Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
JtJ50Swtfo.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
MPEG-4 LOAS
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0xd061a25e, page size 16384, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_JtJ_b2672842ecefaba91fdafe39d8111bc89c8ace76_9903e0f3_1913dfeb\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_JtJ_b2672842ecefaba91fdafe39d8111bc89c8ace76_9903e0f3_193be049\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD174.tmp.dmp
|
Mini DuMP crash report, 15 streams, Mon May 23 05:42:02 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD28D.tmp.dmp
|
Mini DuMP crash report, 15 streams, Mon May 23 05:42:03 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD4D0.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD5AB.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD752.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD7DE.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, 61480 bytes, 1 file
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
|
Little-endian UTF-16 Unicode text, with CRLF, CR line terminators
|
modified
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_JtJ_f1302aae73d1bd36c99beead2422e86237ae15_9903e0f3_15e02aea\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_JtJ_f1302aae73d1bd36c99beead2422e86237ae15_9903e0f3_1747af5d\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_JtJ_f1302aae73d1bd36c99beead2422e86237ae15_9903e0f3_1773b171\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1A8E.tmp.dmp
|
Mini DuMP crash report, 15 streams, Mon May 23 05:29:45 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2127.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER235A.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7F45.tmp.dmp
|
Mini DuMP crash report, 15 streams, Mon May 23 05:29:37 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER809D.tmp.dmp
|
Mini DuMP crash report, 15 streams, Mon May 23 05:29:38 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA01C.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA33A.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA3F4.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA7DD.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
There are 19 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\JtJ50Swtfo.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\JtJ50Swtfo.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\JtJ50Swtfo.dll,AddIn_FileTime
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\DEtOD\ObhSjvufE.dll"
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\JtJ50Swtfo.dll,AddIn_SystemTime
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\JtJ50Swtfo.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k NetworkService -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\GJzmbimn\geJzufDvqRClHij.dll"
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\JtJ50Swtfo.dll"
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\JtJ50Swtfo.dll",#1
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 6348 -s 316
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 6340 -s 324
|
||
|
C:\Windows\System32\SgrmBroker.exe
|
C:\Windows\system32\SgrmBroker.exe
|
||
|
C:\Program Files\Windows Defender\MpCmdRun.exe
|
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 7136 -s 328
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 7124 -s 336
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 3552 -s 332
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 3552 -s 332
|
There are 19 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://165.22.73.229/
|
unknown
|
|
|
|
https://165.22.73.229/h
|
unknown
|
|
|
|
https://165.22.73.229:8080/tem3
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Driving
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
|
unknown
|
||
|
https://165.22.73.229:8080/d
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
https://t0.tiles.ditu.live.com/tiles/gen
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Walking
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/logging.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Transit/Schedules/
|
unknown
|
||
|
https://www.hotspotshield.com/terms/
|
unknown
|
||
|
https://www.pango.co/privacy
|
unknown
|
||
|
http://www.bingmapsportal.com
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://165.22.73.229:8080/p
|
unknown
|
||
|
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
|
unknown
|
||
|
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Transit/Stops/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
|
unknown
|
||
|
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
|
unknown
|
||
|
https://%s.xboxlive.com
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Locations
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/logging.ashx
|
unknown
|
||
|
https://support.hotspotshield.com/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://dynamic.t
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Transit
|
unknown
|
||
|
https://165.22.73.229:8080/
|
unknown
|
||
|
https://disneyplus.com/legal.
|
unknown
|
||
|
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://activity.windows.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Locations
|
unknown
|
||
|
http://help.disneyplus.com.
|
unknown
|
||
|
https://%s.dnet.xboxlive.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
|
unknown
|
||
|
http://schemas.xmlsoap.o
|
unknown
|
||
|
https://165.22.73.229:8080/z
|
unknown
|
||
|
https://165.22.73.229:8080/Num
|
unknown
|
There are 46 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
165.22.73.229
|
unknown
|
United States
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
\REGISTRY\A\{271edc71-be7d-d429-f922-9a7f21c9b119}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProgramId
|
||
|
\REGISTRY\A\{271edc71-be7d-d429-f922-9a7f21c9b119}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
FileId
|
||
|
\REGISTRY\A\{271edc71-be7d-d429-f922-9a7f21c9b119}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{271edc71-be7d-d429-f922-9a7f21c9b119}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LongPathHash
|
||
|
\REGISTRY\A\{271edc71-be7d-d429-f922-9a7f21c9b119}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Name
|
||
|
\REGISTRY\A\{271edc71-be7d-d429-f922-9a7f21c9b119}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Publisher
|
||
|
\REGISTRY\A\{271edc71-be7d-d429-f922-9a7f21c9b119}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Version
|
||
|
\REGISTRY\A\{271edc71-be7d-d429-f922-9a7f21c9b119}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinFileVersion
|
||
|
\REGISTRY\A\{271edc71-be7d-d429-f922-9a7f21c9b119}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinaryType
|
||
|
\REGISTRY\A\{271edc71-be7d-d429-f922-9a7f21c9b119}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductName
|
||
|
\REGISTRY\A\{271edc71-be7d-d429-f922-9a7f21c9b119}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductVersion
