||
|
23682E00000
|
heap
|
page read and write
|
||
|
1E1EAC8A000
|
heap
|
page read and write
|
||
|
7FFFE2326000
|
unkown
|
page read and write
|
||
|
23682CC0000
|
heap
|
page read and write
|
||
|
A4B07B000
|
stack
|
page read and write
|
||
|
1F508C29000
|
heap
|
page read and write
|
||
|
2C4D9981000
|
heap
|
page read and write
|
||
|
2C4D9978000
|
heap
|
page read and write
|
||
|
19003DDE000
|
heap
|
page read and write
|
||
|
243CC340000
|
trusted library allocation
|
page read and write
|
||
|
1D2B8190000
|
heap
|
page read and write
|
||
|
A6F37FC000
|
stack
|
page read and write
|
||
|
25632402000
|
heap
|
page read and write
|
||
|
1D2BD7F0000
|
trusted library allocation
|
page read and write
|
||
|
88DACFB000
|
stack
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
21C33602000
|
heap
|
page read and write
|
||
|
1F508C13000
|
heap
|
page read and write
|
||
|
2070000
|
trusted library allocation
|
page read and write
|
||
|
2C4DCBB0000
|
trusted library allocation
|
page read and write
|
||
|
88DA8FB000
|
stack
|
page read and write
|
||
|
26E7ED60000
|
trusted library allocation
|
page read and write
|
||
|
790000
|
heap
|
page readonly
|
||
|
14932429000
|
heap
|
page read and write
|
||
|
1CCF8502000
|
heap
|
page read and write
|
||
|
243CC440000
|
heap
|
page read and write
|
||
|
1D2B8D18000
|
heap
|
page read and write
|
||
|
14932380000
|
trusted library allocation
|
page read and write
|
||
|
26E7EDF0000
|
remote allocation
|
page read and write
|
||
|
19003DDC000
|
heap
|
page read and write
|
||
|
233953D5000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
A5D36FF000
|
stack
|
page read and write
|
||
|
2077EE75000
|
heap
|
page read and write
|
||
|
6AB207E000
|
stack
|
page read and write
|
||
|
21C33702000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
66D000
|
heap
|
page read and write
|
||
|
25773486000
|
heap
|
page read and write
|
||
|
20701440000
|
heap
|
page readonly
|
||
|
1D2BDA60000
|
trusted library allocation
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
21C33520000
|
heap
|
page read and write
|
||
|
23395330000
|
heap
|
page read and write
|
||
|
2C4D9958000
|
heap
|
page read and write
|
||
|
A5D2FCE000
|
stack
|
page read and write
|
||
|
26E7EE13000
|
heap
|
page read and write
|
||
|
1D2BD9B1000
|
trusted library allocation
|
page read and write
|
||
|
1D2B829B000
|
heap
|
page read and write
|
||
|
243CC461000
|
heap
|
page read and write
|
||
|
1E1EAC02000
|
heap
|
page read and write
|
||
|
14932513000
|
heap
|
page read and write
|
||
|
1D2B82A4000
|
heap
|
page read and write
|
||
|
1D2BDBF0000
|
trusted library allocation
|
page read and write
|
||
|
2563243C000
|
heap
|
page read and write
|
||
|
1F50974A000
|
heap
|
page read and write
|
||
|
1D2B8D02000
|
heap
|
page read and write
|
||
|
BBA12FF000
|
stack
|
page read and write
|
||
|
A6F308B000
|
stack
|
page read and write
|
||
|
2C4D997C000
|
heap
|
page read and write
|
||
|
1F509799000
|
heap
|
page read and write
|
||
|
21C33600000
|
heap
|
page read and write
|
||
|
611000
|
heap
|
page read and write
|
||
|
19003DD5000
|
heap
|
page read and write
|
||
|
7FFFE2329000
|
unkown
|
page readonly
|
||
|
243CC47F000
|
heap
|
page read and write
|
||
|
25773502000
|
heap
|
page read and write
