Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
qJhkILqiEA.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
MPEG-4 LOAS
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0xe8784526, page size 16384, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_qJh_4c633c907b4a85acdb7918fc966c22f420621b1_e567d4a7_0d7c99ac\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_qJh_4c633c907b4a85acdb7918fc966c22f420621b1_e567d4a7_1130994e\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER125C.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1422.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER146F.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1664.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD79.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sun May 22 20:48:30 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFCB.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sun May 22 20:48:31 2022, 0x1205a4 type
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, 61480 bytes, 1 file
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
|
Little-endian UTF-16 Unicode text, with CRLF, CR line terminators
|
modified
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_qJh_4c633c907b4a85acdb7918fc966c22f420621b1_e567d4a7_19e8067e\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_qJh_4c633c907b4a85acdb7918fc966c22f420621b1_e567d4a7_19f80630\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE25C.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sun May 22 20:36:37 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE625.tmp.dmp
|
Mini DuMP crash report, 15 streams, Sun May 22 20:36:38 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE9CF.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WEREEF0.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFD1A.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFEFE.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
There are 15 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\qJhkILqiEA.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\qJhkILqiEA.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\qJhkILqiEA.dll,AddIn_FileTime
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\IxbPFgKevemZDIDo\xuHXDLB.dll"
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\qJhkILqiEA.dll,AddIn_SystemTime
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\qJhkILqiEA.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k NetworkService -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k unistacksvcgroup
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\JTkGafd\eTKTE.dll"
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\qJhkILqiEA.dll"
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\qJhkILqiEA.dll",#1
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 3180 -s 336
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 3088 -s 332
|
||
|
C:\Windows\System32\SgrmBroker.exe
|
C:\Windows\system32\SgrmBroker.exe
|
||
|
C:\Program Files\Windows Defender\MpCmdRun.exe
|
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 2960 -s 352
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 6236 -s 328
|
There are 17 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://173.82.82.196:8080/f
|
unknown
|
|
|
|
https://173.82.82.196/0.v9
|
unknown
|
|
|
|
https://173.82.82.196:8080/(.
|
unknown
|
|
|
|
https://173.82.82.196/
|
unknown
|
|
|
|
https://173.82.82.196:8080/
|
unknown
|
|
|
|
https://173.82.82.196:8080/P
|
unknown
|
|
|
|
https://173.82.82.196:8080/tem
|
unknown
|
|
|
|
https://173.82.82.196:8080/4
|
unknown
|
|
|
|
https://173.82.82.196:8080/X
|
unknown
|
|
|
|
https://dev.ditu.live.com/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Driving
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
https://t0.tiles.ditu.live.com/tiles/gen
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Walking
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/logging.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?entry=
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Transit/Schedules/
|
unknown
|
||
|
https://www.hotspotshield.com/terms/
|
unknown
|
||
|
https://www.pango.co/privacy
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/mapcontrol/roadshield.ashx?bucket=
|
unknown
|
||
|
http://www.bingmapsportal.com
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
|
unknown
|
||
|
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Transit/Stops/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Transit/Stops/
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
|
unknown
|
||
|
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
|
unknown
|
||
|
https://%s.xboxlive.com
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Locations
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/logging.ashx
|
unknown
|
||
|
https://support.hotspotshield.com/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://dynamic.t
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Transit
|
unknown
|
||
|
https://disneyplus.com/legal.
|
unknown
|
||
|
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://activity.windows.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Locations
|
unknown
|
||
|
http://help.disneyplus.com.
|
unknown
|
||
|
https://%s.dnet.xboxlive.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
|
unknown
|
||
|
https://www.tiktok.com/legal/report
|
unknown
|
There are 50 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
173.82.82.196
|
unknown
|
United States
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
\REGISTRY\A\{881459e6-58c9-6320-5502-fa02f11bf79e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProgramId
|
||
|
\REGISTRY\A\{881459e6-58c9-6320-5502-fa02f11bf79e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
FileId
|
||
|
\REGISTRY\A\{881459e6-58c9-6320-5502-fa02f11bf79e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{881459e6-58c9-6320-5502-fa02f11bf79e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LongPathHash
|
||
|
\REGISTRY\A\{881459e6-58c9-6320-5502-fa02f11bf79e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Name
|
||
|
\REGISTRY\A\{881459e6-58c9-6320-5502-fa02f11bf79e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Publisher
|
||
|
\REGISTRY\A\{881459e6-58c9-6320-5502-fa02f11bf79e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Version
|
||
|
\REGISTRY\A\{881459e6-58c9-6320-5502-fa02f11bf79e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinFileVersion
|
||
|
\REGISTRY\A\{881459e6-58c9-6320-5502-fa02f11bf79e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinaryType
|
||
|
\REGISTRY\A\{881459e6-58c9-6320-5502-fa02f11bf79e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductName
|
||
|
\REGISTRY\A\{881459e6-58c9-6320-5502-fa02f11bf79e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductVersion
|
||
|
\REGISTRY\A\{881459e6-58c9-6320-5502-fa02f11bf79e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LinkDate
|
||
|
\REGISTRY\A\{881459e6-58c9-6320-5502-fa02f11bf79e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinProductVersion
|
||
|
