Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PYCkUgesWB.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x4dfe4fb8, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, 61712 bytes, 1 file
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\PYCkUgesWB.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\PYCkUgesWB.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\PYCkUgesWB.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\PYCkUgesWB.dll,AjkRVrFNnyQmqXQdrComyaiwV
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\PYCkUgesWB.dll,AkMhEGvNFpnSswjeCw
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\PYCkUgesWB.dll,BMIWqtk
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\XSYhmb\vuKI.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\AfzDfnhsGeYDyd\OsmuofIfhwEGDVL.dll"
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\PYCkUgesWB.dll",#1
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
There are 6 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://174.138.33.49:7080/a
|
unknown
|
|
|
|
https://174.138.33.49:7080/s64
|
unknown
|
|
|
|
https://174.138.33.49:7080/Num
|
unknown
|
|
|
|
https://174.138.33.49:7080/u
|
unknown
|
|
|
|
http://schemas.xmlsoap.org/ws/2004/08/addres
|
unknown
|
||
|
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
|
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
|
https://174.138.33.49:7080/
|
unknown
|
||
|
https://www.hotspotshield.com/terms/
|
unknown
|
||
|
https://www.pango.co/privacy
|
unknown
|
||
|
https://disneyplus.com/legal.
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/0
|
unknown
|
||
|
http://help.disneyplus.com.
|
unknown
|
||
|
https://support.hotspotshield.com/
|
unknown
|
||
|
https://174.138.33.49/
|
unknown
|
There are 7 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
157.230.99.206
|
unknown
|
United States
|
|
|
|
157.245.111.0
|
unknown
|
United States
|
|
|
|
196.44.98.190
|
unknown
|
Ghana
|
|
|
|
202.29.239.162
|
unknown
|
Thailand
|
|
|
|
174.138.33.49
|
unknown
|
United States
|
|
|
|
43.129.209.178
|
unknown
|
Japan
|
|
|
|
103.41.204.169
|
unknown
|
Indonesia
|
|
|
|
36.67.23.59
|
unknown
|
Indonesia
|
|
|
|
5.253.30.17
|
unknown
|
Latvia
|
|
|
|
85.214.67.203
|
unknown
|
Germany
|
|
|
|
103.56.149.105
|
unknown
|
Indonesia
|
|
|
|
85.25.120.45
|
unknown
|
Germany
|
|
|
|
83.229.80.93
|
unknown
|
United Kingdom
|
|
|
|
198.199.70.22
|
unknown
|
United States
|
|
|
|
93.104.209.107
|
unknown
|
Germany
|
|
|
|
188.225.32.231
|
unknown
|
Russian Federation
|
|
|
|
175.126.176.79
|
unknown
|
Korea Republic of
|
|
|
|
128.199.242.164
|
unknown
|
United Kingdom
|
|
|
|
165.232.185.110
|
unknown
|
United States
|
|
|
|
103.126.216.86
|
unknown
|
Bangladesh
|
|
|
|
104.248.225.227
|
unknown
|
United States
|
|
|
|
178.238.225.252
|
unknown
|
Germany
|
|
|
|
128.199.217.206
|
unknown
|
United Kingdom
|
|
|
|
190.145.8.4
|
unknown
|
Colombia
|
|
|
|
46.101.98.60
|
unknown
|
Netherlands
|
|
|
|
103.224.241.74
|
unknown
|
India
|
|
|
|
103.71.99.57
|
unknown
|
India
|
|
|
|
210.57.209.142
|
unknown
|
Indonesia
|
|
|
|
190.107.19.179
|
unknown
|
Colombia
|
|
|
|
87.106.97.83
|
unknown
|
Germany
|
|
|
|
103.254.12.236
|
unknown
|
Viet Nam
|
|
|
|
103.85.95.4
|
unknown
|
Indonesia
|
|
|
|
54.37.228.122
|
unknown
|
France
|
|
|
|
202.134.4.210
|
unknown
|
Indonesia
|
|
|
|
88.217.172.165
|
unknown
|
Germany
|
|
|
|
165.22.254.236
|
unknown
|
United States
|
|
|
|
118.98.72.86
|
unknown
|
Indonesia
|
|
|
|
139.59.80.108
|
unknown
|
Singapore
|
|
|
|
104.244.79.94
|
unknown
|
United States
|
|
|
|
178.62.112.199
|
unknown
|
European Union
|
|
|
|
37.44.244.177
|
unknown
|
Germany
|
|
|
|
62.171.178.147
|
unknown
|
United Kingdom
|
|
|
|
64.227.55.231
|
unknown
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
There are 34 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1E200010000
|
direct allocation
|
page execute and read and write
|
|
|
|
1580000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
1EC47BF0000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
2310000
|
direct allocation
|
page execute and read and write
|
|
|
|
1B23E930000
|
direct allocation
|
page execute and read and write
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
180001000
|
direct allocation
|
page execute read
|
|
|
|
21DBEA20000
|
direct allocation
|
page execute and read and write
|
|
|
|
20500010000
|
direct allocation
|
page execute and read and write
|
|
|
|
7AB5B7A000
|
stack
|
page read and write
|
||
|
170565C0000
|
heap
|
page read and write
|
||
|
7AB54DC000
|
stack
|
page read and write
|
||
|
18974C56000
|
heap
|
page read and write
|
||
|
1867BD00000
|
heap
|
page read and write
|
||
|
2A6C000
|
heap
|
page read and write
|
||
|
18975700000
|
heap
|
page read and write
|
||
|
17056588000
|
heap
|
page read and write
|
||
|
17056585000
|
heap
|
page read and write
|
||
|
95B000
|
heap
|
page read and write
|
||
|
2261BA67000
|
heap
|
page read and write
|
||
|
7B2ADFF000
|
stack
|
page read and write
|
||
|
1E258EA0000
|
heap
|
page read and write
|
||
|
2BA41029000
|
heap
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
18975602000
|
heap
|
page read and write
|
||
|
1867BC9E000
|
heap
|
page read and write
|
||
|
1897A6EE000
|
heap
|
page read and write
|
||
|
2261BA59000
|
heap
|
page read and write
|
||
|
17056574000
|
heap
|
page read and write
|
||
|
1705658C000
|
heap
|
page read and write
|
||
|
1DB4ED00000
|
heap
|
page read and write
|
||
|
18974D02000
|
heap
|
page read and write
|
||
|
7B2ACFE000
|
stack
|
page read and write
|
||
|
1705658C000
|
heap
|
page read and write
|
||
|
1ADCA602000
|
heap
|
page read and write
|
||
|
17055AE5000
|
heap
|
page read and write
|
||
|
1867BC4D000
|
heap
|
page read and write
|
||
|
17056588000
|
heap
|
page read and write
|
||
|
17056581000
|
heap
|
page read and write