|
||
|
7D05EFB000
|
stack
|
page read and write
|
||
|
1CCF843C000
|
heap
|
page read and write
|
||
|
1CCF8500000
|
heap
|
page read and write
|
||
|
1F509775000
|
heap
|
page read and write
|
||
|
AD608FF000
|
stack
|
page read and write
|
||
|
25773BB0000
|
trusted library allocation
|
page read and write
|
||
|
1F509790000
|
heap
|
page read and write
|
||
|
1E1EAA20000
|
heap
|
page read and write
|
||
|
A6F3B7F000
|
stack
|
page read and write
|
||
|
2F461A20000
|
heap
|
page read and write
|
||
|
22D0000
|
direct allocation
|
page execute and read and write
|
||
|
21C335C0000
|
trusted library allocation
|
page read and write
|
||
|
22A4000
|
heap
|
page read and write
|
||
|
26E7F460000
|
trusted library allocation
|
page read and write
|
||
|
1F509775000
|
heap
|
page read and write
|
||
|
26E7ECC0000
|
heap
|
page read and write
|
||
|
1E1EAC00000
|
heap
|
page read and write
|
||
|
2070000
|
trusted library allocation
|
page read and write
|
||
|
1E1EAD02000
|
heap
|
page read and write
|
||
|
7FFFE22D1000
|
unkown
|
page execute read
|
||
|
257734E5000
|
heap
|
page read and write
|
||
|
23682E3F000
|
heap
|
page read and write
|
||
|
611000
|
heap
|
page read and write
|
||
|
1D2B8275000
|
heap
|
page read and write
|
||
|
1D695710000
|
heap
|
page read and write
|
||
|
26E7ED30000
|
heap
|
page read and write
|
||
|
207015C0000
|
heap
|
page read and write
|
||
|
2C4DD3B0000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
19004B10000
|
trusted library allocation
|
page read and write
|
||
|
1D2BD870000
|
trusted library allocation
|
page read and write
|
||
|
1F509C03000
|
heap
|
page read and write
|
||
|
7FFFE2322000
|
unkown
|
page readonly
|
||
|
1D2BD9B4000
|
trusted library allocation
|
page read and write
|
||
|
2077ECF0000
|
heap
|
page read and write
|
||
|
1F50978C000
|
heap
|
page read and write
|
||
|
69BE4DC000
|
stack
|
page read and write
|
||
|
1E1EAC4F000
|
heap
|
page read and write
|
||
|
2C4D9AC0000
|
heap
|
page read and write
|
||
|
1CCF8428000
|
heap
|
page read and write
|
||
|
243CC43B000
|
heap
|
page read and write
|
||
|
14932466000
|
heap
|
page read and write
|
||
|
256321E0000
|
heap
|
page read and write
|
||
|
26E7EE02000
|
heap
|
page read and write
|
||
|
25632500000
|
heap
|
page read and write
|
||
|
6AB139C000
|
stack
|
page read and write
|
||
|
400000
|
heap
|
page read and write
|
||
|
88DA377000
|
stack
|
page read and write
|
||
|
19003DFB000
|
heap
|
page read and write
|
||
|
1F509792000
|
heap
|
page read and write
|
||
|
233953E0000
|
heap
|
page read and write
|
||
|
1D2B8289000
|
heap
|
page read and write
|
||
|
A4AE7B000
|
stack
|
page read and write
|
||
|
B0FBC7B000
|
stack
|
page read and write
|
||
|
644000
|
heap
|
page read and write
|
||
|
2310000
|
heap
|
page readonly
|
||
|
1D2BDAE0000
|
trusted library allocation
|
page read and write
|
||
|
26E7EF13000
|
heap
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
25632340000
|
trusted library allocation
|
page read and write
|
||
|
1F508C5F000
|
heap
|
page read and write
|
||
|
289F000
|
stack
|
page read and write
|
||
|
B0FC2FC000
|
stack
|
page read and write
|
||
|
1537C7E000
|
stack
|
page read and write
|
||
|
2C4D9969000
|
heap
|
page read and write
|
||
|
21C33590000
|
heap
|
page read and write
