Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
auExrOTnvB.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
MPEG-4 LOAS
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x1b5904bc, page size 16384, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
|
Little-endian UTF-16 Unicode text, with CRLF, CR line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\auExrOTnvB.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\auExrOTnvB.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\auExrOTnvB.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\auExrOTnvB.dll,DllUnregisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\ScjWhFiaOACVkfkp\NbnBEvmCoIR.dll"
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k NetworkService -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\system32\svchost.exe -k wusvcs -p -s WaaSMedicSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\PlUoNfxsJl\nlEiWRnuQfGg.dll"
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\auExrOTnvB.dll"
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\auExrOTnvB.dll",#1
|
||
|
C:\Windows\System32\SgrmBroker.exe
|
C:\Windows\system32\SgrmBroker.exe
|
||
|
C:\Program Files\Windows Defender\MpCmdRun.exe
|
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 12 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://23.239.0.12/ges
|
unknown
|
|
|
|
https://23.239.0.12/.
|
unknown
|
|
|
|
https://23.239.0.12/
|
23.239.0.12
|
|
|
|
https://23.239.0.12/m
|
unknown
|
|
|
|
https://23.239.0.12/h
|
unknown
|
|
|
|
https://dev.ditu.live.com/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Driving
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
https://t0.tiles.ditu.live.com/tiles/gen
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Walking
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/logging.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?entry=
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Transit/Schedules/
|
unknown
|
||
|
https://www.hotspotshield.com/terms/
|
unknown
|
||
|
https://www.pango.co/privacy
|
unknown
|
||
|
https://www.tiktok.com/legal/report
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/mapcontrol/roadshield.ashx?bucket=
|
unknown
|
||
|
http://www.bingmapsportal.com
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
|
unknown
|
||
|
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Transit/Stops/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Transit/Stops/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gri?pv=1&r=
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
|
unknown
|
||
|
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
|
unknown
|
||
|
https://%s.xboxlive.com
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Locations
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/logging.ashx
|
unknown
|
||
|
https://support.hotspotshield.com/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://dynamic.t
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Transit
|
unknown
|
||
|
https://disneyplus.com/legal.
|
unknown
|
||
|
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://activity.windows.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Locations
|
unknown
|
||
|
http://help.disneyplus.com.
|
unknown
|
||
|
https://%s.dnet.xboxlive.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
|
unknown
|
There are 46 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
23.239.0.12
|
unknown
|
United States
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Usage
|
MonthID
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\WaaS\WaaSMedic\TaskStore
|
Schedule Scan
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\WaaS\WaaSMedic\State
|
BlockUntilTimeStatus
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\WaaS\WaaSMedic\Configuration
|
refreshAfter
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
26ED90D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
2ACE68D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
21F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
D00000
|
direct allocation
|
page execute and read and write
|
|
|
|
1D4C2302000
|
heap
|
page read and write
|
||
|
2740D21A000
|
heap
|
page read and write
|
||
|
1D672590000
|
remote allocation
|
page read and write
|
||
|
70D38FE000
|
stack
|
page read and write
|
||
|
1DC60C43000
|
heap
|
page read and write
|
||
|
1AB33D34000
|
heap
|
page read and write
|
||
|
373E07A000
|
stack
|
page read and write
|
||
|
1D672500000
|
trusted library allocation
|
page read and write
|
||
|
1D67263E000
|
heap
|
page read and write
|
||
|
2740CDAE000
|
heap
|
page read and write
|
||
|
213B5265000
|
heap
|
page read and write
|
||
|
1F108660000
|
trusted library allocation
|
page read and write
|
||
|
373E1FE000
|
stack
|
page read and write
|
||
|
1D672520000
|
trusted library allocation
|
page read and write
|
||
|
21B11600000
|
heap
|
page read and write
|
||
|
883000
|
heap
|
page read and write
|
||
|
60F407B000
|
stack
|
page read and write
|
||
|
1AB33D2E000
|
heap
|
page read and write
|
||
|
2740CD00000
|
heap
|
page read and write
|
||
|
C7739FF000
|
stack
|
page read and write
|
||
|
70D36FB000
|
stack
|
page read and write
|
||
|
1D66CEBB000
|
heap
|
page read and write
|
||
|
20EEBFB0000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
1CF54700000
|
heap
|
page read and write
|
||
|
1F107F00000
|
heap
|
page read and write
|
||
|
26D259E0000
|
trusted library allocation
|
page read and write
|
||
|
20EEBEB6000
|
heap
|
page read and write
|
||
|
1D66CE29000
|
heap
|
page read and write
|
||
|
B3B000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
1D672310000
|
trusted library allocation
|
page read and write
|
||
|
2740D202000
|
heap
|
page read and write
|
||
|
2740CDA9000
|
heap
|
page read and write
|
||
|
26D25A71000
|
heap
|
page read and write
|
||
|
AC5AAFD000
|
stack
|
page read and write
|
||
|
70D39FC000
|
stack
|
page read and write
|
||
|
1B21AC5C000
|
heap
|
page read and write
|
||
|
7BFB8FB000
|
stack
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