\REGISTRY\A\{881459e6-58c9-6320-5502-fa02f11bf79e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Size
|
||
|
\REGISTRY\A\{881459e6-58c9-6320-5502-fa02f11bf79e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Language
|
||
|
\REGISTRY\A\{881459e6-58c9-6320-5502-fa02f11bf79e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsPeFile
|
||
|
\REGISTRY\A\{881459e6-58c9-6320-5502-fa02f11bf79e}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsOsComponent
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug
|
ExceptionRecord
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Usage
|
MonthID
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
\REGISTRY\A\{0b3cecbb-22ab-fd47-0897-64f2253c883d}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProgramId
|
||
|
\REGISTRY\A\{0b3cecbb-22ab-fd47-0897-64f2253c883d}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
FileId
|
||
|
\REGISTRY\A\{0b3cecbb-22ab-fd47-0897-64f2253c883d}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{0b3cecbb-22ab-fd47-0897-64f2253c883d}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LongPathHash
|
||
|
\REGISTRY\A\{0b3cecbb-22ab-fd47-0897-64f2253c883d}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Name
|
||
|
\REGISTRY\A\{0b3cecbb-22ab-fd47-0897-64f2253c883d}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Publisher
|
||
|
\REGISTRY\A\{0b3cecbb-22ab-fd47-0897-64f2253c883d}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Version
|
||
|
\REGISTRY\A\{0b3cecbb-22ab-fd47-0897-64f2253c883d}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinFileVersion
|
||
|
\REGISTRY\A\{0b3cecbb-22ab-fd47-0897-64f2253c883d}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinaryType
|
||
|
\REGISTRY\A\{0b3cecbb-22ab-fd47-0897-64f2253c883d}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductName
|
||
|
\REGISTRY\A\{0b3cecbb-22ab-fd47-0897-64f2253c883d}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductVersion
|
||
|
\REGISTRY\A\{0b3cecbb-22ab-fd47-0897-64f2253c883d}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LinkDate
|
||
|
\REGISTRY\A\{0b3cecbb-22ab-fd47-0897-64f2253c883d}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinProductVersion
|
||
|
\REGISTRY\A\{0b3cecbb-22ab-fd47-0897-64f2253c883d}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Size
|
||
|
\REGISTRY\A\{0b3cecbb-22ab-fd47-0897-64f2253c883d}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Language
|
||
|
\REGISTRY\A\{0b3cecbb-22ab-fd47-0897-64f2253c883d}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsPeFile
|
||
|
\REGISTRY\A\{0b3cecbb-22ab-fd47-0897-64f2253c883d}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsOsComponent
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
00184006417502B9
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
00184006417502B9
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
There are 43 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
298CA850000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
750000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
1B300000000
|
direct allocation
|
page execute and read and write
|
|
|
|
A00000
|
direct allocation
|
page execute and read and write
|
|
|
|
1B300000000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
1B300000000
|
direct allocation
|
page execute and read and write
|
|
|
|
298CA850000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
298CA850000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
1B37B3E5000
|
heap
|
page read and write
|
||
|
1EC20713000
|
heap
|
page read and write
|
||
|
2136F813000
|
heap
|
page read and write
|
||
|
1B999FE000
|
stack
|
page read and write
|
||
|
298C8FB0000
|
heap
|
page read and write
|
||
|
22AD9654000
|
heap
|
page read and write
|
||
|
1D2083D0000
|
heap
|
page read and write
|
||
|
195B5E3E000
|
heap
|
page read and write
|
||
|
1C77B94D000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page readonly
|
||
|
1C77B985000
|
heap
|
page read and write
|
||
|
1D2086B9000
|
heap
|
page read and write
|
||
|
22AD9570000
|
heap
|
page read and write
|
||
|
1B292377000
|
heap
|
page read and write
|
||
|
1D208600000
|
heap
|
page read and write
|
||
|
2136F913000
|
heap
|
page read and write
|
||
|
1C77AE13000
|
heap
|
page read and write
|
||
|
22F4C26C000
|
heap
|
page read and write
|
||
|
1ECE1F06000
|
heap
|
page read and write
|
||
|
298C8F50000
|
heap
|
page read and write
|
||
|
1B37B3E0000
|
heap
|
page read and write
|
||
|
7C4F07E000
|
stack
|
page read and write
|
||
|
22F4BFC0000
|
trusted library allocation
|
page read and write
|
||
|
1B292360000
|
heap
|
page read and write
|
||
|
2D0A000
|
heap
|
page read and write
|
||
|
22F46A9E000
|
heap
|
page read and write
|
||
|
1872D760000
|
trusted library allocation
|
page read and write
|
||
|
7C4EDFE000
|
stack
|
page read and write
|
||
|
1B37B360000
|
direct allocation
|
page execute and read and write
|
||
|
1C77B98E000
|
heap
|
page read and write
|
||
|
25A3D913000
|
heap
|
page read and write
|
||
|
1872DBD0000
|
heap
|
page read and write
|
||
|
195B5E4A000
|
heap
|
page read and write
|
||
|
1BAB17E000
|
stack
|
page read and write
|
||
|
2C00000
|
remote allocation
|
page read and write
|
||
|
1C77B924000
|
heap
|
page read and write
|
||
|
1C77B924000
|
heap
|
page read and write
|
||
|
1C77B950000
|
heap
|
page read and write
|
||
|
2B5F000
|
stack
|
page read and write
|
||
|
195B5E41000
|
heap
|
page read and write
|
||
|
1ECE52F0000
|
heap
|
page read and write
|
||
|
2136F849000
|
heap
|
page read and write
|
||
|
25A3D878000
|
heap
|
page read and write
|
||
|
195B5E5C000
|
heap
|
page read and write
|
||
|
BC3DEFB000
|
stack
|
page read and write
|
||
|
1D20863E000
|
heap
|
page read and write
|
||
|
22F4BFCE000
|
trusted library allocation
|
page read and write
|
||
|
195B5D50000
|
heap
|
page read and write
|
||
|
1C77B984000
|
heap
|
page read and write
|
||
|
1D208702000
|
heap
|
page read and write
|
||
|
1ECE1EE9000
|
heap
|
page read and write
|
||
|
ACE000
|
heap
|
page read and write
|
||
|
9A024FE000
|
stack
|
page read and write
|
||
|
2D08000
|
heap
|
page read and write
|
||
|
22AD9702000
|
heap
|
page read and write
|
||
|
4A49DFD000
|
stack
|
page read and write
|
||
|
21F0000
|
heap
|
page read and write
|
||
|
1EC20682000
|
heap
|
page read and write
|
||
|
1EC20700000
|
heap
|
page read and write
|
||
|
2C00000
|
remote allocation
|
page read and write
|
||
|
9375BFF000
|
stack
|
page read and write
|
||
|
1C77B98D000
|
heap
|
page read and write
|
||
|
2D0A000
|
heap
|
page read and write
|
||
|
1C77B97A000
|
heap
|
page read and write
|
||
|
1C77BE02000
|
heap
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
2136F887000
|
heap
|
page read and write
|
||
|
22F4C303000
|
heap
|
page read and write
|
||
|
25A3D852000
|
heap
|
page read and write
|
||
|
1EC20410000
|
heap
|
page read and write
|
||
|
2450000
|
heap
|
page read and write
|
||
|
7C4E8DC000
|
stack
|
page read and write
|
||
|
1EC20400000
|
heap
|
page read and write
|
||
|
4A49CFE000
|
stack
|
page read and write
|
||
|
1C77B99F000
|
heap
|
page read and write
|
||
|
1D208662000