|
||
|
\REGISTRY\A\{271edc71-be7d-d429-f922-9a7f21c9b119}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LinkDate
|
||
|
\REGISTRY\A\{271edc71-be7d-d429-f922-9a7f21c9b119}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinProductVersion
|
||
|
\REGISTRY\A\{271edc71-be7d-d429-f922-9a7f21c9b119}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Size
|
||
|
\REGISTRY\A\{271edc71-be7d-d429-f922-9a7f21c9b119}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Language
|
||
|
\REGISTRY\A\{271edc71-be7d-d429-f922-9a7f21c9b119}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsPeFile
|
||
|
\REGISTRY\A\{271edc71-be7d-d429-f922-9a7f21c9b119}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsOsComponent
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug
|
ExceptionRecord
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
0018800453F4626F
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
0018800453F4626F
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Usage
|
MonthID
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
\REGISTRY\A\{0df7dca4-87ea-295b-fb24-088f656e8197}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProgramId
|
||
|
\REGISTRY\A\{0df7dca4-87ea-295b-fb24-088f656e8197}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
FileId
|
||
|
\REGISTRY\A\{0df7dca4-87ea-295b-fb24-088f656e8197}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{0df7dca4-87ea-295b-fb24-088f656e8197}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LongPathHash
|
||
|
\REGISTRY\A\{0df7dca4-87ea-295b-fb24-088f656e8197}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Name
|
||
|
\REGISTRY\A\{0df7dca4-87ea-295b-fb24-088f656e8197}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Publisher
|
||
|
\REGISTRY\A\{0df7dca4-87ea-295b-fb24-088f656e8197}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Version
|
||
|
\REGISTRY\A\{0df7dca4-87ea-295b-fb24-088f656e8197}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinFileVersion
|
||
|
\REGISTRY\A\{0df7dca4-87ea-295b-fb24-088f656e8197}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinaryType
|
||
|
\REGISTRY\A\{0df7dca4-87ea-295b-fb24-088f656e8197}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductName
|
||
|
\REGISTRY\A\{0df7dca4-87ea-295b-fb24-088f656e8197}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductVersion
|
||
|
\REGISTRY\A\{0df7dca4-87ea-295b-fb24-088f656e8197}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LinkDate
|
||
|
\REGISTRY\A\{0df7dca4-87ea-295b-fb24-088f656e8197}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinProductVersion
|
||
|
\REGISTRY\A\{0df7dca4-87ea-295b-fb24-088f656e8197}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Size
|
||
|
\REGISTRY\A\{0df7dca4-87ea-295b-fb24-088f656e8197}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Language
|
||
|
\REGISTRY\A\{0df7dca4-87ea-295b-fb24-088f656e8197}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsPeFile
|
||
|
\REGISTRY\A\{0df7dca4-87ea-295b-fb24-088f656e8197}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsOsComponent
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
0018C005C62C4D85
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
0018C005C62C4D85
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
0018C005C62C4D85
|
There are 46 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
B10000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
2BC80000000
|
direct allocation
|
page execute and read and write
|
|
|
|
267363C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
840000
|
direct allocation
|
page execute and read and write
|
|
|
|
2BC80000000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
2BC80000000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
267363C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
267363C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
1A366B24000
|
heap
|
page read and write
|
||
|
45D447B000
|
stack
|
page read and write
|
||
|
26E7F43C000
|
heap
|
page read and write
|
||
|
1A366BA9000
|
heap
|
page read and write
|
||
|
A6C26FE000
|
stack
|
page read and write
|
||
|
1A365FF0000
|
heap
|
page read and write
|
||
|
2A6F000
|
stack
|
page read and write
|
||
|
2830BAD3000
|
heap
|
page read and write
|
||
|
1A366B98000
|
heap
|
page read and write
|
||
|
2830BADD000
|
heap
|
page read and write
|
||
|
207C5ECD000
|
heap
|
page read and write
|
||
|
8BB000
|
heap
|
page read and write
|
||
|
267363F0000
|
heap
|
page readonly
|
||
|
26E7F466000
|
heap
|
page read and write
|
||
|
943000
|
heap
|
page read and write
|
||
|
1A366B26000
|
heap
|
page read and write
|
||
|
2BAE000
|
stack
|
page read and write
|
||
|
1200C859000
|
heap
|
page read and write
|
||
|
1200C843000
|
heap
|
page read and write
|
||
|
5256FD000
|
stack
|
page read and write
|
||
|
99A000
|
heap
|
page read and write
|
||
|
1A366B7B000
|
heap
|
page read and write
|
||
|
1A3662E4000
|
heap
|
page read and write
|
||
|
CC0237F000
|
stack
|
page read and write
|
||
|
2C3B000
|
heap
|
page read and write
|
||
|
CA4DF7E000
|
stack
|
page read and write
|
||
|
2C53000
|
heap
|
page read and write
|
||
|
267360B0000
|
heap
|
page read and write
|
||
|
F49FD8E000
|
stack
|
page read and write
|
||
|
2830ED90000
|
heap
|
page read and write
|
||
|
7FFC671F1000
|
unkown
|
page execute read
|
||
|
4484A7E000
|
stack
|
page read and write
|
||
|
1200C86B000
|
heap
|
page read and write
|
||
|
1A366BBB000
|
heap
|
page read and write
|
||
|
20607C3C000
|
heap
|
page read and write
|
||
|
23349118000
|
heap
|
page read and write
|
||
|
2C55000
|
heap
|
page read and write
|
||
|
1200C841000
|
heap
|
page read and write
|
||
|
23348870000
|
heap
|
page read and write
|
||
|
2BCFC170000
|
heap
|
page read and write
|
||
|
2BCFC2F0000
|
direct allocation
|
page execute and read and write
|
||
|
1B330D60000
|
heap
|
page read and write
|
||
|
2ECC5DE000
|
stack
|
page read and write
|
||
|
1A367002000
|
heap
|
page read and write
|
||
|
26E7F461000
|
heap
|
page read and write
|
||
|
267360B0000
|
heap
|
page read and write
|
||
|
7FFC67212000
|
unkown
|
page readonly
|
||
|
1A366B76000
|
heap
|
page read and write
|
||
|
2ECC87F000
|
stack
|
page read and write
|
||
|
26130902000
|
heap
|
page read and write
|
||
|
1A366B7E000
|
heap
|
page read and write
|
||
|
7FFC67212000
|
unkown
|
page readonly
|
||
|
2580000
|
heap
|
page read and write
|
||
|
26331102000
|
heap
|
page read and write
|
||
|
1A367018000
|
heap
|
page read and write
|
||
|
1200C842000
|
heap
|
page read and write
|
||
|
20607D00000
|
heap
|
page read and write
|
||
|
979000
|
heap
|
page read and write
|
||
|
26E7F48A000
|
heap
|
page read and write
|
||
|
2D61000
|
heap
|
page read and write
|
||
|
229E000
|
stack
|
page read and write
|
||
|
2C55000
|
heap
|
page read and write
|
||
|
2334E104000
|
heap
|
page read and write
|
||
|
1A366BBC000
|
heap
|
page read and write
|
||
|
CC0237F000
|
stack
|
page read and write
|
||
|
1A366BBB000
|
heap
|
page read and write
|
||
|