|
||
|
1275000
|
stack
|
page read and write
|
||
|
8F6000
|
heap
|
page read and write
|
||
|
205710B0000
|
heap
|
page read and write
|
||
|
17056599000
|
heap
|
page read and write
|
||
|
1705650B000
|
heap
|
page read and write
|
||
|
1705658A000
|
heap
|
page read and write
|
||
|
1061F1B000
|
stack
|
page read and write
|
||
|
1BCC8DD0000
|
heap
|
page read and write
|
||
|
1ADCA64A000
|
heap
|
page read and write
|
||
|
17056581000
|
heap
|
page read and write
|
||
|
205710E0000
|
heap
|
page read and write
|
||
|
15FBA000
|
heap
|
page read and write
|
||
|
1867BC51000
|
heap
|
page read and write
|
||
|
95B000
|
heap
|
page read and write
|
||
|
1DB4EC7A000
|
heap
|
page read and write
|
||
|
5260000
|
trusted library allocation
|
page read and write
|
||
|
17056596000
|
heap
|
page read and write
|
||
|
17056580000
|
heap
|
page read and write
|
||
|
631000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
189755D1000
|
trusted library allocation
|
page read and write
|
||
|
1897A63D000
|
heap
|
page read and write
|
||
|
1437000
|
heap
|
page read and write
|
||
|
1B23E6EB000
|
heap
|
page read and write
|
||
|
1705657A000
|
heap
|
page read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
21DBE7C0000
|
heap
|
page read and write
|
||
|
2DF0000
|
trusted library allocation
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
17056A02000
|
heap
|
page read and write
|
||
|
15D238F000
|
stack
|
page read and write
|
||
|
2BA40F00000
|
heap
|
page read and write
|
||
|
2A85000
|
heap
|
page read and write
|
||
|
2BA40EF0000
|
heap
|
page read and write
|
||
|
1EC494B3000
|
heap
|
page read and write
|
||
|
2261BB13000
|
heap
|
page read and write
|
||
|
18975E50000
|
trusted library section
|
page readonly
|
||
|
2340000
|
trusted library allocation
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
2A01000
|
heap
|
page read and write
|
||
|
1705657A000
|
heap
|
page read and write
|
||
|
17056577000
|
heap
|
page read and write
|
||
|
1473000
|
heap
|
page read and write
|
||
|
1EC47C35000
|
heap
|
page read and write
|
||
|
1897A4C0000
|
trusted library allocation
|
page read and write
|
||
|
18974C29000
|
heap
|
page read and write
|
||
|
170559A0000
|
trusted library allocation
|
page read and write
|
||
|
1DB4EC02000
|
heap
|
page read and write
|
||
|
337FEF7000
|
stack
|
page read and write
|
||
|
6A0000
|
remote allocation
|
page read and write
|
||
|
1897A360000
|
trusted library allocation
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1061F9F000
|
stack
|
page read and write
|
||
|
17056582000
|
heap
|
page read and write
|
||
|
2261BA61000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
1897A490000
|
trusted library allocation
|
page read and write
|
||
|
A8D74F9000
|
stack
|
page read and write
|
||
|
16EB2260000
|
heap
|
page read and write
|
||
|
15D26FF000
|
stack
|
page read and write
|
||
|
17055A29000
|
heap
|
page read and write
|
||
|
97A000
|
heap
|
page read and write
|
||
|
272BA7E000
|
stack
|
page read and write
|
||
|
18975600000
|
heap
|
page read and write
|
||
|
1ADCA702000
|
heap
|
page read and write
|
||
|
1BCC9220000
|
heap
|
page read and write
|
||
|
1705658C000
|
heap
|
page read and write
|
||
|
1897A6FB000
|
heap
|
page read and write
|
||
|
1DB4EAC0000
|
heap
|
page read and write
|
||
|
17056581000
|
heap
|
page read and write
|
||
|
2BA41002000
|
heap
|
page read and write
|
||
|
2A6C000
|
heap
|
page read and write
|
||
|
1ADCA64F000
|
heap
|
page read and write
|
||
|
1897A430000
|
trusted library allocation
|
page read and write
|
||
|
17056578000
|
heap
|
page read and write
|
||
|
17056585000
|
heap
|
page read and write
|
||
|
17055AEA000
|
heap
|
page read and write
|
||
|
170565B0000
|
heap
|
page read and write
|
||
|
1ADCA700000
|
heap
|
page read and write
|
||
|
15D27FF000
|
stack
|
page read and write
|
||
|
8FD000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
1BCC8F1F000
|
heap
|
page read and write
|
||
|
2340000
|
trusted library allocation
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
1E200040000
|
trusted library allocation
|
page read and write
|
||
|
1705656F000
|
heap
|
page read and write
|
||
|
18974C6E000
|
heap
|
page read and write
|
||
|
7AB60FF000
|
stack
|
page read and write
|
||
|
2BA41063000
|
heap
|
page read and write
|
||
|
17056578000
|
heap
|
page read and write
|
||
|
17056598000
|
heap
|
page read and write
|
||
|
1EC479CB000
|
heap
|
page read and write
|
||
|
2430000
|
heap
|
page read and write
|
||
|
2BA1000
|
heap
|
page read and write
|
||
|
2A6B000
|
heap
|
page read and write
|
||
|
3EAE4BB000
|
stack
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
18974BF0000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
17056580000
|
heap
|
page read and write
|
||
|
189761C0000
|
trusted library allocation
|
page read and write
|
||
|
1867BC50000
|
heap
|
page read and write
|
||
|
7B2A87F000
|
stack
|
page read and write
|
||
|
7FB077B000
|
stack
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
2A3D000
|
heap
|
page read and write
|
||
|
8FA000
|
heap
|
page read and write
|
||
|
898000
|
heap
|
page read and write
|
||
|
1DB4EC89000
|
heap
|
page read and write
|
||
|
15FAE000
|
heap
|
page read and write
|
||
|
1ADCA708000
|
heap
|
page read and write
|
||
|
1DB4EC13000
|
heap
|
page read and write
|
||
|
1ADCA613000
|
heap
|
page read and write
|
||
|
17056577000
|
heap
|
page read and write
|
||
|
10019000
|
unkown
|
page readonly
|
||
|
330037A000
|
stack
|
page read and write
|
||
|
1897A470000
|
trusted library allocation
|
page read and write
|
||
|
631000
|
heap
|
page read and write
|
||
|
3EAE53F000
|
stack
|
page read and write
|
||
|
1DB4EC85000
|
heap
|
page read and write
|
||
|
17056578000
|
heap
|
page read and write
|
||
|
18975E20000
|
trusted library section
|
page readonly
|
||
