Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Ru97gvh8ir.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
MPEG-4 LOAS
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x7d998954, page size 16384, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
|
Little-endian UTF-16 Unicode text, with CRLF, CR line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\Ru97gvh8ir.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\Ru97gvh8ir.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\Ru97gvh8ir.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\QHTOcg\FaLIWfXNGlbK.dll"
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\Ru97gvh8ir.dll,DllUnregisterServer
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k NetworkService -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\system32\svchost.exe -k wusvcs -p -s WaaSMedicSvc
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\CYwMLUBpfJVi\miBCQZcqs.dll"
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\Ru97gvh8ir.dll"
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\Ru97gvh8ir.dll",#1
|
||
|
C:\Windows\System32\SgrmBroker.exe
|
C:\Windows\system32\SgrmBroker.exe
|
||
|
C:\Program Files\Windows Defender\MpCmdRun.exe
|
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 11 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://23.239.0.12/?T
|
unknown
|
|
|
|
https://23.239.0.12/yT
|
unknown
|
|
|
|
https://23.239.0.12/7
|
unknown
|
|
|
|
https://23.239.0.12/;
|
unknown
|
|
|
|
https://23.239.0.12/
|
23.239.0.12
|
|
|
|
https://23.239.0.12/efaultL
|
unknown
|
|
|
|
https://23.239.0.12/m9
|
unknown
|
|
|
|
https://23.239.0.12/i9
|
unknown
|
|
|
|
https://dev.ditu.live.com/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Driving
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
https://t0.tiles.ditu.live.com/tiles/gen
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Walking
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/logging.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Transit/Schedules/
|
unknown
|
||
|
https://www.hotspotshield.com/terms/
|
unknown
|
||
|
https://www.pango.co/privacy
|
unknown
|
||
|
http://www.bingmapsportal.com
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
|
unknown
|
||
|
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Transit/Stops/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
|
unknown
|
||
|
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
|
https://activity.windows.comr
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
|
unknown
|
||
|
https://%s.xboxlive.com
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Locations
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/logging.ashx
|
unknown
|
||
|
https://support.hotspotshield.com/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
https://dynamic.t
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Transit
|
unknown
|
||
|
https://disneyplus.com/legal.
|
unknown
|
||
|
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://activity.windows.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Locations
|
unknown
|
||
|
http://help.disneyplus.com.
|
unknown
|
||
|
https://%s.dnet.xboxlive.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
|
unknown
|
||
|
https://www.tiktok.
|
unknown
|
There are 48 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
23.239.0.12
|
unknown
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Usage
|
MonthID
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\WaaS\WaaSMedic\TaskStore
|
Schedule Scan
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\WaaS\WaaSMedic\State
|
BlockUntilTimeStatus
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\WaaS\WaaSMedic\Configuration
|
refreshAfter
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
DB0000
|
direct allocation
|
page execute and read and write
|
|
|
|
19B71C10000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
17947080000
|
direct allocation
|
page execute and read and write
|
|
|
|
E70000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
28DDC4C0000
|
heap
|
page read and write
|
||
|
292E000
|
stack
|
page read and write
|
||
|
1DEA77A000
|
stack
|
page read and write
|
||
|
1FA39DF3000
|
heap
|
page read and write
|
||
|
19B70324000
|
heap
|
page read and write
|
||
|
25B6CBB9000
|
heap
|
page read and write
|
||
|
747D7F7000
|
stack
|
page read and write
|
||
|
1277C013000
|
heap
|
page read and write
|
||
|
1D642720000
|
heap
|
page read and write
|
||
|
A757178000
|
stack
|
page read and write
|
||
|
226EE3F0000
|
trusted library allocation
|
page read and write
|
||
|
16DC4E75000
|
heap
|
page read and write
|
||
|
2860000
|
heap
|
page read and write
|
||
|
270A5002000
|
heap
|
page read and write
|
||
|
25B6CB8B000
|
heap
|
page read and write
|
||
|
1FA39C40000
|
heap
|
page read and write
|
||
|
204EF613000
|
heap
|
page read and write
|
||
|
28905ADB000
|
heap
|
page read and write
|
||
|
226EE502000
|
heap
|
page read and write
|
||
|
270A48F9000
|
heap
|
page read and write
|
||
|
270A48EB000
|
heap
|
page read and write
|
||
|
151B4C00000
|
trusted library allocation
|
page read and write
|
||
|
28905B01000
|
heap
|
page read and write
|
||
|
270A5602000
|
heap
|
page read and write
|
||
|
E2079FE000
|
stack
|
page read and write
|
||
|
25B6CBA9000
|
heap
|
page read and write
|
||
|
16DC4E79000
|
heap
|
page read and write
|
||
|
226EE3C0000
|
heap
|
page read and write
|
||
|
1D643800000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
3AF557F000
|
stack
|
page read and write
|
||
|
151AF852000
|
heap
|
page read and write
|
||
|
270A4891000
|
heap
|
page read and write
|
||
|
E7B000
|
heap
|
page read and write
|
||
|
226EE45D000
|
heap
|
page read and write
|
||
|
270A4710000
|
heap
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
E2075CA000
|
stack
|