2740CD9A000
|
heap
|
page read and write
|
||
|
1B21AA90000
|
heap
|
page read and write
|
||
|
2740D203000
|
heap
|
page read and write
|
||
|
1DC5FC2E000
|
heap
|
page read and write
|
||
|
2A5F000
|
stack
|
page read and write
|
||
|
A74000
|
stack
|
page read and write
|
||
|
1CF5463C000
|
heap
|
page read and write
|
||
|
1D2A877000
|
stack
|
page read and write
|
||
|
1AB33CF0000
|
heap
|
page read and write
|
||
|
811A53E000
|
stack
|
page read and write
|
||
|
7FFC67212000
|
unkown
|
page readonly
|
||
|
1B21AD02000
|
heap
|
page read and write
|
||
|
2740CD8C000
|
heap
|
page read and write
|
||
|
811AAFF000
|
stack
|
page read and write
|
||
|
2740CD60000
|
heap
|
page read and write
|
||
|
1F108029000
|
heap
|
page read and write
|
||
|
2740C400000
|
heap
|
page read and write
|
||
|
2740CD7E000
|
heap
|
page read and write
|
||
|
1CF54C02000
|
trusted library allocation
|
page read and write
|
||
|
7FFC67219000
|
unkown
|
page readonly
|
||
|
2ACE699C000
|
heap
|
page read and write
|
||
|
1D672590000
|
remote allocation
|
page read and write
|
||
|
2740CD1D000
|
heap
|
page read and write
|
||
|
1D2AA7D000
|
stack
|
page read and write
|
||
|
2740CDCF000
|
heap
|
page read and write
|
||
|
2740C44E000
|
heap
|
page read and write
|
||
|
1DC5FC95000
|
heap
|
page read and write
|
||
|
93BA47C000
|
stack
|
page read and write
|
||
|
213B5A02000
|
trusted library allocation
|
page read and write
|
||
|
1DC5FCCB000
|
heap
|
page read and write
|
||
|
1F108802000
|
trusted library allocation
|
page read and write
|
||
|
26ED8FD0000
|
heap
|
page read and write
|
||
|
9C26A77000
|
stack
|
page read and write
|
||
|
B10000
|
heap
|
page readonly
|
||
|
2ACE6910000
|
heap
|
page readonly
|
||
|
1D672438000
|
trusted library allocation
|
page read and write
|
||
|
9C268FB000
|
stack
|
page read and write
|
||
|
C77367B000
|
stack
|
page read and write
|
||
|
1F656CB0000
|
heap
|
page read and write
|
||
|
7FFC671C1000
|
unkown
|
page execute read
|
||
|
1DC60C00000
|
heap
|
page read and write
|
||
|
7BFC17C000
|
stack
|
page read and write
|
||
|
1DC60C1D000
|
heap
|
page read and write
|
||
|
2700000
|
heap
|
page read and write
|
||
|
1C94ABA0000
|
heap
|
page read and write
|
||
|
883000
|
heap
|
page read and write
|
||
|
1C94A980000
|
trusted library allocation
|
page read and write
|
||
|
1D672890000
|
trusted library allocation
|
page read and write
|
||
|
2ACE000
|
stack
|
page read and write
|
||
|
811A87E000
|
stack
|
page read and write
|
||
|
C773AFF000
|
stack
|
page read and write
|
||
|
2240000
|
trusted library allocation
|
page read and write
|
||
|
1F656D1D000
|
heap
|
page read and write
|
||
|
1D6726F0000
|
heap
|
page read and write
|
||
|
1D8AA6DF000
|
heap
|
page read and write
|
||
|
1CF5464C000
|
heap
|
page read and write
|
||
|
26D25A4F000
|
heap
|
page read and write
|
||
|
2740CAD0000
|
remote allocation
|
page read and write
|
||
|
2BCB000
|
stack
|
page read and write
|
||
|
26ED8F80000
|
heap
|
page read and write
|
||
|
1D66CE13000
|
heap
|
page read and write
|
||
|
1C82CF13000
|
heap
|
page read and write
|
||
|
1AB33D37000
|
heap
|
page read and write
|
||
|
1CF54390000
|
heap
|
page read and write
|
||
|
20EEC7E1000
|
heap
|
page read and write
|
||
|
2740C413000
|
heap
|
page read and write
|
||
|
CFAECFC000
|
stack
|
page read and write
|
||
|
1D4C2A02000
|
trusted library allocation
|
page read and write
|
||
|
1D66CF02000
|
heap
|
page read and write
|
||
|
21B1166A000
|
heap
|
page read and write
|
||
|
7FFC67216000
|
unkown
|
page read and write
|
||
|
2740CD7D000
|
heap
|
page read and write
|
||
|
1CF54650000
|
heap
|
page read and write
|
||
|
20EEBE11000
|
heap
|
page read and write
|
||
|
811A4BA000
|
stack
|
page read and write
|
||
|
9C26C7E000
|
stack
|
page read and write
|
||
|
26ED901D000
|
heap
|
page read and write
|
||
|
26D25A54000
|
heap
|
page read and write
|
||
|
26D25880000
|
heap
|
page read and write
|
||
|
1DC60C02000
|
heap
|
page read and write
|
||
|
1D66CF16000
|
heap
|
page read and write
|
||
|
1AB33D40000
|
heap
|
page read and write
|
||
|
20EEBEB6000
|
heap
|
page read and write
|
||
|
26D25A4B000
|
heap
|
page read and write
|
||
|
20EEC470000
|
remote allocation
|
page read and write
|
||
|
53B317F000
|
stack
|
page read and write
|
||
|
2740CD9F000
|
heap
|
page read and write
|
||
|
1DC60280000
|
trusted library allocation
|
page read and write
|
||
|
1D672570000
|
trusted library allocation
|
page read and write
|
||
|
213B5213000
|
heap
|
page read and write
|
||
|
20EEBDD0000
|
heap
|
page read and write
|
||
|
7FFC671C1000
|
unkown
|
page execute read
|
||
|
20EEBEBF000
|
heap
|
page read and write
|
||
|
1D8AA6E3000
|
heap
|
page read and write
|
||
|
2ACE6830000
|
heap
|
page read and write
|
||
|
4F1092C000
|
stack
|
page read and write
|
||
|
2740D200000
|
heap
|
page read and write
|
||
|
1DC5FC37000
|
heap
|
page read and write
|
||
|
9C267FB000
|
stack
|
page read and write
|
||
|
20EEBE35000
|
heap
|
page read and write
|
||
|
CFAEB7E000
|
stack
|
page read and write
|
||
|
1DC5FD95000
|
heap
|
page read and write
|
||
|
1AB33C60000
|
heap
|
page read and write
|
||
|
D0EF67E000
|
stack
|
page read and write
|
||
|
1D4C222A000
|
heap
|
page read and write
|
||
|
1D8AA6C9000
|
heap
|
page read and write
|
||
|
1D66DDE0000
|
trusted library allocation
|
page read and write
|
||
|
26ED9005000
|
heap
|
page read and write
|
||
|
1D4C2271000
|
heap
|
page read and write
|
||
|
28FD5540000
|
heap
|
page read and write
|
||
|
1DC60500000
|
heap
|
page read and write
|
||
|
811A8FB000
|
stack
|
page read and write
|
||
|
53B30F9000
|
stack
|
page read and write
|
||
|
1D66CE78000
|
heap
|
page read and write
|
||
|
1D66D759000
|
heap
|
page read and write
|
||
|
1AB37950000
|
heap
|
page read and write
|
||
|
26ED8DD0000
|
heap
|
page read and write
|
||
|
2740CD8E000
|
heap
|
page read and write
|
||
|
1D672550000
|
trusted library allocation
|
page read and write
|
||
|
2740CD8D000
|
heap
|
page read and write
