Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
S0Uj3iEhau.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
MPEG-4 LOAS
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x429db59e, page size 16384, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
|
Little-endian UTF-16 Unicode text, with CRLF, CR line terminators
|
modified
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_S0U_624f1bf42cf3970c0bbbc2316f5a353e1dba16_e01ee71e_0afa0dae\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2B3.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER409.tmp.csv
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER65C.tmp.txt
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WEREE20.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sat May 14 12:14:58 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF620.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
There are 3 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\S0Uj3iEhau.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\S0Uj3iEhau.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\S0Uj3iEhau.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\VXqCbDaRw\xzHyqHbxqD.dll"
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\S0Uj3iEhau.dll,DllUnregisterServer
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k NetworkService -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k unistacksvcgroup
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\LBQDVFLViUyJtRNx\yIKZtRHMJ.dll"
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\S0Uj3iEhau.dll"
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\S0Uj3iEhau.dll",#1
|
||
|
C:\Windows\System32\SgrmBroker.exe
|
C:\Windows\system32\SgrmBroker.exe
|
||
|
C:\Program Files\Windows Defender\MpCmdRun.exe
|
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k WerSvcGroup
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -pss -s 468 -p 7136 -ip 7136
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 7136 -s 352
|
There are 15 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://23.239.0.12/r
|
unknown
|
|
|
|
https://23.239.0.12/s
|
unknown
|
|
|
|
https://23.239.0.12/7
|
unknown
|
|
|
|
https://23.239.0.12/
|
23.239.0.12
|
|
|
|
https://23.239.0.12/S
|
unknown
|
|
|
|
https://23.239.0.12/G
|
unknown
|
|
|
|
https://dev.ditu.live.com/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Driving
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
https://t0.tiles.ditu.live.com/tiles/gen
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Walking
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/logging.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Transit/Schedules/
|
unknown
|
||
|
https://www.hotspotshield.com/terms/
|
unknown
|
||
|
https://www.pango.co/privacy
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/09/enumera
|
unknown
|
||
|
http://www.bingmapsportal.comsv
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
|
unknown
|
||
|
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Transit/Stops/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
|
unknown
|
||
|
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
|
unknown
|
||
|
https://%s.xboxlive.com
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Locations
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/logging.ashx
|
unknown
|
||
|
https://support.hotspotshield.com/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://dynamic.t
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Transit
|
unknown
|
||
|
https://disneyplus.com/legal.
|
unknown
|
||
|
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://activity.windows.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Locations
|
unknown
|
||
|
http://help.disneyplus.com.
|
unknown
|
||
|
https://%s.dnet.xboxlive.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
|
unknown
|
There are 43 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
23.239.0.12
|
unknown
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
||
|
192.168.2.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Usage
|
MonthID
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
\REGISTRY\A\{3f084f02-6e1c-1d5f-b521-ee07db0bc82b}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProgramId
|
||
|
\REGISTRY\A\{3f084f02-6e1c-1d5f-b521-ee07db0bc82b}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
FileId
|
||
|
\REGISTRY\A\{3f084f02-6e1c-1d5f-b521-ee07db0bc82b}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{3f084f02-6e1c-1d5f-b521-ee07db0bc82b}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LongPathHash
|
||
|
\REGISTRY\A\{3f084f02-6e1c-1d5f-b521-ee07db0bc82b}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Name
|
||
|
\REGISTRY\A\{3f084f02-6e1c-1d5f-b521-ee07db0bc82b}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Publisher
|
||
|
\REGISTRY\A\{3f084f02-6e1c-1d5f-b521-ee07db0bc82b}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Version
|
||
|
\REGISTRY\A\{3f084f02-6e1c-1d5f-b521-ee07db0bc82b}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinFileVersion
|
||
|
\REGISTRY\A\{3f084f02-6e1c-1d5f-b521-ee07db0bc82b}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinaryType
|
||
|
\REGISTRY\A\{3f084f02-6e1c-1d5f-b521-ee07db0bc82b}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductName
|
||
|
\REGISTRY\A\{3f084f02-6e1c-1d5f-b521-ee07db0bc82b}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductVersion
|
||
|
\REGISTRY\A\{3f084f02-6e1c-1d5f-b521-ee07db0bc82b}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LinkDate
|
||
|
\REGISTRY\A\{3f084f02-6e1c-1d5f-b521-ee07db0bc82b}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinProductVersion
|
||
|
\REGISTRY\A\{3f084f02-6e1c-1d5f-b521-ee07db0bc82b}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Size