page read and write
|
||
|
226EE462000
|
heap
|
page read and write
|
||
|
270A5602000
|
heap
|
page read and write
|
||
|
25B6CBA9000
|
heap
|
page read and write
|
||
|
747D8F7000
|
stack
|
page read and write
|
||
|
151B508A000
|
heap
|
page read and write
|
||
|
22D2FD70000
|
heap
|
page read and write
|
||
|
23A28932000
|
heap
|
page read and write
|
||
|
25B6CBB6000
|
heap
|
page read and write
|
||
|
1C259FF0000
|
heap
|
page read and write
|
||
|
FF0F0F7000
|
stack
|
page read and write
|
||
|
226EE486000
|
heap
|
page read and write
|
||
|
25F32FE000
|
stack
|
page read and write
|
||
|
270A517B000
|
heap
|
page read and write
|
||
|
226EE466000
|
heap
|
page read and write
|
||
|
278F000
|
stack
|
page read and write
|
||
|
7FFC67212000
|
unkown
|
page readonly
|
||
|
1FA3A0A5000
|
heap
|
page read and write
|
||
|
25B6CB01000
|
heap
|
page read and write
|
||
|
1D6428C2000
|
heap
|
page read and write
|
||
|
270A5190000
|
heap
|
page read and write
|
||
|
1FA3D113000
|
heap
|
page read and write
|
||
|
1FA39DEA000
|
heap
|
page read and write
|
||
|
1D6428A3000
|
heap
|
page read and write
|
||
|
7FFC671C1000
|
unkown
|
page execute read
|
||
|
22D2FE00000
|
heap
|
page read and write
|
||
|
23A28029000
|
heap
|
page read and write
|
||
|
28DDC613000
|
heap
|
page read and write
|
||
|
23A2806E000
|
heap
|
page read and write
|
||
|
1D643808000
|
heap
|
page read and write
|
||
|
28905CB0000
|
heap
|
page read and write
|
||
|
270A4867000
|
heap
|
page read and write
|
||
|
747D67B000
|
stack
|
page read and write
|
||
|
270A4916000
|
heap
|
page read and write
|
||
|
19B71C60000
|
heap
|
page read and write
|
||
|
226EE42E000
|
heap
|
page read and write
|
||
|
151B5102000
|
heap
|
page read and write
|
||
|
226EE46F000
|
heap
|
page read and write
|
||
|
226EE432000
|
heap
|
page read and write
|
||
|
28DDC676000
|
heap
|
page read and write
|
||
|
1D642896000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1D643002000
|
heap
|
page read and write
|
||
|
17947050000
|
heap
|
page read and write
|
||
|
12CB1FF000
|
stack
|
page read and write
|
||
|
270A518C000
|
heap
|
page read and write
|
||
|
1D642846000
|
heap
|
page read and write
|
||
|
151AF8A5000
|
heap
|
page read and write
|
||
|
17946DA0000
|
heap
|
page read and write
|
||
|
151AF6D0000
|
heap
|
page read and write
|
||
|
7FFC67219000
|
unkown
|
page readonly
|
||
|
FECD6FB000
|
stack
|
page read and write
|
||
|
9F0000
|
remote allocation
|
page read and write
|
||
|
270A5602000
|
heap
|
page read and write
|
||
|
151B0118000
|
heap
|
page read and write
|
||
|
17947100000
|
heap
|
page read and write
|
||
|
A7570FF000
|
stack
|
page read and write
|
||
|
1FA39DF7000
|
heap
|
page read and write
|
||
|
23A28113000
|
heap
|
page read and write
|
||
|
23A27F80000
|
trusted library allocation
|
page read and write
|
||
|
226EE46D000
|
heap
|
page read and write
|
||
|
3AF52FB000
|
stack
|
page read and write
|
||
|
296E000
|
stack
|
page read and write
|
||
|
270A51A2000
|
heap
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
151B50F1000
|
heap
|
page read and write
|
||
|
16DC4EFA000
|
heap
|
page read and write
|
||
|
270A5190000
|
heap
|
page read and write
|
||
|
25B6CBB1000
|
heap
|
page read and write
|
||
|
151B4E70000
|
trusted library allocation
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
204EF600000
|
heap
|
page read and write
|
||
|
1D643802000
|
heap
|
page read and write
|
||
|
270A51AC000
|
heap
|
page read and write
|
||
|
270A485F000
|
heap
|
page read and write
|
||
|
1FA39DF3000
|
heap
|
page read and write
|
||
|
204EF602000
|
heap
|
page read and write
|
||
|
C238DFF000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
28905AF6000
|
heap
|
page read and write
|
||
|
25B6C980000
|
heap
|
page read and write
|
||
|
22D2FE28000
|
heap
|
page read and write
|
||
|
226EE425000
|
heap
|
page read and write
|
||
|
19B70330000
|
heap
|
page readonly
|
||
|
16627682000
|
heap
|
page read and write
|
||
|
4B2C47F000
|
stack
|
page read and write
|
||
|
151B4EE0000
|
trusted library allocation
|
page read and write
|
||
|
270A51B4000
|
heap
|
page read and write
|
||
|
151B4DC1000
|
trusted library allocation
|
page read and write
|
||
|
1D642800000
|
heap
|
page read and write
|
||
|
270A5182000
|
heap
|
page read and write
|
||
|
1D64391B000
|
heap
|
page read and write
|
||
|
FF0F1FE000
|
stack
|
page read and write
|
||
|
270A515F000
|
heap
|
page read and write
|
||
|
16DC59B0000
|
trusted library allocation
|
page read and write
|
||
|
25B6CAF4000
|
heap
|
page read and write
|
||
|
747D47B000
|
stack
|
page read and write
|
||
|
17946F70000
|
heap
|
page read and write
|
||
|
1D64381D000
|
heap
|
page read and write
|
||
|
747DD7B000
|
stack
|
page read and write
|
||
|
4B2BB3F000
|
stack
|
page read and write
|
||
|
1D642813000
|
heap
|
page read and write
|
||
|
25B6D43A000
|
heap
|
page read and write
|
||
|
23A28068000
|
heap
|
page read and write
|
||
|
270A51AC000
|
heap
|
page read and write
|
||
|
17946F38000
|
heap
|
page read and write
|
||
|
AAF6D0B000
|
stack
|
page read and write
|
||
|
226EE458000
|
heap
|
page read and write
|
||
|
16DC4EFB000
|
heap
|
page read and write
|
||
|
151AF890000
|
heap
|
page read and write
|
||
|
270A4869000
|
heap
|
page read and write
|
||
|
16DC4E60000
|
trusted library allocation
|
page read and write
|
||
|
22D2FF02000
|
heap
|
page read and write
|
||
|
17947105000
|
heap
|
page read and write
|
||
|
16DC5C20000
|
trusted library allocation
|
page read and write
|
||
|
270A5100000
|
heap
|
page read and write
|
||
|
B8D9FF000
|
stack
|
page read and write
|
||
|
3AF51FB000
|
stack
|
page read and write
|
||
|
25B6CB8D000
|
heap
|
page read and write
|
||
|
151B4DA0000
|
trusted library allocation
|
page read and write
|
||
|
25B6CC55000
|
heap
|