|
||
|
2740CD77000
|
heap
|
page read and write
|
||
|
AC5A97E000
|
stack
|
page read and write
|
||
|
1F108059000
|
heap
|
page read and write
|
||
|
7FFC67212000
|
unkown
|
page readonly
|
||
|
1DC5FC62000
|
heap
|
page read and write
|
||
|
373E4FD000
|
stack
|
page read and write
|
||
|
1C94ABE9000
|
heap
|
page read and write
|
||
|
1D4C224F000
|
heap
|
page read and write
|
||
|
2740CDD3000
|
heap
|
page read and write
|
||
|
2740C454000
|
heap
|
page read and write
|
||
|
1DC60C54000
|
heap
|
page read and write
|
||
|
1D672474000
|
trusted library allocation
|
page read and write
|
||
|
2240000
|
trusted library allocation
|
page read and write
|
||
|
1C82CEE1000
|
heap
|
page read and write
|
||
|
1CF54713000
|
heap
|
page read and write
|
||
|
2740CDB1000
|
heap
|
page read and write
|
||
|
1D672590000
|
trusted library allocation
|
page read and write
|
||
|
26D25A66000
|
heap
|
page read and write
|
||
|
1D4C2313000
|
heap
|
page read and write
|
||
|
2740CD9B000
|
heap
|
page read and write
|
||
|
20EEBE66000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
20EEC470000
|
remote allocation
|
page read and write
|
||
|
2740CD84000
|
heap
|
page read and write
|
||
|
2740CD84000
|
heap
|
page read and write
|
||
|
25F3AFB000
|
stack
|
page read and write
|
||
|
1D6726FA000
|
heap
|
page read and write
|
||
|
7FFC671C0000
|
unkown
|
page readonly
|
||
|
26D26202000
|
trusted library allocation
|
page read and write
|
||
|
1D4C223C000
|
heap
|
page read and write
|
||
|
1D2A97F000
|
stack
|
page read and write
|
||
|
2740CD87000
|
heap
|
page read and write
|
||
|
53B307C000
|
stack
|
page read and write
|
||
|
E25000
|
heap
|
page read and write
|
||
|
9C2697E000
|
stack
|
page read and write
|
||
|
2740C4CA000
|
heap
|
page read and write
|
||
|
1B21AC59000
|
heap
|
page read and write
|
||
|
2740CD7D000
|
heap
|
page read and write
|
||
|
1D6726A2000
|
heap
|
page read and write
|
||
|
1D8AA6A6000
|
heap
|
page read and write
|
||
|
594000
|
stack
|
page read and write
|
||
|
2740D202000
|
heap
|
page read and write
|
||
|
2ACE83C4000
|
heap
|
page read and write
|
||
|
1D8AA6D6000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
2740CDA0000
|
heap
|
page read and write
|
||
|
1AB37150000
|
trusted library allocation
|
page read and write
|
||
|
1C94AE00000
|
heap
|
page read and write
|
||
|
1D4C225E000
|
heap
|
page read and write
|
||
|
60F427F000
|
stack
|
page read and write
|
||
|
1D66CEFD000
|
heap
|
page read and write
|
||
|
60D927B000
|
stack
|
page read and write
|
||
|
1B21AC3C000
|
heap
|
page read and write
|
||
|
213B5200000
|
heap
|
page read and write
|
||
|
921000
|
heap
|
page read and write
|
||
|
8D9000
|
heap
|
page read and write
|
||
|
1D6726F6000
|
heap
|
page read and write
|
||
|
1D4C2308000
|
heap
|
page read and write
|
||
|
21B11626000
|
heap
|
page read and write
|
||
|
1DC5FDE1000
|
heap
|
page read and write
|
||
|
1C94AB50000
|
trusted library allocation
|
page read and write
|
||
|
1DC5FC00000
|
heap
|
page read and write
|
||
|
26ED9200000
|
heap
|
page read and write
|
||
|
2740CDB0000
|
heap
|
page read and write
|
||
|
26ED901D000
|
heap
|
page read and write
|
||
|
8CB000
|
heap
|
page read and write
|
||
|
AC5ABF9000
|
stack
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
1DC5FDB8000
|
heap
|
page read and write
|
||
|
2740CAD0000
|
remote allocation
|
page read and write
|
||
|
213B5180000
|
heap
|
page read and write
|
||
|
1B21AC8A000
|
heap
|
page read and write
|
||
|
285C000
|
stack
|
page read and write
|
||
|
1D66CE8A000
|
heap
|
page read and write
|
||
|
1D672702000
|
heap
|
page read and write
|
||
|
22A4000
|
heap
|
page read and write
|
||
|
1F656C40000
|
heap
|
page read and write
|
||
|
1DC5FC98000
|
heap
|
page read and write
|
||
|
1D8AA490000
|
heap
|
page read and write
|
||
|
2740CD71000
|
heap
|
page read and write
|
||
|
2740CD60000
|
heap
|
page read and write
|
||
|
1D672430000
|
trusted library allocation
|
page read and write
|
||
|
1D672692000
|
heap
|
page read and write
|
||
|
1B21AC00000
|
heap
|
page read and write
|
||
|
1D8AA6C9000
|
heap
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
26D25A55000
|
heap
|
page read and write
|
||
|
1D66CF07000
|
heap
|
page read and write
|
||
|
70D31FD000
|
stack
|
page read and write
|
||
|
1DC5FC91000
|
heap
|
page read and write
|
||
|
26D25A4A000
|
heap
|
page read and write
|
||
|
1D4C2213000
|
heap
|
page read and write
|
||
|
7FFC671C1000
|
unkown
|
page execute read
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
1C82CDB0000
|
trusted library allocation
|
page read and write
|
||
|
1C94AB40000
|
trusted library allocation
|
page read and write
|
||
|
2740D202000
|
heap
|
page read and write
|
||
|
1D2A77B000
|
stack
|
page read and write
|
||
|
1DC5FB20000
|
heap
|
page read and write
|
||
|
1AB33D4E000
|
heap
|
page read and write
|
||
|
2740C429000
|
heap
|
page read and write
|
||
|
1C94AAD0000
|
heap
|
page read and write
|
||
|
26D25A7B000
|
heap
|
page read and write
|
||
|
7FFC671C0000
|
unkown
|
page readonly
|
||
|
1CF54677000
|
heap
|
page read and write
|
||
|
213B5224000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
93B9FEB000
|
stack
|
page read and write
|
||
|
C773B7C000
|
stack
|
page read and write
|
||
|
AC5A9FE000
|
stack
|
page read and write
|
||
|
CFAE796000
|
stack
|
page read and write
|
||
|
8B3000
|
heap
|
page read and write
|
||
|
2740CD7D000
|
heap
|
page read and write
|
||
|
1D8AA69B000
|
heap
|
page read and write
|
||
|
2ACE6850000
|
heap
|
page read and write
|
||
|
9C2667E000
|
stack
|
page read and write
|
||
|
1D4C2282000
|
heap
|
page read and write
|
||
|
21B11613000
|
heap
|
page read and write
|
||
|
213B5259000
|
heap
|
page read and write
|
||
|
7FFC67216000
|
unkown
|
page read and write
|
||
|
2740CD82000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
26ED900D000
|
heap
|
page read and write
|
||
|
1DC60C0A000
|
heap
|
page read and write
|
||
|
2740C4B5000
|
heap
|
page read and write
|
||
|
1D66CD70000
|
heap
|