|
1EC479C7000
|
heap
|
page read and write
|
||
|
1ADCA64E000
|
heap
|
page read and write
|
||
|
2261BA5C000
|
heap
|
page read and write
|
||
|
28FE000
|
stack
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
17056577000
|
heap
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
7AB5C7E000
|
stack
|
page read and write
|
||
|
17056575000
|
heap
|
page read and write
|
||
|
119000
|
stack
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
18974C9D000
|
heap
|
page read and write
|
||
|
1EC494A0000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
1EC4F411000
|
heap
|
page read and write
|
||
|
170000
|
heap
|
page read and write
|
||
|
2E93000
|
heap
|
page read and write
|
||
|
2C2E000
|
heap
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
1EC47970000
|
heap
|
page read and write
|
||
|
21DC0403000
|
heap
|
page read and write
|
||
|
17056500000
|
heap
|
page read and write
|
||
|
1ADCA63C000
|
heap
|
page read and write
|
||
|
16EB234D000
|
heap
|
page read and write
|
||
|
1ADCA683000
|
heap
|
page read and write
|
||
|
1E258EA0000
|
heap
|
page read and write
|
||
|
1867BC13000
|
heap
|
page read and write
|
||
|
1BCC9229000
|
heap
|
page read and write
|
||
|
1897A390000
|
trusted library allocation
|
page read and write
|
||
|
17056A02000
|
heap
|
page read and write
|
||
|
1897A36E000
|
trusted library allocation
|
page read and write
|
||
|
1432000
|
heap
|
page read and write
|
||
|
1897A368000
|
trusted library allocation
|
page read and write
|
||
|
18975801000
|
trusted library allocation
|
page read and write
|
||
|
2A76000
|
heap
|
page read and write
|
||
|
2057110C000
|
heap
|
page read and write
|
||
|
140000
|
remote allocation
|
page read and write
|
||
|
1B23E70B000
|
heap
|
page read and write
|
||
|
17056578000
|
heap
|
page read and write
|
||
|
2420000
|
remote allocation
|
page read and write
|
||
|
E1138FE000
|
stack
|
page read and write
|
||
|
17056580000
|
heap
|
page read and write
|
||
|
2A6B000
|
heap
|
page read and write
|
||
|
1DB4EC85000
|
heap
|
page read and write
|
||
|
17056A02000
|
heap
|
page read and write
|
||
|
1E258DA0000
|
heap
|
page read and write
|
||
|
1E200008000
|
heap
|
page read and write
|
||
|
17056581000
|
heap
|
page read and write
|
||
|
2BA41089000
|
heap
|
page read and write
|
||
|
1DB4F402000
|
trusted library allocation
|
page read and write
|
||
|
18975E70000
|
trusted library section
|
page readonly
|
||
|
2BA40F90000
|
trusted library allocation
|
page read and write
|
||
|
2C0F000
|
heap
|
page read and write
|
||
|
21DBEA75000
|
heap
|
page read and write
|
||
|
17055AE2000
|
heap
|
page read and write
|
||
|
20571090000
|
heap
|
page read and write
|
||
|
170562D0000
|
remote allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
18974CFB000
|
heap
|
page read and write
|
||
|
17055AD5000
|
heap
|
page read and write
|
||
|
1E258E30000
|
heap
|
page read and write
|
||
|
D854F7000
|
stack
|
page read and write
|
||
|
1705659F000
|
heap
|
page read and write
|
||
|
2BA41100000
|
heap
|
page read and write
|
||
|
21DBE820000
|
heap
|
page read and write
|
||
|
1BCC8F18000
|
heap
|
page read and write
|
||
|
15D267F000
|
stack
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
1ADCA629000
|
heap
|
page read and write
|
||
|
C960DFF000
|
stack
|
page read and write
|
||
|
1897A360000
|
trusted library allocation
|
page read and write
|
||
|
1705657C000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
1897A240000
|
trusted library allocation
|
page read and write
|
||
|
272BFFF000
|
stack
|
page read and write
|
||
|
D850FE000
|
stack
|
page read and write
|
||
|
170565AF000
|
heap
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
1B23E960000
|
heap
|
page readonly
|
||
|
17055910000
|
heap
|
page read and write
|
||
|
1897A381000
|
trusted library allocation
|
page read and write
|
||
|
C960CFF000
|
stack
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
17056581000
|
heap
|
page read and write
|
||
|
21DC03F0000
|
heap
|
page read and write
|
||
|
7AB647E000
|
stack
|
page read and write
|
||
|
1ADCA64C000
|
heap
|
page read and write
|
||
|
1705657A000
|
heap
|
page read and write
|
||
|
1ADCA670000
|
heap
|
page read and write
|
||
|
1BCC8F19000
|
heap
|
page read and write
|
||
|
20572B00000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
2261BB02000
|
heap
|
page read and write
|
||
|
17056585000
|
heap
|
page read and write
|
||
|
1705657B000
|
heap
|
page read and write
|
||
|
10016000
|
unkown
|
page read and write
|
||
|
1E258E9A000
|
heap
|
page read and write
|
||
|
1ADCA600000
|
heap
|
page read and write
|
||
|
1DB4EBC0000
|
trusted library allocation
|
page read and write
|
||
|
18975E40000
|
trusted library section
|
page readonly
|
||
|
1705658C000
|
heap
|
page read and write
|
||
|
D8517F000
|
stack
|
page read and write
|
||
|
1705658C000
|
heap
|
page read and write
|
||
|
615000
|
heap
|
page read and write
|
||
|
1897A1C0000
|
trusted library allocation
|
page read and write
|
||
|
1705659E000
|
heap
|
page read and write
|
||
|
1897A4C0000
|
remote allocation
|
page read and write
|
||
|
16EB234F000
|
heap
|
page read and write
|
||
|
1E25A900000
|
heap
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
30B3000
|
heap
|
page read and write
|
||
|
17056589000
|
heap
|
page read and write
|
||
|
17056577000
|
heap
|
page read and write
|
||
|
67A000
|
stack
|
page read and write
|
||
|
7B2A5CC000
|
stack
|
page read and write
|
||
|
10011000
|
unkown
|
page readonly
|
||
|
2A8D000
|
heap
|
page read and write
|
||
|
17055A00000
|
heap
|
page read and write
|
||
|
15B0000
|
heap
|
page read and write
|
||
|
1E200040000
|
trusted library allocation
|
page read and write
|
||
|
1B23E6E7000
|
heap
|
page read and write
|
||
|
2261BA85000
|
heap
|
page read and write
|
||
|
272BAFF000
|
stack
|
page read and write