page read and write
|
||
|
C238CFC000
|
stack
|
page read and write
|
||
|
270A4891000
|
heap
|
page read and write
|
||
|
4B2C3FA000
|
stack
|
page read and write
|
||
|
1D64284E000
|
heap
|
page read and write
|
||
|
1FA39DA0000
|
heap
|
page read and write
|
||
|
7FFC67219000
|
unkown
|
page readonly
|
||
|
25F347F000
|
stack
|
page read and write
|
||
|
1DEA979000
|
stack
|
page read and write
|
||
|
270A51B3000
|
heap
|
page read and write
|
||
|
F0F000
|
heap
|
page read and write
|
||
|
1D643902000
|
heap
|
page read and write
|
||
|
1D642829000
|
heap
|
page read and write
|
||
|
7FFC67212000
|
unkown
|
page readonly
|
||
|
29C4000
|
heap
|
page read and write
|
||
|
28DDC65A000
|
heap
|
page read and write
|
||
|
1277C802000
|
trusted library allocation
|
page read and write
|
||
|
270A518C000
|
heap
|
page read and write
|
||
|
1FA3A0AB000
|
heap
|
page read and write
|
||
|
226EE400000
|
heap
|
page read and write
|
||
|
23A28066000
|
heap
|
page read and write
|
||
|
270A5184000
|
heap
|
page read and write
|
||
|
270A5190000
|
heap
|
page read and write
|
||
|
9F0000
|
remote allocation
|
page read and write
|
||
|
16627678000
|
heap
|
page read and write
|
||
|
C238A7C000
|
stack
|
page read and write
|
||
|
151AF8FA000
|
heap
|
page read and write
|
||
|
204EF708000
|
heap
|
page read and write
|
||
|
204EF629000
|
heap
|
page read and write
|
||
|
270A51C4000
|
heap
|
page read and write
|
||
|
16627664000
|
heap
|
page read and write
|
||
|
1D642868000
|
heap
|
page read and write
|
||
|
CE9000
|
heap
|
page read and write
|
||
|
204EF702000
|
heap
|
page read and write
|
||
|
19B703CB000
|
heap
|
page read and write
|
||
|
1277C05C000
|
heap
|
page read and write
|
||
|
28DDC702000
|
heap
|
page read and write
|
||
|
1D64315E000
|
heap
|
page read and write
|
||
|
12CB179000
|
stack
|
page read and write
|
||
|
16627629000
|
heap
|
page read and write
|
||
|
1277BF90000
|
remote allocation
|
page read and write
|
||
|
204EF666000
|
heap
|
page read and write
|
||
|
16DC4D90000
|
heap
|
page read and write
|
||
|
16DC4EA0000
|
heap
|
page readonly
|
||
|
28DDC520000
|
heap
|
page read and write
|
||
|
270A51A4000
|
heap
|
page read and write
|
||
|
151AF8A7000
|
heap
|
page read and write
|
||
|
28905AD0000
|
heap
|
page read and write
|
||
|
16627652000
|
heap
|
page read and write
|
||
|
7FFC671C1000
|
unkown
|
page execute read
|
||
|
270A5176000
|
heap
|
page read and write
|
||
|
270A5189000
|
heap
|
page read and write
|
||
|
270A48E4000
|
heap
|
page read and write
|
||
|
C238FFE000
|
stack
|
page read and write
|
||
|
603D9FB000
|
stack
|
page read and write
|
||
|
1662765F000
|
heap
|
page read and write
|
||
|
226EE464000
|
heap
|
page read and write
|
||
|
870BCC6000
|
stack
|
page read and write
|
||
|
25F317E000
|
stack
|
page read and write
|
||
|
500FDD000
|
stack
|
page read and write
|
||
|
226EE42F000
|
heap
|
page read and write
|
||
|
D991DFF000
|
stack
|
page read and write
|
||
|
27FF000
|
stack
|
page read and write
|
||
|
151AF916000
|
heap
|
page read and write
|
||
|
270A5189000
|
heap
|
page read and write
|
||
|
AAF75FF000
|
stack
|
page read and write
|
||
|
151B4ED0000
|
trusted library allocation
|
page read and write
|
||
|
151B5088000
|
heap
|
page read and write
|
||
|
151B5020000
|
heap
|
page read and write
|
||
|
1D643802000
|
heap
|
page read and write
|
||
|
1FA3D120000
|
trusted library allocation
|
page read and write
|
||
|
28905B13000
|
heap
|
page read and write
|
||
|
151AF800000
|
heap
|
page read and write
|
||
|
270A511E000
|
heap
|
page read and write
|
||
|
FECD87E000
|
stack
|
page read and write
|
||
|
25B6CBA9000
|
heap
|
page read and write
|
||
|
270A518E000
|
heap
|
page read and write
|
||
|
151B4F00000
|
trusted library allocation
|
page read and write
|
||
|
22D2FE13000
|
heap
|
page read and write
|
||
|
25B6CB20000
|
heap
|
page read and write
|
||
|
2EB0000
|
remote allocation
|
page read and write
|
||
|
3AF5477000
|
stack
|
page read and write
|
||
|
25B6CB4B000
|
heap
|
page read and write
|
||
|
151B0159000
|
heap
|
page read and write
|
||
|
1D6429B8000
|
heap
|
page read and write
|
||
|
12CAD2E000
|
stack
|
page read and write
|
||
|
1DE9E7F000
|
stack
|
page read and write
|
||
|
25F2CAC000
|
stack
|
page read and write
|
||
|
1DE9B9B000
|
stack
|
page read and write
|
||
|
A75707E000
|
stack
|
page read and write
|
||
|
270A47B0000
|
trusted library allocation
|
page read and write
|
||
|
1D64289B000
|
heap
|
page read and write
|
||
|
1D642995000
|
heap
|
page read and write
|
||
|
151B4EC0000
|
trusted library allocation
|
page read and write
|
||
|
23A28102000
|
heap
|
page read and write
|
||
|
270A5190000
|
heap
|
page read and write
|
||
|
25F357D000
|
stack
|
page read and write
|
||
|
BC52D7E000
|
stack
|
page read and write
|
||
|
151B50ED000
|
heap
|
page read and write
|
||
|
16DC4F12000
|
heap
|
page read and write
|
||
|
151B4DC4000
|
trusted library allocation
|
page read and write
|
||
|
226EE43E000
|
heap
|
page read and write
|
||
|
FECD67E000
|
stack
|
page read and write
|
||
|
16DC4F20000
|
heap
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
25B6CB20000
|
heap
|
page read and write
|
||
|
151B5016000
|
heap
|
page read and write
|
||
|
151B4DA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFC67219000
|
unkown
|
page readonly
|
||
|
16DC4F13000
|
heap
|
page read and write
|
||
|
12CB279000
|
stack
|
page read and write
|
||
|
19B702F0000
|
heap
|
page read and write
|
||
|
19B70350000
|
heap
|
page read and write
|
||
|
1DE9FF7000
|
stack
|
page read and write
|
||
|
FECD77B000
|
stack
|
page read and write
|
||
|
C238BFB000
|
stack
|
page read and write
|
||
|
270A5178000
|
heap
|
page read and write
|
||
|
270A5196000
|
heap
|
page read and write
|
||
|
226EE446000
|
heap
|
page read and write
|
||
|