page read and write
|
||
|
D52EFFF000
|
stack
|
page read and write
|
||
|
811A9FC000
|
stack
|
page read and write
|
||
|
1D66D615000
|
heap
|
page read and write
|
||
|
26ED9000000
|
heap
|
page read and write
|
||
|
28FD5545000
|
heap
|
page read and write
|
||
|
26D25A43000
|
heap
|
page read and write
|
||
|
1DC5FC87000
|
heap
|
page read and write
|
||
|
1F10805C000
|
heap
|
page read and write
|
||
|
1D66CEAE000
|
heap
|
page read and write
|
||
|
1DC5FC60000
|
heap
|
page read and write
|
||
|
1F108102000
|
heap
|
page read and write
|
||
|
21B11450000
|
heap
|
page read and write
|
||
|
1D4C2200000
|
heap
|
page read and write
|
||
|
1F108690000
|
remote allocation
|
page read and write
|
||
|
26D25A30000
|
heap
|
page read and write
|
||
|
1D66CE00000
|
heap
|
page read and write
|
||
|
2740CD89000
|
heap
|
page read and write
|
||
|
20EEBE15000
|
heap
|
page read and write
|
||
|
2740CD8C000
|
heap
|
page read and write
|
||
|
1AB33D19000
|
heap
|
page read and write
|
||
|
908000
|
heap
|
page read and write
|
||
|
2740CD77000
|
heap
|
page read and write
|
||
|
1C82CC40000
|
heap
|
page read and write
|
||
|
B7C000
|
heap
|
page read and write
|
||
|
2740CD1F000
|
heap
|
page read and write
|
||
|
1B21AD13000
|
heap
|
page read and write
|
||
|
1D8AA6CB000
|
heap
|
page read and write
|
||
|
1C94ABF0000
|
heap
|
page read and write
|
||
|
D0EF47A000
|
stack
|
page read and write
|
||
|
1D4C2300000
|
heap
|
page read and write
|
||
|
2740CD66000
|
heap
|
page read and write
|
||
|
1D67243E000
|
trusted library allocation
|
page read and write
|
||
|
1D8AA6CB000
|
heap
|
page read and write
|
||
|
1D8AA6CB000
|
heap
|
page read and write
|
||
|
20EEBE21000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
7BFC27E000
|
stack
|
page read and write
|
||
|
88D000
|
heap
|
page read and write
|
||
|
20EEBE15000
|
heap
|
page read and write
|
||
|
70D357C000
|
stack
|
page read and write
|
||
|
2740D202000
|
heap
|
page read and write
|
||
|
1F107EA0000
|
heap
|
page read and write
|
||
|
1CF54681000
|
heap
|
page read and write
|
||
|
BA5000
|
heap
|
page read and write
|
||
|
2740C250000
|
heap
|
page read and write
|
||
|
2740CC02000
|
heap
|
page read and write
|
||
|
15C1BEA0000
|
heap
|
page read and write
|
||
|
2740CD29000
|
heap
|
page read and write
|
||
|
26CC000
|
stack
|
page read and write
|
||
|
1C82CEBD000
|
heap
|
page read and write
|
||
|
1D6726D9000
|
heap
|
page read and write
|
||
|
1B21AC7E000
|
heap
|
page read and write
|
||
|
1D8AA5E0000
|
heap
|
page read and write
|
||
|
21B11702000
|
heap
|
page read and write
|
||
|
93BA77E000
|
stack
|
page read and write
|
||
|
15C1BE30000
|
heap
|
page read and write
|
||
|
88D000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1DC60D1B000
|
heap
|
page read and write
|
||
|
2740CD63000
|
heap
|
page read and write
|
||
|
25F3BFB000
|
stack
|
page read and write
|
||
|
2740C4F7000
|
heap
|
page read and write
|
||
|
7FFC67219000
|
unkown
|
page readonly
|
||
|
2740CD84000
|
heap
|
page read and write
|
||
|
26D25A80000
|
heap
|
page read and write
|
||
|
8CB000
|
heap
|
page read and write
|
||
|
9C266FE000
|
stack
|
page read and write
|
||
|
9EFE9AE000
|
stack
|
page read and write
|
||
|
1DC605F0000
|
heap
|
page read and write
|
||
|
70D35FE000
|
stack
|
page read and write
|
||
|
2740CD77000
|
heap
|
page read and write
|
||
|
1F107E90000
|
heap
|
page read and write
|
||
|
2740C43C000
|
heap
|
page read and write
|
||
|
4F10D7F000
|
stack
|
page read and write
|
||
|
922000
|
heap
|
page read and write
|
||
|
1AB33F5B000
|
heap
|
page read and write
|
||
|
20EEBE21000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1C82D602000
|
heap
|
page read and write
|
||
|
15C1BF0E000
|
heap
|
page read and write
|
||
|
2ACE697E000
|
heap
|
page read and write
|
||
|
1DC6052F000
|
heap
|
page read and write
|
||
|
1B21AD00000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
B8F000
|
heap
|
page read and write
|
||
|
1C82CEC5000
|
heap
|
page read and write
|
||
|
21B1165A000
|
heap
|
page read and write
|
||
|
9C26D77000
|
stack
|
page read and write
|
||
|
CFAEC7E000
|
stack
|
page read and write
|
||
|
26D258E0000
|
heap
|
page read and write
|
||
|
9C263FB000
|
stack
|
page read and write
|
||
|
373E6FF000
|
stack
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
1D672430000
|
trusted library allocation
|
page read and write
|
||
|
1AB33D33000
|
heap
|
page read and write
|
||
|
2740CD80000
|
heap
|
page read and write
|
||
|
213B5240000
|
heap
|
page read and write
|
||
|
2740CD77000
|
heap
|
page read and write
|
||
|
26D25A42000
|
heap
|
page read and write
|
||
|
1DC5FCCD000
|
heap
|
page read and write
|
||
|
1DC60402000
|
heap
|
page read and write
|
||
|
845EC7F000
|
stack
|
page read and write
|
||
|
28FD51F0000
|
heap
|
page read and write
|
||
|
20EEBDA0000
|
heap
|
page read and write
|
||
|
26D25A51000
|
heap
|
page read and write
|
||
|
2740CD8C000
|
heap
|
page read and write
|
||
|
53B2DDF000
|
stack
|
page read and write
|
||
|
2330000
|
remote allocation
|
page read and write
|
||
|
1B21AB90000
|
trusted library allocation
|
page read and write
|
||
|
1D672600000
|
heap
|
page read and write
|
||
|
1CF543A0000
|
heap
|
page read and write
|
||
|
1D672320000
|
trusted library allocation
|
page read and write
|
||
|
1D6726FF000
|
heap
|
page read and write
|
||
|
1AB35900000
|
heap
|
page read and write
|
||
|
93BA6FD000
|
stack
|
page read and write
|
||
|
213B5110000
|
heap
|
page read and write
|
||
|
1C82CECE000
|
heap
|
page read and write
|
||
|
60F3F7E000
|
stack
|
page read and write
|
||
|
1D672540000
|
trusted library allocation
|
page read and write
|
||
|
2740CD62000
|
heap
|
page read and write
|
||
|
373E7FE000
|
stack
|
page read and write
|
||
|
26D25A76000
|
heap
|
page read and write
|
||
|
20EEBE3D000
|
heap
|
page read and write
|
||
|
2740CD77000
|
heap
|
page read and write
|
||
|
1C94B900000
|
trusted library allocation
|
page read and write
|
||
|
1CF54629000
|
heap
|
page read and write
|
||
|