|
||
|
\REGISTRY\A\{3f084f02-6e1c-1d5f-b521-ee07db0bc82b}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Language
|
||
|
\REGISTRY\A\{3f084f02-6e1c-1d5f-b521-ee07db0bc82b}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsPeFile
|
||
|
\REGISTRY\A\{3f084f02-6e1c-1d5f-b521-ee07db0bc82b}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsOsComponent
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug
|
ExceptionRecord
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
001840064172BCE4
|
There are 24 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
20F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
14E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
115AEE20000
|
direct allocation
|
page execute and read and write
|
|
|
|
230416A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
3CC187E000
|
stack
|
page read and write
|
||
|
1C855C00000
|
heap
|
page read and write
|
||
|
1F2DC0D8000
|
heap
|
page read and write
|
||
|
1C7DC5F0000
|
trusted library allocation
|
page read and write
|
||
|
ADF817E000
|
stack
|
page read and write
|
||
|
1C7D6C3D000
|
heap
|
page read and write
|
||
|
1C856402000
|
trusted library allocation
|
page read and write
|
||
|
1C7D6C58000
|
heap
|
page read and write
|
||
|
1EF47D72000
|
heap
|
page read and write
|
||
|
1C7DC63E000
|
heap
|
page read and write
|
||
|
38518FE000
|
stack
|
page read and write
|
||
|
1EF47DD0000
|
heap
|
page read and write
|
||
|
205C1290000
|
heap
|
page read and write
|
||
|
865000
|
heap
|
page read and write
|
||
|
35B0000
|
heap
|
page read and write
|
||
|
205C1150000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
1510000
|
heap
|
page readonly
|
||
|
1EF47D92000
|
heap
|
page read and write
|
||
|
1C7DC702000
|
heap
|
page read and write
|
||
|
FFD5BFF000
|
stack
|
page read and write
|
||
|
915AEFB000
|
stack
|
page read and write
|
||
|
1C7DC6F4000
|
heap
|
page read and write
|
||
|
1C855A10000
|
heap
|
page read and write
|
||
|
1EF47D4D000
|
heap
|
page read and write
|
||
|
1C855C64000
|
heap
|
page read and write
|
||
|
115AEC31000
|
heap
|
page read and write
|
||
|
FA4F5FE000
|
stack
|
page read and write
|
||
|
2303FC10000
|
heap
|
page read and write
|
||
|
1C7D7700000
|
heap
|
page read and write
|
||
|
1C855B80000
|
trusted library allocation
|
page read and write
|
||
|
2211AC13000
|
heap
|
page read and write
|
||
|
1C7DC6A1000
|
heap
|
page read and write
|
||
|
1C7D6D07000
|
heap
|
page read and write
|
||
|
1C7D6CA6000
|
heap
|
page read and write
|
||
|
1C855C13000
|
heap
|
page read and write
|
||
|
205C12F9000
|
heap
|
page read and write
|
||
|
205C130A000
|
heap
|
page read and write
|
||
|
1EF47D78000
|
heap
|
page read and write
|
||
|
1EF47DA6000
|
heap
|
page read and write
|
||
|
1C855A80000
|
heap
|
page read and write
|
||
|
347E000
|
stack
|
page read and write
|
||
|
1C7D7702000
|
heap
|
page read and write
|
||
|
297F963B000
|
heap
|
page read and write
|
||
|
8FDD37E000
|
stack
|
page read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
21D4A102000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1EF47316000
|
heap
|
page read and write
|
||
|
21DA9370000
|
heap
|
page read and write
|
||
|
297F9686000
|
heap
|
page read and write
|
||
|
1C7D6D02000
|
heap
|
page read and write
|
||
|
2936265C000
|
heap
|
page read and write
|
||
|
2211ABD0000
|
remote allocation
|
page read and write
|
||
|
1EF47D78000
|
heap
|
page read and write
|
||
|
29362613000
|
heap
|
page read and write
|
||
|
205C1306000
|
heap
|
page read and write
|
||
|
2F20000
|
heap
|
page read and write
|
||
|
1EF47D7D000
|
heap
|
page read and write
|
||
|
115AEBD0000
|
heap
|
page read and write
|
||
|
2303FDFC000
|
heap
|
page read and write
|
||
|
244F1F00000
|
heap
|
page read and write
|
||
|
21DA93A1000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
FFD579E000
|
stack
|
page read and write
|
||
|
FFD5AF9000
|
stack
|
page read and write
|
||
|
1C7DC4F0000
|
remote allocation
|
page read and write
|
||
|
49551FD000
|
stack
|
page read and write
|
||
|
FA4FB7D000
|
stack
|
page read and write
|
||
|
1EF47D81000
|
heap
|
page read and write
|
||
|
21DA93F5000
|
heap
|
page read and write
|
||
|
1545000
|
heap
|
page read and write
|
||
|
297F9641000
|
heap
|
page read and write
|
||
|
7FFFEFB50000
|
unkown
|
page readonly
|
||
|
1C7DC4F0000
|
remote allocation
|
page read and write
|
||
|
1C7D81E3000
|
trusted library allocation
|
page read and write
|
||
|
13D4000
|
heap
|
page read and write
|
||
|
1C855C28000
|
heap
|
page read and write
|
||
|
3CC197A000
|
stack
|
page read and write
|
||
|
6191AC5000
|
stack
|
page read and write
|
||
|
244F1E00000
|
heap
|
page read and write
|
||
|
1C7D7713000
|
heap
|
page read and write
|
||
|
E87CFE000
|
stack
|
page read and write
|
||
|
1C855C61000
|
heap
|
page read and write
|
||
|
1C7D81E0000
|
trusted library allocation
|
page read and write
|
||
|
1EF47DA6000
|
heap
|
page read and write
|
||
|
297F963C000
|
heap
|
page read and write
|
||
|
1EF47D74000
|
heap
|
page read and write
|
||
|
2B25D318000
|
heap
|
page read and write
|
||
|
1C7DC3B4000
|
trusted library allocation
|
page read and write
|
||
|
29362E02000
|
trusted library allocation
|
page read and write
|
||
|
1EF4724F000
|
heap
|
page read and write
|
||
|
1F2DC0C1000
|
heap
|
page read and write
|
||
|
1C7DC620000
|
heap
|
page read and write
|
||
|
1EF472D7000
|
heap
|
page read and write
|
||
|
1F2DC070000
|
heap
|
page read and write
|
||
|
486277B000
|
stack
|
page read and write
|
||
|
21D4A000000
|
heap
|
page read and write
|
||
|
1EF47D78000
|
heap
|
page read and write
|
||
|
115AEC00000
|
heap
|
page read and write
|
||
|
1C7DC4A0000
|
trusted library allocation
|
page read and write
|
||
|
1C7DC700000
|
heap
|