|
||
|
1D2BDAB0000
|
trusted library allocation
|
page read and write
|
||
|
279F000
|
stack
|
page read and write
|
||
|
14932452000
|
heap
|
page read and write
|
||
|
1D2B82F9000
|
heap
|
page read and write
|
||
|
1D2BDCFC000
|
heap
|
page read and write
|
||
|
69BE9FE000
|
stack
|
page read and write
|
||
|
1F509799000
|
heap
|
page read and write
|
||
|
1F509760000
|
heap
|
page read and write
|
||
|
2C4D9972000
|
heap
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
25632C02000
|
trusted library allocation
|
page read and write
|
||
|
1F50977D000
|
heap
|
page read and write
|
||
|
1CCF8454000
|
heap
|
page read and write
|
||
|
668000
|
heap
|
page read and write
|
||
|
2077F370000
|
heap
|
page read and write
|
||
|
1F508CB3000
|
heap
|
page read and write
|
||
|
2F461A17000
|
heap
|
page read and write
|
||
|
1F508CE2000
|
heap
|
page read and write
|
||
|
19003DDC000
|
heap
|
page read and write
|
||
|
BBA0B2F000
|
stack
|
page read and write
|
||
|
2C4D9AC5000
|
heap
|
page read and write
|
||
|
7FFFE2329000
|
unkown
|
page readonly
|
||
|
23682E5B000
|
heap
|
page read and write
|
||
|
1F508CAF000
|
heap
|
page read and write
|
||
|
1D2B8290000
|
heap
|
page read and write
|
||
|
1D2B8256000
|
heap
|
page read and write
|
||
|
243CC460000
|
heap
|
page read and write
|
||
|
1E1EAC52000
|
heap
|
page read and write
|
||
|
1F508C00000
|
heap
|
page read and write
|
||
|
1E1EAC4A000
|
heap
|
page read and write
|
||
|
1F50978C000
|
heap
|
page read and write
|
||
|
1F50978C000
|
heap
|
page read and write
|
||
|
2F461A35000
|
heap
|
page read and write
|
||
|
243CC47B000
|
heap
|
page read and write
|
||
|
B0FC4FE000
|
stack
|
page read and write
|
||
|
1E1EAC29000
|
heap
|
page read and write
|
||
|
1D2BDCB3000
|
heap
|
page read and write
|
||
|
19003F40000
|
trusted library allocation
|
page read and write
|
||
|
2077EEC4000
|
heap
|
page read and write
|
||
|
1F509C02000
|
heap
|
page read and write
|
||
|
2077EEE0000
|
heap
|
page read and write
|
||
|
21C335F0000
|
remote allocation
|
page read and write
|
||
|
4E0000
|
remote allocation
|
page read and write
|
||
|
7FFFE22D0000
|
unkown
|
page readonly
|
||
|
7A4000
|
heap
|
page read and write
|
||
|
2577343D000
|
heap
|
page read and write
|
||
|
1F509793000
|
heap
|
page read and write
|
||
|
34466FB000
|
stack
|
page read and write
|
||
|
7D05C7F000
|
stack
|
page read and write
|
||
|
26E7EE4A000
|
heap
|
page read and write
|
||
|
1D2BDAD0000
|
trusted library allocation
|
page read and write
|
||
|
1537DFF000
|
unkown
|
page read and write
|
||
|
25773D00000
|
heap
|
page read and write
|
||
|
B0FC0FE000
|
stack
|
page read and write
|
||
|
FC1E67F000
|
stack
|
page read and write
|
||
|
1D2B8200000
|
heap
|
page read and write
|
||
|
2F461940000
|
heap
|
page read and write
|
||
|
1537D7C000
|
stack
|
page read and write
|
||
|
2F461A06000
|
heap
|
page read and write
|
||
|
1F5097B0000
|
heap
|
page read and write
|
||
|
57D817D000
|
stack
|
page read and write
|
||
|
243CC43D000
|
heap
|
page read and write
|
||
|
1D2B828B000
|
heap
|
page read and write
|
||
|
1D2B8316000
|
heap
|
page read and write
|
||
|
1D2BDC42000
|
heap
|
page read and write
|
||
|
21C34002000
|
trusted library allocation
|
page read and write
|
||
|
1F5097DA000