26737B90000
|
heap
|
page read and write
|
||
|
1A366B98000
|
heap
|
page read and write
|
||
|
207C5D60000
|
trusted library allocation
|
page read and write
|
||
|
1CA90E66000
|
heap
|
page read and write
|
||
|
2ECC9FF000
|
stack
|
page read and write
|
||
|
2BC80030000
|
heap
|
page readonly
|
||
|
F49FD8E000
|
stack
|
page read and write
|
||
|
1A36623C000
|
heap
|
page read and write
|
||
|
1E31CB24000
|
heap
|
page read and write
|
||
|
2830B9F0000
|
heap
|
page read and write
|
||
|
1A366BBC000
|
heap
|
page read and write
|
||
|
7FFC6721F000
|
unkown
|
page readonly
|
||
|
23349159000
|
heap
|
page read and write
|
||
|
207C6CA0000
|
trusted library allocation
|
page read and write
|
||
|
180030000
|
direct allocation
|
page readonly
|
||
|
26131002000
|
trusted library allocation
|
page read and write
|
||
|
2334E01B000
|
heap
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
2334DBB0000
|
trusted library allocation
|
page read and write
|
||
|
23349002000
|
heap
|
page read and write
|
||
|
1CA90E8E000
|
heap
|
page read and write
|
||
|
2334E04E000
|
heap
|
page read and write
|
||
|
282E000
|
stack
|
page read and write
|
||
|
1A366B8B000
|
heap
|
page read and write
|
||
|
1CA90E8A000
|
heap
|
page read and write
|
||
|
1F41C85E000
|
heap
|
page read and write
|
||
|
256415D0000
|
heap
|
page read and write
|
||
|
20607C4E000
|
heap
|
page read and write
|
||
|
7FFC671F1000
|
unkown
|
page execute read
|
||
|
25FB29D0000
|
heap
|
page read and write
|
||
|
94E000
|
heap
|
page read and write
|
||
|
7FFC6721F000
|
unkown
|
page readonly
|
||
|
C45000
|
heap
|
page read and write
|
||
|
78AAAF7000
|
stack
|
page read and write
|
||
|
26331802000
|
heap
|
page read and write
|
||
|
10B70F9000
|
stack
|
page read and write
|
||
|
1F41C87F000
|
heap
|
page read and write
|
||
|
26736400000
|
heap
|
page read and write
|
||
|
4AD77E000
|
stack
|
page read and write
|
||
|
1E31CA79000
|
heap
|
page read and write
|
||
|
2C3B000
|
heap
|
page read and write
|
||
|
26331088000
|
heap
|
page read and write
|
||
|
890000
|
remote allocation
|
page read and write
|
||
|
A6C27FE000
|
stack
|
page read and write
|
||
|
F6582FE000
|
stack
|
page read and write
|
||
|
2334E000000
|
heap
|
page read and write
|
||
|
CA4D6FB000
|
stack
|
page read and write
|
||
|
26330F70000
|
heap
|
page read and write
|
||
|
2334E102000
|
heap
|
page read and write
|
||
|
2C3B000
|
heap
|
page read and write
|
||
|
26330F80000
|
heap
|
page read and write
|
||
|
24FC000
|
stack
|
page read and write
|
||
|
1A366BC9000
|
heap
|
page read and write
|
||
|
1CA90E8A000
|
heap
|
page read and write
|
||
|
2334DE30000
|
trusted library allocation
|
page read and write
|
||
|
2758FC29000
|
heap
|
page read and write
|
||
|
1F41C913000
|
heap
|
page read and write
|
||
|
1CA90E77000
|
heap
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
1E31C990000
|
heap
|
page read and write
|
||
|
2B30000
|
remote allocation
|
page read and write
|
||
|
1CA90E74000
|
heap
|
page read and write
|
||
|
78AA6FE000
|
stack
|
page read and write
|
||
|
7FFC67212000
|
unkown
|
page readonly
|
||
|
1A367018000
|
heap
|
page read and write
|
||
|
26330FE0000
|
heap
|
page read and write
|
||
|
4484B79000
|
stack
|
page read and write
|
||
|
447CABB000
|
stack
|
page read and write
|
||
|
78AABFE000
|
stack
|
page read and write
|
||
|
20607C68000
|
heap
|
page read and write
|
||
|
1CA90DB0000
|
heap
|
page read and write
|
||
|
2334888F000
|
heap
|
page read and write
|
||
|
1CA90C20000
|
heap
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
1A366B98000
|
heap
|
page read and write
|
||
|
1A366B86000
|
heap
|
page read and write
|
||
|
1CA90D50000
|
heap
|
page read and write
|
||
|
1A366B87000
|
heap
|
page read and write
|
||
|
23349118000
|
heap
|
page read and write
|
||
|
7FFC6721F000
|
unkown
|
page readonly
|
||
|
1A3662FB000
|
heap
|
page read and write
|
||
|
D7F6BDC000
|
stack
|
page read and write
|
||
|
1B331602000
|
trusted library allocation
|
page read and write
|
||
|
2334DD61000
|
trusted library allocation
|
page read and write
|
||
|
45D4678000
|
stack
|
page read and write
|
||
|
7FFC671F0000
|
unkown
|
page readonly
|
||
|
1A366B75000
|
heap
|
page read and write
|
||
|
1A367002000
|
heap
|
page read and write
|
||
|
5251FE000
|
stack
|
page read and write
|
||
|
2C5F000
|
heap
|
page read and write
|
||
|
1B331550000
|
remote allocation
|
page read and write
|
||
|
180030000
|
direct allocation
|
page readonly
|
||
|
2334DE50000
|
trusted library allocation
|
page read and write
|
||
|
26130865000
|
heap
|
page read and write
|
||
|
1A367002000
|
heap
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
267360D0000
|
heap
|
page read and write
|
||
|
2BC80080000
|
heap
|
page read and write
|
||
|
7FFC671F0000
|
unkown
|
page readonly
|
||
|
CA4E07F000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1B330DC0000
|
heap
|
page read and write
|
||
|
1200C829000
|
heap
|
page read and write
|
||
|
2334DC30000
|
trusted library allocation
|
page read and write
|
||
|
1CA90E81000
|
heap
|
page read and write
|
||
|
1CA90DB5000
|
heap
|
page read and write
|
||
|
180030000
|
direct allocation
|
page readonly
|
||
|
1E31CB00000
|
heap
|
page read and write
|
||
|
1F41C900000
|
heap
|
page read and write
|
||
|
207C5E70000
|
heap
|
page read and write
|
||
|
979000
|
heap
|
page read and write
|
||
|
2564133B000
|
heap
|
page read and write
|
||
|
1200C813000
|
heap
|
page read and write
|
||
|
2334E04D000
|
heap
|
page read and write
|
||
|
7FFC671F0000
|
unkown
|
page readonly
|
||
|
7FFC671F1000
|
unkown
|
page execute read
|
||
|
F4A007F000
|
stack
|
page read and write
|
||
|
2758FA40000
|
heap
|
page read and write
|
||
|
2334E100000
|
heap
|
page read and write
|
||
|
207C5E39000
|
heap
|
page read and write
|
||
|
2334DD70000
|
trusted library allocation
|
page read and write
|
||
|
20607D08000
|
heap
|
page read and write
|
||
|
BBDFB7D000
|
stack
|
page read and write
|
||
|
1E31CA02000
|
heap
|
page read and write
|
||
|
2BC80080000
|
heap
|
page read and write
|
||
|
7FFC6721B000
|
unkown
|
page read and write
|
||
|
233488FD000
|
heap
|
page read and write
|
||
|
1A366BBA000
|
heap
|
page read and write
|
||
|
1A366B75000
|
heap
|
page read and write
|
||
|
7FFC671F0000
|
unkown
|
page readonly
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1A366B7E000
|
heap
|
page read and write
|
||
|
207C5DE0000
|
heap
|
page read and write
|
||
|
F49FD0C000
|
stack
|
page read and write
|
||
|
26E7F453000
|
heap
|
page read and write
|
||
|
F4A007F000
|
stack
|
page read and write
|
||
|
2C55000
|
heap
|
page read and write
|
||
|
2334882A000
|
heap
|
page read and write
|
||
|
2334E0A2000
|
heap
|
page read and write
|
||
|
2ECC55B000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
2C68000
|
heap
|
page read and write
|
||
|
1A366B87000
|
heap
|
page read and write
|
||
|
F5F3EFD000
|
stack
|
page read and write
|
||
|
26130829000
|
heap
|
page read and write
|
||
|