|
||
|
2A8D000
|
heap
|
page read and write
|
||
|
17056547000
|
heap
|
page read and write
|
||
|
17056580000
|
heap
|
page read and write
|
||
|
17056585000
|
heap
|
page read and write
|
||
|
1705657B000
|
heap
|
page read and write
|
||
|
1DB4EC87000
|
heap
|
page read and write
|
||
|
58C000
|
heap
|
page read and write
|
||
|
17055AE8000
|
heap
|
page read and write
|
||
|
1BCC8ED9000
|
heap
|
page read and write
|
||
|
1DB4EC85000
|
heap
|
page read and write
|
||
|
1705659E000
|
heap
|
page read and write
|
||
|
2A82000
|
heap
|
page read and write
|
||
|
2BA41013000
|
heap
|
page read and write
|
||
|
17056521000
|
heap
|
page read and write
|
||
|
2A8D000
|
heap
|
page read and write
|
||
|
18974CAB000
|
heap
|
page read and write
|
||
|
92E000
|
heap
|
page read and write
|
||
|
17056577000
|
heap
|
page read and write
|
||
|
170565C0000
|
heap
|
page read and write
|
||
|
17056598000
|
heap
|
page read and write
|
||
|
17055AF9000
|
heap
|
page read and write
|
||
|
1897A702000
|
heap
|
page read and write
|
||
|
2A87000
|
heap
|
page read and write
|
||
|
18974C73000
|
heap
|
page read and write
|
||
|
170562D0000
|
remote allocation
|
page read and write
|
||
|
2261BA5E000
|
heap
|
page read and write
|
||
|
7AB617F000
|
stack
|
page read and write
|
||
|
1E258E10000
|
heap
|
page read and write
|
||
|
17056588000
|
heap
|
page read and write
|
||
|
2261BA81000
|
heap
|
page read and write
|
||
|
7FB01BC000
|
stack
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
1897A702000
|
heap
|
page read and write
|
||
|
17056A02000
|
heap
|
page read and write
|
||
|
2261C202000
|
trusted library allocation
|
page read and write
|
||
|
1ADCA3F0000
|
heap
|
page read and write
|
||
|
2261BA3C000
|
heap
|
page read and write
|
||
|
18974CB9000
|
heap
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
1867BD13000
|
heap
|
page read and write
|
||
|
17055900000
|
heap
|
page read and write
|
||
|
21DBE730000
|
heap
|
page read and write
|
||
|
92A000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
170565AF000
|
heap
|
page read and write
|
||
|
20500040000
|
heap
|
page readonly
|
||
|
2DDF000
|
stack
|
page read and write
|
||
|
2A61000
|
heap
|
page read and write
|
||
|
1DB4EA50000
|
heap
|
page read and write
|
||
|
2A82000
|
heap
|
page read and write
|
||
|
585000
|
heap
|
page read and write
|
||
|
1897B000000
|
heap
|
page read and write
|
||
|
2261BA13000
|
heap
|
page read and write
|
||
|
1867BC4E000
|
heap
|
page read and write
|
||
|
924000
|
heap
|
page read and write
|
||
|
7AB5E7B000
|
stack
|
page read and write
|
||
|
170565BA000
|
heap
|
page read and write
|
||
|
18975570000
|
trusted library section
|
page read and write
|
||
|
2261B9F0000
|
trusted library allocation
|
page read and write
|
||
|
2BA41053000
|
heap
|
page read and write
|
||
|
170565C1000
|
heap
|
page read and write
|
||
|
20572B43000
|
heap
|
page read and write
|
||
|
18974D13000
|
heap
|
page read and write
|
||
|
15B5000
|
heap
|
page read and write
|
||
|
2A82000
|
heap
|
page read and write
|
||
|
1867BC53000
|
heap
|
page read and write
|
||
|
1EC47BC3000
|
heap
|
page read and write
|
||
|
2A70000
|
heap
|
page read and write
|
||
|
1DB4EC85000
|
heap
|
page read and write
|
||
|
15D2778000
|
stack
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
1705657B000
|
heap
|
page read and write
|
||
|
337FC7E000
|
stack
|
page read and write
|
||
|
17056517000
|
heap
|
page read and write
|
||
|
1DB4EC89000
|
heap
|
page read and write
|
||
|
170565A2000
|
heap
|
page read and write
|
||
|
1897A4B0000
|
trusted library allocation
|
page read and write
|
||
|
21DBE810000
|
direct allocation
|
page execute and read and write
|
||
|
17056402000
|
heap
|
page read and write
|
||
|
2A85000
|
heap
|
page read and write
|
||
|
18974C8F000
|
heap
|
page read and write
|
||
|
17056588000
|
heap
|
page read and write
|
||
|
1EC47950000
|
heap
|
page read and write
|
||
|
2261B890000
|
heap
|
page read and write
|
||
|
16EB234F000
|
heap
|
page read and write
|
||
|
1B24033F000
|
heap
|
page read and write
|
||
|
272BEFF000
|
stack
|
page read and write
|
||
|
1705657B000
|
heap
|
page read and write
|
||
|
1897A62D000
|
heap
|
page read and write
|
||
|
1705659E000
|
heap
|
page read and write
|
||
|
17056577000
|
heap
|
page read and write
|
||
|
615000
|
heap
|
page read and write
|
||
|
21DBEA70000
|
heap
|
page read and write
|
||
|
2BE6000
|
heap
|
page read and write
|
||
|
1705656F000
|
heap
|
page read and write
|
||
|
18974BC0000
|
heap
|
page read and write
|
||
|
21DC0320000
|
heap
|
page read and write
|
||
|
1DB4EC89000
|
heap
|
page read and write
|
||
|
2A76000
|
heap
|
page read and write
|
||
|
1DB4EC89000
|
heap
|
page read and write
|
||
|
2A87000
|
heap
|
page read and write
|
||
|
17056599000
|
heap
|
page read and write
|
||
|
1EC479C0000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
17056585000
|
heap
|
page read and write
|
||
|
17055A70000
|
heap
|
page read and write
|
||
|
17056A21000
|
heap
|
page read and write
|
||
|
1867BD02000
|
heap
|
page read and write
|
||
|
1EC47BD0000
|
heap
|
page read and write
|
||
|
170565C2000
|
heap
|
page read and write
|
||
|
17056550000
|
heap
|
page read and write
|
||
|
17056A02000
|
heap
|
page read and write
|
||
|
1E25A985000
|
heap
|
page read and write
|
||
|
A8D73F9000
|
stack
|
page read and write
|
||
|
924000
|
heap
|
page read and write
|
||
|
16EB2334000
|
heap
|
page read and write
|
||
|
170565C1000
|
heap
|
page read and write
|
||
|
2A82000
|
heap
|
page read and write
|
||
|
1897A69E000
|
heap
|
page read and write
|
||
|
8F6000
|
heap
|
page read and write
|
||
|
18974C89000
|
heap
|
page read and write
|
||
|
1DB4EC89000
|
heap
|
page read and write
|
||
|
2A6B000
|
heap
|
page read and write
|
||
|
305C000
|
stack
|
page read and write
|
||
|
1E258D30000