|
heap
|
page read and write
|
||
|
1D2B8D00000
|
heap
|
page read and write
|
||
|
1E1EAB90000
|
trusted library allocation
|
page read and write
|
||
|
1F509602000
|
heap
|
page read and write
|
||
|
1493243C000
|
heap
|
page read and write
|
||
|
1D2BDCA5000
|
heap
|
page read and write
|
||
|
1D2B8D59000
|
heap
|
page read and write
|
||
|
29DB000
|
stack
|
page read and write
|
||
|
19003F50000
|
trusted library allocation
|
page read and write
|
||
|
1F50978C000
|
heap
|
page read and write
|
||
|
967000
|
heap
|
page read and write
|
||
|
1F50979D000
|
heap
|
page read and write
|
||
|
1F5097A6000
|
heap
|
page read and write
|
||
|
1F509773000
|
heap
|
page read and write
|
||
|
1D2B97E0000
|
trusted library allocation
|
page read and write
|
||
|
23683602000
|
trusted library allocation
|
page read and write
|
||
|
26E7EE59000
|
heap
|
page read and write
|
||
|
B0FC3FC000
|
stack
|
page read and write
|
||
|
1F5097D1000
|
heap
|
page read and write
|
||
|
1F508CE8000
|
heap
|
page read and write
|
||
|
243CC413000
|
heap
|
page read and write
|
||
|
2C4D9950000
|
heap
|
page read and write
|
||
|
19004019000
|
heap
|
page read and write
|
||
|
942000
|
heap
|
page read and write
|
||
|
26E7EE5A000
|
heap
|
page read and write
|
||
|
905000
|
heap
|
page read and write
|
||
|
BBA10F7000
|
stack
|
page read and write
|
||
|
243CC459000
|
heap
|
page read and write
|
||
|
CDD4AFB000
|
stack
|
page read and write
|
||
|
FC1E33E000
|
stack
|
page read and write
|
||
|
A6F397B000
|
stack
|
page read and write
|
||
|
BBA0AAB000
|
stack
|
page read and write
|
||
|
1D2BDCFE000
|
heap
|
page read and write
|
||
|
7FFFE22D0000
|
unkown
|
page readonly
|
||
|
149322E0000
|
heap
|
page read and write
|
||
|
243CC441000
|
heap
|
page read and write
|
||
|
1E1EAC2C000
|
heap
|
page read and write
|
||
|
1E1EAC49000
|
heap
|
page read and write
|
||
|
1F50978C000
|
heap
|
page read and write
|
||
|
A5D33FE000
|
stack
|
page read and write
|
||
|
1F50977B000
|
heap
|
page read and write
|
||
|
257734C7000
|
heap
|
page read and write
|
||
|
2720000
|
remote allocation
|
page read and write
|
||
|
1D2BDD05000
|
heap
|
page read and write
|
||
|
1F5094D0000
|
remote allocation
|
page read and write
|
||
|
1CCF8468000
|
heap
|
page read and write
|
||
|
19003D00000
|
heap
|
page read and write
|
||
|
25632429000
|
heap
|
page read and write
|
||
|
1F508B70000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
1D6957A0000
|
heap
|
page read and write
|
||
|
4E0000
|
remote allocation
|
page read and write
|
||
|
2F4619F0000
|
heap
|
page read and write
|
||
|
26E7EE5F000
|
heap
|
page read and write
|
||
|
1F509C21000
|
heap
|
page read and write
|
||
|
1D2BDBD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFFE22D1000
|
unkown
|
page execute read
|
||
|
1F509796000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
6AB217F000
|
stack
|
page read and write
|
||
|
1D2B8302000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
69E000
|
heap
|
page read and write
|
||
|
23682C60000
|
heap
|
page read and write
|
||
|
4B5000
|
stack
|
page read and write
|
||
|
1D2B82A9000
|
heap
|
page read and write
|
||
|
7FFFE22D0000
|
unkown
|
page readonly
|
||
|
1D2BDC65000
|
heap
|
page read and write
|
||
|
1F508CD5000
|
heap
|