1D8AA6A6000
|
heap
|
page read and write
|
||
|
2740CD65000
|
heap
|
page read and write
|
||
|
1DC5FAC0000
|
heap
|
page read and write
|
||
|
2740C4E8000
|
heap
|
page read and write
|
||
|
1F108040000
|
heap
|
page read and write
|
||
|
26D25A3E000
|
heap
|
page read and write
|
||
|
2740CDA8000
|
heap
|
page read and write
|
||
|
2740CD84000
|
heap
|
page read and write
|
||
|
D0EE9F7000
|
stack
|
page read and write
|
||
|
1D66D713000
|
heap
|
page read and write
|
||
|
26D25A7D000
|
heap
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
26ED8FFB000
|
heap
|
page read and write
|
||
|
1D8AA6B4000
|
heap
|
page read and write
|
||
|
1D66E283000
|
trusted library allocation
|
page read and write
|
||
|
15C1C275000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
26ED8FB0000
|
heap
|
page readonly
|
||
|
1C94ABF0000
|
heap
|
page read and write
|
||
|
28FD51D0000
|
heap
|
page read and write
|
||
|
845E936000
|
stack
|
page read and write
|
||
|
1D66D700000
|
heap
|
page read and write
|
||
|
2740C471000
|
heap
|
page read and write
|
||
|
D52F07E000
|
stack
|
page read and write
|
||
|
1DC5FCB1000
|
heap
|
page read and write
|
||
|
1F108000000
|
heap
|
page read and write
|
||
|
1AB33F50000
|
heap
|
page read and write
|
||
|
1AB33D3A000
|
heap
|
page read and write
|
||
|
1C94A970000
|
heap
|
page read and write
|
||
|
848000
|
heap
|
page read and write
|
||
|
1DC5FC52000
|
heap
|
page read and write
|
||
|
1DC5FDFD000
|
heap
|
page read and write
|
||
|
26ED900D000
|
heap
|
page read and write
|
||
|
213B5120000
|
heap
|
page read and write
|
||
|
2740CD94000
|
heap
|
page read and write
|
||
|
20EEC7E0000
|
heap
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
1D8AA6BA000
|
heap
|
page read and write
|
||
|
295B000
|
stack
|
page read and write
|
||
|
26ED9230000
|
heap
|
page read and write
|
||
|
7FFC67212000
|
unkown
|
page readonly
|
||
|
20EEBDD9000
|
heap
|
page read and write
|
||
|
2740C2B0000
|
heap
|
page read and write
|
||
|
2740CD7D000
|
heap
|
page read and write
|
||
|
213B526C000
|
heap
|
page read and write
|
||
|
2220000
|
heap
|
page readonly
|
||
|
26D25A79000
|
heap
|
page read and write
|
||
|
213B525B000
|
heap
|
page read and write
|
||
|
845ECFE000
|
stack
|
page read and write
|
||
|
2740CDC1000
|
heap
|
page read and write
|
||
|
21E0000
|
direct allocation
|
page execute and read and write
|
||
|
1D8AA6C4000
|
heap
|
page read and write
|
||
|
1D8AA890000
|
heap
|
page read and write
|
||
|
2740C44D000
|
heap
|
page read and write
|
||
|
27DE000
|
stack
|
page read and write
|
||
|
1B21AC64000
|
heap
|
page read and write
|
||
|
2740CD7D000
|
heap
|
page read and write
|
||
|
D0EF17D000
|
stack
|
page read and write
|
||
|
26D25A85000
|
heap
|
page read and write
|
||
|
D0EECFE000
|
stack
|
page read and write
|
||
|
70D317B000
|
stack
|
page read and write
|
||
|
2740CD62000
|
heap
|
page read and write
|
||
|
1D2A57E000
|
stack
|
page read and write
|
||
|
8D9000
|
heap
|
page read and write
|
||
|
373E8FE000
|
stack
|
page read and write
|
||
|
60F3A7B000
|
stack
|
page read and write
|
||
|
CFAEBFE000
|
stack
|
page read and write
|
||
|
15C1C270000
|
heap
|
page read and write
|
||
|
1F108013000
|
heap
|
page read and write
|
||
|
1DC5FC83000
|
heap
|
page read and write
|
||
|
1D66CEFD000
|
heap
|
page read and write
|
||
|
1D672560000
|
trusted library allocation
|
page read and write
|
||
|
2740CDAB000
|
heap
|
page read and write
|
||
|
2B4F000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
2740CD8E000
|
heap
|
page read and write
|
||
|
1D8AA69D000
|
heap
|
page read and write
|
||
|
7FFC671C1000
|
unkown
|
page execute read
|
||
|
1D66D600000
|
heap
|
page read and write
|
||
|
1D67262E000
|
heap
|
page read and write
|
||
|
1DC5FC43000
|
heap
|
page read and write
|
||
|
373DE7B000
|
stack
|
page read and write
|
||
|
20EEBE65000
|
heap
|
page read and write
|
||
|
1D672580000
|
trusted library allocation
|
page read and write
|
||
|
1C94ABA8000
|
heap
|
page read and write
|
||
|
1C94AE09000
|
heap
|
page read and write
|
||
|
1D66D602000
|
heap
|
page read and write
|
||
|
213B5302000
|
heap
|
page read and write
|
||
|
9C26B78000
|
stack
|
page read and write
|
||
|
1D672702000
|
heap
|
page read and write
|
||
|
20EEBFB5000
|
heap
|
page read and write
|
||
|
20EEBD30000
|
heap
|
page read and write
|
||
|
21B1167B000
|
heap
|
page read and write
|
||
|
15C1BF00000
|
heap
|
page read and write
|
||
|
2740CD84000
|
heap
|
page read and write
|
||
|
1DC5FCA2000
|
heap
|
page read and write
|
||
|
2740C451000
|
heap
|
page read and write
|
||
|
9EFEDFF000
|
stack
|
page read and write
|
||
|
1AB33D10000
|
heap
|
page read and write
|
||
|
1D672460000
|
trusted library allocation
|
page read and write
|
||
|
2740CD81000
|
heap
|
page read and write
|
||
|
1D672689000
|
heap
|
page read and write
|
||
|
7FFC671C0000
|
unkown
|
page readonly
|
||
|
2740CD8D000
|
heap
|
page read and write
|
||
|
AC5A8FF000
|
stack
|
page read and write
|
||
|
2740CAD0000
|
remote allocation
|
page read and write
|
||
|
1AB33D4E000
|
heap
|
page read and write
|
||
|
9EFEFFE000
|
stack
|
page read and write
|
||
|
2740C44A000
|
heap
|
page read and write
|
||
|
1D67264B000
|
heap
|
page read and write
|
||
|
28DE000
|
stack
|
page read and write
|
||
|
2ACE6948000
|
heap
|
page read and write
|
||
|
1D672451000
|
trusted library allocation
|
page read and write
|
||
|
9C26EFB000
|
stack
|
page read and write
|
||
|
2740C502000
|
heap
|
page read and write
|
||
|
1C82CE29000
|
heap
|
page read and write
|
||
|
7FFC671C0000
|
unkown
|
page readonly
|
||
|
93BA37E000
|
stack
|
page read and write
|
||
|
1DC60513000
|
heap
|
page read and write
|
||
|
D0EEAFD000
|
stack
|
page read and write
|
||
|
C773EFF000
|
stack
|
page read and write
|
||
|
20EEBE56000
|
heap
|
page read and write
|
||
|
1F108057000
|
heap
|
page read and write
|
||
|
1AB33F55000
|
heap
|
page read and write
|
||
|
1B21AA30000
|
heap
|
page read and write
|
||
|
1D66CE6E000
|
heap
|
page read and write
|
||
|