|
heap
|
page read and write
|
||
|
1D208686000
|
heap
|
page read and write
|
||
|
1EC20613000
|
heap
|
page read and write
|
||
|
9A0247F000
|
stack
|
page read and write
|
||
|
7FFFEFBA2000
|
unkown
|
page readonly
|
||
|
1C77AE54000
|
heap
|
page read and write
|
||
|
22F47318000
|
heap
|
page read and write
|
||
|
22F4C222000
|
heap
|
page read and write
|
||
|
1C77B986000
|
heap
|
page read and write
|
||
|
22AD9670000
|
heap
|
page read and write
|
||
|
1B37CC30000
|
heap
|
page read and write
|
||
|
1B300150000
|
remote allocation
|
page read and write
|
||
|
1ECE1ED7000
|
heap
|
page read and write
|
||
|
395000
|
stack
|
page read and write
|
||
|
1E43FA02000
|
trusted library allocation
|
page read and write
|
||
|
9FD96FB000
|
stack
|
page read and write
|
||
|
7F0000
|
direct allocation
|
page execute and read and write
|
||
|
22F4C120000
|
remote allocation
|
page read and write
|
||
|
1B37B0B0000
|
heap
|
page read and write
|
||
|
22F46AAA000
|
heap
|
page read and write
|
||
|
1BAA4CB000
|
stack
|
page read and write
|
||
|
1C77AF13000
|
heap
|
page read and write
|
||
|
22F46A75000
|
heap
|
page read and write
|
||
|
2D08000
|
heap
|
page read and write
|
||
|
BC3DFFF000
|
stack
|
page read and write
|
||
|
195B5E3A000
|
heap
|
page read and write
|
||
|
1B292372000
|
heap
|
page read and write
|
||
|
23B2A402000
|
trusted library allocation
|
page read and write
|
||
|
1C77AE3C000
|
heap
|
page read and write
|
||
|
2107C952000
|
heap
|
page read and write
|
||
|
2136F85D000
|
heap
|
page read and write
|
||
|
1B37B130000
|
heap
|
page read and write
|
||
|
4A49E79000
|
stack
|
page read and write
|
||
|
1ECE1EC0000
|
heap
|
page read and write
|
||
|
B1C000
|
heap
|
page read and write
|
||
|
1C77AE29000
|
heap
|
page read and write
|
||
|
1D208629000
|
heap
|
page read and write
|
||
|
298CAA30000
|
heap
|
page read and write
|
||
|
1C77B98E000
|
heap
|
page read and write
|
||
|
822F07C000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
C0D1477000
|
stack
|
page read and write
|
||
|
1C77B987000
|
heap
|
page read and write
|
||
|
1C77B980000
|
heap
|
page read and write
|
||
|
22F4C2FB000
|
heap
|
page read and write
|
||
|
822F7FD000
|
stack
|
page read and write
|
||
|
1A69D802000
|
heap
|
page read and write
|
||
|
1B292356000
|
heap
|
page read and write
|
||
|
195B5F02000
|
heap
|
page read and write
|
||
|
1BAAD7B000
|
stack
|
page read and write
|
||
|
C0D107B000
|
stack
|
page read and write
|
||
|
22F46A3F000
|
heap
|
page read and write
|
||
|
1C77B9A8000
|
heap
|
page read and write
|
||
|
1C77B97B000
|
heap
|
page read and write
|
||
|
2D03000
|
heap
|
page read and write
|
||
|
2EF4DFF000
|
stack
|
page read and write
|
||
|
22AD9629000
|
heap
|
page read and write
|
||
|
22AD9713000
|
heap
|
page read and write
|
||
|
1EC2062A000
|
heap
|
page read and write
|
||
|
1B3001A0000
|
heap
|
page read and write
|
||
|
1B300030000
|
heap
|
page readonly
|
||
|
1A69D840000
|
heap
|
page read and write
|
||
|
4A49C7E000
|
stack
|
page read and write
|
||
|
195B5E46000
|
heap
|
page read and write
|
||
|
BC3E1FF000
|
stack
|
page read and write
|
||
|
195B5E30000
|
heap
|
page read and write
|
||
|
1C77B924000
|
heap
|
page read and write
|
||
|
1C77AEC8000
|
heap
|
page read and write
|
||
|
22F479E0000
|
trusted library allocation
|
page read and write
|
||
|
1C77B954000
|
heap
|
page read and write
|
||
|
93761FE000
|
stack
|
page read and write
|
||
|
1C77AE70000
|
heap
|
page read and write
|
||
|
22AD9708000
|
heap
|
page read and write
|
||
|
7FFFEFB81000
|
unkown
|
page execute read
|
||
|
2107C95C000
|
heap
|
page read and write
|
||
|
2107C946000
|
heap
|
page read and write
|
||
|
22F4C2EE000
|
heap
|
page read and write
|
||
|
22F4BEA0000
|
trusted library allocation
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
2E56000
|
heap
|
page read and write
|
||
|
22F4C2FE000
|
heap
|
page read and write
|
||
|
1E43F013000
|
heap
|
page read and write
|
||
|
1BC97660000
|
heap
|
page read and write
|
||
|
1C77B987000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
22F4C302000
|
heap
|
page read and write
|
||
|
1ECE1E30000
|
heap
|
page read and write
|
||
|
22F46A92000
|
heap
|
page read and write
|
||
|
2107CB95000
|
heap
|
page read and write
|
||
|
7FFFEFBAF000
|
unkown
|
page readonly
|
||
|
1EC20658000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page readonly
|
||
|
1D2086C7000
|
heap
|
page read and write
|
||
|
1ECE1EF2000
|
heap
|
page read and write
|
||
|
195B5E5C000
|
heap
|
page read and write
|
||
|
195B5E7C000
|
heap
|
page read and write
|
||
|
2EF4FFF000
|
stack
|
page read and write
|
||
|
2D08000
|
heap
|
page read and write
|
||
|
22F4C2F3000
|
heap
|
page read and write
|
||
|
2107C96D000
|
heap
|
page read and write
|
||
|
7FFFEFBA2000
|
unkown
|
page readonly
|
||
|
1C77B985000
|
heap
|
page read and write
|
||
|
1C77B98E000
|
heap
|
page read and write
|
||
|
22F469F0000
|
trusted library allocation
|
page read and write
|
||
|
1C77B9A0000
|
heap
|
page read and write
|
||
|
1B9967C000
|
stack
|
page read and write
|
||
|
22F47359000
|
heap
|
page read and write
|
||
|
2D19000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page readonly
|
||
|
18002D000
|
direct allocation
|
page read and write
|
||
|
C0D10FE000
|
stack
|
page read and write
|
||
|
93764FF000
|
stack
|
page read and write
|
||
|
9FD97FF000
|
stack
|
page read and write
|
||
|
1C77B985000
|
heap
|
page read and write
|
||
|
1C77B98D000
|
heap
|
page read and write
|
||
|
A99000
|
heap
|
page read and write
|
||
|
24E0000
|
trusted library allocation
|
page read and write
|
||
|
1D208E02000
|
heap
|
page read and write
|
||
|
22AD9648000
|
heap
|
page read and write
|
||
|
1872DBE0000
|
trusted library allocation
|
page read and write
|
||
|
25A3D813000
|
heap
|
page read and write
|
||
|
2D19000
|
heap
|
page read and write
|
||
|
B5A736D000
|
stack
|
page read and write
|
||
|
1EC20600000
|
heap
|
page read and write
|
||
|
1C77B973000
|
heap
|
page read and write
|
||
|
1B2925F5000
|
heap
|
page read and write
|
||
|
1B37B0B0000
|
unkown
|
page read and write
|
||
|
7FFFEFBAB000
|
unkown
|
page read and write
|
||
|
1A69E0C0000
|
remote allocation
|
page read and write
|
||
|
7FFFEFBA2000
|
unkown
|
page readonly
|
||
|
1B300030000
|
heap
|
page readonly
|
||
|
1C77B950000
|
heap
|
page read and write
|
||
|
1BC974A3000
|
heap
|
page read and write
|
||
|
1D208540000
|
trusted library allocation
|
page read and write
|
||
|
1A69D813000
|
heap
|
page read and write
|
||
|
25A3D863000
|
heap
|
page read and write
|
||
|
1B29235E000
|
heap
|
page read and write
|
||
|
78B000
|
heap
|
page read and write
|
||
|
1C77B91A000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page readonly
|
||
|
1872D87E000
|
heap
|
page read and write
|
||
|
22F4BFF0000
|
trusted library allocation
|
page read and write
|
||
|
22F4C0E0000
|
trusted library allocation
|
page read and write
|
||
|
1C77B924000
|
heap
|
page read and write
|
||
|
2EF4CF7000
|
stack
|
page read and write
|
||
|
1B37B130000
|
heap
|
page read and write
|
||
|
2D24000