page read and write
|
||
|
1F509799000
|
heap
|
page read and write
|
||
|
23396ED0000
|
heap
|
page read and write
|
||
|
1D2BDD08000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1F5097BE000
|
heap
|
page read and write
|
||
|
AD60AFB000
|
stack
|
page read and write
|
||
|
1F509775000
|
heap
|
page read and write
|
||
|
1F50977B000
|
heap
|
page read and write
|
||
|
243CC45D000
|
heap
|
page read and write
|
||
|
1E1EAD00000
|
heap
|
page read and write
|
||
|
1CCF8479000
|
heap
|
page read and write
|
||
|
57D7C7E000
|
stack
|
page read and write
|
||
|
25773D39000
|
heap
|
page read and write
|
||
|
14932502000
|
heap
|
page read and write
|
||
|
243CC432000
|
heap
|
page read and write
|
||
|
19003D90000
|
heap
|
page read and write
|
||
|
2F461C90000
|
heap
|
page read and write
|
||
|
1CCF8513000
|
heap
|
page read and write
|
||
|
14932413000
|
heap
|
page read and write
|
||
|
21C335F0000
|
remote allocation
|
page read and write
|
||
|
2563247B000
|
heap
|
page read and write
|
||
|
19003BA0000
|
heap
|
page read and write
|
||
|
7D05CFF000
|
stack
|
page read and write
|
||
|
A6F377E000
|
stack
|
page read and write
|
||
|
257734E1000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
25773D12000
|
heap
|
page read and write
|
||
|
1E1EAD08000
|
heap
|
page read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
257734B9000
|
heap
|
page read and write
|
||
|
8EB000
|
heap
|
page read and write
|
||
|
14932500000
|
heap
|
page read and write
|
||
|
34467FB000
|
stack
|
page read and write
|
||
|
22B0000
|
heap
|
page read and write
|
||
|
153777F000
|
stack
|
page read and write
|
||
|
233953E8000
|
heap
|
page read and write
|
||
|
69BE8FF000
|
stack
|
page read and write
|
||
|
1D6956A0000
|
heap
|
page read and write
|
||
|
1E1EAC4C000
|
heap
|
page read and write
|
||
|
15376FF000
|
stack
|
page read and write
|
||
|
57D7EFE000
|
stack
|
page read and write
|
||
|
19003F30000
|
heap
|
page readonly
|
||
|
25773468000
|
heap
|
page read and write
|
||
|
7FFFE2322000
|
unkown
|
page readonly
|
||
|
A4B277000
|
stack
|
page read and write
|
||
|
1F5097B0000
|
heap
|
page read and write
|
||
|
21C33530000
|
heap
|
page read and write
|
||
|
1F509752000
|
heap
|
page read and write
|
||
|
243CC400000
|
heap
|
page read and write
|
||
|
25632454000
|
heap
|
page read and write
|
||
|
1D2B97E3000
|
trusted library allocation
|
page read and write
|
||
|
26E7EDB0000
|
trusted library allocation
|
page read and write
|
||
|
23682E63000
|
heap
|
page read and write
|
||
|
1F509750000
|
heap
|
page read and write
|
||
|
1F508C5C000
|
heap
|
page read and write
|
||
|
2F461960000
|
heap
|
page read and write
|
||
|
26E7EDF0000
|
remote allocation
|
page read and write
|
||
|
1D2BDB20000
|
remote allocation
|
page read and write
|
||
|
A5D35FF000
|
stack
|
page read and write
|
||
|
2C4D996D000
|
heap
|
page read and write
|
||
|
7D05E7E000
|
stack
|
page read and write
|
||
|
2F461A36000
|
heap
|
page read and write
|
||
|
1F50978F000
|
heap
|
page read and write
|
||
|
B0FC5FC000
|
stack
|
page read and write
|
||
|
1D2B97F0000
|
trusted library allocation
|
page read and write
|
||
|
1D2B81F0000
|
heap
|
page read and write
|
||
|
1537A79000
|
stack
|
page read and write
|
||
|
2077EF3E000
|
heap
|
page read and write