1B330E40000
|
heap
|
page read and write
|
||
|
26E7F513000
|
heap
|
page read and write
|
||
|
256444D0000
|
trusted library allocation
|
page read and write
|
||
|
20607B60000
|
trusted library allocation
|
page read and write
|
||
|
26736405000
|
heap
|
page read and write
|
||
|
26735F70000
|
unkown
|
page read and write
|
||
|
10B717E000
|
stack
|
page read and write
|
||
|
26E7F500000
|
heap
|
page read and write
|
||
|
98103EB000
|
stack
|
page read and write
|
||
|
78AACFF000
|
stack
|
page read and write
|
||
|
25644CD0000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
1A366271000
|
heap
|
page read and write
|
||
|
2334E0AD000
|
heap
|
page read and write
|
||
|
1A366B87000
|
heap
|
page read and write
|
||
|
1A366B98000
|
heap
|
page read and write
|
||
|
2DA6000
|
heap
|
page read and write
|
||
|
1F41D002000
|
trusted library allocation
|
page read and write
|
||
|
206079F0000
|
heap
|
page read and write
|
||
|
1A366236000
|
heap
|
page read and write
|
||
|
1CA90E81000
|
heap
|
page read and write
|
||
|
1200C861000
|
heap
|
page read and write
|
||
|
AF0000
|
heap
|
page readonly
|
||
|
2BCFC3C0000
|
heap
|
page read and write
|
||
|
276C000
|
stack
|
page read and write
|
||
|
1B331550000
|
remote allocation
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
1A366235000
|
heap
|
page read and write
|
||
|
1A366B82000
|
heap
|
page read and write
|
||
|
447CB3F000
|
stack
|
page read and write
|
||
|
2334DD48000
|
trusted library allocation
|
page read and write
|
||
|
2758FD13000
|
heap
|
page read and write
|
||
|
1200C7E0000
|
trusted library allocation
|
page read and write
|
||
|
1A366B31000
|
heap
|
page read and write
|
||
|
2BCFC1E7000
|
heap
|
page read and write
|
||
|
447D37E000
|
stack
|
page read and write
|
||
|
1E31C920000
|
heap
|
page read and write
|
||
|
7FFC6721F000
|
unkown
|
page readonly
|
||
|
78AA87B000
|
stack
|
page read and write
|
||
|
1A366B77000
|
heap
|
page read and write
|
||
|
25641329000
|
heap
|
page read and write
|
||
|
1200C85B000
|
heap
|
page read and write
|
||
|
2334DE80000
|
trusted library allocation
|
page read and write
|
||
|
25FB2890000
|
heap
|
page read and write
|
||
|
1A3662AB000
|
heap
|
page read and write
|
||
|
26E7F390000
|
trusted library allocation
|
page read and write
|
||
|
52507B000
|
stack
|
page read and write
|
||
|
2830BAD9000
|
heap
|
page read and write
|
||
|
1A36701A000
|
heap
|
page read and write
|
||
|
1A366302000
|
heap
|
page read and write
|
||
|
1200C886000
|
heap
|
page read and write
|
||
|
1A36624A000
|
heap
|
page read and write
|
||
|
267360B0000
|
heap
|
page read and write
|
||
|
233488FD000
|
heap
|
page read and write
|
||
|
23349000000
|
heap
|
page read and write
|
||
|
1200C863000
|
heap
|
page read and write
|
||
|
207C6040000
|
trusted library allocation
|
page read and write
|
||
|
2C41000
|
heap
|
page read and write
|
||
|
10B71FC000
|
stack
|
page read and write
|
||
|
2334E0F4000
|
heap
|
page read and write
|
||
|
26130887000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
1A367000000
|
heap
|
page read and write
|
||
|
1B330E13000
|
heap
|
page read and write
|
||
|
2C3B000
|
heap
|
page read and write
|
||
|
10B6D4F000
|
stack
|
page read and write
|
||
|
23348813000
|
heap
|
page read and write
|
||
|
207C69F0000
|
trusted library allocation
|
page read and write
|
||
|
26736120000
|
direct allocation
|
page execute and read and write
|
||
|
1CA90E66000
|
heap
|
page read and write
|
||
|
2334DEA0000
|
remote allocation
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
1200C860000
|
heap
|
page read and write
|
||
|
26331040000
|
heap
|
page read and write
|
||
|
2758FC49000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
20607C89000
|
heap
|
page read and write
|
||
|
1200C845000
|
heap
|
page read and write
|
||
|
7FFC6721B000
|
unkown
|
page read and write
|
||
|
1A366BBA000
|
heap
|
page read and write
|
||
|
1A367021000
|
heap
|
page read and write
|
||
|
256412C0000
|
heap
|
page read and write
|
||
|
1A366BA9000
|
heap
|
page read and write
|
||
|
26331029000
|
heap
|
page read and write
|
||
|
2BCFC3C5000
|
heap
|
page read and write
|
||
|
1A366BBA000
|
heap
|
page read and write
|
||
|
26E7F482000
|
heap
|
page read and write
|
||
|
1200C86F000
|
heap
|
page read and write
|
||
|
25FB2A70000
|
heap
|
page read and write
|
||
|
F49FD0C000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
26737B40000
|
remote allocation
|
page read and write
|
||
|
2BCFC2F0000
|
direct allocation
|
page execute and read and write
|
||
|
2613086E000
|
heap
|
page read and write
|
||
|
CC022FF000
|
stack
|
page read and write
|
||
|
1A366200000
|
heap
|
page read and write
|
||
|
875000
|
heap
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
1CA90D70000
|
heap
|
page read and write
|
||
|
45D4878000
|
stack
|
page read and write
|
||
|
1E31CB02000
|
heap
|
page read and write
|
||
|
1B330E29000
|
heap
|
page read and write
|
||
|
2BCFC190000
|
heap
|
page read and write
|
||
|
23348670000
|
heap
|
page read and write
|
||
|
1A367002000
|
heap
|
page read and write
|
||
|
1A366213000
|
heap
|
page read and write
|
||
|
2334E026000
|
heap
|
page read and write
|
||
|
447D27F000
|
stack
|
page read and write
|
||
|
2B30000
|
remote allocation
|
page read and write
|
||
|
1200C86D000
|
heap
|
page read and write
|
||
|
2830BACF000
|
heap
|
page read and write
|
||
|
2334DD70000
|
trusted library allocation
|
page read and write
|
||
|
2ECCDFF000
|
stack
|
page read and write
|
||
|
1A366313000
|
heap
|
page read and write
|
||
|
CC0227C000
|
stack
|
page read and write
|
||
|
2758FC4B000
|
heap
|
page read and write
|
||
|
2830BACE000
|
heap
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
26E7F220000
|
heap
|
page read and write
|
||
|
294C000
|
stack
|
page read and write
|
||
|
7FFC67212000
|
unkown
|
page readonly
|
||
|
2758FC83000
|
heap
|
page read and write
|
||
|
2334E01A000
|
heap
|
page read and write
|
||
|
26E7F400000
|
heap
|
page read and write
|
||
|
1A366B7A000
|
heap
|
page read and write
|
||
|
1A366BA9000
|
heap
|
page read and write
|
||
|
7FFC6721B000
|
unkown
|
page read and write
|
||
|
26E7F290000
|
heap
|
page read and write
|
||
|
8EA000
|
heap
|
page read and write
|
||
|
207C6CD0000
|
trusted library allocation
|
page read and write
|
||
|
233486E0000
|
heap
|
page read and write
|
||
|
20607D02000
|
heap
|
page read and write
|
||
|
267363F0000
|
heap
|
page readonly
|
||
|
263310BA000
|
heap
|
page read and write
|
||
|
A4E717F000
|
stack
|
page read and write
|
||
|
26331900000
|
heap
|
page read and write
|
||
|
1A366BAA000
|
heap
|
page read and write
|
||
|
20607C57000
|
heap
|
page read and write
|
||
|
26736130000
|
heap
|
page read and write
|
||
|
1E31C930000
|
heap
|
page read and write
|
||
|
1B330D50000
|
heap
|
page read and write
|
||
|
2830BACA000
|
heap
|
page read and write
|
||
|
2613085A000
|
heap
|
page read and write
|
||
|
9A6000
|
heap
|
page read and write
|
||
|
1A366B7C000