17946F30000
|
heap
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
23A28087000
|
heap
|
page read and write
|
||
|
23A27EF0000
|
heap
|
page read and write
|
||
|
19B70320000
|
heap
|
page read and write
|
||
|
270A51A3000
|
heap
|
page read and write
|
||
|
17947070000
|
direct allocation
|
page execute and read and write
|
||
|
F40000
|
trusted library allocation
|
page read and write
|
||
|
4B2C1FF000
|
stack
|
page read and write
|
||
|
3AF4DFB000
|
stack
|
page read and write
|
||
|
16627520000
|
heap
|
page read and write
|
||
|
25B6CAC0000
|
heap
|
page read and write
|
||
|
C64000
|
heap
|
page read and write
|
||
|
179470B0000
|
heap
|
page readonly
|
||
|
270A4908000
|
heap
|
page read and write
|
||
|
1D643843000
|
heap
|
page read and write
|
||
|
12CACAB000
|
stack
|
page read and write
|
||
|
204EF713000
|
heap
|
page read and write
|
||
|
B8D5C5000
|
stack
|
page read and write
|
||
|
25B6CB2D000
|
heap
|
page read and write
|
||
|
151B5102000
|
heap
|
page read and write
|
||
|
1D643100000
|
heap
|
page read and write
|
||
|
151B50DD000
|
heap
|
page read and write
|
||
|
226EE469000
|
heap
|
page read and write
|
||
|
151B4EB0000
|
trusted library allocation
|
page read and write
|
||
|
17946F00000
|
heap
|
page read and write
|
||
|
151B4DE0000
|
trusted library allocation
|
page read and write
|
||
|
151B0113000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
270A517D000
|
heap
|
page read and write
|
||
|
270A4829000
|
heap
|
page read and write
|
||
|
226EE47D000
|
heap
|
page read and write
|
||
|
1D64282E000
|
heap
|
page read and write
|
||
|
151B0100000
|
heap
|
page read and write
|
||
|
16DC4E70000
|
heap
|
page read and write
|
||
|
270A4864000
|
heap
|
page read and write
|
||
|
16DC4E20000
|
trusted library allocation
|
page read and write
|
||
|
151AFFF3000
|
trusted library allocation
|
page read and write
|
||
|
1277BF60000
|
trusted library allocation
|
page read and write
|
||
|
270A5176000
|
heap
|
page read and write
|
||
|
1FA3D110000
|
heap
|
page read and write
|
||
|
270A5174000
|
heap
|
page read and write
|
||
|
270A485B000
|
heap
|
page read and write
|
||
|
151B0000000
|
heap
|
page read and write
|
||
|
151AF83F000
|
heap
|
page read and write
|
||
|
16DC4E40000
|
trusted library allocation
|
page read and write
|
||
|
151B4C80000
|
trusted library allocation
|
page read and write
|
||
|
1D64287D000
|
heap
|
page read and write
|
||
|
D03000
|
heap
|
page read and write
|
||
|
17946F62000
|
heap
|
page read and write
|
||
|
1C259F60000
|
heap
|
page read and write
|
||
|
603DC7E000
|
stack
|
page read and write
|
||
|
204EF660000
|
heap
|
page read and write
|
||
|
23A28044000
|
heap
|
page read and write
|
||
|
1FA39DF3000
|
heap
|
page read and write
|
||
|
226EE459000
|
heap
|
page read and write
|
||
|
C75000
|
heap
|
page read and write
|
||
|
28DDC668000
|
heap
|
page read and write
|
||
|
25B6CB25000
|
heap
|
page read and write
|
||
|
2780000
|
trusted library allocation
|
page read and write
|
||
|
1D642710000
|
heap
|
page read and write
|
||
|
28905B0F000
|
heap
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
28DDC4B0000
|
heap
|
page read and write
|
||
|
270A517C000
|
heap
|
page read and write
|
||
|
25B6CB8B000
|
heap
|
page read and write
|
||
|
1D642881000
|
heap
|
page read and write
|
||
|
270A5189000
|
heap
|
page read and write
|
||
|
280F000
|
stack
|
page read and write
|
||
|
22D2FD60000
|
heap
|
page read and write
|
||
|
17946F70000
|
heap
|
page read and write
|
||
|
1277BED0000
|
heap
|
page read and write
|
||
|
204EFE02000
|
trusted library allocation
|
page read and write
|
||
|
151B50FD000
|
heap
|
page read and write
|
||
|
16627679000
|
heap
|
page read and write
|
||
|
CBB000
|
heap
|
page read and write
|
||
|
270A515D000
|
heap
|
page read and write
|
||
|
AAF74FB000
|
stack
|
page read and write
|
||
|
FF0EF7B000
|
stack
|
page read and write
|
||
|
B8D97E000
|
stack
|
page read and write
|
||
|
270A517A000
|
heap
|
page read and write
|
||
|
151B4DC0000
|
trusted library allocation
|
page read and write
|
||
|
16DC4C50000
|
heap
|
page read and write
|
||
|
16627702000
|
heap
|
page read and write
|
||
|
270A4813000
|
heap
|
page read and write
|
||
|
DA0000
|
direct allocation
|
page execute and read and write
|
||
|
151AF876000
|
heap
|
page read and write
|
||
|
AAF72FB000
|
stack
|
page read and write
|
||
|
270A517D000
|
heap
|
page read and write
|
||
|
226EE465000
|
heap
|
page read and write
|
||
|
25B6CC50000
|
heap
|
page read and write
|
||
|
FF0ECFE000
|
stack
|
page read and write
|
||
|
D991AFE000
|
stack
|
page read and write
|
||
|
1FA39DEA000
|
heap
|
page read and write
|
||
|
151AF8FA000
|
heap
|
page read and write
|
||
|
28DDCC80000
|
trusted library allocation
|
page read and write
|
||
|
22D2FE55000
|
heap
|
page read and write
|
||
|
16DC5BD0000
|
trusted library allocation
|
page read and write
|
||
|
FF0EC7B000
|
stack
|
page read and write
|
||
|
28DDC713000
|
heap
|
page read and write
|
||
|
25B6CB05000
|
heap
|
page read and write
|
||
|
1D64313A000
|
heap
|
page read and write
|
||
|
151B50F5000
|
heap
|
page read and write
|
||
|
270A485A000
|
heap
|
page read and write
|
||
|
204EF64B000
|
heap
|
page read and write
|
||
|
603DCFE000
|
stack
|
page read and write
|
||
|
4B2C2FF000
|
stack
|
page read and write
|
||
|
270A4FA0000
|
remote allocation
|
page read and write
|
||
|
25B6CAED000
|
heap
|
page read and write
|
||
|
1D6431D8000
|
heap
|
page read and write
|
||
|
270A5189000
|
heap
|
page read and write
|
||
|
270A517C000
|
heap
|
page read and write
|
||
|
23A280BB000
|
heap
|
page read and write
|
||
|
226EE477000
|
heap
|
page read and write
|
||
|
22D2FE79000
|
heap
|
page read and write
|
||
|
226EE429000
|
heap
|
page read and write
|
||
|
270A5190000
|
heap
|