page read and write
|
||
|
2936268D000
|
heap
|
page read and write
|
||
|
FA4F1BB000
|
stack
|
page read and write
|
||
|
1EF47D8B000
|
heap
|
page read and write
|
||
|
2211ABA0000
|
trusted library allocation
|
page read and write
|
||
|
74E3677000
|
stack
|
page read and write
|
||
|
7FFFEFBA9000
|
unkown
|
page readonly
|
||
|
43333FD000
|
stack
|
page read and write
|
||
|
1F2DC0D5000
|
heap
|
page read and write
|
||
|
297F9410000
|
heap
|
page read and write
|
||
|
297F9677000
|
heap
|
page read and write
|
||
|
1C7D6B80000
|
heap
|
page read and write
|
||
|
1C7DC5D0000
|
trusted library allocation
|
page read and write
|
||
|
2B25D23D000
|
heap
|
page read and write
|
||
|
23070513000
|
heap
|
page read and write
|
||
|
1EF47D82000
|
heap
|
page read and write
|
||
|
1EF47B40000
|
remote allocation
|
page read and write
|
||
|
1C7D6CAA000
|
heap
|
page read and write
|
||
|
205C12DB000
|
heap
|
page read and write
|
||
|
1C7D6B90000
|
heap
|
page read and write
|
||
|
7FFFEFBA6000
|
unkown
|
page read and write
|
||
|
205C1302000
|
heap
|
page read and write
|
||
|
1EF47302000
|
heap
|
page read and write
|
||
|
297F963A000
|
heap
|
page read and write
|
||
|
1C7D6D02000
|
heap
|
page read and write
|
||
|
297F9646000
|
heap
|
page read and write
|
||
|
1EF47D17000
|
heap
|
page read and write
|
||
|
1C7DC3C0000
|
trusted library allocation
|
page read and write
|
||
|
297F9632000
|
heap
|
page read and write
|
||
|
115AEE10000
|
direct allocation
|
page execute and read and write
|
||
|
1EF47D74000
|
heap
|
page read and write
|
||
|
297F9649000
|
heap
|
page read and write
|
||
|
2240000
|
heap
|
page read and write
|
||
|
230702D0000
|
heap
|
page read and write
|
||
|
AE40AF7000
|
stack
|
page read and write
|
||
|
21D4A03E000
|
heap
|
page read and write
|
||
|
FFD571B000
|
stack
|
page read and write
|
||
|
1EF47DA5000
|
heap
|
page read and write
|
||
|
1C855A20000
|
heap
|
page read and write
|
||
|
1EF47DA4000
|
heap
|
page read and write
|
||
|
1D5AB2AD000
|
heap
|
page read and write
|
||
|
205C1326000
|
heap
|
page read and write
|
||
|
1EF47DBC000
|
heap
|
page read and write
|
||
|
1C7D7759000
|
heap
|
page read and write
|
||
|
2303FDEF000
|
heap
|
page read and write
|
||
|
21DA93DD000
|
heap
|
page read and write
|
||
|
1EF47DA2000
|
heap
|
page read and write
|
||
|
1EF47D95000
|
heap
|
page read and write
|
||
|
29362667000
|
heap
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
7C5000
|
heap
|
page read and write
|
||
|
1C855C8A000
|
heap
|
page read and write
|
||
|
2B25EC70000
|
trusted library allocation
|
page read and write
|
||
|
21A4000
|
heap
|
page read and write
|
||
|
115B0990000
|
heap
|
page read and write
|
||
|
4332C7C000
|
stack
|
page read and write
|
||
|
1EF47D7B000
|
heap
|
page read and write
|
||
|
21D4A900000
|
heap
|
page read and write
|
||
|
FFD5B79000
|
stack
|
page read and write
|
||
|
1EF47D7D000
|
heap
|
page read and write
|
||
|
1C7D6C8B000
|
heap
|
page read and write
|
||
|
297F967D000
|
heap
|
page read and write
|
||
|
205C1302000
|
heap
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
1EF47D7A000
|
heap
|
page read and write
|
||
|
27A75A48000
|
heap
|
page read and write
|
||
|
1C7DC3C0000
|
trusted library allocation
|
page read and write
|
||
|
E87D7E000
|
stack
|
page read and write
|
||
|
1F2DC0D5000
|
heap
|
page read and write
|
||
|
1C7DC6EE000
|
heap
|
page read and write
|
||
|
244F1E02000
|
heap
|
page read and write
|
||
|
1C855D13000
|
heap
|
page read and write
|
||
|
1EF47DAC000
|
heap
|
page read and write
|
||
|
29362490000
|
heap
|
page read and write
|
||
|
1372000
|
heap
|
page read and write
|
||
|
1EF47213000
|
heap
|
page read and write
|
||
|
297F9665000
|
heap
|
page read and write
|
||
|
7FFFEFBA2000
|
unkown
|
page readonly
|
||
|
23070400000
|
heap
|
page read and write
|
||
|
3851A7F000
|
stack
|
page read and write
|
||
|
2B25D259000
|
heap
|
page read and write
|
||
|
8C7000
|
heap
|
page read and write
|
||
|
23041670000
|
heap
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
297F9702000
|
heap
|
page read and write
|
||
|
244F1E64000
|
heap
|
page read and write
|
||
|
7FFFEFBA6000
|
unkown
|
page read and write
|
||
|
244F2802000
|
trusted library allocation
|
page read and write
|
||
|
2303FDA8000
|
heap
|
page read and write
|
||
|
1C7D7602000
|
heap
|
page read and write
|
||
|
297F9613000
|
heap
|
page read and write
|
||
|
3CC167E000
|
stack
|
page read and write
|
||
|
21D49F20000
|
trusted library allocation
|
page read and write
|
||
|
FA4F97F000
|
stack
|
page read and write
|
||
|
13D2000
|
heap
|
page read and write
|
||
|
1C7D6CAF000
|
heap
|
page read and write
|
||
|
1EF47D74000
|
heap
|
page read and write
|
||
|
27A75A3C000
|
heap
|
page read and write
|
||
|
ADF837E000
|
stack
|
page read and write
|
||
|
2303FDEE000
|
heap
|
page read and write
|
||
|
27A75880000
|
heap
|
page read and write
|
||
|
2E8F000
|
stack
|
page read and write
|
||
|
7FFFEFBA6000
|
unkown
|
page read and write
|
||
|
244F1E28000
|
heap
|
page read and write
|
||
|
29362666000
|
heap
|
page read and write
|
||
|
1C855D08000
|
heap
|
page read and write
|
||
|
244F1F02000
|
heap
|
page read and write
|
||
|
23070413000
|
heap
|
page read and write
|
||
|
21D4A0B9000
|
heap
|
page read and write
|
||
|
297F9662000
|
heap
|
page read and write
|
||
|
2E10000
|
trusted library allocation
|
page read and write
|
||
|
486257E000
|
stack
|
page read and write
|
||
|
1EF47258000
|
heap
|
page read and write
|
||
|
2211AC26000
|
heap
|
page read and write
|
||
|
2211AB00000
|
heap
|
page read and write
|
||
|
2303FD70000
|
heap
|
page read and write
|
||
|
2B25ECB0000
|
trusted library allocation
|
page read and write
|
||
|
278F000
|
stack
|
page read and write
|
||