|
heap
|
page read and write
|
||
|
2261B880000
|
heap
|
page read and write
|
||
|
27FB000
|
stack
|
page read and write
|
||
|
17056A21000
|
heap
|
page read and write
|
||
|
F547AFF000
|
stack
|
page read and write
|
||
|
21DC03F3000
|
heap
|
page read and write
|
||
|
1ADCA560000
|
trusted library allocation
|
page read and write
|
||
|
1897A704000
|
heap
|
page read and write
|
||
|
CA02BFF000
|
stack
|
page read and write
|
||
|
2261B8F0000
|
heap
|
page read and write
|
||
|
18975E60000
|
trusted library section
|
page readonly
|
||
|
17056574000
|
heap
|
page read and write
|
||
|
17056585000
|
heap
|
page read and write
|
||
|
1DB4EC87000
|
heap
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
18975713000
|
heap
|
page read and write
|
||
|
2BA4105C000
|
heap
|
page read and write
|
||
|
1B23E9A0000
|
heap
|
page read and write
|
||
|
92E000
|
heap
|
page read and write
|
||
|
2A87000
|
heap
|
page read and write
|
||
|
1705658C000
|
heap
|
page read and write
|
||
|
1705659E000
|
heap
|
page read and write
|
||
|
8CD000
|
heap
|
page read and write
|
||
|
1705657A000
|
heap
|
page read and write
|
||
|
3EAE5BF000
|
stack
|
page read and write
|
||
|
17056588000
|
heap
|
page read and write
|
||
|
E11387F000
|
stack
|
page read and write
|
||
|
60D000
|
heap
|
page read and write
|
||
|
7AB6279000
|
stack
|
page read and write
|
||
|
CA027E8000
|
stack
|
page read and write
|
||
|
1BCC9D20000
|
trusted library allocation
|
page read and write
|
||
|
C96058B000
|
stack
|
page read and write
|
||
|
16EB2322000
|
heap
|
page read and write
|
||
|
170565B0000
|
heap
|
page read and write
|
||
|
21DBE84C000
|
heap
|
page read and write
|
||
|
1EC47B90000
|
direct allocation
|
page execute and read and write
|
||
|
1B24629D000
|
heap
|
page read and write
|
||
|
20571220000
|
heap
|
page read and write
|
||
|
1B23E9A5000
|
heap
|
page read and write
|
||
|
17056A02000
|
heap
|
page read and write
|
||
|
17056574000
|
heap
|
page read and write
|
||
|
1897A6AC000
|
heap
|
page read and write
|
||
|
16EB233E000
|
heap
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
17056A02000
|
heap
|
page read and write
|
||
|
330027F000
|
unkown
|
page read and write
|
||
|
1867BC4C000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
1867BC3C000
|
heap
|
page read and write
|
||
|
823000
|
heap
|
page read and write
|
||
|
17056591000
|
heap
|
page read and write
|
||
|
21DBE829000
|
heap
|
page read and write
|
||
|
17055AB5000
|
heap
|
page read and write
|
||
|
2A85000
|
heap
|
page read and write
|
||
|
170565AF000
|
heap
|
page read and write
|
||
|
1BCC8DE0000
|
trusted library allocation
|
page read and write
|
||
|
1897A390000
|
trusted library allocation
|
page read and write
|
||
|
17056581000
|
heap
|
page read and write
|
||
|
7FB0A7F000
|
stack
|
page read and write
|
||
|
2A76000
|
heap
|
page read and write
|
||
|
2070000
|
heap
|
page read and write
|
||
|
17055A4A000
|
heap
|
page read and write
|
||
|
2261BA54000
|
heap
|
page read and write
|
||
|
2261BA5A000
|
heap
|
page read and write
|
||
|
18975718000
|
heap
|
page read and write
|
||
|
17056580000
|
heap
|
page read and write
|
||
|
17056581000
|
heap
|
page read and write
|
||
|
1DB4EC87000
|
heap
|
page read and write
|
||
|
10011000
|
unkown
|
page readonly
|
||
|
170565CB000
|
heap
|
page read and write
|
||
|
7AB607E000
|
stack
|
page read and write
|
||
|
18974B50000
|
heap
|
page read and write
|
||
|
17056580000
|
heap
|
page read and write
|
||
|
A8D747E000
|
stack
|
page read and write
|
||
|
1DB4ED13000
|
heap
|
page read and write
|
||
|
7AB5F7E000
|
stack
|
page read and write
|
||
|
17056588000
|
heap
|
page read and write
|
||
|
189755F0000
|
trusted library allocation
|
page read and write
|
||
|
1867BC00000
|
heap
|
page read and write
|
||
|
170565A1000
|
heap
|
page read and write
|
||
|
205710E9000
|
heap
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
16EB2332000
|
heap
|
page read and write
|
||
|
1897A3A4000
|
trusted library allocation
|
page read and write
|
||
|
2BA4107A000
|
heap
|
page read and write
|
||
|
1B23E8F0000
|
direct allocation
|
page execute and read and write
|
||
|
1897A250000
|
trusted library allocation
|
page read and write
|
||
|
2261BA5D000
|
heap
|
page read and write
|
||
|
D855FE000
|
stack
|
page read and write
|
||
|
1705650C000
|
heap
|
page read and write
|
||
|
18974C9B000
|
heap
|
page read and write
|
||
|
18974C8B000
|
heap
|
page read and write
|
||
|
1BCC90B0000
|
trusted library allocation
|
page read and write
|
||
|
2A76000
|
heap
|
page read and write
|
||
|
272BDF7000
|
stack
|
page read and write
|
||
|
2420000
|
remote allocation
|
page read and write
|
||
|
2A6C000
|
heap
|
page read and write
|
||
|
1DB4EC85000
|
heap
|
page read and write
|
||
|
A8D737D000
|
stack
|
page read and write
|
||
|
CA02AFF000
|
stack
|
page read and write
|
||
|
18974C54000
|
heap
|
page read and write
|
||
|
2A87000
|
heap
|
page read and write
|
||
|
170565C1000
|
heap
|
page read and write
|
||
|
1DB4EA60000
|
heap
|
page read and write
|
||
|
1EC47BB0000
|
heap
|
page readonly
|
||
|
17056577000
|
heap
|
page read and write
|
||
|
2BA41000000
|
heap
|
page read and write
|
||
|
140000
|
remote allocation
|
page read and write
|
||
|
17056588000
|
heap
|
page read and write
|
||
|
1897A380000
|
trusted library allocation
|
page read and write
|
||
|
17056A1A000
|
heap
|
page read and write
|
||
|
1897A6F3000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
17056588000
|
heap
|
page read and write
|
||
|
D856FF000
|
stack
|
page read and write
|
||
|
7FB067F000
|
stack
|
page read and write
|
||
|
1E258E38000
|
heap
|
page read and write
|
||
|
20505F62000
|
heap
|
page read and write
|
||
|
170565AF000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1E258E7F000
|
heap
|
page read and write
|
||
|