|
heap
|
page read and write
|
||
|
2830BAB0000
|
heap
|
page read and write
|
||
|
25641344000
|
heap
|
page read and write
|
||
|
BBDF8FB000
|
stack
|
page read and write
|
||
|
25641340000
|
heap
|
page read and write
|
||
|
1CA90E72000
|
heap
|
page read and write
|
||
|
1A366B89000
|
heap
|
page read and write
|
||
|
7FFC67212000
|
unkown
|
page readonly
|
||
|
256415DB000
|
heap
|
page read and write
|
||
|
26737B90000
|
heap
|
page read and write
|
||
|
20607A00000
|
heap
|
page read and write
|
||
|
890000
|
remote allocation
|
page read and write
|
||
|
2BCFC030000
|
unkown
|
page read and write
|
||
|
2ECCEFF000
|
stack
|
page read and write
|
||
|
20607C68000
|
heap
|
page read and write
|
||
|
25641320000
|
heap
|
page read and write
|
||
|
2C2D000
|
heap
|
page read and write
|
||
|
2758FC3C000
|
heap
|
page read and write
|
||
|
2BCFC030000
|
heap
|
page read and write
|
||
|
1A367021000
|
heap
|
page read and write
|
||
|
1200C740000
|
heap
|
page read and write
|
||
|
207C5E30000
|
heap
|
page read and write
|
||
|
1A366B98000
|
heap
|
page read and write
|
||
|
F6581FF000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
26736405000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page read and write
|
||
|
26130E80000
|
trusted library allocation
|
page read and write
|
||
|
23349B93000
|
trusted library allocation
|
page read and write
|
||
|
A6C277E000
|
stack
|
page read and write
|
||
|
7FFC6721B000
|
unkown
|
page read and write
|
||
|
26735F70000
|
heap
|
page read and write
|
||
|
23348902000
|
heap
|
page read and write
|
||
|
87A000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1A366248000
|
heap
|
page read and write
|
||
|
F6587FD000
|
stack
|
page read and write
|
||
|
2564133B000
|
heap
|
page read and write
|
||
|
2DA6000
|
heap
|
page read and write
|
||
|
1200C902000
|
heap
|
page read and write
|
||
|
27590202000
|
trusted library allocation
|
page read and write
|
||
|
1F41C802000
|
heap
|
page read and write
|
||
|
25641220000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
1A3662A4000
|
heap
|
page read and write
|
||
|
26E7FC02000
|
trusted library allocation
|
page read and write
|
||
|
1A366B0E000
|
heap
|
page read and write
|
||
|
1A366B5C000
|
heap
|
page read and write
|
||
|
52537E000
|
stack
|
page read and write
|
||
|
2BCFC030000
|
unkown
|
page read and write
|
||
|
2334888B000
|
heap
|
page read and write
|
||
|
1E31C9C0000
|
trusted library allocation
|
page read and write
|
||
|
256415D5000
|
heap
|
page read and write
|
||
|
8F1000
|
heap
|
page read and write
|
||
|
2334E0FB000
|
heap
|
page read and write
|
||
|
26E7F458000
|
heap
|
page read and write
|
||
|
1200C880000
|
heap
|
page read and write
|
||
|
2334E0E3000
|
heap
|
page read and write
|
||
|
26737B10000
|
heap
|
page read and write
|
||
|
45D3F0E000
|
stack
|
page read and write
|
||
|
1F41C6C0000
|
heap
|
page read and write
|
||
|
2BC1000
|
heap
|
page read and write
|
||
|
26E7F230000
|
heap
|
page read and write
|
||
|
F4A007F000
|
stack
|
page read and write
|
||
|
26130800000
|
heap
|
page read and write
|
||
|
1A366B7A000
|
heap
|
page read and write
|
||
|
1CA90E50000
|
heap
|
page read and write
|
||
|
1E31CA55000
|
heap
|
page read and write
|
||
|
8F1000
|
heap
|
page read and write
|
||
|
2830BACA000
|
heap
|
page read and write
|
||
|
207C6A50000
|
trusted library allocation
|
page read and write
|
||
|
1A366BC9000
|
heap
|
page read and write
|
||
|
2564133F000
|
heap
|
page read and write
|
||
|
20607C84000
|
heap
|
page read and write
|
||
|
26130720000
|
heap
|
page read and write
|
||
|
26E7F45D000
|
heap
|
page read and write
|
||
|
256412F3000
|
heap
|
page read and write
|
||
|
1F41C851000
|
heap
|
page read and write
|
||
|
1F41C800000
|
heap
|
page read and write
|
||
|
2BC80030000
|
heap
|
page readonly
|
||
|
AE0000
|
direct allocation
|
page execute and read and write
|
||
|
1A366B75000
|
heap
|
page read and write
|
||
|
23349113000
|
heap
|
page read and write
|
||
|
1A367002000
|
heap
|
page read and write
|
||
|
2334E0DF000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
1A366B76000
|
heap
|
page read and write
|
||
|
78AA97B000
|
stack
|
page read and write
|
||
|
1CA90E8F000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page read and write
|
||
|
45D4577000
|
stack
|
page read and write
|
||
|
267360D0000
|
heap
|
page read and write
|
||
|
2758FC00000
|
heap
|
page read and write
|
||
|
2830BAD3000
|
heap
|
page read and write
|
||
|
23349B90000
|
trusted library allocation
|
page read and write
|
||
|
26E7F508000
|
heap
|
page read and write
|
||
|
2334DEA0000
|
trusted library allocation
|
page read and write
|
||
|
2C53000
|
heap
|
page read and write
|
||
|
2BC80080000
|
heap
|
page read and write
|
||
|
23348907000
|
heap
|
page read and write
|
||
|
1A36624F000
|
heap
|
page read and write
|
||
|
1200C87C000
|
heap
|
page read and write
|
||
|
26130857000
|
heap
|
page read and write
|
||
|
1A366B98000
|
heap
|
page read and write
|
||
|
1200C85D000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
20607D13000
|
heap
|
page read and write
|
||
|
2334DD40000
|
trusted library allocation
|
page read and write
|
||
|
23349159000
|
heap
|
page read and write
|
||
|
1CA90E8A000
|
heap
|
page read and write
|
||
|
2830BAEE000
|
heap
|
page read and write
|
||
|
207C5EEA000
|
heap
|
page read and write
|
||
|
207C6CC0000
|
trusted library allocation
|
page read and write
|
||
|
2758FC61000
|
heap
|
page read and write
|
||
|
2334889F000
|
heap
|
page read and write
|
||
|
1200C82E000
|
heap
|
page read and write
|
||
|
1A366B80000
|
heap
|
page read and write
|
||
|
26130813000
|
heap
|
page read and write
|
||
|
1F41C813000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
2DEE000
|
heap
|
page read and write
|
||
|
1A366B98000
|
heap
|
page read and write
|
||
|
207C5DC0000
|
heap
|
page read and write
|
||
|
1200C87D000
|
heap
|
page read and write
|
||
|
7FFC67212000
|
unkown
|
page readonly
|
||
|
26737B40000
|
remote allocation
|
page read and write
|
||
|
4AD47C000
|
stack
|
page read and write
|
||
|
1A366249000
|
heap
|
page read and write
|
||
|
2564134A000
|
heap
|
page read and write
|
||
|
1B331550000
|
remote allocation
|
page read and write
|
||
|
1A366B83000
|
heap
|
page read and write
|
||
|
2334E032000
|
heap
|
page read and write
|
||
|
2DA7000
|
heap
|
page read and write
|
||
|
4484BFF000
|
stack
|
page read and write
|
||
|
2334E102000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
1A366B75000
|
heap
|
page read and write
|
||
|
BBDF67E000
|
stack
|
page read and write
|
||
|
2758FD02000
|
heap
|
page read and write
|
||
|
1200C832000
|
heap
|
page read and write
|
||
|
26736138000
|
heap
|
page read and write
|
||
|
BBDF6FE000
|
stack
|
page read and write
|
||
|
2334E016000
|
heap
|
page read and write
|
||
|
1A366B93000
|
heap
|
page read and write
|
||
|
261306B0000
|
heap
|
page read and write
|
||
|
2BCFC3C0000
|
heap
|
page read and write
|
||
|