|
23070402000
|
heap
|
page read and write
|
||
|
1EF47DA5000
|
heap
|
page read and write
|
||
|
1C7DC3B0000
|
trusted library allocation
|
page read and write
|
||
|
205C12FF000
|
heap
|
page read and write
|
||
|
74E397E000
|
stack
|
page read and write
|
||
|
244F1D60000
|
heap
|
page read and write
|
||
|
29362713000
|
heap
|
page read and write
|
||
|
115AEE50000
|
heap
|
page readonly
|
||
|
244F1E57000
|
heap
|
page read and write
|
||
|
297F9680000
|
heap
|
page read and write
|
||
|
FA4FA7C000
|
stack
|
page read and write
|
||
|
2B25D274000
|
heap
|
page read and write
|
||
|
2211ABD0000
|
remote allocation
|
page read and write
|
||
|
1EF47D9C000
|
heap
|
page read and write
|
||
|
21DAA150000
|
trusted library allocation
|
page read and write
|
||
|
8C9000
|
heap
|
page read and write
|
||
|
1EF47180000
|
heap
|
page read and write
|
||
|
1C855C5A000
|
heap
|
page read and write
|
||
|
1EF472F8000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
297F9E02000
|
trusted library allocation
|
page read and write
|
||
|
1C7DC615000
|
heap
|
page read and write
|
||
|
205C12E8000
|
heap
|
page read and write
|
||
|
FFD5C79000
|
stack
|
page read and write
|
||
|
1EF47D94000
|
heap
|
page read and write
|
||
|
115B0804000
|
heap
|
page read and write
|
||
|
1C7DC460000
|
trusted library allocation
|
page read and write
|
||
|
1EF47D9B000
|
heap
|
page read and write
|
||
|
1EF47D78000
|
heap
|
page read and write
|
||
|
21DAA0E0000
|
trusted library allocation
|
page read and write
|
||
|
115AEDF0000
|
heap
|
page read and write
|
||
|
21D4A0CA000
|
heap
|
page read and write
|
||
|
1EF48200000
|
heap
|
page read and write
|
||
|
E0EE57F000
|
stack
|
page read and write
|
||
|
2307043F000
|
heap
|
page read and write
|
||
|
1C7DC39E000
|
trusted library allocation
|
page read and write
|
||
|
21DA93DB000
|
heap
|
page read and write
|
||
|
1EF47D86000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
A2E232A000
|
stack
|
page read and write
|
||
|
6191B4F000
|
stack
|
page read and write
|
||
|
3520000
|
remote allocation
|
page read and write
|
||
|
2303FDDF000
|
heap
|
page read and write
|
||
|
1EF47DB8000
|
heap
|
page read and write
|
||
|
FA4FD7C000
|
stack
|
page read and write
|
||
|
1C7DC3D0000
|
trusted library allocation
|
page read and write
|
||
|
297F9632000
|
heap
|
page read and write
|
||
|
1EF472B4000
|
heap
|
page read and write
|
||
|
21DA93DB000
|
heap
|
page read and write
|
||
|
84B000
|
heap
|
page read and write
|
||
|
1C7DC3B1000
|
trusted library allocation
|
page read and write
|
||
|
915A88B000
|
stack
|
page read and write
|
||
|
297F9671000
|
heap
|
page read and write
|
||
|
7FFFEFBA9000
|
unkown
|
page readonly
|
||
|
1EF47D82000
|
heap
|
page read and write
|
||
|
297F9642000
|
heap
|
page read and write
|
||
|
2B25D22A000
|
heap
|
page read and write
|
||
|
E0EE27F000
|
stack
|
page read and write
|
||
|
1EF47D8D000
|
heap
|
page read and write
|
||
|
27A75A50000
|
heap
|
page read and write
|
||
|
1C7DC390000
|
trusted library allocation
|
page read and write
|
||
|
23070477000
|
heap
|
page read and write
|
||
|
1F2DC0B8000
|
heap
|
page read and write
|
||
|
486247B000
|
stack
|
page read and write
|
||
|
297F9648000
|
heap
|
page read and write
|
||
|
AE40DFF000
|
stack
|
page read and write
|
||
|
2211AC3D000
|
heap
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
1F2DC0D5000
|
heap
|
page read and write
|
||
|
205C1302000
|
heap
|
page read and write
|
||
|
7FFFEFB50000
|
unkown
|
page readonly
|
||
|
8FDD77F000
|
stack
|
page read and write
|
||
|
2B25EE02000
|
trusted library allocation
|
page read and write
|
||
|
8A3000
|
heap
|
page read and write
|
||
|
2B25D1E0000
|
remote allocation
|
page read and write
|
||
|
1EF47D88000
|
heap
|
page read and write
|
||
|
29362651000
|
heap
|
page read and write
|
||
|
1EF472B7000
|
heap
|
page read and write
|
||
|
27A75A53000
|
heap
|
page read and write
|
||
|
1EF47D74000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
8FDD2FE000
|
stack
|
page read and write
|
||
|
1EF47D88000
|
heap
|
page read and write
|
||
|
2211AC56000
|
heap
|
page read and write
|
||
|
2B25D302000
|
heap
|
page read and write
|
||
|
1EF472EC000
|
heap
|
page read and write
|
||
|
297F962E000
|
heap
|
page read and write
|
||
|
1EF47D92000
|
heap
|
page read and write
|
||
|
21DA9580000
|
trusted library allocation
|
page read and write
|
||
|
1EF47313000
|
heap
|
page read and write
|
||
|
21A0000
|
heap
|
page read and write
|
||
|
1275000
|
stack
|
page read and write
|
||
|
1EF47D8C000
|
heap
|
page read and write
|
||
|
1C7DC663000
|
heap
|
page read and write
|
||
|
1C855C02000
|
heap
|
page read and write
|
||
|
1EF47D8D000
|
heap
|
page read and write
|
||
|
297F964A000
|
heap
|
page read and write
|
||
|
6191F7E000
|
stack
|
page read and write
|
||
|
74E3E7A000
|
stack
|
page read and write
|
||
|
7FFFEFBA2000
|
unkown
|
page readonly
|
||
|
1C7DC6A3000
|
heap
|
page read and write
|
||
|
915ADFB000
|
stack
|
page read and write
|
||
|
2F0C000
|
stack
|
page read and write
|
||
|
2211AD02000
|
heap
|
page read and write
|
||
|
1C7DC460000
|
trusted library allocation
|
page read and write
|
||
|
43332FB000
|
stack
|
page read and write
|
||
|
1C855C52000
|
heap
|
page read and write
|
||
|
27A75A88000
|
heap
|
page read and write
|
||
|
1C855C7D000
|
heap
|
page read and write
|
||
|
21DA9390000
|
heap
|
page read and write
|
||
|
1EF47D83000
|
heap
|
page read and write
|
||
|
136F000
|
heap
|
page read and write
|
||
|
1C7D6CFD000
|
heap
|
page read and write
|
||
|
205C12D5000
|
heap
|
page read and write
|
||
|
48627FE000
|
stack
|
page read and write
|
||
|
2B25D28D000
|
heap
|
page read and write
|
||
|
E87C7F000
|
stack
|
page read and write
|
||
|
1EF472C3000
|
heap