page read and write
|
||
|
22D30602000
|
trusted library allocation
|
page read and write
|
||
|
151B4E70000
|
trusted library allocation
|
page read and write
|
||
|
FECD7FC000
|
stack
|
page read and write
|
||
|
204EF510000
|
heap
|
page read and write
|
||
|
1D6428B0000
|
heap
|
page read and write
|
||
|
270A5182000
|
heap
|
page read and write
|
||
|
151B4F00000
|
remote allocation
|
page read and write
|
||
|
270A4863000
|
heap
|
page read and write
|
||
|
FF0EFFE000
|
stack
|
page read and write
|
||
|
D9919FF000
|
stack
|
page read and write
|
||
|
151B4DAE000
|
trusted library allocation
|
page read and write
|
||
|
29AB000
|
stack
|
page read and write
|
||
|
16DC4EFF000
|
heap
|
page read and write
|
||
|
151AF770000
|
trusted library allocation
|
page read and write
|
||
|
BC52DFF000
|
stack
|
page read and write
|
||
|
1D6428DC000
|
heap
|
page read and write
|
||
|
25F307C000
|
stack
|
page read and write
|
||
|
226EE46B000
|
heap
|
page read and write
|
||
|
151B503F000
|
heap
|
page read and write
|
||
|
23A28000000
|
heap
|
page read and write
|
||
|
1277BF90000
|
remote allocation
|
page read and write
|
||
|
270A5182000
|
heap
|
page read and write
|
||
|
1D64285B000
|
heap
|
page read and write
|
||
|
1C25A020000
|
heap
|
page read and write
|
||
|
28905A90000
|
heap
|
page read and write
|
||
|
270A5178000
|
heap
|
page read and write
|
||
|
CBB000
|
heap
|
page read and write
|
||
|
270A489B000
|
heap
|
page read and write
|
||
|
1DEA3FB000
|
stack
|
page read and write
|
||
|
1DEA0FD000
|
stack
|
page read and write
|
||
|
1FA39DD8000
|
heap
|
page read and write
|
||
|
151B5064000
|
heap
|
page read and write
|
||
|
1D6428A9000
|
heap
|
page read and write
|
||
|
1662765C000
|
heap
|
page read and write
|
||
|
1FA39DD0000
|
heap
|
page read and write
|
||
|
270A5602000
|
heap
|
page read and write
|
||
|
7FFC671C0000
|
unkown
|
page readonly
|
||
|
19B70377000
|
heap
|
page read and write
|
||
|
16DC4FB0000
|
trusted library allocation
|
page read and write
|
||
|
23A280E1000
|
heap
|
page read and write
|
||
|
270A515F000
|
heap
|
page read and write
|
||
|
C238EFC000
|
stack
|
page read and write
|
||
|
19B70355000
|
heap
|
page read and write
|
||
|
E207A7E000
|
stack
|
page read and write
|
||
|
29C0000
|
heap
|
page read and write
|
||
|
1277C102000
|
heap
|
page read and write
|
||
|
16DC4EF7000
|
heap
|
page read and write
|
||
|
28DDCE02000
|
trusted library allocation
|
page read and write
|
||
|
7FFC67212000
|
unkown
|
page readonly
|
||
|
22D2FE3C000
|
heap
|
page read and write
|
||
|
1D642889000
|
heap
|
page read and write
|
||
|
1277C000000
|
heap
|
page read and write
|
||
|
151AF907000
|
heap
|
page read and write
|
||
|
747D9FF000
|
stack
|
page read and write
|
||
|
AAF73FB000
|
stack
|
page read and write
|
||
|
12CB07F000
|
stack
|
page read and write
|
||
|
1FA39DF4000
|
heap
|
page read and write
|
||
|
1D6427A0000
|
trusted library allocation
|
page read and write
|
||
|
270A518C000
|
heap
|
page read and write
|
||
|
151B50FB000
|
heap
|
page read and write
|
||
|
D99147B000
|
stack
|
page read and write
|
||
|
270A51AF000
|
heap
|
page read and write
|
||
|
25B6CBE0000
|
heap
|
page read and write
|
||
|
1FA3A0A0000
|
heap
|
page read and write
|
||
|
226EEC02000
|
trusted library allocation
|
page read and write
|
||
|
28905AE6000
|
heap
|
page read and write
|
||
|
226EE461000
|
heap
|
page read and write
|
||
|
151AF829000
|
heap
|
page read and write
|
||
|
870C17F000
|
stack
|
page read and write
|
||
|
747DB7F000
|
unkown
|
page read and write
|
||
|
151B0102000
|
heap
|
page read and write
|
||
|
7FFC671C1000
|
unkown
|
page execute read
|
||
|
151B4E70000
|
trusted library allocation
|
page read and write
|
||
|
28DDC652000
|
heap
|
page read and write
|
||
|
1D6431F1000
|
heap
|
page read and write
|
||
|
226EE47B000
|
heap
|
page read and write
|
||
|
151B4F00000
|
remote allocation
|
page read and write
|
||
|
16DC4EB8000
|
heap
|
page read and write
|
||
|
151B4DA8000
|
trusted library allocation
|
page read and write
|
||
|
4B2BABC000
|
stack
|
page read and write
|
||
|
204EF657000
|
heap
|
page read and write
|
||
|
7FFC671C0000
|
unkown
|
page readonly
|
||
|
101C7E000
|
stack
|
page read and write
|
||
|
270A5189000
|
heap
|
page read and write
|
||
|
151B50FD000
|
heap
|
page read and write
|
||
|
151AF889000
|
heap
|
page read and write
|
||
|
22D2FF13000
|
heap
|
page read and write
|
||
|
270A5621000
|
heap
|
page read and write
|
||
|
25B6CB4B000
|
heap
|
page read and write
|
||
|
4B2BEFB000
|
stack
|
page read and write
|
||
|
270A4889000
|
heap
|
page read and write
|
||
|
28DDC600000
|
heap
|
page read and write
|
||
|
151B4C10000
|
trusted library allocation
|
page read and write
|
||
|
226EE442000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1F4BD1B0000
|
heap
|
page read and write
|
||
|
BC52CFB000
|
stack
|
page read and write
|
||
|
16DC4F1C000
|
heap
|
page read and write
|
||
|
12CADAF000
|
stack
|
page read and write
|
||
|
603E17F000
|
stack
|
page read and write
|
||
|
25B6D431000
|
heap
|
page read and write
|
||
|
7FFC67216000
|
unkown
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
A756DAE000
|
stack
|
page read and write
|
||
|
25F33FD000
|
stack
|
page read and write
|
||
|
D01000
|
heap
|
page read and write
|
||
|
270A5603000
|
heap
|
page read and write
|
||
|
1D6429E1000
|
heap
|
page read and write
|
||
|
25B6CB28000
|
heap
|
page read and write
|
||
|
1277C029000
|
heap
|
page read and write
|
||
|
226EE447000
|
heap
|
page read and write
|
||
|
D991BFF000
|
stack
|
page read and write
|
||
|
226EE360000
|
heap
|
page read and write
|
||
|
226EE45A000
|
heap
|
page read and write
|
||
|
270A5189000
|
heap
|
page read and write
|
||
|
C75000
|
stack
|
page read and write
|
||
|
17946EE0000
|
heap
|
page read and write