|
||
|
1F50977D000
|
heap
|
page read and write
|
||
|
2563248A000
|
heap
|
page read and write
|
||
|
344697F000
|
stack
|
page read and write
|
||
|
88D9F2B000
|
stack
|
page read and write
|
||
|
1D2BD9D0000
|
trusted library allocation
|
page read and write
|
||
|
239F000
|
stack
|
page read and write
|
||
|
2563244E000
|
heap
|
page read and write
|
||
|
1D2BDCF6000
|
heap
|
page read and write
|
||
|
1D2B8272000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
2077EEC0000
|
heap
|
page read and write
|
||
|
1F508CA9000
|
heap
|
page read and write
|
||
|
1E1EAC4D000
|
heap
|
page read and write
|
||
|
1F509760000
|
heap
|
page read and write
|
||
|
21C33613000
|
heap
|
page read and write
|
||
|
1F508C60000
|
heap
|
page read and write
|
||
|
1F50978C000
|
heap
|
page read and write
|
||
|
1D2B8A90000
|
trusted library allocation
|
page read and write
|
||
|
1E1EAC7E000
|
heap
|
page read and write
|
||
|
1F508C67000
|
heap
|
page read and write
|
||
|
1D2BD9D4000
|
trusted library allocation
|
page read and write
|
||
|
2F461A06000
|
heap
|
page read and write
|
||
|
1F509777000
|
heap
|
page read and write
|
||
|
1F508C3C000
|
heap
|
page read and write
|
||
|
19003BB0000
|
trusted library allocation
|
page read and write
|
||
|
1D2BDD06000
|
heap
|
page read and write
|
||
|
B0FC1FE000
|
stack
|
page read and write
|
||
|
1F50978C000
|
heap
|
page read and write
|
||
|
1D2B826D000
|
heap
|
page read and write
|
||
|
1537B77000
|
stack
|
page read and write
|
||
|
21C33624000
|
heap
|
page read and write
|
||
|
2F461A16000
|
heap
|
page read and write
|
||
|
233953A0000
|
heap
|
page read and write
|
||
|
1E1EAC13000
|
heap
|
page read and write
|
||
|
1F509719000
|
heap
|
page read and write
|
||
|
1F508CFB000
|
heap
|
page read and write
|
||
|
1F508C5B000
|
heap
|
page read and write
|
||
|
2F461A30000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
14932E02000
|
trusted library allocation
|
page read and write
|
||
|
BBA0FFB000
|
stack
|
page read and write
|
||
|
1D2BDC15000
|
heap
|
page read and write
|
||
|
1F509C00000
|
heap
|
page read and write
|
||
|
256321D0000
|
heap
|
page read and write
|
||
|
1D2BDD02000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
1D6957B3000
|
heap
|
page read and write
|
||
|
1CCF8473000
|
heap
|
page read and write
|
||
|
19003F20000
|
trusted library allocation
|
page read and write
|
||
|
1D2BDC2E000
|
heap
|
page read and write
|
||
|
1CCF8C02000
|
trusted library allocation
|
page read and write
|
||
|
63F000
|
heap
|
page read and write
|
||
|
1E1EAC50000
|
heap
|
page read and write
|
||
|
FC1E2BB000
|
stack
|
page read and write
|
||
|
2C4D9ACB000
|
heap
|
page read and write
|
||
|
1F50978E000
|
heap
|
page read and write
|
||
|
1F50976F000
|
heap
|
page read and write
|
||
|
AD60585000
|
stack
|
page read and write
|
||
|
243CC46A000
|
heap
|
page read and write
|
||
|
23682F13000
|
heap
|
page read and write
|
||
|
CDD487E000
|
stack
|
page read and write
|
||
|
19003EE0000
|
trusted library allocation
|
page read and write
|
||
|
26E7EE00000
|
heap
|
page read and write
|
||
|
CDD4E7F000
|
stack
|
page read and write
|
||
|
19003D98000
|
heap
|
page read and write
|
||
|
935000
|
heap
|
page read and write
|
||
|
CDD49FB000
|
stack
|
page read and write