|
page read and write
|
||
|
27A75B00000
|
heap
|
page read and write
|
||
|
1EF47DDC000
|
heap
|
page read and write
|
||
|
280B000
|
stack
|
page read and write
|
||
|
1C7DC4C0000
|
trusted library allocation
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
1EF47DC4000
|
heap
|
page read and write
|
||
|
27A75B13000
|
heap
|
page read and write
|
||
|
1EF47D84000
|
heap
|
page read and write
|
||
|
2B25D249000
|
heap
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
1EF47DBC000
|
heap
|
page read and write
|
||
|
32EC000
|
stack
|
page read and write
|
||
|
1EF47DC9000
|
heap
|
page read and write
|
||
|
1C7D7600000
|
heap
|
page read and write
|
||
|
1C7D6C91000
|
heap
|
page read and write
|
||
|
1EF47D86000
|
heap
|
page read and write
|
||
|
1C7DC398000
|
trusted library allocation
|
page read and write
|
||
|
244F1E79000
|
heap
|
page read and write
|
||
|
1C855C5C000
|
heap
|
page read and write
|
||
|
E186AFE000
|
stack
|
page read and write
|
||
|
23070330000
|
heap
|
page read and write
|
||
|
2B25D100000
|
heap
|
page read and write
|
||
|
297F966F000
|
heap
|
page read and write
|
||
|
1EF47D7A000
|
heap
|
page read and write
|
||
|
205C1310000
|
heap
|
page read and write
|
||
|
7FFFEFB51000
|
unkown
|
page execute read
|
||
|
33EE000
|
stack
|
page read and write
|
||
|
115AEC2B000
|
heap
|
page read and write
|
||
|
7FFFEFB51000
|
unkown
|
page execute read
|
||
|
27A76202000
|
trusted library allocation
|
page read and write
|
||
|
1C7DC64B000
|
heap
|
page read and write
|
||
|
205C12F6000
|
heap
|
page read and write
|
||
|
21DAA0D0000
|
trusted library allocation
|
page read and write
|
||
|
1C7DC4B0000
|
trusted library allocation
|
page read and write
|
||
|
13A3000
|
heap
|
page read and write
|
||
|
43334FE000
|
stack
|
page read and write
|
||
|
1EF4727D000
|
heap
|
page read and write
|
||
|
2B25D0F0000
|
heap
|
page read and write
|
||
|
297F967F000
|
heap
|
page read and write
|
||
|
1F2DC0A1000
|
heap
|
page read and write
|
||
|
14D0000
|
direct allocation
|
page execute and read and write
|
||
|
205C4960000
|
trusted library allocation
|
page read and write
|
||
|
244F1D50000
|
heap
|
page read and write
|
||
|
2211B602000
|
trusted library allocation
|
page read and write
|
||
|
1EF47249000
|
heap
|
page read and write
|
||
|
2936265A000
|
heap
|
page read and write
|
||
|
21DA9399000
|
heap
|
page read and write
|
||
|
1C7D81F0000
|
trusted library allocation
|
page read and write
|
||
|
1C7DC6A9000
|
heap
|
page read and write
|
||
|
21D4A013000
|
heap
|
page read and write
|
||
|
1F2DC0D2000
|
heap
|
page read and write
|
||
|
29362629000
|
heap
|
page read and write
|
||
|
2B25D25C000
|
heap
|
page read and write
|
||
|
115AEC08000
|
heap
|
page read and write
|
||
|
1EF47D7D000
|
heap
|
page read and write
|
||
|
297F9666000
|
heap
|
page read and write
|
||
|
1EF47D86000
|
heap
|
page read and write
|
||
|
7FFFEFB51000
|
unkown
|
page execute read
|
||
|
1D5AB2A0000
|
heap
|
page read and write
|
||
|
29362700000
|
heap
|
page read and write
|
||
|
27A75A71000
|
heap
|
page read and write
|
||
|
E8798F000
|
stack
|
page read and write
|
||
|
43336FE000
|
stack
|
page read and write
|
||
|
1F2DC09B000
|
heap
|
page read and write
|
||
|
1EF47D74000
|
heap
|
page read and write
|
||
|
3CC13DB000
|
stack
|
page read and write
|
||
|
1EF47A80000
|
trusted library allocation
|
page read and write
|
||
|
1EF47D8B000
|
heap
|
page read and write
|
||
|
E0EDCFB000
|
stack
|
page read and write
|
||
|
297F9663000
|
heap
|
page read and write
|
||
|
895000
|
heap
|
page read and write
|
||
|
2936268A000
|
heap
|
page read and write
|
||
|
48629FF000
|
stack
|
page read and write
|
||
|
1C7DC62E000
|
heap
|
page read and write
|
||
|
8FDD677000
|
stack
|
page read and write
|
||
|
1EF47286000
|
heap
|
page read and write
|
||
|
21DAA390000
|
trusted library allocation
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
27A759E0000
|
trusted library allocation
|
page read and write
|
||
|
1C7D6C55000
|
heap
|
page read and write
|
||
|
2120000
|
heap
|
page readonly
|
||
|
27A75A13000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
1D5AB2B3000
|
heap
|
page read and write
|
||
|
1EF47D78000
|
heap
|
page read and write
|
||
|
29362600000
|
heap
|
page read and write
|
||
|
205C1303000
|
heap
|
page read and write
|
||
|
1EF47255000
|
heap
|
page read and write
|
||
|
1C7D6C00000
|
heap
|
page read and write
|
||
|
1C855C5E000
|
heap
|
page read and write
|
||
|
1EF47270000
|
heap
|
page read and write
|
||
|
21D4A02A000
|
heap
|
page read and write
|
||
|
29362656000
|
heap
|
page read and write
|
||
|
21D4A802000
|
heap
|
page read and write
|
||
|
1EF47B40000
|
remote allocation
|
page read and write
|
||
|
115AEC4E000
|
heap
|
page read and write
|
||
|
2F24000
|
heap
|
page read and write
|
||
|
1EF47D7E000
|
heap
|
page read and write
|
||
|
1C7D7615000
|
heap
|
page read and write
|
||
|
297F9676000
|
heap
|
page read and write
|
||
|
1C7DC6FC000
|
heap
|
page read and write
|
||
|
FA4F87F000
|
stack
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
AE40CFE000
|
stack
|
page read and write
|
||
|
915AFFF000
|
stack
|
page read and write
|
||
|
ADF7D1E000
|
stack
|
page read and write
|
||
|
297F9664000
|
heap
|
page read and write
|
||
|
115AEB40000
|
heap
|
page read and write
|
||
|
1F2DC0C1000
|
heap
|
page read and write
|
||
|
115B0800000
|
heap
|
page read and write
|
||
|
1C855D00000
|
heap
|
page read and write
|
||
|
29362662000
|
heap
|
page read and write
|
||
|
205C12D0000
|
heap
|
page read and write
|
||
|
385167E000
|
stack
|
page read and write
|
||
|
13D4000
|
heap
|
page read and write
|
||
|
2936263C000
|
heap
|
page read and write
|
||
|
8FDD57B000
|
stack
|
page read and write
|
||
|
297F9661000