|
heap
|
page read and write
|
||
|
2136F853000
|
heap
|
page read and write
|
||
|
1C77B986000
|
heap
|
page read and write
|
||
|
DB6F5EF000
|
stack
|
page read and write
|
||
|
22F4C23F000
|
heap
|
page read and write
|
||
|
1A69D800000
|
heap
|
page read and write
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
195B5E49000
|
heap
|
page read and write
|
||
|
A72000
|
heap
|
page read and write
|
||
|
298CA9E0000
|
heap
|
page read and write
|
||
|
2107C949000
|
heap
|
page read and write
|
||
|
1C77B982000
|
heap
|
page read and write
|
||
|
DB6F87F000
|
stack
|
page read and write
|
||
|
DB6F5EF000
|
stack
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page read and write
|
||
|
2D25000
|
heap
|
page read and write
|
||
|
ACE000
|
heap
|
page read and write
|
||
|
195B5E45000
|
heap
|
page read and write
|
||
|
2E7F000
|
heap
|
page read and write
|
||
|
2EF4B7B000
|
stack
|
page read and write
|
||
|
23B2A270000
|
trusted library allocation
|
page read and write
|
||
|
22F4C004000
|
trusted library allocation
|
page read and write
|
||
|
22F4BE20000
|
trusted library allocation
|
page read and write
|
||
|
22AD963C000
|
heap
|
page read and write
|
||
|
1C77ADD0000
|
heap
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
2107C8E0000
|
heap
|
page read and write
|
||
|
1BAAE7E000
|
stack
|
page read and write
|
||
|
1E43F102000
|
heap
|
page read and write
|
||
|
B1C000
|
heap
|
page read and write
|
||
|
822F3FF000
|
stack
|
page read and write
|
||
|
93763FF000
|
stack
|
page read and write
|
||
|
49B694B000
|
stack
|
page read and write
|
||
|
1ECE1DA0000
|
heap
|
page read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
1B29235E000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
195B5E42000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
9FD90AB000
|
stack
|
page read and write
|
||
|
23B29970000
|
heap
|
page read and write
|
||
|
9A0247F000
|
stack
|
page read and write
|
||
|
22F46A00000
|
heap
|
page read and write
|
||
|
1ECE1EC9000
|
heap
|
page read and write
|
||
|
22F4C2A4000
|
heap
|
page read and write
|
||
|
1C77B986000
|
heap
|
page read and write
|
||
|
2EF4A7B000
|
stack
|
page read and write
|
||
|
2107FB60000
|
heap
|
page read and write
|
||
|
2107C952000
|
heap
|
page read and write
|
||
|
22F47300000
|
heap
|
page read and write
|
||
|
974F87F000
|
unkown
|
page read and write
|
||
|
1C77B950000
|
heap
|
page read and write
|
||
|
2CD2000
|
heap
|
page read and write
|
||
|
9A0247F000
|
stack
|
page read and write
|
||
|
2136F630000
|
heap
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
1D2086CA000
|
heap
|
page read and write
|
||
|
1B2925F0000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
22F469F3000
|
trusted library allocation
|
page read and write
|
||
|
298C8F50000
|
heap
|
page read and write
|
||
|
2D08000
|
heap
|
page read and write
|
||
|
7FFFEFBAB000
|
unkown
|
page read and write
|
||
|
974EF9D000
|
stack
|
page read and write
|
||
|
22F4C304000
|
heap
|
page read and write
|
||
|
699A6FC000
|
stack
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page readonly
|
||
|
1B37CC30000
|
heap
|
page read and write
|
||
|
1D208F00000
|
heap
|
page read and write
|
||
|
22F47200000
|
heap
|
page read and write
|
||
|
2C91000
|
heap
|
page read and write
|
||
|
211E000
|
stack
|
page read and write
|
||
|
25A3D908000
|
heap
|
page read and write
|
||
|
22AD9677000
|
heap
|
page read and write
|
||
|
2E7F000
|
heap
|
page read and write
|
||
|
1C77B9AF000
|
heap
|
page read and write
|
||
|
265F000
|
stack
|
page read and write
|
||
|
1EC20689000
|
heap
|
page read and write
|
||
|
1B292270000
|
heap
|
page read and write
|
||
|
9A021BC000
|
stack
|
page read and write
|
||
|
1C77BE03000
|
heap
|
page read and write
|
||
|
2136F84E000
|
heap
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
1BAABFC000
|
stack
|
page read and write
|
||
|
2136F900000
|
heap
|
page read and write
|
||
|
1C77B98E000
|
heap
|
page read and write
|
||
|
1C77AD60000
|
heap
|
page read and write
|
||
|
2D21000
|
heap
|
page read and write
|
||
|
1C77B997000
|
heap
|
page read and write
|
||
|
1C77B99F000
|
heap
|
page read and write
|
||
|
22AD9700000
|
heap
|
page read and write
|
||
|
9375CFC000
|
stack
|
page read and write
|
||
|
1C77B730000
|
remote allocation
|
page read and write
|
||
|
1B37B3E0000
|
heap
|
page read and write
|
||
|
22F46B28000
|
heap
|
page read and write
|
||
|
1EC20648000
|
heap
|
page read and write
|
||
|
1A69E090000
|
trusted library allocation
|
page read and write
|
||
|
2D09000
|
heap
|
page read and write
|
||
|
22F467C0000
|
heap
|
page read and write
|
||
|
1872DBD9000
|
heap
|
page read and write
|
||
|
1B292330000
|
heap
|
page read and write
|
||
|
2D1A000
|
heap
|
page read and write
|
||
|
1BAAA7F000
|
stack
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
A7A000
|
heap
|
page read and write
|
||
|
22AD9655000
|
heap
|
page read and write
|
||
|
C0D137B000
|
stack
|
page read and write
|
||
|
1C77AE4E000
|
heap
|
page read and write
|
||
|
1B37B130000
|
heap
|
page read and write
|
||
|
23B29A68000
|
heap
|
page read and write
|
||
|
1C77AE50000
|
heap
|
page read and write
|
||
|
2D6B000
|
heap
|
page read and write
|
||
|
2136F86E000
|
heap
|
page read and write
|
||
|
1C77B99F000
|
heap
|
page read and write
|
||
|
974F67E000
|
stack
|
page read and write
|
||
|
195B5E68000
|
heap
|
page read and write
|
||
|
1B996FE000
|
stack
|
page read and write
|
||
|
22F47E01000
|
trusted library allocation
|
page read and write
|
||
|
1C77BE02000
|
heap
|
page read and write
|
||
|
2D19000
|
heap
|
page read and write
|
||
|
1B292357000
|
heap
|
page read and write
|
||
|
298CA9E0000
|
heap
|
page read and write
|
||
|
2D19000
|
heap
|
page read and write
|
||
|
1872D7C0000
|
heap
|
page read and write
|
||
|
93762FF000
|
stack
|
page read and write
|
||
|
2CF4000
|
heap
|
page read and write
|
||
|
2440000
|
trusted library allocation
|
page read and write
|
||
|
22F46B07000
|
heap
|
page read and write
|
||
|
298C8FB8000
|
heap
|
page read and write
|
||
|
1872DBC0000
|
trusted library allocation
|
page read and write
|
||
|
22F4C110000
|
trusted library allocation
|
page read and write
|
||
|
9A024FE000
|
stack
|
page read and write
|
||
|
1C77B979000
|
heap
|
page read and write
|
||
|
22ADA002000
|
trusted library allocation
|
page read and write
|
||
|
7FFFEFBAF000
|
unkown
|
page readonly
|
||
|
23B29A02000
|
heap
|
page read and write
|
||
|
1C77AE88000
|
heap
|
page read and write
|
||
|
1BAB07C000
|
stack
|
page read and write
|
||
|
7FFFEFBA2000
|
unkown
|
page readonly
|
||
|
1D2083E0000
|
heap
|
page read and write
|
||
|
1872D87E000
|
heap
|
page read and write
|
||
|
1BC97490000
|
heap
|
page read and write
|
||
|
1C77B97D000
|
heap
|
page read and write
|
||
|
22F4C2B9000
|
heap
|
page read and write
|
||
|
7A5000
|
heap
|
page read and write
|
||
|
2136F84B000
|
heap
|
page read and write
|
||
|
1C77AF02000
|
heap
|
page read and write
|
||
|
2E9E000
|
heap
|
page read and write
|
||
|
1B29236D000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page readonly