70D37F7000
|
stack
|
page read and write
|
||
|
2740CD62000
|
heap
|
page read and write
|
||
|
28FD50A0000
|
heap
|
page read and write
|
||
|
1AB33D30000
|
heap
|
page read and write
|
||
|
1C94AB60000
|
trusted library allocation
|
page read and write
|
||
|
7FFC67212000
|
unkown
|
page readonly
|
||
|
60F417A000
|
stack
|
page read and write
|
||
|
1C94AAB0000
|
heap
|
page read and write
|
||
|
20EEBE35000
|
heap
|
page read and write
|
||
|
2ACE698E000
|
heap
|
page read and write
|
||
|
20EEBE21000
|
heap
|
page read and write
|
||
|
1D6726B6000
|
heap
|
page read and write
|
||
|
CFAEA7E000
|
stack
|
page read and write
|
||
|
21B11E02000
|
trusted library allocation
|
page read and write
|
||
|
1DC60D13000
|
heap
|
page read and write
|
||
|
20EEBE35000
|
heap
|
page read and write
|
||
|
26D25A6F000
|
heap
|
page read and write
|
||
|
1D66CE58000
|
heap
|
page read and write
|
||
|
28FD529E000
|
heap
|
page read and write
|
||
|
26EDAB90000
|
heap
|
page read and write
|
||
|
2740CD8C000
|
heap
|
page read and write
|
||
|
908000
|
heap
|
page read and write
|
||
|
28FD5296000
|
heap
|
page read and write
|
||
|
1CF54600000
|
heap
|
page read and write
|
||
|
D0EF37A000
|
stack
|
page read and write
|
||
|
2740CD81000
|
heap
|
page read and write
|
||
|
26D25B02000
|
heap
|
page read and write
|
||
|
2704000
|
heap
|
page read and write
|
||
|
2ACE6700000
|
heap
|
page read and write
|
||
|
2740C4D7000
|
heap
|
page read and write
|
||
|
1D8AA6D6000
|
heap
|
page read and write
|
||
|
1D66D718000
|
heap
|
page read and write
|
||
|
AC5A87B000
|
stack
|
page read and write
|
||
|
1D672870000
|
trusted library allocation
|
page read and write
|
||
|
9EFEC7E000
|
stack
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
2740CDA8000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1D8AA6A1000
|
heap
|
page read and write
|
||
|
1D6726DF000
|
heap
|
page read and write
|
||
|
1AB33D2A000
|
heap
|
page read and write
|
||
|
2740C4C3000
|
heap
|
page read and write
|
||
|
2740CD8C000
|
heap
|
page read and write
|
||
|
26D25A13000
|
heap
|
page read and write
|
||
|
1D8AA6C9000
|
heap
|
page read and write
|
||
|
1CF54613000
|
heap
|
page read and write
|
||
|
1D8AA6D6000
|
heap
|
page read and write
|
||
|
2ACE6705000
|
heap
|
page read and write
|
||
|
1D66D704000
|
heap
|
page read and write
|
||
|
1DC5FC4E000
|
heap
|
page read and write
|
||
|
60F3C7F000
|
stack
|
page read and write
|
||
|
1AB33D33000
|
heap
|
page read and write
|
||
|
1CF54702000
|
heap
|
page read and write
|
||
|
26D25A53000
|
heap
|
page read and write
|
||
|
20EEBE56000
|
heap
|
page read and write
|
||
|
896000
|
heap
|
page read and write
|
||
|
28FD5290000
|
heap
|
page read and write
|
||
|
2740CD98000
|
heap
|
page read and write
|
||
|
1D672620000
|
heap
|
page read and write
|
||
|
1C82D700000
|
heap
|
page read and write
|
||
|
20EEBE5F000
|
heap
|
page read and write
|
||
|
1C94ADE0000
|
trusted library allocation
|
page read and write
|
||
|
26ED901D000
|
heap
|
page read and write
|
||
|
2740CD84000
|
heap
|
page read and write
|
||
|
60D937F000
|
stack
|
page read and write
|
||
|
1D4C2100000
|
heap
|
page read and write
|
||
|
2740C513000
|
heap
|
page read and write
|
||
|
1C82CCB0000
|
heap
|
page read and write
|
||
|
26D25A2E000
|
heap
|
page read and write
|
||
|
1CF545D0000
|
trusted library allocation
|
page read and write
|
||
|
1C82CE7E000
|
heap
|
page read and write
|
||
|
2740CD84000
|
heap
|
page read and write
|
||
|
1D66CE75000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
26D25A4E000
|
heap
|
page read and write
|
||
|
AC5AA79000
|
stack
|
page read and write
|
||
|
7FFC67216000
|
unkown
|
page read and write
|
||
|
21B11700000
|
heap
|
page read and write
|
||
|
22A0000
|
heap
|
page read and write
|
||
|
D52EF7F000
|
stack
|
page read and write
|
||
|
1D66CE9D000
|
heap
|
page read and write
|
||
|
2740CD8C000
|
heap
|
page read and write
|
||
|
26D25A77000
|
heap
|
page read and write
|
||
|
1DC5FC67000
|
heap
|
page read and write
|
||
|
811AA7E000
|
stack
|
page read and write
|
||
|
21B11460000
|
heap
|
page read and write
|
||
|
C773DFD000
|
stack
|
page read and write
|
||
|
5C0000
|
remote allocation
|
page read and write
|
||
|
25F34EB000
|
stack
|
page read and write
|
||
|
9EFEEFF000
|
stack
|
page read and write
|
||
|
1D8AA6C4000
|
heap
|
page read and write
|
||
|
1DC5FD13000
|
heap
|
page read and write
|
||
|
1AB37040000
|
heap
|
page read and write
|
||
|
D0EE5FB000
|
stack
|
page read and write
|
||
|
26D25A00000
|
heap
|
page read and write
|
||
|
213B5313000
|
heap
|
page read and write
|
||
|
1DC60D00000
|
heap
|
page read and write
|
||
|
2740CD8D000
|
heap
|
page read and write
|
||
|
2ACE6940000
|
heap
|
page read and write
|
||
|
1C94ABF0000
|
heap
|
page read and write
|
||
|
1C82D732000
|
heap
|
page read and write
|
||
|
264F000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1D672290000
|
trusted library allocation
|
page read and write
|
||
|
C7740FE000
|
stack
|
page read and write
|
||
|
D0EEDFB000
|
stack
|
page read and write
|
||
|
CFAEAFF000
|
stack
|
page read and write
|
||
|
213B51B0000
|
trusted library allocation
|
page read and write
|
||
|
1C82CE13000
|
heap
|
page read and write
|
||
|
1DC602D0000
|
trusted library allocation
|
page read and write
|
||
|
2740C3B0000
|
trusted library allocation
|
page read and write
|
||
|
1D66CE73000
|
heap
|
page read and write
|
||
|
4F10E7F000
|
stack
|
page read and write
|
||
|
2740C4E9000
|
heap
|
page read and write
|
||
|
1DC5FCAB000
|
heap
|
page read and write
|
||
|
2ACE6992000
|
heap
|
page read and write
|
||
|
26ED8FD8000
|
heap
|
page read and write
|
||
|
2740CD8C000
|
heap
|
page read and write
|
||
|
BB7000
|
heap
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
60D93FD000
|
stack
|
page read and write
|
||
|
2740CD7D000
|
heap
|
page read and write
|
||
|
7FFC67216000
|
unkown
|
page read and write
|
||
|
BB8000
|
heap
|
page read and write
|
||
|
213B5202000
|
heap
|
page read and write
|
||
|