|
heap
|
page read and write
|
||
|
3851B7D000
|
stack
|
page read and write
|
||
|
297F93B0000
|
heap
|
page read and write
|
||
|
1C7DC4D0000
|
trusted library allocation
|
page read and write
|
||
|
297F9629000
|
heap
|
page read and write
|
||
|
21DAA3C0000
|
trusted library allocation
|
page read and write
|
||
|
1EF47D8A000
|
heap
|
page read and write
|
||
|
1C7DC6F7000
|
heap
|
page read and write
|
||
|
1F2DC010000
|
heap
|
page read and write
|
||
|
297F966B000
|
heap
|
page read and write
|
||
|
7FFFEFBA2000
|
unkown
|
page readonly
|
||
|
2B25D1B0000
|
trusted library allocation
|
page read and write
|
||
|
1EF47DDC000
|
heap
|
page read and write
|
||
|
1EF47D9B000
|
heap
|
page read and write
|
||
|
7FFFEFBA2000
|
unkown
|
page readonly
|
||
|
21D4A06E000
|
heap
|
page read and write
|
||
|
297F9643000
|
heap
|
page read and write
|
||
|
27A75B08000
|
heap
|
page read and write
|
||
|
1D5AB270000
|
heap
|
page read and write
|
||
|
205C4613000
|
heap
|
page read and write
|
||
|
1F2DC2B5000
|
heap
|
page read and write
|
||
|
1EF47D00000
|
heap
|
page read and write
|
||
|
E0EE37E000
|
stack
|
page read and write
|
||
|
E0EE67F000
|
stack
|
page read and write
|
||
|
38512AB000
|
stack
|
page read and write
|
||
|
222E000
|
stack
|
page read and write
|
||
|
1EF47257000
|
heap
|
page read and write
|
||
|
48624FE000
|
stack
|
page read and write
|
||
|
2B25D202000
|
heap
|
page read and write
|
||
|
1F2DC0C1000
|
heap
|
page read and write
|
||
|
1EF472AD000
|
heap
|
page read and write
|
||
|
AE4097B000
|
stack
|
page read and write
|
||
|
48628F7000
|
stack
|
page read and write
|
||
|
1EF47308000
|
heap
|
page read and write
|
||
|
2B25D213000
|
heap
|
page read and write
|
||
|
1EF4723C000
|
heap
|
page read and write
|
||
|
7FFFEFBA6000
|
unkown
|
page read and write
|
||
|
6191FFB000
|
stack
|
page read and write
|
||
|
7FFFEFBA9000
|
unkown
|
page readonly
|
||
|
1C7D6BF0000
|
heap
|
page read and write
|
||
|
115AEF00000
|
heap
|
page read and write
|
||
|
1EF47D74000
|
heap
|
page read and write
|
||
|
27A75A56000
|
heap
|
page read and write
|
||
|
1EF47D9A000
|
heap
|
page read and write
|
||
|
1EF47224000
|
heap
|
page read and write
|
||
|
4862AFF000
|
stack
|
page read and write
|
||
|
297F963E000
|
heap
|
page read and write
|
||
|
205C4610000
|
heap
|
page read and write
|
||
|
1398000
|
heap
|
page read and write
|
||
|
230417A4000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
8E1000
|
heap
|
page read and write
|
||
|
38519FD000
|
stack
|
page read and write
|
||
|
1C7DC6FA000
|
heap
|
page read and write
|
||
|
3520000
|
remote allocation
|
page read and write
|
||
|
1EF472A6000
|
heap
|
page read and write
|
||
|
27A75A7D000
|
heap
|
page read and write
|
||
|
21D49DC0000
|
heap
|
page read and write
|
||
|
2211AC02000
|
heap
|
page read and write
|
||
|
1EF47254000
|
heap
|
page read and write
|
||
|
21DA93DB000
|
heap
|
page read and write
|
||
|
3CC17FB000
|
stack
|
page read and write
|
||
|
AE406FE000
|
stack
|
page read and write
|
||
|
1372000
|
heap
|
page read and write
|
||
|
2936265D000
|
heap
|
page read and write
|
||
|
1EF4724A000
|
heap
|
page read and write
|
||
|
21D49DB0000
|
heap
|
page read and write
|
||
|
359F000
|
stack
|
page read and write
|
||
|
2B25D25C000
|
heap
|
page read and write
|
||
|
244F1F13000
|
heap
|
page read and write
|
||
|
1341000
|
heap
|
page read and write
|
||
|
21DA9560000
|
heap
|
page read and write
|
||
|
27A75B02000
|
heap
|
page read and write
|
||
|
1EF47DA6000
|
heap
|
page read and write
|
||
|
74E3A7B000
|
stack
|
page read and write
|
||
|
FE0000
|
remote allocation
|
page read and write
|
||
|
1EF47D7C000
|
heap
|
page read and write
|
||
|
29362DA0000
|
trusted library allocation
|
page read and write
|
||
|
1C7DC6AC000
|
heap
|
page read and write
|
||
|
1EF48202000
|
heap
|
page read and write
|
||
|
915B0FE000
|
stack
|
page read and write
|
||
|
74E3F7C000
|
stack
|
page read and write
|
||
|
1EF47DD2000
|
heap
|
page read and write
|
||
|
21DA9300000
|
heap
|
page read and write
|
||
|
1EF47D8A000
|
heap
|
page read and write
|
||
|
27A75A8F000
|
heap
|
page read and write
|
||
|
38517FE000
|
stack
|
page read and write
|
||
|
1EF47D83000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
13D4000
|
heap
|
page read and write
|
||
|
1EF47D95000
|
heap
|
page read and write
|
||
|
1F2DC0B3000
|
heap
|
page read and write
|
||
|
22CF000
|
stack
|
page read and write
|
||
|
2B25D24C000
|
heap
|
page read and write
|
||
|
433327D000
|
stack
|
page read and write
|
||
|
1C7DC656000
|
heap
|
page read and write
|
||
|
21DAA3A0000
|
heap
|
page readonly
|
||
|
1341000
|
heap
|
page read and write
|
||
|
1EF47D86000
|
heap
|
page read and write
|
||
|
1EF47D9F000
|
heap
|
page read and write
|
||
|
13D2000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1EF47DBA000
|
heap
|
page read and write
|
||
|
21DAA3B0000
|
trusted library allocation
|
page read and write
|
||
|
ADF7C9B000
|
stack
|
page read and write
|
||
|
1EF47D83000
|
heap
|
page read and write
|
||
|
130B000
|
heap
|
page read and write
|
||
|
1C7D7718000
|
heap
|
page read and write
|
||
|
21DA93D4000
|
heap
|
page read and write
|
||
|
1C7D6CA3000
|
heap
|
page read and write
|
||
|
1C7DC702000
|
heap
|
page read and write
|
||
|
1EF48202000
|
heap
|
page read and write
|
||
|
1EF47DAC000
|
heap
|
page read and write
|
||
|
1EF47DD2000
|
heap
|
page read and write
|
||
|
1EF47B40000
|
remote allocation
|
page read and write
|
||
|
1C7DC270000
|
trusted library allocation
|
page read and write
|
||
|
297F964F000
|
heap
|
page read and write
|
||
|
1EF47DAC000
|
heap
|
page read and write
|
||
|
2B25D1E0000
|
remote allocation
|
page read and write
|
||
|
1C7DC390000
|
trusted library allocation