|
||
|
1ECE52F3000
|
heap
|
page read and write
|
||
|
9A021BC000
|
stack
|
page read and write
|
||
|
1C77B98E000
|
heap
|
page read and write
|
||
|
1C77B973000
|
heap
|
page read and write
|
||
|
22AD964C000
|
heap
|
page read and write
|
||
|
1B37B320000
|
heap
|
page read and write
|
||
|
9375EFD000
|
stack
|
page read and write
|
||
|
2D8B000
|
heap
|
page read and write
|
||
|
22AD9580000
|
heap
|
page read and write
|
||
|
2107C930000
|
heap
|
page read and write
|
||
|
2D08000
|
heap
|
page read and write
|
||
|
1B292360000
|
heap
|
page read and write
|
||
|
23B29A00000
|
heap
|
page read and write
|
||
|
1A69D829000
|
heap
|
page read and write
|
||
|
699A5F8000
|
stack
|
page read and write
|
||
|
22F46A29000
|
heap
|
page read and write
|
||
|
7FFFEFB80000
|
unkown
|
page readonly
|
||
|
7FFFEFBA2000
|
unkown
|
page readonly
|
||
|
1C77AE00000
|
heap
|
page read and write
|
||
|
20C4CFC000
|
stack
|
page read and write
|
||
|
1A69D7F0000
|
heap
|
page read and write
|
||
|
1EC20718000
|
heap
|
page read and write
|
||
|
1C77AE56000
|
heap
|
page read and write
|
||
|
1C77AEEE000
|
heap
|
page read and write
|
||
|
1ECE1EE3000
|
heap
|
page read and write
|
||
|
298C8F10000
|
heap
|
page read and write
|
||
|
974F477000
|
stack
|
page read and write
|
||
|
195B5E6F000
|
heap
|
page read and write
|
||
|
298C8FA0000
|
heap
|
page readonly
|
||
|
1C77AF08000
|
heap
|
page read and write
|
||
|
1C77B9B2000
|
heap
|
page read and write
|
||
|
1C77B97A000
|
heap
|
page read and write
|
||
|
1C77BE02000
|
heap
|
page read and write
|
||
|
22F4C0B0000
|
trusted library allocation
|
page read and write
|
||
|
1C77B98E000
|
heap
|
page read and write
|
||
|
2BDB000
|
stack
|
page read and write
|
||
|
9A024FE000
|
stack
|
page read and write
|
||
|
C0D167E000
|
stack
|
page read and write
|
||
|
1C77B923000
|
heap
|
page read and write
|
||
|
1872E5A0000
|
trusted library allocation
|
page read and write
|
||
|
1B292378000
|
heap
|
page read and write
|
||
|
1B300150000
|
remote allocation
|
page read and write
|
||
|
2136F829000
|
heap
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
1C77B99F000
|
heap
|
page read and write
|
||
|
7FFFEFB81000
|
unkown
|
page execute read
|
||
|
2136F87C000
|
heap
|
page read and write
|
||
|
1EC20648000
|
heap
|
page read and write
|
||
|
1872D877000
|
heap
|
page read and write
|
||
|
1872DBD5000
|
heap
|
page read and write
|
||
|
9FD98FB000
|
stack
|
page read and write
|
||
|
1C77BE02000
|
heap
|
page read and write
|
||
|
7FFFEFB81000
|
unkown
|
page execute read
|
||
|
22AD964D000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
974F77C000
|
stack
|
page read and write
|
||
|
7FFFEFBAF000
|
unkown
|
page readonly
|
||
|
25A3D900000
|
heap
|
page read and write
|
||
|
7FFFEFBAB000
|
unkown
|
page read and write
|
||
|
1872E7F0000
|
heap
|
page readonly
|
||
|
1C77AEE9000
|
heap
|
page read and write
|
||
|
195B5E4C000
|
heap
|
page read and write
|
||
|
1A69E202000
|
trusted library allocation
|
page read and write
|
||
|
DB6F87F000
|
stack
|
page read and write
|
||
|
1C77AD70000
|
heap
|
page read and write
|
||
|
195B5E6D000
|
heap
|
page read and write
|
||
|
195B5DE0000
|
trusted library allocation
|
page read and write
|
||
|
1C77B98D000
|
heap
|
page read and write
|
||
|
1C77AE51000
|
heap
|
page read and write
|
||
|
1C77AE49000
|
heap
|
page read and write
|
||
|
7FFFEFBA2000
|
unkown
|
page readonly
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
1B37B300000
|
heap
|
page read and write
|
||
|
1C77B950000
|
heap
|
page read and write
|
||
|
2107C958000
|
heap
|
page read and write
|
||
|
1ECE2150000
|
heap
|
page read and write
|
||
|
2D19000
|
heap
|
page read and write
|
||
|
1ECE1EDA000
|
heap
|
page read and write
|
||
|
9FD912F000
|
stack
|
page read and write
|
||
|
1ECE1EA0000
|
heap
|
page read and write
|
||
|
22F4C2FE000
|
heap
|
page read and write
|
||
|
1EC20658000
|
heap
|
page read and write
|
||
|
195B5DB0000
|
heap
|
page read and write
|
||
|
1BAA8FC000
|
stack
|
page read and write
|
||
|
9FD95FA000
|
stack
|
page read and write
|
||
|
7FFFEFBAF000
|
unkown
|
page readonly
|
||
|
1ECE1EDE000
|
heap
|
page read and write
|
||
|
1C77B97D000
|
heap
|
page read and write
|
||
|
22F4BEB0000
|
trusted library allocation
|
page read and write
|
||
|
25CC000
|
stack
|
page read and write
|
||
|
1C77AEE5000
|
heap
|
page read and write
|
||
|
1EC21FA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFFEFBAB000
|
unkown
|
page read and write
|
||
|
1E43F077000
|
heap
|
page read and write
|
||
|
7FFFEFBA2000
|
unkown
|
page readonly
|
||
|
1ECE1EE3000
|
heap
|
page read and write
|
||
|
1C77B995000
|
heap
|
page read and write
|
||
|
1B300030000
|
heap
|
page readonly
|
||
|
93756EB000
|
stack
|
page read and write
|
||
|
23B29A79000
|
heap
|
page read and write
|
||
|
22F46AFD000
|
heap
|
page read and write
|
||
|
23B29A56000
|
heap
|
page read and write
|
||
|
1872DBB0000
|
trusted library allocation
|
page read and write
|
||
|
2107C95C000
|
heap
|
page read and write
|
||
|
9A021BC000
|
stack
|
page read and write
|
||
|
1E43F113000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
1B292353000
|
heap
|
page read and write
|
||
|
25A3D85F000
|
heap
|
page read and write
|
||
|
298C8F10000
|
heap
|
page read and write
|
||
|
1872E590000
|
trusted library allocation
|
page read and write
|
||
|
1EC20647000
|
heap
|
page read and write
|
||
|
9FD9CF9000
|
stack
|
page read and write
|
||
|
822F9FC000
|
stack
|
page read and write
|
||
|
1C77B98D000
|
heap
|
page read and write
|
||
|
1B292370000
|
heap
|
page read and write
|
||
|
298C8FB0000
|
heap
|
page read and write
|
||
|
1C77BE02000
|
heap
|
page read and write
|
||
|
745000
|
heap
|
page read and write
|
||
|
1C77B979000
|
heap
|
page read and write
|
||
|
822F8FF000
|
stack
|
page read and write
|
||
|
22AD9681000
|
heap
|
page read and write
|
||
|
1B292341000
|
heap
|
page read and write
|
||
|
1C77B9AA000
|
heap
|
page read and write
|
||
|
1E43F075000
|
heap
|
page read and write
|
||
|
22AD9E80000
|
trusted library allocation
|
page read and write
|
||
|
7FFFEFB81000
|
unkown
|
page execute read
|
||
|
298C8F45000
|
heap
|
page read and write
|
||
|
1E43EF30000
|
heap
|
page read and write
|
||
|
1C77B996000
|
heap
|
page read and write
|
||
|
1B37B138000
|
heap
|
page read and write
|
||
|
1B292355000
|
heap
|
page read and write
|
||
|
298C8F40000
|
heap
|
page read and write
|
||
|
1EC20657000
|
heap
|
page read and write
|
||
|
25A3D884000
|
heap
|
page read and write
|
||
|
1872D830000
|
heap
|
page read and write
|
||
|
22F4C2B3000
|
heap
|
page read and write
|
||
|
195B5E80000
|
heap
|
page read and write
|
||
|
2D33000
|
heap
|
page read and write
|
||
|
1A69D85E000
|
heap
|
page read and write
|
||
|
710000
|
direct allocation
|
page execute and read and write
|
||
|
1B292346000
|
heap
|
page read and write
|
||
|
93760FF000
|
stack
|
page read and write
|
||
|
22F4C120000
|
remote allocation
|
page read and write
|
||
|
1D20866A000
|
heap
|
page read and write
|
||
|
22AD95E0000
|
heap
|
page read and write