|
||
|
FF0ED7E000
|
stack
|
page read and write
|
||
|
9C5000
|
stack
|
page read and write
|
||
|
C2389FE000
|
stack
|
page read and write
|
||
|
25B6CAF4000
|
heap
|
page read and write
|
||
|
270A4859000
|
heap
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
747D57E000
|
stack
|
page read and write
|
||
|
CB2000
|
heap
|
page read and write
|
||
|
22D2FF00000
|
heap
|
page read and write
|
||
|
151B4EF0000
|
trusted library allocation
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
25F31FF000
|
stack
|
page read and write
|
||
|
28DDC641000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
22D2FDD0000
|
heap
|
page read and write
|
||
|
1F4BD410000
|
heap
|
page read and write
|
||
|
22D2FE64000
|
heap
|
page read and write
|
||
|
23A27EE0000
|
heap
|
page read and write
|
||
|
1662769B000
|
heap
|
page read and write
|
||
|
F55000
|
heap
|
page read and write
|
||
|
270A48EA000
|
heap
|
page read and write
|
||
|
151AF902000
|
heap
|
page read and write
|
||
|
28905AB0000
|
heap
|
page read and write
|
||
|
FF0F2FF000
|
stack
|
page read and write
|
||
|
EA0000
|
heap
|
page readonly
|
||
|
16627713000
|
heap
|
page read and write
|
||
|
204EF500000
|
heap
|
page read and write
|
||
|
1C259FE0000
|
heap
|
page read and write
|
||
|
270A519F000
|
heap
|
page read and write
|
||
|
1D6428C9000
|
heap
|
page read and write
|
||
|
1FA39DFA000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
204EF570000
|
heap
|
page read and write
|
||
|
28905AE6000
|
heap
|
page read and write
|
||
|
16627580000
|
heap
|
page read and write
|
||
|
16627E02000
|
trusted library allocation
|
page read and write
|
||
|
23A28023000
|
heap
|
page read and write
|
||
|
270A518C000
|
heap
|
page read and write
|
||
|
270A5182000
|
heap
|
page read and write
|
||
|
119B1BD0000
|
heap
|
page read and write
|
||
|
B8D8FF000
|
stack
|
page read and write
|
||
|
1D642886000
|
heap
|
page read and write
|
||
|
2E2F000
|
stack
|
page read and write
|
||
|
151AF874000
|
heap
|
page read and write
|
||
|
1F4BD228000
|
heap
|
page read and write
|
||
|
226EE445000
|
heap
|
page read and write
|
||
|
270A5189000
|
heap
|
page read and write
|
||
|
16627659000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
28905AE1000
|
heap
|
page read and write
|
||
|
C64000
|
heap
|
page read and write
|
||
|
270A51B3000
|
heap
|
page read and write
|
||
|
16DC4E30000
|
trusted library allocation
|
page read and write
|
||
|
204EF67E000
|
heap
|
page read and write
|
||
|
270A518E000
|
heap
|
page read and write
|
||
|
226EE45F000
|
heap
|
page read and write
|
||
|
270A5176000
|
heap
|
page read and write
|
||
|
25B6CB01000
|
heap
|
page read and write
|
||
|
1F4BD1C5000
|
heap
|
page read and write
|
||
|
204EF5A0000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
28905960000
|
heap
|
page read and write
|
||
|
151B504C000
|
heap
|
page read and write
|
||
|
16DC4EF7000
|
heap
|
page read and write
|
||
|
151B4F00000
|
remote allocation
|
page read and write
|
||
|
CBB000
|
heap
|
page read and write
|
||
|
270A485E000
|
heap
|
page read and write
|
||
|
151AF878000
|
heap
|
page read and write
|
||
|
4B2BFFE000
|
stack
|
page read and write
|
||
|
270A4860000
|
heap
|
page read and write
|
||
|
119B1C8D000
|
heap
|
page read and write
|
||
|
CE9000
|
heap
|
page read and write
|
||
|
1FA39DEE000
|
heap
|
page read and write
|
||
|
1D642770000
|
heap
|
page read and write
|
||
|
19B70280000
|
heap
|
page read and write
|
||
|
25B6CAC8000
|
heap
|
page read and write
|
||
|
270A5186000
|
heap
|
page read and write
|
||
|
2EB0000
|
remote allocation
|
page read and write
|
||
|
870C1FB000
|
stack
|
page read and write
|
||
|
1277C002000
|
heap
|
page read and write
|
||
|
151B5000000
|
heap
|
page read and write
|
||
|
2EB0000
|
remote allocation
|
page read and write
|
||
|
1D643871000
|
heap
|
page read and write
|
||
|
16627613000
|
heap
|
page read and write
|
||
|
270A5174000
|
heap
|
page read and write
|
||
|
270A4855000
|
heap
|
page read and write
|
||
|
870BDCF000
|
stack
|
page read and write
|
||
|
BC527FC000
|
stack
|
page read and write
|
||
|
23A27F50000
|
heap
|
page read and write
|
||
|
28EC000
|
stack
|
page read and write
|
||
|
19B70140000
|
heap
|
page read and write
|
||
|
FECD32E000
|
stack
|
page read and write
|
||
|
270A5182000
|
heap
|
page read and write
|
||
|
1277BEC0000
|
heap
|
page read and write
|
||
|
16DC5BC0000
|
trusted library allocation
|
page read and write
|
||
|
12CB0F9000
|
stack
|
page read and write
|
||
|
25B6CB8B000
|
heap
|
page read and write
|
||
|
151B4C90000
|
trusted library allocation
|
page read and write
|
||
|
270A519D000
|
heap
|
page read and write
|
||
|
7FFC67216000
|
unkown
|
page read and write
|
||
|
270A5189000
|
heap
|
page read and write
|
||
|
1FA39DFF000
|
heap
|
page read and write
|
||
|
D991CFF000
|
stack
|
page read and write
|
||
|
1F4BD1C0000
|
heap
|
page read and write
|
||
|
28905B15000
|
heap
|
page read and write
|
||
|
270A5194000
|
heap
|
page read and write
|
||
|
25B6CBB9000
|
heap
|
page read and write
|
||
|
BC52C7E000
|
stack
|
page read and write
|
||
|
1DEA2FE000
|
stack
|
page read and write
|
||
|
7FFC671C1000
|
unkown
|
page execute read
|
||
|
C91000
|
heap
|
page read and write
|
||
|
1DEA1FA000
|
stack
|
page read and write
|
||
|
28DDC678000
|
heap
|
page read and write
|
||
|
270A5120000
|
heap
|
page read and write
|
||
|
1662769F000
|
heap
|
page read and write
|
||
|
2D8F000
|
stack
|
page read and write
|
||
|
226EE476000
|
heap
|
page read and write
|
||
|
4B2C0F9000
|
stack
|
page read and write
|
||
|
C23877C000
|
stack
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
C23834C000
|
stack
|
page read and write
|
||
|
16DC4F1F000
|
heap
|
page read and write
|
||
|
151AF740000
|
heap
|
page read and write
|
||
|
151B0002000