|
page read and write
|
||
|
244F1E68000
|
heap
|
page read and write
|
||
|
E186A7B000
|
stack
|
page read and write
|
||
|
1EF47D1F000
|
heap
|
page read and write
|
||
|
1C7DC600000
|
heap
|
page read and write
|
||
|
E0EE47F000
|
stack
|
page read and write
|
||
|
8FDD27C000
|
stack
|
page read and write
|
||
|
6191E7E000
|
stack
|
page read and write
|
||
|
1C7DC280000
|
trusted library allocation
|
page read and write
|
||
|
AE409FE000
|
stack
|
page read and write
|
||
|
1EF47D88000
|
heap
|
page read and write
|
||
|
1F2DC0A6000
|
heap
|
page read and write
|
||
|
3CC1D78000
|
stack
|
page read and write
|
||
|
2303FC20000
|
heap
|
page read and write
|
||
|
1C7DC1F0000
|
trusted library allocation
|
page read and write
|
||
|
205C1302000
|
heap
|
page read and write
|
||
|
29362500000
|
heap
|
page read and write
|
||
|
1C7D6C74000
|
heap
|
page read and write
|
||
|
29362665000
|
heap
|
page read and write
|
||
|
1C7DC4F0000
|
trusted library allocation
|
page read and write
|
||
|
1C7DC3D4000
|
trusted library allocation
|
page read and write
|
||
|
297F93A0000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1EF48202000
|
heap
|
page read and write
|
||
|
1EF47DD0000
|
heap
|
page read and write
|
||
|
2211AC2A000
|
heap
|
page read and write
|
||
|
FA4FC7E000
|
stack
|
page read and write
|
||
|
1C7DC480000
|
trusted library allocation
|
page read and write
|
||
|
ADF827E000
|
stack
|
page read and write
|
||
|
27A75A4E000
|
heap
|
page read and write
|
||
|
2211AB70000
|
heap
|
page read and write
|
||
|
43330FE000
|
stack
|
page read and write
|
||
|
2303FC25000
|
heap
|
page read and write
|
||
|
21DAA410000
|
trusted library allocation
|
page read and write
|
||
|
6191EFF000
|
stack
|
page read and write
|
||
|
1F2DC0D5000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
1EF47D98000
|
heap
|
page read and write
|
||
|
E186B7D000
|
stack
|
page read and write
|
||
|
38516FF000
|
stack
|
page read and write
|
||
|
1C7D7718000
|
heap
|
page read and write
|
||
|
2B25D266000
|
heap
|
page read and write
|
||
|
297F9650000
|
heap
|
page read and write
|
||
|
270C000
|
stack
|
page read and write
|
||
|
205C12E0000
|
heap
|
page read and write
|
||
|
2303FD50000
|
heap
|
page read and write
|
||
|
115AEC4E000
|
heap
|
page read and write
|
||
|
694000
|
stack
|
page read and write
|
||
|
1EF47D97000
|
heap
|
page read and write
|
||
|
385177C000
|
stack
|
page read and write
|
||
|
2211ABD0000
|
remote allocation
|
page read and write
|
||
|
293624A0000
|
heap
|
page read and write
|
||
|
1C7D6C6F000
|
heap
|
page read and write
|
||
|
23041690000
|
direct allocation
|
page execute and read and write
|
||
|
1EF47DD0000
|
heap
|
page read and write
|
||
|
20E0000
|
direct allocation
|
page execute and read and write
|
||
|
23041910000
|
heap
|
page read and write
|
||
|
297F966D000
|
heap
|
page read and write
|
||
|
1F2DC260000
|
heap
|
page read and write
|
||
|
115AEBB0000
|
heap
|
page read and write
|
||
|
205C12B0000
|
heap
|
page read and write
|
||
|
8C4000
|
heap
|
page read and write
|
||
|
205C130B000
|
heap
|
page read and write
|
||
|
1C7D7759000
|
heap
|
page read and write
|
||
|
486267B000
|
stack
|
page read and write
|
||
|
1EF47D78000
|
heap
|
page read and write
|
||
|
2307045A000
|
heap
|
page read and write
|
||
|
1EF47D72000
|
heap
|
page read and write
|
||
|
244F1DF0000
|
trusted library allocation
|
page read and write
|
||
|
2303FDA0000
|
heap
|
page read and write
|
||
|
74E417E000
|
stack
|
page read and write
|
||
|
29362659000
|
heap
|
page read and write
|
||
|
27A75870000
|
heap
|
page read and write
|
||
|
8FDD87E000
|
stack
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
1EF47D94000
|
heap
|
page read and write
|
||
|
1EF47D74000
|
heap
|
page read and write
|
||
|
23070360000
|
trusted library allocation
|
page read and write
|
||
|
1F2DC2B0000
|
heap
|
page read and write
|
||
|
1EF47D62000
|
heap
|
page read and write
|
||
|
1C7D6CFD000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
21D49E20000
|
heap
|
page read and write
|
||
|
E87886000
|
stack
|
page read and write
|
||
|
1F2DC0D9000
|
heap
|
page read and write
|
||
|
115AEC4E000
|
heap
|
page read and write
|
||
|
E0EDF7C000
|
stack
|
page read and write
|
||
|
230417A0000
|
heap
|
page read and write
|
||
|
1EF47DB3000
|
heap
|
page read and write
|
||
|
21D4A113000
|
heap
|
page read and write
|
||
|
3CC1B77000
|
stack
|
page read and write
|
||
|
2B25D300000
|
heap
|
page read and write
|
||
|
29362702000
|
heap
|
page read and write
|
||
|
74E347B000
|
stack
|
page read and write
|
||
|
23070E02000
|
trusted library allocation
|
page read and write
|
||
|
AE4087B000
|
stack
|
page read and write
|
||
|
1F2DC0A6000
|
heap
|
page read and write
|
||
|
2B25D1E0000
|
remote allocation
|
page read and write
|
||
|
1EF47D8B000
|
heap
|
page read and write
|
||
|
E0EE17D000
|
stack
|
page read and write
|
||
|
1EF47DA3000
|
heap
|
page read and write
|
||
|
FA4F77F000
|
stack
|
page read and write
|
||
|
A2E27FE000
|
stack
|
page read and write
|
||
|
297F9669000
|
heap
|
page read and write
|
||
|
A2E287C000
|
stack
|
page read and write
|
||
|
2307045A000
|
heap
|
page read and write
|
||
|
21DA93FF000
|
heap
|
page read and write
|
||
|
FFD5A7D000
|
stack
|
page read and write
|
||
|
1EF47DB5000
|
heap
|
page read and write
|
||
|
1EF47170000
|
heap
|
page read and write
|
||
|
E8790E000
|
stack
|
page read and write
|
||
|
297F962F000
|
heap
|
page read and write
|
||
|
297F9645000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
2B25D190000
|
trusted library allocation
|
page read and write
|
||
|
1C7D6C13000
|
heap
|
page read and write
|
||
|
1EF47D19000
|
heap
|
page read and write
|
||
|
23070502000
|
heap
|
page read and write
|
||