|
||
|
1D2B8229000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
26E7ECD0000
|
heap
|
page read and write
|
||
|
F78F5EA000
|
stack
|
page read and write
|
||
|
1F509775000
|
heap
|
page read and write
|
||
|
B0FBFFE000
|
stack
|
page read and write
|
||
|
1E1EAA90000
|
heap
|
page read and write
|
||
|
1D2B8D13000
|
heap
|
page read and write
|
||
|
BBA11FF000
|
stack
|
page read and write
|
||
|
2C4D9972000
|
heap
|
page read and write
|
||
|
62F000
|
heap
|
page read and write
|
||
|
26E7EE49000
|
heap
|
page read and write
|
||
|
23682E78000
|
heap
|
page read and write
|
||
|
243CC467000
|
heap
|
page read and write
|
||
|
CDD48FE000
|
stack
|
page read and write
|
||
|
B0FBE7D000
|
stack
|
page read and write
|
||
|
2C4D996E000
|
heap
|
page read and write
|
||
|
1D2B8213000
|
heap
|
page read and write
|
||
|
23396ED4000
|
heap
|
page read and write
|
||
|
1F508C8C000
|
heap
|
page read and write
|
||
|
7FFFE2326000
|
unkown
|
page read and write
|
||
|
1D2BD880000
|
trusted library allocation
|
page read and write
|
||
|
243CC240000
|
heap
|
page read and write
|
||
|
57D807F000
|
stack
|
page read and write
|
||
|
69BE55F000
|
stack
|
page read and write
|
||
|
26E7EE67000
|
heap
|
page read and write
|
||
|
A5D34FE000
|
stack
|
page read and write
|
||
|
A5D327E000
|
stack
|
page read and write
|
||
|
19004015000
|
heap
|
page read and write
|
||
|
1D2BDA60000
|
trusted library allocation
|
page read and write
|
||
|
19003FA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFFE22D0000
|
unkown
|
page readonly
|
||
|
14932402000
|
heap
|
page read and write
|
||
|
2F461A14000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
1F5097A3000
|
heap
|
page read and write
|
||
|
25632508000
|
heap
|
page read and write
|
||
|
2F461A12000
|
heap
|
page read and write
|
||
|
23396DF0000
|
heap
|
page readonly
|
||
|
27B0000
|
heap
|
page read and write
|
||
|
6AB1C7D000
|
stack
|
page read and write
|
||
|
1D2B8D04000
|
heap
|
page read and write
|
||
|
1D2BDC1C000
|
heap
|
page read and write
|
||
|
1F5097CD000
|
heap
|
page read and write
|
||
|
23682DC0000
|
trusted library allocation
|
page read and write
|
||
|
1F509776000
|
heap
|
page read and write
|
||
|
923000
|
heap
|
page read and write
|
||
|
1F509C02000
|
heap
|
page read and write
|
||
|
23682E29000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
F78F8FF000
|
stack
|
page read and write
|
||
|
1F508B00000
|
heap
|
page read and write
|
||
|
2C4DCBA0000
|
heap
|
page read and write
|
||
|
2F461A31000
|
heap
|
page read and write
|
||
|
AD6087F000
|
stack
|
page read and write
|
||
|
1D2BDD02000
|
heap
|
page read and write
|
||
|
153787B000
|
stack
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1CCF82A0000
|
heap
|
page read and write
|
||
|
243CC47C000
|
heap
|
page read and write
|
||
|
69BE979000
|
stack
|
page read and write
|
||
|
69BEA79000
|
stack
|
page read and write
|
||
|
2720000
|
remote allocation
|
page read and write
|
||
|
1F5097A6000
|
heap
|
page read and write
|
||
|
7D05DFE000
|
stack
|
page read and write
|
||
|
233955B0000
|
heap
|
page read and write
|
||
|
2C4D9966000
|
heap
|
page read and write
|
||
|
243CCC02000
|
trusted library allocation
|
page read and write
|
||
|
1D2BD998000
|
trusted library allocation