|
heap
|
page read and write
|
||
|
17948960000
|
heap
|
page read and write
|
||
|
270A4902000
|
heap
|
page read and write
|
||
|
1DEAC7E000
|
stack
|
page read and write
|
||
|
101D7E000
|
stack
|
page read and write
|
||
|
603DE7E000
|
stack
|
page read and write
|
||
|
1D6428E3000
|
heap
|
page read and write
|
||
|
E60000
|
direct allocation
|
page execute and read and write
|
||
|
1D643113000
|
heap
|
page read and write
|
||
|
ECF000
|
heap
|
page read and write
|
||
|
270A5174000
|
heap
|
page read and write
|
||
|
3AF567F000
|
stack
|
page read and write
|
||
|
2A64000
|
heap
|
page read and write
|
||
|
151B4DD0000
|
trusted library allocation
|
page read and write
|
||
|
16DC4DB0000
|
heap
|
page read and write
|
||
|
7FFC67216000
|
unkown
|
page read and write
|
||
|
CE9000
|
heap
|
page read and write
|
||
|
151B4DD0000
|
trusted library allocation
|
page read and write
|
||
|
270A5176000
|
heap
|
page read and write
|
||
|
22D30530000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page readonly
|
||
|
1D642853000
|
heap
|
page read and write
|
||
|
28905AF7000
|
heap
|
page read and write
|
||
|
17946F5D000
|
heap
|
page read and write
|
||
|
270A5193000
|
heap
|
page read and write
|
||
|
2E0B000
|
stack
|
page read and write
|
||
|
270A5619000
|
heap
|
page read and write
|
||
|
270A5185000
|
heap
|
page read and write
|
||
|
151AF8AB000
|
heap
|
page read and write
|
||
|
1F4BD3F0000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
119B1C80000
|
heap
|
page read and write
|
||
|
25B6D0C0000
|
remote allocation
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1FA3A060000
|
heap
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
16627600000
|
heap
|
page read and write
|
||
|
270A5603000
|
heap
|
page read and write
|
||
|
151B0C00000
|
trusted library allocation
|
page read and write
|
||
|
270A5185000
|
heap
|
page read and write
|
||
|
226EE350000
|
heap
|
page read and write
|
||
|
270A51A1000
|
heap
|
page read and write
|
||
|
22D2FE02000
|
heap
|
page read and write
|
||
|
D9918FD000
|
stack
|
page read and write
|
||
|
226EE480000
|
heap
|
page read and write
|
||
|
1D643133000
|
heap
|
page read and write
|
||
|
25B6CB05000
|
heap
|
page read and write
|
||
|
270A4FA0000
|
remote allocation
|
page read and write
|
||
|
CB7000
|
heap
|
page read and write
|
||
|
151AFFF0000
|
trusted library allocation
|
page read and write
|
||
|
204EF68B000
|
heap
|
page read and write
|
||
|
270A485C000
|
heap
|
page read and write
|
||
|
25B6CB8D000
|
heap
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
28DDC602000
|
heap
|
page read and write
|
||
|
28A0000
|
heap
|
page read and write
|
||
|
1D643854000
|
heap
|
page read and write
|
||
|
25B6CAF2000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
C28000
|
heap
|
page read and write
|
||
|
FECD2AA000
|
stack
|
page read and write
|
||
|
E20797E000
|
stack
|
page read and write
|
||
|
16DC4C60000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
1019AB000
|
stack
|
page read and write
|
||
|
226EE43B000
|
heap
|
page read and write
|
||
|
1FA39DFB000
|
heap
|
page read and write
|
||
|
FECD3AE000
|
stack
|
page read and write
|
||
|
C238B7C000
|
stack
|
page read and write
|
||
|
870C07E000
|
stack
|
page read and write
|
||
|
151AF813000
|
heap
|
page read and write
|
||
|
270A48E8000
|
heap
|
page read and write
|
||
|
D99127C000
|
stack
|
page read and write
|
||
|
1277C033000
|
heap
|
page read and write
|
||
|
151B50A4000
|
heap
|
page read and write
|
||
|
179489D4000
|
heap
|
page read and write
|
||
|
1D642913000
|
heap
|
page read and write
|
||
|
151B4FE0000
|
trusted library allocation
|
page read and write
|
||
|
A756D2A000
|
stack
|
page read and write
|
||
|
1277C040000
|
heap
|
page read and write
|
||
|
747D6FE000
|
stack
|
page read and write
|
||
|
270A5189000
|
heap
|
page read and write
|
||
|
270A5189000
|
heap
|
page read and write
|
||
|
270A51B5000
|
heap
|
page read and write
|
||
|
603E07E000
|
stack
|
page read and write
|
||
|
270A4720000
|
heap
|
page read and write
|
||
|
28905CB5000
|
heap
|
page read and write
|
||
|
1DEAA7A000
|
stack
|
page read and write
|
||
|
1D64283D000
|
heap
|
page read and write
|
||
|
226EE45B000
|
heap
|
page read and write
|
||
|
270A5184000
|
heap
|
page read and write
|
||
|
204EF700000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
270A4FA0000
|
remote allocation
|
page read and write
|
||
|
226EE413000
|
heap
|
page read and write
|
||
|
25B6D0C0000
|
remote allocation
|
page read and write
|
||
|
D9916FD000
|
stack
|
page read and write
|
||
|
226EE471000
|
heap
|
page read and write
|
||
|
747DC78000
|
stack
|
page read and write
|
||
|
747DAFC000
|
stack
|
page read and write
|
||
|
226EE463000
|
heap
|
page read and write
|
||
|
270A515E000
|
heap
|
page read and write
|
||
|
151AF86E000
|
heap
|
page read and write
|
||
|
2F2F000
|
stack
|
page read and write
|
||
|
28DDC62A000
|
heap
|
page read and write
|
||
|
151B5200000
|
trusted library allocation
|
page read and write
|
||
|
226EE43C000
|
heap
|
page read and write
|
||
|
226EE441000
|
heap
|
page read and write
|
||
|
270A519C000
|
heap
|
page read and write
|
||
|
151B502D000
|
heap
|
page read and write
|
||
|
270A48D7000
|
heap
|
page read and write
|
||
|
151B4E90000
|
trusted library allocation
|
page read and write
|
||
|
B8D87E000
|
stack
|
page read and write
|
||
|
1C25A1F0000
|
heap
|
page read and write
|
||
|
1D643913000
|
heap
|
page read and write
|
||
|
119B1A90000
|
heap
|
page read and write
|
||
|
226EE443000
|
heap
|
page read and write
|
||
|
D9915FD000
|
stack
|
page read and write
|
||
|
1D6428BF000
|
heap
|
page read and write
|
||
|
23A280C5000
|
heap
|
page read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
270A5176000
|
heap
|
page read and write
|
||