1D66CE91000
|
heap
|
page read and write
|
||
|
2740C48B000
|
heap
|
page read and write
|
||
|
1B21AC27000
|
heap
|
page read and write
|
||
|
1D4C2090000
|
heap
|
page read and write
|
||
|
1C94B940000
|
trusted library allocation
|
page read and write
|
||
|
2740CD8F000
|
heap
|
page read and write
|
||
|
1AB33D27000
|
heap
|
page read and write
|
||
|
2740CDAB000
|
heap
|
page read and write
|
||
|
26ED901D000
|
heap
|
page read and write
|
||
|
2740C4E4000
|
heap
|
page read and write
|
||
|
2740CD84000
|
heap
|
page read and write
|
||
|
373E2FC000
|
stack
|
page read and write
|
||
|
1C94ADC0000
|
trusted library allocation
|
page read and write
|
||
|
BD2000
|
heap
|
page read and write
|
||
|
26D25870000
|
heap
|
page read and write
|
||
|
2ADF000
|
stack
|
page read and write
|
||
|
213B5265000
|
heap
|
page read and write
|
||
|
15C1BEC0000
|
heap
|
page read and write
|
||
|
7BFB9FE000
|
stack
|
page read and write
|
||
|
2740CD80000
|
heap
|
page read and write
|
||
|
1D672470000
|
trusted library allocation
|
page read and write
|
||
|
1CF54670000
|
heap
|
page read and write
|
||
|
1C82CE88000
|
heap
|
page read and write
|
||
|
2740CD81000
|
heap
|
page read and write
|
||
|
1DC5FCC7000
|
heap
|
page read and write
|
||
|
26ED8F30000
|
heap
|
page read and write
|
||
|
20EEBEB6000
|
heap
|
page read and write
|
||
|
21B11666000
|
heap
|
page read and write
|
||
|
2740CD84000
|
heap
|
page read and write
|
||
|
21B11602000
|
heap
|
page read and write
|
||
|
845ED7E000
|
stack
|
page read and write
|
||
|
1D4C20A0000
|
heap
|
page read and write
|
||
|
2ACE83C0000
|
heap
|
page read and write
|
||
|
1AB33CD0000
|
heap
|
page read and write
|
||
|
70D347E000
|
stack
|
page read and write
|
||
|
1D66CE3F000
|
heap
|
page read and write
|
||
|
2740C516000
|
heap
|
page read and write
|
||
|
1DC605D3000
|
heap
|
page read and write
|
||
|
C773C7D000
|
stack
|
page read and write
|
||
|
1DC5FC7D000
|
heap
|
page read and write
|
||
|
2740C4AB000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
2740C4AB000
|
heap
|
page read and write
|
||
|
1DC5FC6A000
|
heap
|
page read and write
|
||
|
1CF5468F000
|
heap
|
page read and write
|
||
|
1DC6050E000
|
heap
|
page read and write
|
||
|
1D4C224D000
|
heap
|
page read and write
|
||
|
1AB33D33000
|
heap
|
page read and write
|
||
|
2740C4E6000
|
heap
|
page read and write
|
||
|
93BA87D000
|
stack
|
page read and write
|
||
|
2740CDA0000
|
heap
|
page read and write
|
||
|
1B21AA20000
|
heap
|
page read and write
|
||
|
7FFC67219000
|
unkown
|
page readonly
|
||
|
1AB33D2A000
|
heap
|
page read and write
|
||
|
1D4C2254000
|
heap
|
page read and write
|
||
|
1B21AC02000
|
heap
|
page read and write
|
||
|
213B5275000
|
heap
|
page read and write
|
||
|
2740D202000
|
heap
|
page read and write
|
||
|
2ACE8290000
|
heap
|
page read and write
|
||
|
87B000
|
heap
|
page read and write
|
||
|
1D4C2249000
|
heap
|
page read and write
|
||
|
1CF54708000
|
heap
|
page read and write
|
||
|
2740CD87000
|
heap
|
page read and write
|
||
|
1D8AA6C4000
|
heap
|
page read and write
|
||
|
2740D202000
|
heap
|
page read and write
|
||
|
1C94AE05000
|
heap
|
page read and write
|
||
|
1C82CE00000
|
heap
|
page read and write
|
||
|
1D672450000
|
trusted library allocation
|
page read and write
|
||
|
2ACE66F0000
|
heap
|
page read and write
|
||
|
1C82CF02000
|
heap
|
page read and write
|
||
|
15C1BF28000
|
heap
|
page read and write
|
||
|
4F10DFB000
|
stack
|
page read and write
|
||
|
2740CDB0000
|
heap
|
page read and write
|
||
|
1F108690000
|
remote allocation
|
page read and write
|
||
|
1D66D718000
|
heap
|
page read and write
|
||
|
21B115C0000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
direct allocation
|
page execute and read and write
|
||
|
26D25A69000
|
heap
|
page read and write
|
||
|
1B21AD08000
|
heap
|
page read and write
|
||
|
26ED9004000
|
heap
|
page read and write
|
||
|
1D8AA6DE000
|
heap
|
page read and write
|
||
|
1AB37043000
|
heap
|
page read and write
|
||
|
20EEBE56000
|
heap
|
page read and write
|
||
|
26D25A41000
|
heap
|
page read and write
|
||
|
7BFBD7E000
|
stack
|
page read and write
|
||
|
2740CD77000
|
heap
|
page read and write
|
||
|
2740CD81000
|
heap
|
page read and write
|
||
|
1C82CE51000
|
heap
|
page read and write
|
||
|
26D25A47000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
391015D000
|
stack
|
page read and write
|
||
|
2740CDAE000
|
heap
|
page read and write
|
||
|
811A97C000
|
stack
|
page read and write
|
||
|
60F3E7C000
|
stack
|
page read and write
|
||
|
1B21B402000
|
trusted library allocation
|
page read and write
|
||
|
2740CD87000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
C773CFB000
|
stack
|
page read and write
|
||
|
1D672661000
|
heap
|
page read and write
|
||
|
2740CD62000
|
heap
|
page read and write
|
||
|
20EEBFC0000
|
heap
|
page read and write
|
||
|
1DC5FC13000
|
heap
|
page read and write
|
||
|
1D66D759000
|
heap
|
page read and write
|
||
|
26EDAB94000
|
heap
|
page read and write
|
||
|
5C0000
|
remote allocation
|
page read and write
|
||
|
1DC60559000
|
heap
|
page read and write
|
||
|
53B31FF000
|
stack
|
page read and write
|
||
|
1D672500000
|
trusted library allocation
|
page read and write
|
||
|
25F3CFE000
|
stack
|
page read and write
|
||
|
26D25A50000
|
heap
|
page read and write
|
||
|
7BFC07E000
|
stack
|
page read and write
|
||
|
1D4C225E000
|
heap
|
page read and write
|
||
|
1D66D530000
|
trusted library allocation
|
page read and write
|
||
|
2740CD91000
|
heap
|
page read and write
|
||
|
1D6726F8000
|
heap
|
page read and write
|
||
|
1D672454000
|
trusted library allocation
|
page read and write
|
||
|
1D8AA6B9000
|
heap
|
page read and write
|
||
|
1F108002000
|
heap
|
page read and write
|
||
|
7BFBF77000
|
stack
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
26ED9000000
|
heap
|
page read and write
|
||
|
26D25A6B000
|
heap
|
page read and write
|
||
|
1B21AC52000
|
heap
|
page read and write
|
||
|
7BFB97F000
|
stack
|
page read and write
|
||