52527E000
|
stack
|
page read and write
|
||
|
1200C826000
|
heap
|
page read and write
|
||
|
26331000000
|
heap
|
page read and write
|
||
|
2334E020000
|
heap
|
page read and write
|
||
|
F6586FE000
|
stack
|
page read and write
|
||
|
2BCFC1E0000
|
heap
|
page read and write
|
||
|
1A366308000
|
heap
|
page read and write
|
||
|
1A3662AF000
|
heap
|
page read and write
|
||
|
1200C858000
|
heap
|
page read and write
|
||
|
94E000
|
heap
|
page read and write
|
||
|
1F41C6B0000
|
heap
|
page read and write
|
||
|
1A366BA9000
|
heap
|
page read and write
|
||
|
BBDF39B000
|
stack
|
page read and write
|
||
|
A4E6E7B000
|
stack
|
page read and write
|
||
|
2334DEA0000
|
remote allocation
|
page read and write
|
||
|
207C5E78000
|
heap
|
page read and write
|
||
|
26331113000
|
heap
|
page read and write
|
||
|
2334DE10000
|
trusted library allocation
|
page read and write
|
||
|
2BCFC2E0000
|
heap
|
page read and write
|
||
|
20607C13000
|
heap
|
page read and write
|
||
|
1F41C908000
|
heap
|
page read and write
|
||
|
1A367002000
|
heap
|
page read and write
|
||
|
BBDF7FB000
|
stack
|
page read and write
|
||
|
44847DE000
|
stack
|
page read and write
|
||
|
447D177000
|
stack
|
page read and write
|
||
|
1A366B76000
|
heap
|
page read and write
|
||
|
1A366B8D000
|
heap
|
page read and write
|
||
|
CA4D87C000
|
stack
|
page read and write
|
||
|
23348894000
|
heap
|
page read and write
|
||
|
7FFC6721B000
|
unkown
|
page read and write
|
||
|
2ECCBF7000
|
stack
|
page read and write
|
||
|
1200C862000
|
heap
|
page read and write
|
||
|
52557D000
|
stack
|
page read and write
|
||
|
2334DD64000
|
trusted library allocation
|
page read and write
|
||
|
1A366880000
|
remote allocation
|
page read and write
|
||
|
1A366B7B000
|
heap
|
page read and write
|
||
|
7FFC671F0000
|
unkown
|
page readonly
|
||
|
D7F747C000
|
stack
|
page read and write
|
||
|
1F41C88A000
|
heap
|
page read and write
|
||
|
10B7079000
|
stack
|
page read and write
|
||
|
2334888D000
|
heap
|
page read and write
|
||
|
BBDFA77000
|
stack
|
page read and write
|
||
|
4AD67F000
|
stack
|
page read and write
|
||
|
2BCFC3C0000
|
heap
|
page read and write
|
||
|
2758FC13000
|
heap
|
page read and write
|
||
|
1A367002000
|
heap
|
page read and write
|
||
|
94B000
|
heap
|
page read and write
|
||
|
20607C53000
|
heap
|
page read and write
|
||
|
CA4D97E000
|
stack
|
page read and write
|
||
|
1A366B97000
|
heap
|
page read and write
|
||
|
2BCFC1E7000
|
heap
|
page read and write
|
||
|
1200C750000
|
heap
|
page read and write
|
||
|
2613083F000
|
heap
|
page read and write
|
||
|
CC0227C000
|
stack
|
page read and write
|
||
|
45D3F8E000
|
stack
|
page read and write
|
||
|
207C5E35000
|
heap
|
page read and write
|
||
|
BBDFC7F000
|
stack
|
page read and write
|
||
|
2BCFC1E7000
|
heap
|
page read and write
|
||
|
2334DD60000
|
trusted library allocation
|
page read and write
|
||
|
1A366BBA000
|
heap
|
page read and write
|
||
|
1E31CA68000
|
heap
|
page read and write
|
||
|
1CA90E78000
|
heap
|
page read and write
|
||
|
2758FD00000
|
heap
|
page read and write
|
||
|
207C5EBF000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
1E31D202000
|
trusted library allocation
|
page read and write
|
||
|
1A366BBA000
|
heap
|
page read and write
|
||
|
2830BAB8000
|
heap
|
page read and write
|
||
|
1A3662CA000
|
heap
|
page read and write
|
||
|
9A6000
|
heap
|
page read and write
|
||
|
1A366BA9000
|
heap
|
page read and write
|
||
|
2334E065000
|
heap
|
page read and write
|
||
|
5252FC000
|
stack
|
page read and write
|
||
|
F6585FD000
|
stack
|
page read and write
|
||
|
A4E693C000
|
stack
|
page read and write
|
||
|
951000
|
heap
|
page read and write
|
||
|
2334DD80000
|
trusted library allocation
|
page read and write
|
||
|
2334E058000
|
heap
|
page read and write
|
||
|
CA4DB7D000
|
stack
|
page read and write
|
||
|
F6584FB000
|
stack
|
page read and write
|
||
|
1B330E5C000
|
heap
|
page read and write
|
||
|
2334883D000
|
heap
|
page read and write
|
||
|
D7F737E000
|
stack
|
page read and write
|
||
|
7FFC6721B000
|
unkown
|
page read and write
|
||
|
263310E1000
|
heap
|
page read and write
|
||
|
233496F0000
|
trusted library allocation
|
page read and write
|
||
|
943000
|
heap
|
page read and write
|
||
|
2C55000
|
heap
|
page read and write
|
||
|
1A366229000
|
heap
|
page read and write
|
||
|
267363F0000
|
heap
|
page readonly
|
||
|
25641240000
|
heap
|
page read and write
|
||
|
180030000
|
direct allocation
|
page readonly
|
||
|
1A366060000
|
heap
|
page read and write
|
||
|
1A366880000
|
remote allocation
|
page read and write
|
||
|
1B330F02000
|
heap
|
page read and write
|
||
|
247F000
|
stack
|
page read and write
|
||
|
99A000
|
heap
|
page read and write
|
||
|
2BCFC190000
|
heap
|
page read and write
|
||
|
180030000
|
direct allocation
|
page readonly
|
||
|
2334E0A5000
|
heap
|
page read and write
|
||
|
2C58000
|
heap
|
page read and write
|
||
|
2830BD50000
|
heap
|
page read and write
|
||
|
1A366B75000
|
heap
|
page read and write
|
||
|
1A36624B000
|
heap
|
page read and write
|
||
|
45D477E000
|
stack
|
page read and write
|
||
|
207C5ECD000
|
heap
|
page read and write
|
||
|
233488A9000
|
heap
|
page read and write
|
||
|
1B330DF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFC6721F000
|
unkown
|
page readonly
|
||
|
2564134E000
|
heap
|
page read and write
|
||
|
1A366B91000
|
heap
|
page read and write
|
||
|
5255FE000
|
stack
|
page read and write
|
||
|
2BCFC2F0000
|
direct allocation
|
page execute and read and write
|
||
|
7FFC6721B000
|
unkown
|
page read and write
|
||
|
2830BCC0000
|
heap
|
page read and write
|
||
|
2C53000
|
heap
|
page read and write
|
||
|
1200C85A000
|
heap
|
page read and write
|
||
|
7FFC67212000
|
unkown
|
page readonly
|
||
|
2334DC20000
|
trusted library allocation
|
page read and write
|
||
|
1A366B96000
|
heap
|
page read and write
|
||
|
2C76000
|
heap
|
page read and write
|
||
|
4AD97F000
|
stack
|
page read and write
|
||
|
1A366B98000
|
heap
|
page read and write
|
||
|
23349100000
|
heap
|
page read and write
|
||
|
25FB2A7D000
|
heap
|
page read and write
|
||
|
78AA67B000
|
stack
|
page read and write
|
||
|
10B6CCA000
|
stack
|
page read and write
|
||
|
256410E0000
|
heap
|
page read and write
|
||
|
45D3E8B000
|
stack
|
page read and write
|
||
|
2334DD84000
|
trusted library allocation
|
page read and write
|
||
|
F65847D000
|
stack
|
page read and write
|
||
|
1200C846000
|
heap
|
page read and write
|
||
|
25641344000
|
heap
|
page read and write
|
||
|
F6588FF000
|
stack
|
page read and write
|
||
|
257E000
|
stack
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
1200D002000
|
trusted library allocation
|
page read and write
|
||
|
2830EF53000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
F49FD0C000
|
stack
|
page read and write
|
||
|
180030000
|
direct allocation
|
page readonly
|
||
|
26E7F429000
|
heap
|
page read and write
|
||
|
7FFC671F0000
|
unkown
|
page readonly
|
||
|