2AA1000
|
heap
|
page read and write
|
||
|
631000
|
heap
|
page read and write
|
||
|
7AB58F7000
|
stack
|
page read and write
|
||
|
2A76000
|
heap
|
page read and write
|
||
|
CA02CFE000
|
stack
|
page read and write
|
||
|
17056581000
|
heap
|
page read and write
|
||
|
1705656E000
|
heap
|
page read and write
|
||
|
1897A6A0000
|
heap
|
page read and write
|
||
|
17056581000
|
heap
|
page read and write
|
||
|
18974C3D000
|
heap
|
page read and write
|
||
|
880000
|
heap
|
page readonly
|
||
|
1897A4A0000
|
trusted library allocation
|
page read and write
|
||
|
2261BA60000
|
heap
|
page read and write
|
||
|
1BCC9110000
|
trusted library allocation
|
page read and write
|
||
|
2261BA6A000
|
heap
|
page read and write
|
||
|
154E000
|
stack
|
page read and write
|
||
|
10016000
|
unkown
|
page read and write
|
||
|
1ADCA68E000
|
heap
|
page read and write
|
||
|
18002D000
|
direct allocation
|
page readonly
|
||
|
E1135AE000
|
stack
|
page read and write
|
||
|
1BCC8E60000
|
heap
|
page read and write
|
||
|
97A000
|
heap
|
page read and write
|
||
|
17056578000
|
heap
|
page read and write
|
||
|
16EB234C000
|
heap
|
page read and write
|
||
|
1BCC9180000
|
trusted library allocation
|
page read and write
|
||
|
2340000
|
trusted library allocation
|
page read and write
|
||
|
7FB04FF000
|
stack
|
page read and write
|
||
|
1DB4EC28000
|
heap
|
page read and write
|
||
|
1458000
|
heap
|
page read and write
|
||
|
D8507B000
|
stack
|
page read and write
|
||
|
1DB4EC85000
|
heap
|
page read and write
|
||
|
1ADCA713000
|
heap
|
page read and write
|
||
|
1897A480000
|
trusted library allocation
|
page read and write
|
||
|
21DBEA50000
|
heap
|
page readonly
|
||
|
2AD8000
|
heap
|
page read and write
|
||
|
1BCC8ED0000
|
heap
|
page read and write
|
||
|
29FE000
|
stack
|
page read and write
|
||
|
20571270000
|
heap
|
page read and write
|
||
|
2BA4105E000
|
heap
|
page read and write
|
||
|
17056577000
|
heap
|
page read and write
|
||
|
16EB25D5000
|
heap
|
page read and write
|
||
|
16EB234F000
|
heap
|
page read and write
|
||
|
2261BA63000
|
heap
|
page read and write
|
||
|
1570000
|
direct allocation
|
page execute and read and write
|
||
|
17055AC8000
|
heap
|
page read and write
|
||
|
E11352C000
|
stack
|
page read and write
|
||
|
20572B40000
|
heap
|
page read and write
|
||
|
2433000
|
heap
|
page read and write
|
||
|
1EC47C30000
|
heap
|
page read and write
|
||
|
17056579000
|
heap
|
page read and write
|
||
|
1705657A000
|
heap
|
page read and write
|
||
|
7FB097F000
|
stack
|
page read and write
|
||
|
17056A00000
|
heap
|
page read and write
|
||
|
1BCC8F20000
|
heap
|
page read and write
|
||
|
1705658C000
|
heap
|
page read and write
|
||
|
2A8D000
|
heap
|
page read and write
|
||
|
7AB5FFF000
|
stack
|
page read and write
|
||
|
1438000
|
heap
|
page read and write
|
||
|
17056577000
|
heap
|
page read and write
|
||
|
170565BA000
|
heap
|
page read and write
|
||
|
170565AF000
|
heap
|
page read and write
|
||
|
7AB5EFF000
|
stack
|
page read and write
|
||
|
16EB2326000
|
heap
|
page read and write
|
||
|
8CD000
|
heap
|
page read and write
|
||
|
631000
|
heap
|
page read and write
|
||
|
AE5000
|
heap
|
page read and write
|
||
|
18974C78000
|
heap
|
page read and write
|
||
|
1867BB00000
|
trusted library allocation
|
page read and write
|
||
|
16EB2130000
|
heap
|
page read and write
|
||
|
1E258E44000
|
heap
|
page read and write
|
||
|
23BC000
|
stack
|
page read and write
|
||
|
17056581000
|
heap
|
page read and write
|
||
|
13DB000
|
heap
|
page read and write
|
||
|
1705658C000
|
heap
|
page read and write
|
||
|
272BBFB000
|
stack
|
page read and write
|
||
|
16EB2336000
|
heap
|
page read and write
|
||
|
18974B60000
|
heap
|
page read and write
|
||
|
1DB4EC87000
|
heap
|
page read and write
|
||
|
1705658C000
|
heap
|
page read and write
|
||
|
16EB2280000
|
heap
|
page read and write
|
||
|
1705657B000
|
heap
|
page read and write
|
||
|
16EB2335000
|
heap
|
page read and write
|
||
|
2A87000
|
heap
|
page read and write
|
||
|
615000
|
heap
|
page read and write
|
||
|
17055A53000
|
heap
|
page read and write
|
||
|
337FDFB000
|
stack
|
page read and write
|
||
|
2073000
|
heap
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
1B240323000
|
heap
|
page read and write
|
||
|
17056577000
|
heap
|
page read and write
|
||
|
1897A662000
|
heap
|
page read and write
|
||
|
17055AC1000
|
heap
|
page read and write
|
||
|
1867BC6B000
|
heap
|
page read and write
|
||
|
17056572000
|
heap
|
page read and write
|
||
|
17056A44000
|
heap
|
page read and write
|
||
|
1E205F66000
|
heap
|
page read and write
|
||
|
18974C13000
|
heap
|
page read and write
|
||
|
17056572000
|
heap
|
page read and write
|
||
|
20500004000
|
heap
|
page read and write
|
||
|
17056572000
|
heap
|
page read and write
|
||
|
18975E30000
|
trusted library section
|
page readonly
|
||
|
16EB233E000
|
heap
|
page read and write
|
||
|
18974C00000
|
heap
|
page read and write
|
||
|
2A82000
|
heap
|
page read and write
|
||
|
D852FF000
|
stack
|
page read and write
|
||
|
17055A13000
|
heap
|
page read and write
|
||
|
20570F50000
|
heap
|
page read and write
|
||
|
2A76000
|
heap
|
page read and write
|
||
|
1ADCA460000
|
heap
|
page read and write
|
||
|
1BCC90A0000
|
trusted library allocation
|
page read and write
|
||
|
2A91000
|
heap
|
page read and write
|
||
|
17056588000
|
heap
|
page read and write
|
||
|
1705657C000
|
heap
|
page read and write
|
||
|
1867BC71000
|
heap
|
page read and write
|
||
|
17055A4B000
|
heap
|
page read and write
|
||
|
1705658C000
|
heap
|
page read and write
|
||
|
170562D0000
|
remote allocation
|
page read and write
|
||
|
2AAF000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
1ADCA400000
|
heap
|
page read and write
|
||
|
17056588000
|
heap
|
page read and write
|
||
|
272BCFB000