|
||
|
1E43F067000
|
heap
|
page read and write
|
||
|
2136F83C000
|
heap
|
page read and write
|
||
|
7FFFEFBA2000
|
unkown
|
page readonly
|
||
|
298C8DD0000
|
unkown
|
page read and write
|
||
|
9B7847E000
|
stack
|
page read and write
|
||
|
1EC20661000
|
heap
|
page read and write
|
||
|
20C467B000
|
stack
|
page read and write
|
||
|
7C4EFFD000
|
stack
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
7FFFEFBAB000
|
unkown
|
page read and write
|
||
|
2107CB90000
|
heap
|
page read and write
|
||
|
1ECE1EFE000
|
heap
|
page read and write
|
||
|
760000
|
remote allocation
|
page read and write
|
||
|
9FD9DFA000
|
stack
|
page read and write
|
||
|
20C4AF7000
|
stack
|
page read and write
|
||
|
1C77B98D000
|
heap
|
page read and write
|
||
|
2107C938000
|
heap
|
page read and write
|
||
|
23B299D0000
|
heap
|
page read and write
|
||
|
4A499CB000
|
stack
|
page read and write
|
||
|
1C77AEEC000
|
heap
|
page read and write
|
||
|
49B6C7E000
|
stack
|
page read and write
|
||
|
2107FB63000
|
heap
|
page read and write
|
||
|
1C77B670000
|
trusted library allocation
|
page read and write
|
||
|
22AD964B000
|
heap
|
page read and write
|
||
|
22F4C24C000
|
heap
|
page read and write
|
||
|
21BE000
|
stack
|
page read and write
|
||
|
2107CB9B000
|
heap
|
page read and write
|
||
|
1C77B981000
|
heap
|
page read and write
|
||
|
7E5000
|
heap
|
page read and write
|
||
|
298C8F45000
|
heap
|
page read and write
|
||
|
22F46AAF000
|
heap
|
page read and write
|
||
|
298C8FA0000
|
heap
|
page readonly
|
||
|
1E43F000000
|
heap
|
page read and write
|
||
|
1D208F12000
|
heap
|
page read and write
|
||
|
195B5E66000
|
heap
|
page read and write
|
||
|
2CF4000
|
heap
|
page read and write
|
||
|
2D0A000
|
heap
|
page read and write
|
||
|
1ECE1EDF000
|
heap
|
page read and write
|
||
|
1C77AE4A000
|
heap
|
page read and write
|
||
|
699A57E000
|
stack
|
page read and write
|
||
|
1B37B3E0000
|
heap
|
page read and write
|
||
|
22F46B02000
|
heap
|
page read and write
|
||
|
1EC20570000
|
trusted library allocation
|
page read and write
|
||
|
2107C961000
|
heap
|
page read and write
|
||
|
1C77B988000
|
heap
|
page read and write
|
||
|
25A3D6E0000
|
heap
|
page read and write
|
||
|
22F4C2AE000
|
heap
|
page read and write
|
||
|
7FFFEFB81000
|
unkown
|
page execute read
|
||
|
298C8F45000
|
heap
|
page read and write
|
||
|
22F47304000
|
heap
|
page read and write
|
||
|
1C77B900000
|
heap
|
page read and write
|
||
|
2D06000
|
heap
|
page read and write
|
||
|
1B37B3E5000
|
heap
|
page read and write
|
||
|
195B6802000
|
trusted library allocation
|
page read and write
|
||
|
1BAAB7E000
|
stack
|
page read and write
|
||
|
1B37B300000
|
heap
|
page read and write
|
||
|
1EC20702000
|
heap
|
page read and write
|
||
|
9375AFB000
|
stack
|
page read and write
|
||
|
7FFFEFBAB000
|
unkown
|
page read and write
|
||
|
7FFFEFBAF000
|
unkown
|
page readonly
|
||
|
7C4F17D000
|
stack
|
page read and write
|
||
|
7FFFEFBAF000
|
unkown
|
page readonly
|
||
|
195B5E79000
|
heap
|
page read and write
|
||
|
22F4C22E000
|
heap
|
page read and write
|
||
|
1C77B980000
|
heap
|
page read and write
|
||
|
2107C900000
|
heap
|
page read and write
|
||
|
4A49D7E000
|
stack
|
page read and write
|
||
|
1EC21FE0000
|
remote allocation
|
page read and write
|
||
|
22F4C120000
|
remote allocation
|
page read and write
|
||
|
22F46B02000
|
heap
|
page read and write
|
||
|
1C77B986000
|
heap
|
page read and write
|
||
|
9B7818E000
|
stack
|
page read and write
|
||
|
22F4C2AB000
|
heap
|
page read and write
|
||
|
2EF487B000
|
stack
|
page read and write
|
||
|
20C477E000
|
stack
|
page read and write
|
||
|
DB6F56C000
|
stack
|
page read and write
|
||
|
195B5E53000
|
heap
|
page read and write
|
||
|
7FFFEFB80000
|
unkown
|
page readonly
|
||
|
22F4C272000
|
heap
|
page read and write
|
||
|
2510000
|
heap
|
page read and write
|
||
|
25A3E202000
|
trusted library allocation
|
page read and write
|
||
|
2107E340000
|
heap
|
page read and write
|
||
|
7FFFEFBAB000
|
unkown
|
page read and write
|
||
|
1C77AEB3000
|
heap
|
page read and write
|
||
|
298CA990000
|
remote allocation
|
page read and write
|
||
|
22F4C090000
|
trusted library allocation
|
page read and write
|
||
|
1B99AFF000
|
stack
|
page read and write
|
||
|
22AD9649000
|
heap
|
page read and write
|
||
|
C0D157F000
|
stack
|
page read and write
|
||
|
22F4C000000
|
trusted library allocation
|
page read and write
|
||
|
7C4EC7E000
|
stack
|
page read and write
|
||
|
974F978000
|
stack
|
page read and write
|
||
|
298CA990000
|
remote allocation
|
page read and write
|
||
|
1C77BE02000
|
heap
|
page read and write
|
||
|
22F46A57000
|
heap
|
page read and write
|
||
|
22F47318000
|
heap
|
page read and write
|
||
|
9FD94F7000
|
stack
|
page read and write
|
||
|
1C77AEA2000
|
heap
|
page read and write
|
||
|
22F46B16000
|
heap
|
page read and write
|
||
|
2EF497D000
|
stack
|
page read and write
|
||
|
23B29960000
|
heap
|
page read and write
|
||
|
1C77B918000
|
heap
|
page read and write
|
||
|
2D19000
|
heap
|
page read and write
|
||
|
22F46AA7000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1872D838000
|
heap
|
page read and write
|
||
|
1EC21FE0000
|
remote allocation
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
22F467B0000
|
heap
|
page read and write
|
||
|
22F46AAF000
|
heap
|
page read and write
|
||
|
209E000
|
stack
|
page read and write
|
||
|
1C77B802000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
1B998FE000
|
stack
|
page read and write
|
||
|
22AD9600000
|
heap
|
page read and write
|
||
|
2EF4BFF000
|
stack
|
page read and write
|
||
|
1C77BE02000
|
heap
|
page read and write
|
||
|
699A67F000
|
stack
|
page read and write
|
||
|
1B99BFF000
|
stack
|
page read and write
|
||
|
22F4C120000
|
trusted library allocation
|
page read and write
|
||
|
1B37B3E5000
|
heap
|
page read and write
|
||
|
22F47215000
|
heap
|
page read and write
|
||
|
22AD9651000
|
heap
|
page read and write
|
||
|
298C8F50000
|
heap
|
page read and write
|
||
|
7C6000
|
heap
|
page read and write
|
||
|
25A3D839000
|
heap
|
page read and write
|
||
|
1C77B97E000
|
heap
|
page read and write
|
||
|
1EC20654000
|
heap
|
page read and write
|
||
|
9375FFD000
|
stack
|
page read and write
|
||
|
4A49F79000
|
stack
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
21370002000
|
trusted library allocation
|
page read and write
|
||
|
1C77B9AF000
|
heap
|
page read and write
|
||
|
699A47F000
|
stack
|
page read and write
|
||
|
22F4BFC8000
|
trusted library allocation
|
page read and write
|
||
|
9FD9FFE000
|
stack
|
page read and write
|
||
|
1C77BE20000
|
heap
|
page read and write
|
||
|
974F577000
|
stack
|
page read and write
|
||
|
1EC22002000
|
trusted library allocation
|
page read and write
|
||
|
298C8FB8000
|
heap
|
page read and write
|
||
|
DB6F56C000
|
stack
|
page read and write
|
||
|
1C77B998000
|
heap
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
1B37B138000
|
heap
|
page read and write
|
||
|
1A69E0C0000
|
remote allocation
|
page read and write
|
||
|
22F46A7A000
|
heap
|