2334E053000
|
heap
|
page read and write
|
||
|
1A36624D000
|
heap
|
page read and write
|
||
|
2C07000
|
heap
|
page read and write
|
||
|
2BCFC3C5000
|
heap
|
page read and write
|
||
|
233487E0000
|
trusted library allocation
|
page read and write
|
||
|
2334DD40000
|
trusted library allocation
|
page read and write
|
||
|
1A366000000
|
heap
|
page read and write
|
||
|
1A3662CE000
|
heap
|
page read and write
|
||
|
256412F0000
|
heap
|
page read and write
|
||
|
52547E000
|
stack
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
7FFC6721F000
|
unkown
|
page readonly
|
||
|
2334DEA0000
|
remote allocation
|
page read and write
|
||
|
1A366B7D000
|
heap
|
page read and write
|
||
|
2334DFA0000
|
trusted library allocation
|
page read and write
|
||
|
2334DF80000
|
trusted library allocation
|
page read and write
|
||
|
1200C868000
|
heap
|
page read and write
|
||
|
207C5D50000
|
heap
|
page read and write
|
||
|
26130913000
|
heap
|
page read and write
|
||
|
26E7F502000
|
heap
|
page read and write
|
||
|
2830BA60000
|
heap
|
page read and write
|
||
|
4AD57E000
|
stack
|
page read and write
|
||
|
91B000
|
heap
|
page read and write
|
||
|
23348879000
|
heap
|
page read and write
|
||
|
A4E6F7B000
|
stack
|
page read and write
|
||
|
CC022FF000
|
stack
|
page read and write
|
||
|
820000
|
direct allocation
|
page execute and read and write
|
||
|
1200C849000
|
heap
|
page read and write
|
||
|
20607C00000
|
heap
|
page read and write
|
||
|
D7F6FF7000
|
stack
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
1A366B79000
|
heap
|
page read and write
|
||
|
1A366B89000
|
heap
|
page read and write
|
||
|
1200C879000
|
heap
|
page read and write
|
||
|
4484AFA000
|
stack
|
page read and write
|
||
|
26736130000
|
heap
|
page read and write
|
||
|
2334E026000
|
heap
|
page read and write
|
||
|
26736120000
|
direct allocation
|
page execute and read and write
|
||
|
1F41C83C000
|
heap
|
page read and write
|
||
|
2BCFC1E0000
|
heap
|
page read and write
|
||
|
1A366B76000
|
heap
|
page read and write
|
||
|
2BC80160000
|
remote allocation
|
page read and write
|
||
|
231F000
|
stack
|
page read and write
|
||
|
98106FE000
|
stack
|
page read and write
|
||
|
207C5E60000
|
trusted library allocation
|
page read and write
|
||
|
F65837C000
|
stack
|
page read and write
|
||
|
26EE000
|
stack
|
page read and write
|
||
|
2DCE000
|
heap
|
page read and write
|
||
|
1A366160000
|
trusted library allocation
|
page read and write
|
||
|
A6C267B000
|
stack
|
page read and write
|
||
|
25641366000
|
heap
|
page read and write
|
||
|
2830BA80000
|
heap
|
page read and write
|
||
|
26331939000
|
heap
|
page read and write
|
||
|
2BCFC1E0000
|
heap
|
page read and write
|
||
|
1A36701A000
|
heap
|
page read and write
|
||
|
1A366B98000
|
heap
|
page read and write
|
||
|
263310C8000
|
heap
|
page read and write
|
||
|
99A000
|
heap
|
page read and write
|
||
|
1A367002000
|
heap
|
page read and write
|
||
|
8B8000
|
heap
|
page read and write
|
||
|
26E7F427000
|
heap
|
page read and write
|
||
|
1A366B62000
|
heap
|
page read and write
|
||
|
CC0237F000
|
stack
|
page read and write
|
||
|
7FFC67212000
|
unkown
|
page readonly
|
||
|
913000
|
heap
|
page read and write
|
||
|
1A366B26000
|
heap
|
page read and write
|
||
|
2334E046000
|
heap
|
page read and write
|
||
|
2BCFC190000
|
heap
|
page read and write
|
||
|
A4E707E000
|
stack
|
page read and write
|
||
|
94E000
|
heap
|
page read and write
|
||
|
7FFC6721F000
|
unkown
|
page readonly
|
||
|
26331912000
|
heap
|
page read and write
|
||
|
1A366B8F000
|
heap
|
page read and write
|
||
|
2564135F000
|
heap
|
page read and write
|
||
|
7FFC671F1000
|
unkown
|
page execute read
|
||
|
20607C27000
|
heap
|
page read and write
|
||
|
2BCFC3C5000
|
heap
|
page read and write
|
||
|
1CA90E70000
|
heap
|
page read and write
|
||
|
26E7F470000
|
heap
|
page read and write
|
||
|
91A000
|
heap
|
page read and write
|
||
|
1B330E55000
|
heap
|
page read and write
|
||
|
1A36624E000
|
heap
|
page read and write
|
||
|
1200C800000
|
heap
|
page read and write
|
||
|
207C5ECD000
|
heap
|
page read and write
|
||
|
2334884E000
|
heap
|
page read and write
|
||
|
2334DE60000
|
trusted library allocation
|
page read and write
|
||
|
1A366B85000
|
heap
|
page read and write
|
||
|
23348680000
|
heap
|
page read and write
|
||
|
2830BD55000
|
heap
|
page read and write
|
||
|
1B330E02000
|
heap
|
page read and write
|
||
|
25641353000
|
heap
|
page read and write
|
||
|
1A366B7D000
|
heap
|
page read and write
|
||
|
2830EF50000
|
heap
|
page read and write
|
||
|
2C66000
|
heap
|
page read and write
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
2830BAE2000
|
heap
|
page read and write
|
||
|
7FFC671F1000
|
unkown
|
page execute read
|
||
|
180030000
|
direct allocation
|
page readonly
|
||
|
26736400000
|
heap
|
page read and write
|
||
|
2334E020000
|
heap
|
page read and write
|
||
|
4484C79000
|
stack
|
page read and write
|
||
|
981067E000
|
stack
|
page read and write
|
||
|
2633106F000
|
heap
|
page read and write
|
||
|
1200C84E000
|
heap
|
page read and write
|
||
|
26331740000
|
trusted library allocation
|
page read and write
|
||
|
207C6CB0000
|
heap
|
page readonly
|
||
|
2334DE70000
|
trusted library allocation
|
page read and write
|
||
|
2334DE90000
|
trusted library allocation
|
page read and write
|
||
|
26736400000
|
heap
|
page read and write
|
||
|
447CF7F000
|
stack
|
page read and write
|
||
|
2758FC78000
|
heap
|
page read and write
|
||
|
2BCFC170000
|
heap
|
page read and write
|
||
|
F65807C000
|
stack
|
page read and write
|
||
|
26737B10000
|
heap
|
page read and write
|
||
|
207C5E81000
|
heap
|
page read and write
|
||
|
23349B71000
|
trusted library allocation
|
page read and write
|
||
|
26735F70000
|
unkown
|
page read and write
|
||
|
1200C830000
|
heap
|
page read and write
|
||
|
20607C71000
|
heap
|
page read and write
|
||
|
2B30000
|
remote allocation
|
page read and write
|
||
|
D7F717A000
|
stack
|
page read and write
|
||
|
26E7F462000
|
heap
|
page read and write
|
||
|
2BCFC2E0000
|
heap
|
page read and write
|
||
|
263310CB000
|
heap
|
page read and write
|
||
|
2334DE10000
|
trusted library allocation
|
page read and write
|
||
|
267360D0000
|
heap
|
page read and write
|
||
|
979000
|
heap
|
page read and write
|
||
|
23348902000
|
heap
|
page read and write
|
||
|
23348916000
|
heap
|
page read and write
|
||
|
91A000
|
heap
|
page read and write
|
||
|
26736138000
|
heap
|
page read and write
|
||
|
447CBBE000
|
stack
|
page read and write
|
||
|
936000
|
heap
|
page read and write
|
||
|
20607C7E000
|
heap
|
page read and write
|
||
|
2830BADD000
|
heap
|
page read and write
|
||
|
D7F6E7F000
|
stack
|
page read and write
|
||
|
2DA6000
|
heap
|
page read and write
|
||
|
2334DD4E000
|
trusted library allocation
|
page read and write
|
||
|
4484CFE000
|
stack
|
page read and write
|
||
|
447D07B000
|
stack
|
page read and write
|
||
|
2334DE10000
|
trusted library allocation