|
1530000
|
trusted library allocation
|
page read and write
|
||
|
1F2DC0D3000
|
heap
|
page read and write
|
||
|
E0EDE7E000
|
stack
|
page read and write
|
||
|
2211AB10000
|
heap
|
page read and write
|
||
|
1EF4724D000
|
heap
|
page read and write
|
||
|
1398000
|
heap
|
page read and write
|
||
|
7FFFEFB50000
|
unkown
|
page readonly
|
||
|
1EF47D86000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
AE4077E000
|
stack
|
page read and write
|
||
|
1EF472E4000
|
heap
|
page read and write
|
||
|
297F9631000
|
heap
|
page read and write
|
||
|
268E000
|
stack
|
page read and write
|
||
|
2B25D313000
|
heap
|
page read and write
|
||
|
1EF47D7A000
|
heap
|
page read and write
|
||
|
27A75A4C000
|
heap
|
page read and write
|
||
|
3CC16FE000
|
stack
|
page read and write
|
||
|
1F2DC0B7000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
23070429000
|
heap
|
page read and write
|
||
|
1D5AB200000
|
heap
|
page read and write
|
||
|
27A75A49000
|
heap
|
page read and write
|
||
|
21DA9315000
|
heap
|
page read and write
|
||
|
1EF4724E000
|
heap
|
page read and write
|
||
|
2307046B000
|
heap
|
page read and write
|
||
|
21D4A087000
|
heap
|
page read and write
|
||
|
1C7D6C29000
|
heap
|
page read and write
|
||
|
1EF47DB3000
|
heap
|
page read and write
|
||
|
3CC1C7E000
|
stack
|
page read and write
|
||
|
1C7DC4E0000
|
trusted library allocation
|
page read and write
|
||
|
205C12FD000
|
heap
|
page read and write
|
||
|
29362708000
|
heap
|
page read and write
|
||
|
43335FD000
|
stack
|
page read and write
|
||
|
2211AC5C000
|
heap
|
page read and write
|
||
|
297F9510000
|
trusted library allocation
|
page read and write
|
||
|
21DA9590000
|
trusted library allocation
|
page read and write
|
||
|
AE40BFE000
|
stack
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1C7D6C79000
|
heap
|
page read and write
|
||
|
A2E26FE000
|
stack
|
page read and write
|
||
|
21DA9319000
|
heap
|
page read and write
|
||
|
1EF47D78000
|
heap
|
page read and write
|
||
|
297F964C000
|
heap
|
page read and write
|
||
|
21DAA140000
|
trusted library allocation
|
page read and write
|
||
|
3CC1A78000
|
stack
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
13D2000
|
heap
|
page read and write
|
||
|
244F1DC0000
|
heap
|
page read and write
|
||
|
A2E2778000
|
stack
|
page read and write
|
||
|
1C7D6C9E000
|
heap
|
page read and write
|
||
|
34FF000
|
stack
|
page read and write
|
||
|
4332E7C000
|
stack
|
page read and write
|
||
|
1C7D7D40000
|
trusted library allocation
|
page read and write
|
||
|
4332FFF000
|
stack
|
page read and write
|
||
|
1F2DC0B5000
|
heap
|
page read and write
|
||
|
AE4067B000
|
stack
|
page read and write
|
||
|
3520000
|
remote allocation
|
page read and write
|
||
|
74E377C000
|
stack
|
page read and write
|
||
|
7FFFEFBA9000
|
unkown
|
page readonly
|
||
|
E0ED8BC000
|
stack
|
page read and write
|
||
|
244F1E13000
|
heap
|
page read and write
|
||
|
3CC1DFE000
|
unkown
|
page read and write
|
||
|
1C855C58000
|
heap
|
page read and write
|
||
|
2B25D24C000
|
heap
|
page read and write
|
||
|
205C12F9000
|
heap
|
page read and write
|
||
|
74E387A000
|
stack
|
page read and write
|
||
|
2936265F000
|
heap
|
page read and write
|
||
|
1C7DC6E8000
|
heap
|
page read and write
|
||
|
297F9647000
|
heap
|
page read and write
|
||
|
1EF47252000
|
heap
|
page read and write
|
||
|
21D4A932000
|
heap
|
page read and write
|
||
|
27A75A2A000
|
heap
|
page read and write
|
||
|
6191BCF000
|
stack
|
page read and write
|
||
|
2936260B000
|
heap
|
page read and write
|
||
|
1C7D7490000
|
trusted library allocation
|
page read and write
|
||
|
1C855D02000
|
heap
|
page read and write
|
||
|
1EF471E0000
|
heap
|
page read and write
|
||
|
230702C0000
|
heap
|
page read and write
|
||
|
1F2DC090000
|
heap
|
page read and write
|
||
|
433317C000
|
stack
|
page read and write
|
||
|
FE0000
|
remote allocation
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
297F9600000
|
heap
|
page read and write
|
||
|
ADF847F000
|
stack
|
page read and write
|
||
|
A2E267E000
|
stack
|
page read and write
|
||
|
205C2DD0000
|
heap
|
page read and write
|
||
|
1C7DC200000
|
trusted library allocation
|
page read and write
|
||
|
244F1E3E000
|
heap
|
page read and write
|
||
|
2B25D200000
|
heap
|
page read and write
|
||
|
1C855C3C000
|
heap
|
page read and write
|
||
|
21DA9310000
|
heap
|
page read and write
|
||
|
2B25D160000
|
heap
|
page read and write
|
||
|
1EF47D99000
|
heap
|
page read and write
|
||
|
13A3000
|
heap
|
page read and write
|
||
|
2211AC5A000
|
heap
|
page read and write
|
||
|
2211AC00000
|
heap
|
page read and write
|
||
|
1C7D7704000
|
heap
|
page read and write
|
||
|
13A3000
|
heap
|
page read and write
|
||
|
7FFFEFB51000
|
unkown
|
page execute read
|
||
|
1EF47DD0000
|
heap
|
page read and write
|
||
|
ADF7D9E000
|
stack
|
page read and write
|
||
|
27A758E0000
|
heap
|
page read and write
|
||
|
1EF47200000
|
heap
|
page read and write
|
||
|
7FFFEFB50000
|
unkown
|
page readonly
|
||
|
1EF47D92000
|
heap
|
page read and write
|
||
|
A2E23AE000
|
stack
|
page read and write
|
||
|
29362658000
|
heap
|
page read and write
|
||
|
1EF47D78000
|
heap
|
page read and write
|
||
|
205C2F30000
|
heap
|
page read and write
|
||
|
1C7D6D16000
|
heap
|
page read and write
|
||
|
230416D0000
|
heap
|
page readonly
|
||
|
1EF472C8000
|
heap
|
page read and write
|
||
|
1EF4724B000
|
heap
|
page read and write
|
||
|
1C7DC460000
|
trusted library allocation
|
page read and write
|
||
|
1EF47C02000
|
heap
|
page read and write
|
||
|
115AEF05000
|
heap
|
page read and write
|
||
|
1C7DC4F0000
|
remote allocation
|
page read and write
|
||
|
27A75A00000
|
heap
|
page read and write
|
There are 809 hidden memdumps, click here to show them.