page read and write
|
||
|
23B29B13000
|
heap
|
page read and write
|
||
|
1A69D790000
|
heap
|
page read and write
|
||
|
1C77B98E000
|
heap
|
page read and write
|
||
|
1ECE1E10000
|
heap
|
page read and write
|
||
|
1D208440000
|
heap
|
page read and write
|
||
|
2136F908000
|
heap
|
page read and write
|
||
|
1C77B979000
|
heap
|
page read and write
|
||
|
2D0A000
|
heap
|
page read and write
|
||
|
2107FB90000
|
heap
|
page read and write
|
||
|
1C77B984000
|
heap
|
page read and write
|
||
|
1EC2063D000
|
heap
|
page read and write
|
||
|
298C8DD0000
|
unkown
|
page read and write
|
||
|
298C8FB0000
|
heap
|
page read and write
|
||
|
2C7F000
|
stack
|
page read and write
|
||
|
22F47E20000
|
trusted library allocation
|
page read and write
|
||
|
22F46A13000
|
heap
|
page read and write
|
||
|
22F4C2A2000
|
heap
|
page read and write
|
||
|
22F46A8B000
|
heap
|
page read and write
|
||
|
4A49EFE000
|
stack
|
page read and write
|
||
|
22F46ABB000
|
heap
|
page read and write
|
||
|
298C8F40000
|
heap
|
page read and write
|
||
|
BC3E0FB000
|
stack
|
page read and write
|
||
|
22F4C2B8000
|
heap
|
page read and write
|
||
|
2EF48FE000
|
stack
|
page read and write
|
||
|
1C77B97E000
|
heap
|
page read and write
|
||
|
807000
|
heap
|
page read and write
|
||
|
1E43F002000
|
heap
|
page read and write
|
||
|
22F46A78000
|
heap
|
page read and write
|
||
|
7FFFEFB80000
|
unkown
|
page readonly
|
||
|
22F4BFC0000
|
trusted library allocation
|
page read and write
|
||
|
195B5E6B000
|
heap
|
page read and write
|
||
|
2E56000
|
heap
|
page read and write
|
||
|
1B3001A0000
|
heap
|
page read and write
|
||
|
974F27E000
|
stack
|
page read and write
|
||
|
7FFFEFB81000
|
unkown
|
page execute read
|
||
|
7FFFEFB80000
|
unkown
|
page readonly
|
||
|
1872D750000
|
heap
|
page read and write
|
||
|
25A3D83C000
|
heap
|
page read and write
|
||
|
195B5E7D000
|
heap
|
page read and write
|
||
|
1872E810000
|
trusted library allocation
|
page read and write
|
||
|
1BAACFD000
|
stack
|
page read and write
|
||
|
22F47202000
|
heap
|
page read and write
|
||
|
22F4C090000
|
trusted library allocation
|
page read and write
|
||
|
73A000
|
stack
|
page read and write
|
||
|
1C77B975000
|
heap
|
page read and write
|
||
|
1C77B979000
|
heap
|
page read and write
|
||
|
22F4C0D0000
|
trusted library allocation
|
page read and write
|
||
|
298C8FA0000
|
heap
|
page readonly
|
||
|
2D19000
|
heap
|
page read and write
|
||
|
25A3D829000
|
heap
|
page read and write
|
||
|
21000000000
|
trusted library allocation
|
page read and write
|
||
|
2136F620000
|
heap
|
page read and write
|
||
|
23A0000
|
heap
|
page readonly
|
||
|
DB6F87F000
|
stack
|
page read and write
|
||
|
49B69CE000
|
stack
|
page read and write
|
||
|
20C46FE000
|
stack
|
page read and write
|
||
|
1B292290000
|
heap
|
page read and write
|
||
|
822F6FC000
|
stack
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
1E43EF20000
|
heap
|
page read and write
|
||
|
2D43000
|
heap
|
page read and write
|
||
|
7FFFEFB81000
|
unkown
|
page execute read
|
||
|
23B29B02000
|
heap
|
page read and write
|
||
|
1C77AE52000
|
heap
|
page read and write
|
||
|
22F4C21C000
|
heap
|
page read and write
|
||
|
1B29235E000
|
heap
|
page read and write
|
||
|
9B7810B000
|
stack
|
page read and write
|
||
|
23B29B00000
|
heap
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
22F4C000000
|
trusted library allocation
|
page read and write
|
||
|
1B292346000
|
heap
|
page read and write
|
||
|
195B5E86000
|
heap
|
page read and write
|
||
|
22F4C100000
|
trusted library allocation
|
page read and write
|
||
|
2D08000
|
heap
|
page read and write
|
||
|
7FFFEFB80000
|
unkown
|
page readonly
|
||
|
1B37CC30000
|
heap
|
page read and write
|
||
|
2107C94E000
|
heap
|
page read and write
|
||
|
20C497B000
|
stack
|
page read and write
|
||
|
2E0000
|
heap
|
page read and write
|
||
|
974F7FE000
|
stack
|
page read and write
|
||
|
1C77B924000
|
heap
|
page read and write
|
||
|
1872E7E0000
|
trusted library allocation
|
page read and write
|
||
|
22F4BFF0000
|
trusted library allocation
|
page read and write
|
||
|
1C77B981000
|
heap
|
page read and write
|
||
|
1C77B730000
|
remote allocation
|
page read and write
|
||
|
1B37B138000
|
heap
|
page read and write
|
||
|
22F4C2F9000
|
heap
|
page read and write
|
||
|
1C77B975000
|
heap
|
page read and write
|
||
|
1C77BE19000
|
heap
|
page read and write
|
||
|
298C8F90000
|
direct allocation
|
page execute and read and write
|
||
|
1ECE1EED000
|
heap
|
page read and write
|
||
|
195B5E50000
|
heap
|
page read and write
|
||
|
1B37B360000
|
direct allocation
|
page execute and read and write
|
||
|
195B5E24000
|
heap
|
page read and write
|
||
|
25A3D770000
|
trusted library allocation
|
page read and write
|
||
|
A7A000
|
heap
|
page read and write
|
||
|
22F4BE30000
|
trusted library allocation
|
page read and write
|
||
|
1C77B973000
|
heap
|
page read and write
|
||
|
1C77AF16000
|
heap
|
page read and write
|
||
|
DB6F56C000
|
stack
|
page read and write
|
||
|
7FFFEFBAF000
|
unkown
|
page readonly
|
||
|
22F4C2B1000
|
heap
|
page read and write
|
||
|
1C77B991000
|
heap
|
page read and write
|
||
|
298CA9E0000
|
heap
|
page read and write
|
||
|
1B37B320000
|
heap
|
page read and write
|
||
|
A3B000
|
heap
|
page read and write
|
||
|
22F4C213000
|
heap
|
page read and write
|
||
|
22F4C090000
|
trusted library allocation
|
page read and write
|
||
|
22F4BFE4000
|
trusted library allocation
|
page read and write
|
||
|
2EF4EFC000
|
stack
|
page read and write
|
||
|
22AD9656000
|
heap
|
page read and write
|
||
|
1B37B300000
|
heap
|
page read and write
|
||
|
298C8F40000
|
heap
|
page read and write
|
||
|
1872D7E0000
|
heap
|
page read and write
|
||
|
2107C94D000
|
heap
|
page read and write
|
||
|
2107C7A0000
|
heap
|
page read and write
|
||
|
22F46AFD000
|
heap
|
page read and write
|
||
|
195B5E55000
|
heap
|
page read and write
|
||
|
7C4ED7C000
|
stack
|
page read and write
|
||
|
1872D87E000
|
heap
|
page read and write
|
||
|
1C77B924000
|
heap
|
page read and write
|
||
|
23B29A40000
|
heap
|
page read and write
|
||
|
1E43F029000
|
heap
|
page read and write
|
||
|
295B000
|
stack
|
page read and write
|
||
|
1ECE5640000
|
trusted library allocation
|
page read and write
|
||
|
1872D89B000
|
heap
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
1ECE3A40000
|
heap
|
page read and write
|
||
|
22AD9613000
|
heap
|
page read and write
|
||
|
699A4FF000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
9B784FE000
|
stack
|
page read and write
|
||
|
1C77AEC1000
|
heap
|
page read and write
|
||
|
1C77AE4D000
|
heap
|
page read and write
|
||
|
7FFFEFBAB000
|
unkown
|
page read and write
|
||
|
25A3D800000
|
heap
|
page read and write
|
||
|
1C77AE4B000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page readonly
|
||
|
7FFFEFB81000
|
unkown
|
page execute read
|
||
|
23B29A64000
|
heap
|
page read and write
|
||
|
1C77B9B5000
|
heap
|
page read and write
|
||
|
25A3D902000
|
heap
|
page read and write
|
||
|
22F4BFE1000
|
trusted library allocation
|
page read and write