|
stack
|
page read and write
|
||
|
15D287C000
|
stack
|
page read and write
|
||
|
297B000
|
stack
|
page read and write
|
||
|
17056517000
|
heap
|
page read and write
|
||
|
1B23E8B0000
|
heap
|
page read and write
|
||
|
2261BA00000
|
heap
|
page read and write
|
||
|
17056577000
|
heap
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
17056577000
|
heap
|
page read and write
|
||
|
2BE6000
|
heap
|
page read and write
|
||
|
2BE7000
|
heap
|
page read and write
|
||
|
17056578000
|
heap
|
page read and write
|
||
|
17056585000
|
heap
|
page read and write
|
||
|
17056588000
|
heap
|
page read and write
|
||
|
1DB4EC88000
|
heap
|
page read and write
|
||
|
974000
|
heap
|
page read and write
|
||
|
1867BC6B000
|
heap
|
page read and write
|
||
|
2261BB08000
|
heap
|
page read and write
|
||
|
2A5D000
|
heap
|
page read and write
|
||
|
606000
|
heap
|
page read and write
|
||
|
1E258E57000
|
heap
|
page read and write
|
||
|
1E200000000
|
direct allocation
|
page execute and read and write
|
||
|
D853FB000
|
stack
|
page read and write
|
||
|
17056577000
|
heap
|
page read and write
|
||
|
20500000000
|
direct allocation
|
page execute and read and write
|
||
|
1BCC91D0000
|
trusted library allocation
|
page read and write
|
||
|
16EB2327000
|
heap
|
page read and write
|
||
|
15D230A000
|
stack
|
page read and write
|
||
|
1897A384000
|
trusted library allocation
|
page read and write
|
||
|
16EB25D0000
|
heap
|
page read and write
|
||
|
1897A616000
|
heap
|
page read and write
|
||
|
17056A02000
|
heap
|
page read and write
|
||
|
2BA41102000
|
heap
|
page read and write
|
||
|
34FB000
|
stack
|
page read and write
|
||
|
1B240320000
|
heap
|
page read and write
|
||
|
1ADCAE02000
|
trusted library allocation
|
page read and write
|
||
|
10016000
|
unkown
|
page read and write
|
||
|
1705659E000
|
heap
|
page read and write
|
||
|
106227F000
|
stack
|
page read and write
|
||
|
1897A4C0000
|
remote allocation
|
page read and write
|
||
|
95B000
|
heap
|
page read and write
|
||
|
17055B13000
|
heap
|
page read and write
|
||
|
2261BA8F000
|
heap
|
page read and write
|
||
|
2A8D000
|
heap
|
page read and write
|
||
|
2BA40F60000
|
heap
|
page read and write
|
||
|
C9609FB000
|
stack
|
page read and write
|
||
|
1E25A980000
|
heap
|
page read and write
|
||
|
1E25AB40000
|
heap
|
page read and write
|
||
|
1BCC8F1F000
|
heap
|
page read and write
|
||
|
17056588000
|
heap
|
page read and write
|
||
|
C960BF7000
|
stack
|
page read and write
|
||
|
17056585000
|
heap
|
page read and write
|
||
|
7FB047F000
|
stack
|
page read and write
|
||
|
337FCFE000
|
stack
|
page read and write
|
||
|
F547B7E000
|
stack
|
page read and write
|
||
|
2A82000
|
heap
|
page read and write
|
||
|
347E000
|
stack
|
page read and write
|
||
|
60000
|
heap
|
page read and write
|
||
|
17056574000
|
heap
|
page read and write
|
||
|
17056A1A000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
1705658C000
|
heap
|
page read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
1B23E910000
|
heap
|
page read and write
|
||
|
2FDE000
|
stack
|
page read and write
|
||
|
2BA41A02000
|
trusted library allocation
|
page read and write
|
||
|
2261BB00000
|
heap
|
page read and write
|
||
|
16EB2310000
|
heap
|
page read and write
|
||
|
1897A4C0000
|
remote allocation
|
page read and write
|
||
|
2420000
|
remote allocation
|
page read and write
|
||
|
2A85000
|
heap
|
page read and write
|
||
|
2261BA29000
|
heap
|
page read and write
|
||
|
1E25A903000
|
heap
|
page read and write
|
||
|
2A85000
|
heap
|
page read and write
|
||
|
1ADCA651000
|
heap
|
page read and write
|
||
|
2A22000
|
heap
|
page read and write
|
||
|
2BA4103C000
|
heap
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
1BCC9150000
|
trusted library allocation
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
CA02DFE000
|
stack
|
page read and write
|
||
|
7AB5D7A000
|
stack
|
page read and write
|
||
|
AD0000
|
trusted library allocation
|
page read and write
|
||
|
97A000
|
heap
|
page read and write
|
||
|
10011000
|
unkown
|
page readonly
|
||
|
1897A3A0000
|
trusted library allocation
|
page read and write
|
||
|
150000
|
heap
|
page read and write
|
||
|
10019000
|
unkown
|
page readonly
|
||
|
17056580000
|
heap
|
page read and write
|
||
|
C960AFB000
|
stack
|
page read and write
|
||
|
2DF0000
|
trusted library allocation
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
1867C402000
|
trusted library allocation
|
page read and write
|
||
|
54E000
|
stack
|
page read and write
|
||
|
17055B02000
|
heap
|
page read and write
|
||
|
1897A620000
|
heap
|
page read and write
|
||
|
1B23E640000
|
heap
|
page read and write
|
||
|
337F99C000
|
stack
|
page read and write
|
||
|
1EC478E0000
|
heap
|
page read and write
|
||
|
17056A02000
|
heap
|
page read and write
|
||
|
7B2ABFB000
|
stack
|
page read and write
|
||
|
170565AF000
|
heap
|
page read and write
|
||
|
1705658C000
|
heap
|
page read and write
|
||
|
17056561000
|
heap
|
page read and write
|
||
|
18975702000
|
heap
|
page read and write
|
||
|
16EB231B000
|
heap
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
1705658C000
|
heap
|
page read and write
|
||
|
6A0000
|
remote allocation
|
page read and write
|
||
|
1DB4ED02000
|
heap
|
page read and write
|
||
|
1705659E000
|
heap
|
page read and write
|
||
|
1DB4EC87000
|
heap
|
page read and write
|
||
|
10050000
|
heap
|
page read and write
|
||
|
17055A8A000
|
heap
|
page read and write
|
||
|
17055970000
|
heap
|
page read and write
|
||
|
2DE0000
|
heap
|
page readonly
|
||
|
1867BC98000
|
heap
|
page read and write
|
||
|
92E000
|
heap
|
page read and write
|
||
|
1458000
|
heap
|
page read and write
|
||
|
17055B16000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
1705658C000
|
heap
|
page read and write
|
||
|
16EB2354000
|
heap
|