|
page read and write
|
||
|
CA4DD7E000
|
stack
|
page read and write
|
||
|
CC022FF000
|
stack
|
page read and write
|
||
|
7FFC671F0000
|
unkown
|
page readonly
|
||
|
207C5EC5000
|
heap
|
page read and write
|
||
|
20607A60000
|
heap
|
page read and write
|
||
|
1A366A02000
|
heap
|
page read and write
|
||
|
1E31CA00000
|
heap
|
page read and write
|
||
|
1A366BA9000
|
heap
|
page read and write
|
||
|
F49FD8E000
|
stack
|
page read and write
|
||
|
1A366B7F000
|
heap
|
page read and write
|
||
|
2830BAF6000
|
heap
|
page read and write
|
||
|
26E7F470000
|
heap
|
page read and write
|
||
|
45D48FF000
|
stack
|
page read and write
|
||
|
2ECCCFF000
|
stack
|
page read and write
|
||
|
26736138000
|
heap
|
page read and write
|
||
|
2758F9E0000
|
heap
|
page read and write
|
||
|
2BC80160000
|
remote allocation
|
page read and write
|
||
|
1200C847000
|
heap
|
page read and write
|
||
|
23349104000
|
heap
|
page read and write
|
||
|
CA4DC7F000
|
stack
|
page read and write
|
||
|
20608402000
|
trusted library allocation
|
page read and write
|
||
|
D7F7979000
|
stack
|
page read and write
|
||
|
448475B000
|
stack
|
page read and write
|
||
|
28AC000
|
stack
|
page read and write
|
||
|
1A366B98000
|
heap
|
page read and write
|
||
|
2BCFC170000
|
heap
|
page read and write
|
||
|
261306C0000
|
heap
|
page read and write
|
||
|
26736405000
|
heap
|
page read and write
|
||
|
2758FC50000
|
heap
|
page read and write
|
||
|
7FFC6721F000
|
unkown
|
page readonly
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
1CA90E71000
|
heap
|
page read and write
|
||
|
2C53000
|
heap
|
page read and write
|
||
|
1F41C829000
|
heap
|
page read and write
|
||
|
26130802000
|
heap
|
page read and write
|
||
|
2C55000
|
heap
|
page read and write
|
||
|
78AA77D000
|
stack
|
page read and write
|
||
|
F657E7C000
|
stack
|
page read and write
|
||
|
10B6DCF000
|
stack
|
page read and write
|
||
|
9A6000
|
heap
|
page read and write
|
||
|
7FFC671F1000
|
unkown
|
page execute read
|
||
|
1CA90E61000
|
heap
|
page read and write
|
||
|
1F41C902000
|
heap
|
page read and write
|
||
|
26737B10000
|
heap
|
page read and write
|
||
|
26E7F482000
|
heap
|
page read and write
|
||
|
1A366B6C000
|
heap
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
45D42FB000
|
stack
|
page read and write
|
||
|
7FFC671F0000
|
unkown
|
page readonly
|
||
|
23349015000
|
heap
|
page read and write
|
||
|
1A366316000
|
heap
|
page read and write
|
||
|
1E31CA28000
|
heap
|
page read and write
|
||
|
1E31CA13000
|
heap
|
page read and write
|
||
|
2BC80030000
|
heap
|
page readonly
|
||
|
1A367002000
|
heap
|
page read and write
|
||
|
BBDF97E000
|
stack
|
page read and write
|
||
|
1200C83B000
|
heap
|
page read and write
|
||
|
26737B90000
|
heap
|
page read and write
|
||
|
2ECCAFB000
|
stack
|
page read and write
|
||
|
20607C29000
|
heap
|
page read and write
|
||
|
1A366BA9000
|
heap
|
page read and write
|
||
|
45D437E000
|
stack
|
page read and write
|
||
|
1A366288000
|
heap
|
page read and write
|
||
|
207C6D20000
|
trusted library allocation
|
page read and write
|
||
|
26E7F413000
|
heap
|
page read and write
|
||
|
1A366B98000
|
heap
|
page read and write
|
||
|
2BCFC2E0000
|
heap
|
page read and write
|
||
|
23348800000
|
heap
|
page read and write
|
||
|
2DCE000
|
heap
|
page read and write
|
||
|
CA4DE7F000
|
stack
|
page read and write
|
||
|
1A3662F5000
|
heap
|
page read and write
|
||
|
25641366000
|
heap
|
page read and write
|
||
|
2BE7000
|
heap
|
page read and write
|
||
|
880000
|
heap
|
page readonly
|
||
|
BBDFD7E000
|
stack
|
page read and write
|
||
|
23349102000
|
heap
|
page read and write
|
||
|
1200C7B0000
|
heap
|
page read and write
|
||
|
1A366BB4000
|
heap
|
page read and write
|
||
|
2B0B000
|
stack
|
page read and write
|
||
|
1E31CA40000
|
heap
|
page read and write
|
||
|
565000
|
stack
|
page read and write
|
||
|
1B330E00000
|
heap
|
page read and write
|
||
|
2C9F000
|
heap
|
page read and write
|
||
|
D7F757B000
|
stack
|
page read and write
|
||
|
9AB000
|
heap
|
page read and write
|
||
|
2C2D000
|
heap
|
page read and write
|
||
|
1A366B7E000
|
heap
|
page read and write
|
||
|
2758FC4D000
|
heap
|
page read and write
|
||
|
1A366B98000
|
heap
|
page read and write
|
||
|
1F41C85C000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
2C3F000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
1CA90E81000
|
heap
|
page read and write
|
||
|
D7F7B7E000
|
stack
|
page read and write
|
||
|
4AD87F000
|
stack
|
page read and write
|
||
|
23348875000
|
heap
|
page read and write
|
||
|
2758F9D0000
|
heap
|
page read and write
|
||
|
1A3662B7000
|
heap
|
page read and write
|
||
|
233488AB000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
1F41C84B000
|
heap
|
page read and write
|
||
|
1A366B98000
|
heap
|
page read and write
|
||
|
26736130000
|
heap
|
page read and write
|
||
|
CC0227C000
|
stack
|
page read and write
|
||
|
7FFC671F1000
|
unkown
|
page execute read
|
||
|
207C6A60000
|
trusted library allocation
|
page read and write
|
||
|
7FFC6721B000
|
unkown
|
page read and write
|
||
|
CA4D2CC000
|
stack
|
page read and write
|
||
|
4AD4FE000
|
stack
|
page read and write
|
||
|
26331013000
|
heap
|
page read and write
|
||
|
2C53000
|
heap
|
page read and write
|
||
|
26E7F459000
|
heap
|
page read and write
|
||
|
D7F727A000
|
stack
|
page read and write
|
||
|
1200C83E000
|
heap
|
page read and write
|
||
|
2830EF60000
|
trusted library allocation
|
page read and write
|
||
|
180030000
|
direct allocation
|
page readonly
|
||
|
1A366B98000
|
heap
|
page read and write
|
||
|
78AA9FE000
|
stack
|
page read and write
|
||
|
1A366BBA000
|
heap
|
page read and write
|
||
|
1A366B24000
|
heap
|
page read and write
|
||
|
23349BA0000
|
trusted library allocation
|
page read and write
|
||
|
1F41C720000
|
heap
|
page read and write
|
||
|
275901A0000
|
trusted library allocation
|
page read and write
|
||
|
981077F000
|
stack
|
page read and write
|
||
|
1A366BC5000
|
heap
|
page read and write
|
||
|
937000
|
heap
|
page read and write
|
||
|
25FB2A83000
|
heap
|
page read and write
|
||
|
1F41CE80000
|
trusted library allocation
|
page read and write
|
||
|
1A366B00000
|
heap
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
1A3662C4000
|
heap
|
page read and write
|
||
|
2334DBA0000
|
trusted library allocation
|
page read and write
|
||
|
2564134E000
|
heap
|
page read and write
|
||
|
7FFC671F1000
|
unkown
|
page execute read
|
||
|
26736120000
|
direct allocation
|
page execute and read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
2758FD08000
|
heap
|
page read and write
|
||
|
1A366880000
|
remote allocation
|
page read and write
|
||
|
2C3B000
|
heap
|
page read and write
|
||
|
1A366B87000
|
heap
|
page read and write
|
||
|
1A366B98000
|
heap
|
page read and write
|
||
|
2830BD5B000
|
heap
|
page read and write
|
||
|
2334E0FD000
|
heap
|
page read and write
|
There are 936 hidden memdumps, click here to show them.