|
26ED8F10000
|
heap
|
page read and write
|
||
|
9EFE92C000
|
stack
|
page read and write
|
||
|
9EFF0FE000
|
stack
|
page read and write
|
||
|
1DC5FAD0000
|
heap
|
page read and write
|
||
|
1D6726A0000
|
heap
|
page read and write
|
||
|
1D8AA5C0000
|
heap
|
page read and write
|
||
|
2740CD64000
|
heap
|
page read and write
|
||
|
1AB33D3A000
|
heap
|
page read and write
|
||
|
1DC60534000
|
heap
|
page read and write
|
||
|
21B1163F000
|
heap
|
page read and write
|
||
|
2740CD7D000
|
heap
|
page read and write
|
||
|
2740CD8D000
|
heap
|
page read and write
|
||
|
9C26DFF000
|
unkown
|
page read and write
|
||
|
C773FFC000
|
stack
|
page read and write
|
||
|
1DC60C02000
|
heap
|
page read and write
|
||
|
20EEBEB6000
|
heap
|
page read and write
|
||
|
53B2CDA000
|
stack
|
page read and write
|
||
|
26D25A7C000
|
heap
|
page read and write
|
||
|
2740C240000
|
heap
|
page read and write
|
||
|
1D6722A0000
|
trusted library allocation
|
page read and write
|
||
|
2740D221000
|
heap
|
page read and write
|
||
|
7BFBE7B000
|
stack
|
page read and write
|
||
|
93BA4FE000
|
stack
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
1AB33D33000
|
heap
|
page read and write
|
||
|
26D25A4C000
|
heap
|
page read and write
|
||
|
1D66CF02000
|
heap
|
page read and write
|
||
|
1D2A47C000
|
stack
|
page read and write
|
||
|
1CF54658000
|
heap
|
page read and write
|
||
|
1C94ADD0000
|
heap
|
page readonly
|
||
|
2740CD8C000
|
heap
|
page read and write
|
||
|
C77387B000
|
stack
|
page read and write
|
||
|
21B114C0000
|
heap
|
page read and write
|
||
|
2740CD77000
|
heap
|
page read and write
|
||
|
2740CD7D000
|
heap
|
page read and write
|
||
|
2740D21A000
|
heap
|
page read and write
|
||
|
1DC60D02000
|
heap
|
page read and write
|
||
|
93BA5FF000
|
stack
|
page read and write
|
||
|
2740CD77000
|
heap
|
page read and write
|
||
|
373E9FF000
|
stack
|
page read and write
|
||
|
2740CD98000
|
heap
|
page read and write
|
||
|
D52EBBA000
|
stack
|
page read and write
|
||
|
8D9000
|
heap
|
page read and write
|
||
|
1DC5FCDD000
|
heap
|
page read and write
|
||
|
20EEBE15000
|
heap
|
page read and write
|
||
|
26ED8FA0000
|
direct allocation
|
page execute and read and write
|
||
|
1DC5FC3C000
|
heap
|
page read and write
|
||
|
811A5BE000
|
stack
|
page read and write
|
||
|
1C82CC50000
|
heap
|
page read and write
|
||
|
2740CD62000
|
heap
|
page read and write
|
||
|
7FFC67219000
|
unkown
|
page readonly
|
||
|
1F656D10000
|
heap
|
page read and write
|
||
|
2740CD62000
|
heap
|
page read and write
|
||
|
26D25A40000
|
heap
|
page read and write
|
||
|
1D66E290000
|
trusted library allocation
|
page read and write
|
||
|
21C0000
|
heap
|
page read and write
|
||
|
20EEC470000
|
remote allocation
|
page read and write
|
||
|
2330000
|
remote allocation
|
page read and write
|
||
|
2740CD84000
|
heap
|
page read and write
|
||
|
21B11724000
|
heap
|
page read and write
|
||
|
373E5FF000
|
stack
|
page read and write
|
||
|
20EEBE11000
|
heap
|
page read and write
|
||
|
1D8AA690000
|
heap
|
page read and write
|
||
|
2740CD87000
|
heap
|
page read and write
|
||
|
2740CD87000
|
heap
|
page read and write
|
||
|
1DC5FC2A000
|
heap
|
page read and write
|
||
|
26D25A48000
|
heap
|
page read and write
|
||
|
1B21AC13000
|
heap
|
page read and write
|
||
|
26D25A2F000
|
heap
|
page read and write
|
||
|
AC5AB7E000
|
stack
|
page read and write
|
||
|
1D66CDD0000
|
heap
|
page read and write
|
||
|
2740CD9E000
|
heap
|
page read and write
|
||
|
8B3000
|
heap
|
page read and write
|
||
|
2740CD8C000
|
heap
|
page read and write
|
||
|
2ACE68A0000
|
heap
|
page read and write
|
||
|
213B526F000
|
heap
|
page read and write
|
||
|
2740CD8C000
|
heap
|
page read and write
|
||
|
60D92FF000
|
stack
|
page read and write
|
||
|
1D66E280000
|
trusted library allocation
|
page read and write
|
||
|
20EEBE38000
|
heap
|
page read and write
|
||
|
1C82CE70000
|
heap
|
page read and write
|
||
|
1D66CD60000
|
heap
|
page read and write
|
||
|
1F108690000
|
remote allocation
|
page read and write
|
||
|
26ED9235000
|
heap
|
page read and write
|
||
|
1C94AE10000
|
trusted library allocation
|
page read and write
|
||
|
2390000
|
heap
|
page read and write
|
||
|
845E9BF000
|
stack
|
page read and write
|
||
|
DFF000
|
stack
|
page read and write
|
||
|
25F39FB000
|
stack
|
page read and write
|
||
|
1D672590000
|
remote allocation
|
page read and write
|
||
|
15C1BF0B000
|
heap
|
page read and write
|
||
|
1D8AA895000
|
heap
|
page read and write
|
||
|
60F3D79000
|
stack
|
page read and write
|
||
|
1D4C2860000
|
trusted library allocation
|
page read and write
|
||
|
20EEBE5E000
|
heap
|
page read and write
|
||
|
2740CD80000
|
heap
|
page read and write
|
||
|
1C94B6F0000
|
trusted library allocation
|
page read and write
|
||
|
26D25A45000
|
heap
|
page read and write
|
||
|
2740C508000
|
heap
|
page read and write
|
||
|
20EEBE11000
|
heap
|
page read and write
|
||
|
26D25A46000
|
heap
|
page read and write
|
||
|
2330000
|
remote allocation
|
page read and write
|
||
|
1D8AA6E5000
|
heap
|
page read and write
|
||
|
908000
|
heap
|
page read and write
|
||
|
1B21AC5F000
|
heap
|
page read and write
|
||
|
1D4C2276000
|
heap
|
page read and write
|
||
|
1CF54655000
|
heap
|
page read and write
|
||
|
1CF54400000
|
heap
|
page read and write
|
||
|
1D2A4FE000
|
stack
|
page read and write
|
||
|
26D25A29000
|
heap
|
page read and write
|
||
|
26D25A52000
|
heap
|
page read and write
|
||
|
1D672460000
|
trusted library allocation
|
page read and write
|
||
|
D0EEBFA000
|
stack
|
page read and write
|
||
|
53B2D5E000
|
stack
|
page read and write
|
||
|
2ACE68C0000
|
direct allocation
|
page execute and read and write
|
||
|
1D672500000
|
trusted library allocation
|
page read and write
|
||
|
1DC5FC3A000
|
heap
|
page read and write
|
||
|
1D8AA6B3000
|
heap
|
page read and write
|
||
|
1D66D702000
|
heap
|
page read and write
|
||
|
1DC5FCE2000
|
heap
|
page read and write
|
There are 905 hidden memdumps, click here to show them.