page read and write
|
||
|
1897A600000
|
heap
|
page read and write
|
||
|
1705659E000
|
heap
|
page read and write
|
||
|
2261BA65000
|
heap
|
page read and write
|
||
|
870000
|
direct allocation
|
page execute and read and write
|
||
|
1705658C000
|
heap
|
page read and write
|
||
|
2A8D000
|
heap
|
page read and write
|
||
|
2A9F000
|
heap
|
page read and write
|
||
|
1E258EA2000
|
heap
|
page read and write
|
||
|
1DB4EC87000
|
heap
|
page read and write
|
||
|
2261BA68000
|
heap
|
page read and write
|
||
|
1705659E000
|
heap
|
page read and write
|
||
|
21DC6361000
|
heap
|
page read and write
|
||
|
2A6F000
|
heap
|
page read and write
|
||
|
1B2402D0000
|
heap
|
page read and write
|
||
|
1867BD08000
|
heap
|
page read and write
|
||
|
F547A7B000
|
stack
|
page read and write
|
||
|
7B2AAFB000
|
stack
|
page read and write
|
||
|
17056583000
|
heap
|
page read and write
|
||
|
1005C000
|
heap
|
page read and write
|
||
|
1E258E70000
|
heap
|
page read and write
|
||
|
17055AAA000
|
heap
|
page read and write
|
||
|
2A85000
|
heap
|
page read and write
|
||
|
1867BA00000
|
heap
|
page read and write
|
||
|
2261BA76000
|
heap
|
page read and write
|
||
|
1BCC9225000
|
heap
|
page read and write
|
||
|
7AB5A7B000
|
stack
|
page read and write
|
||
|
1867BC4B000
|
heap
|
page read and write
|
||
|
1EC479EB000
|
heap
|
page read and write
|
||
|
1705658C000
|
heap
|
page read and write
|
||
|
21DBEA00000
|
heap
|
page read and write
|
||
|
17056574000
|
heap
|
page read and write
|
||
|
33001FE000
|
stack
|
page read and write
|
||
|
1DB4EC59000
|
heap
|
page read and write
|
||
|
17056572000
|
heap
|
page read and write
|
||
|
2261BA6B000
|
heap
|
page read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
272B7CC000
|
stack
|
page read and write
|
||
|
17056577000
|
heap
|
page read and write
|
||
|
170565C2000
|
heap
|
page read and write
|
||
|
1897A6FA000
|
heap
|
page read and write
|
||
|
18974C76000
|
heap
|
page read and write
|
||
|
33000F7000
|
stack
|
page read and write
|
||
|
2BA41113000
|
heap
|
page read and write
|
||
|
1B23E6B0000
|
heap
|
page read and write
|
||
|
18002E000
|
direct allocation
|
page read and write
|
||
|
1BCC9230000
|
trusted library allocation
|
page read and write
|
||
|
18975615000
|
heap
|
page read and write
|
||
|
1705657A000
|
heap
|
page read and write
|
||
|
1705658C000
|
heap
|
page read and write
|
||
|
17055A3C000
|
heap
|
page read and write
|
||
|
17056588000
|
heap
|
page read and write
|
||
|
17056A02000
|
heap
|
page read and write
|
||
|
170565CB000
|
heap
|
page read and write
|
||
|
3440000
|
heap
|
page read and write
|
||
|
170565C0000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
21DBE7A0000
|
heap
|
page read and write
|
||
|
1705659E000
|
heap
|
page read and write
|
||
|
5E8000
|
heap
|
page read and write
|
||
|
1B23E6E0000
|
heap
|
page read and write
|
||
|
1705657C000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
1897A1D0000
|
trusted library allocation
|
page read and write
|
||
|
17055B08000
|
heap
|
page read and write
|
||
|
1705659E000
|
heap
|
page read and write
|
||
|
17056580000
|
heap
|
page read and write
|
||
|
16EB2352000
|
heap
|
page read and write
|
||
|
1BCC9170000
|
trusted library allocation
|
page read and write
|
||
|
170565BA000
|
heap
|
page read and write
|
||
|
189755F3000
|
trusted library allocation
|
page read and write
|
||
|
16EB234F000
|
heap
|
page read and write
|
||
|
170565B0000
|
heap
|
page read and write
|
||
|
7FB0877000
|
stack
|
page read and write
|
||
|
17055AAB000
|
heap
|
page read and write
|
||
|
1EC47BC0000
|
heap
|
page read and write
|
||
|
337FFF9000
|
stack
|
page read and write
|
||
|
1867BC29000
|
heap
|
page read and write
|
||
|
18975718000
|
heap
|
page read and write
|
||
|
18002F000
|
direct allocation
|
page readonly
|
||
|
C96087F000
|
stack
|
page read and write
|
||
|
1705659E000
|
heap
|
page read and write
|
||
|
16EB233E000
|
heap
|
page read and write
|
||
|
2BA41108000
|
heap
|
page read and write
|
||
|
17056580000
|
heap
|
page read and write
|
||
|
18975D40000
|
trusted library allocation
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
1BCC8E40000
|
heap
|
page read and write
|
||
|
2A23000
|
heap
|
page read and write
|
||
|
1705654B000
|
heap
|
page read and write
|
||
|
17055A55000
|
heap
|
page read and write
|
||
|
2BA41061000
|
heap
|
page read and write
|
||
|
97A000
|
heap
|
page read and write
|
||
|
1DB4EC00000
|
heap
|
page read and write
|
||
|
17056580000
|
heap
|
page read and write
|
||
|
1705659E000
|
heap
|
page read and write
|
||
|
1867B990000
|
heap
|
page read and write
|
||
|
616000
|
heap
|
page read and write
|
||
|
1867B9A0000
|
heap
|
page read and write
|
||
|
2A87000
|
heap
|
page read and write
|
||
|
1BCC9160000
|
heap
|
page readonly
|
||
|
17056580000
|
heap
|
page read and write
|
||
|
203E000
|
stack
|
page read and write
|
||
|
1705659E000
|
heap
|
page read and write
|
||
|
2A5D000
|
heap
|
page read and write
|
||
|
2C0F000
|
heap
|
page read and write
|
||
|
1897A64A000
|
heap
|
page read and write
|
||
|
17056598000
|
heap
|
page read and write
|
||
|
C9608FE000
|
stack
|
page read and write
|
||
|
1867BC7C000
|
heap
|
page read and write
|
||
|
A8D6F6B000
|
stack
|
page read and write
|
||
|
1705658C000
|
heap
|
page read and write
|
||
|
10019000
|
unkown
|
page readonly
|
||
|
1E258DD0000
|
heap
|
page read and write
|
||
|
1705659E000
|
heap
|
page read and write
|
||
|
180000000
|
direct allocation
|
page read and write
|
||
|
1DB4EC40000
|
heap
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
1897A6F7000
|
heap
|
page read and write
|
||
|
20571275000
|
heap
|
page read and write
|
||
|
1705659E000
|
heap
|
page read and write
|
||
|
1705659E000
|
heap
|
page read and write
|
There are 894 hidden memdumps, click here to show them.