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
69E000
|
heap
|
page read and write
|
||
|
25773429000
|
heap
|
page read and write
|
||
|
243CC442000
|
heap
|
page read and write
|
||
|
874000
|
stack
|
page read and write
|
||
|
257732B0000
|
heap
|
page read and write
|
||
|
835000
|
heap
|
page read and write
|
||
|
1F50979A000
|
heap
|
page read and write
|
||
|
14932350000
|
heap
|
page read and write
|
||
|
19004010000
|
heap
|
page read and write
|
||
|
243CC1E0000
|
heap
|
page read and write
|
||
|
1F508D02000
|
heap
|
page read and write
|
||
|
1D2B8328000
|
heap
|
page read and write
|
||
|
14932400000
|
heap
|
page read and write
|
||
|
1CCF8400000
|
heap
|
page read and write
|
||
|
1F50976A000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
1D2B8180000
|
heap
|
page read and write
|
||
|
1D2B9340000
|
trusted library allocation
|
page read and write
|
||
|
7FFFE2329000
|
unkown
|
page readonly
|
||
|
1D2BD9B0000
|
trusted library allocation
|
page read and write
|
||
|
1F50978C000
|
heap
|
page read and write
|
||
|
6AB1A7D000
|
stack
|
page read and write
|
||
|
243CC1D0000
|
heap
|
page read and write
|
||
|
1F508D08000
|
heap
|
page read and write
|
||
|
1D2BDAF0000
|
trusted library allocation
|
page read and write
|
||
|
1F508C5A000
|
heap
|
page read and write
|
||
|
1F509C02000
|
heap
|
page read and write
|
||
|
243CC485000
|
heap
|
page read and write
|
||
|
A6F34FB000
|
stack
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
CDD4C77000
|
stack
|
page read and write
|
||
|
2577346A000
|
heap
|
page read and write
|
||
|
1D2BDB20000
|
remote allocation
|
page read and write
|
||
|
1D2BDC58000
|
heap
|
page read and write
|
||
|
1E1EAC6F000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
2450000
|
heap
|
page read and write
|
||
|
1D2BD9C0000
|
trusted library allocation
|
page read and write
|
||
|
644000
|
heap
|
page read and write
|
||
|
34461DC000
|
stack
|
page read and write
|
||
|
A6F3A7D000
|
stack
|
page read and write
|
||
|
19003DDC000
|
heap
|
page read and write
|
||
|
1D2BDAC0000
|
trusted library allocation
|
page read and write
|
||
|
CDD4D7F000
|
stack
|
page read and write
|
||
|
7FFFE2326000
|
unkown
|
page read and write
|
||
|
19003D80000
|
trusted library allocation
|
page read and write
|
||
|
23396DB0000
|
direct allocation
|
page execute and read and write
|
||
|
BBA0BAE000
|
stack
|
page read and write
|
||
|
2C4D98D0000
|
heap
|
page read and write
|
||
|
25773400000
|
heap
|
page read and write
|
||
|
26E7EF18000
|
heap
|
page read and write
|
||
|
3446A7B000
|
stack
|
page read and write
|
||
|
1D2BD99E000
|
trusted library allocation
|
page read and write
|
||
|
23682E54000
|
heap
|
page read and write
|
||
|
1F508B10000
|
heap
|
page read and write
|
||
|
1D2BDCFA000
|
heap
|
page read and write
|
||
|
243CC462000
|
heap
|
page read and write
|
||
|
1E1EB402000
|
trusted library allocation
|
page read and write
|
||
|
1F509C02000
|
heap
|
page read and write
|
||
|
25773C02000
|
heap
|
page read and write
|
||
|
2563247F000
|
heap
|
page read and write
|
||
|
233953D0000
|
heap
|
page read and write
|
||
|
153767B000
|
stack
|
page read and write
|
||
|
243CC46E000
|
heap
|
page read and write
|
There are 756 hidden memdumps, click here to show them.