|
270A4800000
|
heap
|
page read and write
|
||
|
151AF88C000
|
heap
|
page read and write
|
||
|
1D6428C2000
|
heap
|
page read and write
|
||
|
226EE47F000
|
heap
|
page read and write
|
||
|
28905B01000
|
heap
|
page read and write
|
||
|
1D642861000
|
heap
|
page read and write
|
||
|
270A5180000
|
heap
|
page read and write
|
||
|
270A512A000
|
heap
|
page read and write
|
||
|
270A4866000
|
heap
|
page read and write
|
||
|
270A517C000
|
heap
|
page read and write
|
||
|
270A51A1000
|
heap
|
page read and write
|
||
|
16627708000
|
heap
|
page read and write
|
||
|
270A4780000
|
heap
|
page read and write
|
||
|
270A4913000
|
heap
|
page read and write
|
||
|
16627510000
|
heap
|
page read and write
|
||
|
270A483C000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
7FFC67216000
|
unkown
|
page read and write
|
||
|
7FFC67212000
|
unkown
|
page readonly
|
||
|
270A51B2000
|
heap
|
page read and write
|
||
|
270A518A000
|
heap
|
page read and write
|
||
|
1D6429FD000
|
heap
|
page read and write
|
||
|
7FFC671C0000
|
unkown
|
page readonly
|
||
|
226EE47C000
|
heap
|
page read and write
|
||
|
25B6CBC0000
|
heap
|
page read and write
|
||
|
1277BF90000
|
remote allocation
|
page read and write
|
||
|
270A5176000
|
heap
|
page read and write
|
||
|
270A48C1000
|
heap
|
page read and write
|
||
|
A75727C000
|
stack
|
page read and write
|
||
|
28905B0E000
|
heap
|
page read and write
|
||
|
1C259FE5000
|
heap
|
page read and write
|
||
|
25B6D0C0000
|
remote allocation
|
page read and write
|
||
|
270A5602000
|
heap
|
page read and write
|
||
|
3AF537E000
|
stack
|
page read and write
|
||
|
3AF507E000
|
stack
|
page read and write
|
||
|
151B4DE4000
|
trusted library allocation
|
page read and write
|
||
|
FECD8FF000
|
stack
|
page read and write
|
||
|
270A5174000
|
heap
|
page read and write
|
||
|
870BD4F000
|
stack
|
page read and write
|
||
|
23A28013000
|
heap
|
page read and write
|
||
|
16DC4EB0000
|
heap
|
page read and write
|
||
|
270A5186000
|
heap
|
page read and write
|
||
|
19B70370000
|
heap
|
page read and write
|
||
|
270A51D4000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
23A280CC000
|
heap
|
page read and write
|
||
|
151B0159000
|
heap
|
page read and write
|
||
|
23A28802000
|
heap
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
3AF50FE000
|
stack
|
page read and write
|
||
|
23A28900000
|
heap
|
page read and write
|
||
|
16DC4EFF000
|
heap
|
page read and write
|
||
|
A7571FF000
|
stack
|
page read and write
|
||
|
151AF902000
|
heap
|
page read and write
|
||
|
1D64310C000
|
heap
|
page read and write
|
||
|
7FFC67219000
|
unkown
|
page readonly
|
||
|
270A5602000
|
heap
|
page read and write
|
||
|
151B0104000
|
heap
|
page read and write
|
||
|
270A517A000
|
heap
|
page read and write
|
||
|
1D64310E000
|
heap
|
page read and write
|
||
|
270A5176000
|
heap
|
page read and write
|
||
|
22D2FE77000
|
heap
|
page read and write
|
||
|
270A5182000
|
heap
|
page read and write
|
||
|
287C000
|
stack
|
page read and write
|
||
|
179489D0000
|
heap
|
page read and write
|
||
|
603DF7E000
|
stack
|
page read and write
|
||
|
1662763C000
|
heap
|
page read and write
|
||
|
870C0FE000
|
stack
|
page read and write
|
||
|
270A5189000
|
heap
|
page read and write
|
||
|
1D6428D4000
|
heap
|
page read and write
|
||
|
204EF63C000
|
heap
|
page read and write
|
||
|
25B6D430000
|
heap
|
page read and write
|
||
|
270A51B5000
|
heap
|
page read and write
|
||
|
151B07E0000
|
trusted library allocation
|
page read and write
|
||
|
151AF858000
|
heap
|
page read and write
|
||
|
270A5600000
|
heap
|
page read and write
|
||
|
C2388FE000
|
stack
|
page read and write
|
||
|
1D64286A000
|
heap
|
page read and write
|
||
|
1D6427F0000
|
trusted library allocation
|
page read and write
|
||
|
151AF89C000
|
heap
|
page read and write
|
||
|
151B0118000
|
heap
|
page read and write
|
||
|
1F4BD220000
|
heap
|
page read and write
|
||
|
1FA39D80000
|
heap
|
page read and write
|
||
|
28905AF4000
|
heap
|
page read and write
|
||
|
270A519B000
|
heap
|
page read and write
|
||
|
28905B01000
|
heap
|
page read and write
|
||
|
EF5000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
1277BF30000
|
heap
|
page read and write
|
||
|
1D643900000
|
heap
|
page read and write
|
||
|
226EE45E000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
270A51B2000
|
heap
|
page read and write
|
||
|
25B6CB4B000
|
heap
|
page read and write
|
||
|
101CFE000
|
stack
|
page read and write
|
||
|
2EAE000
|
stack
|
page read and write
|
||
|
151AF8AB000
|
heap
|
page read and write
|
||
|
16DC4EF7000
|
heap
|
page read and write
|
||
|
270A5190000
|
heap
|
page read and write
|
||
|
166275B0000
|
trusted library allocation
|
page read and write
|
||
|
747D4FE000
|
stack
|
page read and write
|
||
|
16627678000
|
heap
|
page read and write
|
||
|
25B6CB8D000
|
heap
|
page read and write
|
||
|
19B702A0000
|
heap
|
page read and write
|
||
|
25B6CB25000
|
heap
|
page read and write
|
||
|
270A5602000
|
heap
|
page read and write
|
||
|
1FA3CFE0000
|
heap
|
page read and write
|
||
|
270A5182000
|
heap
|
page read and write
|
||
|
270A48C8000
|
heap
|
page read and write
|
||
|
7FFC671C0000
|
unkown
|
page readonly
|
||
|
16627700000
|
heap
|
page read and write
|
||
|
16DC4EFF000
|
heap
|
page read and write
|
||
|
270A4862000
|
heap
|
page read and write
|
||
|
1D642838000
|
heap
|
page read and write
|
||
|
CB2000
|
heap
|
page read and write
|
||
|
19B70310000
|
direct allocation
|
page execute and read and write
|
||
|
151AF6E0000
|
heap
|
page read and write
|
||
|
270A5602000
|
heap
|
page read and write
|
||
|
151B0015000
|
heap
|
page read and write
|
||
|
C94000
|
heap
|
page read and write
|
||
|
28905AF2000
|
heap
|
page read and write
|
There are 875 hidden memdumps, click here to show them.