|
||
|
1ECE1EDA000
|
heap
|
page read and write
|
||
|
1E43EFC0000
|
trusted library allocation
|
page read and write
|
||
|
1C77B984000
|
heap
|
page read and write
|
||
|
1C77B9B5000
|
heap
|
page read and write
|
||
|
7FFFEFB80000
|
unkown
|
page readonly
|
||
|
B2C000
|
heap
|
page read and write
|
||
|
22F4C200000
|
heap
|
page read and write
|
||
|
195B5E47000
|
heap
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
1B292360000
|
heap
|
page read and write
|
||
|
195B5E13000
|
heap
|
page read and write
|
||
|
2136F902000
|
heap
|
page read and write
|
||
|
1C77B9B6000
|
heap
|
page read and write
|
||
|
20C49FE000
|
stack
|
page read and write
|
||
|
1E43F05B000
|
heap
|
page read and write
|
||
|
26DB000
|
stack
|
page read and write
|
||
|
298C8DD0000
|
heap
|
page read and write
|
||
|
1BC97420000
|
heap
|
page read and write
|
||
|
1ECE2155000
|
heap
|
page read and write
|
||
|
822F4FE000
|
stack
|
page read and write
|
||
|
1C77B9D9000
|
heap
|
page read and write
|
||
|
2E57000
|
heap
|
page read and write
|
||
|
22F46820000
|
heap
|
page read and write
|
||
|
29DD000
|
stack
|
page read and write
|
||
|
974EF1C000
|
stack
|
page read and write
|
||
|
ACE000
|
heap
|
page read and write
|
||
|
C0D127B000
|
stack
|
page read and write
|
||
|
1BC9749D000
|
heap
|
page read and write
|
||
|
1ECE1EED000
|
heap
|
page read and write
|
||
|
1A69D780000
|
heap
|
page read and write
|
||
|
1A69D902000
|
heap
|
page read and write
|
||
|
2136F800000
|
heap
|
page read and write
|
||
|
1C77B97B000
|
heap
|
page read and write
|
||
|
195B5E52000
|
heap
|
page read and write
|
||
|
1B29236E000
|
heap
|
page read and write
|
||
|
1B292140000
|
heap
|
page read and write
|
||
|
DB6F5EF000
|
stack
|
page read and write
|
||
|
195B5E48000
|
heap
|
page read and write
|
||
|
298CAA30000
|
heap
|
page read and write
|
||
|
25A3D740000
|
heap
|
page read and write
|
||
|
1C77BE03000
|
heap
|
page read and write
|
||
|
1C77B9C0000
|
heap
|
page read and write
|
||
|
1C77B975000
|
heap
|
page read and write
|
||
|
B1C000
|
heap
|
page read and write
|
||
|
1EC2065E000
|
heap
|
page read and write
|
||
|
22AD964F000
|
heap
|
page read and write
|
||
|
2E31000
|
heap
|
page read and write
|
||
|
22F46A70000
|
heap
|
page read and write
|
||
|
22F4C400000
|
trusted library allocation
|
page read and write
|
||
|
1D2086C0000
|
heap
|
page read and write
|
||
|
1D208F3A000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
195B5E00000
|
heap
|
page read and write
|
||
|
1C77B950000
|
heap
|
page read and write
|
||
|
18002C000
|
direct allocation
|
page readonly
|
||
|
1C77B950000
|
heap
|
page read and write
|
||
|
1C77AEFD000
|
heap
|
page read and write
|
||
|
23B29A13000
|
heap
|
page read and write
|
||
|
1D2086E3000
|
heap
|
page read and write
|
||
|
720000
|
heap
|
page readonly
|
||
|
18002E000
|
direct allocation
|
page readonly
|
||
|
1A69E0C0000
|
remote allocation
|
page read and write
|
||
|
1EC20590000
|
trusted library allocation
|
page read and write
|
||
|
195B5E43000
|
heap
|
page read and write
|
||
|
1C77B986000
|
heap
|
page read and write
|
||
|
195B5D40000
|
heap
|
page read and write
|
||
|
1B37B0B0000
|
unkown
|
page read and write
|
||
|
22F47302000
|
heap
|
page read and write
|
||
|
A99000
|
heap
|
page read and write
|
||
|
22F4BFE0000
|
trusted library allocation
|
page read and write
|
||
|
1D208713000
|
heap
|
page read and write
|
||
|
298C8FB8000
|
heap
|
page read and write
|
||
|
1C77B987000
|
heap
|
page read and write
|
||
|
1C77AEA9000
|
heap
|
page read and write
|
||
|
7E1000
|
heap
|
page read and write
|
||
|
2A5D000
|
stack
|
page read and write
|
||
|
2136F847000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1C77B950000
|
heap
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
1BAAF7F000
|
stack
|
page read and write
|
||
|
22F47358000
|
heap
|
page read and write
|
||
|
699A1EA000
|
stack
|
page read and write
|
||
|
760000
|
remote allocation
|
page read and write
|
||
|
1C77B975000
|
heap
|
page read and write
|
||
|
1E43EF90000
|
heap
|
page read and write
|
||
|
822F5FF000
|
stack
|
page read and write
|
||
|
7FFFEFBAF000
|
unkown
|
page readonly
|
||
|
1C77B9A8000
|
heap
|
page read and write
|
||
|
298C8F90000
|
direct allocation
|
page execute and read and write
|
||
|
2D0A000
|
heap
|
page read and write
|
||
|
1C77B986000
|
heap
|
page read and write
|
||
|
22F46920000
|
trusted library allocation
|
page read and write
|
||
|
1EC20602000
|
heap
|
page read and write
|
||
|
1C77BE00000
|
heap
|
page read and write
|
||
|
22F4C420000
|
trusted library allocation
|
page read and write
|
||
|
2D35000
|
heap
|
page read and write
|
||
|
1B3001A0000
|
heap
|
page read and write
|
||
|
22F47313000
|
heap
|
page read and write
|
||
|
1C77B950000
|
heap
|
page read and write
|
||
|
1EC20470000
|
heap
|
page read and write
|
||
|
1C77B975000
|
heap
|
page read and write
|
||
|
20C4BFF000
|
stack
|
page read and write
|
||
|
2136F790000
|
trusted library allocation
|
page read and write
|
||
|
1C77B9B0000
|
heap
|
page read and write
|
||
|
1E43F040000
|
heap
|
page read and write
|
||
|
1EC21FE0000
|
remote allocation
|
page read and write
|
||
|
7FFFEFB80000
|
unkown
|
page readonly
|
||
|
1D208613000
|
heap
|
page read and write
|
||
|
2C00000
|
remote allocation
|
page read and write
|
||
|
1ECE215B000
|
heap
|
page read and write
|
||
|
298C8F90000
|
direct allocation
|
page execute and read and write
|
||
|
1B37B360000
|
direct allocation
|
page execute and read and write
|
||
|
1B9977E000
|
stack
|
page read and write
|
||
|
BC3D98B000
|
stack
|
page read and write
|
||
|
22AD9647000
|
heap
|
page read and write
|
||
|
2136F690000
|
heap
|
page read and write
|
||
|
1C77AE57000
|
heap
|
page read and write
|
||
|
1EC205C0000
|
trusted library allocation
|
page read and write
|
||
|
1B37B320000
|
heap
|
page read and write
|
||
|
298CAA30000
|
heap
|
page read and write
|
||
|
298C8F10000
|
heap
|
page read and write
|
||
|
C0D117F000
|
stack
|
page read and write
|
||
|
1C77AEAE000
|
heap
|
page read and write
|
||
|
2CB5000
|
heap
|
page read and write
|
||
|
1C77B97B000
|
heap
|
page read and write
|
||
|
2107C949000
|
heap
|
page read and write
|
||
|
1C77B9B0000
|
heap
|
page read and write
|
||
|
A72000
|
heap
|
page read and write
|
||
|
25A3D6D0000
|
heap
|
page read and write
|
||
|
1C77AE48000
|
heap
|
page read and write
|
||
|
22F4C0F0000
|
trusted library allocation
|
page read and write
|
||
|
2200000
|
heap
|
page read and write
|
||
|
1872E800000
|
trusted library allocation
|
page read and write
|
||
|
28DE000
|
stack
|
page read and write
|
||
|
7C4EEFE000
|
stack
|
page read and write
|
||
|
1872E860000
|
trusted library allocation
|
page read and write
|
||
|
1C77B998000
|
heap
|
page read and write
|
||
|
2CB4000
|
heap
|
page read and write
|
||
|
7FFFEFB80000
|
unkown
|
page readonly
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1C77B730000
|
remote allocation
|
page read and write
|
||
|
23B29A28000
|
heap
|
page read and write
|
There are 957 hidden memdumps, click here to show them.